[MC 1.7.10][CC 1.73] getfenv(("").sub) "hacking"

I dont know if this is as much a bug as it is an overlooked hole, so if it violates the bugs forums, admins please remove it, but ive recently found (and so have other people) that if i can gain access on a computer, i can tap into any of its functions.
On the computer i want to tap:

Variable = getfenv(("").sub)
Variable.OtherVar["NameOrID"] = getfenv()

then on the computer i want to tap from:

Variable = getfenv(("").sub)
_G.API = OtherVar["NameOrID"]._G.API

note: all Variables are the same between computers, and this allows me to control filesystems, os API's, term, rs/redstone, rednet, peripheral, among other things. This is a bit scary and i have tested it and if i can lets say run it on a command computer, it's very very scary.

If this thing really does what you say it does (remotely change global vars, can't test it myself right now) then I suggest you to remove the contents of this post and handle this via a pm to a moderator, as this can easily be exploited for malicious purposes.

Dan has asked us to allow posts such as these. Not exactly sure why, but this is where he wants all bugs. If you could provide us more information, like what's outlined in the sticky, it would help.

flaghacker, on 22 July 2015 - 03:57 PM said:

If this thing really does what you say it does (remotely change global vars, can't test it myself right now) then I suggest you to remove the contents of this post and handle this via a pm to a moderator, as this can easily be exploited for malicious purposes.

Cranium is right. This is a place for posting this kind of stuff, and there is no "malicious program" for download here. Anyone can make this, but anyone can also edit their server with a patch for it
as for craniums request of more info:

Basically, you assign a = getfenv(("").sub), create a table called lets say, a.comps = {}, then you assign stuff to it. So we'll put a computer in it, a.comps["Hijack"] = getfenv(), and then on any other computer, i can (for hijacking a filesystem for example) do a=getfenv(("").sub) then i can run _G.fs = a.comps["Hijack"] = getfenv() and it replaces my computers filesystem with the infected computers filesystem. This can be done (ive tested it with a lot of stuff) with term, os, rs, redstone, rednet, modem, peripheral, fs, bit, and much more that ive yet to test. Pretty much any function thats built in to CC or lua can be hijacked this way. Not to mention once a computers hooked, until the chunk unloads, its hooked forever. Even if it reboots but the chunk stays loaded.

Video

[media]https://www.youtube.com/watch?v=S4fnVefhfGM[/media]

Well I was looking more for the template we posted on the sticky which includes version info and the like.

Cranium, on 22 July 2015 - 06:08 PM said:

Well I was looking more for the template we posted on the sticky which includes version info and the like.

Thats all in the title. MC w/forge 1.7.10 and CC 1.73. No bukkit, nothing else other than MC, forge, and CC.

Ah, I missed that. Do you think you could try to reproduce this with the most recent 1.74 prerelease?

Cranium, on 22 July 2015 - 06:15 PM said:

Ah, I missed that. Do you think you could try to reproduce this with the most recent 1.74 prerelease?

when i get back from doing a lunch run i will. Going to grab lunch for me and my grandfather, itll be like 10-20 minutes before i can try

MKlegoman357, on 22 July 2015 - 06:34 PM said:

This is fixed in the latest CC version (1.74).

Oh, good. Made me worried that it may not have been. Thank you for doing that for me XD

Cranium, on 22 July 2015 - 04:21 PM said:

Dan has asked us to allow posts such as these. Not exactly sure why, but this is where he wants all bugs. If you could provide us more information, like what's outlined in the sticky, it would help.

I remember a topic similar to this one that got locked and cleared because it was an exploitable bug, but I can of course be wrong.

I'm sorry for saying things that are not really my business.

flaghacker, on 22 July 2015 - 08:28 PM said:

I remember a topic similar to this one that got locked and cleared because it was an exploitable bug, but I can of course be wrong.

I'm sorry for saying things that are not really my business.

Nah, you're right. Exploits and the such were made hidden previously, but when we asked, Dan wanted us to go ahead and leave them open. Perhaps to avoid multiple reports on the same bug?