Jump to content




E-Mail Network V0.1

lua utility networking

21 replies to this topic

#1 ChaddJackson12

  • Members
  • 264 posts

Posted 02 January 2013 - 01:18 AM

E-Mail Network

Current Version: 0.1

Download: Server | Client


I have made an E-Mail Network. It features user accounts, and a server to contain all the user account info. This includes their messages, which makes it so that the user does not have to access their account on the same computer. As of now this program is in an early stage, and should still be improved upon and made better. Feedback is always appreciated, enjoy.

Program Features:
Spoiler

Planned Features:
Spoiler

How to enable HTTP:
Spoiler

Screenshots:
Spoiler

Changelog:
Spoiler


#2 FUCKCOMPUTERCRAFT!"£

  • Validating
  • 87 posts
  • LocationBasement

Posted 02 January 2013 - 07:35 AM

If you can touch the server you can access all usernames and password connected to that server.

I've written this:
http://pastebin.com/tAuLJSs1

It will get all the usernames and passwords from the server. Save it to a file from where it was ran.
Someone could have it on a floppy with a blank boot and rip all the usernames and passwords.

#3 ChaddJackson12

  • Members
  • 264 posts

Posted 02 January 2013 - 07:28 PM

View Postx0pk1n, on 02 January 2013 - 07:35 AM, said:

If you can touch the server you can access all usernames and password connected to that server.

I've written this:
http://pastebin.com/tAuLJSs1

It will get all the usernames and passwords from the server. Save it to a file from where it was ran.
Someone could have it on a floppy with a blank boot and rip all the usernames and passwords.
Yeah I know that. It is impossible to completely protect a computer from someone, which means that no matter what they can always be able to get that stuff. If you haven't noticed, most password programs on the forums have a few posts as to why it is impossible to protect a computer. But I really, really appreciate you releasing that on my post for everyone. :/

#4 Heracles421

  • Members
  • 258 posts

Posted 02 January 2013 - 09:26 PM

I'll save you (Or at least try to)!
Spoiler

This small program checks all the disks that are plugged into any disk drive that's connected to the machine for a startup file, if the computer finds a startup file in the disk it'll search inside it and check if the first line contains the magical word (Defined at the bottom of the program). If it does the computer is unlocked and you're free to type whatever you want (Feel free to change this if you're using it on your mail server), if it doesn't it'll erase the startup file to prevent users from stopping the console

#5 Laserman34170

  • New Members
  • 34 posts
  • LocationProgramming Land

Posted 03 January 2013 - 04:40 AM

View PostHeracles421, on 02 January 2013 - 09:26 PM, said:

I'll save you (Or at least try to)!
Spoiler

This small program checks all the disks that are plugged into any disk drive that's connected to the machine for a startup file, if the computer finds a startup file in the disk it'll search inside it and check if the first line contains the magical word (Defined at the bottom of the program). If it does the computer is unlocked and you're free to type whatever you want (Feel free to change this if you're using it on your mail server), if it doesn't it'll erase the startup file to prevent users from stopping the console

That won't work. In the bios.lua, it calls the shell program, and in the shell program it checks for a startup file. It runs the disk startup, and is there isn't, it runs the startup on the computer. You never get ran first, so its impossible to protect the computer unless you edit the bios.lua / shell program.

#6 FUCKCOMPUTERCRAFT!"£

  • Validating
  • 87 posts
  • LocationBasement

Posted 03 January 2013 - 04:48 AM

View PostLaserman34170, on 03 January 2013 - 04:40 AM, said:

View PostHeracles421, on 02 January 2013 - 09:26 PM, said:

I'll save you (Or at least try to)!
Spoiler

This small program checks all the disks that are plugged into any disk drive that's connected to the machine for a startup file, if the computer finds a startup file in the disk it'll search inside it and check if the first line contains the magical word (Defined at the bottom of the program). If it does the computer is unlocked and you're free to type whatever you want (Feel free to change this if you're using it on your mail server), if it doesn't it'll erase the startup file to prevent users from stopping the console

That won't work. In the bios.lua, it calls the shell program, and in the shell program it checks for a startup file. It runs the disk startup, and is there isn't, it runs the startup on the computer. You never get ran first, so its impossible to protect the computer unless you edit the bios.lua / shell program.

Wrong try doing it yourself... It deletes the startup when a floppy is entered try rebooting and putting in the floppy fast enough, it works but im looking for more exploits now.

Also can you make this run alongside the server as when i added it to startup the server never gets ran...

