37 replies to this topic

[CrosS_light]

Hello,

Im CrosS_Light and im trying to Create my OWN OS.
I will show you my Ideas:

Quote

BukkitOS

Account System

I will Incloude an Account System for my own AppStore

Antivirus

This is Very esay i will check for commands that are in the Blacklist and

will Show the User wat the Program can do

Themes

I will that YOU can create your OWN Styles and Upload them to the AppStore

Languages

I mustn't talk about that

Screen

Librarys

-You can Load Librarys for the OS and put them into the Librarys Folder

Startup

while the system will startup it loads all Librarys checks for update and checks all files

I need some Helper for The OS
if any one want to be one please write me
if any one has an idea please poste that here

CrosS_light

[H4X0RZ]

I can make a German translation

[Bubba]

If you do an "antivirus", don't use string.find or any such thing. It's almost impossible to block every possible string form of a function. Instead, use function replacement.

[Sammich Lord]

Bubba, on 17 April 2013 - 10:01 AM, said:

If you do an "antivirus", don't use string.find or any such thing. It's almost impossible to block every possible string form of a function. Instead, use function replacement.

I think sandboxing is a better term than function replacement. For instance, to sandbox a program you can easily override the functions you don't want them to use and replace them with functions that restrict usage of the functions on certain parts of the computer.

[Bubba]

Sammich Lord, on 17 April 2013 - 10:04 AM, said:

Bubba, on 17 April 2013 - 10:01 AM, said:

If you do an "antivirus", don't use string.find or any such thing. It's almost impossible to block every possible string form of a function. Instead, use function replacement.

I think sandboxing is a better term than function replacement. For instance, to sandbox a program you can easily override the functions you don't want them to use and replace them with functions that restrict usage of the functions on certain parts of the computer.

... How is what you just said not function replacement?

If by sandboxing you mean using setfenv to change the environment, that would be good if you only wanted users to be able to run a few things. Otherwise, I feel like it's excessive.

And honestly, in general, I don't feel a need for an "antivirus". I can read every program that people write, and if I don't understand it then I won't run it. Simple as that

[Sammich Lord]

Bubba, on 17 April 2013 - 10:10 AM, said:

Sammich Lord, on 17 April 2013 - 10:04 AM, said:

Bubba, on 17 April 2013 - 10:01 AM, said:

If you do an "antivirus", don't use string.find or any such thing. It's almost impossible to block every possible string form of a function. Instead, use function replacement.

I think sandboxing is a better term than function replacement. For instance, to sandbox a program you can easily override the functions you don't want them to use and replace them with functions that restrict usage of the functions on certain parts of the computer.

... How is what you just said not function replacement?

If by sandboxing you mean using setfenv to change the environment, that would be good if you only wanted users to be able to run a few things. Otherwise, I feel like it's excessive.

And honestly, in general, I don't feel a need for an "antivirus". I can read every program that people write, and if I don't understand it then I won't run it. Simple as that

I just think calling it sandboxing sounds better. But I agree that you really don't need an "anti-virus".

[Bubba]

Sammich Lord, on 17 April 2013 - 10:16 AM, said:

Bubba, on 17 April 2013 - 10:10 AM, said:

Sammich Lord, on 17 April 2013 - 10:04 AM, said:

Bubba, on 17 April 2013 - 10:01 AM, said:

If you do an "antivirus", don't use string.find or any such thing. It's almost impossible to block every possible string form of a function. Instead, use function replacement.

I think sandboxing is a better term than function replacement. For instance, to sandbox a program you can easily override the functions you don't want them to use and replace them with functions that restrict usage of the functions on certain parts of the computer.

... How is what you just said not function replacement?

If by sandboxing you mean using setfenv to change the environment, that would be good if you only wanted users to be able to run a few things. Otherwise, I feel like it's excessive.

And honestly, in general, I don't feel a need for an "antivirus". I can read every program that people write, and if I don't understand it then I won't run it. Simple as that

I just think calling it sandboxing sounds better. But I agree that you really don't need an "anti-virus".

Oh I see. Missed the word "term" in your reply XD I thought you were saying that you should sandbox instead of function replace.

