RPG
Don't have an account?
Register
Advertisement
Register
in: Layflat Shadowrun

LayShad Modified Hacking Rules

Edit
Layflat Shadowrun is a Shadowrun campaign played by the Layflat RP group.

Inspired by [1]

This article is an attempt to simplify and overhaul the horrid Matrix rules in SR4. Some key features in this attempt include:

  • Reducing the number of dice rolls for most "mundane" Hacking tasks.
  • Only using Extended test for tasks outside of combat/initiative, such as Probing the Target and Legwork.
  • Reduce the algorithms for dice rolls to basic, easy to remember formulas, a la Spellcasting.
  • Making Technomancers more than just gimpy Hackers who burn Karma instead of Cash.
  • If it exists in canon, it exists in these rules. In these house rules, one can reasonably take characters from R.A.W. (Rules As Written) and house rules and swap them, with minor modifications.

Options used from Unwired[]

  • Using Attributes (p39) - Programs limit hits, and Attribute + Skill is used for tests
  • Limiting AR Passes (p39) - AR users can only make one Matrix Action per Combat Turn
  • Harder Encryption (p39) - Encryption takes longer to break
  • Complex Forms (p39) - Complex Forms are bought and used similar to spells. 3 BP or 5 Karma.
  • The Resonance Difference from pp 137-138

Rules that we don't use[]

  • Anything that has to do with Agents, IC, or Pilots (with the sole exception being Pilot for drones). Our rules do not have autonomous shells that you have to buy to load other programs, because the programs are autonomous already.
  • Anything having to do with Trojans, Malware, Worms, etc. See above (no agents). Also, those concepts are already incorporated into our revised Slow Hacking rules.
  • Anything having to do with Botnets. Again, already incorporated into our revised Slow Hacking rules.

Dicepools[]

General rules for using dicepools. The basic premise of these rules are:

  • If it uses a Program, then it's a Complex Action.
  • If it doesn't use a Program, then it's an Extended test of some sort.

Basic[]

  • Use Skill: Logic + Skill (Usually takes an Extended test)
  • Run Program: Logic + Skill (Usually takes a Complex Action or several Combat Turns)
  • Use Program/Skill (Technomancer): (Logic/Intuition/Charisma depending on stream) + Resonance + Skill
  • Matrix Perception: Logic + Data Search (Analyze program limits hits)
  • Matrix Perception (Home Node): Firewall + Analyze

Initiative[]

I debated changing this (adding Logic instead of Response to the equation), but we're used to the default initiative rules as it is.

  • Matrix Initiative - Augmented Reality: Intuition + Reaction (in other words, Real-world initiative), 1 Initiative Pass
  • Matrix Initiative - Virtual Reality (Cold Sim): Intuition + Response, 2 Initiative Passes
  • Matrix Initiative - Virtual Reality (Hot Sim): Intuition + Response + 1, 3 Initiative Passes
  • Simsense Booster: +1 Initiative, +1 Initiative Pass
  • Overclocking Echo: +1 Initiative, +1 Initiative Pass
    • Advanced Overclocking Echo: +1 Initiative, +1 Initiative Pass, cumulative with Overclocking for a total of Intuition + Response + 3, 5 Initiative Passes.

Combat[]

Largely unchanged from Canon. Oddly enough, it's the one thing they didn't screw up.

  • Attack (Hacker): Logic + Cybercombat
  • Attack (Technomancer): (Logic/Intuition/Charisma depending on stream) + Resonance + Cybercombat
  • Attack (Home Node): (Firewall or Device Rating) + Program Rating
  • Attack (Program outside Home Node): Program Rating
  • Defense (Hacker): Response + Firewall
  • Defense (Home Node): Response + Firewall
  • Defense (Program outside Home Node): Program Rating
  • Full Defense (Hacker): Response + Firewall + Cybercombat
  • Note: IC/Programs never go on Full Defense

Running Programs[]

Fast Hacking[]

Fast Hacking only works if the user's node and the target node are both within mutual Signal range or otherwise have a direct connection (standard optical cable, skinlink, etc.).