#7 FUCKCOMPUTERCRAFT!"£

  • Validating
  • 87 posts
  • LocationBasement

Posted 03 January 2013 - 04:50 AM

View PostChaddJackson12, on 02 January 2013 - 07:28 PM, said:

View Postx0pk1n, on 02 January 2013 - 07:35 AM, said:

If you can touch the server you can access all usernames and password connected to that server.

I've written this:
http://pastebin.com/tAuLJSs1

It will get all the usernames and passwords from the server. Save it to a file from where it was ran.
Someone could have it on a floppy with a blank boot and rip all the usernames and passwords.
Yeah I know that. It is impossible to completely protect a computer from someone, which means that no matter what they can always be able to get that stuff. If you haven't noticed, most password programs on the forums have a few posts as to why it is impossible to protect a computer. But I really, really appreciate you releasing that on my post for everyone. :/

Well the point of me doing so wasn't to be mean. Sorry... It was so someone would do something about it, incase someone use there MC password or something else and someone gets there hands on it... If i just said you can most likely no one would have done anything. Now look you got someone try to make it more secure...

#8 FUCKCOMPUTERCRAFT!"£

  • Validating
  • 87 posts
  • LocationBasement

Posted 03 January 2013 - 06:27 AM

View PostHeracles421, on 02 January 2013 - 09:26 PM, said:

I'll save you (Or at least try to)!
Spoiler

This small program checks all the disks that are plugged into any disk drive that's connected to the machine for a startup file, if the computer finds a startup file in the disk it'll search inside it and check if the first line contains the magical word (Defined at the bottom of the program). If it does the computer is unlocked and you're free to type whatever you want (Feel free to change this if you're using it on your mail server), if it doesn't it'll erase the startup file to prevent users from stopping the console

Broke it, found a way to make it crash....

#9 Heracles421

  • Members
  • 258 posts

Posted 03 January 2013 - 06:53 AM

View PostLaserman34170, on 03 January 2013 - 04:40 AM, said:

View PostHeracles421, on 02 January 2013 - 09:26 PM, said:

I'll save you (Or at least try to)!
Spoiler

This small program checks all the disks that are plugged into any disk drive that's connected to the machine for a startup file, if the computer finds a startup file in the disk it'll search inside it and check if the first line contains the magical word (Defined at the bottom of the program). If it does the computer is unlocked and you're free to type whatever you want (Feel free to change this if you're using it on your mail server), if it doesn't it'll erase the startup file to prevent users from stopping the console

That won't work. In the bios.lua, it calls the shell program, and in the shell program it checks for a startup file. It runs the disk startup, and is there isn't, it runs the startup on the computer. You never get ran first, so its impossible to protect the computer unless you edit the bios.lua / shell program.
I know that, but if you don't insert a disk before running the program everything is fine. Why? Because if you insert the disk it will automatically erase the startup file, therefore the disk won't have any file to boot on startup and you'll be totally safe, assuming you are running the program.

View Postx0pk1n, on 03 January 2013 - 06:27 AM, said:

Broke it, found a way to make it crash....
Could you wait a day before actually trying to break other's programs? Lol
You're a complete troll

#10 FUCKCOMPUTERCRAFT!"£

  • Validating
  • 87 posts
  • LocationBasement

Posted 03 January 2013 - 07:02 AM

View PostHeracles421, on 03 January 2013 - 06:53 AM, said:

View PostLaserman34170, on 03 January 2013 - 04:40 AM, said:

View PostHeracles421, on 02 January 2013 - 09:26 PM, said:

I'll save you (Or at least try to)!
Spoiler

This small program checks all the disks that are plugged into any disk drive that's connected to the machine for a startup file, if the computer finds a startup file in the disk it'll search inside it and check if the first line contains the magical word (Defined at the bottom of the program). If it does the computer is unlocked and you're free to type whatever you want (Feel free to change this if you're using it on your mail server), if it doesn't it'll erase the startup file to prevent users from stopping the console

That won't work. In the bios.lua, it calls the shell program, and in the shell program it checks for a startup file. It runs the disk startup, and is there isn't, it runs the startup on the computer. You never get ran first, so its impossible to protect the computer unless you edit the bios.lua / shell program.
I know that, but if you don't insert a disk before running the program everything is fine. Why? Because if you insert the disk it will automatically erase the startup file, therefore the disk won't have any file to boot on startup and you'll be totally safe, assuming you are running the program.

View Postx0pk1n, on 03 January 2013 - 06:27 AM, said:

Broke it, found a way to make it crash....
Could you wait a day before actually trying to break other's programs? Lol
You're a complete troll

He's correct, if it's already running it's almost impossible to insert a disk fast enough.

