matejdro Posted September 11, 2012 Posted September 11, 2012 There is a way to very easily crash server using CC computer. Just make a new program with that code and run it: Code removed, PM me if you want to test. It will basically cycle through redstone states very fast and in few seconds server will crash with RedPower error. And if bad guy added that to the startup script and there is a chunkloader nearby, server will also crash almost immediately after starting up, rendering it useless. FIX: Add this to the end of the /mods/ComputerCraft/lua/rom/startup : oldRedstoneFunction = rs.setOutput rs.setOutput = function(side, bool) sleep(0.05) oldRedstoneFunction(side, bool) end This will add small delay to the rs.setOutput function, which is just enough to solve this issue. I also recommend replacing oldRedstoneFunction with something else (just any word will do it), because if attacker knows this word, he can circumvent protection. Explanation on how this fix works: CLICK
Watchful11 Posted September 11, 2012 Posted September 11, 2012 This is a good thing to know, but its also good to be discrete about these things. If anyone searches these forums for "crash servers with cc" or even just crash server, they will quickly find this thread. I would remove the code that causes the crash. Its enough to just describe what a hammer does without handing anyone who wants it the hammer they can use without effort.
greedseed Posted September 12, 2012 Posted September 12, 2012 hmm awsome that this is fixt ! Are there any more things that actualy easly crash a server with CC ? Sould make a list of what can crash a server and add the fix below. This way we will finely get more SAFE CC servers !
matejdro Posted September 12, 2012 Author Posted September 12, 2012 I know I should be more discrete, but I wanted to put instructions on so admins can test how serious this issue is. And fix is included, so it should not matter. It's also fixed in ComputerCraft 1.4, so this fix is only temporary until next tekkit.
BaileyJay Posted September 14, 2012 Posted September 14, 2012 This is a good thing to know, but its also good to be discrete about these things. If anyone searches these forums for "crash servers with cc" or even just crash server, they will quickly find this thread. I would remove the code that causes the crash. Its enough to just describe what a hammer does without handing anyone who wants it the hammer they can use without effort. Then how do we stop it? We gotta have to code in-order to stop it.
Watchful11 Posted September 14, 2012 Posted September 14, 2012 Um, he left the code for how to stop it. He just removed the code for how to create it and asked people to pm him if they need it.
Diabloz Posted September 14, 2012 Posted September 14, 2012 Then how do we stop it? We gotta have to code in-order to stop it. this is the fix as he posted all you need to do is follow his instruction: For example: As stated by matejdro: FIX: Add this to the end of the /mods/ComputerCraft/lua/rom/startup : Code: oldRedstoneFunction = rs.setOutput rs.setOutput = function(side, bool) sleep(0.05) oldRedstoneFunction(side, bool) end Or you could stop it by just typing in at the top oldRedstoneFunction = nil
BaileyJay Posted September 14, 2012 Posted September 14, 2012 You both mis-understood me. I was replying to Watchful. I'm meaning if he were to remove the code to pervent people from using to crash servers then how else would people get the fix? Pming him? He's going to get pinned in a corner. Anyways, when you have exploits out the in opened. They get fixed faster. All major security enterprises do this, Cisco would be a prime example.
matejdro Posted September 14, 2012 Author Posted September 14, 2012 I only removed crashing code, not the fix. So people can still get the fix.
Diabloz Posted September 14, 2012 Posted September 14, 2012 You both mis-understood me. I was replying to Watchful. I'm meaning if he were to remove the code to pervent people from using to crash servers then how else would people get the fix? Pming him? He's going to get pinned in a corner. Anyways, when you have exploits out the in opened. They get fixed faster. All major security enterprises do this, Cisco would be a prime example. You're right, but to watchful, the crashing code isn't there anymore so it shouldn't be an issue anymore, sorry for miss understanding. Besides only very experience CC players have the ability to find this code in the first place, Most will do this for fun and will usually keep this code to them selves so other can't find a fix. You shouldn't be worried about this as long as you do this code.
warpspeed10 Posted September 14, 2012 Posted September 14, 2012 For anyone not familiar with Lua, I'll try to explain what's going on here. It's not magic. oldRedstoneFunction = rs.setOutput rs.setOutput = function(side, bool) sleep(0.05) oldRedstoneFunction(side, bool) end Firstly, functions in Lua are unique in that they can act similar to variables. What the first line does is assign the pre-written function, rs.setOutput, to the new function called oldRedstoneOutput. oldRedstoneFunction = rs.setOutput oldRedstoneOutput now behaves in exactly the same way as rs.setOutput, in fact, they are exactly the same functions just with different names. We needed to back up the original rs.setOutput function because now we are about to overwrite it. rs.setOutput = function(side, bool) This line overwrites the original rs.setOutput function that shipped with the mod. We assign it a function that takes in two arguments, side and bool. Note, this removes its old functionality. The next line is the big fix sleep(0.05) This simply tells the computer to not do anything for 1/20th of a second, or one tick. That's all fine and dandy, but all our new function does is take a nap for a tick. We need to make this function set the redstone output on a given side. Remember though, we backed up the old rs.setOutput function with the function called oldRedstoneFunction. oldRedstoneFunction(side, bool) oldRedstoneFunction sets the redstone output on a given side true or false just like the old function we assigned it did. Thus it needs the same arguments. The final line of code simply ends the function definition. end So, really all we have done is overwritten rs.setOutput with a new function that behaves in precisely the same way, however; it will sleep for one tick every time it sets the redstone output.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now