[CrosS_light]

I will take al look but i will first do it with strin.find and then i will try sandboxing.


Clueless
Freack100

Spricht du Deutsch?

[Bubba]

CrosS_light, on 17 April 2013 - 10:41 AM, said:

I will take al look but i will first do it with strin.find and then i will try sandboxing.


Clueless
Freack100

Spricht du Deutsch?

Err, sorry mate but string.find is probably the absolute worst method of antivirus there is around. Watch this. No matter what kind of string finder you use I will still be able to get around it:

--The string you are searching for here is 'sleep'
local function getCommand()
	local final = ""
	for i,v in ipairs({115, 108, 101, 101, 112}) do
	  final = final..string.char(v)
	end
	return final
end

loadstring("caller = "..getCommand())

caller(3) --Caller now calls the sleep command.

[CrosS_light]

i know but i dont know how sandboxing works
can you help me?


p.s.
{115, 108, 101, 101, 112} <---- This is NICE!

[Bubba]

CrosS_light, on 17 April 2013 - 10:53 AM, said:

i know but i dont know how sandboxing works
can you help me?


p.s.
{115, 108, 101, 101, 112} <---- This is NICE!

Sure

Function replacement, or sandboxing as some like to call it, is actually pretty simple. All you have to do is:

local _oldPrint = print --Save the print function so we can use it later

local function yourReplacementFunction(args)
  if args == "invalid" then
	_oldPrint("Hey. I don't want you to say that.")
	return false
  end
  _oldPrint(args)
end

print = yourReplacementFunction

Now, whenever people use the print function, it will call yourReplacementFunction instead And because _oldPrint is localized, programs outside of the OS will not be able to use it. You can also use environments to protect it from inside the program, but that's more of an advanced concept that I wouldn't bother messing with until you're further along. If you want to check it out, here's a link to a tutorial: http://www.lua.org/pil/14.html

[CrosS_light]

that means if i use it like so


local _oldPrint = fs.delete

local function fs.delete(args)
if args == "invalid" then
_oldPrint("This will output an error ")
return false
end
_oldPrint(args)
end

print = fs.delete

[Bubba]

CrosS_light, on 17 April 2013 - 11:06 AM, said:

that means if i use it like so


local _oldPrint = fs.delete

local function fs.delete(args)
if args == "invalid" then
_oldPrint("This will output an error ")
return false
end
_oldPrint(args)
end

print = fs.delete

Well yeah that "works" as in it will run, but you didn't take away the fs.delete function. You took away the print function. I think you're looking for something like this:

local oldDelete = fs.delete
fs.delete = function(...)
  --Limit what goes into fs.delete here
  return fs.delete(...)
end

[CrosS_light]

oh yahh i see it the last line right?

[Bubba]

CrosS_light, on 17 April 2013 - 11:09 AM, said:

oh yahh i see it the last line right?

Yup. The main part of function replacement is actually doing the replacement All the other stuff is just making sure that you're able to call the old function and creating an alternative for them to call instead.

[CrosS_light]

Okay thanks i will Try it and give Credits for Helping

[SuicidalSTDz]

Just out of curiosity, why is this called BukkitOS?

[CrosS_light]

first it was call'd LiquidOS but i have see that the name is from an other os and so i call id bukkitOS

If i have the First Screens i will post some screens


i will load the sandbox as an API

so i can use it in other programs

[CrosS_light]

local FS_oldOpen = fs.open
local FS_oldDelete = fs.delete
local FS_oldCopy = fs.copy
local FS_oldMove = fs.move
local FS_oldMakeDir = fs.makeDir
local IO_oldOpen = io.open
local OS_oldLoadApit = os.loadAPI
local OS_oldUnloadApi = os.unloadAPI
local OS_oldShutdown = os.shutdown
local OS_oldReboot = os.reboot
local OS_oldSleep = os.sleep
local OS_oldRun = os.run
local SHELL_oldSetDir = shell.setDir
local SHELL_oldSetAlias = shell.setAlias
local SHELL_oldClearAlias = shell.clearAlias
local SHELL_oldRun = shell.run



This will be Secure

[CrosS_light]

why can i get the programm that runs the command? i will add Whitelist and Blacklist