Grey Hack
Nightly build: Sneak Preview
I would like to share with you the latest news about the development.
As some of you know, for some time the development has been focused on the nightly build, therefore the public version will not receive updates for a while until the development of the nightly build ends and merges as usual.
Here are some details of what you will find in the next nightly build.
Hidden missions around the world have been added, as well as other secrets, rewarding the exploration.
Now there are new types of files, such as images, chat logs and PDFs.
In many cases the information found here as in other types of files will be banal and will not have any relevance, other times they will offer interesting information about the world and what happens in it, and other times they will be clues that will lead to discovering a hidden mission.
Not only are these new types of files can be tied to missions, but any existing system could provide a valuable clue, such as emails, system logs, web pages, etc.
These hidden missions have a history, are more complex than missions on request (hackshops) and may require access to different networks in order to be completed.
The player will be able to choose how the mission will be finished, for example, in the case of discovering a crime, you can notify the police or or extort the criminal among other options, in which case the actions you take will have an impact on your karma level. Note that these actions may trigger future events even if the mission has been completed.
In addition to the missions hidden around the world, other types of missions of similar complexity and difficulty will be triggered based on your karma + reputation and will be much easier to access in addition to frequently having a continuity in their history between them.
For those who want to do direct and simpler missions, in addition to the hackhops, to which new missions will also be added, now the web pages of the police stations are also enabled to accept jobs, giving positive karma and reputation. On the other hand, certain missions of the hackshops, although they also give reputation, in many cases will provide negative karma.
The value of karma represents what type of hacker you are on the network and this together with your reputation can open or close doors in game events as well as the options that can be presented at the time of completing a mission.
To achieve this variety of missions, the npc system will be rewritten so that the AI has a more natural behavior and that its habits can be included as variables to take into account to solve certain missions or trigger a specific event.
Although these missions may eventually be repeated, as they are generated in procedurally created systems, the ways to access the systems involved in the missions will be different each time.
For the first public version of the nightly build, around 40 new missions of various types will be included, as well as other types of content that we could call lore.
During the development of the nightly build the number of missions will gradually increase until reaching an approximate number of 80 missions.
The number of missions will continue to increase in the next development cycles, although these are focused on other systems.
More news soon!
Hotfix - Update v0.7.3608a
Changelog
- Fixed regression bug from the previous version that left the subterminal in an unstable state if a remote connection was closed.
Update v0.7.3607a
Changelog
- Fixed bug #660: Can't find remote process when renaming a file from Desktop using UI.
- Fixed Bug #661: you can modify /var/system.log on rented server while not connected.
- Fixed bug that caused the process of the sub-terminals in remote computers not to be closed, if they were closed automatically when leaving the connection of their main terminal.
- Fixed regression bug that caused the "Main" button of the npcs websites not to work.
- Fixed bug that prevented the /server/rshelld start and /server/rshelld stop commands from being executed, returning an "Unknown program" message.
Update v0.7.3599a
Changelog
- CCTVs now have a user created with the name "cctv", whose password is the one required to access the camera instead of the root password.
NOTE: This change only applies to CCTVs generated from now on. The CCTVs generated prior to this update will continue to accept the root password to access.
- Added Social Engineering option to ask the network administrator for the password of a specific CCTV. The name of the administrator, the local address of the camera and the name of any npc that exists on the network are required.
- Fixed bug that caused admins to always restore CCTVs even if it was not necessary.
- Fixed Bug #187: Terminal and UI Main (social engineering) have the same focus.
- Fixed minor visual bugs in the Email program.
- Fixed bug in the rm command, not showing certain error messages if the deletion could not be performed.
Update v0.7.3595a
- Fixed regression bug when not correctly exiting to the previous shell from a subterminal that had become a main terminal, showing the FileSystem of the previous system.
- Fixed bug when showing recent pages created by players, returning an incorrect order.(2)
Update v0.7.3593a
- Copy, move, rename and touch methods during encode/decode are not allowed.
- Fixed bug in the terminal that did not return to prompt if a command was executed in a shell of a computer that had been deleted with ConfigLan.
- Fixed bug in ScanLan when showing certain local IPs as invalid.
Hotfix - Update v0.7.3591a
Changelog
- Fixed regression bug that caused emails with the details of some missions not to be received, especially affecting police missions.
Update v0.7.3590a
As usual, since the nightly version becomes the public version, the nightly branch has been closed until the next cycle.
Here is a summary of the main changes and features.
Player custom networks
Now rented servers are expanded to rented networks!
By renting a server, new devices can be added to the network, such as routers, switches, hubs or more servers to improve the security of your network, in addition to being able to add firewalls.
With the new ConfigLan tool, you will be able to remotely manage your networks, as well as reset them to their original state if for some reason you have lost the possibility of re-entering the network, either due to a configuration error or a hack.
Sniffers
With the introduction of sniffers, players can capture the passwords of npcs and other players.
Now the ssh and ftp services allow an encrypted connection, causing sniffers to only capture encrypted passwords. Although ssh and ftp have a default encryption method, it is easily creackable, since the source code is available for study in the Manual.
Therefore players can program their own encryption system to be used with these services, so that other players can try to crack the encryption system to obtain the password.
This mechanic consist of two scripts that will have to be installed on the server, Encode and Decode. Where sniffers can also capture the source code from Encode, but not from Decode.
As you can imagine, sniffers and encrypted connections will have more prominence in Multiplayer mode than in Single Player mode.
CCTV
Security cameras have also been implemented, adding one more attack vector.
In some networks you will find security cameras installed, usually in companies, that can show the interior of these buildings. If you look closely at the environment you may find useful information.
The cameras are accessible through the browser, since they use an http server to make the connection, although they require a password to access.
