API tools faq
paste
Advertisement
Communeguy

CGClear Admin

Communeguy
Nov 23rd, 2014
245
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Lua 14.57 KB | None | 0 0
raw download clone embed print report
  1. --CGClearServ v.0.0.7
  2. --Credential Administration Tool
  3. --Recommended Filename "CGCAdmin"
  4. --Full Documentation unavailable.
  5.  
  6. --Begin Variable Config Block
  7. local v = "v.0.0.7"
  8. local mSide = "top" -- the side on which the modem has been placed.
  9. local reqChan = 1 -- The channel the server will want to receive requests on.
  10. local userChan = 2 -- the channel the server will send username information on
  11. local passChan = 3 -- The channel the server uses to send password information
  12. local credChan = 4 -- the channel the server uses to send credential information
  13. local keyChan = 5 -- the channel that the administrator uses to send current tables to the server.
  14. local downChan = 6 -- the channel that the server uses to talk to the client.
  15. local saltChan = 7 -- the channel that the server uses to talk to the client.
  16. local sodium = 16 -- the size (in bits) of the desired salts. Version max is 16.
  17. local trust = "anything" -- the code the admin program expects from a trusted server.
  18.  
  19. --SHA-256 by GravityScore
  20.  
  21. --  
  22. --  Adaptation of the Secure Hashing Algorithm (SHA-244/256)
  23. --  Found Here: http://lua-users.org/wiki/SecureHashAlgorithm
  24. --  
  25. --  Using an adapted version of the bit library
  26. --  Found Here: https://bitbucket.org/Boolsheet/bslf/src/1ee664885805/bit.lua
  27. --  
  28.  
  29. local MOD = 2^32
  30. local MODM = MOD-1
  31.  
  32. local function memoize(f)
  33.         local mt = {}
  34.         local t = setmetatable({}, mt)
  35.         function mt:__index(k)
  36.                 local v = f(k)
  37.                 t[k] = v
  38.                 return v
  39.         end
  40.         return t
  41. end
  42.  
  43. local function make_bitop_uncached(t, m)
  44.         local function bitop(a, b)
  45.                 local res,p = 0,1
  46.                 while a ~= 0 and b ~= 0 do
  47.                         local am, bm = a % m, b % m
  48.                         res = res + t[am][bm] * p
  49.                         a = (a - am) / m
  50.                         b = (b - bm) / m
  51.                         p = p*m
  52.                 end
  53.                 res = res + (a + b) * p
  54.                 return res
  55.         end
  56.         return bitop
  57. end
  58.  
  59. local function make_bitop(t)
  60.         local op1 = make_bitop_uncached(t,2^1)
  61.         local op2 = memoize(function(a) return memoize(function(b) return op1(a, b) end) end)
  62.         return make_bitop_uncached(op2, 2 ^ (t.n or 1))
  63. end
  64.  
  65. local bxor1 = make_bitop({[0] = {[0] = 0,[1] = 1}, [1] = {[0] = 1, [1] = 0}, n = 4})
  66.  
  67. local function bxor(a, b, c, ...)
  68.         local z = nil
  69.         if b then
  70.                 a = a % MOD
  71.                 b = b % MOD
  72.                 z = bxor1(a, b)
  73.                 if c then z = bxor(z, c, ...) end
  74.                 return z
  75.         elseif a then return a % MOD
  76.         else return 0 end
  77. end
  78.  
  79. local function band(a, b, c, ...)
  80.         local z
  81.         if b then
  82.                 a = a % MOD
  83.                 b = b % MOD
  84.                 z = ((a + b) - bxor1(a,b)) / 2
  85.                 if c then z = bit32_band(z, c, ...) end
  86.                 return z
  87.         elseif a then return a % MOD
  88.         else return MODM end
  89. end
  90.  
  91. local function bnot(x) return (-1 - x) % MOD end
  92.  
  93. local function rshift1(a, disp)
  94.         if disp < 0 then return lshift(a,-disp) end
  95.         return math.floor(a % 2 ^ 32 / 2 ^ disp)
  96. end
  97.  
  98. local function rshift(x, disp)
  99.         if disp > 31 or disp < -31 then return 0 end
  100.         return rshift1(x % MOD, disp)
  101. end
  102.  
  103. local function lshift(a, disp)
  104.         if disp < 0 then return rshift(a,-disp) end
  105.         return (a * 2 ^ disp) % 2 ^ 32
  106. end
  107.  
  108. local function rrotate(x, disp)
  109.     x = x % MOD
  110.     disp = disp % 32
  111.     local low = band(x, 2 ^ disp - 1)
  112.     return rshift(x, disp) + lshift(low, 32 - disp)
  113. end
  114.  
  115. local k = {
  116.         0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
  117.         0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
  118.         0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
  119.         0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
  120.         0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
  121.         0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
  122.         0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
  123.         0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
  124.         0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
  125.         0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
  126.         0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
  127.         0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
  128.         0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
  129.         0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
  130.         0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
  131.         0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2,
  132. }
  133.  
  134. local function str2hexa(s)
  135.         return (string.gsub(s, ".", function(c) return string.format("%02x", string.byte(c)) end))
  136. end
  137.  
  138. local function num2s(l, n)
  139.         local s = ""
  140.         for i = 1, n do
  141.                 local rem = l % 256
  142.                 s = string.char(rem) .. s
  143.                 l = (l - rem) / 256
  144.         end
  145.         return s
  146. end
  147.  
  148. local function s232num(s, i)
  149.         local n = 0
  150.         for i = i, i + 3 do n = n*256 + string.byte(s, i) end
  151.         return n
  152. end
  153.  
  154. local function preproc(msg, len)
  155.         local extra = 64 - ((len + 9) % 64)
  156.         len = num2s(8 * len, 8)
  157.         msg = msg .. "\128" .. string.rep("\0", extra) .. len
  158.         assert(#msg % 64 == 0)
  159.         return msg
  160. end
  161.  
  162. local function initH256(H)
  163.         H[1] = 0x6a09e667
  164.         H[2] = 0xbb67ae85
  165.         H[3] = 0x3c6ef372
  166.         H[4] = 0xa54ff53a
  167.         H[5] = 0x510e527f
  168.         H[6] = 0x9b05688c
  169.         H[7] = 0x1f83d9ab
  170.         H[8] = 0x5be0cd19
  171.         return H
  172. end
  173.  
  174. local function digestblock(msg, i, H)
  175.         local w = {}
  176.         for j = 1, 16 do w[j] = s232num(msg, i + (j - 1)*4) end
  177.         for j = 17, 64 do
  178.                 local v = w[j - 15]
  179.                 local s0 = bxor(rrotate(v, 7), rrotate(v, 18), rshift(v, 3))
  180.                 v = w[j - 2]
  181.                 w[j] = w[j - 16] + s0 + w[j - 7] + bxor(rrotate(v, 17), rrotate(v, 19), rshift(v, 10))
  182.         end
  183.  
  184.         local a, b, c, d, e, f, g, h = H[1], H[2], H[3], H[4], H[5], H[6], H[7], H[8]
  185.         for i = 1, 64 do
  186.                 local s0 = bxor(rrotate(a, 2), rrotate(a, 13), rrotate(a, 22))
  187.                 local maj = bxor(band(a, b), band(a, c), band(b, c))
  188.                 local t2 = s0 + maj
  189.                 local s1 = bxor(rrotate(e, 6), rrotate(e, 11), rrotate(e, 25))
  190.                 local ch = bxor (band(e, f), band(bnot(e), g))
  191.                 local t1 = h + s1 + ch + k[i] + w[i]
  192.                 h, g, f, e, d, c, b, a = g, f, e, d + t1, c, b, a, t1 + t2
  193.         end
  194.  
