Simply uplink

[NeoTheOne175]

First off, let me apologize for the double-post, my computer was really really slow in posting, which is really weird because I'm running Comcast broadband!

:shock: @ PiD4x's posts

You must really spend a lot of time thinking about this!

lol, it took about 10seconds for those ideas to come/ expand on what FORCEMAN said - and then about 25 mins to write it all write down / write down new ideas as they came in haha

You wonna see crazy you should see all the .txt files and half-finnished POC code (I get bored real fast and move on to somthing else and come back like 6 months latter haha) thati have in my my docs folder . All new, never seen b4 ideas (at leasst google turns up no results lol), that are slightly 'crazy', yet feasable, that are on my "todo list" ranging from ides about cryptography hardware that sit between the HD and controler (actualy most of the time there was reading those ata specs, like 3pdf's with 900pages between them! - but the SATA parts where kind of interesting lol), to MMOLRPG's and everything inbetween lol

Wow. Just...wow. I'm no programmer, so I probably wouldn't be able to fully understand all the work you've put into this, but I am interested in cryptography software, especially public-key encryption. I've already found a number of different cryptography applications free online that I plan to install on my computer.

-basic spreader can hit public access machines
-spreader 2.0 can hit public access and internal services
- 3.0 can hit mainframes, etc.

What I think would be better than this would be to have v1 hit only "Level 1" ISMs (i.e., the ISMs that only have a monitor as a defense) and does the least damage (maybe only wipes logs on system?). v2 hits better-defended ISMs (monitor, proxy, firewall) and mainframes and wipes logs and usr. v3 hits ISMs, mainframes, and LANs, and wipes logs, usr, and sys. Public access machines are omitted because you can't hack them, and even if you could, you wouldn't be doing any significant damage (after all, they only have a couple of phone numbers). Perhaps you could add a "chance-of-success"-type factor into each version of the spreader. Maybe each version could have a 100% chance of success for a certain task (i.e., v1 has 100% chance of wiping logs on target ISM), but you can direct it to try to do more damage (like wiping usr or sys) with a smaller chance of success; v1 would have the smallest chance of success of doing anything but wiping the logs (something miniscule like 5%-10%). v2 would have a better chance at doing more damage and possibly spreading to other systems owned by the same company (15%-40%). v3 would have an even better chance (50%-75%), and v4 would have a 90%-100% chance.

[PiD4x]

What I think would be better than this would be to have v1 hit only "Level 1" ISMs (i.e., the ISMs that only have a monitor as a defense) and does the least damage (maybe only wipes logs on system?). v2 hits better-defended ISMs (monitor, proxy, firewall) and mainframes and wipes logs and usr. v3 hits ISMs, mainframes, and LANs, and wipes logs, usr, and sys. Public access machines are omitted because you can't hack them, and even if you could, you wouldn't be doing any significant damage (after all, they only have a couple of phone numbers). Perhaps you could add a "chance-of-success"-type factor into each version of the spreader. Maybe each version could have a 100% chance of success for a certain task (i.e., v1 has 100% chance of wiping logs on target ISM), but you can direct it to try to do more damage (like wiping usr or sys) with a smaller chance of success; v1 would have the smallest chance of success of doing anything but wiping the logs (something miniscule like 5%-10%). v2 would have a better chance at doing more damage and possibly spreading to other systems owned by the same company (15%-40%). v3 would have an even better chance (50%-75%), and v4 would have a 90%-100% chance.

hmm, you could do it that way, but then its more 'hard coded'. What i meant was if the app u make has a spreader, it will only spread to systems whose defenses it can beat, i.e. the level (if any) of the proxy, monitor, firewall bypass's you compile with it.
E.g. a typical worm that was designed to spread to systems would work something like this:
- target a system (random IP, from ‘links’ on system it has spread to, hard-coded targets, etc.)
- check the systems for defenses, to see if it’s the system we are targeting, etc.
- Bypass defenses if its included bypasses are able to – or die/fail.
- *execute its payload*, etc.

That way the over all probability of a successful attack is broken up

The probability of actually spreading to the system would depend on the level of the bypasses it has (either 1 or 0 depending on bypasses versions and the defense versions on the computer)
then its probability of actually copying its self to the system...would require some more thinking
The probability of it actually doing what it was designed to do (either just kill the system, or look for a file and report back, or kill a specific file, etc) would depend on the success/fail or the overall execution so far as well as other variables (system type, and random-overall % of success for each component/module/block)

Then if the overall execution was a success it would then spread (get a new target, etc..)

The only problem I can see with the hole idea is the amount of lag it could cause, that’s why worms designed to take over the hole internet (i.e. have no set targets heh) should have a very, very low rate of success, or even doomed to fail by design (i.e. the increased activity its noticed, and the worm is identified, and its signature is added so systems anti-viruses can stop it/delete it within…a few hours? a day?)


