Trojaner
commented
4 years ago How to send malware 101
Closed Sl4vP0weR closed 3 years ago
Trojaner
commented
4 years ago How to send malware 101
keenan-smith
commented
4 years ago mmm remote code execution yummy
Sl4vP0weR
commented
4 years ago How to send malware 101
Prohibitions for compilation will not allow to create malware, u just found another reason to dont creating any useful code additions
ghost
commented
4 years ago literally half of the namespaces you used in your demo could be leveraged to execute arbitrary code on the user's system, including SDG.Unturned; not only this, but "limiting" reflection in that way isn't easy to do without it being trivial to bypass. the only two ways this could work is if you had your own separate mono runtime with all dangerous shit literally compiled out, and that's not really possible given the fact that you wouldn't be able to access unityengine functions, or a sandbox like you proposed, but fuck up once and it's pretty much over.
Sl4vP0weR
commented
4 years ago including SDG.Unturned;
Wdym ? SDG.Unturned is main namespace of the game, why u think that it can be dangerous ? I wrote only basic workspace namespaces.
Trojaner
commented
4 years ago SDG.Unturned allows you write to arbitrary files, which would allow you to escape any sandbox
Prohibitions for compilation will not allow to create malware
You take this too easy. Unless you can prove that 100% no escape / malicious code is possible, you are putting MILLIONS of players into danger. If you really want to have client side code, consider proposing a script language like javascript instead, where you have full control over all APIs.
Sl4vP0weR
commented
4 years ago SDG.Unturned allows you write to arbitrary files, which would allow you to escape any sandbox
Prohibitions for compilation will not allow to create malware
You take this too easy. Unless you can prove that 100% no escape / malicious code is possible, you are putting MILLIONS of players into danger. If you really want to have client side code, consider proposing a script language like javascript instead, where you have full control over all APIs.
It doesn’t matter if this is JavaScript or CSharp, in RAGEMP you can use both languages, what prevents to do similar ?
ghost
commented
4 years ago because ragemp and fivem and other frameworks like them all have their own custom mono build that stops access to bad stuff. for reasons mentioned above, you can't do that in unturned because then you couldn't do anything unity related.
Sl4vP0weR
commented
4 years ago because ragemp and fivem and other frameworks like them all have their own custom mono build that stops access to bad stuff. for reasons mentioned above, you can't do that in unturned because then you couldn't do anything unity related.
Sounds believable
Sl4vP0weR
commented
4 years ago But I still think it's possible to create
rube200
commented
4 years ago For malicious servers, it is possible to have a system where it is possible to give a vac / battleeye ban
educatalan02
commented
4 years ago For malicious servers, it is possible to have a system where it is possible to give a vac / battleeye ban
Unturned is free, it wont work that
Johnanater
commented
4 years ago Other games do implement this sort of stuff into their own scripting languages/mono runtimes, but even those have loopholes. Gary's Mod for example had some nasty Lua exploits.
TH3AL3X
commented
4 years ago For malicious servers, it is possible to have a system where it is possible to give a vac / battleeye ban
Unturned is free, it wont work that
We can talk about Battleye hwid bans, anyways for example enable those functions with insecure servers maybe?
archie426
commented
4 years ago @TH3AL3X ??????? You do realise RCE isn't confined to getting someone BE banned... right?
TH3AL3X
commented
4 years ago @TH3AL3X ???????
You do realise RCE isn't confined to getting someone BE banned... right?
I’m brain dead
archie426
commented
4 years ago Awww don't put yourself down like that
TH3AL3X
commented
4 years ago Awww don't put yourself down like that
Nah I was thinking if the server use malicious code just hwid ban, idk brain dead again
Mod should include "Scripts" folder for this interaction. When player join on the server with this mod, game should compile script methods on the player side. Example of this mod: Mod.zip Server plug-in's can call methods from scripts:
Provider.sendExecuteScript(/* player s64id */up.CSteamID, modID, /* script */ "1.cs", /* method */ "hideGUI", /* args */ new object[] {});Compilation should have basics namespaces like: [ System(restricted classes: Environment, GC, etc.); System.Threading; System.Collections.Generic; System.Linq; Steamworks; System.Collections; System.Text; System.Text.RegularExpressions; System.Reflection(with limited access to system namespaces); SDG.Unturned; UnityEngine(all modules in or with some restricted); ], and should compile only: instance, not extern I know, its alot of the work, but it will be very useful, I think.