### Author Topic: YASS (Yet Another Security Suite)  (Read 6542 times)

0 Members and 1 Guest are viewing this topic.

#### thepenguin77

• z80 Assembly Master
• LV10 31337 u53r (Next: 2000)
• Posts: 1591
• Rating: +823/-5
• The game in my avatar is bit.ly/p0zPWu
##### Re: YASS (Yet Another Security Suite)
« Reply #15 on: December 16, 2010, 06:19:51 pm »
About your running the archived appvar: While that is an awesome idea, Ti won't let you do it. Only the first few flash pages and last few flash pages are allowed to run code. Port 23 sets the upperbound limit and it is always set to only allow your apps to run. Which means that even if you do make a cool appvar that uses only relative addresses, the calc will instantly ram clear when you try to run the code.

Instead of using appBackUpScreen, might I suggest using smallEditRam. It is 107 bytes long and is almost never touched. Most games won't even kill it.
zStart v1.3.013 9-20-2013
All of my utilities
TI-Connect Help
You can build a statue out of either 1'x1' blocks or 12'x12' blocks. The 1'x1' blocks will take a lot longer, but the final product is worth it.
-Runer112

#### lookitsan00b

• LV4 Regular (Next: 200)
• Posts: 173
• Rating: +37/-3
##### Re: YASS (Yet Another Security Suite)
« Reply #16 on: December 16, 2010, 06:44:22 pm »
smallEditRam? what are the cases where it is touched? (and yes, my program will fit in there extremely easily, the appvar was 87 bytes + 1 byte per keypress, and that's with the header.)

umm... i wasn't getting ram clears.  just it wasn't running anything, no matter what I tried. I tried with/without padding two bytes for the length, all four page banks, and also incrementing and decrementing the page number! I got nothing. As in, it created the appvar, archived it, and definitely was finding it. but either it refused to set the hook (probably), or it was simply uninstalling it upon the first attempt to run...

now that I think about it, an app wouldn't work anyways. I'd still have to save the keystring somewhere, and that'd be just as easily corrupted as before.

Ok, the actual hook is 68 bytes, plus 2 bytes for string length and current entry, which leaves 37 bytes for the keystring wow that's a long one.

In other news:
I really just need a way around PTT... all I can think of is IM 2. (which means another hook, depending on where I put the table and interrupt, i'm sure, but it'd be completely secure, anybody know a good place for the table? the interrupt will easily fit in between the four entries...)

Also, the inclusion of ENTER in keystrings allows for extremely awesome and counter-intuitive keys, like "1/00[enter]" (if you have a buggy os, you can even force the user to crash it to unlock it )

I'm pretty sure that pulling a battery when the OS has control does not result in a ram clear. I do know that at least 90% of the time it won't from the homescreen. So yay! don't have to worry about that.  Wow. Battery-pull proof... maybe...

I might want to leave a backdoor. Other than re-sending the OS. Will simply plugging in a cable (without a calc on the other end) call an interrupt? if not, then that seems secure enough... otherwise, I'll have it auto-uninstall when anything is sent to the calc, unless it does that already. (or is the cable plug-in good enough?)

Who else thinks an accessory program to modify the hook would be nice?  As in, changing which keys it blocks and which key re-enables it. It'd definitely be done in Axe

Either way, here is the program, moved to smallEditRam for security, and keystring upgraded to 37, as well as everything I may have mentioned before.
« Last Edit: December 16, 2010, 07:46:49 pm by lookitsan00b »
My TI-94+SE is broken.  I used some flawed existential conditioning on it, and it crashed.

Activity level:
{====______}

Spoiler For Securite:
{=========_}

A couple security flaws
Need a good backdoor short of reinstalling the OS
Completely immobilized and invalidated by Zstart. And rendered incompatible.
Spoiler For FFTATIA:
{====______}

framework: mostly done
graphics engine: undergoing complete rewrite
still need character and enemy sprites!!!

#### Deep Toaster

• So much to do, so much time, so little motivation
• LV13 Extreme Addict (Next: 9001)
• Posts: 8217
• Rating: +758/-15
##### Re: YASS (Yet Another Security Suite)
« Reply #17 on: December 16, 2010, 07:35:56 pm »
I think it's used for small-font prompts, like those used by some apps made by TI. It's rarely used, so you should be fine putting it in there.

#### lookitsan00b

• LV4 Regular (Next: 200)
• Posts: 173
• Rating: +37/-3
##### Re: YASS (Yet Another Security Suite)
« Reply #18 on: December 16, 2010, 07:48:50 pm »
ok thanks. also I majorly upgraded the post above. too lazy to undo and repost down here.

so yeah scroll up for an update
My TI-94+SE is broken.  I used some flawed existential conditioning on it, and it crashed.

