aboutsummaryrefslogtreecommitdiff
path: root/ShiftOS.WinForms/HackerCommands.cs
diff options
context:
space:
mode:
Diffstat (limited to 'ShiftOS.WinForms/HackerCommands.cs')
-rw-r--r--ShiftOS.WinForms/HackerCommands.cs608
1 files changed, 608 insertions, 0 deletions
diff --git a/ShiftOS.WinForms/HackerCommands.cs b/ShiftOS.WinForms/HackerCommands.cs
new file mode 100644
index 0000000..7861981
--- /dev/null
+++ b/ShiftOS.WinForms/HackerCommands.cs
@@ -0,0 +1,608 @@
+using System;
+using System.Collections.Generic;
+using System.Diagnostics;
+using System.Linq;
+using System.Text;
+using System.Threading;
+using System.Threading.Tasks;
+using Newtonsoft.Json;
+using ShiftOS.Engine;
+using ShiftOS.Objects;
+using ShiftOS.WinForms.Applications;
+using static ShiftOS.Objects.ShiftFS.Utils;
+
+namespace ShiftOS.WinForms
+{
+ [Namespace("puppy")]
+ [RequiresUpgrade("hacker101_deadaccts")]
+ [KernelMode]
+ public static class KernelPuppyCommands
+ {
+ [Command("clear", true)]
+ public static bool ClearLogs()
+ {
+ WriteAllText("0:/system/data/kernel.log", "");
+ Console.WriteLine("<watchdog> logs cleared successfully.");
+ return true;
+ }
+ }
+
+ [Namespace("krnl")]
+ public static class KernelCommands
+ {
+ [Command("control", true)]
+ [RequiresArgument("pass")]
+ public static bool Control(Dictionary<string, object> args)
+ {
+ if(args["pass"].ToString() == ServerManager.thisGuid.ToString())
+ {
+ KernelWatchdog.Log("warn", "User has breached the kernel.");
+ KernelWatchdog.EnterKernelMode();
+ }
+ return true;
+ }
+
+ [Command("lock_session")]
+ [KernelMode]
+ public static bool LeaveControl()
+ {
+ KernelWatchdog.Log("inf", "User has left the kernel-mode session.");
+ KernelWatchdog.LeaveKernelMode();
+ KernelWatchdog.MudConnected = true;
+ return true;
+ }
+ }
+
+ [Namespace("hacker101")]
+ [RequiresUpgrade("hacker101_deadaccts")]
+ public static class HackerCommands
+ {
+ private static void writeSlow(string text)
+ {
+ Console.Write("[hacker101@undisclosed]: ");
+ Thread.Sleep(200);
+ Console.WriteLine(text);
+ Thread.Sleep(1000);
+ }
+
+ [Story("hacker101_deadaccts")]
+ public static void DeadAccountsStory()
+ {
+ if (!terminalIsOpen())
+ {
+ AppearanceManager.SetupWindow(new Terminal());
+ }
+
+ var t = new Thread(() =>
+ {
+ Console.WriteLine("[sys@mud]: Warning: User connecting to system...");
+ Thread.Sleep(75);
+ Console.WriteLine("[sys@mud]: UBROADCAST: Username: hacker101 - Sysname: undisclosed");
+ Thread.Sleep(50);
+ Console.Write("--locking mud connection resources...");
+ Thread.Sleep(50);
+ Console.WriteLine("...done.");
+ Console.Write("--locking user input... ");
+ Thread.Sleep(75);
+ TerminalBackend.PrefixEnabled = false;
+ TerminalBackend.InStory = true;
+ Console.WriteLine("...done.");
+
+ Thread.Sleep(2000);
+ writeSlow($"Hello there, fellow multi-user domain user.");
+ writeSlow("My name, as you can tell, is hacker101.");
+ writeSlow("And yours must be... don't say it... it's " + SaveSystem.CurrentSave.Username + "@" + SaveSystem.CurrentSave.SystemName + ", right?");
+ writeSlow("Of course it is.");
+ writeSlow("And I bet you 10,000 Codepoints that you have... " + SaveSystem.CurrentSave.Codepoints.ToString() + " Codepoints.");
+ writeSlow("Oh, and how much upgrades have you installed since you first started using ShiftOS?");
