I didn't ask him to invert the colours, I just asked him to change the pic. Since it's very confusing when there are 2 people with the same sig. Usually, when one browses through a thread, one can easily spot who's posting by the pic in the sig. And when there are 2 people with the same sig, one can easily confuse who's posting what.
Too long of an explanation, but whatever.
EDIT: Flame, all I have to say is "..."
Onlink[W:B4|L:B4]: Beta4 released
Moderators: jelco, bert_the_turtle, Chris, Icepick, Rkiver
ahhh i think you where a bit to quick to jump on my case here.....
why don't you read the 1, 2 and maybe 3rd posts in this thread, the author is going for more realism, you do realise right that is what he said he was doing right?
Therefore don't think it is strange at all, i simply made some suggestions, he SAID he was going for realism, that is why i made the comments in the way he is using the words, and suggested some new ideas that i would like to see heh
The mod sounds awesome, but...come on..
Lets re-cap
which is why i said more appropriate algorithms could be NTLM, NTLMv2, BSD Hash's because these ARE hashing/encryption methods used by Personal PCs.
(Side Note: BSD Hash's are a modifyed md5 algorithm, using a salt, so the time V's memory trade of dosnt work here well)
Lets focus on md5 alone (it also applys to sha-1 and md4).
md5 is a hashing algorithm, it is used to create a "one way" hash of some plaintext - which more recently (last few years) has became a defacto standard way of storing passwords online, mainly in forums - which by far is the most insecure method i could think of, besides storing the password in plaintext.
Lets assume in uplink, the systems store the valid usernames/passwords somwhere on the system), somehow, I don't see how anyone could draw any other logical conclusion....
If this method of storing the passwords was in the form of a md5 hash, then using the "md5 Extractor" makes sence, but not for remote logons, since a remote login would not be sending a md5 hash down the line, it would be sending the password - which is verifyed at the server, i know uplink is a game, but are you going to argue that it wouldnt be a reasonable conclusion that this is how it works?
(In the case of md5, in the real world the password would probably be sent to the server in plaintext (probably over SSL, or some other form of encrypted tunnel) which then to verify, would be hashed by the server, and compared aganst the stored hash)
To bruit force the hash, we would need to have the md5 hash localy. If we can get the hash in the first place off the server to extract it - then why do we need to, because we obvously have access already. Unless we are loged in with the md5 access level(which was mentioned in another post in this thread if i remember correctly) and we aquire the sha-1 hash - for root, then of cource we are going to need to crack it to get root password/access - which would be done localy....
If I have it all wrong, and....
...Means you cant crack the password remotly, and you come across the login hash's by some other method, like geting it of another hacher in game, or trade/buy it from warez word, or from a "hack this company" mission where they have the hash but dont know what to do, or while loged in with read/write accessyou grab the sha-1 hash for root, etc. After of which you then crach the hash localy crack it using the appropriate Extractor app, and then you get access. This type of senario makes entierly more sence, and at least to me, sounds more fun and challenging then just using a glorrifyed password breaker with a different name, anyone else agree?
Again, since the details are schetchy (and for the benifit of the doubt, i will assume this is because he dosn't want to release to much info and keep it a supprise), and i do have it wrong (and you get the hash's in a similar fashion to the last paragraph) and the extractors are to be used localcy, after geting the hash's then i appologise.
and while we are at it
Why not jsut call it a IDS (intrusion detection system) - afterall, that is what they are for, monitoring attacks on servers.
As for darksigns, how about never bring up that arguemnt/defence again? This is uplink, If i wanted to play darksigns i would be on there forums... I see "What ralism? go play darksigns" used alot by people, maybe by people who don't care (or wouldnt know) if it soulds half plausable or not, but since this mod was going for some level of realism, and hopfully that dosn't mean throwing buzz words around to make it look cool, then i would assume the author wants to do it right.
ToRmEnToR wrote:The game is in 2010, password breakers are breaking passwords letter by letter, shall I go continue? Pointing out that certain ideas in this mod are unreal is kinda strange, since the whole basis of the game is far from reality...
Let's keep it unreal...