Running a program as a "Fast Hack" on a node is an Opposed Test between the Hacker's Run Program (Logic + Skill in most cases) dice pool with the Program rating limiting hits and the target node's System + Firewall. The Hacker can also simply let a program loose as an Agent, using the Program's Rating as the dice pool instead (this is less likely to produce a beneficial result, but may be useful for the less tech-savvy folks).

If the Hacker wins the Opposed test, then the program executes and the action goes through. If the node wins the Opposed test, then the action is denied, and the Hacker has a -2 dice pool penalty to any subsequent hack on that system for a period of time. Repeated hacking failures will continue to accrue cumulative -2 penalties (as per the Trying Again rules on p65 of SR4A).

If the Hacker glitches, then the node is on alert and executes its Alert Response Configuration (ARC) script. If the node doesn't have a preset ARC, then assume the node will attempt a Shutdown (System + Response or Device Rating x2 as an Extended test versus (10, 1 Combat Turn)). If the node is slaved to other nodes, then those nodes will also be alerted. If the Hacker critically glitches, then the hacker may not escape the node unless he was hacking in AR (just turn off the device!) or attempts to Jack Out (suffering Dumpshock in the process). The ARC script still runs, and may present a nasty situation if multiple IC are released.

During an Alert, the node's Firewall is boosted by +4, per standard SR4 rules.

If the System glitches, then the Hacker may continue to make actions appropriate to the recently-executed Program as unopposed tests. In effect, the Hacker has found a renewable exploit and may continue to use it (useful if the program is Browse or Edit and the Hacker needs to make several searches or edits). If the System critically glitches, then the Hacker has a backdoor and may access the node as a standard user at any time.

These rules do away with gaining an user level access on a node as a fast hack. We don't worry about admin access or security access. While the Hacker will succeed on many actions, keep in mind that it only takes one glitch to make it all go wrong, and that the System is NOT limited in hits (unlike the Hacker, who is limited in hits by program rating).

Slow Hacking[]

If Fast Hacking is akin to Spellcasting, Slow Hacking is like Ritual Spellcasting. It takes significantly more time than a Fast Hack, but it can be more powerful and flexible than regular Fast Hacking. More importantly, Slow Hacking can be done on remote nodes that aren't within mutual Signal range, although it does require at least ONE access point to the target node.

Slow Hacking involves a variety of techniques, including observation of the node, mass probes, social engineering, phishing, injecting trojans and virii into systems for the purposes of creating a botnet, injecting malware into a system, etc. Like most Extended Tests, Slow Hacks can be suspended to work on other pursuits, but each day that passes while not working on the Slow Hack increases the Threshold by 1. If a full week passes before the Slow Hack is complete, then the hacker must start over.

Reasons to use a Slow Hack[]

Why should you do a Slow Hack versus a Fast Hack?

  • You are not within mutual Signal Range of the target node and do not have a direct connection (fiberoptic cable, skinlink, etc.) to the target node.
  • You want to raise your Dice Pool in your Hacking attempt beyond that of a Fast Hack.
  • You don't have the proper program to run the action as a Fast Hack (in other words, you need to create a program "on-the-fly").
  • You want to gain passkey access to a node (similar to "Probing the Target" in default SR4 rules).
  • You want to coordinate the efforts of multiple hackers or a private botnet to attack a single node.

Botnets[]

During a Slow Hack, the hacker can create a private botnet, an army of autonomous programs (like Agents, except these rules don't actually have Agents as you know it in SR4) designed to be executed at the same time against a target node. This allows the hacker to bring a lot of firepower to bear on a target node, at the cost of exposure to the program being used.

To use a program as a bot, the hacker must first circumvent the Copy Protection (cracking) of the program, so that unregistered versions of the program can be distributed en masse. Normally, botnets are injected as virii or trojans into innocuous systems. The Slow Hacking rules take into account the fact that the hacker is modifying a cracked program to work as a virus/trojan/malware. While most nodes have a Firewall that constantly sweeps these rogue programs, the Slow Hacking rules assume the hacker is setting up a new botnet to operate under a short period of time or configuring an old established botnet to new parameters.

