Author Topic: YASS (Yet Another Security Suite)  (Read 11100 times)

0 Members and 3 Guests are viewing this topic.

Offline lookitsan00b

  • LV4 Regular (Next: 200)
  • ****
  • Posts: 173
  • Rating: +37/-3
    • View Profile
Re: YASS (Yet Another Security Suite)
« Reply #30 on: December 21, 2010, 07:58:28 pm »
wow that seems like a lot of work...

but yeah the only thing I could get to not cause an error was
Code: [Select]
:AsmPrgmSECURITE
but that only gave me a 18-byte file, it should be around 200 bytes...

Can't wait till 0.4.7 :D

Till then, I might try loading the hooks to page 3...
My TI-94+SE is broken.  I used some flawed existential conditioning on it, and it crashed. :(

Activity level:
{====______}

Spoiler For Securite:
{=========_}

A couple security flaws
Need a good backdoor short of reinstalling the OS
Completely immobilized and invalidated by Zstart. And rendered incompatible.
Spoiler For FFTATIA:
{====______}

framework: mostly done
graphics engine: undergoing complete rewrite
still need character and enemy sprites!!! :P

Offline lookitsan00b

  • LV4 Regular (Next: 200)
  • ****
  • Posts: 173
  • Rating: +37/-3
    • View Profile
Re: YASS (Yet Another Security Suite)
« Reply #31 on: January 02, 2011, 11:07:12 pm »
I'm back!

I wrote a somewhat reliable (like 40%) hex dumper.  Been using that to compile to an app with Axe.

Had a problem finding the right number to ORG to, but bcall puts helped a bit.

Now I've sucessfully transferred what I had to an app.  Having interesting problems with the power-down routine, though.

First, pushing a USB cable (I know it causes an interrupt) doesn't 'wake up' the calculator.  I'm setting port 3 to $11, so I don't see what the problem is.  If you do push a cable while its 'off', it will refuse to recognize the 'off' key until you enter the password. Entering the password and re-enabling security fixes this though, presumably due to resetting and re-setting 7,(IY+$28).

Here are the relevant portions of code:
Code: [Select]
Raw Key Hook:
...
If unlocked other stuff including 'RES  7,(IY+$28)
...
SET  7,(IY+$28)
...
CPDR           ;check key pressed against keys to block
JR  Z,Block
CP  kOff
RET  NZ       ;let it go if none of those
DI
LD  B,3          ;number of interrupts to wake up.  The 'on' key seems to like to cause extra.
LD  A,2          ;turn off lcd
OUT  ($10),A
  Off:
LD  A,8        clear interrupts
OUT  (3),A
LD  A,$11     ;On key and link/usb port
OUT  (3),A
  OffLoop:
IN  A,(4)      ;interrupt state
AND  $F7      ;ignore the 'on' key status bit
JR  Z,OffLoop
DJNZ  Off      ;More interrupts needed to exit?
LD  B,A
LD  A,3        ;turn on lcd
OUT  ($10),A
LD  A,$0B     ;back to normal
OUT  (3),A
EI
LD  A,$10
AND  B     ;= BIT 4,B
JR  Z,Block
LD  A,$FF
LD  (CurKStr),A    ;see App Change Hook, also used as a pointer to the current key in the keystring
  Block:
XOR  A
RET
...
App Change Hook
DB  $83
PUSH  AF     ;seems to act funny if I don't restore this
SET  7,(IY+$28)     ;treats kOff as a keypress, disables PTT as a side-effect
LD  A,(CurKStr)
CP  $FF
JR  NZ,Fwd
RES  7,(IY+$28)     ;treat kOff as a command
  Fwd:
POP  AF
RET
My TI-94+SE is broken.  I used some flawed existential conditioning on it, and it crashed. :(

Activity level:
{====______}

Spoiler For Securite:
{=========_}

A couple security flaws
Need a good backdoor short of reinstalling the OS
Completely immobilized and invalidated by Zstart. And rendered incompatible.
Spoiler For FFTATIA:
{====______}

framework: mostly done
graphics engine: undergoing complete rewrite
still need character and enemy sprites!!! :P

Offline DJ Omnimaga

  • Clacualters are teh gr33t
  • CoT Emeritus
  • LV15 Omnimagician (Next: --)
  • *
  • Posts: 55943
  • Rating: +3154/-232
  • CodeWalrus founder & retired Omnimaga founder
    • View Profile
    • Dream of Omnimaga Music
Re: YASS (Yet Another Security Suite)
« Reply #32 on: January 04, 2011, 02:10:40 am »
Hmm interesting, could you enlighten me what is an hex dumper used for, though?

