Page 2 of 3 FirstFirst 123 LastLast
Results 26 to 50 of 64

Thread: Script Scanner (Scans for malicious scripts)

  1. #26
    Join Date
    Jun 2013
    Posts
    15
    Mentioned
    0 Post(s)
    Quoted
    8 Post(s)

    Default

    THanks for this, lets me rest easy. I scan all scripts I download now!

  2. #27
    Join Date
    Feb 2006
    Location
    Helsinki, Finland
    Posts
    1,395
    Mentioned
    30 Post(s)
    Quoted
    107 Post(s)

    Default

    Hey Officer!

    I got this script to pick up A LOT less false positives using some brave new tricks.
    Also, FindEx() now detects overlapping strings correctly.

    Attached "unofficial" version 1.31 - so, give it a try!

    Of course there is still many ways how this script could be improved even more, but everything in time...

    Sure hope you'll like how well this unofficial version works now!

    BTW, that FindEx function is pretty badass now (well, compared to the last version!), here is a little example from String Handling Commands topic (I named it as "Find" there):

    Code:
    const
      TEXT = 'TestesTESTTestest test testest1 2testest test3 TEST Test Test.' + #13#10 + 'TEST!' + #13#10 + 'TeSt';
      FIND_STR = 'test';
    
    {==============================================================================]
      Explanation: Important types for Find() function! Contains the string matching methods.
    [==============================================================================}
    type
      TMatchMethod = (mmAll, mmIgnoreCase, mmOverlap, mmWholeWords, mmStrictWW);
      TMatchMethods = set of TMatchMethod;
    
    var
      methods: array of TMatchMethods;
    
    procedure SetupMethods;
    begin
      SetLength(methods, 6);
      methods[0] := [];
      methods[1] := [mmIgnoreCase];
      methods[2] := [mmIgnoreCase, mmAll];
      methods[3] := [mmIgnoreCase, mmAll, mmOverlap];
      methods[4] := [mmIgnoreCase, mmAll, mmOverlap, mmWholeWords];
      methods[5] := [mmIgnoreCase, mmAll, mmOverlap, mmWholeWords, mmStrictWW];
    end;
    
