NEWS

[SR4]How to Hack?

  • 2 Replies
  • 2417 Views

AT-Colt

  • *
  • Newb
  • *
  • Posts: 1
« on: <01-29-16/1324:18> »
Hello everyone,

I recently started to play SR4 with my friends and I opted to be the Hacker (Technomancer, Info Savant, to be more specific). I tried to get the rules, but after I am at their end, I find myself asking a question that would be answered way at the start, then I go again, but the whole process repeats. In short: I think I didn't get all the rules right. Or the interactions between them.

Let me draw to you in broad strokes the situation we are in right now:
A small company will obtain a delivery of superconductors in two days and we are tasked to find out what the company is up to do with it, so retrieving blueprints and stuff. Obtaining actual prototypes to the Johnson gives extra cash.
After I probed the target for an Admin account, its now afternoon (the dice didn't like me) and I will be going into the companies node in our next session. I intend to do the following:

1) Get into the node
2) Copy the schedule of that day to see when the delivery arrives and how the guard duty will be
3) Create a legal Security or Admin account for myself to use in two days, when the run will take place.
4) Obscure my doings such that the access log does not immediatly show the creation of a high security account by an Access ID that triggered an alarm.

Now on to my questions:

1) Not really a question concerning the entering here. But I willl compile either a Rating 6 Courier Sprite with Browse and Decrypt or a Rating 6 Data Sprite with Sniffer and Stealth to assist me.
Now the way I understand it, the Courier Sprite is well hidden due to its Hacking and Stealth, but bad at decrypting an encrypted file due to its lack of the Electronic Warfare Skill.
The Data Sprite on the other hand does not have the Hacking Skill and thus is hidden not as good as the Courier sprite. However, it has Electronic Warfare and can decrypt files.
Is this correct? Agents automatically have some skills at their Rating, while Sprites have the Skills listed with them at their Rating?
Now I thread up my stealth complex form a little and enter the node, giving it an Analyze + Firewall (my Stealth) test to detect the intrusion.

Here is a question now: According to Unwired, the Access Log of the Node will still log my Access ID and my Verification status in (System) Combat Turns. I assume there is a passkey required, which I don't have.
Therefore, the Node will trigger an alarm. Will it also trigger the alarm, when I already logged off before the time limit is up? (So is there a chance to avoid this automatic alarm?)

2) Once on the node, my Sprite or I will Browse for the file, analyze it to see possible data bombs and its encryption status (how did I find that this specific file has the data I want if it is encrypted?!).
After getting rid of the bomb and the encryption, I copy the relevant data on my device. Is this a Transfer Data action, or do I need to edit the file to copy from it? Also, could I just copy the file and worry about decryption and bombing later on my local device?

3) I have admin level access, so a simple Computer + Editing test should be sufficient. Or does the threshold raise to 3 or 4 also with admin privileges? (It does when one wants to hack-create the account with user privileges only.)
As long as this particular account does not show up as being created by a dubious source, or found while performing dubious activities, it should only be recognized as invalid with a security audit.
I think the audit is an Extended Test (Stealth) with a period of 1 day. (I did not find it right now.) So it is likely that the audit is not finished two days from now when the run takes place and the legal account might still be accessible.

4) Ok, so now I would like to erase the most away-giving leads to my activities from the Access Log. Therefore, I search and check this file, after which I edit it. But wait, my doings are not yet listed in there. And once they are, the system sees that I have no passkey and triggers an alarm.
I see two ways to proceed:
a) Endure in the node until the Access Log updated far enough for me to edit my stuff, which will expose me to IC and spiders.
b) Relog with the newly created legit account and edit the Access Log from there. If timed correctly, the spider might not have the change to look into the Access Log before I have edited it and I can write something like "IC went off accidently, needed to edit Access Log to remove the trigger"


Am I missing some obvious holes in my plan? How would you proceed to hack a system prior to the run and leaving you a possibility to operate more easily during the run?

Cheers,

AT-Colt

AwesomenessDog

  • *
  • Chummer
  • **
  • Posts: 151
« Reply #1 on: <01-29-16/2132:00> »
As far as four goes, once you have the capacity/have admin privileges, you have access to the logs, just tell your gm you delete anything with your IP tagged to it. The the only thing you have to worry about is making your admin look legitimately made.

farothel

  • *
  • Prime Runner
  • *****
  • Posts: 3859
« Reply #2 on: <01-30-16/0518:00> »
1) if the run is only in 2 days, I would suggest going in by probing, instead of hacking on the fly.  That way the device only get's to make one roll against your stealth (the moment you find the backdoor) instead of every round.  The only problem is that it takes longer to do (in VR it's 1 hour interval extended test if I'm not mistaken).

2) if you have admin rights, you can simply turn off the databombs and copy whatever you want.  That's why it's so good to have admin rights.

3) if you have already admin rights to get to the files you need, there's no need to do it again.  The only problem is to avoid your account being deleted between your getting the schedules and the actual run (and if they do that, they might change the schedules because there was a breech).  I'd suggest before you go in to try and figure out how security conscious they are (how many times they do sweeps of the system and things like that).  Another option is to get into one of the legit accounts by getting the password out of the person holding it (multiple ways are possible here, but as always, the metahuman is the weakest link in any matrix security system).

4) this depends on how you do the run.  If the people of the facility know you have been in their facility, I would just delete the access logs.  That way they have nothing to trace you with.  Also, as technomancer you have a variable access ID if I recall correctly, so you have less issues with that anyways.  Again, this depends on how often they will look in those logs (mostly it's only done after an alert is triggered and not before).
"Magic can turn a frog into a prince. Science can turn a frog into a Ph.D. and you still have the frog you started with." Terry Pratchett
"I will not yield to evil, unless she's cute"