The Hacker Project - a free online game

March 29, 2024, 02:24:03 AM
Welcome, Guest. Please login or register.

Login with username, password and session length











"Being legal doesn't make it right."
Pages: [1] 2
Print
Author Topic: Possible exploit using the connect screen  (Read 11085 times)
HACKhalo2
Newbie
*
Posts: 22


View Profile
« on: January 10, 2012, 06:45:10 PM »

After theorizing about a couple things, I came across a problem in the connect screen that may allow a user to spam IP to find a user without buying IP's from the software dealer.

Now, this theory is biased on a couple of assumptions, since I have no clue how the connect screen works:

1.) IP's (biased on the IPv4 format HP uses) has about 232, or 4.294.967.296, possible addresses. Using desktops or laptops within the last 3-5 years, that number of Alpha-only addresses will take about 10-30 minutes to fully rotate that list.

2.) The Connect screen doesn't dock AP points for using it. This can be exploited by a program (Greasemonkey or Tampermonkey) that generates a random IP address and places it in the connect textarea when a injected button is pressed. I don't have a proof of concept program to show how this works, but if I had a domain host, I could write one together to show you what I mean since I need PHP and SQL.

Now, given this information, one with an above-average computer (at least 4 core without hyperthreading, 2+ gigs of RAM, and at least a GPU that supports some sort of process offloading, like OpenCL) can generate enough IP's to find someone without using the software dealer in a short amount of time.

My proposed solution:
When using the connect screen, if someone get's five (5) failed attempts in five (5) minutes, the system should restrict connects and bounces for either:

A.) an amount of AP or
B.) IP's currently in the users IP database.

This would prevent many current and future abusers, if a catch like this isn't already in place.

Thank you,
--Hh2
Logged
WolfDoc
Select Member
Sr. Member
*****
Posts: 478


View Profile
« Reply #1 on: January 10, 2012, 09:53:27 PM »

seriously? IM NOT CHEATING LOL

No offense but glad to know GNU looking for exploits 1
« Last Edit: January 10, 2012, 09:56:03 PM by WolfDoc » Logged
s3lphctr1
Newbie
*
Posts: 19


View Profile
« Reply #2 on: January 10, 2012, 10:01:00 PM »

Im all for tightening up the server dont get me wrong, but wouldnt that lock you out if your cracking multiple ips and they reset ip during the crack. You know you get the ip does not exist message. Which i seem to get a lot these days.
Logged
WolfDoc
Select Member
Sr. Member
*****
Posts: 478


View Profile
« Reply #3 on: January 10, 2012, 10:03:51 PM »

same thing when ur doing decrypts and someone beats u out of them...
Logged
HACKhalo2
Newbie
*
Posts: 22


View Profile
« Reply #4 on: January 10, 2012, 10:11:49 PM »

No offence WolfDoc, this wasn't because of you. I was just bored and randomly inputting IP's when I started thinking about this and how it can be exploited.

Secondly, since I'm not the brightest cookie, I assumed that it's has been or is currently being used this way.

Now, if I was pointing fingers, I would. You should know this WolfDoc, from the conversation we had. I came out and said I thought you were cheating before and I was wrong. If I thought you were cheating using something like this, I would of called you out on it. This is just my ADD mind going on a tangent.

Now, if we can please not assume that everyone from GNU is on a witchhunt for WolfDoc, that'll make tensions easier for everyone
Logged
WolfDoc
Select Member
Sr. Member
*****
Posts: 478


View Profile
« Reply #5 on: January 10, 2012, 10:18:25 PM »

well if it didnt seem like some where i wouldnt be so paranoid!! lol
Logged
HACKhalo2
Newbie
*
Posts: 22


View Profile
« Reply #6 on: January 10, 2012, 10:20:30 PM »

Im all for tightening up the server dont get me wrong, but wouldnt that lock you out if your cracking multiple ips and they reset ip during the crack. You know you get the ip does not exist message. Which i seem to get a lot these days.