I haven’t actually done any work on it (except maybe design the classes/class hierarchy in my head), i put the ideas here because i have no time at the moment to do it.(its week 2 of 3 of exams at uni at the moment) but after next week if no one else wants to give it ago (i.e. Agito), then i will - or maybe work co-operatively with other mods, because i don't like how FBI mod has features i like, but simply also has (more) features i like.

By the end of next week i hope i have access to the dev forum , its been a few weeks since the cd arrived, and about a week since i emailed them my forum username/receipt heh.

[PiD4x]

I’m sorry for making such long posts, but need to convey the ideas somehow heh
I’m not intending on stealing the thread either, it just looks like it , as these are mainly ideas for Agito to put into simply uplink, I am just going into detail in how I think it should work - i can't help it i over think things

Take a look at this picture. http://members.lycos.co.uk/pid4x/Files/gui1.JPG
It shows possible ways the compiler could work for building these programs, anyone else have any other thoughts at all?, even if you hate the idea all together?

The high level way would resemble how it’s done in the movie sword fish, as well as described in the dev bibles, don’t know if its even legal to copy the ideas from sword fish, like the blocks breaking apart and flying, I am guessing it probably isn’t
It would also require a fair amount of programming opengl / graphical stuff, so I think the ‘realistic’ approach is better.

The 'realistic' approach would work like this:

"code work space" looks like this when we first open the compiler:

void main()
{

}

Then when we add components it changes.
Lets say we add spreader version 2 and proxy bypass v5, it would show something like

void main()
{
Spreader = new SpreaderVx();
proxBypass = new ProxybypassVx();

%display pesudoC here%
}

and so on for each component added - it shows component type & version for each component

While we are adding components we will display pseudo code that resembles c, we can guess what type of pseudo code to show depending on the components added:

if it has rootkit module, then we can guess its going to be a root kit
if it has a spreader, then chances are where making a worm....etc

so the 'code workspace' will display a string like this

codeWorkspaceString = header + pesudoC;

Where pesudoC is just a string of mock c code to resemble the type of program we are building... and header is the "void main()" and a list of variables for the components we added....

When we compile it asks for any arguments to give to the compiler, and then starts, if we are successful a new program is added to the memory bank.

Say the standard arguments are this "compiler -o *filename*" - where *filename* is the name to save to. (gcc anyone? )

The 'debug output' shows any errors in error lines like:

"%component& is depended on: &component%,..."
"%component% can not be used with %component%"
"%component% is already included, %component% is not needed"
etc...
e.g.
"Bouncer is depended on: LogModifierV4, ProxyDisabler, FirewallDisabler"
"SpreaderV2 can not be used with RootKit"
"ProxyBypassV5 is already included, ProxyDisableV4 is not needed, to include it anyway pass '/incDepComp yes' to the compiler"
(including 'depreciated' components could be another trick used to make the same worm again, but with a diffrent signature, but now that secret is out )

When it is saved, should each component reguardless of versions etc, take 1 block of memory?
also the use of a 'packer' to 'pack and compress' our compiled program to reduce it to a few blocks
e.g.

if(numBlocksUsed > 4)
{
numBlocksUsed = (numBlocksUsed % 4); //mod 4
}

The effect could be faster transfer (obvously), also decrease the chances of it being found, and give it a diffrent signature. Maybe having 4 or 5 'packing/compression routens' that you can choose with arguments that you can output the same compressed program, with upto 4 or 5 diffrent signatures.

Edit: Or if you pack the program it has a higher chance of being found with as a 'default virus' so users would need to either use one of the 4 or 5 default packing strings, or get there own to make it totaly undetectable untill the standard 'new virus found in the wild' events happen.
This could work on a simple serial generator / check bit concept like a valid 'packing algorithm' could be testing using a forumla similar to this (VB code).

packString = "1234-5678-1234-8146"
subSA = Mid(packString, 1, 4)
subSB = Mid(packString, 6, 4)
subSC = Mid(packString, 11, 4)
subSD = Mid(packString, 16, 4)
' Whatever u mod it by determins the amount of valid packing strings,
' and there for, the amount of signatures each worm could possibly have.
checkbit = ((subSA + subSB + subSC) Mod 9999)
If subSD = checkbit Then
'valid packing string
MsgBox "valid"
Unload Me
Else
'invalid packing string
Unload Me
End If

so now a compiled virus/worm's signature would be made up of

signature = "names of compiled components and versions" & other & packingString
("other" = all the other things that make up the signature that i mentioned in previouse post)

A possible way to keep track of it all would be to save the actual programs to a file either by sterilizing the object to a file, or plain text config file (an ini?), this would also allow people to make apps in external programs (like notepad) and share programs with other people they have made.
All that would be needed then is some checking to see if the player has all the needed components and fail if they don’t, when they load someone else’s 'source code'.

