19 replies to this topic

[LewisTehMinerz]

Hello. I am LewisTehminerz, I'm here to bring you:

IDSpoofer!!!

This replaces os.getComputerID() with return (whatever)!
Even rednet is fooled!

pastebin get NsUVqfs5 idspoofer

PLEASE: THINK ABOUT WHAT YOUR DOING BEFORE YOU USE THIS. THIS IS A TOOL, AND THIS IS NOT TO BE USED IN MALICIOUS MANNER! I AM NOT RESPONSIBLE FOR YOUR ACTIONS WITH THIS TOOL!!! IF THIS IS USED IN MALICIOUS MANNER, PLEASE UNINSTALL THE TOOL FROM THE COMPUTER INVOLVED.

ANOTHER NOTE: I KNOW ABOUT THE ABUSE OF THE TOOL (Say you can pretend your a bank server and the ATM thinks so to because it has a certain ID). IF YOU ARE BUILDING SOMETHING, PLEASE DON'T USE REDNET! THIS TOOL CAN PRETEND THAT A COMPUTER IS SOMETHING IT ISN'T (Like a bank server). MODEM API DOESN'T USE ID'S. IT USES CHANNELS! REDNET IS INSECURE IF SOMEONE HAS THIS TOOL ON A SERVER!


Things that will be fooled by this:

ANYTHING THAT USES "os.getComputerID()"

Please note: Anyone who says: "Hey! I've already made something like this." I DID NOT know about your program.

Edited by LewisTehMinerz, 22 July 2015 - 04:06 PM.

[InDieTasten]

You may want to add, that this should not be used in malicious manner. It's a tool. Not a weapon, although just like a knife, one can abuse it as a weapon.

[Cloud Ninja]

So does this spoof rednet messages as well? or does it just return a desired ID when running the ID command? If it's the latter, theres a MUCH easier way of doing this.

[flaghacker]

CloudNinja, on 16 July 2015 - 02:01 AM, said:

So does this spoof rednet messages as well? or does it just return a desired ID when running the ID command? If it's the latter, theres a MUCH easier way of doing this.

You could just read the code...

Yes, it spoofs rednet, that's the point. What easier way do you have?

[Cloud Ninja]

flaghacker, on 16 July 2015 - 08:04 AM, said:

CloudNinja, on 16 July 2015 - 02:01 AM, said:

So does this spoof rednet messages as well? or does it just return a desired ID when running the ID command? If it's the latter, theres a MUCH easier way of doing this.

You could just read the code...

Yes, it spoofs rednet, that's the point. What easier way do you have?

I didnt know if it was able to use rednet still or not. I have a way that when you run ID it returns any value you desire, but it breaks rednet (for some reason, i dont know yet)

function os.getComputerID()
return VALUE
end

I also dont want to be THAT guy, but i find it ironic that the instant I release my spoofer, so does someone else Yours is pretty good though, looks like you put a bit of time in.

Edited by CloudNinja, 16 July 2015 - 04:27 PM.

[biggest yikes]

CloudNinja, on 16 July 2015 - 04:24 PM, said:

I didnt know if it was able to use rednet still or not. I have a way that when you run ID it returns any value you desire, but it breaks rednet (for some reason, i dont know yet)

function os.getComputerID()
return VALUE
end

CloudNinja, on 16 July 2015 - 04:24 PM, said:

but it breaks rednet

I'm not sure why, but it seems like X = function() works with that while function X() doesn't

CloudNinja, on 16 July 2015 - 04:24 PM, said:

looks like you put a bit of time in.

Did you look at the code yet?

Edited by Atenefyr, 18 July 2015 - 08:08 PM.

[Cloud Ninja]

Atenefyr, on 18 July 2015 - 08:03 PM, said:

-snip-

CloudNinja, on 16 July 2015 - 04:24 PM, said:

looks like you put a bit of time in.

Did you look at the code yet?

shhhhhhh.........

