Jump to content

Disturbing exploit or... or what?

KT Kingsley

By KT Kingsley,
in LSL Scripting

 Share
You are about to reply to a thread that has been inactive for 1471 days.

Please take a moment to consider if this thread is worth bumping.

Recommended Posts

KT Kingsley

KT Kingsley

Posted
Posted

So, something happened to me last night that that shouldn't be possible.

I was editing a script in a HUD, and when I saved it I got the chat message "You have the right to remain silent..." (in the colour I've assigned to objects, but not the colour I've assigned to owner chat) and the floating text "BUSTED" appeared on it. The script then disappeared from the HUD's inventory.

I've never used those text strings in a script myself, and certainly not in conjunction with an llRemoveInventory call, so it wasn't a case of me accidentally pasting something over the script and compiling it instead of the intended one.

I can only think the someone had hacked into the communications between my viewer and the server during the compilation and deliberately and maliciously destroyed the script. I think those messages do seem to indicate a deliberate and malicious attack, rather than a bizarre comms glitch of some sort.

Can anyone come up with a less outrageous explanation for what happened?

(As luck would have it, I had a fairly recent backup of the script available, so not too much damage sustained.)

Link to comment
Share on other sites
Wulfie Reanimator

Wulfie Reanimator

Posted
Posted

Occam's razor would suggest that if this was truly some targeted, malicious intent, you would've lost more than that one script.

Does it happen again? What does the script do, as in, what is its expected behavior?

Was the object that spoke an object actually owned by you? (You can find this out by clicking the name of the object.)

  • Thanks 1
Link to comment
Share on other sites
Profaitchikenz Haiku

Profaitchikenz Haiku

Posted
Posted (edited)

Is it possible that the channel it uses was the same as some other scripted object and the lines you saw were not actually intended for you? I know this doesn't explain the script then vanishing, so...

The only other thing I can imagine is that due to a server error the script that got re-saved into the inventory wasn't your script but someone else's. Like Wulfie says, if this was an intentional targeting of you, you'd probably have ended up buck-naked with your avatar seriously deformed and some titler above your head chortling at it all.

Since it spoke to you there might be chat-logs of it, have you considered contacting LL about this? I don't know if you can AR when there is no obvious miscreant, but they have enough logs at their disposal to examine the episode.

Edited by Profaitchikenz Haiku
  • Thanks 1
Link to comment
Share on other sites
KT Kingsley

KT Kingsley

Posted
  • Author
Posted (edited)

The message would have been sent on either public chat or as an object IM. As well as the script being deleted from inventory the HUD had the floating text "BUSTED" added to it.

The combination of the message, the floating text and the deletion leave me straining to accept that this could have been a benign script that stumbled into some server crosstalk with my own, though, obviously, I can't rule that possibility out.

Edited by KT Kingsley
Link to comment
Share on other sites
Nova Convair

Nova Convair

Posted
Posted

Places for the "man in the middle" are only your computer or router and it would require quite some efforts. Way too much efforts to only deal with a script.
The viewer is a good candidate. It could have lost your script due to a bug and replace it with something more or less funny.
The sim server could have a hickup or something between viewer and asset server went wrong.
Fact is the script got replaced. B4 I started to script always external - there were script incidents from time to time, just less dramatic, like script was not saved or vanished from editor.

  • Thanks 1
Link to comment
Share on other sites
KT Kingsley

KT Kingsley

Posted
  • Author
Posted
18 minutes ago, Profaitchikenz Haiku said:

Since it spoke to you there might be chat-logs of it, have you considered contacting LL about this? I don't know if you can AR when there is no obvious miscreant, but they have enough logs at their disposal to examine the episode.

I was wondering about that myself. I doubt support could help much, so maybe an AR or a JIRA would be the way to go.

Link to comment
Share on other sites
Qie Niangao

Qie Niangao

Posted
Posted

Is this HUD object completely of your own creation? And never had anybody else's scripts inside?

I'm thinking about the possibility of llRemoteLoadScriptPin (in something owned by you) pushing a "protection" script into your HUD, and the script wiping anything else it finds, scattering around some scary text, then deleting itself. But that's only possible if a PIN were set for the object, and only plausible if the script creator knew that PIN.

  • Thanks 1
Link to comment
Share on other sites
KT Kingsley

KT Kingsley

Posted
  • Author
Posted
8 minutes ago, Qie Niangao said:

Is this HUD object completely of your own creation? And never had anybody else's scripts inside?

I'm thinking about the possibility of llRemoteLoadScriptPin (in something owned by you) pushing a "protection" script into your HUD, and the script wiping anything else it finds, scattering around some scary text, then deleting itself. But that's only possible if a PIN were set for the object, and only plausible if the script creator knew that PIN.

The HUD is all my own work, from the mesh object to the scripts inside (well, maybe a snippet copied from the wiki here and there). It's never had even a sniff of llRemoteLoadScriptPin. It does contain animations that I didn't make, though doubt those could be involved.

Link to comment
Share on other sites
Kyrah Abattoir

Kyrah Abattoir

Posted
Posted
2 minutes ago, KT Kingsley said:

That's the whole story. The HUD and the scripts are all my own work. There's no anti-tamper scripts in there.