Under these rules, a "bot" is not a single node with a single program. It represents injecting multiple copies of the program through many compromised nodes. It is treated as a single bot simply for the purposes of the Teamwork test.

The disadvantage of a botnet is that after the hack is done, the program that is used on the Slow Hack becomes compromised. Your program becomes so distributed that software companies (especially those that deal with electronic security) are able to dissect the program and discover how to plug the security holes exploited by the program. Thus, the program you are using for your botnet is permanently reduced in rating by the number of bots you have used, to a minimum of Rating 1. This occurs within a week after the Slow Hack.

These lost rating points can be restored by patching the program using the test in Unwired pp 118-119. This is a Logic + Software Extended test with a Threshold of (original program rating - degraded program rating) and an interval of 1 week. The hacker can also simply buy a new program.

Technomancers do not suffer from program degradation to their complex forms. However, each time they load a bot, they must roll Fading for the Complex Form (usually Rating/2 in Stun damage, although Physical damage can occur if the Rating is higher than the Technomancer's Resonance). This damage is usually inconsequential, but it can add up over the course of the Slow Hack and may force the Technomancer to take a nap or seek medical care.

Go Team Hacker![]

Also, during a Slow Hack, teams of hackers can get together and pool their resources. Hackers are usually loners and most like to use botnets instead (after all, multiple partners means multiple liabilities), but a large Hacker group is a force to be reckoned with on the Matrix.

When using a team of hackers, designate the person with the highest skill as the "lead Hacker". This is the hacker rolling the skill test for the Extended test and the Opposed test. The rest of the hackers add their skill as Teamwork Test dice to the Opposed test.

In a team Slow Hack, all of the hackers in question must have a copy of the program being used. This is the cost of doing business, and may lead to exposure for the program in question. If any of the assisting Hackers rolls a glitch on their Teamwork Tests, the rating of the program used in the Slow Hack is reduced by 1. This rating reduction occurs within a week after the Slow Hack.

Technomancers who work as a team must be of the same Stream (although they can have different paragons) or be connected by a Resonance Link/Mesh. They do not have to possess the Complex Form being used on the Slow Hack, but in this case they will have to use Threading to create it. Subtract 2 from the Teamwork Test roll for that Technomancer, per usual Threading rules.

Procedure[]

Step One (Targeting): Select a target node. This target node must be accessible by some sort of connection to the Matrix as a whole. This can be as small as a microtapper bug or as large as a satellite link, but during the entire Slow Hack, you must have an active connection to the target node at the time of the final hack (Step 5, the Fast Hack roll).

Step Two (Action): Select the action that you want to run on the target node. Some sample actions that you can do when you Slow Hack:

  • Computer - You can reprogram the Command functions of an assembly line by injecting your own specifications using the Command program.
  • Data Search - The standard Data Search can be modified using these rules, especially if the information is only available on a restricted system, using a Browse program.
  • Hacking - You can use the Exploit program to create a user access account on a system or a temporary passkey. While not a legitimate account or passkey, it will allow the user-level access to the System for a number of turns
  • Electronic Warfare - You can effectively "jam" a node, preventing it from communicating with any other node by performing the equivalent of a distributed denial of service attack. Instead of actively jamming the signal, though, you prevent the node from subscribing to anything useful. This circumvents ECCM and non-standard wireless signals quite nicely. Use the ECM program for this Slow Hack.

Step Three (Task): Determine how much time you are taking to prepare. Each prepared "task" adds 1 hour to the time it takes to do the Slow Hack. The maximum number of tasks that can be coordinated on the Slow Hack is equal to the skill rating of the lead Hacker. The following are sample tasks:

  • You can add a bot to the botnet. The bot must be the program that is being used in the Slow Hack. Each bot adds its Rating as a Teamwork Test to the overall dice pool of the Slow Hack.
  • You can add another Hacker to the attempt. While coordinating efforts with other Hackers, the largest skill+attribute (the leader's pool) is used as the base dice pool, while the other Hackers contribute as a Teamwork Test.
  • You can add a Rating point to an existing Program or develop a temporary Rating 1 Program. These Rating points and temporary programs expire when the Slow Hack is resolved. Programs improved in this manner may exceed Rating 6 and also may exceed the System Rating of the Hacker's commlink (in effect, they work like the Optimized program option). Common uses of this task are raising the Stealth or Redirect program to prevent Matrix Perception and Track programs, respectively.