Anyways, if you like hacking simulators that are a bit more realistic, check out
why don't you read the 1, 2 and maybe 3rd posts in this thread, the author is going for more realism, you do realise right that is what he said he was doing right?
Therefore don't think it is strange at all, i simply made some suggestions, he SAID he was going for realism, that is why i made the comments in the way he is using the words, and suggested some new ideas that i would like to see heh
The mod sounds awesome, but...come on..
Lets re-cap
ODDin wrote:
md4 Extract, md5 Extract, SHA-1 Extract - How exactly are these used in Onlink?
These are new to the Onlink world... they are meant to be used when hacking a personal computer. If you get too many wrong passwords, you cannot keep trying. PCs have a sort of Bandwidth Monitor that cannot be bypassed, and also won't kick you off. Instead, it's like trying to run a Password Breaker on the Protovision Game Server. Not happening. md4's are used for first login, md5 for read/write access, and SHA-1 for root access.
which is why i said more appropriate algorithms could be NTLM, NTLMv2, BSD Hash's because these ARE hashing/encryption methods used by Personal PCs.
(Side Note: BSD Hash's are a modifyed md5 algorithm, using a salt, so the time V's memory trade of dosnt work here well)
Lets focus on md5 alone (it also applys to sha-1 and md4).
md5 is a hashing algorithm, it is used to create a "one way" hash of some plaintext - which more recently (last few years) has became a defacto standard way of storing passwords online, mainly in forums - which by far is the most insecure method i could think of, besides storing the password in plaintext.
Lets assume in uplink, the systems store the valid usernames/passwords somwhere on the system), somehow, I don't see how anyone could draw any other logical conclusion....
If this method of storing the passwords was in the form of a md5 hash, then using the "md5 Extractor" makes sence, but not for remote logons, since a remote login would not be sending a md5 hash down the line, it would be sending the password - which is verifyed at the server, i know uplink is a game, but are you going to argue that it wouldnt be a reasonable conclusion that this is how it works?
(In the case of md5, in the real world the password would probably be sent to the server in plaintext (probably over SSL, or some other form of encrypted tunnel) which then to verify, would be hashed by the server, and compared aganst the stored hash)
md5 Extract - brute force an md5 hash (PC Tool)
To bruit force the hash, we would need to have the md5 hash localy. If we can get the hash in the first place off the server to extract it - then why do we need to, because we obvously have access already. Unless we are loged in with the md5 access level(which was mentioned in another post in this thread if i remember correctly) and we aquire the sha-1 hash - for root, then of cource we are going to need to crack it to get root password/access - which would be done localy....
If I have it all wrong, and....
Instead, it's like trying to run a Password Breaker on the Protovision Game Server.
...Means you cant crack the password remotly, and you come across the login hash's by some other method, like geting it of another hacher in game, or trade/buy it from warez word, or from a "hack this company" mission where they have the hash but dont know what to do, or while loged in with read/write accessyou grab the sha-1 hash for root, etc. After of which you then crach the hash localy crack it using the appropriate Extractor app, and then you get access. This type of senario makes entierly more sence, and at least to me, sounds more fun and challenging then just using a glorrifyed password breaker with a different name, anyone else agree?
Again, since the details are schetchy (and for the benifit of the doubt, i will assume this is because he dosn't want to release to much info and keep it a supprise), and i do have it wrong (and you get the hash's in a similar fashion to the last paragraph) and the extractors are to be used localcy, after geting the hash's then i appologise.
and while we are at it
If you get too many wrong passwords, you cannot keep trying. PCs have a sort of Bandwidth Monitor that cannot be bypassed, and also won't kick you off. Instead, it's like trying to run a Password Breaker on the Protovision Game Server.
Why not jsut call it a IDS (intrusion detection system) - afterall, that is what they are for, monitoring attacks on servers.
As for darksigns, how about never bring up that arguemnt/defence again? This is uplink, If i wanted to play darksigns i would be on there forums... I see "What ralism? go play darksigns" used alot by people, maybe by people who don't care (or wouldnt know) if it soulds half plausable or not, but since this mod was going for some level of realism, and hopfully that dosn't mean throwing buzz words around to make it look cool, then i would assume the author wants to do it right.