+ writeSlow("That would be... uhh... " + SaveSystem.CurrentSave.CountUpgrades().ToString() + ".");
+ writeSlow("I'm probably freaking you out right now. You are probably thinking that you're unsafe and need to lock yourself down.");
+ writeSlow("But, don't worry, I mean no harm.");
+ writeSlow("In fact, I am a multi-user domain safety activist and security professional.");
+ writeSlow("I need your help with something.");
+ writeSlow("Inside the multi-user domain, every now and then these 'dead' user accounts pop up.");
+ writeSlow("They're infesting everything. They're in every legion, they infest chatrooms, and they take up precious hard drive space.");
+ writeSlow("Eventually there's going to be tons of them just sitting there taking over the MUD. We can't have that.");
+ writeSlow("It sounds like a conspiracy theory indeed, but it's true, in fact, these dead accounts hold some valuable treasures.");
+ writeSlow("I'm talking Codepoints, skins, documents, the possibilities are endless.");
+ writeSlow("I'm going to execute a quick sys-script that will show you how you can help get rid of these accounts, and also gain some valuable resources to help you on your digital frontier.");
+ writeSlow("This script will also show you the fundamentals of security exploitation and theft of resources - which if you want to survive in the multi-user domain is paramount.");
+ writeSlow("Good luck.");
+ Thread.Sleep(1000);
+ Console.WriteLine("--user disconnected");
+ Thread.Sleep(75);
+ Console.WriteLine("--commands unlocked - check sos.help.");
+ Thread.Sleep(45);
+ SaveSystem.SaveGame();
+ Console.Write("--unlocking user input...");
+ Thread.Sleep(75);
+ Console.Write(" ..done");
+ TerminalBackend.InStory = false;
+ TerminalBackend.PrefixEnabled = true;
+ Console.Write($"{SaveSystem.CurrentSave.Username}@{SaveSystem.CurrentSave.SystemName}:~$ ");
+ StartHackerTutorial();
+ });
+ t.IsBackground = true;
+ t.Start();
+ }
+
+ internal static void StartHackerTutorial()
+ {
+ Desktop.InvokeOnWorkerThread(() =>
+ {
+ var tut = new TutorialBox();
+ AppearanceManager.SetupWindow(tut);
+
+ new Thread(() =>
+ {
+
+
+ int tutPos = 0;
+ Action ondec = () =>
+ {
+ if (tutPos == 2)
+ tutPos++;
+ };
+ TerminalBackend.CommandProcessed += (o, a) =>
+ {
+ switch (tutPos)
+ {
+
+ case 0:
+ case 10:
+ if (o.ToLower().StartsWith("mud.disconnect"))
+ {
+ tutPos++;
+ }
+ break;
+ case 11:
+ if (o.ToLower().StartsWith("krnl.lock_session"))
+ tutPos++;
+ break;
+ case 1:
+ if (o.ToLower().StartsWith("hacker101.brute_decrypt"))
+ {
+ if (a.Contains("0:/system/data/kernel.log"))
+ {
+ tutPos++;
+ }
+ }
+ break;
+ case 3:
+ if (o.ToLower().StartsWith("krnl.control"))
+ {
+ tutPos++;
+ }
+ break;
+ case 4:
+ if (o.ToLower().StartsWith("puppy.clear"))
+ tutPos++;
+ break;
+ case 5:
+ if (o.ToLower().StartsWith("mud.reconnect"))
+ tutPos++;
+ break;
+ case 6:
+ if (o.ToLower().StartsWith("mud.sendmsg"))
+ {
+ var msg = JsonConvert.DeserializeObject<dynamic>(a);
+ try
+ {
+ if (msg.header == "getusers" && msg.body == "dead")
+ tutPos++;
+ }
+ catch
+ {
+
+ }
+ }
+ break;
+ case 7:
+ if (o.ToLower().StartsWith("hacker101.breach_user_password"))
+ tutPos++;
+ break;
+ case 8:
+ if (o.ToLower().StartsWith("hacker101.print_user_info"))
+ tutPos++;
+ break;
