148 posts
Posted 14 February 2015 - 10:00 AM
I was just wondering how a CC meterpreter would look like and what it would do.
Please post
NO code in here as meterpreters are techniclly malicius programs.
For any of you who don't know what a meterpreter is here is an external link:
http://www.offensive-security.com/metasploit-unleashed/About_MeterpreterI thought it would be fun to know what it could do and what would you even use it for.
Comment your suggestions and uses below
7083 posts
Location
Tasmania (AU)
Posted 14 February 2015 - 11:25 AM
I suppose the closest you could get would be to write a script which searches for other scripts awaiting rednet transmissions which they then loadstring, or somesuch.
Generally such scripts aren't executed in an environment where other users would be attempting to interfere, however.
148 posts
Posted 14 February 2015 - 12:18 PM
I suppose the closest you could get would be to write a script which searches for other scripts awaiting rednet transmissions which they then loadstring, or somesuch.
Generally such scripts aren't executed in an environment where other users would be attempting to interfere, however.
How would I go with injecting the code into a running program…
And even that in what program can you inject that the user can't terminate and such.
After all that you have to take in count that you have to hide the code itself so no writing/editing the code.
Correct me if I am wrong but for the injection could you possibly be able to replace the current running function with your own code and force inject your code + the function
1852 posts
Location
Sweden
Posted 14 February 2015 - 06:59 PM
Correct me if I am wrong but for the injection could you possibly be able to replace the current running function with your own code and force inject your code + the function
Well ofcourse it's possible, but I'm wondering.. what would this be useful for? :P/>
7083 posts
Location
Tasmania (AU)
Posted 15 February 2015 - 12:51 AM
It's worth remembering that in order to exploit a vulnerability, there has to be a vulnerability. Some people have been known to state that anything can be hacked - "it's just a matter of time".
These people are wrong.
It's simply the case that the more complex a system gets, the harder it becomes to spot and protect any "airholes" that've been introduced. While that makes airholes likely, it doesn't ensure that they'll be there. ComputerCraft systems aren't all that complex, at least, not compared to modern operating systems, web browsers, email clients and so on. Does that mean they can't be "compromised" in some way? Well, no, but it means there's rather less avenues to explore.
Putting aside how it would be done, let's say one was able to override coroutine.yield() on a given system with a copy of their own. What could they do with that? Well, they could have the system pass information about its local filesystem to another computer, for starters. They could catch any keypresses and pass them on, too. And obviously they'd be able to further override commands such as the filesystem management functions, therefore allowing code to be hidden on the drive and a dummy startup file to be presented to the owner. In short, any private information entered into that system could be exposed. You could furthermore take over the system's peripherals and redstone outputs, forcing it to eg open doors.
1029 posts
Location
Missouri, United States, America, Earth, Solar System, Milky Way, Universe 42B, Life Street, Multiverse, 4th Dimension
Posted 15 February 2015 - 05:47 AM
-snip-
This. It frustrates me when people claim everything can be hacked. It's not true–but
almost, if not all, modern-day programs can be hacked.
I feel like CC's systems need to be less secure–but still fixable by software. The new feature in the beta to disable booting from disks is definitely a step in the right direction.
And yet, a simple password lock fixes it. On a no grief server anyway.
Edited on 15 February 2015 - 04:47 AM
148 posts
Posted 15 February 2015 - 09:47 AM
-snip-
This. It frustrates me when people claim everything can be hacked. It's not true–but
almost, if not all, modern-day programs can be hacked.
I feel like CC's systems need to be less secure–but still fixable by software. The new feature in the beta to disable booting from disks is definitely a step in the right direction.
And yet, a simple password lock fixes it. On a no grief server anyway.
While you are looking at the right direction of not everything is hackable that is true.
But the problem is that the not hackable part only applies to some functions yet we can override them.
The definiton of hack is something far diffrent from exploit true they both grant you access but the problem is hacking is modifying the functions.
While exploiting is taking the original function finding a bug and using that bug to control the function from a higher level.
Let's take TLCO for example:
- We are overriding functions
- We are using default built-in functions
- And no bug is in TLCO
So from my guessing TLCO is a hack. Meanwhile let's take a shell crash for example.
- Shell crashes by itself
- We are not overriding functions
- Injecting code into the crash point
So my guess is that that is an exploit as the shell crashes because of the bug.
We are just inserting code behind the shell
148 posts
Posted 15 February 2015 - 09:57 AM
-snip-
I already have these:
- Exploit
- Bug
- Data Connection
- A Plan
All I need now is a sort of meterpreter but idk into what to inject it and what it should do.
While your answer did tell me coroutine.yeld would be the answer I can't inject the meterpreter directly.
If you could help me out here's what I am doing:
- The exploit launches and causes a vm error
- We restore the pullEvent functions to default
- We insert some code to launch a specific file before we fix the vm error
- We send a fake pullEvent to crash the pc even further(while preventing it from touchig java)
- The PC blackscreens and executes our file way before the bios itself
- We create a fake function so we can later call it inside the bios(function is NOT any default one)
- After that we launch a TLCO inside our file
- We replace the pullEvent again to run our function
What do I need:
- How do I override a function that is outside my function within my function( sounds confusing eh? )
- What code do I even inject inside??
Thanks
7083 posts
Location
Tasmania (AU)
Posted 15 February 2015 - 09:19 PM
Sorry, no code examples, remember? ;)/>
Frankly I'm inclined to see an explanation of the theory as being just as bad as a demonstration of the practise.
148 posts
Posted 16 February 2015 - 01:55 PM
Sorry, no code examples, remember? ;)/>
Frankly I'm inclined to see an explanation of the theory as being just as bad as a demonstration of the practise.
I don't think you need to add code just tell me how without code