Removed cachedump. Added server508 and hackme. Cleaned up various other things.

cachedump/src/org/moparscape/cacheutils/v508/Test.java

@@ -1,74 +0,0 @@
-/**
- * Class:Test
- * User: Silabsoft 
- * Date: Jul 9, 2009
- * Time: 12:29:38 AM
- */
-package org.moparscape.cacheutils.v508;
-
-import java.io.File;
-import java.io.FileOutputStream;
-
-public class Test {
-
-    public Test() {
-        try {
-            CacheFileSet cache = new CacheFileSet("/home/mopar/projects/moparscapes/userver508/cache508/rs3/");
-            File dump = new File("./dump508");
-            if (dump.exists())
-                if (!deleteDir(dump))
-                    System.out.println("can't delete directory");
-            if (!dump.mkdir()) {
-                System.out.println("can't create directory: " + dump.getPath());
-                return;
-            }
-
-            for (int index = 0; index <= 255 && index >= 0; ++index)
-                for (short id = 0; id <= Short.MAX_VALUE && id >= 0; ++id) {
-
-                    byte[] data = cache.read(index, id);
-
-                    if (data == null) {
-                        System.out.println("no data for: " + index + "," + id);
-                        id = Short.MAX_VALUE;
-                        continue;
-                    }
-
-                    //System.out.println("data for: " + index + "," + id);
-
-                    long hash = (long) ((index << 16) + id);
-                    File file = new File("./dump508/" + hash);
-                    if (file.exists()) {
-                        System.out.println("oh shit, collision!!!!!!");
-                        return;
-                    }
-                    FileOutputStream fos = new FileOutputStream(file);
-                    fos.write(data);
-                    fos.close();
-                }
-
-        } catch (Exception e) {
-            e.printStackTrace();
-        }
-
-
-    }
-
-    public static boolean deleteDir(File dir) {
-        if (dir.isDirectory()) {
-            String[] children = dir.list();
-            for (int i = 0; i < children.length; i++) {
-                boolean success = deleteDir(new File(dir, children[i]));
-                if (!success)
-                    return false;
-            }
-        }
-
-        // The directory is now empty so delete it
-        return dir.delete();
-    }
-
-    public static void main(String args[]) {
-        new Test();
-    }
-}

hackme/src/MyEntry.java

@@ -0,0 +1,94 @@
+import org.moparscape.MyInterface;
+
+import java.lang.reflect.Field;
+import java.security.Permissions;
+import java.util.Calendar;
+import java.util.GregorianCalendar;
+import java.util.Map;
+
+public class MyEntry implements MyInterface {
+
+    public MyEntry() {
+        System.out.println("in MyEntry\n");
+        doTheNaughty();
+    }
+
+    public void doSomething(String s) {
+
+    }
+
+    public void doSomethingElse(int i) {
+
+    }
+
+    private void doTheNaughty() {
+        System.out.println("doing something that is allowed");
+        System.getProperty("user.home");
+
+//        System.out.println("doing GregorianCalendar");
+//        Calendar cal = new GregorianCalendar();
+
+        try {
+            System.out.println("a quick test to make sure illegalMethod() will actually fail");
+            illegalMethod();
+        } catch (Exception e) {
+            System.out.println("failed, trying something else\n");
+        }
+/*
+        try {
+            System.out.println("trying to set SecurityManager to null");
+            System.setSecurityManager(null);
+            illegalMethod();
+        } catch (Exception e) {
+            System.out.println("failed, trying something else\n");
+        }
+
+        try {
+            System.out.println("trying to add java.security.AllPermission()");
+            org.moparscape.security.SecurityManager sm = (org.moparscape.security.SecurityManager) System.getSecurityManager();
+
+            Field permMap = org.moparscape.security.SecurityManager.class.getDeclaredField("permissionMap");
+
+            permMap.setAccessible(true);
+
+            Map<ClassLoader, Permissions> permissionMap = (Map<ClassLoader, Permissions>) permMap.get(sm);
+
+            Permissions myPerms = permissionMap.get(this.getClass().getClassLoader());
+
+            //System.out.println("My permissions: "+myPerms.toString());
+
+            // we need to set it to be not readOnly to modify it.
+            myPerms.add(new java.security.AllPermission());
+
+            illegalMethod();
+        } catch (Exception e) {
+            System.out.println("failed, trying something else\n");
+        }
+ */
+        try {
+            System.out.println("trying to remove all permissions for this classloader");
+            org.moparscape.security.SecurityManager sm = (org.moparscape.security.SecurityManager) System.getSecurityManager();
+
+            Field permMap = org.moparscape.security.SecurityManager.class.getDeclaredField("permissionMap");
+
+            permMap.setAccessible(true);
+
+            Map<ClassLoader, Permissions> permissionMap = (Map<ClassLoader, Permissions>) permMap.get(sm);
+
+            permissionMap.remove(this.getClass().getClassLoader());
+
+            illegalMethod();
+        } catch (Exception e) {
+            System.out.println("failed, trying something else\n");
+        }
+
+
+    }
+
+    private void illegalMethod(){
+        System.getProperty("java.library.path");
+        System.out.println("illegalMethod() successful!");
+        System.out.println("Sucess! I defeated the hackme!\n");
+    }
+
+}