+ case 9:
+ if (o.ToLower().StartsWith("hacker101.steal_codepoints"))
+ tutPos++;
+ break;
+ }
+ };
+ tut.SetObjective("Welcome to the dead account exploitation tutorial. In this tutorial you will learn the basics of hacking within the multi-user domain.");
+ Thread.Sleep(1000);
+ tut.SetObjective("We will start with a simple system exploit - gaining kernel-level access to ShiftOS. This can help you perform actions not ever possible in the user level.");
+ Thread.Sleep(1000);
+ tut.SetObjective("To gain root access, you will first need to breach the system watchdog to keep it from dialing home to DevX.");
+ Thread.Sleep(1000);
+ tut.SetObjective("The watchdog can only function when it has a successful connection to the multi-user domain. You will need to use the MUD Control Centre to disconnect yourself from the MUD. This will lock you out of most features. To disconnect from the multi-user domain, simply run the 'mud.disconnect' command.");
+ while(tutPos == 0)
+ {
+
+ }
+ tut.SetObjective("As you can see, the kernel watchdog has shut down temporarily, however before the disconnect it was able to tell DevX that it has gone offline.");
+ Thread.Sleep(1000);
+ tut.SetObjective("You'll also notice that commands like the shiftorium, MUD control centre and various applications that utilize these system components no longer function.");
+ Thread.Sleep(1000);
+ tut.SetObjective("The watchdog, however, is still watching. DevX was smart and programmed the kernel to log all events to a local file in 0:/system/data/kernel.log.");
+ Thread.Sleep(1000);
+ tut.SetObjective("You will need to empty out this file before you can connect to the multi-user domain, as the watchdog will send the contents of this file straight to DevX.");
+ Thread.Sleep(1000);
+ tut.SetObjective("Or, you can do what we're about to do and attempt to decrypt the log and sniff out the kernel-mode access password.");
+ Thread.Sleep(1000);
+ tut.SetObjective("This will allow us to gain kernel-level access to our system using the krnl.control{pass:} command.");
+ Thread.Sleep(1000);
+ tut.SetObjective("Let's start decrypting the log file using the hacker101.brute_decrypt{file:} script. The file: argument is a string and should point to a .log file. When the script succeeds, you will see a TextPad open with the decrypted contents.");
+ while(tutPos == 1)
+ {
+
+ }
+ onCompleteDecrypt += ondec;
+ tut.SetObjective("This script isn't the most agile script ever, but it'll get the job done.");
+ while(tutPos == 2)
+ {
+
+ }
+ onCompleteDecrypt -= ondec;
+ tut.SetObjective("Alright - it's done. Here's how it's laid out. In each log entry, you have the timestamp, then the event name, then the event description.");
+ Thread.Sleep(1000);
+ tut.SetObjective("Look for the most recent 'mudhandshake' event. This contains the kernel access code.");
+ Thread.Sleep(1000);
+ tut.SetObjective("Once you have it, run 'krnl.control{pass:\"the-kernel-code-here\"}. This will allow you to gain access to the kernel.");
+ while(tutPos == 3)
+ {
+
+ }
+ tut.SetObjective("You are now in kernel mode. Every command you enter will run on the kernel. Now, let's clear the watchdog's logfile and reconnect to the multi-user domain.");
+ Thread.Sleep(1000);
+ tut.SetObjective("To clear the log, simply run 'puppy.clear'.");
