Help - Search - Members - Calendar
Full Version: Example of Hacker in Action by a SR4 newbie
Dumpshock Forums > Discussion > Shadowrun
fazzamar
Here is an example of how I understand hacking to work as a GM that is going to be running his first game of 4th edition in a week or two. I'll use Frank the Hacker in my exampl

Frank the Hacker

--Attributes--
B-4
A-3
R-5
S-3
C-3
I-5
L-4
W-3
E-4

Initiative (Matrix) 10 (11)
Initiative Passes (Matrix) 1 (3)

--Active Skills--
Cybercombat: 4
Electronics Skill Group: 4
Electronic Warfare: 5
Hacking: 5
Perception: 3
Pistol: 2

--Qualities--
Codeslinger (Hack on the Fly)

--Augmentations--
Implanted Commlink (Sony Emperor w/ Sim Module modifed
for BTL/Hot Sim, w/Response 5, Signal 5, System 5, Firewall 5);
Control Rig; Datajack; Data Lock (Encryption 5)

--Matrix Gear--
Subvocal Microphone; Programs [Analyze 5, Armor 4, Attack 5,
Biofeedback Filter 4, Black Hammer 4, Browse 5, Command 5,
Data Bomb 2, Decrypt 3, Edit 5, Exploit 5, Scan 5, Spoof 4,
Stealth 5, Track 4

Example 1 - Using the food fight 4.0 premise, Frank and his crew are at a stuffer shack at 0400 when an assassination crew attacks the store.
A gun fight between the runners and the assassination squad ensues.

The Stuffer Shack's node's stats are:
Firewall 2, Response 2, Signal 3, System 2
ARC: Terminate Connection

Frank currently has Exploit, Stealth, Biofeedback filter, and Scan loaded.
Frank knows that all of his crew have low-light vision so he decides he's going to cut the lights.
Since he's using AR instead of VR he uses his meatbody Init of 10 and only gets 1 pass a turn.
When his action phase comes up he tries to hack on the fly into the Stuffer Shack's node.
Hacking + Exploit (Firewall, Complex Action) Extended test, so 10 (2, Complex Action), resulting in 1 - 2 - 4 - 6 - 6 - 2 - 5 - 6 - 6 - 3: 4 hits, plenty to get an user account and log Frank onto the node.
The node does its Analyze + Firewall (hacker's Stealth) Extended test, so 2 (5) Extended test and gets 6 - 1: 1 hit, which the GM records in-case of future rolls towards an alert.
Once in he uses his free action to Change Linked Device Mode (SR4A pg. 228) to turn off the lights.
(Is that how it's done, or does he have to hack into the lights' node, which I would assume is hardwired to the main node and not wireless, and then use "Change Linked Device Mode", or would it be "Issue Command"?)

-------------
I'll continue to update this example to make sure I understand the rules steadily.
Thanks so much for anyone's help/comments.
fazzamar
Since this is about to fall of the first page without a reply I'll continue the example with the assumption that Frank was able to kill the lights.
After a couple of turns Frank can tell that one of the opposing force's men has some kind of low-light or thermal vision, but it a human. Going on a hunch he decides to try and hack that guy's commlink to see if the guy has cybereye in his PAN, and perhaps shut them down. The badguy's commlink is hidden ofcourse, so he spends a complex action to Detect Hidden Node: Electronic Warfare + Scan (4) test = 10 (4) test resulting in 1 - 3 - 5 - 5 - 4 - 3 - 4 - 2 - 6 - 5: 4 hits exactly (how convenient nyahnyah.gif) thus locating the node. On his next action phase he spends a complex action to hack on the fly the guy's commlink. Another hacking + exploit (target's firewall, Complex Action) extended test. (Now I'm wondering do commlinks have user, security, and admin accounts too, thus giving the threshold for this test a +6, since it'd be safe to assume access to the cybereyes would require an admin account. Or would it be considered an peripheral node and only have public and admin and as a result not have a threshold increase to get an admin account?)

Really need some help here guys....
Udoshi
As I understand it, hacking is pretty simple, and there's a few steps that must be fulfilled before you can actually start breaking firewalls.

1) Find The Node. In order to do almost anything with a node, much less hack it, you have got to have a connection of some sort. Signal is one, direct physical connection(Datajack/fiber cable), Skinlink(Echo or Accessory), laser links - you've got to be able to talk to it to hack it. Usually this is a EW+Scan(4) test to find a Hidden node, Active and Passive modes are detected automatically but only if they're in range. Mutual signal range is an important concept to keep in mind.

Imagine you, somewhere, on a street. with a bubble around you. Just an abstract view. This bubble is 1km big - that's Signal 4. Anything within that range you can talk to. Now imagine a bubble around your friend, its a slightly smaller bubble, only a few hundred meters big(signal 3), and his is not touching yours. Your friend cannot send messages directly to you, because you're out of range, but since you have a bigger range, he can hear you, but you can't talk back and forth. Move him closer, so you're overlapping, and viola, both in range, Mutual Signal range assured, and you can talk. Visualize Signal as Venn Diagrams. When they overlap, you're good to do stuff.

2) Render the Node or Avatar. Mostly skippable/not strictly necessary, but important to keep in mind. Analyzers may be run in automatic mode, so its a way to cut down in spending actions, but Matrix Perception tests can tell you -important things- about a prospective target. Like its Firewall stat, or the programs its running. Reality Filters are part of this step, but they're pretty crappy, and hardly anybody uses them. Its also important to keep in mind that Stealthed things do -not- automatically show up in the virtual environment - you've got to spot them first. I believe nodes themselves can be steathed, but i'm away from book and can't check that right now.

3) Decrypt it. In general, you've got to decrypt things before you can do anything with them - including capturing wireless traffic. If you have the decryption key, its significantly quicker. Cryptanalysis is -combat turns- long, so it may take a bit to get over that speedbump.

4) Hack it. Usually hack on the fly. Firewall is the threshold for the test, +3 if you want security, +6 if you want admin. If you have an account with the right priviledges to do an action - it just gets done if its simple, or you may need a test to see how well it got done if its more involved. If you -don't-....the system will actively fight your attempts to make changes with Opposed System+Firewall vs whatever you're doing. If a Node spots an intrusion attempt, it will almost always hit you with a Restricted Alert, which gives it +4 firewall, and can make fighting your way into a node an uphill battle.
4a: See 2 again. Reality filters kick in once you're inside a node, and you're very likely going to want to look around and see what you're dealing with, and where things are you want to change. Nodes don't -always- give full information, you have to rely on what they -say- they are and can do - unless you analyze it.

With that in mind, moving onto your posts.

First: I would probably have Spoofed a stuffer shack's lights off, instead of hacking into the node to turn it off. Sure, you have to have a Trusted Source to fake the command from, but for -lights- thats probably as easy as faking it from the person running the register. Forgot to Decrypt. Other than that, looks good. Might've given you a free pass on Scanning the node to hack, if the shack was in Passive/Active mode.

Second post: Hacking cyberware is doable, but it generally has a very low signal, if it hasn't been removed. Signal 0 is about a meter, so in order to hack it, you'd have to be -right next- to the guy. You'd have to Scan it out, decrypt it, hack your way in, and make a Matrix Perception test to see what its connected to(4a page 288, sidebar, matrix perception: hidden access to another node.), then deal with the cybereyes.

Everything(except Slaved devices, see Unwired) has Basic, Security and Admin accounts - hacking does not grant you a pre-existing account(though you can steal login info), but rather represents how deeply you've broken into the system and how easy it is to make changes.

Hope that helps.
DMiller
Hereís my interpretation of the rules:
In your first example: You did well until the lights part. Here it would be a simple action (not free) to activate/deactivate linked device (IMHO).

In your second example: Yes comlinks do have all 3 types of accounts and there is a very good chance the the user account has no access to the node. The security and admin accounts probably will. The user account would most likely only be used for sharing data with security scans. This is actually at the option of the owner of the comlink. Itís probably best to assume that you will need at least security if not admin to hack the link and kill the cyber-eyes. Though rather than just killing the cyber eyes, knocking the userís smart-link out of calibration or ejecting his clip could also be useful. Once in the comlink designating all targets as friendly or hostile (or reversing friendly/hostile targets) could also be great options. Any of these would be either command (for ejecting the clip) or edit (for most everything else) commands. There are a lot of options here for the hacker.


Dave
Udoshi
QUOTE (DMiller @ Apr 21 2010, 12:45 AM) *
Hereís my interpretation of the rules:
In your first example: You did well until the lights part. Here it would be a simple action (not free) to activate/deactivate linked device (IMHO).

Though rather than just killing the cyber eyes, knocking the userís smart-link out of calibration or ejecting his clip could also be useful. Once in the comlink designating all targets as friendly or hostile (or reversing friendly/hostile targets) could also be great options. Any of these would be either command (for ejecting the clip) or edit (for most everything else) commands. There are a lot of options here for the hacker.

Dave


Agreed. There are plenty of neat tricks you can do - even a simple Reboot of the the PAN can take everything out for a few turns. I'm also a fan of Encrypting things(a simple action!) so changes you make can't be readily undone.

In this case, Change Linked Device mode seems appropriate - because its the same action for simple things, like selecting smartgun firing modes. Issue Command is more for giving agents/pilots orders for them to carry out, while control device is the same type of action, except you're doing it ourself(and spoofing is faking it.)
fazzamar
QUOTE (Udoshi @ Apr 21 2010, 04:14 AM) *
Agreed. There are plenty of neat tricks you can do - even a simple Reboot of the the PAN can take everything out for a few turns. I'm also a fan of Encrypting things(a simple action!) so changes you make can't be readily undone.

In this case, Change Linked Device mode seems appropriate - because its the same action for simple things, like selecting smartgun firing modes. Issue Command is more for giving agents/pilots orders for them to carry out, while control device is the same type of action, except you're doing it ourself(and spoofing is faking it.)


Rebooting the PAN wouldn't knock out the cybereyes would it? Also, the guy would still have control of them since they have a DNI connection. The only reason I think the eyes would even be connected to the PAN is because they'd probably want to use the cybereyes for AR activities, although if they were really paranoid they might use AR glasses even though they have cybereyes just to prevent what Frank is trying to do. Rebooting the PAN would probably knock out the smartlink though.

Also, would the cybereyes be considered a linked device so the "Change Linked Device Mode" action would work, or would they have their own node that Frank would have to go to from the PAN? I'm not quite clear when something is a separate node that has to be hacked or just a connected device that can be controlled with a Free Action (Change Linked Device Mode).
Udoshi
QUOTE (fazzamar @ Apr 21 2010, 09:00 AM) *
Rebooting the PAN wouldn't knock out the cybereyes would it? Also, the guy would still have control of them since they have a DNI connection. The only reason I think the eyes would even be connected to the PAN is because they'd probably want to use the cybereyes for AR activities, although if they were really paranoid they might use AR glasses even though they have cybereyes just to prevent what Frank is trying to do. Rebooting the PAN would probably knock out the smartlink though.


I was actualy thinking about spoofing the cybereyes, since they're likely hooked up to stuff for the smartlink/tacnet bonus, to reboot themselves. No smartlink - and they're blind. Sweet.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Dumpshock Forums © 2001-2012