Step Four (Slow Hack): Make the Extended Test roll to determine how much time the Slow Hack takes. The roll is Logic + Skill (without Teamwork dice) (System + Firewall, 1 hour in VR or 1 day in AR), similar to Probing the Target on SR4A p 236. Alternatively, you can roll Logic + Skill (Device Rating times 2, 1 hour) if the node being hacked is a device without System and Firewall stats. This Extended Test is subject to the usual -1 die per roll rule for Extended Tests.

The total time for the Slow Hack would be the number of intervals rolled for the Extended Test plus the number of tasks completed in Step Three (1 hour per prepared task).

If the Hacker (or leader of the hacking team) glitches, then the System goes on alert, adding 4 to the Threshold immediately (as if the Firewall has the +4 bonus from being on Alert). Also, the Hacker will have to deal with an Alert status when rolling the final skill roll. On a critical failure, the Hacker is immediately faced with the node on Alert and the node's Alert Response Configuration (ARC), whatever it is. The Slow Hack obviously fails at this point and must be started over.

Step Five (Resolution): Finally, after the Extended Test is completed successfully, the Hacker has to make a normal Fast Hack skill roll to determine the degree of success. The Teamwork Tests from the botnet and additional hackers apply to this roll, as well as other bonuses given from prepared tasks. This Fast Hack can be delayed up to a week after the Extended Test is completed, if it needs to be synchronized with another part of the run.

Skills[]

Basically the same skills from SR4, but with different uses and specializations.

Cracking Skill Group[]

The Cracking Skill Group consists of Cybercombat, Electronic Warfare, and Hacking. These skills are generally used for the "illegal" activities for which Hackers are generally known.

Cybercombat Skill[]

The basic combat skill of the Matrix. Resolved like a spellcasting or ranged combat test, with Firewall as the base Willpower or Reaction pool to defend. Can be used like a "Dodge" skill as well, to avoid attacks.

Specializations:

  • Attack (by program) - running a Cybercombat program for attacking. Also used to Crash other programs through a Logic + Cybercombat extended test.
  • Defense - Only used for Full Defense

Electronic Warfare Skill[]

The Electronic Warfare skill is used to disrupt and prevent the disruption of signals and communications in a variety of ways. This skill is used most often at the "Signal" range, to either close the distance to "Connect" range or prevent a system from being targeted by Signal ranged effects.

Specializations:

  • Communications - running Communications programs
  • Encryption - Encrypting data, whether a transmission on the fly or datastores for privacy
  • Jamming - Blocking wireless signals, using a Jammer, or counteracting jamming using ECCM.
  • Sensor Operations - Operating Sensor Suites on vehicles

Hacking Skill[]

Illegal commands, either in the form of Exploit programs or creating false identification or "stealthing".

Specializations:

  • Exploit (by program) - running Exploit programs.
  • Sleazing - Using the Hacking skill on Slow Hacks.
  • Matrix Stealth - Hiding on the Matrix. Pretend to be a piece of e-mail! Logic + Hacking is used as an Opposed Test versus a Matrix Perception test (Logic + Data Search or Firewall + Analyze).
  • By device - This bonus applies only when Hacking a specific device (not using the device to hack, you munchkin!).

Electronics Skill Group[]

Consists of Computer, Data Search, Software, and Hardware.

Computer Skill[]

Basic computer operations are governed by this skill. Anything that can be legally performed by the node in question is run by using a Computer command.

Specializations:

  • Command - running Command programs on the node
  • Data Manipulation - Editing, Uploading/Downloading, etc.
  • Operations - running basic node commands (i.e. software native to the node)

Data Search[]

The Matrix equivalent to the Perception skill. Also used to run "Detection" class programs.

