It is currently September 23rd, 2017, 5:45 pm

All times are UTC - 6 hours




Post new topic Reply to topic  [ 18 posts ] 
Author Message
 Post subject: Hacking
PostPosted: June 20th, 2011, 7:49 pm 
Offline
User avatar

Joined: November 22nd, 2010, 4:06 pm
Posts: 307
Hacking I feel is something which has been under utilised and incorrectly implemented in a great deal of games. Most hacking takes place in the form of the hacking mini-game where you hack your way into a system through some form of abstract meta-game. This has a few problems.

First, hacking is a side-game which can grant you some advantage in the main game. But is rarely a central component or strategy to completing the main game. You can get cheaper items, disable some annoying security systems or get a look at some otherwise inaccessible information (the emails in deus ex for instance). The potential advantages for gaining complete system compromise is often overlooked.

Second, hacking in the real world is a very interesting field which could lend itself very well to intelligent problem-solving gameplay. As an example here's a dissection of how annonymous compromised security firm HB Gary earlier this year. The whole thing plays out like a puzzle. Find a weakness, exploit it, elevate priviledges, spoof emails, gain complete system access. Malware is a similarly interesting field, here's a dissection of one particular piece of Malware and what the hacker in control of it can do.

I see hacking as another potential verb which can be added to the shooter genre. In addition to your weapons you may also be given tools to assist in hacking into systems. The tools could be placed on a laptop or PDA which you can plug into an enemy network terminal or through a wireless connection in order to gain access to the system. Once you have access you can start to use these tools to gain entry. One of the tools would allow you to spoof data packets. Others would allow you to scan for open ports or for systems with known vulnerabilities. You could install malware on machines you're able to compromise, steal encryption keys, or upgrade your security clearence level to gain access to other areas of the level. At the end of the level you could gain better hacking tools, purchase new exploits or upgrade the capabilities of your malware.


Top
 Profile  
 
 Post subject: Re: Hacking
PostPosted: June 20th, 2011, 10:17 pm 
Offline
User avatar

Joined: November 1st, 2010, 1:49 pm
Posts: 899
Have you played Uplink?

http://www.introversion.co.uk/uplink/

I idly wonder how one would go about melding that gameplay with a shooter some days. Problem is in teaching people the varied ruleset of like-reality hacking without ending up actually teaching them how to think in pseudocode, because people hate that.

though Chris Crawford made a game about pseudocode, where you had to converse with alien species through pictograms.

I think an interesting dynamic to emulate from that article about Anonymous is the heist-like quality of it. At a high enough level of abstraction, hacking looks a lot like Inception; the planner, the tool developer, the analyst, etc. are all archetypes that come into play in high-complexity crimes like this.

I'll ruminate a bit more and come back with something material.


Top
 Profile  
 
 Post subject: Re: Hacking
PostPosted: June 20th, 2011, 11:52 pm 
Offline
User avatar

Joined: November 22nd, 2010, 4:06 pm
Posts: 307
Yes, I have played and enjoyed Uplink. I feel as though it's based on what people think hacking is like based on movies they watch though rather than hacking in reality. The real-time tracer, defcon map, the slot machine password breaker are all hollywood tropes which Uplink picked up. It's still a good game but I think it's missing the creative, puzzle type elements that I think hacking should involve.

Thinking in psuedocode is probably a bit too technical, but I think you could abstract the basic ideas of real world hacking without going into too many techical details.

Say for instance you gain access to a network in an enemy manufacturing facility and you want to disable production. First thing you need to do is probe the network to see what's on it. One of your hacker tools will record network devices you uncover so you can build a clear picture of what's on the network. To uncover the devices themselves you can try a ping tool to scan every possible address on the network or you could sniff network traffic for a while to try to build up a picture yourself. You might for instance find a packet with an FTP request, you don't need to be able to understand how ftp works exactly. But from there you can establish that the source of the packet is a workstation and the destination is a file server.

Once you've built up a complete map of the network you can decide how to go about destroying everything. You might send a trojan via email attachment to some of the workers, steal their login details, then log in to the manufacturing system and tell it to do something stupid. You might spoof messages being sent to the manufacturing system from it's sensors, or from the system to the manufacturing controllers causing things to break. You might find that some poor fool forgot to change the default admin password on the DNS server and use that to redirect data packets to your liking. You might redirect users to a fake login screen and steal their login details. Or you can redirect all their data through your own machine and perform a man in the middle attack.