Also i will not release how i broke it, but i will post a video showing me doing it if you don't believe me?

#11 Heracles421

  • Members
  • 258 posts

Posted 03 January 2013 - 07:04 AM

View Postx0pk1n, on 03 January 2013 - 07:02 AM, said:

He's correct, if it's already running it's almost impossible to insert a disk fast enough.

Also i will not release how i broke it, but i will post a video showing me doing it if you don't believe me?
Go for it, I want to see if it's possible

#12 FUCKCOMPUTERCRAFT!"£

  • Validating
  • 87 posts
  • LocationBasement

Posted 03 January 2013 - 07:31 AM

Uploading now...

#13 FUCKCOMPUTERCRAFT!"£

  • Validating
  • 87 posts
  • LocationBasement

Posted 03 January 2013 - 07:35 AM

Watch in full screen and HD, as that makes it readable.



#14 ChaddJackson12

  • Members
  • 264 posts

Posted 03 January 2013 - 03:10 PM

View Postx0pk1n, on 03 January 2013 - 04:50 AM, said:

View PostChaddJackson12, on 02 January 2013 - 07:28 PM, said:

View Postx0pk1n, on 02 January 2013 - 07:35 AM, said:

If you can touch the server you can access all usernames and password connected to that server.

I've written this:
http://pastebin.com/tAuLJSs1

It will get all the usernames and passwords from the server. Save it to a file from where it was ran.
Someone could have it on a floppy with a blank boot and rip all the usernames and passwords.
Yeah I know that. It is impossible to completely protect a computer from someone, which means that no matter what they can always be able to get that stuff. If you haven't noticed, most password programs on the forums have a few posts as to why it is impossible to protect a computer. But I really, really appreciate you releasing that on my post for everyone. :/

Well the point of me doing so wasn't to be mean. Sorry... It was so someone would do something about it, incase someone use there MC password or something else and someone gets there hands on it... If i just said you can most likely no one would have done anything. Now look you got someone try to make it more secure...
It is ok. I have to figure out a password encryption and I will also make the server computer more secure.

#15 theoriginalbit

    Semi-Professional ComputerCrafter

  • Moderators
  • 7,332 posts
  • LocationAustralia

Posted 03 January 2013 - 04:47 PM

Ok so this is one way that I had found with my door lock program to get around it with a startup disk. Crtl + S to shutdown computer, put in disk, turn on computer, and it will boot the disk's startup file...

Search the APIs and look for SHA1 hashing, it is the easiest way to encrypt the users passwords, and if you salt the password first it will make it more secure.

#16 Heracles421

  • Members
  • 258 posts

Posted 03 January 2013 - 05:01 PM

View PostTheOriginalBIT (OnHoliday), on 03 January 2013 - 04:47 PM, said:

Ok so this is one way that I had found with my door lock program to get around it with a startup disk. Crtl + S to shutdown computer, put in disk, turn on computer, and it will boot the disk's startup file...

Search the APIs and look for SHA1 hashing, it is the easiest way to encrypt the users passwords, and if you salt the password first it will make it more secure.
Yea, might be better than my fix

#17 theoriginalbit

    Semi-Professional ComputerCrafter

  • Moderators
  • 7,332 posts
  • LocationAustralia

Posted 03 January 2013 - 05:20 PM

View PostHeracles421, on 03 January 2013 - 05:01 PM, said:

View PostTheOriginalBIT (OnHoliday), on 03 January 2013 - 04:47 PM, said:

-snip-
Yea, might be better than my fix

I'd suggest to use the concepts of both. That's what I did in my DoorLock program.

#18 ChaddJackson12

  • Members
  • 264 posts

Posted 03 January 2013 - 05:20 PM

View PostTheOriginalBIT (OnHoliday), on 03 January 2013 - 04:47 PM, said:

Ok so this is one way that I had found with my door lock program to get around it with a startup disk. Crtl + S to shutdown computer, put in disk, turn on computer, and it will boot the disk's startup file...

Search the APIs and look for SHA1 hashing, it is the easiest way to encrypt the users passwords, and if you salt the password first it will make it more secure.
Thanks. This will help me out a lot!

#19 FUCKCOMPUTERCRAFT!"£

  • Validating
  • 87 posts
  • LocationBasement

Posted 05 January 2013 - 01:47 AM

ChaddJackson12 please see the CRAKKED thread, or PM me...

#20 dmitchell94

  • Members
  • 19 posts

Posted 17 January 2013 - 12:00 PM

Great program but you should only be able to delete a account from the server.





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users