how to make a program search for variables in other programs

i would like to know how to make a program that searches for variables in other programs so i can make a hacking device

that would take lost's of code. and research. but sorrry. i don't know how. :

Mitzey234, on 21 June 2012 - 03:33 AM said:

that would take lost's of code. and research. but sorrry. i don't know how. :

i thought it would be high leveled but a floppy that could find a variable such as a password would be awesome

its possible… And i think there will be not much code…

Let me start by introducing the . functionality of tables. Anytime you access a table like this:

list["blah"] = 37

… it is the exact same thing as doing the following.

list.blah = 37

Let me introduce you to _G. This is a table that represents the global name-space. Anything that is not "local" is stored in this table. Thus, if someone does the following:

password = "blahblah"

… it is actually stored in the global table, like this:

_G["password"]

If you want to iterate over all the key/value pairs in a table, you can use the pairs command to make a for loop.

for key, value in pairs(_G)
  if key == password then
    print(key, " ", value)
  end
end

And, just to make your code better, you can try using patterns to select from multiple password, and perhaps use recursion to go through every single variable in every subtable using types(). Goon luck!

So How can we block this thing in our servers?

local x = "hi" -- ?

thanks for the help so do i just do this?
print (_G["password"]) –and it will print the global variable "password"

tfoote, on 21 June 2012 - 03:15 PM said:

So How can we block this thing in our servers?

local x = "hi" -- ?

If this code is running on your computer, you are hosed already. Don't let people run code on your computers. Ever.

ETHANATOR360, on 21 June 2012 - 03:23 PM said:

thanks for the help so do i just do this?
print (_G["password"]) –and it will print the global variable "password"

What you wrote is exactly identical to just writing

print(password)

so I am not sure I understand the question.

kazagistar, on 21 June 2012 - 03:29 PM said:

tfoote, on 21 June 2012 - 03:15 PM said:

So How can we block this thing in our servers?

local x = "hi" -- ?

If this code is running on your computer, you are hosed already. Don't let people run code on your computers. Ever.

IM CONFUSED! I haven't used it I was experimenting online. Checking with you first. What should I do?

No, I mean, if you are trying to protect yourself from hostile code, there is only one real defense: you should not run the code on your computer. I did not mean that MY code is bad, I just mean, if someone hostile has a program running on your computer, they wouldn't be scanning for passwords, they would be replacing all your files with viruses and installing backdoors and trojans or whatever. So scanning for variables is the least of your concerns.

SO, in my rednet messages they are encrypted and nobody knows the key… nobody but the server peeps have the code cuz its in the server files. Next i will begin to use all the "local stuff" and how can you "cleanse" a computer of its "bad" programs once people get into them. And the minecraft "server" computers inside are protected and all that good stuff. How can i "hide" programs from view? Basically what I want to know is how i can completely stop people from hacking or possibly hacking my stuff?

tfoote, on 21 June 2012 - 03:59 PM said:

SO, in my rednet messages they are encrypted and nobody knows the key… nobody but the server peeps have the code cuz its in the server files. Next i will begin to use all the "local stuff" and how can you "cleanse" a computer of its "bad" programs once people get into them. And the minecraft "server" computers inside are protected and all that good stuff. How can i "hide" programs from view? Basically what I want to know is how i can completely stop people from hacking or possibly hacking my stuff?

bury your FTP sever in a concrete blast proof box bellow the ground surrounded by bedrock or use a white list or disable users placing / removing blocks. make shore all communications from the sever to the computer you work on a re encrypted and using direct sending not broadcasting. if you are the only one that knows the right login key pass set then you will be the only one with access to the files.

but there is no way to do it on an open sever . you could just keep anything important backed up on floppy then have your player holding it when you log off the files become untouchable to all but sever operators.

OR you could remember this is just a game and roll with the punches/ hack them back as a revenge

That would spice things up… Im not a fan of having my stuff touched. Maby i could use like what the school districts use… Computer Imaging.

kazagistar, on 21 June 2012 - 03:29 PM said:

tfoote, on 21 June 2012 - 03:15 PM said:

So How can we block this thing in our servers?

local x = "hi" -- ?

If this code is running on your computer, you are hosed already. Don't let people run code on your computers. Ever.

ETHANATOR360, on 21 June 2012 - 03:23 PM said:

thanks for the help so do i just do this?
print (_G["password"]) –and it will print the global variable "password"

What you wrote is exactly identical to just writing

print(password)

so I am not sure I understand the question.

would that print the variable if it is in another program?

I am not sure what you mean by "in another program". There are basically 4 cases: if something is run the "normal" way, then any variable it defines using "local" is not accessible after it exits, except inside of closures, which are very restricted (basically, you can't). If it is defined globally, then you can access it as if you were in the program, globally, and you can read the names of all global variables using the _G table. Now, it CAN happen that the global namespace is switched out, as is the case with any APIs loaded via the OS. In this case, everything that is global in their function is stored in a table accessible from the local namespace, like "rednet".

But basically… if the variable has the "local", you can't get at it from outside the running program unless it gives it to you.

However, you might want something else? Do you maybe just want to read the source code of a file, and find if a password variable ever gets assigned? Or compared to a string that looks like a password? Because that involves parsing and code analysis, and getting it to work in any sort of reliable way would be really really hard. And getting it to work perfectly would be provably impossible.