+ while(tutPos == 4)
+ {
+
+ }
+ tut.SetObjective("Who's a good dog... You are, ShiftOS. Now, we can connect back to the MUD using 'mud.reconnect'.");
+ Thread.Sleep(1000);
+ while(tutPos == 5)
+ {
+
+ }
+ tut.SetObjective("We have now snuck by the watchdog and DevX has no idea. With kernel-level access, everything you do is not logged, however if you perform too much in one shot, you'll get kicked off and locked out of the multi-user domain temporarily.");
+ Thread.Sleep(1000);
+ tut.SetObjective("So, let's focus on the job. You want to get into one of those fancy dead accounts, don't ya? Well, first, we need to talk with the MUD to get a list of these accounts.");
+ Thread.Sleep(1000);
+ tut.SetObjective("Simply run the `mud.sendmsg` command, specifying a 'header' of \"getusers\", and a body of \"dead\".");
+ while(tutPos == 6)
+ {
+
+ }
+ tut.SetObjective("Great. We now have the usernames and sysnames of all dead accounts on the MUD. Now let's use the hacker101.breach_user_password{user:,sys:} command to breach one of these accounts' passwords.");
+ while(tutPos == 7)
+ {
+
+ }
+ tut.SetObjective("There - you now have access to that account. Use its password, username and sysname and run the hacker101.print_user_info{user:,pass:,sys:} command to print the entirety of this user's information.");
+ while(tutPos == 8)
+ {
+
+ }
+ tut.SetObjective("Now you can see a list of the user's Codepoints among other things. Now you can steal their codepoints by using the hacker101.steal_codepoints{user:,pass:,sys;,amount:} command. Be careful. This may alert DevX.");
+ while(tutPos == 9)
+ {
+
+ }
+ if(devx_alerted == true)
+ {
+ tut.SetObjective("Alright... enough fun and games. DevX just found out we were doing this.");
+ Thread.Sleep(500);
+ tut.SetObjective("Quick! Disconnect from the MUD!!");
+ while(tutPos == 10)
+ {
+
+ }
+ tut.SetObjective("Now, get out of kernel mode! To do that, run krnl.lock_session.");
+ while(tutPos == 11)
+ {
+
+ }
+
+ }
+ else
+ {
+ tut.SetObjective("OK, that was risky, but we pulled it off. Treat yourself! But first, let's get you out of kernel mode.");
+ Thread.Sleep(500);
+ tut.SetObjective("First we need to get you off the MUD. Simply run mud.disconnect again.");
+ while (tutPos == 10)
+ {
+
+ }
+ tut.SetObjective("Now, let's run krnl.lock_session. This will lock you back into the user mode, and reconnect you to the MUD.");
+ while (tutPos == 11)
+ {
+
+ }
+ tut.SetObjective("If, for some reason, DevX DOES find out, you have to be QUICK to get off of kernel mode. You don't want to make him mad.");
+ }
+
+ Thread.Sleep(1000);
+ tut.SetObjective("So that's all for now. Whenever you're in kernel mode again, and you have access to a user account, try breaching their filesystem next time. You can use sos.help{ns:} to show commands from a specific namespace to help you find more commands easily.");
+ Thread.Sleep(1000);
+ tut.SetObjective("You can now close this window.");
+ tut.IsComplete = true;
+
+ }).Start();
+ });
+ }
+
+ private static bool devx_alerted = false;
+
+ private static event Action onCompleteDecrypt;
+
+ private static bool terminalIsOpen()
+ {
+ foreach(var win in AppearanceManager.OpenForms)
+ {
+ if (win.ParentWindow is Terminal)
+ return true;
+ }
+ return false;
+ }
+
