Jump to content




Why can't we ask a legit question on here without it being taken down?



5 replies to this topic

#1 Dave-ee Jones

  • Members
  • 456 posts
  • LocationVan Diemen's Land

Posted 21 July 2017 - 02:41 AM

As subject says.

Mention a theory that seems REMOTELY malicious and it's gone. ANYTHING can be malicious if it is of malicious intent, but some people take it too far..

#2 Lyqyd

    Lua Liquidator

  • Moderators
  • 8,465 posts

Posted 21 July 2017 - 04:02 AM

Moved to Forum Discussion. Originally posted in Ask a Pro.

#3 Lupus590

  • Members
  • 2,029 posts
  • LocationUK

Posted 21 July 2017 - 06:48 AM

I believe it depends on the original tone of the OP.

For example:
Someone who is making a password lock may ask about hacking to find vulnerabilities in their code. This is acceptable in my opinion.

Someone asking how to do hacking without any context, well, I'm of the opinion that, that's suspicious at best or just straight up malicious.



I'm assuming you are mainly referring to this post: http://www.computerc...28825-cc-ducky/

This bit sounds innocent enough, it didn't flag as malicious until I read the rest of the post. I can still see this as a novelty, non-malicious utility but understanding the intent makes me ignore that.

Quote

I know you can't really emulate a keyboard with a floppy disk but..would be an interesting idea. There's no real need for it (just create a startup program on floppy and restart the PC..) but it would be an interesting idea to play around with nonetheless, especially if you can get it to inject keystrokes live, without having to reboot.

The rest of the post is the problem.

Quote

But what if you wanted to constantly spam a program with passwords on it's login screen without actually being at the PC, or something like that?
This is hacking, which is malicious, except for password recovery (I forgot my password/someone hacked me and changed it).


I've identified two issues here.

Quote

It would require a receiver program that catches floppy events and possibly others, hidden underneath the normal startup (floppy 'startup' gets run which runs the computer 'startup' above itself). However I still don't know of a way of injecting characters into a read function, and as far as I know it can't be done.
Hidden, usually, programs don't need to hide things, this is a trigger word. There can be false positives, such as hiding passwords when typing them in.
Injecting, also a trigger word, injecting in code typically implies modifying the program, this can be malicious (injecting a key stroke listener) or something the user intends to improve the program (modding games sometimes uses code injection to get the mod to run).

Quote

Can anyone disprove that it can't be done?
As BombBloke said in the thread, Translation: "Can someone please write my cracking tool for me?". It's possible that you intended so an academic study style of view on this, however, what BombBloke has said is the more probable on the internet.

Edited by Lupus590, 21 July 2017 - 07:50 AM.


#4 Dave-ee Jones

  • Members
  • 456 posts
  • LocationVan Diemen's Land

Posted 24 July 2017 - 11:51 PM

View PostLupus590, on 21 July 2017 - 06:48 AM, said:

Quote

Can anyone disprove that it can't be done?
As BombBloke said in the thread, Translation: "Can someone please write my cracking tool for me?". It's possible that you intended so an academic study style of view on this, however, what BombBloke has said is the more probable on the internet.

I would be very silly to ask someone to create a hacking program for me wouldn't I?

No, I was asking if someone could disprove that it can be done, for example saying "there is no function in CC that allows you to queue key events", however we all know that isn't true. I wasn't aware of the os.queueEvent function when I made this post, however that doesn't mean I was asking for someone to create a simple 10-line script that does exactly what I'm looking for (because even I don't know what I'm looking for), I was asking if someone can tell me if they know anything about this kind of thing, not necessarily asking if they have/haven't done it. I was looking for advice. Clearly I got too much.

In regards to your accusations of my malicious intent, it is true I was thinking about the possibilities of the theoretical maliciousness one can do with a program like this - however that doesn't mean I'm prepared to create this kind of maliciousness and go around on people's servers and start hacking everything. There's a difference between creating a malicious program, and creating a malicious program with malicious intent.
I was also wondering how one would stop a program like this, because you can't exactly stop a program underneath another program that is constantly queuing events. I'm pretty obsessed with security, and finding flaws in my own (I mean, seriously, look at my sig..), so if I can find the best kind of attack in CC then I can also find the best way to stop the best kind of attack in CC.

Not that it is the best kind of attack - anyone can break into any PC as long as it has a disk drive next to it (simple solution being don't place a disk drive next to your PC).

While your wordplay detectiveness was clever, it still doesn't make me someone who I am not. I hope you understand that.

#5 KingofGamesYami

  • Members
  • 3,002 posts
  • LocationUnited States of America

Posted 25 July 2017 - 01:13 AM

Lupus590 wasn't accusing you of having malicious intent, just pointing out why other people would - understandably - think that way. We certainly couldn't have known what you don't - a quick google search* of "fake key press computercraft" brings up exactly how to do it.
It is very, very difficult to determine malicious intent especially on an online forum. This forum specifically restricts all malicious programs.

The Forum Guidelines said:

Do not post malicious programs.
This includes spammers, file deletion/hiding, or joke programs. If your program could cause grief in any way, it's not allowed here.
*Not searching before posting is also against the guidelines but everyone under the age of 12 ignores that, so we tolerate it.

Edited by KingofGamesYami, 25 July 2017 - 01:13 AM.


#6 Dave-ee Jones

  • Members
  • 456 posts
  • LocationVan Diemen's Land

Posted 25 July 2017 - 03:05 AM

View PostKingofGamesYami, on 25 July 2017 - 01:13 AM, said:

Lupus590 wasn't accusing you of having malicious intent, just pointing out why other people would - understandably - think that way. We certainly couldn't have known what you don't - a quick google search* of "fake key press computercraft" brings up exactly how to do it.
It is very, very difficult to determine malicious intent especially on an online forum. This forum specifically restricts all malicious programs.

The Forum Guidelines said:

Do not post malicious programs.
This includes spammers, file deletion/hiding, or joke programs. If your program could cause grief in any way, it's not allowed here.
*Not searching before posting is also against the guidelines but everyone under the age of 12 ignores that, so we tolerate it.

Okay, I understand why you are so strong when it comes to malicious programs and being wary of people online, not knowing anything about them except them being a bit childish or rude sometimes. Sorry if I came off as hard and rude, I guess I wasn't used to having forum moderators come up so strong against me personally.





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users