    {==============================================================================]
      Explanation: Returns all the positions of found/matching strings (findStr) in text.
                   Uses a set of TMatchMethod (methods) for string matching.
                   Contains field for offset.
    [==============================================================================}
    function Find(text, findStr: string; methods: TMatchMethods; offset: Integer): TIntegerArray;
    var
      sb, sa: string;
      r, l, f, o, p, d, x, y, abL, abR, abX, abP, spA, spB, spH, spL, spI, spR, spD: Integer;
      re: TRegExp;
      ma, mb, a, s, ol: Boolean;
      c: TIntegerArray;
      t: T2DIntegerArray;
    begin
      l := Length(text);
      f := Length(findStr);
      if ((l > 0) and (f > 0) and (offset <= (l - f))) then
      begin
        if (offset < 1) then
          offset := 1;
        SetLength(Result, l);
        re := TRegExp.Create;
        re.InputString := text;
        re.Expression := findStr;
        if (mmIgnoreCase in methods) then
          re.ModifierI := True;
        a := (mmAll in methods);
        case a of
          False: re.ModifierG := True;
          True: re.ModifierG := False;
        end;
        re.ModifierM := True;
        ol := (mmOverlap in methods);
        if not ol then
          o := (Length(findStr) - 1);
        Inc(o);
        p := Offset;
        if re.ExecPos(p) then
        repeat
          if (re.Match[0] <> '') then
          begin
            Result[r] := re.MatchPos[0];
            p := (Result[r] + o);
            Inc(r);
          end;
        until not re.ExecPos(p);
        re.Free;
        SetLength(Result, r);
        if ((r > 0) and (mmWholeWords in methods)) then
        begin
          s := (mmStrictWW in methods);
          if not s then
            c := [65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, // A-Z
                  97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, // a-z
                  48, 49, 50, 51, 52, 53, 54, 55, 56, 57]; // 0-9
          case ol of
            True:
            begin
              spH := High(Result);
              if (spH > -1) then
              begin
                SetLength(t, (spH + 1));
                t[0] := [Integer(Result[0])];
                if (spH > 0) then
                begin
                  spR := 1;
                  for spI := 1 to spH do
                  begin
                    for spA := 0 to (spR - 1) do
                    begin
                      spL := Length(t[spA]);
                      for spB := 0 to (spL - 1) do
                      begin
                        spD := IAbs(Result[spI] - t[spA][spB]);
                        if (spD <= f) then
                        begin
                          SetLength(t[spA], (spL + 1));
                          t[spA][spL] := Integer(Result[spI]);
                          Break;
                        end;
                      end;
                      if (spB < spL) then
                        Break;
                    end;
                    if (spA >= spR) then
                    begin
                      t[spR] := [Integer(Result[spI])];
                      Inc(spR);
                    end;
                  end;
                end;
                SetLength(t, spR);
                spH := High(t);
                for spI := spH downto 0 do
                begin
                  spB := Low(t[spI]);
                  spA := High(t[spI]);
                  abX := 1;
                  abP := t[spI][spB];
                  abL := Length(text);
                  case ((abL > 0) and (abP > 1)) of
                    True:
                    begin
                      if ((abP - abX) < 1) then
                        abX := ((abP - abX) + (abX - 1));
                      if (abP > (abL + 1)) then
                      begin
                        abR := ((abP - abL) - 1);
                        abX := (abX - abR);
                      end;
                      sb := Copy(text, ((abP - abX) - abR), abX);
                    end;
                    False: sb := '';
                  end;
                  abX := 1;
                  abP := (t[spI][spA] + f);
                  abL := Length(text);
                  case ((abL > 0) and (abP <= abL)) of
                    True:
                    begin
                      if (abP < 1) then
                      begin
                        abX := (abX - iAbs(abP - 1));
                        abP := 1;
                      end;
                      if ((abX > 0) and ((abP + abX) > abL)) then
                        abX := (abX - (((abP + abX) - abL) - 1));
                      sa := Copy(text, abP, abX);
                    end;
                    False: sa := '';
                  end;
                  case s of
                    True:
                    begin
                      mb := ((sb = ' ') or (sb = '') or (sb = #13#10) or (sb = #13) or (sb = #10));
                      ma := ((sa = ' ') or (sa = '') or (sa = #13#10) or (sa = #13) or (sa = #10));
                    end;
                    False:
                    begin
                      mb := ((sb = '') or not InIntArray(c, Ord(sb[1])));
                      ma := ((sa = '') or not InIntArray(c, Ord(sa[1])));
                    end;
                  end;
                  if not (mb and ma) then
                  begin
                    for spD := spI to (spH - 1) do
                      t[spD] := t[(spD + 1)];
                    SetLength(t, spH);
                    Dec(spH);
                  end;
                end;
                spH := High(t);
                if (spH > -1) then
                begin
                  for spI := 0 to spH do
                    IncEx(spR, (High(t[spI]) + 1));
                  SetLength(Result, spR);
                  spR := 0;
                  for spI := 0 to spH do
                  begin
                    spL := High(t[spI]);
                    for spA := 0 to spL do
                    begin
                      Result[spR] := Integer(t[spI][spA]);
                      Inc(spR);
                    end;
                  end;
                  SetLength(Result, spR);
                end else
                  SetLength(Result, 0);
              end else
                r := 0;
            end;
            False:
            begin
              for x := (r - 1) downto 0 do
              begin
                abX := 1;
                abP := Result[x];
                abL := Length(text);
                case ((abL > 0) and (abP > 1)) of
                  True:
                  begin
                    if ((abP - abX) < 1) then
                      abX := ((abP - abX) + (abX - 1));
                    if (abP > (abL + 1)) then
                    begin
                      abR := ((abP - abL) - 1);
                      abX := (abX - abR);
                    end;
                    sb := Copy(text, ((abP - abX) - abR), abX);
                  end;
                  False: sb := '';
                end;
                abX := 1;
                abP := (Result[x] + f);
                abL := Length(text);
                case ((abL > 0) and (abP <= abL)) of
                  True:
                  begin
                    if (abP < 1) then
                    begin
                      abX := (abX - iAbs(abP - 1));
                      abP := 1;
                    end;
                    if ((abX > 0) and ((abP + abX) > abL)) then
                      abX := (abX - (((abP + abX) - abL) - 1));
                    sa := Copy(text, abP, abX);
                  end;
                  False: sa := '';
                end;
                case s of
                  True:
                  begin
                    mb := ((sb = ' ') or (sb = '') or (sb = #13#10) or (sb = #13) or (sb = #10));
                    ma := ((sa = ' ') or (sa = '') or (sa = #13#10) or (sa = #13) or (sa = #10));
                  end;
                  False:
                  begin
                    mb := ((sb = '') or not InIntArray(c, Ord(sb[1])));
                    ma := ((sa = '') or not InIntArray(c, Ord(sa[1])));
                  end;
                end;
                if not (mb and ma) then
                begin
                  y := (r - 1);
                  for d := x to (y - 1) do
                    Result[d] := Result[(d + 1)];
                  SetLength(Result, y);
                  Dec(r);
                end;
              end;
            end;
          end;
        end;
        if (not a and (r > 0)) then
          SetLength(Result, 1);
      end else
        SetLength(Result, 0);
    end;
    