If that's what it is, then it is very strange indeed, all of those are your own prims? as in uploaded meshs by yourself and/or prims made with the create panel?

  • Thanks 1
Link to comment
Share on other sites
KT Kingsley

KT Kingsley

Posted
  • Author
Posted (edited)
5 minutes ago, Kyrah Abattoir said:

If that's what it is, then it is very strange indeed, all of those are your own prims? as in uploaded meshs by yourself and/or prims made with the create panel?

Yup. My own self-uploaded mesh objects (two, linked), my own textures and my own scripts. It does contain animations I've bought, which are the only thing about it that I can't claim credit for.

Edited by KT Kingsley
Link to comment
Share on other sites
Mollymews

Mollymews

Posted
Posted
1 hour ago, KT Kingsley said:

So, something happened to me last night that that shouldn't be possible.

I was editing a script in a HUD, and when I saved it I got the chat message "You have the right to remain silent..." (in the colour I've assigned to objects, but not the colour I've assigned to owner chat) and the floating text "BUSTED" appeared on it. The script then disappeared from the HUD's inventory.

the wording sounds to me like this is similar to what Some Linden was doing back in the day circa when scripted griefing exploits were rampant. Some Linden got into laying traps like this back then for greifers. Not that you are a greifer, just that it could be that in some way your Save might have inadvertently triggered some ancient linden trap that has until now lain dormant

  • Like 1
  • Thanks 1
Link to comment
Share on other sites
KT Kingsley

KT Kingsley

Posted
  • Author
Posted
15 minutes ago, Mollymews said:

the wording sounds to me like this is similar to what Some Linden was doing back in the day circa when scripted griefing exploits were rampant. Some Linden got into laying traps like this back then for greifers. Not that you are a greifer, just that it could be that in some way your Save might have inadvertently triggered some ancient linden trap that has until now lain dormant

This does sound feasible. Is "Some Linden" an actual name, or just a reference to a Linden whose name you can't remember?

I've no idea what my script might be doing that might be seen as something a bit grieferish – it does nothing that affects anything other than the HUD itself and my avatar. I did go back and do an area search for objects owned by a Linden, without result. I also tried recompiling the older backup version of the script there, but with no untoward effects.

Link to comment
Share on other sites
Mollymews

Mollymews

Posted
Posted (edited)
14 minutes ago, KT Kingsley said:

This does sound feasible. Is "Some Linden" an actual name, or just a reference to a Linden whose name you can't remember?

Some Linden is a generic for some linden staff back in those days who sometimes got a little bit over-exuberant at times in their efforts to govern resident behaviour

edit add. Just add that I don't think that any of today's Lindens would be doing anything like this.  Linden is whole more disciplined company now than it was back in those earlier times. Just that the wording took me back to those times. and it could be that somewhere deep in the bowels of the servers is some remnant of SomeExuberantPastTimes Linden

either this or maybe more likely when you saved a link broke/got mixed on the server and you ended up with somebody else's compiled script not yours which does exactly what you observed.  Say the words, change the text, and then removes itself from contents

Edited by Mollymews
  • Thanks 1
Link to comment
Share on other sites
Chaser Zaks

Chaser Zaks

Posted
Posted

LL used to blacklist scripts back when PN/4chin was around. However, after loading up several of their scripts into a cube and griefing my own parcel, I have been unable to reproduce this. I've not heard of it the "BUSTED" thing before though. I figured when they blacklist a script, it'd silently fail.

So unless I am whitelisted to not trip their anti-griff thing, or I just had bad luck with picking the scripts to test, I'm unable to reproduce this with various known griffs scripts.

Would you be willing to let me take a look at the script? (Full confidentiality of course. I write scripts for fun, so it'd also be pointless for me to steal script code.)

  • Thanks 1
Link to comment
Share on other sites
KT Kingsley

KT Kingsley

Posted
  • Author
Posted (edited)

Unfortunately the script in question was deleted. The older backup is missing a couple of features, and has compiled without problem in the region where this happened. The lost script had previously compiled in several different regions without problem. This was the first time I'd compiled the script there. The edit this time was to add data to a list specifying in which direction my avatar should turn when it TPed into the region. No executable code was changed.

Edited by KT Kingsley
Link to comment
Share on other sites
Chaser Zaks

Chaser Zaks

Posted
Posted
Just now, KT Kingsley said:

Unfortunately the script in question was deleted. The older backup is missing a couple of features, and has compiled without problem in the region where this happened. The lost script had previously compiled in several different regions without problem. This was the first time I'd compiled the script there. The edit this time was to add data to a list specifying in which direction my avatar should turn when it TPed into the region. No code was changed.

That's unfortunate. On the chance you might be using it, do you happen to use Firestorm with the preprocessor enabled? If so, you might be able to find a copy of the script in your viewer cache under the "lslpreproc" directory.

  • Like 1
Link to comment
Share on other sites
You are about to reply to a thread that has been inactive for 1471 days.

Please take a moment to consider if this thread is worth bumping.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing
×
×
  • Create New...