[NeoTheOne175]

What I think would be better than this would be to have v1 hit only "Level 1" ISMs (i.e., the ISMs that only have a monitor as a defense) and does the least damage (maybe only wipes logs on system?). v2 hits better-defended ISMs (monitor, proxy, firewall) and mainframes and wipes logs and usr. v3 hits ISMs, mainframes, and LANs, and wipes logs, usr, and sys. Public access machines are omitted because you can't hack them, and even if you could, you wouldn't be doing any significant damage (after all, they only have a couple of phone numbers). Perhaps you could add a "chance-of-success"-type factor into each version of the spreader. Maybe each version could have a 100% chance of success for a certain task (i.e., v1 has 100% chance of wiping logs on target ISM), but you can direct it to try to do more damage (like wiping usr or sys) with a smaller chance of success; v1 would have the smallest chance of success of doing anything but wiping the logs (something miniscule like 5%-10%). v2 would have a better chance at doing more damage and possibly spreading to other systems owned by the same company (15%-40%). v3 would have an even better chance (50%-75%), and v4 would have a 90%-100% chance.

hmm, you could do it that way, but then its more 'hard coded'. What i meant was if the app u make has a spreader, it will only spread to systems whose defenses it can beat, i.e. the level (if any) of the proxy, monitor, firewall bypass's you compile with it.
E.g. a typical worm that was designed to spread to systems would work something like this:
- target a system (random IP, from ‘links’ on system it has spread to, hard-coded targets, etc.)
- check the systems for defenses, to see if it’s the system we are targeting, etc.
- Bypass defenses if its included bypasses are able to – or die/fail.
- *execute its payload*, etc.

That way the over all probability of a successful attack is broken up

The probability of actually spreading to the system would depend on the level of the bypasses it has (either 1 or 0 depending on bypasses versions and the defense versions on the computer)
then its probability of actually copying its self to the system...would require some more thinking
The probability of it actually doing what it was designed to do (either just kill the system, or look for a file and report back, or kill a specific file, etc) would depend on the success/fail or the overall execution so far as well as other variables (system type, and random-overall % of success for each component/module/block)

Then if the overall execution was a success it would then spread (get a new target, etc..)

The only problem I can see with the hole idea is the amount of lag it could cause, that’s why worms designed to take over the hole internet (i.e. have no set targets heh) should have a very, very low rate of success, or even doomed to fail by design (i.e. the increased activity its noticed, and the worm is identified, and its signature is added so systems anti-viruses can stop it/delete it within…a few hours? a day?)


I haven’t actually done any work on it (except maybe design the classes/class hierarchy in my head), i put the ideas here because i have no time at the moment to do it.(its week 2 of 3 of exams at uni at the moment) but after next week if no one else wants to give it ago (i.e. Agito), then i will - or maybe work co-operatively with other mods, because i don't like how FBI mod has features i like, but simply also has (more) features i like.

By the end of next week i hope i have access to the dev forum , its been a few weeks since the cd arrived, and about a week since i emailed them my forum username/receipt heh.

Hmm...your idea sounds better than mine, now that I look at it. My main concern with your spreader was what targets it would hit, namely the public access servers, which don't do anything. Modifying your idea slightly to incorporate LANs rather than PASs is what I wanted to do (I know you were probably using them just as an example, but still the perfectionist in me had to make the suggestion ). The whole probability thing was kind of an afterthought. It sounded a lot more coherent in my head... I like the whole source-code/compiler idea (the obvious legal issues notwithstanding ), but is there any way to accomodate those people who don't know how to program? Like me? Perhaps an automated compiler of some sort. I don't know if it's feasible on a programming level, but I'll still put it forward.

P.S. On an unrelated note, I'd like you guys to take a look at my topic on improving the International Stock Market System, found here. Tell me what you think!

[Compgeek79]

how about for a compiler you use a block idea but instead of 3d structures, maybe more like chains of block, like the LEGO mindtorms programming system, (more copyright troubles), for example lets say you want to make a program that disguises itself until a certain date, you drop in a "time-if" block, set the date to watch for, and when you drop in that block 2 more spaces open, one to build the routine prior to that time on, then the other to build the "payload" on.

i'll try to make a picture, and post it later

[FORCEMAN]

You know a lot of people would be happy to use programing because that gives them a chance to expand their imagination and make something special like a virus that can't be "purged' or make some sort of log tracer that can trace a certain log lets say if you have a mision to find a hacker and simply you use the log tracer to track the next source and also you don't have to hack to the next company you just have to wait to see what the log tracer wil find.That would be something special don't you think?