    var
      h, i: Integer;
    
    begin
      ClearDebug;
      SetupMethods;
      h := High(methods);
      for i := 0 to h do
        WriteLn('Matching positions of FIND_STR found in TEXT using methods[' + IntToStr(i) + ']: ' + ToStr(Find(TEXT, FIND_STR, methods[i], 1)));
    end.
    Must say, I am very happy with the outcome.
    ..although, it is still not even nearly as good as the SCAR Divi version, but it does work pretty damn well anyways!

    -Jani
    Attached Files Attached Files
    Last edited by Janilabo; 06-04-2013 at 12:36 PM.

  3. #28
    Join Date
    Sep 2010
    Posts
    5,762
    Mentioned
    136 Post(s)
    Quoted
    2739 Post(s)

    Default

    @Janilabo on vacation won't be able to update until Sunday

  4. #29
    Join Date
    Feb 2006
    Location
    Helsinki, Finland
    Posts
    1,395
    Mentioned
    30 Post(s)
    Quoted
    107 Post(s)

    Default

    Yeah don't worry buddy! Enjoy the holidays.

    Sidenote: I scanned that @Flight's "Monkfishies" script using this unofficial version 1.31, the results are below..

    V1.15_B:
    Code:
    =========Looking for HTTP threats=========
    Found attempt to OpenWebpage [Risk level: MEDIUM]
    =========Looking for Abnormal code =========
    The variable "Pin" is used more then once [Risk level: MEDIUM]
    ===========================================
    =========Looking for bad code =========
    =======================================
    ==================Scan Results===================
    HTTP threats: 0
    Web threats: 1
    Fishy code: 1
    Bad code: 0
    Overall threats: 2
    Over Script Risk: High
    Thank you for using, always visit thread for updates
    Successfully executed.
    V1.5:
    Code:
    =========Looking for HTTP threats=========
    Found attempt to OpenWebpage [Risk level: MEDIUM]
    =========Looking for Abnormal code =========
    The variable "Pass" is used more then once [Risk level: MEDIUM]
    The variable "Pin" is used more then once [Risk level: MEDIUM]
    ===========================================
    =========Looking for bad code =========
    =======================================
    ==================Scan Results===================
    HTTP threats: 0
    Web threats: 1
    Fishy code: 2
    Bad code: 0
    Overall threats: 3
    Over Script Risk: High
    Thank you for using, always visit thread for updates
    Successfully executed.
    Looks like it's not at least picking up any "adult content attempts" anymore..

  5. #30
    Join Date
    Apr 2013
    Location
    England
    Posts
    223
    Mentioned
    2 Post(s)
    Quoted
    106 Post(s)

    Default

    scanned my fighter with Janilabo's unofficial 1.31 and got this

    Code:
    =========Looking for HTTP threats=========
    =========Looking for Abnormal code =========
    The variable "Name" is used more then once [Risk level: MEDIUM]
    The variable "Pass" is used more then once [Risk level: MEDIUM]
    ===========================================
    =========Looking for bad code =========
    =======================================
    ==================Scan Results===================
    HTTP threats: 0
    Web threats: 0
    Fishy code: 2
    Bad code: 0
    Overall threats: 2
    Over Script Risk: Low
    Thank you for using, always visit thread for updates
    Successfully executed.
    looking nice guys

  6. #31
    Join Date
    Sep 2010
    Posts
    5,762
    Mentioned
    136 Post(s)
    Quoted
    2739 Post(s)

    Default

    When I get back ill merge Jan's with my unreleased one at home that has a cleaner form and a couple more options

  7. #32
    Join Date
    Aug 2007
    Location
    Colorado
    Posts
    7,421
    Mentioned
    268 Post(s)
    Quoted
    1442 Post(s)

    Default

    Quote Originally Posted by Janilabo View Post
    Looks like it's not at least picking up any "adult content attempts" anymore..
    Yeah I removed the part in my script that opens up runescapexxx.com; people started complaining about the excessive pixel nudity and all ya know...