  195.         H[1] = band(H[1] + a)
  196.         H[2] = band(H[2] + b)
  197.         H[3] = band(H[3] + c)
  198.         H[4] = band(H[4] + d)
  199.         H[5] = band(H[5] + e)
  200.         H[6] = band(H[6] + f)
  201.         H[7] = band(H[7] + g)
  202.         H[8] = band(H[8] + h)
  203. end
  204.  
  205. local function sha256(msg)
  206.         msg = preproc(msg, #msg)
  207.         local H = initH256({})
  208.         for i = 1, #msg, 64 do digestblock(msg, i, H) end
  209.         return str2hexa(num2s(H[1], 4) .. num2s(H[2], 4) .. num2s(H[3], 4) .. num2s(H[4], 4) ..
  210.                 num2s(H[5], 4) .. num2s(H[6], 4) .. num2s(H[7], 4) .. num2s(H[8], 4))
  211. end
  212.  
  213. --Table/File Handling Protocols
  214. local function load(name)
  215. local file = fs.open(name, "r")
  216. local data = file.readAll()
  217. file.close()
  218. return textutils.unserialize(data)
  219. end
  220.  
  221. local function save(table, name)
  222. local file = fs.open(name, "w")
  223. file.write(textutils.serialize(table))
  224. file.close()
  225. end
  226.  
  227.  
  228. --Initialization
  229. --It is desirable that each individual program on this computer wrap the modem separately.
  230. modem = peripheral.wrap(mSide)
  231. modem.open(downChan)
  232. modem.open(userChan)
  233. modem.open(passChan)
  234. modem.open(saltChan)
  235. modem.open(credChan)
  236. print("Requires your CGClear Admin Key:")
  237. local input = read("*")
  238. print("Valid Trust Key Input. Getting Database.")
  239. modem.transmit(reqChan, downChan, sha256(input)) --Asks the server if this is a valid administrator
  240. local event, modemSide, senderChannel, replyChannel, message, senderDistance = os.pullEvent("modem_message")
  241. if message == sha256(trust) then-- verifies that the server responding is the correct server.
  242.     print("Server authentication complete.")
  243.     modem.transmit(reqChan, downChan, "ping") -- tells the server to send the first packet.
  244.     local event, modemSide, senderChannel, replyChannel, message, senderDistance = os.pullEvent("modem_message")
  245.     userHash = message -- turns the message into the UsersHash Table.
  246.     print("Usernames Received.")
  247.     modem.transmit(reqChan, downChan, "ping")
  248.     local event, modemSide, senderChannel, replyChannel, message, senderDistance = os.pullEvent("modem_message")
  249.     passHash = message -- turns the message into a table, passHash.
  250.     print("Passwords Received.")
  251.     modem.transmit(reqChan, downChan, "ping")
  252.     local event, modemSide, senderChannel, replyChannel, message, senderDistance = os.pullEvent("modem_message")
  253.     credHash = message -- turns the message into table credHash
  254.     print("Clearance Data Received. Initializing Admin System.")
  255.      salt = table.getn(userHash)     -- gets the number of users in the OLD hash
  256.     tableSalt = {}                          -- Establishes the salt table which will be run GUID key to Salt.
  257.         if salt == 1 then
  258.             tableSalt[1] = {sha256(tostring(math.random(1,(2^sodium))))}
  259.         else   
  260.             for s = 1, salt do                      -- Builds a whole new salt table for everyone to ensure security
  261.                 table.insert(tableSalt, s, sha256(tostring(math.random(1,(2^sodium)))))
  262.             end
  263.         end
  264.             sleep(1)
  265.             term.clear()
  266.             term.setCursorPos(1,1)
  267.             access = true
  268.     --else -- input did not match the trust variable. This is currently broken and depends on some server rewrites
  269.        -- print("Invalid Passcode")
  270.        -- sleep(1)
  271.        -- os.reboot() -- and consequently the player was not allowed to use this program
  272.         end
  273.        
  274. while true do
  275. if access == true then -- This creates the actual use environment.
  276.                 term.clear()
  277.                 term.setCursorPos(1, 1)
  278.                 print("Welcome to CGClear Administration " ..v)
  279.                 print("An Abbadon CompuSys Product.")