I suppose the idea is to abstract the technical side of things enough to be able to think your way through the hack, without having to be able to read assembler.


Top
 Profile  
 
 Post subject: Re: Hacking
PostPosted: June 21st, 2011, 11:24 pm 
Offline

Joined: June 5th, 2011, 12:22 am
Posts: 5
I remember Enter The Matrix had this cool hacking part to it on the main menu. While it wasn't integrated into the actual game at all it was one of the more believable hacking interface things I've seen in a game. It was basically a command shell/linux thingy where you typed in stuff into a console and you could unlock pictures and movies and in-game stuff like a katana weapon.

Here's a vid: http://youtu.be/mKKmeltQSck


Top
 Profile  
 
 Post subject: Re: Hacking
PostPosted: June 22nd, 2011, 6:03 pm 
Offline
User avatar

Joined: November 22nd, 2010, 4:06 pm
Posts: 307
The command line interface is cool, command lines can be fun and it certainly looks and feels like hacking. It's still very far removed from real hacking though. The slot machine password breaker is still present and you don't really seem to do much beyond navigating a few directories and running a few programs. Also at one point you have to authenticate within a time limit by doing a picture puzzle.

It brings me back to what gauss wrote in his dilettantism post:

Quote:
Once you're designing from a position of knowledge, rather than of ignorance, you're free to make calls as you see fit, informing your design work with some sense of authenticity, rather than as some interchangeable gloss or slight reworking of the last big game you played.


Hacking in games at present is based on what people perceive as hacking based on movies or TV shows. People frantically mash at keyboards while text flies around the screen till they're eventually let in. Real world hacking isn't like that, but it's not so foreign and complicated that it can't be accurately abstracted in a game.


Top
 Profile  
 
 Post subject: Re: Hacking
PostPosted: July 4th, 2011, 6:19 pm 
Offline
User avatar

Joined: November 22nd, 2010, 4:06 pm
Posts: 307
I recently picked up Hacker Evolution in the steam sale. The command line interface is spot on, but on the whole my previous criticisms still apply. Perhaps moreso since this game is even further removed from real hacking than Uplink. It plays out more like a puzzle game but I feel it unfairly relies on trial and error in order to solve the puzzles in the best way. Which is just flat out bad design.

In the game the player has a trace level. If it hits 100% then the player loses the level. Trace goes up a set amount based on player actions. Decrypting a host raises it 5%, cracking a port 15%, transfering money to your account 3% etc. You can pay money to lower your trace level. Each level has a set of objectives which usually involves tracking down the source of an intrusion, breaking in and uploading the evidence to your employer's server. Because of the way the trace level works, the game is basically about completing your objects while keeping your trace to a minimum. However, since you can't be sure that a host doesn't contain a clue which could help you complete the level, or give you other benefits like exploits or money. You have to break into those hosts raising your trace level with no guarentee of benefit. This can lead to a situation where your trace level gets too high for you to complete the level and you have to start over, using your newly gained knowledge of the hosts to avoid hacking useless hosts.

It also has the active trace running when you're cracking a system, which I'm fairly certain doesn't actually exist.


Top
 Profile  
 
 Post subject: Re: Hacking
PostPosted: July 7th, 2011, 12:17 am 
Offline

Joined: June 5th, 2011, 12:22 am
Posts: 5
I also thought it was cool how in Enter the Matrix you hacked in secret features into the real game. Pretty meta.


Top
 Profile  
 
 Post subject: Re: Hacking
PostPosted: July 19th, 2011, 10:54 pm 
Offline
User avatar

Joined: November 22nd, 2010, 4:06 pm
Posts: 307
Back on the malware side of things, I found this story on how the Stuxnet worm was uncovered very interesting and also somewhat scary. The details on how the worm was designed to meet it's objectives would make for excellent puzzle style gameplay. Still ruminating on how you could implement that sort of gameplay without getting users to 'think in psuedocode' though.


Top
 Profile  
 
 Post subject: Re: Hacking
PostPosted: July 20th, 2011, 2:30 am 
Offline
User avatar

Joined: August 16th, 2010, 8:18 pm
Posts: 1530
Oh glad you posted that one--I've read the whole thing and it is a fascinating, really well researched and written piece and rather disquieting in its implications, yes. Highly apropos to the discussion.


