Hacking allows you to infiltrate, edit, and manipulate targeted operating systems, allowing you to access the data contained on a device or server. From there you can do a number of things to change or even delete the applications and data stored on the device.
Hacking software and Firewalls |
Hacking software is a computer program designed to manipulate and interfere with a computer’s regular operations. By installing or executing one of these programs, it completes a specific task on the targeted device. It could be a piece of spyware that’s designed to maliciously gather data and transmit it to the hacker, or it could be malware, a program designed to interfere with or disable the computer system’s functions. Their counterpart, firewalls, can also be used to protect devices and their systems. |
Caliber |
Every operating system, hacking program, and firewall has a caliber from 1 to 5. It’s caliber is a general indicator of how powerful it is, from simple screen loggers to deadly viruses that disable complex computer systems. In order to requisition a program of a higher caliber, your mission’s challenge rating must be high enough. |
Installed programs |
Before a hacker run a program, they must have the program installed on a device they can use. A device can have any number of programs installed on its operating system, and each device has an operating system, based on its caliber. That operating system can support a number of programs and paired items, known as executable slots that allow programs to be used, providing the processing power to run this complex software. When a hacker uses a program, an executable slot is in use and it cannot support another piece of software for the duration of the program’s effect. This means that while a hacking program or firewall can effectively run indefinitely, in reality any time it is in use it ‘fills’ an executable slot. If all executable slots are in use, then the hacker can’t use another program until one of the programs filling the slots is closed. |
Using a Program at a Higher Caliber |
When a hacker runs a program using an executable slot that is of a higher caliber than the program, the program assumes the higher caliber for that instance. For example, if a Hacker runs Battering Ram using one of their OS’ caliber-2 slots, that use of Battering Ram is caliber 2. Effectively, the program expands to fill the slot it is run in. Some programs, such as Battering Ram and Screenlogger, have more powerful effects when run at a higher caliber, as detailed in a program’s description. |
An operating system is a unique piece of software that acts as an interface between the hardware of the device is installed on and the software that is installed on the operating system. Every device has at least a rudimentary operating system, while computers, smartphones, and wearable technology have more sophisticated operating systems.
The capabilities of the operating system depend on the device’s caliber, as well as its hit points, Armor Class, and executable slots.
OPERATING SYSTEM STATISTICS
OS Caliber | AC | Hit Points | Executable Slots |
Caliber-1 | 11 | 5 (1d8+1) | 1 |
Caliber-2 | 13 | 12 (2d8+4) | 2 |
Caliber-3 | 15 | 18 (3d8+6) | 3 |
Caliber-4 | 17 | 30 (4d8+12) | 4 |
Caliber-5 | 21 | 38 (5d8+15) | 5 |
DEFINATION
Armor Class |
An operating system’s Armor Class measures how difficult it is to corrupt its programming, and its innate security features. The Operating System Statistics table provides these AC values by caliber. |
Hit Points |
An operating system’s hit points measure how much coding damage it can take before being corrupted entirely. Lower-caliber operating systems have fewer hit points than more complex, highercaliber ones. Once an operating system has been reduced to 0 hit points, it is corrupted, and the software and device cannot be used until repaired. The Operating System Statistics table provides these hit point totals by caliber. Troubleshooting and fixing software corruption takes time and some expertise. Anyone with proficiency in the Computer skill can spend a long rest with a device that has 0 hit points to restore it to working order and its hit points to their maximum. |
Executable Slots |
Devices can have any number of installed programs, but can only support a limited number running at the same time. Each piece of software running on the device takes up an executable slot, and the caliber of the operating system dictates how many slots it has, and what caliber of software it can support—a caliber-1 OS can support caliber-1 software, while a caliber-5 OS can support caliber-5 software. The Operating System Statistics table provides the number of executable slots by caliber. |
Firewalls protect devices and their users from malware and spyware, as well as encrypting their data, and providing basic security measures like recognizing user accounts and passwords.
Firewalls are installed and use executable slots like hacking software, but their effects are different, and they often react to hacking actions rather than facilitate them.
Each type of firewall can be of any caliber between 1 to 5, with AC, HP and effects relating to their caliber.