Specializations:

  • Analysis (by Program) - running Analyze programs (equivalent to Detection magic).
  • Matrix Perception - Rolled for Matrix perception tests (Intuition + Data Search). Note that Technomancers get a +2 to Matrix Perception tests (per canon).
  • Research (by Topic) - Rolled for "Google" searches (Logic + Data Search for Academic/Professional content, Intuition + Data Search for Street/Hobby content). Substitutes for a relevant knowledge skill.
Example: Don the Weatherman has a Logic of 3 and a Data Search (Specialization: Research Weather) of 2. This means he rolls a dice pool of 7 dice when researching the Weather on the Matrix, and 5 dice when researching other subjects.

Software[]

B+R for Software.

Specializations:

  • AR Enhancement - The "art" of adding AR multimedia to plans and reference material to provide a bonus for Build/Repair operations.
  • Improvising - AKA Hacking-on-the-Fly. Used for creating an improvised one-shot program.
  • Patching - repairing damaged icons/programs
  • Also used for writing or upgrading software. To upgrade, the programmer needs to hack the software to obtain the source code and then use the standard rules to determine the threshold for a build/repair extended test. However, the interval is reduced by the ratio between the two software ratings, rounding up. Intervals are also given in downtimes instead of months.
Example: Fred wants to upgrade his firewall from rating 1 to rating 3. The threshold remains 6, but the interval decreases from the standard 3 downtimes by 1/3, so his interval would become 2 downtimes.
  • A buyer can also purchase upgraded software by paying the difference in price.
  • All home-made software is subject to the same degradation as specified in Unwired.

Hardware[]

B+R for Hardware.

Specializations:

  • Hardwired Devices - Bigger than a breadbox
  • Security Devices - covers Maglocks, Laser Tripwires, Motion Sensors, Cameras, Keypads, etc.
  • Portable Devices - Smaller than a breadbox

Tasking Skill Group[]

These are Technomancer-only skills.

Compiling[]

Used for creation tasks like compiling sprites and threading.

  • Compiling Sprites (by Sprite)- Similar to summoning spirits.
  • Threading - Change from canon. Threading (the process of improving/creating complex forms) is a Compiling task.

Decompiling[]

  • Unravel Commands - Like dispelling sustained spells
  • Remove Tasks - Like banishing spirits
  • Rend Icon - Improvised decompile attack. Treat as "Unarmed Combat", using Resonance + Decompiling versus the target's Firewall (+Cybercombat if the Target is on Full Defense). Base DV is equal to the Technomancer's Charisma divided by 2 (round up).

Registering[]

Specializations:

  • Register Sprite (by Sprite) - Also used to re-register Sprites

Programs[]

Most basic actions in the Matrix can be done without Programs. However, it often takes time or resources, or sometimes the task occurs at a scale that is greater than the hacker can manage on his own. This is where Programs come in. Programs facilitate actions that either take too long to do with regular Hacking or create a specific effect that isn't covered by standard hacking rules.

Some key features of Programs:

  • Programs are DIVERSE - There are limitless programs, and each Hacker uses tools that are distinct from each other, in the same way that every Mage has different spells and every computer today has different operating systems and software suites.
  • Programs are UNIQUE - This mostly refers to the fact that each device has its own programs registered to it. An Attack program used on one Commlink does not necessarily run on another Commlink (at least, without some modification). Even identical programs in terms of functionality have unique ID codes registered to particular devices and users.
    • If a program is REGISTERED (purchased or created specifically for that device), it does not degrade (because it automatically patches itself) but it also has a traceable ID.
    • If a program is UNREGISTERED (copied to the device without purchasing or creating), it may not have a traceable ID (some unregistered programs may still have some traceable aspects, though) but it also degrades at a rate of 1 rating per month (Unwired, p109), to a minimum of 1 (even outdated/unpatched software is still useful). Shadowrunners often run unregistered programs on their devices and are forced to maintain the State of the Art by continually stealing programs or hiring hackers to update their software.
  • Programs have a RATING - The rating of the program limits how many hits a user can get when making a skill roll with that program.
  • Programs are AUTONOMOUS - One key feature in these house rules is that programs, once loaded by the node, can be run AUTONOMOUSLY by the node. The IC programs or Agents being run by the system are, in effect, the programs that are resident in the node. In other words, Black IC is simply a node that has a Black Hammer loaded on the System. A Trace IC is simply a node that has a Track program loaded on the System. There are no so-called "Agents" or "IC" in these house rules... the programs ARE Agents already. Programs running autonomously make all of their rolls using their own rating (rather than limiting the hits of the "user"). If a program is operating on its "home node", it gets its home node's System or Firewall value added as well.

