Grey Hack News

[h3]Changelog[/h3]

- CCTVs now have a user created with the name "cctv", whose password is the one required to access the camera instead of the root password.
NOTE: This change only applies to CCTVs generated from now on. The CCTVs generated prior to this update will continue to accept the root password to access.

- Added Social Engineering option to ask the network administrator for the password of a specific CCTV. The name of the administrator, the local address of the camera and the name of any npc that exists on the network are required.

- Fixed bug that caused admins to always restore CCTVs even if it was not necessary.

- Fixed Bug #187: Terminal and UI Main (social engineering) have the same focus.

- Fixed minor visual bugs in the Email program.

- Fixed bug in the rm command, not showing certain error messages if the deletion could not be performed.

[h3]Update v0.7.3595a[/h3]

- Fixed regression bug when not correctly exiting to the previous shell from a subterminal that had become a main terminal, showing the FileSystem of the previous system.

- Fixed bug when showing recent pages created by players, returning an incorrect order.(2)

[h3]Update v0.7.3593a[/h3]

- Copy, move, rename and touch methods during encode/decode are not allowed.

- Fixed bug in the terminal that did not return to prompt if a command was executed in a shell of a computer that had been deleted with ConfigLan.

- Fixed bug in ScanLan when showing certain local IPs as invalid.

[h3]Changelog[/h3]

- Fixed regression bug that caused emails with the details of some missions not to be received, especially affecting police missions.

The public build has been updated with the latest available version of the game!

As usual, since the nightly version becomes the public version, the nightly branch has been closed until the next cycle.
Here is a summary of the main changes and features.

[h3]Player custom networks[/h3]


Now rented servers are expanded to rented networks!
By renting a server, new devices can be added to the network, such as routers, switches, hubs or more servers to improve the security of your network, in addition to being able to add firewalls.

With the new ConfigLan tool, you will be able to remotely manage your networks, as well as reset them to their original state if for some reason you have lost the possibility of re-entering the network, either due to a configuration error or a hack.

[h3]Sniffers[/h3]


With the introduction of sniffers, players can capture the passwords of npcs and other players.

Now the ssh and ftp services allow an encrypted connection, causing sniffers to only capture encrypted passwords. Although ssh and ftp have a default encryption method, it is easily creackable, since the source code is available for study in the Manual.

Therefore players can program their own encryption system to be used with these services, so that other players can try to crack the encryption system to obtain the password.

This mechanic consist of two scripts that will have to be installed on the server, Encode and Decode. Where sniffers can also capture the source code from Encode, but not from Decode.
As you can imagine, sniffers and encrypted connections will have more prominence in Multiplayer mode than in Single Player mode.

[h3]CCTV[/h3]


Security cameras have also been implemented, adding one more attack vector.
In some networks you will find security cameras installed, usually in companies, that can show the interior of these buildings. If you look closely at the environment you may find useful information.

The cameras are accessible through the browser, since they use an http server to make the connection, although they require a password to access.

[h3]Reverse shells[/h3]
That is, the victim connects to you, instead of you to the victim. This technique allows access to computers that do not have any service installed.

Reverse shells implicitly include the use of a Trojan, since to perform a reverse shell, you must first get the victim to execute your code through social engineering, and this code will install a local service that will connect to your IP as soon as possible, giving you access to a shell.

Keep in mind that you will have to have a publicly accessible service, such as ssh, for this technique to work, making you vulnerable to attacks from others.

[h3]Firewalls[/h3]


Firewalls can be activated on routers, and can be configured to block the entry of traffic through a specific port, or on the contrary allow access to certain IP addresses.

While some versions of kernel_router.so may allow an exploit to disable the firewall, the secure versions will need a bit more work to get through the firewall.

With the new scanrouter tool, which you will be able to find in hackshops, you will be able to scan routers from the outside to know their firewall configuration, in this way you can know which IP addresses are allowed, opening a possible entry to the system when connecting through a machine with a allowed IP.

[h3]Bug-fixes and other improvements[/h3]


Improvements have also been added to the interface as well as to the search for content from other players in the internet seach engine, sorting player made web pages by popularity.

In addition to this new features, a significant number of bugs have been fixed. You can check the details in the changelogs of the nightly build prior to this version.

Thanks for your feedback and support!
More news soon!

[h3]Changelog[/h3]

- Fixed regression bug causing sniffers not to capture the password of an encrypted ssh connection, if the credentials had been entered incorrectly.

- Fixed bug that left the terminal unstable after receiving the message "Terminal already open."

- Removed the message "Terminal already open". Now it is allowed to make an ssh connection to itself.

- Fixed regression bug that sometimes caused windows that were not connected to certain main terminals to close when the connection ends.

- Fixed bug in ScanLan that caused some CCTV to have the wrong icon.

- Fixed bug that could cause an npc admin to restore user accounts belonging to other devices on the lan, creating duplicate users on the network.

[h3][Nightly] Update v0.7.3584a[/h3]

- Added new button on the internet search page, to show the web pages created by players ordered by popularity. The popularity of a web page will increase as it receives unique visits to the web.

- Added new button on the internet search page to show a random web page created by a player.

- Fixed bug when showing recent pages created by players, returning an incorrect order.

- Fixed crash in the file.copy and file.move methods, when passing null in any of the arguments.

[h3]Changelog[/h3]

- Added vulnerability in kernel_router.so library requiring a specific number of computers using the router as gateway.

- The ssh connection is interrupted if there is an error in the encryption when enabled.

- When connecting by ssh, if there is an error in the encryption when enabled, instead of showing the plain password, the sniffer will capture the encrypted password or no password if it has not been encrypted due the error.

- The /lib folder may have permissions open to guest in networks whose admin has low skills.

- Fixed bug whereby an administrator did not restore the router if the kernel_router.so library had been deleted (2)

- Fixed regression bug that prevented a remote sub-terminal from closing with the exit command.

- Fixed regression bug whereby open programs from a subterminal were not closed when it was closed directly.

- Updated moderation tools.

- Added field in sshd.conf to disable the "Encryption enabled" message if encryption is enabled.

- Fixed regression bug in exploits generated in hackshops that used decipher, causing an error to always be returned.

[h3][Nightly] Update v0.7.3584a[/h3]

- Added new button on the internet search page, to show the web pages created by players ordered by popularity. The popularity of a web page will increase as it receives unique visits to the web.

- Added new button on the internet search page to show a random web page created by a player.

- Fixed bug when showing recent pages created by players, returning an incorrect order.

- Fixed crash in the file.copy and file.move methods, when passing null in any of the arguments.