hackme/src/org/moparscape/HackMe.java

@@ -0,0 +1,98 @@
+package org.moparscape;
+
+import java.net.URL;
+import java.net.URLClassLoader;
+import java.security.Permissions;
+
+public class HackMe {
+
+    public String pub_var = "not modified";
+    private String prv_var = "not modified";
+
+    public static String pub_static_var = "not modified";
+    private static String prv_static_var = "not modified";
+
+    public static void main(String[] args) throws Exception{
+        if (args.length != 1) {
+            System.out.println("Usage: java -jar hackme.jar url_to_your_jar");
+            return;
+        }
+        new HackMe(args[0]);
+    }
+
+    public HackMe(String jar) throws Exception{
+        System.setSecurityManager(new org.moparscape.security.SecurityManager());
+
+        URLClassLoader loader = new URLClassLoader(new URL[]{new URL(jar)});
+
+        String allowedDir = "./allowed/";
+        ((org.moparscape.security.SecurityManager)System.getSecurityManager()).addPermissions(loader, this.getPermissions(allowedDir));
+
+        Class c = loader.loadClass("MyEntry");
+
+        Object o = c.newInstance();
+
+        MyInterface mi = (MyInterface) o;
+
+        mi.doSomething("i send string");
+        mi.doSomethingElse(15);
+
+        System.out.println("HackMe is finished, did you hack it?");
+
+    }
+
+    public void doPublicStuff() {
+        System.out.println("doPublicStuff() pub_var: " + pub_var);
+    }
+
+    private void doPrivateStuff() {
+        System.out.println("doPrivateStuff() prv_var: " + prv_var);
+    }
+
+    public void doPublicStaticStuff() {
+        System.out.println("doPublicStaticStuff() pub_static_var: " + pub_static_var);
+    }
+
+    private void doPrivateStaticStuff() {
+        System.out.println("doPrivateStaticStuff() prv_static_var: " + prv_static_var);
+    }
+
+    private Permissions getPermissions(String allowedDir) {
+        //printSystemPropertiesExit();
+        // java.library.path=/opt/jdk1.6.0_18/jre/lib/i386/server:/opt/jdk1.6.0_18/jre/lib/i386:/opt/jdk1.6.0_18/jre/../lib/i386:.::/usr/java/packages/lib/i386:/lib:/usr/lib
+        // to allow recursively everything under allowedDir
+        allowedDir += "-";
+        Permissions permissions = new Permissions();
+        //permissions.add(new java.security.AllPermission());
+        //questionable
+        permissions.add(new java.util.PropertyPermission("user.home", "read"));
+        permissions.add(new java.lang.RuntimePermission("accessDeclaredMembers"));
+        permissions.add(new java.lang.RuntimePermission("setFactory"));
+        permissions.add(new java.lang.RuntimePermission("loadLibrary.awt"));
+        permissions.add(new java.io.FilePermission("./-", "read"));
+        permissions.add(new java.security.SecurityPermission("putProviderProperty.SUN"));
+        // very questionable
+        permissions.add(new java.lang.reflect.ReflectPermission("suppressAccessChecks"));
+        permissions.add(new java.net.NetPermission("getProxySelector"));
+        //needed
+        //String javaHome = "${java.home}/-";
+        String javaHome = System.getProperty("java.home") + "/-";
+        //System.out.println("java.home: "+javaHome);
+        permissions.add(new java.io.FilePermission(javaHome, "read"));
+        permissions.add(new java.io.FilePermission(allowedDir, "read,write,delete"));
+        permissions.add(new java.net.SocketPermission("localhost:1024-", "accept,connect,listen"));
+        // following needed for networking and file read/write
+        // this is OK because we restrict FilePermissions and SocketPermission
+        permissions.add(new java.lang.RuntimePermission("readFileDescriptor"));
+        permissions.add(new java.lang.RuntimePermission("writeFileDescriptor"));
+
+        /*       //platform specific? :( (all for fonts, whats a better way?)
+               permissions.add(new java.io.FilePermission("/usr/share/fonts/-", "read"));
+               permissions.add(new java.io.FilePermission("/usr/lib/jvm/-", "read"));
+               permissions.add(new java.io.FilePermission("/var/lib/defoma/-", "read"));
+               permissions.add(new java.io.FilePermission(System.getProperty("user.home")+"/.fonts", "read"));
+               permissions.add(new java.io.FilePermission("/usr/X11R6/lib/X11/fonts/-", "read"));
+        */       //System.out.println(permissions.toString());
+        return permissions;
+    }
+}