Each node can have as many programs as they want in storage (storage in 2070 is a pretty trivial affair), but the number of Agents or Permanently resident programs add up to a System Load, which may degrade performance if it exceeds the System rating. Program ratings cannot exceed the System rating of their "Home Node"; higher rating programs can be loaded, but are reduced in rating down to the System's rating.

Each program description will have the following information:

  • Duration - Instant, Sustained, or Permanent.
    • Instant programs are run at the point of execution and do not need to be loaded onto the System.
    • Sustained programs can be run either as an Instant program or as an Agent, adding to the System Load to provide a passive benefit.
    • Permanent programs can only be run passively by loading it onto the System, adding to the System Load.
    • A System can have a System Load up to its Rating in programs without penalty. Each additional program loaded onto the System gives a -2 penalty to all Matrix actions. Example: Marty the Matrix God has a System of 4. He can load an Agent Browse program, an Armor program, and a Biofeedback Filter program. This gives him a System Load of 3 programs, which is below his System of 4.
  • Test - This describes the success test used to perform the skill. This will describe whether or not it is an Opposed Test and how meaningful are the hits generated by the Program.
  • Agent - This will describe how to use the program as an autonomous Agent or IC.
  • Default - This will list how the action (that the Program replaces) is usually done. Some Programs do not have an equivalent method that can be used in place of the Program. For example, in the case of complicated Command Device instruction sets: while you can probably reasonably replicate the operation of a toaster, it would be beyond the abilities of a Hacker to perfectly emulate the instruction set of a pastrami-making ServerBot drone.

Analyze programs[]

Skill Test: Logic + Data Search

Analyze[]

This is a common use program.

The eponymous Analyze program assists in Matrix Perception tests, limiting the hits of a single Matrix Perception test equal to its rating. It also is used autonomously by systems to detect Hackers.

  • Duration - Sustained
  • Test - Logic + Data Search (Analyze limits hits), with hits giving you one piece of information about the icon/node per hit. The Matrix Perception Data table on p228 of SF4, 20th Anniversary edition is used. Alternatively, Intuition + Data Search may be used for folks who are not in VR.
  • Agent - Firewall + Analyze to detect a Stealthed Hacker. Note that this roll receives a +4 bonus if there is an active Alert.
  • Default - Without an Analyze program, a user can still perform Matrix Perception tests. However, it is performed as an Extended test of Logic + Data Search (Firewall + Stealth, Complex Action) and only gleans a single piece of information per test. Also, the node only rolls Firewall instead of Firewall + Analyze to detect stealthed Hackers.

Browse[]

This is a common use program.

Most data searches take some amount of time, from minutes to days depending on the scope of the search. But if you want information right NOW (maybe because the local security goons are sending some lead presents your way), a Browse program can get it for you. To achieve the kind of speed needed to Browse an entire node's worth of data in a single Complex Action, the scope of the command is limited to a single node in mutual signal range.

Browse are common use programs and are often available in most local nodes (if an intruding hacker has a registered account in the node, he/she can use the local Browse program instead... most hackers choose to use their own Browse, of course).