Top
 Profile  
 
 Post subject: Re: Hacking
PostPosted: July 21st, 2011, 4:47 am 
Offline
User avatar

Joined: November 22nd, 2010, 4:06 pm
Posts: 307
Ok, I've been thinking this over some more and have gone back to some fundamentals according to Schneier. (Forgive the rambling, I'm just trying to get words and ideas down at this point) The fundamentals being that all security is based on trust. We trust that something is what we expect it to be and that it's not deceiving us. Hacking then, is simply exploiting the trust of a system to have it do something that we want it to do for our own personal gain. Consider the real world SQL injection vulnerability. You may have a query which gets a user's account based on a provided username and password e.g:

Select account_data
Where username = <username> and password = <password>

In this system, we trust that the username and password will both be plain text that either does or doesn't match an account. If it matches we get the account, otherwise we don't. But supposing you exploit that trust by putting special characters in the fields. e.g. the wildcard character (*) which will match on any password in the database. Effectively:

Select account_data
Where username = admin and password = *

will retrieve the account_data of the admin account regardless of the password. So to set up a hacking style problem, you want to set up a network of systems through which misplaced trust can be exploited. To stop people from having to think in terms of code though, you want to be able to communicate the rules of the system without using code, in such a way that people can see how it works and how it can be exploited. So, let's show the system logic through a connection of modules.

Image

In this example we have a simple FTP server, with a brief explanation of the ftp message protocol. It has a number of places where trust can be exploited. It doesn't authenticate any users, so the person who set it up mistakenly trusted that any users accessing the server would be legitimate (it may be set up behind a corporate network for instance). It means that we can steal securefile.dat off the server easily by sending '127.0.0.1 128.13.241.6:21 GET C:/Files/securefile.dat' to the server. Either by typing it out in the command line or using a tool to fill in the blanks on an FTP message.

Another exploit is that although the server is setup to upload and download files from the C:/Files/ directory by default, it trusts that all messages will go to that path. But you can send it paths to other files on the server such as the operating system files. You could send '127.0.0.1 128.13.241.6:21 GET C:/OS/passwords.config' to obtain the passwords file. Perhaps you then modify that file to add your own password then upload it back to the server using '127.0.0.1 128.13.241.6:21 GET C:/OS/passwords.config {new passwords.config file data}'. Or if you just want to trash the server so no-one else can use it, send '1.1.1.1 128.13.241.6:21 DEL C:/OS/Kernel.dll', spoofing your <from address> so the message can't be traced back to you.

I'm going to keep thinking this over to see how this could be used to convey more complex systems.


Top
 Profile  
 
 Post subject: Re: Hacking
PostPosted: July 21st, 2011, 12:09 pm 
Offline
User avatar

Joined: March 2nd, 2011, 2:12 am
Posts: 110
Skoosc wrote:
Ok, I've been thinking this over some more and have gone back to some fundamentals according to Schneier. (Forgive the rambling, I'm just trying to get words and ideas down at this point) The fundamentals being that all security is based on trust. We trust that something is what we expect it to be and that it's not deceiving us. Hacking then, is simply exploiting the trust of a system to have it do something that we want it to do for our own personal gain. Consider the real world SQL injection vulnerability. You may have a query which gets a user's account based on a provided username and password e.g:

Select account_data
Where username = <username> and password = <password>

In this system, we trust that the username and password will both be plain text that either does or doesn't match an account. If it matches we get the account, otherwise we don't. But supposing you exploit that trust by putting special characters in the fields. e.g. the wildcard character (*) which will match on any password in the database. Effectively:

Select account_data
Where username = admin and password = *

will retrieve the account_data of the admin account regardless of the password. So to set up a hacking style problem, you want to set up a network of systems through which misplaced trust can be exploited. To stop people from having to think in terms of code though, you want to be able to communicate the rules of the system without using code, in such a way that people can see how it works and how it can be exploited. So, let's show the system logic through a connection of modules.

Image

In this example we have a simple FTP server, with a brief explanation of the ftp message protocol. It has a number of places where trust can be exploited. It doesn't authenticate any users, so the person who set it up mistakenly trusted that any users accessing the server would be legitimate (it may be set up behind a corporate network for instance). It means that we can steal securefile.dat off the server easily by sending '127.0.0.1 128.13.241.6:21 GET C:/Files/securefile.dat' to the server. Either by typing it out in the command line or using a tool to fill in the blanks on an FTP message.

