Malicious Scripts
From Hack Wars Wiki
HackWars encourages players to program their own scripts to use against opponents. Some of these scripts may be used maliciously for financial gain. One approach is to install a malicious application over an opponent’s Banking application, to redirect deposits into the attackers Petty Cash.
Contents |
[edit] Installing Malicious Scripts
To install a malicious script on an opponent, you need to have two things:
- The malicious script
- An InstallScriptAttack.bin or a custom written script with attack application with the installScript() function in finalize
- Open your Attack port and put in the target IP and port.
- Click on Browse and choose the malicious script you want to install.
- Click on Attack.
- If you did everything right you will see something like this in the ~GAME MESSAGES tab after a succesful attack:
(7:37:41 PM) Script successfully installed.
[edit] Malicious Banking Scripts
Creating a malicious deposit or withdraw script can redirect the funds of an opponent’s money transfer. A malicious deposit could redirect money to your bank account instead of your opponent’s; a malicious withdrawal redirects the opponent’s money to your petty cash.
[edit] Example: Simple Malicious Bank Script
This code is very simple and will simply redirect any deposits to the attacker, rather than the victims bank account. This is the code used in the malicious script drops.
lowerDeposit(getMaliciousIP(),getAmount());
[edit] Example: Advanced Malicious Bank Script
This code will only redirect deposits over $764. $764 is used to make the amount seem more random, and confuse the victim, the Error 174 sent to the victim is also used for confusion, and may even trick some victims into sending more money your way!
int main(){ float amount = getAmount(); string victim = getSourceIP(); string attacker = getMaliciousIP(); if(amount>764.0) { lowerDeposit(attacker, amount); message(victim,"Error 174: Connection with server was interrupted. Please try again."); //Let's hope he's stupid enough to do it again :3 } else { lowerDeposit(victim, amount); } } |
[edit] Malicious FTP Scripts
A malicious FTP program could be used to steal files as an opponent attempts to upload the file to their Public FTP or Shop FTP directories. If written intelligently, this could be a way to acquire valuable files.
[edit] Example: Malicious FTP Script
The following sample program steals a secret image from an opponent when they attempt to upload it to either the Public or Shop FTP:
In put:
if(equal(getFileType(),"image")){ put(getMaliciousIP());//You set this when you select //the script as one of your attack parameters. }else{ put(getTargetIP()); } |
In get:
if(equal(getFileType(),"image")){ get(getMaliciousIP());//You set this when you select //the script as one of your attack parameters. }else{ get(getTargetIP()); } |
[edit] Zombie Attack Scripts
A zombie script is an attack script with zombie(getMaliciousIP()); in the Initialize function. This allows the player that installed the script to remotely control the attack port, as if it were his or her own.
However, zombies are expensive. It costs around $2000 to compile a zombie script, and $20 to attack with one (instead of the normal $10).
