Sunday, April 21, 2024 - 05:04

My hax

    Modified by on Sunday, July 22, 2007 - 18:59

    So I had a drawn out argument today in MarketPlace on Chaos with a couple people that have completely differing viewpoints from my own. Part of the argument was me stating my opinion backed up by personal eperience, and part of it was just me wanting to argue with someone for a while because I'm a bit stressed out from work. :P


    Anyway, it started (as most interactions these days do with the HZ community) with people telling me that my chat bot is stupid and should go to some private channel somewhere. then it evolved into why I'm doing it in the first place, and ym views on the state of the game in relation to the lack of development, and EI. In the end I probably alienated myself from half of the people who ever thought kindly of me in the past.


    Now, about my program.


    What it does:

    1) Dump packets for study.

    2) interpret sc-communication messages and relay them to a particular port

    3) listen for data on another port, and relay that text as a new cs-communication message


    When 2 and 3 are used together, a chat bridge can be made, such as my IRC chat proxy.


    What it does not do:

    1) Steal passwords

    2) Automatiucally trade.

    3) Automaticaly craft.

    4) Automatically hunt.

    5) Grant any wm powers.

    6) Move the character.


    What it could possibly do if given the motivation:

    Steal passwords (given that it works by intercepting command line options)

    Spoof /random rolls (verified)

    Any player action that is initiated by a cs-... message, given an example of such an action to replicate.



    Q. So if you can see all the packets, why are you only doing chat proxying?


    A1. Simple answer: Because I'm stuck. Communication messages are very simple, and easy to reconstruct even without knowing why certain parts of the message contain certian bits of data. A chat proxy can be made with just this level of knowledge, so I did it.


    A2. Complex answer: HZ uses XML for messages, as evidenced by the manifest. However, HZ sends the XML back and forth from the server in a binary form. Interpreting the message is not difficult given the manifest, net log entry, and message in a hex editor, but so far I've been unable to programatically parse messages and map them to their base XML fields. This means I'm stuck being able to manipulate only the simplest of messages that only have a few possible combinations of paramaters that can all be accoutned for. It also means that I have no hope of creating even the simplest of server emulators, one that just allows you to log in run around and chat, until I can figure it out.



    Any other Qs? Answering them would be better than getting into another argument about EI.


    Didn't expect that.

    Wow, you got that reaction on Chaos?  That's new.


    Mind sharing some of the argument?  I suspect the person complaining did not and does not understand what it is that you're doing.  (If that's the case, I don't think your post helped to educate them either :p) Of course, they could just be a Luddite too.


    Now, taking a stance from 'their' side, I can see some potential concerns.


    First, they have no idea who is watching.  (Well, that really shouldn't be applicable to you, since there IS a bot in Marketplace and admins can see the chat in the channel without being visible.)   Nonetheless, a command to list the names on the other side of the tunnel would be a welcome addition.  The response should go to a /tell on the HZ side and a /notice on the IRC side.


    Second, it looks like you're a player possessed.  Try using a character name that is indicative that you are not a player and IS indicative of what you're doing.  Something like "FromIRC" or "IRC-Chat"  or "IRCRelay".  Just "IRC" as a first name will probably confuse people. The word "chat" is probably a good indicator.  Avoid the terms "bot" and "proxy".


    Third, it is still, for the most part, undocumented.  Yes, you have forum posts here and in community.istaria, however it appears that few people know about them.  I don't know what to say about that, other than make some pages with the 'gory details' buried.  The page people see should emphasize what it does and how it's used, not how it works.  If someone wants to find out how it works, they can go click a link near the end.  Don't forget to include instructions/a link so they can see for themselves.  Pictures might help too.   I'm sure you can get some space here on the wiki.



    Yeah, I haven't made a

    Yeah, I haven't made a character specifically for being a chat bot, since this project was never intended to be mired down at this stage of development for so long...


    So far most of the knowledge I've gathered about the protocol is buried in the source of my app as practical application of said knowledge ... I really should start documenting better.


    I agree right now the proxy isnt' very user firendly, since there is no external control...  First step in providing services to players within a chat room is to isolate the sc-chat-status message that lists the players in the room, so I can map player names to biotes.  


    I suppose it wouldn't take too much modification of my mirc script to allow registration on more than one chat channel  eg: Allow anyone that's the admin of a room to invite the chat bot and register them to an IRC channel, or any op on IRC to invite the bot and register to a HZ channel ... it would just require maintianing arrays on both ends for which channels to listen to and wherethey map to, as well as some header text in the communication between IRC and the proxy, indicating the destination endpoint for the chat...


    I can think of a couple of commands that could be responded to...

    listmembers to show members of chat on the other side

    listlinks to show what rooms in HZ are linked to what rooms on IRC


    Whatever I do, it'll still be a substantial refactoring of the proxy code... Someone was iterested in converting what I've got so far into py ... so I might be able to get some help with refactoring for readability as well as functionality...



    I followed up some.  My impression is that they were complaining about you talking about what you were doing, rather than the chat relay itself (which, I was told, they explicitly said was okay).


    I agree that talking about /what/ you're doing shouldn't be done in Marketplace, or any 'public' channel.  At a high level, it may be acceptable, such as "What sort of features would you want to see?"  or "I need to do some testing here, can y'all chat some more?".  Very few people care about the low level details.  Those that do will come to you. 



    It is my hope that some sort of mutual respect can be established.  That is, I'm hoping that Frid will respect the scope of interest of the people he's talking to (that is, not spew forth the techno-babble), and likewise, I'm hoping that those people will continue to tolerate his ongoing efforts to provide a service to the community (the chat relay).


    Now, what about frid's work "unintentionally empowering the bad guys"?  Sorry, I don't buy it.  There are two kinds of "Bad Guys": smart ones and dumb ones.  Frid's work helps neither.  (Feel free to stop here if this explanation doesn't apply to you.)


    In order to use Frid's work to cheat (auto-play), a person would need to write a very complex program to plug into it.  The amount of skill and time required to write such a program is far greater than what is required to copy Frid's work.  In other words, anyone with the intention of creating an auto-play program, who has the required skill to pull it off, is capable of learning what Frid knows (and more!) without his help. 


    In the case of a marginally skilled bad guy, yeah, they will get some help with understanding the HZ datastream.  Unfortunately for them, it won't help with making the remaining requisite parts (which, remember, are far more complex), or putting them together so it actually works.  Thus, giving them this knowledge does not enable them to create an auto-play program.


    Okay, so what about sending WM commands?  Those commands are checked on the server.  Your client can issue WM commands without any modification beyond what is necessary to enable setscale... but they won't work.  Why?  The server checks its database to make sure you're a WM before executing the command.  Not a WM?  Not gonna happen.


    Anyway, that's enough for now.  I'd like to see this project reach some stage of maturity.  It has the potential to open up communication between players in-game and those who can't get on at the moment (like the ones at work... you don't play HZ at work, do you? :p) .  It can even enable cross-shard communication and some services (how about a mailbox? in-game consigner search?  q&a help system? forum interface? ... order pizza?).  That's not going to happen if people complain and whine to put a stop to development.