This is a read-only snapshot of the ComputerCraft forums, taken in April 2020.
justin97530's profile picture

Door lock with Dynamic Password

Started by justin97530, 30 August 2015 - 03:27 AM
justin97530 #1
Posted 30 August 2015 - 05:27 AM
So, usually when I have doors, I have door locks, especially on servers. It's great, but there's just one pesky problem - They brute force it.

The solution? Door locks with Dynamic passwords! Every time someone enters a correct OR wrong password, the password updates, so they won't be able to guess it.
But wait.. If THEY don't know the password, and if it changes itself, how do I, myself, as the owner get in? It's simple, really, Terminal Glasses.

Requirements:
1x Terminal Glasses (works with more)
1x Terminal Glasses Bridge (works with more)
2x Computers (Yep, that's right, NO Advanced Computers needed)
2x Wired Modems (or more, if multiple terminal glasses through networking cables)
2x Networking cable (or more, if multiple terminal glasses through wired modems)
…. Wait a second, why wired modems?
A: You don't want your password to be broadcasted in plain text to all computers in range, do you?
1x Door
1x OpenPeripheral Sensor (Only updates when password is entered)

Believe it or not, that's all!

Unfortunately it's not as easy as a pastebin get, so you'll have to copypaste the codes into pastebin yourself, configure it, set it to unlisted, and to expire in 10 minutes, then download it to your computers.


Part I - The lock

modemSide = "right" -- Modem Side
modemChannel = 1 -- Modem Channel
modemReceiveChannel = 1 -- Modem Receive Channel, useless.
promptText = "Password: " -- Self-explanatory
correctPWDText = "Welcome back!" -- Self-explanatory
wrongPWDText = "Sorry, wrong password!" -- Self-explanatory
charToReplacePWDWith = "*" -- Replace all input characters with this
redstoneOutputSide = "left" -- The side to output redstone signal
redstoneOutputTimeout = 5
retryTimeout = 2 -- How long until next retry?

--You should not have to edit anything beyond this line

modem = peripheral.wrap(modemSide)
modem.open(modemChannel)

-- This function does the password generation, can be modified to create a more secure password.
function update()
	local rand = math.random(1, 100) -- Generates an integer randomly as password
	local rand = rand.."" -- Turns it into a string as strings != (or ~=) numbers
	modem.transmit(modemChannel, modemReceiveChannel, rand) -- Sends it to the other computer
	return rand
end

pass = update() -- Generates a password on startup

-- Your basic door lock code (shamelessly copypasted from wiki)
while true do
	term.clear()
	term.setCursorPos(1, 1)
	print(promptText) -- Asks for password, nicely.... I hope..
	input = read(charToReplacePWDWith) -- Input text here.
	if input == pass then
		print(correctPWDText) -- Yaay, password is correct!
		pass = update() -- Updates the password
		redstone.setOutput(redstoneOutputSide, true) -- Turns on redstone output
		sleep(redstoneOutputTimeout) -- Wait a bit
		redstone.setOutput(redstoneOutputSide, false) -- Turns off redstone output
	else
		pass = update() -- Oh, wrong password, better update it to prevent guessing.
		print(wrongPWDText) -- I do not know you.. Who are you? BACK OFF.
		sleep(retryTimeout) -- Wait a bit until user can retry
	end
end

Part II - The Terminal Glasses

modemSide = "top" -- Modem Side
modemChannel = 1 -- Modem Channel
sensorSide = "right" -- OpenPeripheral Sensor side
-- These are used for multiple Terminal Glasses, if you only need one, you can remove 2 and 3, then configure the name.
gl = {}
gl[1] = "openperipheral_bridge_1"
gl[2] = "openperipheral_bridge_2"
gl[3] = "openperipheral_bridge_3"
-- Again, you should not need to edit anything after this line

modem = peripheral.wrap(modemSide)
modem.open(modemChannel)

-- Basically gets sensor data and calls draw.
function update(pwd)
	local sensor = peripheral.wrap(sensorSide)
	draw(pwd, sensor.getPlayers())
end