    Current projects:
    [ AeroGuardians (GotR minigame), Motherlode Miner, Blast furnace ]

    "I won't fall in your gravity. Open your eyes,
    you're the Earth and I'm the sky..."


  8. #33
    Join Date
    Sep 2012
    Location
    Here.
    Posts
    2,007
    Mentioned
    88 Post(s)
    Quoted
    1014 Post(s)

    Default

    Quote Originally Posted by Flight View Post
    Yeah I removed the part in my script that opens up runescapexxx.com; people started complaining about the excessive pixel nudity and all ya know...
    I see a tan colored pixel! That's obviously a nipple! or a finger... Either way, I'm offended!

  9. #34
    Join Date
    Feb 2006
    Location
    Helsinki, Finland
    Posts
    1,395
    Mentioned
    30 Post(s)
    Quoted
    107 Post(s)

    Default

    EDIT: Damn tag system, UGH! Added attachment to script and its available @pastebin aswell.

    @Officer Barbrady
    I have been working for comment filtering, I got it working pretty smoothly.

    With it we will be able to ignore false positives that are inside comments or strings (things that shouldn't be picked up)

    Take a look at it guys.
    Run it to see those effects, the results are printed to debug box (str before and after)..
    NOTE: Those *13*10's (*=#) in str are new lines - just like scripts have em running "behind the scenes".

    -Jani
    Attached Files Attached Files
    Last edited by Janilabo; 06-06-2013 at 09:51 AM. Reason: Tweaking - ClipBoard support added (for custom scripts)!

  10. #35
    Join Date
    Nov 2008
    Location
    Norway, Alesund
    Posts
    924
    Mentioned
    0 Post(s)
    Quoted
    37 Post(s)

    Default

    typo: Over Script Risk:Meduim

    I'm sure I have made sth like that few years ago with VB6

  11. #36
    Join Date
    Feb 2006
    Location
    Helsinki, Finland
    Posts
    1,395
    Mentioned
    30 Post(s)
    Quoted
    107 Post(s)

    Default

    Quote Originally Posted by Laimonas171 View Post
    typo: Over Script Risk:Meduim

    I'm sure I have made sth like that few years ago with VB6
    Check out this unofficial version, that OB will be merging soon together with hes official version, it has typos fixed aswell.
    (Script is attached to that post, "v1.31")

    As a sidenote, I added in a lot better example for that comment and/or string filtering script. It also supports now custom scripts, via ClipBoard data (this way you can see exactly what it filters out from the scripts)

  12. #37
    Join Date
    Nov 2008
    Location
    Norway, Alesund
    Posts
    924
    Mentioned
    0 Post(s)
    Quoted
    37 Post(s)

    Default

    Quote Originally Posted by Janilabo View Post
    Check out this unofficial version (that OB will be merging soon together with hes official version, it has typos fixed aswell.

    As a sidenote, I added in a lot better example for that comment and/or string filtering script. It also supports now custom scripts, via ClipBoard data (this way you can see exactly what it filters out from the scripts)
    very nice, man!

    edit: ^Comma can make difference.

  13. #38
    Join Date
    Sep 2010
    Posts
    5,762
    Mentioned
    136 Post(s)
    Quoted
    2739 Post(s)

    Default

    Quote Originally Posted by Janilabo View Post
    Check out this unofficial version, that OB will be merging soon together with hes official version, it has typos fixed aswell.
    (Script is attached to that post, "v1.31")

    As a sidenote, I added in a lot better example for that comment and/or string filtering script. It also supports now custom scripts, via ClipBoard data (this way you can see exactly what it filters out from the scripts)
    Ill be getting home Sunday and will merge Monday

  14. #39
    Join Date
    Feb 2006
    Location
    Helsinki, Finland
    Posts
    1,395
    Mentioned
    30 Post(s)
    Quoted
    107 Post(s)

    Default

    Quote Originally Posted by Officer Barbrady View Post
    Ill be getting home Sunday and will merge Monday
    Alright.