  280.                 print("--------")
  281.                 print("REM to remove users.")
  282.                 print("ADD to add a new user.")
  283.                 print("SAVE to safely close the program.")
  284.                 local cmd = read()
  285.                 if cmd == "REM" then -- This WHOLE sub governs the removal process.
  286.                         print("Remove which user from the system?")
  287.                         local user = read()
  288.                         write("This will remove " ..user " from the system. Enter admin key to proceed.")
  289.                         local input = read("*")
  290.                         if input == trust then
  291.                                 for k, v in pairs do
  292.                                     if v == sha256(user) then
  293.                                         guid = k
  294.                                     end
  295.                                 end
  296.                                 table.remove(passHash, guid)
  297.                                 table.remove(credHash, guid)
  298.                                 table.remove(saltHash, guid)
  299.                         else
  300.                                 print("Absent or Invalid Key. Removal Cancelled.")
  301.                                 cmd = 0
  302.                         end
  303.                 elseif cmd == "ADD" then --Okay, it wasn't a remove so it was an add...
  304.                         print("Please enter the new user's username:")
  305.                         local user = read()
  306.                         print("Please enter the new user's password:")
  307.                         local pass = read()
  308.                         print("Please enter the new user's clearance level. (1 is Highest):")
  309.                         local cred = read()
  310.                         table.insert(userHash, user) -- adds the user to the main Users file.
  311.                         --the for sub is trying to find the GUID of the new entry. And crashing.
  312.                             for k,v in pairs(userHash) do
  313.                                 if v == user then
  314.                                     guid = k
  315.                                 end
  316.                             end            
  317.                         local salty = tostring(math.random(1, 2^sodium)) -- Gets salt for the tables.
  318.                         table.insert(passHash, guid, sha256(pass .. salty)) -- concatenates password and salt and hashes them together.
  319.                         table.insert(credHash, guid, sha256(cred))
  320.                         table.insert(tableSalt, guid, salty)
  321.                         print(user.." ".." "..pass.." "..cred.." successfully added")
  322.                 elseif cmd == "SAVE" then -- oh, he must have told me to exit.
  323.                         print("Now exiting program.")
  324.                         modem.transmit(keyChan, downChan, sha256(trust))--sends back all the tables necessary.
  325.                         print("Authenticating to Server")
  326.                         local event, modemSide, senderChannel, replyChannel, message, senderDistance = os.pullEvent("modem_message")
  327.                         print(message)
  328.                         if message == sha256(trust) then
  329.                             print("Authentic Server Detected.")
  330.                                 modem.transmit(userChan, keyChan, textutils.serialize(userHash))
  331.                                 print("Uploading Users.")
  332.                                 userHash = purged -- for shiggles.
  333.                                 local event, modemSide, senderChannel, replyChannel, message, senderDistance = os.pullEvent("modem_message")
  334.                                 modem.transmit(passChan, keyChan, textutils.serialize(passHash))
  335.                                 print("Upload Passwords.")
  336.                                 passHash = purged -- for shiggles.
  337.                                 local event, modemSide, senderChannel, replyChannel, message, senderDistance = os.pullEvent("modem_message")
  338.                                 modem.transmit(credChan, keyChan, textutils.serialize(userHash))
  339.                                 print("updating credentials.")
  340.                                 credHash = purged -- for shiggles.
  341.                                 local event, modemSide, senderChannel, replyChannel, message, senderDistance = os.pullEvent("modem_message")
  342.                                 modem.transmit(saltChan, keyChan, textutils.serialize(tableSalt))
  343.                                 tableSalt = purged -- for shiggles.
  344.                                 print("Transmission Successful.")
  345.                                 --access = false
  346.                         else
  347.                                 print ("Spoofing System Detected. Changes could not be Saved.")
  348.                                 sleep(5)
  349.                         end    
  350.                 else -- This should be expanded to give an actual error message.
  351.                 term.clear()
  352.                 term.setCursorPos(1,1)
  353.                 end
  354. end
  355. end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!