Computer Science Canada

Gravity cube

Author:  irobots [ Thu Jun 20, 2013 11:54 am ]
Post subject:  Gravity cube

This is my isu called gravity cube which was a simple recreation of gravity duck. Please note that in the beggening is may say you got hacked and then open your dvd drive bay but i assure you that it is part of the program and you did not actually "get hacked". Also, the first couple of levels were a bit distorted and you may win the game accidently as it works of what dot colour which may sense the winning colour in the spikes or something. there is also a little problem with the sound turning on after you stop it or pause.

anyway
enjoy.

Author:  Nathan4102 [ Thu Jun 20, 2013 12:21 pm ]
Post subject:  RE:Gravity cube

Could you post the source instead of the .exe?

Author:  irobots [ Thu Jun 20, 2013 12:48 pm ]
Post subject:  Re: Gravity cube

why? I assure you that it is not a virus. I will post the source if i get enough interest though

Author:  badadvice [ Thu Jun 20, 2013 2:50 pm ]
Post subject:  Re: Gravity cube

fun on a bun

Author:  Raknarg [ Thu Jun 20, 2013 4:28 pm ]
Post subject:  RE:Gravity cube

In general, the people here are more interested in code rather than your product, especially if it's good.

Author:  badadvice [ Thu Jun 20, 2013 4:35 pm ]
Post subject:  Re: Gravity cube

irobots said that he will post the code if he gets enough interest. I pm'd him and i recommend you do to if you really want to see it. u could comment to so he hopefully releases it to everyone. Also, how did he get my dvd drive to open???

Author:  Raknarg [ Thu Jun 20, 2013 4:44 pm ]
Post subject:  RE:Gravity cube

there's probably a simple sys.exec function for it.. I can't imagine why it's necessary

Author:  badadvice [ Thu Jun 20, 2013 4:47 pm ]
Post subject:  Re: Gravity cube

looked all over the computer for it and online. could not find any exe. also, did anybody notice it says "you got hacked" at the beggining, he didnt have any audio for it. Could someone plz tell me how to open dvd drive with turing, it seems like the coolest thing

Author:  Nathan4102 [ Thu Jun 20, 2013 4:59 pm ]
Post subject:  RE:Gravity cube

AFAIK, opening the disc drive isn't possible with turing. Unless, of course, you run a .exe compiled from another language through turing.

Author:  badadvice [ Thu Jun 20, 2013 5:00 pm ]
Post subject:  Re: Gravity cube

how do you do this? It had the turing logo so it couldnt have been changed, right?

Author:  Nathan4102 [ Thu Jun 20, 2013 5:02 pm ]
Post subject:  RE:Gravity cube

A .exe's display picture can easily be changed. If you want to find out what he did, ask him.

Author:  Raknarg [ Thu Jun 20, 2013 5:02 pm ]
Post subject:  RE:Gravity cube

You can execute other exe's through turing.

Alo, like nathan said, you can change the icon

Author:  irobots [ Thu Jun 20, 2013 5:07 pm ]
Post subject:  Re: Gravity cube

did it open the dvd drives for all of you, just out of curiosity? I know it worked for you badadvice Wink. And no, i did not alter the integrity of the outputed exe from turing at all with any other program

Author:  Zren [ Thu Jun 20, 2013 5:09 pm ]
Post subject:  RE:Gravity cube

I'm guessing you also learned VB this year?

Edit: Snip

Anyhow, figured I put up some screenshots. T'is a neat enough game. To improve on it, the yellow orbs could have arrows to show which way the gravity will change to.

Posted Image, might have been reduced in size. Click Image to view fullscreen.

Posted Image, might have been reduced in size. Click Image to view fullscreen.

Posted Image, might have been reduced in size. Click Image to view fullscreen.

Author:  irobots [ Thu Jun 20, 2013 5:18 pm ]
Post subject:  Re: Gravity cube

Thank you for decompiling my code and then showing it to everyone. Much appreciated (sarcastic if you did not notice Wink )

Author:  Zren [ Thu Jun 20, 2013 5:41 pm ]
Post subject:  RE:Gravity cube

I didn't decompile it. There are no decompilers for Turing (hell there's only two compilers).

Just know that strings in your code will appear as plain text in machine code.

I snipped it out the string table though for you though.

Author:  irobots [ Thu Jun 20, 2013 5:46 pm ]
Post subject:  Re: Gravity cube

ok, but the point is, is that this is my ISU which i put on here since it was an exe, hopping to share it with people, not give away the code. I was not considering that someone might get information out of it and post it on here, jeprodising my mark.