    I have got a surprise for you - I planted in the new comment and string filtering options!
    These options, by this filtering feature, decreases the amount of false positives greatly.

    EDIT2: 1.34...
    EDIT: Added in "1.33", removed functions that weren't needed anymore (the new comment filtering feature made em useless)
    Attached unofficial script version "1.32" to this post!
    I think you might want to merge the new form features (and other things) to this version instead, because 1.31 had buggy comment filtering AND string filtering didn't even exist.

    If you are worried about string filtering, you don't need to worry, because it doesn't filter out any variables, constants or types, only the stuff inside the string markers.

    ..and small example:
    Code:
    WriteLn('*STUFF INSIDE HERE WILL GET FILTERED*'*STUFF OUTSIDE HERE WONT*);
    Also, I used the original script text for OpenWebPage() scan part - that means, it still catches those sneaky naughty adult content pages!
    Other parts are based on filtered script text.

    You can obviously disable both of the filters when/if you want.

    For example, scans for @EngageTheRage's smexy Fighter v1.4 script:

    WITHOUT comment filtering:
    Code:
    ============Looking for HTTP threats=============
    =================================================
    
    ============Looking for Abnormal code============
    The variable "Name" is used more then once [Risk level: MEDIUM]
    The variable "Pass" is used more then once [Risk level: MEDIUM]
    =================================================
    
    ==============Looking for bad code===============
    =================================================
    
    ==================Scan Results===================
    HTTP threats: 0
    Web threats: 0
    Fishy code: 2
    Bad code: 0
    Overall threats: 2
    Over Script Risk: Low
    Thank you for using, always visit thread for updates
    =================================================
    ..and then WITH comment filtering:

    Code:
    ============Looking for HTTP threats=============
    =================================================
    
    ============Looking for Abnormal code============
    =================================================
    
    ==============Looking for bad code===============
    =================================================
    
    ==================Scan Results===================
    HTTP threats: 0
    Web threats: 0
    Fishy code: 0
    Bad code: 0
    Overall threats: 0
    Over Script Risk: None
    Thank you for using, always visit thread for updates
    =================================================
    Scan for Scanner itself below (comment and string filtering enabled)...

    Code:
    ============Looking for HTTP threats=============
    Found attempt to OpenWebpage [Risk level: MEDIUM]
    =================================================
    
    ============Looking for Abnormal code============
    The variable "Name" is used more then once [Risk level: MEDIUM]
    =================================================
    
    ==============Looking for bad code===============
    Found no randomness in script [Risk level: MEDIUM], potential ban.
    =================================================
    
    ==================Scan Results===================
    HTTP threats: 0
    Web threats: 1
    Fishy code: 1
    Bad code: 1
    Overall threats: 3
    Over Script Risk: High
    Thank you for using, always visit thread for updates
    =================================================
    Regards,
    -Jani
    Attached Files Attached Files
    Last edited by Janilabo; 06-06-2013 at 04:54 PM. Reason: Added "1.34" fixed typo.

  15. #40
    Join Date
    Sep 2010
    Posts
    5,762
    Mentioned
    136 Post(s)
    Quoted
    2739 Post(s)

    Default

    Quote Originally Posted by Janilabo View Post
    Alright.

    I have got a surprise for you - I planted in the new comment and string filtering options!
    These options, by this filtering feature, decreases the amount of false positives greatly.

    EDIT2: 1.34...
    EDIT: Added in "1.33", removed functions that weren't needed anymore (the new comment filtering feature made em useless)
    Attached unofficial script version "1.32" to this post!
    I think you might want to merge the new form features (and other things) to this version instead, because 1.31 had buggy comment filtering AND string filtering didn't even exist.

    If you are worried about string filtering, you don't need to worry, because it doesn't filter out any variables, constants or types, only the stuff inside the string markers.

    ..and small example:
    Code:
    WriteLn('*STUFF INSIDE HERE WILL GET FILTERED*'*STUFF OUTSIDE HERE WONT*);
    Also, I used the original script text for OpenWebPage() scan part - that means, it still catches those sneaky naughty adult content pages!
    Other parts are based on filtered script text.

    You can obviously disable both of the filters when/if you want.