Another exploit is that although the server is setup to upload and download files from the C:/Files/ directory by default, it trusts that all messages will go to that path. But you can send it paths to other files on the server such as the operating system files. You could send '127.0.0.1 128.13.241.6:21 GET C:/OS/passwords.config' to obtain the passwords file. Perhaps you then modify that file to add your own password then upload it back to the server using '127.0.0.1 128.13.241.6:21 GET C:/OS/passwords.config {new passwords.config file data}'. Or if you just want to trash the server so no-one else can use it, send '1.1.1.1 128.13.241.6:21 DEL C:/OS/Kernel.dll', spoofing your <from address> so the message can't be traced back to you.

I'm going to keep thinking this over to see how this could be used to convey more complex systems.


You already have black-boxes within black-boxes. How about exploring those devices without knowing what's in them?


Top
 Profile  
 
 Post subject: Re: Hacking
PostPosted: July 27th, 2011, 3:58 am 
Offline
User avatar

Joined: November 22nd, 2010, 4:06 pm
Posts: 307
Ok, reconnaissance when hacking a system basically involves probing a target to see what systems it has running, then checking to see if any of them have a vulnerability. There are several means of doing this:

1. Checking IT job listings at the company, they'll usually mention which programs or platforms you need to have experience with.

2. Social engineering, trick some people employed there into giving you details. You might call up pretending to be an applicant for a job opening and ask them for more in depth questions on their systems. Or you might befriend an employee on facebook and worm some questions out of them that way. Or just straight up send them a spoofed email asking for details.

3. You can probe for systems by port scanning, each port is generally associated with a particular service e.g. 21 is file transfer protocol, 40 is web server etc. Once you've scanned some ports you can find what particular system they're running by checking message headers or error messages or just seeing how it reacts to inputs. There are some automated tools which can do this for you.

4. If you gain root access to the server you can read the program straight out of memory to see how it ticks.

5. If you're really desperate you can go dumpster diving at the company's offices to try to find any details on the system.

Once you know what's on the server, your next job is figuring out how to crack it. For easier difficultly levels I might make it an option to see how the service ticks like in the diagram above. For higher difficulties you'd have to try to uncover an exploit blind unless you can gain access to the program code. e.g. it might be open source with the code publicly available, you might be able to pirate it and reverse engineer it, or you might just be able to look up an exploit on a hacking site. If the software is unpatched you might even be able to find publicly available exploits you can use.


Top
 Profile  
 
 Post subject: Re: Hacking
PostPosted: May 8th, 2014, 7:29 am 
Offline
User avatar

Joined: November 22nd, 2010, 4:06 pm
Posts: 307
I'm still thinking about hacking. I recently read Kingpin which details the hackery misadventures of Max Vision who managed to break into the Air Force and Pentagon networks back in the 90's, then took over the underground carding industry in the early 2000's. The most interesting thing I found is that hacking used to be soooo easy. The fundamental building blocks of the internet had been built without even the most cursory thought given to securing any of it. Credit card companies introduced security features to their cards but then never bothered to implement them on the back end card processing servers. Restaurants would store credit card numbers in plain text files on computers that were always connected to the internet and had a default password. Even other hackers weren't too savvy either. Max managed to destroy his competition through simple vulnerabilities on rival carding forums and in one case gained admin access because the admin also had an account on Max's forum and had used to same username and password.

So I've been trying to put together a design for a simple hacking game prototype. Since things used to be much simpler back then I think I'll set it during the good old days of easy hacking. To simulate the hacking side of things I think the simplest thing to do will be to set up a mock internet with it's own protocols and services and vulnerabilities. Then give the player the tools to find weaknesses and exploit them. There'll be no slot machine password breaker or active trace. And you won't be bouncing connections through a series of hosts unless you can compromise those hosts and set up some kind of proxy service for you to exploit. Hosts and networks will be generics.

More thoughts as they come.


Top
 Profile  
 
 Post subject: Re: Hacking
PostPosted: May 8th, 2014, 7:49 am 
Offline
User avatar

Joined: October 23rd, 2010, 6:49 am
Posts: 639
Location: Zagreb
Implement stuff people are familiar with. Like looking at a page's source code and maybe the way chrome (or is it firefox?) does that layered look of a website to show all the parts of it. The rest is just typing in passwords and usernames. Trying out default ones and looking info elsewhere. Perhaps social hacking.


Top
 Profile  
 
 Post subject: Re: Hacking
PostPosted: May 8th, 2014, 8:15 am 
Offline
User avatar

Joined: October 11th, 2010, 3:46 am
Posts: 3744
Location: Moscow
Is it bad of me to own up to the fact that I've fooled around a bit with Cheat Engine on FTL/Spelunky/Dark Souls similar to the way that Double Fine has that Hack 'n' Slash game plays?

It sounds really basic, and it is, but as far as I understand CE works on what ever values are in your current RAM for that application (I'd attach images but I can't right now), although where a lot of trainers (basically pre-set tables of identified values for CE to use) fall short is the fact that the location of that memory will change each time with some games (like Dark Souls).

Using FTL as an example, if I want to give myself a shitload of scrap, I always know that the start value is 30, but there are plenty of other things at 30 right from the off for whatever reason (other ships, hull, maybe some color of some sort, I dunno, anything). However, if I go into the ship upgrade screen, change the value by spending 20 scrap on a minor upgrade, the value will change within the CE table. I can then search for that value, making sure I keep the previous one as a reference, which dramatically narrows down the possible variants to a handful, and then it's simply just a matter of alt-tabbing between the two and changing the values as you see fit. Voila, mothership get rekt.

It works easily with Spelunky's bombs and ropes (being able to change health has eluded me as I think it's governed by several values, not that it helps anyway), which can easily be altered. The best I could do while experimenting in Dark Souls was freezing the health value, which wasn't a guarantee that I was invincible at all, as being hit too many times (or in fact too hard, or meeting gravity) in quick succession would almost certainly kill you regardless, because there seems to be a slight delay between how often CE refreshes and the game.

Anyway, my main point is that I actually found the whole investigative "okay here's definitely a solid number in this bit, let's find it over there" part pretty fun, and I sort of see the appeal of hacking a game, or the process at least. What surprised me was how relatively simple it was, in that the values in-game 99% of the time directly corresponded to the values displayed in Cheat Engine, which is something I thought would maybe be a bit more encrypted? Basically what I'm saying is I'm going to break the crap out of Brigador when I finally sit back down to it.


Top
 Profile  
 
 Post subject: Re: Hacking
PostPosted: May 8th, 2014, 8:18 am 
Offline
User avatar

Joined: October 11th, 2010, 3:46 am
Posts: 3744
Location: Moscow
Chaya wrote:
Implement stuff people are familiar with. Like looking at a page's source code and maybe the way chrome (or is it firefox?) does that layered look of a website to show all the parts of it. The rest is just typing in passwords and usernames. Trying out default ones and looking info elsewhere. Perhaps social hacking.


Image


Top
 Profile  
 
 Post subject: Re: Hacking
PostPosted: May 11th, 2014, 7:39 am 
Offline
User avatar

Joined: November 22nd, 2010, 4:06 pm
Posts: 307
Chaya wrote:
Implement stuff people are familiar with. Like looking at a page's source code and maybe the way chrome (or is it firefox?) does that layered look of a website to show all the parts of it. The rest is just typing in passwords and usernames. Trying out default ones and looking info elsewhere. Perhaps social hacking.


This is where it gets difficult, there are very few hacking games out there and the few that do exist don't have a very well rounded set of common tropes and design archetypes like other genres might. One of the problems is not requiring users to 'think in code'. Even comparably simple stuff like web page source code etc. can be tricky. I've been trying to think of ways to abstract complex system ideas into something understandable for the player.

Attachment:
BypassFirewall.png
BypassFirewall.png [ 8.62 KiB | Viewed 3635 times ]


Simple example, suppose the player is trying to gain access to a target mainframe but there's a firewall blocking the player from gaining access. However, suppose there is an Admin PC sitting outside the firewall that could gain access to the mainframe. If the player could route their access to the mainframe through the Admin PC then they could also gain access. None of the those concepts are on their own too technical, it's just a matter of letting the player know, what their target is, what's stopping them and giving them a means for figuring out their options. They should know conceptually how a firewall works (blocks some hosts access, allows others access) then it's a matter of finding one that will give them access (research? brute force?). Then once they've found one, finding a way to leverage it (get a password and login? exploit a vulnerability?) then setting up the compromised system for their purposes (Load their own malware? remote session?).