  • Duration - Sustained
  • Test - Logic + Data Search Opposed Test versus Firewall (if any). Net Hits determine the relevance of the information.
    • A tie means that the information is there, but you cannot access it with the Browse Program (borderline failure); on the bright side, you also don't get a bunch of useless data to sift through.
    • 1+ Hit means that you get some of the information, but it is fragmented or you only have part of the data.
    • 4+ Hits means you get all of the information you needed (and no cruft), or you can positively determine that the information that you need is NOT in the node.
    • 6+ Hits means that not only you get the information that you need, but you get links to related information in other datastores, or you may even get leads to where the data might be found, if it is absent in the node.
  • Agent - It can also perform searches for you while you are "AFK", based on parameters that you set during the search. In theory, you can load this program and have it run by IC on your node, which does a Browse on the intruder's PAN for specific information. This is similar to the "Watcher IC" from past editions of Shadowrun. Maybe you want to know what sort of cyberware the intruder has or what sort of pie recipes that the intruder has come across...
  • Default - Usually, this requires a Logic + Data Search Extended test, with a threshold prorated by difficulty and an interval based on scope. However, the regular Data Search Extended test doesn't assume that you are actually connected to any particular node. In other words, Browse is useful for searches on nodes to which you are directly connected, while Data Search tests are useful when you have a lot of time and you intend on searching a lot of different databases.

Track[]

This program is designed to track down a persona icon (i.e. Program or another Hacker). While it gives "instant" results, it is easily fooled by Redirects. The Track program by itself isn't dangerous, but it does allow the node to contact authorities or security to track down the intruding hacker's physical location.

  • Duration - Sustained
  • Test - Logic + Data Search (Track limits hits) if a hacker is attempting to trace another hacker. Otherwise, System + Track if a node is attempting to track an intruding hacker. It is an Opposed test between the System + Track versus the Hacker's Logic + Hacking (Redirect limits hits). A critical success (4 net hits) means that the program has discovered the hacker's origin node. Success means that the Track program has "found the trail", which allows a user to trace back to the Hacker's origin node in 10-(net hits) Combat Turns. Failure means that the Track program was fooled and comes back empty-handed. Critical Glitches mean that the Track program sends back misleading information.
  • Agent - Track is a program that is often used as an Agent. The Track program needs to beat the Hacker's Logic + Hacking (Redirect limits hits). The Track program can repeatedly attempt this test, with the usual -2 modifier per unsuccessful attempt, until it runs out of dice.
  • Default - Usually, this involves an Opposed test involving Logic + Data Search (Matrix Perception) versus Logic + Hacking, but this will only get you the last connection that the Hacker originated from before accessing the node.

Command programs[]

Skill Test: Logic + Computer

Command programs are almost exclusively run within their "home node". They consist of generic utilities common to many user setups (such as Reality Filter and Armor) and mundane programs that are necessary for the day-to-day function of the node.

Armor[]

Armor program is a series of countermeasures used to block most Attack programs, preventing damage to software.

  • Action - Permanent
  • Test - Armor is automatically added to System when determining damage resistance tests against the home node or against a specific program running in the home node.
  • Default - Without an Armor program running, the node just rolls its System dice to resist Matrix damage. Ouch. This makes it incredibly easy for an Attack program to crash the node or any programs running in the home node.

Command (Device)[]

This is a common use program.

This is the generic catch-all program category for any instruction set that a device has for its daily operations. From the algorithms that determine how long a microwave needs to nuke a burrito to the complex instructions given to automated drones to build a vehicle, this is the program that is run to perform the basic operation of a device. Almost all devices have this program, which is specifically made for the device. Each device has a separate and distinct Command program (i.e. Microwave Command program, Car Building Drone Command program, etc.).

When hackers use this program, they can do one of two things: Upload a brand new instruction set so that the device does unexpected things like overloading or shutting down or making better coffee (which would be unusual for a cuisinart), or attempt to override a basic function of the device and have it perform outside of its usual parameters.

  • Duration - Sustained
  • Test - Opposed test of Logic + Computer (Command (Device) limits hits) versus a Matrix Perception test (to detect the change in operating parameters). Failure in this test means the system has overwritten the new command set with a stable backup.
  • Agent - None.
  • Default - None. All devices should have this running for their day-to-day operations.

Special Technomancer Rules: Technomancers only need to learn a single Command Complex Form to command any simple device. They simply can talk to the device, and it somehow listens.

Edit (Media)[]

This is a common use program.

This Command program represents any tools used to modify, add, or subtract data in a cohesive fashion, from text editors to graphics to video/trideo feeds. While Edit cannot be used to edit an intruder's icon, it can be used reactively by IC to delete contents of particular datastores.