Riddla wrote:Hey, is this your mod? Nope. Did anyone pick at the FBI mod like this before it was even released? Nope. You'll get it when it's done, you'll play it, if you like it good, if you don't tough shit.
NEXT.
Settle down....
All i asked was how does it work! Ok maybe i over explained i how i think it works now, i tend to do that, but only so the person im asking gets a clear idea on what im asking, and what my current understanding of how it works is...i come from a programming/security background, and not understanding correctly the first time leads to mistakes and wasted time/money :p
Just wanted more info on how its going to work heh, because from what little info is here it sounds like a awesome mod...
-
Flamekebab
- level5
- Posts: 2988
- Joined: Sun Feb 24, 2002 5:39 pm
- Location: Carmarthen, UK
- Contact:
ToRmEnToR wrote:The game is in 2010, password breakers are breaking passwords letter by letter, shall I go continue?
Yes.
The point of md4/md5/SHA-1/etc breaks is for three reasons:
one: It looks neat
two: some systems only allow a certain number of guesses on the password (usually 3)
three: two combined with passwords changing frequently, about every 3 to 12 hours
The 'hashes' will be recover by HUD:PCForce
-
Quantum Particle
- level3
- Posts: 260
- Joined: Sat Sep 04, 2004 11:17 am
Miah, I have a suggestion, would it be possible to make a 'plugin' infrastructure, so that people could add things like new hardware/software to onlink (just like custon gateways) just by using the uplink source to make a .dll for it.
PS
Now I've read it, it doesn't sound as good as when it was in my head, but I think I'll post it anyway, to see what you think of the idea.
PS
Now I've read it, it doesn't sound as good as when it was in my head, but I think I'll post it anyway, to see what you think of the idea.
Uh...
In the time I've coded programs, I've worked with pre-built .dll's, .lib's, and .res's. I don't know really how to generate dll's, or really even use the pre-built ones very often.
I don't know how, in other words.
However, Onlink will remain... well... open. Not open source, but I have slated 4 more releases after this one, each improving the interface. The idea with this one, Release 1, is to add many smaller objects that I felt Uplink was lacking, and add a new storyline as well.
As a sneak preview for Release 2, I quote from my notes...
And before ANYONE asks, I'm not handing out any copies of any codex
In the time I've coded programs, I've worked with pre-built .dll's, .lib's, and .res's. I don't know really how to generate dll's, or really even use the pre-built ones very often.
I don't know how, in other words.
However, Onlink will remain... well... open. Not open source, but I have slated 4 more releases after this one, each improving the interface. The idea with this one, Release 1, is to add many smaller objects that I felt Uplink was lacking, and add a new storyline as well.
As a sneak preview for Release 2, I quote from my notes...
Release II Codex wrote:The main focus of Release two is to enhance the worldmap interface. The player will begin with the usual map with two inset maps. Inset maps will be break-away visions of satellite points the player may use (requires access to certain systems before they are seen). When the player clicks an area, it will zoom in the fill the screen with that continent, then sort by region, then city (Figure 1-3). Depending on type of connection, the player will have a new ceiling for the modem speed (Table 1)
Table 1 wrote:Same City -- 75 Gq/s
Mainland - Country -- 50 Gq/s
Mainland - Continent -- 45 Gq/s
Connected Continent -- 35 Gq/s
Overseas -- 20 Gq/s
Satellite Maximum (no fee) -- 25 Gq/s
Satellite Maximum (monthly fee) -- 40 Gq/s
Peak Hours -- (x-15) to (x-5) Gq/s based on current hour (use chaosgen)
And before ANYONE asks, I'm not handing out any copies of any codex
-
Geraldo101
- level0
- Posts: 7
- Joined: Sat Jun 12, 2004 11:39 pm
I've been looking round these forums for a significant time, on and off. I have rarely posted, as you can see from my post count, but I just want to say this looks like the most incredible Uplink-related thing I've seen. Good luck to you, I wish I could help but I have no talents you would need 
.