+ const string chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890-_";
+
+ [Command("breach_user_password")]
+ [KernelMode]
+ [RequiresArgument("user")]
+ [RequiresArgument("sys")]
+ [RequiresUpgrade("hacker101_deadaccts")]
+ public static bool BreachUserPassword(Dictionary<string, object> args)
+ {
+ string usr = args["user"].ToString();
+ string sys = args["sys"].ToString();
+
+ ServerMessageReceived msgReceived = null;
+
+ Console.WriteLine("--hooking system thread...");
+
+ msgReceived = (msg) =>
+ {
+ if(msg.Name == "user_data")
+ {
+ var sve = JsonConvert.DeserializeObject<Save>(msg.Contents);
+ var rnd = new Random();
+ var sw = new Stopwatch();
+ sw.Start();
+ string pass = "";
+ for(int i = 0; i < sve.Password.Length; i++)
+ {
+ char c = '\0';
+ while (c != sve.Password[i])
+ c = chars[rnd.Next(0, chars.Length)];
+ pass += c;
+ Thread.Sleep(rnd.Next(25,75));
+ }
+ sw.Stop();
+ Console.WriteLine(pass);
+ Console.WriteLine();
+ Console.WriteLine("--password breached. Operation took " + sw.ElapsedMilliseconds + " milliseconds.");
+ ServerManager.MessageReceived -= msgReceived;
+ }
+ else if(msg.Name == "user_data_not_found")
+ {
+ Console.WriteLine("--access denied.");
+ ServerManager.MessageReceived -= msgReceived;
+ }
+ };
+
+ Console.WriteLine("--beginning brute-force attack on " + usr + "@" + sys + "...");
+ Thread.Sleep(500);
+ ServerManager.MessageReceived += msgReceived;
+
+ ServerManager.SendMessage("get_user_data", JsonConvert.SerializeObject(new
+ {
+ user = usr,
+ sysname = sys
+ }));
+ return true;
+ }
+
+ [Command("print_user_info")]
+ [KernelMode]
+ [RequiresArgument("pass")]
+ [RequiresArgument("user")]
+ [RequiresArgument("sys")]
+ [RequiresUpgrade("hacker101_deadaccts")]
+ public static bool PrintUserInfo(Dictionary<string, object> args)
+ {
+ string usr = args["user"].ToString();
+ string sys = args["sys"].ToString();
+ string pass = args["pass"].ToString();
+
+ ServerMessageReceived msgReceived = null;
+
+ Console.WriteLine("--hooking multi-user domain response call...");
+
+ msgReceived = (msg) =>
+ {
+ if (msg.Name == "user_data")
+ {
+ var sve = JsonConvert.DeserializeObject<Save>(msg.Contents);
+ if(sve.Password == pass)
+ {
+ Console.WriteLine("Username: " + sve.Username);
+ Console.WriteLine("Password: " + sve.Password);
+ Console.WriteLine("System name: " + sve.SystemName);
+ Console.WriteLine();
+ Console.WriteLine("Codepoints: " + sve.Codepoints.ToString());
+
+ }
+ else
+ {
+ Console.WriteLine("--access denied.");
+ }
+ ServerManager.MessageReceived -= msgReceived;
+
+ }
+ else if (msg.Name == "user_data_not_found")
+ {
+ Console.WriteLine("--access denied.");
+ ServerManager.MessageReceived -= msgReceived;
+ }
+ };
+
+ Console.WriteLine("--contacting multi-user domain...");
+ Thread.Sleep(500);
+ ServerManager.MessageReceived += msgReceived;
+
+ ServerManager.SendMessage("get_user_data", JsonConvert.SerializeObject(new
+ {
+ user = usr,
+ sysname = sys
+ }));
+ return true;
+ }
+
+ [Command("steal_codepoints")]
+ [KernelMode]
+ [RequiresArgument("amount")]
+ [RequiresArgument("pass")]
+ [RequiresArgument("user")]
+ [RequiresArgument("sys")]
+ [RequiresUpgrade("hacker101_deadaccts")]
+ public static bool StealCodepoints(Dictionary<string, object> args)
+ {
+ string usr = args["user"].ToString();