Each firewall has a trigger, and an effect.
FIREWALL STATISTICS
Caliber | Save DC | Bypass DC | AC | Hit Points |
1 | 11 | 12 | 11 | 5 (1d8+1) |
2 | 13 | 16 | 13 | 12 (2d8+4) |
3 | 15 | 20 | 15 | 18 (3d8+6) |
4 | 17 | 24 | 17 | 30 (4d8+12) |
5 | 21 | 28 | 21 | 38 (5d8+15) |
DEFINATION
Triggering a Firewall |
Most firewalls are triggered when a hacker does something or installs something that the firewall’s user wanted to protect. Common triggers include the installation of new software (including hacking software), being scanned by a vulnerability scanner, or a hacker modifying or attempting to delete software. When a firewall’s trigger activates, its effects are resolved immediately, interrupting the hacker’s action. |
Detecting and Bypassing Firewalls |
Some firewalls are obvious, in the case of a password prompt from a Password firewall, while others may not be so obvious when a device is first accessed. A firewall’s description specifies the checks and DCs needed to detect it, disable it, or both. If you are actively scanning for a firewall you can use a hacking program to make an Hacking skill check against the firewall’s DC. If you detect a firewall before triggering it, you may be able to disable it, either permanently or long enough to do what you need. You might need to make an Computer skill check to deduce what needs to be done, followed by another hacking program to disable or delete it. Any character can attempt an Hacking skill check to detect or disarm a firewall using a computer or similar device and a hacking program, in addition to any other checks noted in the firewall’s description. The DCs are the same regardless of the check used. |
FIREWALL LIST
AdBlocker |
|
Authorization Policy |
|
Certificate Checker |
|
Encryption |
|
Intrusion Prevention System |
|
Password |
|
Proxy |
|
Tracer |
|
Virus Scanner |
|
Network Cloak |
|
Retaliation Program |
|
Virtual Private Network (VPN) |
|
Wi-Fi Protected Access (WPA) |
|
The Hacking skill allows hackers to make certain hacking actions without the use of an installation slot.
These actions can be made by the hacker from any device with an operating system and a connection to their target, without the need for specific programs to be installed or running in executable slots.
In combat, hacking actions require a single action to attempt.
Bypass |
When faced with a protected operating system or password protected software you can use the Bypass action in an attempt to circumvent that security and gain access to the targeted device. The DC varies, based on the complexity of the software or firewalls installed. |
Modify |
You can rewrite software in order to change its function within an operating system. Doing so may also alter the function, or disable other pieces of software. The base DC is 10, modified depending on the complexity of the software and how many other pieces of software use it within the operating system, as well as any firewalls present. |
Attack |
You can make an attack targeting operating systems or firewalls manually, against their AC and hit points. Attacking software follows rules outlined in Using Hacking Software. All hacking attacks deal coding damage. Making an attack using this hacking action deals 1d4 coding damage. |
USING HACKING SOFTWARE
Runtime |
Most hacking programs require an action to execute, but some require a bonus action, or even a reaction, to use. Some hacking programs have a longer runtime to complete their operation, and this time will be given in minutes or seconds—a time measured by the GM in game rather than in real time. |
Bonus Action |
A hacking program deployed with a bonus action is especially swift. You must use a bonus action on your turn to use the hacking program, provided you haven’t already taken a bonus action this turn. |
Reactions |
Some hacking programs can be deployed as reactions. These programs take a fraction of a second to deploy and are used in response to some event or trigger. If a hacking program is deployed as a reaction, the program will describe in what circumstances it can be used. |
Longer Runtimes |
Certain programs require more time to complete their operation: minutes or even hours—or you may want to keep a program running. When you activate a hacking program with a runtime longer than a single action or reaction, you must keep running the program in an executable slot, and maintain a connection with your target each turn until it is complete. If your connection is broken or your operating system is reduced to 0 HP, the program fails, and if you want to try using the program again, you must start over. |
Proficiency |
When a hacking Software allows you to make a Hacking attack against a firewall, OS, or other piece of software, you make an attack as if you would attacking a character or object, but instead of using Strength or Dexterity, you use your Hacking ability, which is based on your Technology score. Hacking attack modifier = Hacking skill = Technology (+ Proficiency) (+ Expertise). When you use a hacking program to make an attack, you do not add your Technology modifier to the damage. |