[biggest yikes]

LewisTehMinerz, on 15 July 2015 - 05:31 PM, said:

ANOTHER NOTE: I KNOW ABOUT THE ABUSE OF THE TOOL (Say you can pretend your a bank server and the ATM thinks so to because it has a certain ID). IF YOU ARE BUILDING SOMETHING, PLEASE DON'T USE REDNET! THIS TOOL CAN PRETEND THAT A COMPUTER IS SOMETHING IT ISN'T (Like a bank server). MODEM API DOESN'T USE ID'S. IT USES CHANNELS! REDNET IS INSECURE IF SOMEONE HAS THIS TOOL ON A SERVER!

Rednet isn't just secure because it can be easily spoofed, messages can be read if the user knows what channel it's on (if using rednet.send one could check the channel 65533 for all of them, so rednet.send is in no way secure either)

Edited by Atenefyr, 18 July 2015 - 08:17 PM.

[LewisTehMinerz]

CloudNinja, on 16 July 2015 - 04:24 PM, said:

flaghacker, on 16 July 2015 - 08:04 AM, said:

CloudNinja, on 16 July 2015 - 02:01 AM, said:

So does this spoof rednet messages as well? or does it just return a desired ID when running the ID command? If it's the latter, theres a MUCH easier way of doing this.

You could just read the code...

Yes, it spoofs rednet, that's the point. What easier way do you have?

I didnt know if it was able to use rednet still or not. I have a way that when you run ID it returns any value you desire, but it breaks rednet (for some reason, i dont know yet)

function os.getComputerID()
return VALUE
end

I also dont want to be THAT guy, but i find it ironic that the instant I release my spoofer, so does someone else Yours is pretty good though, looks like you put a bit of time in.

Quick note, I didn't know you made a spoofer.

[Cloud Ninja]

LewisTehMinerz, on 19 July 2015 - 11:53 AM, said:

Quick note, I didn't know you made a spoofer.

Yup. It essentially does the same thing but doesnt require you to override os.getComputerID(), but it is a bit more involved of an API.

[TheOddByte]

Why don't you just change this

print( "ID Program says: " )
os.run( {}, "rom/programs/ID" )

into this

print( "ID has changed to: " .. os.getComputerID() )

Edited by TheOddByte, 19 July 2015 - 02:23 PM.

[biggest yikes]

CloudNinja, on 16 July 2015 - 04:24 PM, said:

i find it ironic that the instant I release my spoofer, so does someone else

How.. is that ironic?

[LewisTehMinerz]

TheOddByte, on 19 July 2015 - 02:23 PM, said:

Why don't you just change this

print( "ID Program says: " )
os.run( {}, "rom/programs/ID" )

into this

print( "ID has changed to: " .. os.getComputerID() )

I want to prove that it has changed through using the ID program.

[flaghacker]

You can replace

os.run( {}, "rom/programs/ID" )

by

shell.run("rom/programs/ID")

or even

shell.run("ID")

[SpencerBeige]

so its an ip address masker? isn't this illegal?

[TheOddByte]

LewisTehMinerz, on 19 July 2015 - 03:07 PM, said:

I want to prove that it has changed through using the ID program.

Well, the ID program does exactly the same

print( "This is computer #" .. os.getComputerID() )

slow-coder, on 19 July 2015 - 03:31 PM, said:

so its an ip address masker? isn't this illegal?

Huh? What gave you this idea? If you read the main post at all you'd understand that this spoofs the rednet id, and has nothing to do with http etc.

Edited by TheOddByte, 19 July 2015 - 03:48 PM.

[Cloud Ninja]

slow-coder, on 19 July 2015 - 03:31 PM, said:

so its an ip address masker? isn't this illegal?

No, the only thing that isnt allowed on the forums (within reason other than harassment, etc) is malicious scripts. This isnt inherently malicious. Like someone said above: A knife is a tool, but in the wrong hands can be a dangerous weapon.

[LDDestroier]

Hey, I already made something that does this.

[biggest yikes]

LDDestroier, on 20 July 2015 - 02:27 PM, said:

Hey, I already made something that does this.

Like you said:

LDDestroier, on 12 April 2015 - 03:37 PM, said:

Because no one has done it before (I'm sure [Nah, of course not]),

[LewisTehMinerz]

Please note: Anyone who says: "Hey! I've already made something like this." I DID NOT know about your program.