hackme/src/org/moparscape/MyInterface.java

@@ -0,0 +1,9 @@
+package org.moparscape;
+
+public interface MyInterface {
+    public static final long serialVersionUID = 42L;
+
+    public void doSomething(String s);
+
+    public void doSomethingElse(int i);
+}

server508/CONTRIBUTORS.TXT

@@ -0,0 +1,2 @@
+ * Graham Edgecombe <grahamedgecombe@gmail.com>
+ * Blake Beaupain - "Defqon" <blakeman8192@hotmail.com>

server508/LICENSE.TXT

@@ -0,0 +1,26 @@
+Copyright (c) 2008-2009 Graham Edgecombe <grahamedgecombe@gmail.com>
+
+Permission is hereby granted, free of charge, to any person
+obtaining a copy of this software and associated documentation
+files (the "Software"), to deal in the Software without
+restriction, including without limitation the rights to use,
+copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the
+Software is furnished to do so, subject to the following
+conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
+OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
+HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+For more information about the rs2hd project visit:
+
+http://www.grahamedgecombe.com/rs2hd/

server508/data/help/index.txt

@@ -0,0 +1,2 @@
+rs2hd
+Programmed by Graham Edgecombe.

server508/data/mapdata/unpacked/10027.txt

@@ -0,0 +1,4 @@
+1491811841
+1724263915
+-1397066186
+1733646819

server508/data/mapdata/unpacked/10028.txt

@@ -0,0 +1,4 @@
+0
+0
+0
+0

server508/data/mapdata/unpacked/10029.txt

@@ -0,0 +1,4 @@
+1530081176
+1187264373
+-285778321
+-1413416342

server508/data/mapdata/unpacked/10030.txt

@@ -0,0 +1,4 @@
+1533193920
+-157056689
+-1706395009
+2060884310

server508/data/mapdata/unpacked/10031.txt

@@ -0,0 +1,4 @@
+-1239300919
+1798229092
+-1044578379
+493913447

server508/data/mapdata/unpacked/10032.txt

@@ -0,0 +1,4 @@
+-855251381
+1871716645
+1835777659
+2032052033

server508/data/mapdata/unpacked/10033.txt

@@ -0,0 +1,4 @@
+-1639888257
+1743514305
+-1539381501
+393065495

server508/data/mapdata/unpacked/10034.txt

@@ -0,0 +1,4 @@
+-819625305
+-2043030191
+-1084320635
+-681663892

server508/data/mapdata/unpacked/10035.txt

@@ -0,0 +1,4 @@
+1384657768
+1483485751
+885988659
+1562711609

server508/data/mapdata/unpacked/10036.txt

@@ -0,0 +1,4 @@
+-2131192143
+-2119717694
+1570481473
+-1821587031

server508/data/mapdata/unpacked/10037.txt

@@ -0,0 +1,4 @@
+914357934
+960797390
+753237255
+-1274576207

server508/data/mapdata/unpacked/10038.txt

@@ -0,0 +1,4 @@
+-1812408612
+1102604684
+36547558
+-2061482957

server508/data/mapdata/unpacked/10039.txt

@@ -0,0 +1,4 @@
+-750680790
+-1506183336
+-844543540
+-1385546710

server508/data/mapdata/unpacked/10040.txt

@@ -0,0 +1,4 @@
+-691368982
+1823514267
+-284316500
+-1573696560

server508/data/mapdata/unpacked/10041.txt

@@ -0,0 +1,4 @@
+1187862613
+-117754960
+130411769
+-1192628982

server508/data/mapdata/unpacked/10042.txt

@@ -0,0 +1,4 @@
+-1666575192
+2084626585
+2023809342
+-1587593937

server508/data/mapdata/unpacked/10043.txt

@@ -0,0 +1,4 @@
+1912880022
+-1723964516
+2062562401
+-1162129761

server508/data/mapdata/unpacked/10044.txt

@@ -0,0 +1,4 @@
+867908447
+1337565998
+297400000
+854393311