Not if your using the link to try and connect. This is just for using the connect screen and inputting the IP's in the textarea to try and connect to an IP.
Logged
WolfDoc
Select Member
Sr. Member
*****
Posts: 478


View Profile
« Reply #7 on: January 10, 2012, 10:26:32 PM »

well get emi to implement this so it can be ruled out by GNU if im using it or not..
Logged
siremi
Administrator
Hero Member
*****
Posts: 1099



View Profile WWW Email
« Reply #8 on: January 11, 2012, 10:41:48 AM »

Well, I've asked people not to try and guess IP's using the connect window, I can log connection requests and if I see too many tries from a player in a short time can auto send a bot warning, put a bot flag up or something on him etc...

Or we can put a timer on it that will only allow a connection request every 3 seconds... this would mean you would also have to wait 3 seconds between bounce nodes too.

Please comment, we'll see...

Logged

norill
Full Member
***
Posts: 236


View Profile
« Reply #9 on: January 11, 2012, 11:47:24 AM »

sending 4.294.967.296 requests would either take years or get you a flood ban. there are easier ways to get ips.
Not if your using the link to try and connect. This is just for using the connect screen and inputting the IP's in the textarea to try and connect to an IP.
whats the point of securing one way to connect and leaving the other unsecured? someone would just use links instead of forms to exploit this
Logged

HACKhalo2
Newbie
*
Posts: 22


View Profile
« Reply #10 on: January 11, 2012, 01:21:05 PM »

sending 4.294.967.296 requests would either take years or get you a flood ban. there are easier ways to get ips.
Not if your using the link to try and connect. This is just for using the connect screen and inputting the IP's in the textarea to try and connect to an IP.
whats the point of securing one way to connect and leaving the other unsecured? someone would just use links instead of forms to exploit this

The point is that IP's do change, and the links become invalid. It like what s3lphctr1 said:
 
Im all for tightening up the server dont get me wrong, but wouldnt that lock you out if your cracking multiple ips and they reset ip during the crack. You know you get the ip does not exist message. Which i seem to get a lot these days.

If your following links that the game generated, it shouldn't lock you out because you keep hitting the IP doesn't exist message, because it did before. The exception to that is if you hit the same link multiple times in a row, since I'm pretty sure that is not something most people do. This is just to tighten down any form of automation that can use the connect screen.
Logged
norill
Full Member
***
Posts: 236


View Profile
« Reply #11 on: January 11, 2012, 05:51:02 PM »

dont you understand? anyone can generate links, not only game. you can visit 4.294.967.296 links instead of submitting 4.294.967.296 forms, which would bypass your restrictions
Logged

siremi
Administrator
Hero Member
*****
Posts: 1099



View Profile WWW Email
« Reply #12 on: January 11, 2012, 11:44:03 PM »

It's a good idea to temporary restrict access if you provide a non-existing IP 5x times in the last 5 minutes... It would simply say you need to wait x min x seconds before trying to connect again and could be like a fail-safe against bots and penalty, I mean not many players can fail 5x times because you're usually clicking links in the IP Db...

The restriction will be on all connecting / bouncing and counting failed attempts will only count for providing non-existent IPs.

I'll check this out.
« Last Edit: January 11, 2012, 11:47:03 PM by siremi » Logged

Clovis
Newbie
*
Posts: 16


View Profile
« Reply #13 on: January 12, 2012, 12:05:29 AM »

well a problem that might come up then with the five failed in five minutes. i just click select all and click bounce, so if i have 5 servers in a row that i dont have admin access to wouldnt that cause the issue? or is it only with ip's not valid?
Logged
s3lphctr1
Newbie
*
Posts: 19


View Profile
« Reply #14 on: January 12, 2012, 01:28:55 AM »

Im assuming that would only be for invalid ips.
Logged
Pages: [1] 2
Print
Jump to: