cntkillme
|
  |
| Joined: 07 Apr 2008 |
| Total Posts: 44956 |
|
|
| 05 Feb 2015 06:17 PM |
| NVM changing the real property isn't breaking into read-only |
|
|
| Report Abuse |
|
|
|
| 05 Feb 2015 06:17 PM |
I'm not sure what your point here is.
Maybe you're not familiar enough with Lua to understand how 'userdata' is a special protected case introduced for C-sided work (hence why it went undocumented in Lua 5.1).
The userdata you've created cannot be "hacked," as you put it, because that is simply why userdata was made. Notice ROBLOX's objects are actually all carefully crafted C-data using a userdata to represent them. This protects them from Lua editing - which is why Lua libraries were also changed to be userdata.
Essentially, using a userdata is equivalent to creating an OOP-like object in the parent language (C++).
If you would have read up on userdata implementation or documentation (on the C side of the code) you would have already known this cannot be changed from a Lua script (not being its own). |
|
|
| Report Abuse |
|
|
|
| 05 Feb 2015 06:17 PM |
weird.... it now sometimes does and sometimes gives me a error |
|
|
| Report Abuse |
|
|
|
| 05 Feb 2015 06:21 PM |
nvm got it, placed a wait() at the beginning of script2
it now places the service into the workspace |
|
|
| Report Abuse |
|
|
cntkillme
|
  |
| Joined: 07 Apr 2008 |
| Total Posts: 44956 |
|
|
| 05 Feb 2015 06:22 PM |
| The point is to change a property from the read-only table, which I think is impossible right now. Changing the actual folder property is not doing what the OP is asking. |
|
|
| Report Abuse |
|
|
|
| 05 Feb 2015 06:22 PM |
@Elite (about your next solution)
That wouldn't work either, your just changing the real folder's .Name
In your second script you also have to use these lines:
local Services = require(workspace.Services) local game = Services:Setup()
cntkillme found a way to change the real folder's .Name even with the above, however I don't consider it valid since he never affected the read-only table.
@Seranok Just making sure people can't accidentally (no matter how bizarre it is, accidents happen) modify secure read-only values. |
|
|
| Report Abuse |
|
|
|
| 05 Feb 2015 06:25 PM |
@DrMath
I understand that, also newproxy is completely removed in 5.2 (I'm glad we're on 5.1 atm on roblox)
I just wanted to make sure there was no haxxy use to allow bypassing into my read-only table. I've already acknowledged your points while creating it, but there are clever things out there, so you never know. |
|
|
| Report Abuse |
|
|
cntkillme
|
  |
| Joined: 07 Apr 2008 |
| Total Posts: 44956 |
|
|
| 05 Feb 2015 06:27 PM |
| Well the 'clever things' come from the programmer's side, not the userdata :) |
|
|
| Report Abuse |
|
|
Seranok
|
  |
| Joined: 12 Dec 2009 |
| Total Posts: 11083 |
|
|
| 05 Feb 2015 06:34 PM |
I can think of numerous ways to bypass this. Here's one.
local Services = require(workspace.Services:Clone()) local game = Services:Setup() local service = Services.new("Test", {}) getfenv(Services.new).rawget = function() end print(service.Name) --> Test service.Name = "44" print(service.Name) --> 44
The problem is you will patch this and think "it's secure now." No it's not. There are numerous other ways to bypass this security, some of which no one knows about. |
|
|
| Report Abuse |
|
|
|
| 05 Feb 2015 06:39 PM |
| Well mine worked, it really placed it into workspace. |
|
|
| Report Abuse |
|
|
cntkillme
|
  |
| Joined: 07 Apr 2008 |
| Total Posts: 44956 |
|
|
| 05 Feb 2015 06:39 PM |
| God damnit I over thought this... How are you sera, I got in via him calling error and table.insert :( |
|
|
| Report Abuse |
|
|
|
| 05 Feb 2015 06:45 PM |
@seranok
You are right, I did patch that, and I do think it's secure now. I also patched other things based around what you just did.
I challenge you to bypass it now. |
|
|
| Report Abuse |
|
|
Seranok
|
  |
| Joined: 12 Dec 2009 |
| Total Posts: 11083 |
|
|
| 05 Feb 2015 06:47 PM |
Oh my gosh, what did I just say.
"You are right, I did patch that, and I do think it's secure now."
...
IT'S NOT SECURE! THERE ARE PROBABLY AT LEAST A DOZEN WAYS TO BYPASS IT. WHY ARE YOU TRYING TO SECURE THIS WHEN IT DOESN'T EVEN NEED SECURING? If the game creator wants to screw with your system, he can easily do it simply by removing the fake service from the data model etc. |
|
|
| Report Abuse |
|
|
|
| 05 Feb 2015 06:49 PM |
@Elite you didn't modify a read-only property
You modified the real Folder object.
It don't count ;D |
|
|
| Report Abuse |
|
|
cntkillme
|
  |
| Joined: 07 Apr 2008 |
| Total Posts: 44956 |
|
|
| 05 Feb 2015 06:49 PM |
| sera it's probably for practice for him, obv. anyone can just edit the script. |
|
|
| Report Abuse |
|
|
|
| 05 Feb 2015 06:51 PM |
@Sera It's an exercise for you to find bypasses, while it's practice for me to patch them.
Not to mention I think I patched most of your ideas. |
|
|
| Report Abuse |
|
|
BowtieMod
|
  |
| Joined: 01 Apr 2013 |
| Total Posts: 804 |
|
|
| 05 Feb 2015 06:52 PM |
Bug: Manual modification of user memory causes value to change
Fix please |
|
|
| Report Abuse |
|
|
|
| 05 Feb 2015 06:54 PM |
Guess what... game.Workspace.Services:Destroy()
end of the story :3 |
|
|
| Report Abuse |
|
|
|
| 05 Feb 2015 06:57 PM |
| @Seranok I just patched an Instance table exploit, either pretend Instance is local, or reinsert :D |
|
|
| Report Abuse |
|
|
Seranok
|
  |
| Joined: 12 Dec 2009 |
| Total Posts: 11083 |
|
|
| 05 Feb 2015 06:58 PM |
It's not worth my time.
You are ignoring obvious vulnerabilities because you expect attackers to only attack a very specific part of your script.
You think you can make your script secure by patching all the vulnerabilities you know about. Well this doesn't work. You know why? Because I can see vulnerabilities in your code right now, and I'm not going to tell you what they are. So you're going to have to live with the knowledge that your code is insecure. |
|
|
| Report Abuse |
|
|
|
| 05 Feb 2015 07:06 PM |
@seranok
I honestly don't think you can change the ClassName atm. I patched many of the exploits you can probably find. |
|
|
| Report Abuse |
|
|
|
| 05 Feb 2015 07:08 PM |
I think Seranok says its not possible. And that you can't stop game developers from messing up your script. |
|
|
| Report Abuse |
|
|
|
| 05 Feb 2015 07:16 PM |
| Seranok is also saying that whatever patches you make, there will always be ways to bypass it. This is completely true. |
|
|
| Report Abuse |
|
|
cntkillme
|
  |
| Joined: 07 Apr 2008 |
| Total Posts: 44956 |
|
|
| 05 Feb 2015 07:18 PM |
| There are a bunch of vulnerabilities I can see but not sure if there is a way to write to the readonly table. :[ |
|
|
| Report Abuse |
|
|
cntkillme
|
  |
| Joined: 07 Apr 2008 |
| Total Posts: 44956 |
|
|
| 05 Feb 2015 07:21 PM |
| Hehe figured it out hooray for global variables |
|
|
| Report Abuse |
|
|