Activity level:
{====______}

Spoiler For Securite:
{=========_}

A couple security flaws
Need a good backdoor short of reinstalling the OS
Completely immobilized and invalidated by Zstart. And rendered incompatible.
Spoiler For FFTATIA:
{====______}

framework: mostly done
graphics engine: undergoing complete rewrite
still need character and enemy sprites!!!

#### DJ Omnimaga

• Former TI programmer
• CoT Emeritus
• LV15 Omnimagician (Next: --)
• Posts: 55918
• Rating: +3152/-232
• CodeWalrus founder & retired Omnimaga founder
##### Re: YASS (Yet Another Security Suite)
« Reply #19 on: December 16, 2010, 09:35:59 pm »
This program seems interesting, I hope you can manage to do it. I doubt I'll use it myself, though, since no one touch my calc but it could be useful for people with parents that goes on tyrade and people clearing your memory. I guess it can't stop teachers from taking revenge against the protection and just take the calc away, though. X.x

#### lookitsan00b

• LV4 Regular (Next: 200)
• Posts: 173
• Rating: +37/-3
##### Re: YASS (Yet Another Security Suite)
« Reply #20 on: December 18, 2010, 12:38:59 am »
I found a way past Push-To-Test!

All I did was:

tell it to not APD (wish it were possible to avoid this)

tell it to interpret OFF as a keypress, which, when pressed, runs my own power-down code. (still a bit buggy, if you push it too fast it'll turn right back on)

And, finally, tell it to tell itself these things again when it does much of anything.

But fitting that code in the same 97 bytes was difficult. Keystrings are now limited (in my not-fully-tested version) to 13 due to memory.

The backdoor I've left is:

1: turn the calc 'off'
2: insert a cable, turning it back on
3: wait for it to APD (it should if you don't leave the homescreen)
4: enter any of the 3 PTT combos, then F1 to back out.

... actually I don't have access to a cable, so I'm not sure it works. I'll check it tomorrow.
« Last Edit: December 18, 2010, 12:41:25 am by lookitsan00b »
My TI-94+SE is broken.  I used some flawed existential conditioning on it, and it crashed.

Activity level:
{====______}

Spoiler For Securite:
{=========_}

A couple security flaws
Need a good backdoor short of reinstalling the OS
Completely immobilized and invalidated by Zstart. And rendered incompatible.
Spoiler For FFTATIA:
{====______}

framework: mostly done
graphics engine: undergoing complete rewrite
still need character and enemy sprites!!!

#### DJ Omnimaga

• Former TI programmer
• CoT Emeritus
• LV15 Omnimagician (Next: --)
• Posts: 55918
• Rating: +3152/-232
• CodeWalrus founder & retired Omnimaga founder
##### Re: YASS (Yet Another Security Suite)
« Reply #21 on: December 18, 2010, 12:42:31 am »
Wait so this trick prevents PTT from doing its appropriate effect? Or does it let you exit PTT? If it's the later, it would be cool if you found a way to exit PTT without using the conventional way and without having a patch installed.

#### lookitsan00b

• LV4 Regular (Next: 200)
• Posts: 173
• Rating: +37/-3
##### Re: YASS (Yet Another Security Suite)
« Reply #22 on: December 18, 2010, 12:55:32 am »
Wait so this trick prevents PTT from doing its appropriate effect? Or does it let you exit PTT? If it's the later, it would be cool if you found a way to exit PTT without using the conventional way and without having a patch installed.

Well.. not exactly. This just prevents my hooks from being deleted by PTT.

Previously, one could simply open the PTT menu to bypass my whole security system. This whole part blocks the whole PTT menu, thus making it harder to uninstall without the key.

Although a 30 byte program that lets you break out of a full PTT is possible, that's not really my goal here.  I'm just trying to make a practically unbreakable menu blocker.  So I guess it might not be much of a 'suite' after all...
« Last Edit: December 18, 2010, 12:59:12 am by lookitsan00b »
My TI-94+SE is broken.  I used some flawed existential conditioning on it, and it crashed.

Activity level:
{====______}

Spoiler For Securite:
{=========_}

A couple security flaws
Need a good backdoor short of reinstalling the OS
Completely immobilized and invalidated by Zstart. And rendered incompatible.
Spoiler For FFTATIA:
{====______}

framework: mostly done
graphics engine: undergoing complete rewrite
still need character and enemy sprites!!!