[FORCEMAN]

Or the Uplink moderators could think to make some sort of patch that can be used for programing only in Uplink.SOmething like the Lan creator but for programs.

[FORCEMAN]

And also the program doesn't have to be something special and you don't have to be a programer.First you can try to make an experiment like mixing the decypher with the decrypter because they have a litle bit incomon

[NeoTheOne175]

FORCEMAN, we appreciate the ideas, but next time when you want to add to a post, please use the edit button. It keeps you from looking like a spammer, and it's just easier for everyone else to understand.

[Compgeek79]

as i said in my last post i would try to put up a picture of my idea, so Here it is(sorry it looks like crap i just slapped it together in photoshop in about five minutes), i'll try to explain it, along the side of this window you would have a toolbox of sorts with different codeboxes, that you would buy, you buy a piece of software then use it however you want, the large boxes represent if statements (for the non-coder geeks, the 0 at the bottom means the conditions in the box aren't met, so run the code attached there, the 1 means the conditions are met so run the code attached there) there are different types of if statements, as you can see, one to watch time, one to watch for users, etc.

here is how the modules would be used, when you start a new program you have an open box at the top, and you drag and drop a codebox into it, then another open space will open up where you can drop in another codebox, (2 openings for if statements, none if it's termination code)

in the if statements, the words with black boxes around them can be clicked on and changed, so you can enter a different date, or a different user, or a diffent state to wait for, before/after, lgged on/logged off.

for the examples, the code tree on the right represent a simple timebomb, it waits until the given date then executes it's payload, the open space on the right can hold the "disguise" code to prevent detection.

the tree on the left is also a timebomb, plus it also sets a trap for a user, in this case it waits until after the given date, then it waits until the administrator is logged off before it executes, this same statement can be turned around to wait until a user logs on, and then infect their machine.

does that make sense to anyone else?

[Compgeek79]

i know u just got after forceman for posting twice but this is a seperate post entirely:

has anyone else tried to crash a mainframe using simply uplink, my game keeps crashing.
i delete the usr files
delete the sys files
and shutdown the system
when it restarts and tries to load the os, my game crashes, and gives me the "uplink has encountered a fatal error..." and some error that says "memory at module 0x01234(or something) could not be written", or something to that effect

Am I the only one?

that being said i think agito deserves to be an "Uplink In Moderation" mod, for god's sakes he's got the longest, and probably most active thread here, just a suggestion

[itax]

About the Virus stuff, make it so that the virus only spreads to servers of the same company, because otherwise it would just deeply suck.

Itax

[NeoTheOne175]

i know u just got after forceman for posting twice but this is a seperate post entirely:

has anyone else tried to crash a mainframe using simply uplink, my game keeps crashing.
i delete the usr files
delete the sys files
and shutdown the system
when it restarts and tries to load the os, my game crashes, and gives me the "uplink has encountered a fatal error..." and some error that says "memory at module 0x01234(or something) could not be written", or something to that effect

Am I the only one?

that being said i think agito deserves to be an "Uplink In Moderation" mod, for god's sakes he's got the longest, and probably most active thread here, just a suggestion

Although I personally think this could have been edited onto the tail end of your last post, I won't get on your case As for your error, try disconnecting as soon as the "System shutdown complete" message appears (EDIT: i.e., don't wait for the system to try to reboot). You may be able to avoid it then. If not, report this problem in the Bugs section and post your debug.log entries as well. I'm not too knowledgeable about bugs, though, so I would suggest posting it there; Darksun will likely know how to help you.

EDIT: This is just a question for Agito: do you think you will be able to incorporate the FBI mod features into the updated version of Simply Uplink by July 9th, or will it take longer? Don't feel like you have to get the FBI stuff in by July 9th, I was just asking. Thanks, Agito, you rule! <<bows down to the knowledge and power of Agito>>

[Compgeek79]

i never had this problem until i installed simply uplink, so i naturally figured it had something to do with it, but i'll try the bugs thread

[NeoTheOne175]

I was just playing Simply Uplink and came across some issues I thought could use some fixin':

• Fixing that issue with the Enter button so you can use it instead of "Post", "Commit", etc.
• Fixing the scroll bars for the Links list so it's the same as the one in memory banks (you can click and "grab" the scroll button for faster scrolling)
• Adding scroll bars to the list of files you can attach in an e-mail because once you have a huge number of files, you can't attach some files in an e-mail simply because the button for the file isn't there!
• Finally, the FBI mod features, if you can fit all that in by July 9.

Thanks again for your awesome work, Agito.