Anyway, I was wondering by reading this thread it all seems very technical, would there be a plan to release some sort of manual/tutorial package with the Mod? It would help a lot to explain the more intricate features of the game.
.
Anyway, I was wondering by reading this thread it all seems very technical, would there be a plan to release some sort of manual/tutorial package with the Mod? It would help a lot to explain the more intricate features of the game.
-
Cyberwarrior
- level2
- Posts: 143
- Joined: Sun Nov 28, 2004 9:46 pm
- Location: Cambridge, UK
- Contact:
Just a sidenote, I've seen a hyphon used in a password somewhere! (OMG!!!) but I can't remember where exactly. First hyphenated password I've seen. I think it was a LAN Terminal PW or something.
Oh, and will it be possible for agents to send other agents software via the attachment thing?
Say I'm Cyberwarrior, would a unique email address be generated, like "Cyberwarrior@UplinkCorp.net" that I could use to send emails?
The greatest potential I see for Onlink is combined hacking, ie, a crack team of hackers, cracking a high-security system, each handling a different part of security and breaking in. This could be a minimum of 3 and any number of maximums. This would be ESPECIALLY handy for those download missions with a short trace time (even if you bounce 20-30 times... most LANs will catch you with a 20-30 bounce in around 40s, if the SysAdmin doesn't catch you first) and could bring in subfactions to Onlink...
Oh, and will it be possible for agents to send other agents software via the attachment thing?
Say I'm Cyberwarrior, would a unique email address be generated, like "Cyberwarrior@UplinkCorp.net" that I could use to send emails?
The greatest potential I see for Onlink is combined hacking, ie, a crack team of hackers, cracking a high-security system, each handling a different part of security and breaking in. This could be a minimum of 3 and any number of maximums. This would be ESPECIALLY handy for those download missions with a short trace time (even if you bounce 20-30 times... most LANs will catch you with a 20-30 bounce in around 40s, if the SysAdmin doesn't catch you first) and could bring in subfactions to Onlink...
-
Quantum Particle
- level3
- Posts: 260
- Joined: Sat Sep 04, 2004 11:17 am
As far as inflation, if you mean systems evolving, yes, this is partly implemented already.
This is also the reason for the uC++, this utility, while expensive, can patch programs you already have to a higher version, as well as build them from scratch. An example:
monitor_bypasser requires this:
hud.cpp
hud.h
analyse.cpp
analyse.h
bypass.cpp
bypass.h
monitor.h
monitor.lib (.libs have versions. The version of bypassers is x-0.7 where x is the version of monitor.lib. disablers are x-0.3.)
monitor.lib requires:
monitorcore.cpp
monitorspec.cpp
monitordata.cpp
monitor.h
In making monitor.lib, you databanks need room for:
monitorcore.obj
monitorspec.obj
monitordata.obj
monitorcore.sbr
monitorspec.sbr
monitordata.sbr
In making monitor_bypasser, you need room for:
hud.obj
analyse.obj
bypass.obj
hud.sbr
analyse.sbr
bypass.sbr
Plus 3 Gqs for linking.
If there are any errors, the programmer interface will tell you what and why
This is also the reason for the uC++, this utility, while expensive, can patch programs you already have to a higher version, as well as build them from scratch. An example:
monitor_bypasser requires this:
hud.cpp
hud.h
analyse.cpp
analyse.h
bypass.cpp
bypass.h
monitor.h
monitor.lib (.libs have versions. The version of bypassers is x-0.7 where x is the version of monitor.lib. disablers are x-0.3.)
monitor.lib requires:
monitorcore.cpp
monitorspec.cpp
monitordata.cpp
monitor.h
In making monitor.lib, you databanks need room for:
monitorcore.obj
monitorspec.obj
monitordata.obj
monitorcore.sbr
monitorspec.sbr
monitordata.sbr
In making monitor_bypasser, you need room for:
hud.obj
analyse.obj
bypass.obj
hud.sbr
analyse.sbr
bypass.sbr
Plus 3 Gqs for linking.
If there are any errors, the programmer interface will tell you what and why
Who is online
Users browsing this forum: No registered users and 11 guests