#### DJ Omnimaga

• Former TI programmer
• CoT Emeritus
• LV15 Omnimagician (Next: --)
• Posts: 55918
• Rating: +3152/-232
• CodeWalrus founder & retired Omnimaga founder
##### Re: YASS (Yet Another Security Suite)
« Reply #23 on: December 18, 2010, 12:57:31 am »
Ah ok I see, thanks for clarifying. Still it sounds good, though.

#### lookitsan00b

• LV4 Regular (Next: 200)
• Posts: 173
• Rating: +37/-3
##### Re: YASS (Yet Another Security Suite)
« Reply #24 on: December 20, 2010, 10:38:57 am »
well last night I had my worst crash ever.

My hook for some reason returned k3 no matter what I pressed. (lol stack fail)

found out my backdoor was not working, and after messing with it, my powerdown routine works less reliably than ever, doesn't actually turn the screen off, and is way too large. But it returns the right numbers.

So it looks like this is going to be an app (<500 bytes). any suggestions as to which compiler to download? smaller = better, and I am porting from Mimas, so the less translation I have to do...
My TI-94+SE is broken.  I used some flawed existential conditioning on it, and it crashed.

Activity level:
{====______}

Spoiler For Securite:
{=========_}

A couple security flaws
Need a good backdoor short of reinstalling the OS
Completely immobilized and invalidated by Zstart. And rendered incompatible.
Spoiler For FFTATIA:
{====______}

framework: mostly done
graphics engine: undergoing complete rewrite
still need character and enemy sprites!!!

#### yunhua98

• You won't this read sentence right.
• LV11 Super Veteran (Next: 3000)
• Posts: 2718
• Rating: +214/-12
• Go take a dive in the River Lethe.
##### Re: YASS (Yet Another Security Suite)
« Reply #25 on: December 20, 2010, 10:42:01 am »
SPASM is pretty good...
but I'm a complete ASM n00b, so...

 Spoiler For =====My Projects=====: Minor setback due to code messing up.  On hold for Contest.
On hold for Contest. Spoiler For ===Staff Memberships===:
Have you seen any good news-worthy programs/events?  If so, PM me with an article to be included in the next issue of CGPN!
The Game is only a demo, the code that allows one to win hasn't been done.
To paraphrase Oedipus, Hamlet, Lear, and all those guys, "I wish I had known this some time ago."
Signature Last Updated: 12/26/11
<hr>

#### DJ Omnimaga

• Former TI programmer
• CoT Emeritus
• LV15 Omnimagician (Next: --)
• Posts: 55918
• Rating: +3152/-232
• CodeWalrus founder & retired Omnimaga founder
##### Re: YASS (Yet Another Security Suite)
« Reply #26 on: December 20, 2010, 10:54:48 pm »
Mimas seems pretty good, but if you're gonna code on the computer, most people appear to use Spasm from Revsoft or ZDS

#### souvik1997

• Guest
##### Re: YASS (Yet Another Security Suite)
« Reply #27 on: December 20, 2010, 11:55:09 pm »
You can take the compiled Mimas ASM code and put it into an Axe program and compile the program as an app.

And in my opinion Brass and ZDS are really good assemblers.

#### lookitsan00b

• LV4 Regular (Next: 200)
• Posts: 173
• Rating: +37/-3
##### Re: YASS (Yet Another Security Suite)
« Reply #28 on: December 21, 2010, 12:16:57 pm »
You can take the compiled Mimas ASM code and put it into an Axe program and compile the program as an app.

And in my opinion Brass and ZDS are really good assemblers.

How exactly would I do that?
Code: [Select]
:Asm(prgmSECURITE) doesn't seem to work...

:facepalm:

Code: [Select]
:[prgmSECURITE]
And I thought I had found a better way... involving appvars and indirect hooking... only to realize that you can't run code directly from appvars...

This might help a bunch, assuming 0.4.5 supports this
My TI-94+SE is broken.  I used some flawed existential conditioning on it, and it crashed.

Activity level:
{====______}

Spoiler For Securite:
{=========_}

A couple security flaws
Need a good backdoor short of reinstalling the OS
Completely immobilized and invalidated by Zstart. And rendered incompatible.
Spoiler For FFTATIA:
{====______}

framework: mostly done
graphics engine: undergoing complete rewrite
still need character and enemy sprites!!!

#### Builderboy

• Physics Guru
• CoT Emeritus
• LV13 Extreme Addict (Next: 9001)
• Posts: 5673
• Rating: +613/-9
• Would you kindly?
##### Re: YASS (Yet Another Security Suite)
« Reply #29 on: December 21, 2010, 01:39:48 pm »
I don't know of a way to include compiled assembly directly into an Axe program, but an Axe program could be writen to *generate* the hex you need from the program you want to convert.  So it would take your compiled program and generate an Axe program which you could then compile into an App