TYPES
Brute-Force Attack |
A brute-force attack is a software that attacks a password firewall, attempting to break it by submitting all possible password combinations until it finds the right one. This can be done either by submitting all possible letter, number, and symbol combinations or using a dictionary attack whereby common words from a wordlist are submitted with common number and symbol combinations to break longer, usersubmitted passwords. Brute-force attacks target password firewalls exclusively, and require you to make a hacking attack. |
Encryption |
Encryption is the scrambling of data by using an algorithm that turns plaintext into ciphertext. So long as you have the encryption algorithm you can decrypt the information without making a check. Using encryption software to decrypt data involves unscrambling that information from its ciphertext state into its normal plaintext format so that it can be read/accessed. If you do not have the algorithm then the DC varies based on the complexity of the cypher. |
Keylogger |
A keylogger records the input of a keyboard or touchscreen on the device it is installed on, making a log of each key pressed or button tapped on and transmits that information so that a hacker can read messages or passwords typed into the computer. Using this information, a hacker could bypass password firewalls by inputting the correct password, or gather intelligence typed into the computer by its user. |
Rootkit |
A rootkit is a software package that, once installed, can access areas of an operating system that is usually off limits to all but the most highest clearance users. Once installed it masks its appearance by modifying existing software to allow it more and more access. |
Scanner |
A scanner is a type of program that looks for and identifies particular software, including firewalls, so that the hacker can effectively deploy and install other programs. Scanners are usually the first thing a hacker will utilize when hacking a target device or network. Most scanners can detect software remotely while connected to a network, while some may be installed and perform surveillance for the hacker inside the operating system. |
Spyware |
Spyware is a type of hacking software that monitors and transmits data from a target device, without the system or user’s knowledge. It is typically installed amongst the operating system in order to gather information, sending it to a remote user that is engaging in surveillance of the device’s users. It can track user’s internet movement, application use, and other pertinent system data. |
DELIVERY
Each hacking software will have a delivery method, a way in which the software is installed or interacts with the targeted system.
Wireless connections |
Wireless connections rely on high-frequency radio signals to connect devices in a short range of each other. This is true of wireless devices that require pairing, as well as laptops and tablets that connect to a router. If a device has a wireless connection it can connect to another wireless device within 20 feet, but loses its connection with the targeted device if moved out of this range. |
Wired connections |
Wired connections use a port to physically connect two devices. Data cables provide a stable connection between these devices. If a device supports a wired connection then it can connect to another device when both have a data cable inserted to ports on the devices. |
Internet connections |
The internet allows individual computers and other smart devices around the world to connect to a shared network of servers that allows users to access mailboxes, websites, and other data. Providing you have identified the physical and IP address of a device, you can target it while it has a connection to the internet. The vast majority of remote hacking is done this way, using malicious software that grants access to the device across the internet from anywhere in the world. If the target device is not connected to the internet, it cannot be targeted, but malware monitoring the device may still be running without the user’s knowledge, and transmit its data to the hacker’s device when a connection is reestablished. |
CALIBER-1
DNS Attack |
|
Battering Ram |
|
DeCryptTile |
|
Keylogger |
|
Nmap |
|
Phisher |
|
Quickscan |
|
Screenlogger |
|
Shellcode |
|
The Spoof Call |
|
Trap Sensor |
|
CALIBER-2
Air-Cracker |
|
CrackedWeb |
|
Clone |
|
Devtrack |
|
Hide.ME |
|
I.R.User |
|
Nessus |
|
TombCrypt |
|
UpdateR |
|
CALIBER-3
Cache Verification |
|
J/Ripper |
|
Rogue Firewall |
|
Worm Support |
|
CALIBER-4
BIOS-Kit |
|
Korruptor |
|
Pivot |
|
Zombie |
|
CALIBER-5
Polymorphic Code |
|
VPN Pivot |
|
Triple-A |
|