Jump to content
Double Fine Action Forums


DFA Backers
  • Content Count

  • Joined

  • Last visited

About jsgf

  • Rank
    Double Action Newbie
  1. Oh, I was also thinking an Advanced Bulwark shell could provide an area shielding effect for nearby enemies, like the Caberjack ability. That would raise the stakes of allowing a Bulwark to shell up.
  2. (Cradles) It would be interesting if the burrowed then remained underground for a turn or two, moving about... Well, a Seed is pretty much that; if a Cradle drops a Seed near a cloaked Hunter, then it can either directly reveal it, or at least prevent it from uncloaking and then moving cloaked. But in practice it doesn't seem like that much of a problem. But if a Seed did (some) AOE damage on death... I'm not quite sure how a moving cloaked works. I know that a Hunter can't *become* cloaked if an enemy has it in view, but can it *remain* cloaked if an enemy is nearby (ie, could see it if it weren't cloaked)?
  3. I'm finding Bulwarks very bi-modal. Early in the game, they're really tough, because no one hit can kill them, so it always takes multiple turns to take them down. I've often been wiped by a 6 bulwark level with a squad of level 1-3 3 x Hunter + 1 x Caberjack + 1 x Alchemist. But later in the game, they're almost trivial. Once a Hunter with followup can kill them in one attack, they become a non-problem. And later still I had level 7+ hunters relics that can kill advanced Bulwarks in one 100+ HP hit. I was also thinking about Brad's comment that "Hunters have no natural enemy", and the relative uselessness of early game Caberjacks and Alchemists. Here's a mix-and-match set of ideas: 1. Basic Bulwarks only shell up if they're hit with ranged weapons, but don't with melee attacks; it would also happen on the first hit, so a followup is much less effective. This means that Hunters become less effective against them, and it makes it worth bringing a Caberjack up to kill them. However, the Caberjacks are vulnerable to the Bulwark's piercing attack when they're bunched around. 2. Advanced Bulwarks would have two levels of shell: 1 for any hit (same level of shielding as a basic Bulwark), and a second level of shield for ranged attacks. Not quite sure what the second shield would do, but it would be interesting if it made them resistant to stunning, so they're less vulnerable to "ranged attack, stun" pair. 3. Alchemists get a researchable potion to throw which dissolves the Bulwark shell. This means that an Alchemist can actively contribute to a Bulwark fight. A second tier potion would dissolve an advance Bulwark's shell. I think this would have the combined effect of making Hunters less effective against Bulwarks, while making Caberjacks and Alchemists more useful. Of course, this is a very point thing around Bulwarks; I'm not sure how much of this would apply to other Cadence enemies.
  4. Identical crash here. 64-bit Fedora 20 system. Worked fine last night, so it seems it was the little update today.
  5. Would you believe I was forgetting to specify -d?
  6. I'm assuming 1.0 simply because that's what the actual site is. As an aside, has anyone carefully compared the http and https versions of the site...?
  7. Right, that's the TLS 1.2 RFC. However, I believe RFC 3268 covers using TLS_RSA_WITH_AES_256_CBC_SHA with TLS 1.0, which basically just replaces IDEA/DES with AES and leaves the key generation itself unchanged. I'm hacking up a python TLS implementation I found: https://github.com/bjornedstrom/toytls (low levels of confidence in its actual correctness). This is the first time I've dug into the guts of TLS, so its a nice little learning experience. Also, I note we're overlooking "... [computing verify_data:Tcz7sewhNdF70Xmd]". Not sure if this is useful. Edit: actual code: import toytls.tls import cStringIO clientrandom = open('../client-random.bin').read() serverrandom = open('../server-random.bin').read() premaster = open('../premaster.bin').read() m = toytls.hash.PRF(premaster, 'master secret', clientrandom + serverrandom, 48) # aes-256-cbc-sha - 20 byte MAC, 32 byte key, 16 byte IV (block) material = cStringIO.StringIO(toytls.hash.PRF(m, 'key expansion', serverrandom + clientrandom, 20*2 + 32*2 + 16*2)) print('cmac: ' + material.read(20).encode('hex')) print('smac: ' + material.read(20).encode('hex')) print('ckey: ' + material.read(32).encode('hex')) print('skey: ' + material.read(32).encode('hex')) print('civ: ' + material.read(16).encode('hex')) print('siv: ' + material.read(16).encode('hex'))
  8. Isn't that only for TLS > 1.0? And there's a second 'key expansion' PRF to derive the actual mac/key/iv material? Using the TLS 1.0 PRF (md5 + sha1) I'm getting: cmac: 398e7548bd39cde1f4ebd862a37f3688230d9536 smac: cf9f5dc2799c50cf3df019adaa1c303ef754705e ckey: f6f1534ed93084efe97a1428ec1af9f61fd8e6158aa8f6136ddfa8e6f27ea8ac skey: c53bacff1cd31e3e70ed83d9506c9f9e6a9f35689499c25fa1f8bd896770e0ba civ: 21329ea59191682cc3562c52315550c9 siv: 600470c838b93c56f1d6c62b66ef1caa which isn't producing anything useful, so I'll see if SHA256 does any better.
  9. Sure, but I'm offering 1.2 but it falls back to 1.0. According to https://www.ssllabs.com/ssltest/analyze.html?d=hacknslashthegame.com it only supports SSLv3 and TLS 1.0. It has a bunch of cipher suites though; I'm getting DHE for key exchange, but the press release is RSA.
  10. Other data, just for the record: random1: c489771d6ba93ddb2fc18f785d5dd41ed5b4e1a13fc13e17f29ec599d4b15b9c random2: 529dbe466cf16b8085cb03297c0302067ef02476a2067c041ac9563eae106934 premaster: 030295d149b1900fe25d9e18e0d0e7d0fd49bbf9ba18d2f5d0547b3ee25a7bff371a1cb7128fbaa83889c10b0dce3c81 [code] random1 and 2 are 32 bytes or 256 bits, so the right size for aes-256. premaster is 48 bytes which suggests its several things packed together. Still picking through the RFC to work out what to do with these (ie, get an aes-256-cbc key and IV) to attack the two payload chunks.
  11. RFC 2246 or 5246 depending on which version of TLS it is. Looks like its TLS 1.0: $ openssl s_client -msg -pause -debug -connect hacknslashthegame.com:443 [...] <<< TLS 1.0 Handshake [length 0004], ServerHelloDone 0e 00 00 00 >>> TLS 1.0 Handshake [length 0086], ClientKeyExchange [...]
  12. Unpacking the exe with upx makes it work under wine: $ upx -d crackme.exe $ wine crackme.exe fixme:heap:HeapSetInformation (nil) 1 (nil) 0 fixme:volume:GetVolumePathNameA ("C:\\windows", 0x32f844, 260), stub! fixme:volume:GetVolumePathNameW (L"C:\\windows", 0x12a010, 260), stub! YOUR INCANTATION:
  13. OK! I have it working now, with reasonably good performance when I turn off most of the graphics bling (not great, but definitely playable). I eventually worked out that my experiments with different versions of Mesa were pointless because Cave is a 32-bit binary and I'd built 64-bit... Now that I have a 32-bit build of mesa-9.1-rc2 with floating point texture formats enabled (which I think is the default, but I enabled them explicitly), it all works nicely. What's more, all the Amnesia Fortnight prototypes work under Wine as well!
  14. You're right, I have this set: in my ~/.drirc.
  15. You clearly need libtxc_dxtn. There's no S3TC support without it. No, not true, if the hardware supports it then you generally don't need software support. However, I installed libtxc_dxtn but it made no difference.
  • Create New...