Help: I got locked out

I got locked out
Alphadon
Aug. 17, 2016, 5:54 a.m.

Hi. I was testing netcat for automating telnet access, and I accidentally sent a large block of data to the server due to autocorrect. I have now been blocked from the domain due to a perceived DoS attack. Please unblock me. Thanks, Alphadon


I got locked out
Alphadon
Aug. 17, 2016, 5:54 a.m.

P.S. I am posting via proxy server.


I got locked out
kveroneau(Game Creator)
Aug. 17, 2016, 6:04 a.m.

I unblocked the IP address which I blocked this morning. Please be more careful next time, it knocked out many services. I ended up putting a data limit during the character login phase to terminate similar activity in the future.

You really shouldn't be automating telnet access either, as it will essentially slow down other player connected sockets on the server preventing other players from enjoying the game as it is intended.

I also checked the characters coming into the server, and it was entirely random data, which is why I blocked it in the first place as it appeared more like a buffer overflow than a botted telnet client. Zuris thought someone basically did a cat /dev/urandom to the telnet socket.


I got locked out
Alphadon
Aug. 17, 2016, 5:40 p.m.

What happened is that I accidentally tab-autocompleted a binary file to send. Naturally, this caused problems.


I got locked out
kveroneau(Game Creator)
Aug. 17, 2016, 6 p.m.

If you need to automate file creation, I'd recommend using a scriptable FTP client. Networking will eventually introduce the ability to talk with an in-game host from the real world. This will enable you to easily create custom protocols and run a real world program which could do some sort of automation through this client. This will allow access to any in-game host unlike how FTP is limited to your home host. The protocol will work along these lines:

TCP connect from real world to say hackers-edge.com:1338 your initial packets will be something like: $18,$db,$3,$38,$17. Which will connect the socket to in-game host 24.219.3.56:23, the remaining packets sent will be sent to that host, and the in-game VM code will respond according to the code you write.

This is only a draft on how the protocol will work, I'm thinking that the server will first send a version packet to let client programs know if anything has been changed or anything new has been added.

I will create and open source a Python netcat like tool which can be used to connect to in-game hosts and debug/test things.


I got locked out
Alphadon
Aug. 17, 2016, 7:47 p.m.

Allow me to explain exactly what happened. I had devised a system, whereby a shell script was used to read a series of commands from a specially formatted text file and send it through netcat over telnet. However, at the time the incident occured, I had not yet written the script and was doing it manually. Unfortunately, an autocorrect error caused a binary to be specified as the input file, and several hundred megabytes of raw binary data were sent over the telnet channel, crashing the server. And yes, I now know that even if it had worked, that still would have been a terrible idea, but I didn't at the time.

And looking back, it appears the binary was...a Windows boot partition image. Don't ask, my workspace is really messy. :P


I got locked out
kveroneau(Game Creator)
Aug. 17, 2016, 8:19 p.m.

Okay, that makes sense. On a positive note, it forced me to implement a means to hopefully prevent that type of DDoS in the future. As the game gains more public traction, it's bound to attract real world hackers wanting to DDoS the game to bring it down. This evening I may try and netcat in a binary image to telnet and see how it stands up with the latest update. I'll try it on my local dev server first.


I got locked out
Alphadon
Aug. 18, 2016, 6:27 p.m.

I would like to test your new anti-http bot system. Please stand by to unban me.


I got locked out
kveroneau(Game Creator)
Aug. 18, 2016, 7:45 p.m.

I did a couple simple tests last night after putting the code in, and it terminated the connection fairly quickly. Give it a shot, it won't ban you from the entire server, just the game engine will ban you. So you can still access the forums.