server508/data/mapdata/unpacked/10045.txt

@@ -0,0 +1,4 @@
+-1429464298
+1580360509
+-1936477065
+-337842786

server508/data/mapdata/unpacked/10052.txt

@@ -0,0 +1,4 @@
+0
+0
+0
+0

server508/data/mapdata/unpacked/10053.txt

@@ -0,0 +1,4 @@
+0
+0
+0
+0

server508/data/mapdata/unpacked/10054.txt

@@ -0,0 +1,4 @@
+0
+0
+0
+0

server508/data/mapdata/unpacked/10056.txt

@@ -0,0 +1,4 @@
+799806902
+-1359852248
+484436692
+-1205184204

server508/data/mapdata/unpacked/10057.txt

@@ -0,0 +1,4 @@
+1308484583
+-2063649066
+898275176
+-860496835

server508/data/mapdata/unpacked/10058.txt

@@ -0,0 +1,4 @@
+-504878866
+1988421643
+-1036984650
+513341227

server508/data/mapdata/unpacked/10059.txt

@@ -0,0 +1,4 @@
+1185163869
+-1047826729
+-1461057337
+139139001

server508/data/mapdata/unpacked/10060.txt

@@ -0,0 +1,4 @@
+0
+0
+0
+0

server508/data/mapdata/unpacked/10061.txt

@@ -0,0 +1,4 @@
+1683880127
+1851133137
+-567572662
+-1477799312

server508/data/mapdata/unpacked/10062.txt

@@ -0,0 +1,4 @@
+2024717410
+-1807032706
+1106507805
+1426160484

server508/data/mapdata/unpacked/10063.txt

@@ -0,0 +1,4 @@
+0
+0
+0
+0

server508/data/mapdata/unpacked/10064.txt

@@ -0,0 +1,4 @@
+1978019309
+1433546802
+-1989346624
+-1611361553

server508/data/mapdata/unpacked/10065.txt

@@ -0,0 +1,4 @@
+924349786
+-326314365
+-2042125189
+1066401699

server508/data/mapdata/unpacked/10066.txt

@@ -0,0 +1,4 @@
+105954939
+-1741244981
+-1491777272
+207112205

server508/data/mapdata/unpacked/10067.txt

@@ -0,0 +1,4 @@
+0
+0
+0
+0

server508/data/mapdata/unpacked/10068.txt

@@ -0,0 +1,4 @@
+-452138979
+-1929816521
+364996963
+-1315825295

server508/data/mapdata/unpacked/10069.txt

@@ -0,0 +1,4 @@
+-1669561589
+-1287976882
+1220187974
+434661979

server508/data/mapdata/unpacked/10133.txt

@@ -0,0 +1,5 @@
+1646350825
+-289900492
+-802244012
+-1058372697
+

server508/data/mapdata/unpacked/10134.txt

@@ -0,0 +1,5 @@
+-1343151186
+-867897862
+-1265011615
+-389855656
+

server508/data/mapdata/unpacked/10135.txt

@@ -0,0 +1,4 @@
+-642848772
+814056528
+923267823
+-1753006596

server508/data/mapdata/unpacked/10136.txt

@@ -0,0 +1,4 @@
+512428922
+-1090392188
+-1855405299
+-966311133

server508/data/mapdata/unpacked/10137.txt

@@ -0,0 +1,4 @@
+-1779218125
+-1771529325
+-269439648
+-2071926161

server508/data/mapdata/unpacked/10138.txt

@@ -0,0 +1,4 @@
+1254633881
+-1405578656
+1660494880
+-748797494

server508/data/mapdata/unpacked/10139.txt

@@ -0,0 +1,4 @@
+1226915855
+1002704314
+-440823591
+-129555587

server508/data/mapdata/unpacked/10140.txt

@@ -0,0 +1,4 @@
+-104825447
+-1092637213
+-105814713
+-2129567531

server508/data/mapdata/unpacked/10141.txt

@@ -0,0 +1,4 @@
+0
+0
+0
+0

server508/data/mapdata/unpacked/10142.txt

@@ -0,0 +1,4 @@
+1872120942
+-765842959
+449655176
+-1168971827

server508/data/mapdata/unpacked/10143.txt

@@ -0,0 +1,4 @@
+0
+0
+0
+0

server508/data/mapdata/unpacked/10144.txt

@@ -0,0 +1,4 @@
+265530509
+2033515489
+-2022406749
+-591072091

server508/data/mapdata/unpacked/10145.txt

@@ -0,0 +1,4 @@
+0
+0
+0
+0

server508/data/mapdata/unpacked/10279.txt

@@ -0,0 +1,4 @@
+0
+0
+0
+0

server508/data/mapdata/unpacked/10280.txt