Offline lookitsan00b

  • LV4 Regular (Next: 200)
  • ****
  • Posts: 173
  • Rating: +37/-3
    • View Profile
Re: YASS (Yet Another Security Suite)
« Reply #33 on: January 04, 2011, 07:17:37 pm »
Well, Mimas (or at least 0.2) cannot compile to an App.  Axe can, but it requires the source to be in hex format.  So... I compile with Mimas, dump the hex from the compiled source into a BASIC program, add the header and 'Asm(...)', and compile that to an App.

I found out that I am no good with zero-indexed arrays.  Ends up I was having a 1-byte memory leak into XFact, but I don't think that's my problem.

I had nothing better to do, so I made an editor for the hook.  It can edit the whole of smallEditRam, with Getkey equates and important labels included.  It can also fully uninstall the hooks, as well as re-installing them... at least in theory.  It freezes when you try to re-install, and, thanks to RAM clears, I have no idea what the problem is, although I bet its something with trying to code that routine in hex.  I managed to get one build to not freeze, but it gave me an ERROR: UNDEFINED.  This is useful if you don't want the default blocks.  For example, you could block kExtApps instead of kAppsMenu, or kOvrW and kOvrWAll instead of kLinkIO.

But yeah. GetKey equates. In a separate axe program... in a link below.  But be warned, its around 3kb.

PS:  I used dual-reverse-LBPS for the data in there, and '(' will jump to the beginning, and ')' to the end.

Edit: Lol yep. It had everything to do with trying to code in hex. I forgot the processor was little-endian :P

Also, please don't try things like kExtApps or kPointOn, the hook only recognises the key used to confirm that menu option.

PPS: Sorry. I like to make up my own terminology for complex ideas.  Dual-Reverse-LBPS refers to two length-prefixed strings, one starting at the bottom going up, the other at the top going down.

Update:
  the memory leak and re-installing are fixed
  this is now a piece of hybrid software, the editor/menus were included in the app.

Just wondering, anybody ever do Axe+ASM+BASIC, in one application? :hyper: (not App, application)
« Last Edit: January 04, 2011, 11:44:52 pm by lookitsan00b »
My TI-94+SE is broken.  I used some flawed existential conditioning on it, and it crashed. :(

Activity level:
{====______}

Spoiler For Securite:
{=========_}

A couple security flaws
Need a good backdoor short of reinstalling the OS
Completely immobilized and invalidated by Zstart. And rendered incompatible.
Spoiler For FFTATIA:
{====______}

framework: mostly done
graphics engine: undergoing complete rewrite
still need character and enemy sprites!!! :P

Offline DJ Omnimaga

  • Clacualters are teh gr33t
  • CoT Emeritus
  • LV15 Omnimagician (Next: --)
  • *
  • Posts: 55943
  • Rating: +3154/-232
  • CodeWalrus founder & retired Omnimaga founder
    • View Profile
    • Dream of Omnimaga Music
Re: YASS (Yet Another Security Suite)
« Reply #34 on: January 05, 2011, 01:40:23 am »
Oh right I see now.

As for me, I never programmed in ASM, just in BASIC and Axe and I planned to use both at once one day, but I'm sure for large games some people may want to use all 3 to circumvent the code limit.

Offline lookitsan00b

  • LV4 Regular (Next: 200)
  • ****
  • Posts: 173
  • Rating: +37/-3
    • View Profile
Re: YASS (Yet Another Security Suite)
« Reply #35 on: January 08, 2011, 11:51:10 pm »
grrr... I wanted to include a backup utility with this, but its failing.