-- Draws a rather plain Box with numbers in it, and then usernames.
function draw(pwd, players)
	-- Draws for every pair of glasses
	for k,v in pairs(gl) do
		-- Wipes the glasses clean, if you have other programs, please integrate this to your own.
		currentPair = peripheral.wrap(v)
		currentPair.clear()
		-- Draws a box, then the password
		currentPair.addBox(5, 20, 30, 15, 0xFFFFFF, 0.2)
		currentPair.addText(11, 24, pwd)
		-- This is where it should begin drawing usernames
		loc = {}
		loc[1] = 26
		loc[2] = 38
		-- Rather inefficient method to draw usernames in a rather cool way.
		for k,v in pairs(players) do
			currentPair.addText(loc[1], loc[2], v.name)
			loc[1] = loc[1] + 5
			loc[2] = loc[2] + 12.5
		end
	currentPair.sync() -- Refreshes the glasses only when drawn so that sysadmins wont come yelling at me.
	end
end

-- Until we get a password, we show dashes (fixed by typing a random password into the lock)
update("---")

-- Continuously tries to receive message
while true do
	local uselessEvent, uselessModemSide, uselessSenderChannel, uselessReplyChannel, message, uselessSenderDistance = os.pullEvent("modem_message")
	update(message)
end

Unfortunately the server I was using this code on is crashing, so I cannot post any screenshot, but thanks for reading!
EDIT: Escaped the 's in comments, since BBCode doesn't like them very much.
EDIT: BBCode still hates them, removed them entirely.
Edited on 30 August 2015 - 05:49 AM
Goof #2
Posted 30 August 2015 - 10:43 AM
Wow. I never thought of bringing terminal glasses into door-locking programs. That is awesome!
In my opinion this is extremely unsecure, because since it uses only 1-3 lengthened passwords, which if "lucky" you can guess a number, and boom. in you go.
and whatif you encrypted the broadcasted password? (just for security purposes, *if* someone manages to get into the wired network)
Instead of this i thought of an idea:

What if you made the terminal glasses show a "confirmation" to open the door, whenever the correct password has been entered?
(I can help you with that, if you need any help (just PM))

and for screenies: use http://www.imgur.com

Although, all in all this is pretty awesome, when 'not' thinking about security.
Edited on 30 August 2015 - 08:45 AM
justin97530 #3
Posted 30 August 2015 - 11:50 AM
It rather is insecure from that standpoint, but as I said in the code, the algorithm to generate them can be changed, but since it was originally developed for in-house use, on a towny PvE server, I hadn't thought all that much about it.
Problem is, I can't encrypt it or else I wouldn't be able to decrypt it for it to be shown (assuming one-way encryptions like SHA-256).
Since the "wired network" on my setup is two networking wires connecting two computers, I don't think anybody can "get in" the network without us being able to see it. It may result in problems if you're using a gigantic interconnected computer network, which I would recommend against connecting a door lock to.

That's a rather nice idea, since only 3 of us have the glasses.
PokeAcer #4
Posted 30 August 2015 - 09:51 PM
It rather is insecure from that standpoint, but as I said in the code, the algorithm to generate them can be changed
Problem is, I can't encrypt it or else I wouldn't be able to decrypt it for it to be shown (assuming one-way encryptions like SHA-256).

http://www.computercraft.info/forums2/index.php?/topic/18930-aes-encryption/
^^ use to encrypt data. Maybe make a fully random string, hash it x times with sha256 and then use that as the key - don't even store the key on the machine, store it on a connected floppy drive *inside* the base so people can't get it.
hbomb79 #5
Posted 05 September 2015 - 07:17 AM
"Unfortunately it's not as easy as a pastebin get"

Am I missing something, why can this not be on pastebin?
justin97530 #6
Posted 13 September 2015 - 06:12 AM
"Unfortunately it's not as easy as a pastebin get"

Am I missing something, why can this not be on pastebin?

Late reply but you need to change the variables on the top to fit your system.
hbomb79 #7
Posted 13 September 2015 - 08:52 PM
So there is no reason? The user can just download it and change the settings without creating their own pastebin account, uploading your scripts and then downloading them…
PokeAcer #8
Posted 14 September 2015 - 04:44 PM
^^^
You could make it download it and then tell users what to edit and where, or make the program do it for you :D/>
Edited on 14 September 2015 - 02:44 PM