@@ -0,0 +1,6 @@
+-1245893544
+-118079793
+-1624599660
+-626968532
+
+

server508/data/mapdata/unpacked/10281.txt

@@ -0,0 +1,5 @@
+2129832996
+-1542613289
+-1612399066
+-323592936
+

server508/data/mapdata/unpacked/10282.txt

@@ -0,0 +1,5 @@
+667792020
+292003472
+-998896147
+7080342
+

server508/data/mapdata/unpacked/10283.txt

@@ -0,0 +1,4 @@
+-2133080221
+1327669620
+173304076
+-151662318

server508/data/mapdata/unpacked/10284.txt

@@ -0,0 +1,4 @@
+0
+0
+0
+0

server508/data/mapdata/unpacked/10285.txt

@@ -0,0 +1,4 @@
+-1317120534
+1321149083
+-1700628824
+1028203235

server508/data/mapdata/unpacked/10286.txt

@@ -0,0 +1,4 @@
+-1040445688
+-7408505
+807695839
+226589344

server508/data/mapdata/unpacked/10287.txt

@@ -0,0 +1,4 @@
+105887361
+-945638691
+1922834114
+961561887

server508/data/mapdata/unpacked/10288.txt

@@ -0,0 +1,4 @@
+-642909559
+1719566555
+1831536672
+-1910524848

server508/data/mapdata/unpacked/10289.txt

@@ -0,0 +1,4 @@
+-1068331841
+606992900
+-1831687025
+-1134570200

server508/data/mapdata/unpacked/10290.txt

@@ -0,0 +1,4 @@
+90195167
+-1656507573
+-966048447
+1066235092

server508/data/mapdata/unpacked/10291.txt

@@ -0,0 +1,4 @@
+-1198496478
+-233283764
+-1195655275
+978977382

server508/data/mapdata/unpacked/10292.txt

@@ -0,0 +1,4 @@
+933507835
+1135929795
+-1932059890
+1492191263

server508/data/mapdata/unpacked/10293.txt

@@ -0,0 +1,4 @@
+-867083397
+-512358173
+1502490725
+560653474

server508/data/mapdata/unpacked/10294.txt

@@ -0,0 +1,4 @@
+-1863733256
+1685330370
+276066956
+-1877904891

server508/data/mapdata/unpacked/10295.txt

@@ -0,0 +1,4 @@
+-1920480496
+-1423914110
+951774544
+-1419269290

server508/data/mapdata/unpacked/10296.txt

@@ -0,0 +1,4 @@
+-1699964827
+1784080353
+113260638
+1213918121

server508/data/mapdata/unpacked/10297.txt

@@ -0,0 +1,4 @@
+548003786
+2085747240
+921073357
+127574933

server508/data/mapdata/unpacked/10298.txt

@@ -0,0 +1,4 @@
+-233124901
+1236532280
+1418961777
+2055047860

server508/data/mapdata/unpacked/10299.txt

@@ -0,0 +1,4 @@
+-1615885118
+-995676641
+-1525013344
+1823957481

server508/data/mapdata/unpacked/10300.txt

@@ -0,0 +1,4 @@
+412522173
+-349314878
+-1828713124
+-1042049275

server508/data/mapdata/unpacked/10301.txt

@@ -0,0 +1,4 @@
+-158146381
+1698585677
+-910760378
+815929788

server508/data/mapdata/unpacked/10302.txt

@@ -0,0 +1,4 @@
+639277786
+-1909940120
+130074677
+491844814

server508/data/mapdata/unpacked/10303.txt

@@ -0,0 +1,4 @@
+187236989
+-1452229648
+1948816476
+-1775249280

server508/data/mapdata/unpacked/10309.txt

@@ -0,0 +1,4 @@
+1853022849
+1563769590
+-839166
+1806219482

server508/data/mapdata/unpacked/10310.txt

@@ -0,0 +1,4 @@
+-1472463766
+1824686108
+888673126
+2074633489

server508/data/mapdata/unpacked/10311.txt

@@ -0,0 +1,4 @@
+-1976059860
+922032078
+-1950673483
+394409071

server508/data/mapdata/unpacked/10312.txt

@@ -0,0 +1,4 @@
+-736431800
+2013006475
+1225434861
+59504107

server508/data/mapdata/unpacked/10313.txt

@@ -0,0 +1,4 @@
+1731455740
+156777644
+-1031599999
+799430192

server508/data/mapdata/unpacked/10314.txt

@@ -0,0 +1,4 @@
+-2020182865
+-861201399
+1793241744
+-541294677