Social Engineering would probably be much much more difficult to implement since that comes down to human behaviour rather than machine behaviour. I've also been reading Keven Mitnick's The Art of Deception which is all about social engineering and how 'some fictional characters with no relevance to the author' managed to breach numerous organisations with just a few polite phone calls. The problem with modelling a social engineering attack is that it requires implementing a good system for modelling conversations. It also requires that conversation model to have room for convincing people to tell you things (something that might be worth talking about in the conversation reboot thread).

dudeglove wrote:
Anyway, my main point is that I actually found the whole investigative "okay here's definitely a solid number in this bit, let's find it over there" part pretty fun, and I sort of see the appeal of hacking a game, or the process at least. What surprised me was how relatively simple it was, in that the values in-game 99% of the time directly corresponded to the values displayed in Cheat Engine, which is something I thought would maybe be a bit more encrypted? Basically what I'm saying is I'm going to break the crap out of Brigador when I finally sit back down to it.


That's really cool. That's exactly the sort of thing I'd like to implement. Something that you can dig through and investigate without having to learn code.

I haven't done much mucking around at such a low level as directly manipulating RAM, but yeah, programs don't typically try to encrypt their runtime memory. Programmers are usually just flustered enough getting the damn thing to work at all. All the values that you see on screen have to be stored somewhere, and it's all just ones and zeros, if you have a program that can access the memory it can just read it straight out. You used to be able to do it back in the day to anything in memory at all. All programs could read all the RAM on the machine. So if you could get a program onto the machine, everything running on it was as good as compromised. But now most operating systems abstract the memory so that programs can only function in their own space in RAM.


Top
 Profile  
 
 Post subject: Re: Hacking
PostPosted: May 11th, 2014, 1:38 pm 
Offline
User avatar

Joined: October 11th, 2010, 3:46 am
Posts: 3744
Location: Moscow
It's a bit hard to describe, but expanding on what I said before with FTL, there was also a couple of interesting fiddly moments that on reflection I've probably figured out what they are. Let's say we're flying the Kestrel. The base/top hull integrity is 30, and once you do the necessary narrowing down in-game i.e. intentionally take damage and then repair at a shop, cycling between the table of changing values and searching for the new one, you roughly narrow down the "hull" to four or five separate values from a table of several hundred "30s".

However, only one of these values is the "true" core value that I need to bump back up or freeze in order to assure I'm invulnerable. The other values, for lack of a better expression, either affect only aesthetics or are... umm... arbitrary? Let's say one value is only governing a visual element, such as the visual representation of hull damage as an HP bar. Changing that back to 30 *might* change the appearance of the HP bar, but if I later visit a repair shop, I'll find that I've still been taking damage, even though I changed the X out of 30 value (when I really should have changed Y or Z). All I've done from a basic sense is give the HP bar a fresh paint job to my eyes; the hull is still fucked as far as the game is concerned.

What a value could also be is not the "x", "y" or "z" part, but the "out of 30" part. I'm thinking that due to the game's programming, and I'm probably wrong, but the capped value of a ship is probably also in the memory along with the other parts. Changing this value or freezing it will either have no effect or achieve nothing, because it's not an independent variable and thus not changed by damage to the ship, BUT it has to be in there anyway to establish an upper limit to how much of the ship needs repaired.

This might be complete rubbish, but it was my thought process nonetheless as I went through my lame period of "hacking". The most math-ish thing I was ever good at personally was exothermic reaction tests AKA the dreaded titrations from sixth year chemistry which I seemed to extract some odd joy out of, even though I was shit at mathematics and physics, so I think less of the cheat engine thing in abstract terms as obscure or complicated lines of code, or streams of IFs ANDs or GOTOs, but more as a set of dependent and independent variables expressed as numerals.

As to why I'm posting this, well, I sort of found the whole thing engaging, so there's probably some game thingy to be extracted out of all this somewhere. In one of your previous posts you talked about trace % dependent on player actions. Taking a skewed FTL example, if you wanted to add a chance element, unless the player takes some significant effort to know the ins and outs of the system he's attacking, he could risk raising his trace level considerably by attempting to alter one of the narrowed-down variables on a target server e.g. Set withdrawal sum on ATM to 99999999... As for doing so, maybe the player is pushed for time, or is bored, or doesn't want to go to the hassle of dumpster diving for company info? It's a grotesque, blunt method of doing so, however, as looking at a server log would clearly show there's never been such a dramatic change in values before, clearly showing it's been attacked.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 18 posts ] 

All times are UTC - 6 hours


Who is online

Users browsing this forum: No registered users


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Template made by DEVPPL