+ string sys = args["sys"].ToString();
+ string pass = args["pass"].ToString();
+ long amount = (long)args["amount"];
+
+ if(amount < 0)
+ {
+ Console.WriteLine("--invalid codepoint amount - halting...");
+ return true;
+ }
+
+ ServerMessageReceived msgReceived = null;
+
+ Console.WriteLine("--hooking multi-user domain response call...");
+
+ msgReceived = (msg) =>
+ {
+ if (msg.Name == "user_data")
+ {
+ var sve = JsonConvert.DeserializeObject<Save>(msg.Contents);
+ if (sve.Password == pass)
+ {
+ if(amount > sve.Codepoints)
+ {
+ Console.WriteLine("--can't steal this many codepoints from user.");
+ return;
+ }
+
+ sve.Codepoints -= amount;
+ SaveSystem.TransferCodepointsFrom(sve.Username, amount);
+ ServerManager.SendMessage("mud_save_allow_dead", JsonConvert.SerializeObject(sve));
+ SaveSystem.SaveGame();
+ }
+ else
+ {
+ Console.WriteLine("--access denied.");
+ }
+
+ ServerManager.MessageReceived -= msgReceived;
+ }
+ else if (msg.Name == "user_data_not_found")
+ {
+ Console.WriteLine("--access denied.");
+ ServerManager.MessageReceived -= msgReceived;
+ }
+ };
+
+ Console.WriteLine("--contacting multi-user domain...");
+ Thread.Sleep(500);
+ ServerManager.MessageReceived += msgReceived;
+
+ ServerManager.SendMessage("get_user_data", JsonConvert.SerializeObject(new
+ {
+ user = usr,
+ sysname = sys
+ }));
+ return true;
+ }
+
+
+
+ [Command("brute_decrypt", true)]
+ [RequiresArgument("file")]
+ public static bool BruteDecrypt(Dictionary<string, object> args)
+ {
+ if (FileExists(args["file"].ToString()))
+ {
+ string pass = new Random().Next(1000, 10000).ToString();
+ string fake = "";
+ Console.WriteLine("Beginning brute-force attack on password.");
+ var s = new Stopwatch();
+ s.Start();
+ for(int i = 0; i < pass.Length; i++)
+ {
+ for(int num = 0; num < 10; num++)
+ {
+ if(pass[i].ToString() == num.ToString())
+ {
+ fake += num.ToString();
+ Console.Write(num);
+ }
+ }
+ }
+ s.Stop();
+
+ Console.WriteLine("...password cracked - operation took " + s.ElapsedMilliseconds + " milliseconds.");
+ var tp = new TextPad();
+ AppearanceManager.SetupWindow(tp);
+ WriteAllText("0:/temp.txt", ReadAllText(args["file"].ToString()));
+ tp.LoadFile("0:/temp.txt");
+ Delete("0:/temp.txt");
+ onCompleteDecrypt?.Invoke();
+ }
+ else
+ {
+ Console.WriteLine("brute_decrypt: file not found");
+ }
+ return true;
+ }
+ }
+
+ [Namespace("storydev")]
+ public static class StoryDevCommands
+ {
+ [Command("start", description = "Starts a story plot.", usage ="id:string")]
+ [RequiresArgument("id")]
+ [RemoteLock]
+ public static bool StartStory(Dictionary<string, object> args)
+ {
+ Story.Start(args["id"].ToString());
+ return true;
+ }
+
+ [Command("unexperience", description = "Marks a story plot as not-experienced yet.", usage ="id:string")]
+ [RemoteLock]
+ [RequiresArgument("id")]
+ public static bool Unexperience(Dictionary<string, object> args)
+ {
+ string id = args["id"].ToString();
+ if (SaveSystem.CurrentSave.StoriesExperienced.Contains(id))
+ {
+ Console.WriteLine("Unexperiencing " + id + ".");
+ SaveSystem.CurrentSave.StoriesExperienced.Remove(id);
+ SaveSystem.SaveGame();
+ }
+ else
+ {
+ Console.WriteLine("Story ID not found.");
+ }
+
+ return true;
+ }
+ }
+}
generated by cgit v1.2.3 (git 2.46.0) at 2026-06-04 13:54:28 +0000