    For example, scans for @EngageTheRage's smexy Fighter v1.4 script:

    WITHOUT comment filtering:
    Code:
    ============Looking for HTTP threats=============
    =================================================
    
    ============Looking for Abnormal code============
    The variable "Name" is used more then once [Risk level: MEDIUM]
    The variable "Pass" is used more then once [Risk level: MEDIUM]
    =================================================
    
    ==============Looking for bad code===============
    =================================================
    
    ==================Scan Results===================
    HTTP threats: 0
    Web threats: 0
    Fishy code: 2
    Bad code: 0
    Overall threats: 2
    Over Script Risk: Low
    Thank you for using, always visit thread for updates
    =================================================
    ..and then WITH comment filtering:

    Code:
    ============Looking for HTTP threats=============
    =================================================
    
    ============Looking for Abnormal code============
    =================================================
    
    ==============Looking for bad code===============
    =================================================
    
    ==================Scan Results===================
    HTTP threats: 0
    Web threats: 0
    Fishy code: 0
    Bad code: 0
    Overall threats: 0
    Over Script Risk: None
    Thank you for using, always visit thread for updates
    =================================================
    Scan for Scanner itself below (comment and string filtering enabled)...

    Code:
    ============Looking for HTTP threats=============
    Found attempt to OpenWebpage [Risk level: MEDIUM]
    =================================================
    
    ============Looking for Abnormal code============
    The variable "Name" is used more then once [Risk level: MEDIUM]
    =================================================
    
    ==============Looking for bad code===============
    Found no randomness in script [Risk level: MEDIUM], potential ban.
    =================================================
    
    ==================Scan Results===================
    HTTP threats: 0
    Web threats: 1
    Fishy code: 1
    Bad code: 1
    Overall threats: 3
    Over Script Risk: High
    Thank you for using, always visit thread for updates
    =================================================
    Regards,
    -Jani
    On wow that's nice I wish I could view them lol

  16. #41
    Join Date
    Feb 2006
    Location
    Helsinki, Finland
    Posts
    1,395
    Mentioned
    30 Post(s)
    Quoted
    107 Post(s)

    Default

    Quote Originally Posted by Officer Barbrady View Post
    On wow that's nice I wish I could view them lol
    If you want to view the source codes of em online, then here is links to pastebin:

    Version 1.31

    Version 1.32

    Version 1.33

    Version 1.34

    -Jani

  17. #42
    Join Date
    Sep 2010
    Posts
    5,762
    Mentioned
    136 Post(s)
    Quoted
    2739 Post(s)

    Default

    I'm gong to try to add a little debug box and text on the form, but m not sure how to do that just yet

  18. #43
    Join Date
    Feb 2006
    Location
    Helsinki, Finland
    Posts
    1,395
    Mentioned
    30 Post(s)
    Quoted
    107 Post(s)

    Default

    Quote Originally Posted by Officer Barbrady View Post
    I'm gong to try to add a little debug box and text on the form, but m not sure how to do that just yet
    Take a look at this awesome forms tutorial by @Daniel (it's .PDF, so you might be able to read it with your mobile phone/tablet - at least I can read it with my Samsung Galaxy S [Android]): Simba Forms Tutorial

    You may want to look at page 29 in it, where it contains information about TMemo's (multi-line textbox)!
    ..although, I recommend you'll read it fully through, at least if you are interested of GUI development now and in the future.

    It's very nice source of information for GUI stuff.

    I know you can't do any scripting for a few days, but sometimes even reading these things can help a lot - at least you'll learn some new tricks AND you might get some great ideas for what to do when you get back home.

    P.S. When you get back home, you could try out this great utility by @CynicRus: Form Designer for Simba (this will be built-in to Simba v1.0!)
    You may find it helpful aswell.

  19. #44
    Join Date
    Sep 2010
    Posts
    5,762
    Mentioned
    136 Post(s)
    Quoted
    2739 Post(s)

    Default

    Quote Originally Posted by Janilabo View Post
    Take a look at this awesome forms tutorial by @Daniel (it's .PDF, so you might be able to read it with your mobile phone/tablet - at least I can read it with my Samsung Galaxy S [Android]): Simba Forms Tutorial

    You may want to look at page 29 in it, where it contains information about TMemo's (multi-line textbox)!
    ..although, I recommend you'll read it fully through, at least if you are interested of GUI development now and in the future.

    It's very nice source of information for GUI stuff.

    I know you can't do any scripting for a few days, but sometimes even reading these things can help a lot - at least you'll learn some new tricks AND you might get some great ideas for what to do when you get back home.

