The place to discuss the ADRIFT Interactive Fiction toolkit

ADRIFT Cracked

This forum is the place to discuss the older ADRIFT versions 3.9 and 4.0.

Please refer to the ADRIFT 4 Manual for more information.

Postby davidw » Mon Dec 06, 2004 12:12 pm

Cannibal wrote:That's an insult to people who are mentally retarded. This guy/child is just stupid.

Good point.
User avatar
Posts: 5119
Joined: Sun Jun 23, 2002 6:27 pm
Location: Hereabouts

Postby Prof. Phlopasaurus Jank » Mon Dec 06, 2004 4:37 pm

I am a computer GURU of sorts and the first thing I want to say is if this "it" is as knowledgable as "it" claims, s/he would never have posted anything of any kind claiming responsibility. Any real code junkie knows that there is no such thing as complete security. No matter what measures you put up, someone can get through your security. Thus, the smart thing to do would be to shut your mouth and never say anything. This "it" is obviously not very smart. Even if they did do it, I doubt they will be doing it for very long, because if they keep up the current pattern of "kiss and tell", some one will find them and arrest them for the illegal actions they commit. End Of Story.
Knowledge is power. Don't let anyone tell you different... And besides that it's just frickn' awsome!
User avatar
Prof. Phlopasaurus Jank
Posts: 17
Joined: Fri Nov 12, 2004 7:46 pm

Postby DuoDave » Mon Dec 06, 2004 5:35 pm

BTW someone supplied me with the password I used on that game, and luckily its not one I use anywhere else.
User avatar
Posts: 1137
Joined: Mon Jun 24, 2002 1:37 am
Location: Melbourne, Florida

Postby Cannibal » Mon Dec 06, 2004 5:48 pm

NickyDude wrote:I sense a flame coming on :C

Not at all - just harmless banter :)
The Plague (Redux), The Woods Are Dark, The Night That Dripped Blood
User avatar
Posts: 1752
Joined: Sun Jun 30, 2002 8:10 pm
Location: England
Points: 10

Postby TedSwippet » Mon Dec 06, 2004 6:25 pm

Adrift game passwords are held in plain text in the TAF file. The TAF file is then obfuscated in the case of Adrift 3.9, or both compressed and then obfuscated in the case of Adrift 4.0. However, in both cases, it's relatively easy to recover the plain text game password from the TAF file. I stumbled across a way to do this more or less by accident when working on SCARE.

As Adrift uses just the one TAF file format for both Generator and Runner (unlike Inform, TADS, Hugo and so on which differentiate game source code from runnable games), it's hard for Adrift to apply much security. After all, Runner must be able to open a game without the user having the game's password. This kind of forces Adrift's passwording/security to be fairly weak.

The main problem with Adrift, though, is the way it stores the plain text password (after only mild obfuscation) in the TAF file. This makes it easily readable on deobfuscating the TAF file -- I have a three-line program that does this. An easy fix would be for Generator to store not the plain text password, but rather the result of running the password text through a one-way encryption function. There's no easy way to recover an input password from one-way encryption output.

As things stand, though, please treat Adrift game passwords as though they're going to be openly viewable. And in particular, don't use passwords you've used before for things that matter. And if you have, it's perhaps wise to change the passwords on those other things as soon as possible.
Posts: 314
Joined: Sat Sep 07, 2002 12:34 am

Postby ralphmerridew » Mon Dec 06, 2004 9:05 pm

What really makes the ADRIFT passwording scheme difficult is that the file has to be playable in Runner even if the player doesn't have the password.
Bloodhounds can make you laugh and cuss in the same breath. They are endearing, faithful, and can sling drool ten feet in any direction. -- Virginia Lanier
User avatar
Posts: 2591
Joined: Fri Dec 13, 2002 11:56 pm
Location: Missouri
Points: 10


Return to ADRIFT 3.9 and 4.0

Who is online

Users browsing this forum: No registered users and 25 guests