My calc is one of the newer ones, so no pages 4-7.  I would think pages 2 and 3 would work well enough though... but apparently not.  The calc crashes when trying to parse BASIC with just a backup, and resets immediately upon return to ti-os with a backup and restore.

Scratch that, re-running the app after backup strangely prevents crashing, but the restore still fails.

Everything else mostly works.  That'd be the backdoor that still fails.
My TI-94+SE is broken.  I used some flawed existential conditioning on it, and it crashed. :(

Activity level:
{====______}

Spoiler For Securite:
{=========_}

A couple security flaws
Need a good backdoor short of reinstalling the OS
Completely immobilized and invalidated by Zstart. And rendered incompatible.
Spoiler For FFTATIA:
{====______}

framework: mostly done
graphics engine: undergoing complete rewrite
still need character and enemy sprites!!! :P

Offline DJ Omnimaga

  • Clacualters are teh gr33t
  • CoT Emeritus
  • LV15 Omnimagician (Next: --)
  • *
  • Posts: 55943
  • Rating: +3154/-232
  • CodeWalrus founder & retired Omnimaga founder
    • View Profile
    • Dream of Omnimaga Music
Re: YASS (Yet Another Security Suite)
« Reply #36 on: January 09, 2011, 08:47:10 pm »
Sorry to hear, I hope you can figure it out soon :(

By the way I assume page 4-7 are the extra RAM pages? I think those should be avoided if possible, for maximum compatibility with newer calcs.

Offline jnesselr

  • King Graphmastur
  • LV11 Super Veteran (Next: 3000)
  • ***********
  • Posts: 2270
  • Rating: +81/-20
  • TAO == epic
    • View Profile
Re: YASS (Yet Another Security Suite)
« Reply #37 on: January 09, 2011, 09:15:19 pm »
grrr... I wanted to include a backup utility with this, but its failing.

My calc is one of the newer ones, so no pages 4-7.  I would think pages 2 and 3 would work well enough though... but apparently not.  The calc crashes when trying to parse BASIC with just a backup, and resets immediately upon return to ti-os with a backup and restore.

Scratch that, re-running the app after backup strangely prevents crashing, but the restore still fails.

Everything else mostly works.  That'd be the backdoor that still fails.
Actually, 82 (ram page 2) should work. TIOS uses 80 and 81 (ram pages 0 and 1).

Offline lookitsan00b

  • LV4 Regular (Next: 200)
  • ****
  • Posts: 173
  • Rating: +37/-3
    • View Profile
Re: YASS (Yet Another Security Suite)
« Reply #38 on: January 09, 2011, 10:37:57 pm »
Sorry to hear, I hope you can figure it out soon :(

By the way I assume page 4-7 are the extra RAM pages? I think those should be avoided if possible, for maximum compatibility with newer calcs.

Yep, they are.  And I'm also avoiding these because I wouldn't be able to test to see if they work...

grrr... I wanted to include a backup utility with this, but its failing.

My calc is one of the newer ones, so no pages 4-7.  I would think pages 2 and 3 would work well enough though... but apparently not.  The calc crashes when trying to parse BASIC with just a backup, and resets immediately upon return to ti-os with a backup and restore.

Scratch that, re-running the app after backup strangely prevents crashing, but the restore still fails.

Everything else mostly works.  That'd be the backdoor that still fails.
Actually, 82 (ram page 2) should work. TIOS uses 80 and 81 (ram pages 0 and 1).

Well I'm not sure whether its 82 or 83 that is failing. They both should work fine, but they don't seem to.  I'm not sure whether its because I'm messing up somewhere or because of some OS glitchy-thingy.

From what I've read, the OS uses/can use pages 2 and 3 for file transfers.  Maybe since byte $4000 of page 2 isn't FF or 00 or something like that, it thinks it has a file transfer going on... ???  And then, why does it only crash when I push enter? (I don't edit/backup $4000-4400/$8000-8400, because wikiti says the OS uses this general area, although probably not for anything permanent/important)

On second thought, I don't see why a backup works fine (mostly), but when I restore, it crashes?  Meh, probably something I'm doing wrong there.
« Last Edit: January 09, 2011, 10:39:12 pm by lookitsan00b »
My TI-94+SE is broken.  I used some flawed existential conditioning on it, and it crashed. :(

Activity level:
{====______}

Spoiler For Securite:
{=========_}

A couple security flaws
Need a good backdoor short of reinstalling the OS
Completely immobilized and invalidated by Zstart. And rendered incompatible.
Spoiler For FFTATIA:
{====______}

framework: mostly done
graphics engine: undergoing complete rewrite
still need character and enemy sprites!!! :P

Offline lookitsan00b

  • LV4 Regular (Next: 200)
  • ****
  • Posts: 173
  • Rating: +37/-3
    • View Profile
Re: YASS (Yet Another Security Suite)
« Reply #39 on: January 28, 2011, 05:01:46 pm »
Well guys, seems I'm the type of person to just let projects almost die then start back up again :P

Here's that long awaited update...

PS: for security's sake, you may want to add blocks to Mode (because of Mode, Alpha + S), as well as TBLSET, WINDOW, and FORMAT (because they, for a single keypress, enable the normal powerdown, enabling PTT, which deletes the hook).  Of course, if you think you might forget your password, don't block one of those three.

If you do forget your password, sorry, all you can do is (unless you have a program in your history which uses a raw key hook) pull all five batteries.

PPS: if you are confused as to what the values mean in the 'Block Editor', they are copied straight out of the key equates section of ti83plus.inc for your convenience.

EDIT: it has come to my attention that pulling a battery during graphing forces a mem clear. you may want to block GRAPH.
« Last Edit: January 28, 2011, 05:49:29 pm by lookitsan00b »
My TI-94+SE is broken.  I used some flawed existential conditioning on it, and it crashed. :(

Activity level:
{====______}

Spoiler For Securite:
{=========_}

A couple security flaws
Need a good backdoor short of reinstalling the OS
Completely immobilized and invalidated by Zstart. And rendered incompatible.
Spoiler For FFTATIA:
{====______}

framework: mostly done
graphics engine: undergoing complete rewrite
still need character and enemy sprites!!! :P

Offline DJ Omnimaga

  • Clacualters are teh gr33t
  • CoT Emeritus
  • LV15 Omnimagician (Next: --)
  • *
  • Posts: 55943
  • Rating: +3154/-232
  • CodeWalrus founder & retired Omnimaga founder
    • View Profile
    • Dream of Omnimaga Music
Re: YASS (Yet Another Security Suite)
« Reply #40 on: January 30, 2011, 04:49:01 am »
More blocks are good, especially for people like Yunhua98 x.x

By the way, when a program is in Pause mode or Input mode (like Wacky Fun Random Numbar Generator :P), it seems that removing a battery causes a RAM clear too. That might be a bit hard to block, though, other than blocking the entire prgm menu and prgm command. Same thing goes for long strings of Sin/rand commands or the SortA/D( commands if someone sorts a 999 elements list.

Offline lookitsan00b

  • LV4 Regular (Next: 200)
  • ****
  • Posts: 173
  • Rating: +37/-3
    • View Profile
Re: YASS (Yet Another Security Suite)
« Reply #41 on: March 06, 2011, 11:30:23 pm »
More blocks are good, especially for people like Yunhua98 x.x

By the way, when a program is in Pause mode or Input mode (like Wacky Fun Random Numbar Generator :P), it seems that removing a battery causes a RAM clear too. That might be a bit hard to block, though, other than blocking the entire prgm menu and prgm command. Same thing goes for long strings of Sin/rand commands or the SortA/D( commands if someone sorts a 999 elements list.

Its been a while, and I had completely given up on this until I started looking at writing a hobby OS.  I was reading a certain thread on Cemetech when I ran into a link to an IRC log which detailed precisely the solution to this problem. Thanks Brandon W, and yay it works!

Simply put, running 'seq(select(rand(999),1),A,1,999)' and pulling a battery simply aborts the process and doesn't clear ram! (I've checked, no memory leak either :D)

Actually thats only enabled when security is active.  Can be moved easily enough, Its just always a pain to dump... :(

Speaking of which, you can now change which key activates it! I even included a special case for kOff!

It used to be required for a blocked key to return 0. No longer! Again, a special case was included for kOff. (kAreYouSure = awesomess :))

Also, kMode is now blocked by default.

I figured out the cause of a couple menus unblocking the normal powerdown, still searching for a solution*.  Its because certain (or maybe all) menus dont re-call my app change hook when you reload (like pressing 2nd-Format in the Format Menu) them, yet still mess up flags. However, all of these menus are on the lighter-colored buttons at the top.

A slightly improved editor is in the works.  Its quite buggy at the moment, which, among other things, will delay an update to tomorrow at the earliest.

PS: seq(select(rand(999),1),A,1,999) FTW :D

*just thought of a possibility!
My TI-94+SE is broken.  I used some flawed existential conditioning on it, and it crashed. :(

Activity level:
{====______}

Spoiler For Securite:
{=========_}

A couple security flaws
Need a good backdoor short of reinstalling the OS
Completely immobilized and invalidated by Zstart. And rendered incompatible.
Spoiler For FFTATIA:
{====______}

framework: mostly done
graphics engine: undergoing complete rewrite
still need character and enemy sprites!!! :P

Offline DJ Omnimaga

  • Clacualters are teh gr33t
  • CoT Emeritus
  • LV15 Omnimagician (Next: --)
  • *
  • Posts: 55943
  • Rating: +3154/-232
  • CodeWalrus founder & retired Omnimaga founder
    • View Profile
    • Dream of Omnimaga Music
Re: YASS (Yet Another Security Suite)
« Reply #42 on: March 07, 2011, 10:04:43 pm »
I'm glad you,re still around and that's it's still progressing. ^^

Is the isometric engine still in the works too, by the way?

Offline lookitsan00b

  • LV4 Regular (Next: 200)
  • ****
  • Posts: 173
  • Rating: +37/-3
    • View Profile
Re: YASS (Yet Another Security Suite)
« Reply #43 on: March 21, 2011, 05:09:40 pm »
I'm glad you,re still around and that's it's still progressing. ^^

Is the isometric engine still in the works too, by the way?
No... not right now... the math to put a sprite on screen is evading me...

Also, sry for never getting around to uploading an update :P

The new editor is mostly bug-free, but the part for the remapping keys is failing D: I was a noob and am still using two or three blocks of extremely similar code...

Added in some extra security.  There's still one known flaw (excluding pulling all five batteries for a good hour or more or re-installing the os, although the latter might not work :P) Surprisingly, one of the 4-6 keys that were causing problems before was a nonconformist... oh well, its still rather good security, considering that the person trying to break in has to know how this program works, how that particular key behaves, AND about push-to-test.  Oh well... I'll fix it later...

Also, the app signing has apparently pushed this to a two page app? no sense it does make...

PS: about the 'Deactivation' menu option under editv2, don't forget about the delete key :D (I gotta write a readme)
My TI-94+SE is broken.  I used some flawed existential conditioning on it, and it crashed. :(

Activity level:
{====______}

Spoiler For Securite:
{=========_}

A couple security flaws
Need a good backdoor short of reinstalling the OS
Completely immobilized and invalidated by Zstart. And rendered incompatible.
Spoiler For FFTATIA:
{====______}

framework: mostly done
graphics engine: undergoing complete rewrite
still need character and enemy sprites!!! :P

Offline DJ Omnimaga

  • Clacualters are teh gr33t
  • CoT Emeritus
  • LV15 Omnimagician (Next: --)
  • *
  • Posts: 55943
  • Rating: +3154/-232
  • CodeWalrus founder & retired Omnimaga founder
    • View Profile
    • Dream of Omnimaga Music
Re: YASS (Yet Another Security Suite)
« Reply #44 on: March 25, 2011, 06:50:53 pm »
Ah ok, well feel free to ask help in the Axe/general forum for the isometric stuff. I'm sure some people will be happy to help.

As for app signing I have no clue. Normally Axe only creates 1 page apps ???. Maybe signing an app adds code to the app and if it exceeds 16384 bytes then the app becomes 2 pages?