Reverse shells
That is, the victim connects to you, instead of you to the victim. This technique allows access to computers that do not have any service installed.
Reverse shells implicitly include the use of a Trojan, since to perform a reverse shell, you must first get the victim to execute your code through social engineering, and this code will install a local service that will connect to your IP as soon as possible, giving you access to a shell.
Keep in mind that you will have to have a publicly accessible service, such as ssh, for this technique to work, making you vulnerable to attacks from others.
Firewalls
Firewalls can be activated on routers, and can be configured to block the entry of traffic through a specific port, or on the contrary allow access to certain IP addresses.
While some versions of kernel_router.so may allow an exploit to disable the firewall, the secure versions will need a bit more work to get through the firewall.
With the new scanrouter tool, which you will be able to find in hackshops, you will be able to scan routers from the outside to know their firewall configuration, in this way you can know which IP addresses are allowed, opening a possible entry to the system when connecting through a machine with a allowed IP.
Bug-fixes and other improvements
Improvements have also been added to the interface as well as to the search for content from other players in the internet seach engine, sorting player made web pages by popularity.
In addition to this new features, a significant number of bugs have been fixed. You can check the details in the changelogs of the nightly build prior to this version.
Thanks for your feedback and support!
More news soon!
[Nightly] Update v0.7.3589a
Changelog
- Fixed regression bug causing sniffers not to capture the password of an encrypted ssh connection, if the credentials had been entered incorrectly.
- Fixed bug that left the terminal unstable after receiving the message "Terminal already open."
- Removed the message "Terminal already open". Now it is allowed to make an ssh connection to itself.
- Fixed regression bug that sometimes caused windows that were not connected to certain main terminals to close when the connection ends.
- Fixed bug in ScanLan that caused some CCTV to have the wrong icon.
- Fixed bug that could cause an npc admin to restore user accounts belonging to other devices on the lan, creating duplicate users on the network.
[Nightly] Update v0.7.3584a
- Added new button on the internet search page, to show the web pages created by players ordered by popularity. The popularity of a web page will increase as it receives unique visits to the web.
- Added new button on the internet search page to show a random web page created by a player.
- Fixed bug when showing recent pages created by players, returning an incorrect order.
- Fixed crash in the file.copy and file.move methods, when passing null in any of the arguments.
[Nightly] Update v0.7.3581a
Changelog
- Added vulnerability in kernel_router.so library requiring a specific number of computers using the router as gateway.
- The ssh connection is interrupted if there is an error in the encryption when enabled.
- When connecting by ssh, if there is an error in the encryption when enabled, instead of showing the plain password, the sniffer will capture the encrypted password or no password if it has not been encrypted due the error.
- The /lib folder may have permissions open to guest in networks whose admin has low skills.
- Fixed bug whereby an administrator did not restore the router if the kernel_router.so library had been deleted (2)
- Fixed regression bug that prevented a remote sub-terminal from closing with the exit command.
- Fixed regression bug whereby open programs from a subterminal were not closed when it was closed directly.
- Updated moderation tools.
- Added field in sshd.conf to disable the "Encryption enabled" message if encryption is enabled.
- Fixed regression bug in exploits generated in hackshops that used decipher, causing an error to always be returned.
[Nightly] Update v0.7.3584a
- Added new button on the internet search page, to show the web pages created by players ordered by popularity. The popularity of a web page will increase as it receives unique visits to the web.
- Added new button on the internet search page to show a random web page created by a player.
- Fixed bug when showing recent pages created by players, returning an incorrect order.
- Fixed crash in the file.copy and file.move methods, when passing null in any of the arguments.
[Nightly] Update v0.7.3570a
Changelog
- Added Task Switcher. You can invoke it at any time with the Control+Tab key combination. To cancel the action press the Escape key.
- Now a subterminal (a terminal window opened from another) no longer closes any other open program in the remote connection. Now a subterminal is treated like any other visual program open in a remote machine and only the terminal that has made the remote connection will write the close log and close any program that is left open.
- Now it is indicated in the terminal bar window if we are in a terminal that has made the remote connection.
- Fixed #Bug 121: closing a remote terminal window in a server is interpeted as connection closed in system.log
- Fixed #Bug 513: Bouncing through proxies in script does not function as it should
- Fixed a bug that could cause the last files created or modified in a loop to be lost on a remote computer, if another remote computer was being accessed.
- Fixed #Bug 651: UI Scaling Produces Inconsistent Window Resize.
- Fixed Bug # 649: Port forwards are not cleared on ConfigLan reset, but a new permanent port 8080 is added each time.
- Fixed Bug # 648: ConfigLan.exe computer duplication glitch by connect (you will see that the computers duplicate if you keep pressing the connect button on ConfigLan.exe)
- Websites are inaccessible if the main router where it is located does not have the kernel_router.so library.
- Webs are removed from internet searches if there is an invalid or missing kernel_router.so library.
- metaxploit.net_use will not connect with a network whose main router has an invalid or missing kernel_router.so library.
- Fixed bug that caused the npc administrators not to restore the kernel_router.so library.
- Fixed bug that left the terminal in an unstable state if its own process was closed from a script.
- Fixed bug that could leave the terminal in an unstable state after trying to exit from a reverse shell received from a player's pc on a rented server.
- Use of file.get_content during encode/decode is not allowed.
[Nightly] Update v0.7.3552a
Changelog
- Fixed bug that could avoid rent servers if the user had a malformed ConfigLan.conf file.
- Fixed bug #645: Variables keep old versions of objects when they are changed.
- Fixed bug that could cause the insecure variable of a library to contain the character "\\n", causing problems for its use with other commands.
Note: this fix applies to vulnerabilities generated from now on.