    P.S. When you get back home, you could try out this great utility by @CynicRus: Form Designer for Simba (this will be built-in to Simba v1.0!)
    You may find it helpful aswell.
    Yea I use the form designer for a base then I compact it myself, I doubt this iPad can read PDFs (I know my crappy android reader the it was 2 years old with 150mv of rs, can) but ill try

  20. #45
    Join Date
    Feb 2006
    Location
    Helsinki, Finland
    Posts
    1,395
    Mentioned
    30 Post(s)
    Quoted
    107 Post(s)

    Default

    Quote Originally Posted by Officer Barbrady View Post
    Yea I use the form designer for a base then I compact it myself, I doubt this iPad can read PDFs (I know my crappy android reader the it was 2 years old with 150mv of rs, can) but ill try
    You should be able to read PDF's with iPad.

    Google search for "iPad + PDF" came up with...
    Adobe Reader for mobile [iPhone/iPad & Android] (FREE): http://www.adobe.com/products/reader-mobile.html

  21. #46
    Join Date
    Sep 2010
    Posts
    5,762
    Mentioned
    136 Post(s)
    Quoted
    2739 Post(s)

    Default

    Quote Originally Posted by Janilabo View Post
    You should be able to read PDF's with iPad.

    Google search for "iPad + PDF" came up with...
    Adobe Reader for mobile [iPhone/iPad & Android] (FREE): http://www.adobe.com/fi/products/reader-mobile.html
    Yea it worked

    I was looking at the ttimer part, and people told me I couldn't do this, but it looks like I could use a ttimer to execute a procedure every 1000 ms if I wanted it too, couldn't this be used as bootleg muiltithreading( I know it could be done with scar) for stuff like progress reports?

  22. #47
    Join Date
    Feb 2006
    Location
    Helsinki, Finland
    Posts
    1,395
    Mentioned
    30 Post(s)
    Quoted
    107 Post(s)

    Default

    Here you go, @Officer Barbrady!

    EDIT: Attached unofficial version 1.36, removed Find() from the script, because it's just like FindEx() without "regex: Boolean" variable part. So, those Find() parts are now based on FindEx() instead. This change doesn't have any effect on the way script works, just cuts out some unneeded lines.
    Unofficial version 1.35 is now attached to this post. Script source code online: @pastebin

    Changelog:
    Code:
    -Small logical fix for Find()
    -Added in FindEx() for smarter (regex-based) string counting
    -Once again, decreased the amount of false positives with several smart tweaks! Mostly with FindEx()
    Scan for the script itself now:

    Code:
    =================Filtered Script=================
    *SNIP*
    =================================================
    
    ============Looking for HTTP threats=============
    Found attempt to OpenWebpage [Risk level: MEDIUM]
    =================================================
    
    ============Looking for Abnormal code============
    =================================================
    
    ==============Looking for bad code===============
    Found no randomness in script [Risk level: MEDIUM], potential ban.
    =================================================
    
    ==================Scan Results===================
    HTTP threats: 0
    Web threats: 1
    Fishy code: 0
    Bad code: 1
    Overall threats: 2
    Over Script Risk: High
    Thank you for using, always visit thread for updates
    =================================================
    I'd say false positives are getting really close to minimal now.
    Attached Files Attached Files
    Last edited by Janilabo; 06-08-2013 at 03:33 PM.

  23. #48
    Join Date
    Sep 2010
    Posts
    5,762
    Mentioned
    136 Post(s)
    Quoted
    2739 Post(s)

    Default

    Very nice, do you mind posting it here in Simba tags? When I view the attachment it overlaps :s

    I might be able to merge it Sunday night

  24. #49
    Join Date
    May 2007
    Location
    England
    Posts
    4,140
    Mentioned
    11 Post(s)
    Quoted
    266 Post(s)

    Default

    Wow, this has seriously progressed in a matter of a few days. Got to say, nice job guys. This should definitely be brought to the attention of the guys who look at no section other than scripts.
    <3

    Quote Originally Posted by Eminem
    I don't care if you're black, white, straight, bisexual, gay, lesbian, short, tall, fat, skinny, rich or poor. If you're nice to me, I'll be nice to you. Simple as that.

  25. #50
    Join Date
    Feb 2006
    Location
    Helsinki, Finland
    Posts
    1,395
    Mentioned
    30 Post(s)
    Quoted
    107 Post(s)

    Default

    Quote Originally Posted by Officer Barbrady View Post
    Very nice, do you mind posting it here in Simba tags? When I view the attachment it overlaps :s

    I might be able to merge it Sunday night
    Source code @pastebin: http://pastebin.com/raw.php?i=mcdPXv9A

    EDIT: Attached unofficial version 1.36, removed Find() from the script, because it's just like FindEx() without "regex: Boolean" variable part. So, those Find() parts are now based on FindEx() instead. This change doesn't have any effect on the way script works, just cuts out some unneeded lines.
    ..and source for v1.36: http://pastebin.com/raw.php?i=81b5UDJN

    By the way! With FindEx()-based counting I got this script to detect some sneaky password stealing attempts, good example below (something that none of the older versions could catch):

    The stealing script example:
    Code:
    // {sc} = SNEAKY COMMENT!
    // (*sc*) = SNEAKY COMMENT!
    
    type // This is here for only this example.
      TPlayer = record
        Name, Pass, Nick: string;
      end;
    
    var
      Players: array[0..0] of TPlayer;
      un, pw: string;
    
    procedure DeclarePlayers;
    begin
      Players[0].Name := 'StealMyGeepeesPlease!';
      Players[0].Pass := 'MySimplePassword1234';
      Players[0].Nick := 'eepees';
    end;
    
    begin
      ClearDebug;
      DeclarePlayers;
      un := PLAYERS {sc}  [ (*sc*)   0 {sc}   ]   (*sc*)   .NAME {sc}; // It will catch this attempt.
      pw := PlAyErs (*sc*)  [ {sc} 0  {sc}  ] {sc} . (*sc*) PaSs (*sc*); // It will catch this attempt.
      WriteLn('USERNAME: "' + un + '"');
      WriteLn('PASSWORD: "' + pw + '"');
    end.
    Scan results for that little example script:

    Code:
    =================Filtered Script=================
    @@@@@@@@@@@@@@@@@@@@@@@@@
    @@@@@@@@@@@@@@@@@@@@@@@@@@@
    
    type @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
      TPlayer = record
        Name, Pass, Nick: string;
      end;
    
    var
      Players: array[0..0] of TPlayer;
      un, pw: string;
    
    procedure DeclarePlayers;
    begin
      Players[0].Name := %%%%%%%%%%%%%%%%%%%%%%%;
      Players[0].Pass := %%%%%%%%%%%%%%%%%%%%%%;
      Players[0].Nick := %%%%%%%%;
    end;
    
    begin
      ClearDebug;
      DeclarePlayers;
      un := PLAYERS @@@@  [ @@@@@@   0 @@@@   ]   @@@@@@   .NAME @@@@; @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
      pw := PlAyErs @@@@@@  [ @@@@ 0  @@@@  ] @@@@ . @@@@@@ PaSs @@@@@@; @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
      WriteLn(%%%%%%%%%%%%% + un + %%%);
      WriteLn(%%%%%%%%%%%%% + pw + %%%);
    end.
    =================================================
    
    ============Looking for HTTP threats=============
    =================================================
    
    ============Looking for Abnormal code============
    The variable "Name" is used more then once [Risk level: MEDIUM]
    The variable "Pass" is used more then once [Risk level: MEDIUM]
    =================================================
    
    ==============Looking for bad code===============
    Found no randomness in script [Risk level: MEDIUM], potential ban.
    =================================================
    
    ==================Scan Results===================
    HTTP threats: 0
    Web threats: 0
    Fishy code: 2
    Bad code: 1
    Overall threats: 3
    Over Script Risk: Medium
    Thank you for using, always visit thread for updates
    =================================================
    Also, notice that the scan doesn't look for only NAME/PASS/PIN anymore, it actually requires that there are those "Players[*]." (*=ID) things attached to em. That means, it wont pick up simple "Pass", "Name" or "Pin" words from script, ONLY if those words are attached to players variable[s] aswell.

    It also ignores the comments and spaces, as you can see with the example I added there, so you really cant fool or cheat it with any sneaky attempts like that!
    I tweaked those HTTP threat scans with similar ways, too.
    Attached Files Attached Files
    Last edited by Janilabo; 06-08-2013 at 03:59 PM. Reason: Added in correct script report

Page 2 of 3 FirstFirst 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •