Man, first off this sounds like its going to be one hell of an awesome mod, and breath new life into uplink!
I like the way you are implementing the c++ compiler system (I proposed a similar idea in the simply uplink thread awhile back heh). Just an idea for the system, when you see news of other hackers attacking a system, maybe if you get into it fast enough, you could find "rare" leftover codes they used to get in
A nother idea for your mod is to add "honeypot" systems, where if you hack them, your going to get busted. A few FBI honeypot systems could mix it up a bit and add a challenge of having to do some research into the target system before you go in guns blazing (to make sure its not a honeypot, FBI setup, etc). would need a way of detecting them though (maybe people selling list's of known honeypot systems at warez word or somthing)
Ok. you did say you are going for realism, so...
ODDin wrote:
md4 Extract, md5 Extract, SHA-1 Extract - How exactly are these used in Onlink?
These are new to the Onlink world... they are meant to be used when hacking a personal computer. If you get too many wrong passwords, you cannot keep trying. PCs have a sort of Bandwidth Monitor that cannot be bypassed, and also won't kick you off. Instead, it's like trying to run a Password Breaker on the Protovision Game Server. Not happening. md4's are used for first login, md5 for read/write access, and SHA-1 for root access.
md4 Extract - brute force an md4 hash (PC Tool)
md5 Extract - brute force an md5 hash (PC Tool)
SHA-1 Extract - brute force a SHA-1 hash (PC Tool)
Care to explain more?
Because i am trying to figure out what you mean by all this... Those are just hashing algorithms (which where not designed to be used to encrypt passwords in the first place :p), presumably used to store the login details on the server, which in this case would make no difference to logging in to the servers using password breakers (which is bruit force), so how would it be useful when logging in? Unless we acquire the hash's some other way (SQL injection, sniff hash from network data...etc)
More appropriate algorithms could be NTLM, NTLMv2, BSD Hash's, or something along those lines.
I don't see how the extract software would be useful (if your going for realism) unless you got a hold of a database off a server (banks maybe?) that stored client details using those hash's, and you needed to crack the hash's to get there login pass/user
If this is its use, would you consider adding one more program, a rainbow crack (google it) like app (which uses a time V's memory trade off crypto attack) to pre-calculate all possible hash's once, and store the results, then you can look up the plaintext for any hash in minutes (hence the time memory trade of), so we could generate rainbow tables and then not have to bother with the *Extracters (since they bruit force heh) saving time (minutes instead of days, weeks, or months)
but remember, since we have 500ghz processors, cracking md4/5 and sha-1 would be trivial :p
Console Inject - inject a console system into computer that do not have them active
I like this idea, but i think you should implement it as connect back (or bind) 'shellcode' (more or less just a name change lol…because its still a form of injection, just makes more real world sense), to be used with buffer overflow exploit or something along those lines, and make it c++ code fragments like the other stuff, so you have to find the main c++ "framework" code fragment, and then get payload fragments/modules (the connect back/bind shellcode) written for certain software running on systems (like one could target the fileserver, so you can gain console on that system by exploiting the BoF in the fileserver, etc, etcc). I think it would add more realism
Also, if you like the idea of shellcode way, then "Record Adder" could also be implemented like that (e.g. That recent exploits written for that windows GDI+ overflow all had connect back, bind, add user, download and exec file - shellcodes for it)
Imaginary Chaos/Real Chaos - pretty hard to understand, considering the source term wasn't yet explained.
Patience, young grasshopper. I will reveal this jewel shortly.
ChaosSecure
Real Chaos - used with ChaosSecure, as decypher is to the cypher)
Imaginary Chaos - used with ChaosSecure, as decypher is to the cypher)
Wondering if this provides similar functions / has anything to do with PK (PGP/RSA) encryption software, with the same name?
Speaking of cyphers, does anyone have an idea how the elliptic curve thing is supposed to work for real, and what does it do? I mean, how do I get in if I'm not a hacker with a special software?..
Not related to the mod, bt this was asked!
sci.crypt is where i find alot of information, and this time is no exception, this pretty much xplains elliptic curve encryption better then i could lol
http://groups.google.com.au/groups?q=el ... net&rnum=1