Author:  Dan [ Thu Jun 20, 2013 5:52 pm ]
Post subject:  Re: Gravity cube

As far as I can tell by just looking at the exe (i am far to lazy to set up a sandbox to test it or use a debugger on it) it seems harmless.

It looks like it makes a VB script source file and runs it through a sys.exe call. The file (open.vbs) likely looks something like the following:

VisualBASIC:

Set objCdDrive = CreateObject("WMPlayer.OCX.7")
Set colCDROM = objCdDrive.cdromCollection
colCDROM.Item(i).Eject


There is also one with the same name for text to speech called spk.vbs:

VisualBASIC:

Set objVoice = CreateObject("SAPI.SpVoice")
objVoice.Speak ("You got hacked. You got hacked. You got hacked")


I don't see any strings with commands that might do anything close to "hacking" your computer, however it is still silly to run a random exe file you get online from some forum. I recommend no one runs it and wait for the source code.


Also, badadvice, it looks like you are a sockpuppet account for irobots (at the very least your are posting from the same home IP). Having more then one account is against the ToS of the site and may lead to a ban on both your accounts. There is no need to make posts on an alternative account to promote your work.

Edit: Looks like Zren got to it first. But I am not planing on editing out my code, if you want to claim you hacked someones computer, you can't complain when some one looks in to that claim.

Author:  irobots [ Thu Jun 20, 2013 6:08 pm ]
Post subject:  Re: Gravity cube

close, but not exactly. My friend made the account shortly after i made mine and evidently, it turns out the school network creates one ip or computer in the same room have one ip. He always follows everything i do trying to get the source and when i dont tell him he tries getting everyone else to figure it out. Thats why i did not want anyone posting the source, along with it being my isu.

Also hacker dan, i speciffically said that i was not hacking into anybody's computer and it was not a virus, it was just something new and unique i added to my program for fun

Author:  Dan [ Thu Jun 20, 2013 6:15 pm ]
Post subject:  Re: Gravity cube

irobots @ 20th June 2013, 6:08 pm wrote:
close, but not exactly. My friend made the account shortly after i made mine and evidently, it turns out the school network creates one ip or computer in the same room have one ip. He always follows everything i do trying to get the source and when i dont tell him he tries getting everyone else to figure it out. Thats why i did not want anyone posting the source, along with it being my isu.


1. It's an IP for a home ISP.
2. It's the IP from your last post (not when you registered)
3. It's 7:12PM right now, are you still at school?

Either you are the same person, or he is posting from inside your house....RUN!

Author:  Zren [ Thu Jun 20, 2013 6:19 pm ]
Post subject:  RE:Gravity cube

Your source code (besides that embedded into strings) is safely in the mysterious zone. Machine code isn't legible in the least.

code:
...hdhX.???????.P??,????.?.j..M?Q?U?R?E?P?M.Q??...??.?U????????????..?????P?M?U?D??P?T,????.?M??.??.?????????????M..T?.???????E.?.????;H.s.??????3??.??.??u(?M.?A.....?U.?E??.?J.j?j.h?...???????.?+?U??.%?...?.?????Q.?M?..???????..`?.?????.?U??.??.?M??.??...?U??.??.?M??.?U??.??.???????.?????U..D?.???????M.??????;Q.s.??????3?.??.??u(?U.?B.....?E.?M??.?P.j?j.h?...???????.?,?E??..??...???????B.?..?M???????.. ?.?????.?U??.??.???????.?????U..D?.???????M.??????;Q.s.??????3?.??.??u(?U.?B.....?E.?M??.?P.j?j.h?


Some other ways this was noticeable:


  • I could have (and did) noticed the seperate process running in the TaskManager or more specifically in my case, Process Explorer which shows child processes.
  • I could have used Process Monitor to see what your executable had rights to do (in real time). Thus noticing the creating of the two files.


Edit:
Ways this technique is used in the real world:

Encrypting the code in Base64, then having the string called with sys_exec(decode_base64("BASE64 STRING HERE")) somewhere in the program. Look out for this in source code you use (always read the source). Also look out for it if your server has been compromised. Sometimes a server running a PHP website will have one (or several) line(s) of code changed somewhere you aren't bound to look (like the libary file includes that you don't ever look at.

Not all uses are malicious though. You can use this for incredibly complex code obfuscation. http://compsci.ca/v3/viewtopic.php?t=7349 I'm not sure if that's the one, but there's some code out there that takes that string, compiles it in one language, then executes that compiled code in another language, like >3 different times.


: