• Welcome to Valhalla Legends Archive.
 

Strings in random orders.

Started by ### Teh Gnube ###, July 01, 2005, 09:18 PM

Previous topic - Next topic

### Teh Gnube ###

Ok, I am making this stupid bot's access into flags. I am thinking this would make it easily exploited. I can't explain it well, but here's an example.


User has an access of SU (Safelisted and User)

I have the bot coded to GoTo an error if a user with flags US tries to add a user with flags, oh say M (Master)

I think this poses a problem if the user has SU instead of US, causing them to be able to add users with M.

Ok, so that's my thoughts, sketchy, anyways. I need to know how to make it read the string in any order, here is some of my code:


'Visual Basic 6
'FlagAccess is obviously the adding user's flags...
'M:Master B:Ban O:Operator X:Shitlist S:Safelist U:User


MessageSplit = Split(Msg, " ")
If FlagAccess = "SU" And InStr(MessageSplit(2), "M" Or "B" Or "O" Or "X") Then GoTo ErrorAccess
'Since flags are "SU", I don't think it will pick up the same as "US"... How do I have it interchangable?


Well, there's my newb-like issue... Feel free to post away, criticize Visual Basic as much as you please too, I don't care, I probably dislike it as much as you.

Hdx

Hurm this is simple, I had this problem when I was adding flags to my bot.
I made this lifty little function:
Public Function HasFlags(fHas as string, fNeeds as string) as boolean
Dim iPos as integer
   For iPos = 1 to Len(fNeeds)
      If Instr(fHas, Mid(fNeeds, iPos, 1)) = 0 then
           HasFlags = False
           Exit Function
       End if
   Next iPos
   HasFlags = True
End Function


If you read it, you can understand how it is used.
~-~(HDX)~-~

Proud host of the JBLS server www.JBLS.org.
JBLS.org Status:
JBLS/BNLS Server Status

Kp

When you load the ACL, convert the flag list into a bitmask, and do your testing on that.  Then it won't matter what order the data is stored in.
[19:20:23] (BotNet) <[vL]Kp> Any idiot can make a bot with CSB, and many do!

### Teh Gnube ###

#3
I think I may get it, but I can make no guarantees, as I am not a master of Visual Basic 6...

fHas is Flags had by user
fNeeds is Flags needed by user
HasFlags = T/F is if the user has the flags that are needed to add a user with the flags they specified. (?)
iPos is a flag in the triggering user's access. (?)

Correct me if I'm wrong, I don't want to use source incorrectly... =/

{Edit} In response to Kp's post. Explain "Bitmask", I am newb and have never really dealt with them... =/
{/Edit}

{Edit#2} Wow, I never bump topics, which could be bad because I may never get this read... But anyways, here's my code, I keep getting "Argument not optional" error upon compilation/run.

'Mods on your code
Public Function HasFlags(FlagsHas As String, FlagsNeeds As String) As Boolean
Dim iPos As Integer
   For iPos = 1 To Len(FlagsNeeds)
      If InStr(FlagsHas, Mid(FlagsNeeds, iPos, 1)) = 0 Then
           HasFlags = False
           Exit Function
       End If
   Next iPos
   HasFlags = True
End Function

'With my "adduser" command...
FindFlags(Username)
If InStr(Flags, "U") Then
FlagsHas = UserFlags
StringA = Mid(Msg, 6)
StringASplit = Split(StringA, " ")
FlagsNeeds = StringASplit(2)
On Error GoTo Error_On_Add
nOne = nOneSplit(1)

If Len(StringASplit(2)) > Len(UserFlags) Then Form.Send "Error adding user(s) to database!": Exit Sub

FindFlags (StringASplit(0))
If HasFlags = True Then      '<----------------- Line of code which recieves error!
AUser StringASplit(0), StringASplit(2), Username
End If
End If
End If

Ok, well, I am not the smartest, and not the most coherent at the moment, because I have just about OD'd on tylenol (a day at the skate park will do that to you =/), so there may just be a very lame coding error, but anyways, feel free to comment and/or ridicule my messily written code (because I'm messy at coding.)

Oh yeah, and thanks a ton for that code! I'll credit you for sure. =P I had to fix about 60 spelling errors in this post, that's sad...
{/Edit}

Hdx

#4
Quote from: ### Teh Gnube ### on July 01, 2005, 10:39 PM
HasFlags = T/F is if the user has the flags that are needed to add a user with the flags they specified. (?)
iPos is a flag in the triggering user's access. (?)

In response to Kp's post. Explain "Bitmask", I am newb and have never really dealt with them... =/
HasFlags returns true if the input string has all the of required charesters in it.
AE:
HasFlags("AB", "BA") = True
HasFlags("AB", "CB") = Flase

And iPos is jsut a counter for the loop.

As for bitmask. I beleave what KP is refering to is converting the flags to a number, And then using the Bitwise And function to check if that user has the flag. Example:


Private Const FLAG_A = &H1
Private Const FLAG_B = &H2
Private Const FLAG_C = &H4
Private Const FLAG_D = &H8

Private Function GetUserBitMasK(strFlags as string) as Long
   Dim tmpMask as Long
   If Instr(UCase(strFlags), "A") > 0 Then tmpMask = tmpMask Or FLAG_A
   If Instr(UCase(strFlags), "B") > 0 Then tmpMask = tmpMask Or FLAG_B
   If Instr(UCase(strFlags), "C") > 0 Then tmpMask = tmpMask Or FLAG_C
   If Instr(UCase(strFlags), "D") > 0 Then tmpMask = tmpMask Or FLAG_D
   GetUserMask = tmpMask
End function

Private Sub Some_Sub_Whatever()
    If (GetUserMask("DBAC") And FLAG_A) = FLAG_A Then
           'OMGOMG OMG HE HAS THE A FLAG!
    End If
End Sub


If you screw with the math part of it,you can see that you cannot have 2 constants = a diffrent one of the constants.
~-~(HDX)~-~

[edit] Just saw your 2nd edit, the reason your getting the error is because your not caloing the function correctly, your not passing any arguments to it!
~-~(HDX)~-~

Proud host of the JBLS server www.JBLS.org.
JBLS.org Status:
JBLS/BNLS Server Status

Lenny

#5
By the looks of your code, you're misusing the '+' operator as the bitwise '|'.
The Bovine Revolution
Something unimportant

Live Battle.net:

WARNING: The preceding message may have contained content unsuitable for young children.

Hdx

Ya forgot about that *fixed* also for the hell of it, have a list of constants <3
Private Const FLAG_A As Byte = &H1
Private Const FLAG_B As Byte = &H2
Private Const FLAG_C As Byte = &H4
Private Const FLAG_D As Byte = &H8
Private Const FLAG_E As Byte = &H10
Private Const FLAG_F As Byte = &H20
Private Const FLAG_G As Byte = &H40
Private Const FLAG_H As Byte = &H80
Private Const FLAG_I As Long = &H100
Private Const FLAG_J As Long = &H200
Private Const FLAG_K As Long = &H400
Private Const FLAG_L As Long = &H800
Private Const FLAG_M As Long = &H1000
Private Const FLAG_N As Long = &H2000
Private Const FLAG_O As Long = &H4000
Private Const FLAG_P As Long = &H8000
Private Const FLAG_Q As Long = &H10000
Private Const FLAG_R As Long = &H20000
Private Const FLAG_S As Long = &H40000
Private Const FLAG_T As Long = &H80000
Private Const FLAG_U As Long = &H100000
Private Const FLAG_V As Long = &H200000
Private Const FLAG_W As Long = &H400000
Private Const FLAG_X As Long = &H800000
Private Const FLAG_Y As Long = &H1000000
Private Const FLAG_Z As Long = &H2000000

~-~(HDX)~-~

Proud host of the JBLS server www.JBLS.org.
JBLS.org Status:
JBLS/BNLS Server Status

### Teh Gnube ###

BMX, omgooses! That's some impressive typing, but I am just going to rip your source... But I'm crediting you so you should be all flattered, or not, I don't care, IT'S YOUR E-EMOTIONS! Anyways, thanks a ton <3*10... Yeah, now I have flags on my gay bot. And as for that PM a long time back, I couldn't find that lame old Triumph Bot source you wanted for your source collection on any sites, so I posted it on a friend's! FrozenGaming.net/triumph.rar
Why I felt I had to post that link in a code box, I do not know, but that's what you are looking for, just a thanks for the code =P Lol, peace!

Hdx

I figured out the site, thanks, and It's HDX not BMX. Please never refer to me as anything else..
And umm.. sure take my code. I jsut made it up on the spot.
You can expand the GetUserBitMasK to include all the Letters. Also, If your smart ;) you can make a function using the bitwise And function to convert the Mask back to a string of the letters. <3 Anyways, Need any more help?
~-~(HDX)~-~

Proud host of the JBLS server www.JBLS.org.
JBLS.org Status:
JBLS/BNLS Server Status

### Teh Gnube ###

Mmm, not this evening, but if I do I'll come running back to the forums I suppose. I took too many tylenol and now I am about to pass out... It's like trying to code while extremely tired, broke my sprocket and chain at the skate-park (yeah I bmx and break stuff I'm pretty cool now huh?) Anyways, I'm going asleep (yes, asleep, not to sleep, you have to be l33t about it) so thanks again for all the help *Hdx*.

UserLoser.


Private Const A As Byte = 65
Private Const Z As Byte = 90

Public Function CheckFlag(ByVal Mask As Long, ByVal Flag As String) As Long
    Dim FlagValue As Byte
    FlagValue = Asc(Flag)
   
    If (CheckBadFlagValue(FlagValue) = 0) Then
        CheckFlag = Not (Not (Mask And (2 ^ (FlagValue - A))))
    End If
End Function

Public Function SetFlag(ByRef Mask As Long, ByVal Flag As String) As Long
    Dim FlagValue As Byte
    FlagValue = Asc(Flag)
   
    If (CheckBadFlagValue(FlagValue) = 0) Then
        Mask = Mask Or (2 ^ (FlagValue - Asc("A")))
        SetFlag = SetFlag
    End If
End Function

Public Function GetAllFlags(ByVal Mask As Long, ByRef Flags As String) As String
    Dim Count As Long, I As Long
    Count = 1
    Flags = String(26, vbNullChar)
   
    For I = A To Z
        If (CheckFlag(Mask, Chr(I))) Then
            Mid$(Flags, Count, 1) = Chr(I)
            Count = Count + 1
        End If
    Next I
   
    Flags = NearestNull(Flags)
    GetAllFlags = Flags
   
End Function

Public Function RemoveFlag(ByRef Mask As Long, ByVal Flag As String) As Long
    Dim FlagValue As Byte
    FlagValue = Asc(Flag)
   
    If (CheckBadFlagValue(FlagValue) = 0) Then
        Mask = Mask And (Not (2 ^ (FlagValue - A)))
    End If
   
    RemoveFlag = Mask
   
End Function

Private Function CheckBadFlagValue(ByVal Flag As Byte) As Byte
    If ((Flag < A) Or (Flag > Z)) Then
        CheckBadFlagValue = 1
    Else
        CheckBadFlagValue = 0
    End If
End Function

Hdx

#11
Wow.. Tha just takes the fun out of it. Posting good code without explanation... The reason i posted my crap code was 1) constants are sexy 2) I wanted him to upgrade it 3) canstants are uber sexy!
~-~(HDX)~-~

Proud host of the JBLS server www.JBLS.org.
JBLS.org Status:
JBLS/BNLS Server Status

Warrior

You didn't provide much explination with the code, even after he had your code he was having problems. UserLoser simply nudged him in the right direction
Quote from: effect on March 09, 2006, 11:52 PM
Islam is a steaming pile of fucking dog shit. Everything about it is flawed, anybody who believes in it is a terrorist, if you disagree with me, then im sorry your wrong.

Quote from: Rule on May 07, 2006, 01:30 PM
Why don't you stop being American and start acting like a decent human?

Kp

The comment about my intent that you use numbers was correct.  I'd assumed it would be obvious to anyone advanced enough to be writing a bot, so hadn't bothered to point it out myself. :)  Bitmasks have a number of advantages over storing it in a string:

  • Faster to process - critical in a language as slow as VB, and nice in any language
  • Mask order doesn't matter - the ordering information (which is irrelevant to the goal of access checking) is lost during conversion to mask form
  • Smaller - consumes one integer, instead of a whole string.  Consumes more than an integer in VB, which is stuck in the stone age of 16bit ints.
  • Easy to compute (when using an ASCII-based charset).  EBCDIC users suffer, but no one cares about them. :)
[19:20:23] (BotNet) <[vL]Kp> Any idiot can make a bot with CSB, and many do!

R.a.B.B.i.T

Quote from: HdxBmx27 on July 02, 2005, 01:58 AM
Wow.. Tha just takes the fun out of it. Posting good code without explanation... The reason i posted my crap code was 1) constants are sexy 2) I wanted him to upgrade it 3) canstants are uber sexy!
~-~(HDX)~-~
It's incomplete.