Using an Edit (Media) program is a non-hostile action. While Edit can be used to damage and alter data, the system creates recursive backups of all media to prevent permanent damage. To permanently damage datastores, the Hacker must use a Datawipe program.

  • Duration - Instant
  • Test - Logic + Computer (Edit (Media) limits hits)
  • Agent - None. However, a System can include "Wipe data" as part of its ARC as a last ditch attempt to prevent hackers from accessing its datastores.
  • Default - None.

Medic[]

This Command program is a variety of diagnostic and programming tools that repair icons and damaged code. It also represents backups and the ability to recover data from damaged files.

  • Duration - Instant
  • Test - Logic + Computer test, with hits limited by the Medic rating. Each hit repairs either one Rating point or one point of damage (whichever is most appropriate). Only one roll can be made for a single set of "injuries".
  • Agent - None.
  • Default - Medic can be thought of as "First Aid", while the usual program repair work falls under the Patching specialization of the Software skill, requiring a Logic + Software (Patching specialization) Extended test. Each hit on the Patching test repairs one Rating point of damaged program (to a maximum of the Program's original rating).

Reality Filter[]

This is a common use program.

This program overrides the node's VR simsense sculpting into the metaphor of your choice. Because playing in your "home field" gives you a distinct advantage, these programs are often used by Hackers when attempting difficult virtual runs.

Alternatively, Reality Filters can also be helpful avatars/agents that run alongside the Hacker and offer advice and warnings in VR.

  • Duration - Permanent
  • Test - Upon connecting with a target node, roll a Reality Filter ("Home Node" System minus the target node's System) test. If the Home Node's system is greater than the System of the target node, then this test requires 1 hit to succeed. If it succeeds, then the Reality Filter can be used as Teamwork dice for any test within that node. It also confers a +1 Response bonus to the hacker. Failure doesn't hurt the hacker (as the Reality Filter can simply be unloaded), but if the hacker critically glitches, the hacker receives a -1 penalty and cannot unload the Reality Filter.
  • Agent - Reality Filter is often run as an agent, giving Teamwork dice to the hacker for Matrix tests when intruding on other nodes.
  • Default - None.

Communications programs[]

Skill Test: Logic + Electronic Warfare

Communications programs are mostly used by riggers and are often used to manipulate and scan wireless frequencies.

Decrypt[]

Decrypt is used for two functions. The first is to decrypt encrypted wireless transmissions for the purposes of Spoofing or Sniffing. The second is to assist in decrypting files that have been Encrypted by the Encrypt program (typically in response to an intrusion).

  • Duration - Instant
  • Test - Logic + Electronic Warfare (Decrypt limits hits) Opposed test against the System + Encrypt rating. Only one net hit is needed to Spoof an Access ID or Sniff a connection (since you are just determining the passkey). For Encrypted files, it is also a Logic + Electronic Warfare (Decrypt limits hits) Opposed test against the System + Encrypt rating. If the roll fails, then the file cannot be downloaded without corruption of the contents. With 1 net hit, you gain some of the information, although full access to the file requires 4+ net hits.
  • Agent - None.
  • Default - With a lot of time and effort, a hacker can manually decrypt a file. Treat this as a Logic + Electronic Warfare Extended test, with a threshold equal to the Encrypt Program Rating times 2 and an interval of 1 day to 1 week to even 1 month depending on how strong the Encryption is. If a file was Encrypted hastily in a single Combat Turn, then the interval should be 1 day or 1 week. If a file was Strongly Encrypted over the course of (Encrypt Rating) hours, the interval should be 1 month (or 1 downtime).

ECCM[]

ECCM is passively used to resist against jamming attempts.

  • Duration - Permanent
  • Test - None. Signal Rating + ECCM is used to resist jamming attempts. In effect, your commlink's signal rating is equal to: Signal Rating + ECCM program - Jammer rating.
  • Agent - None.
  • Default - You are stuck with your base Signal Rating, unmodified by ECCM, when being jammed.

Encrypt[]

This is a common use program.

When Encrypt is running in a node, it scrambles the incoming and outgoing data from the commlink so that in can only be interpreted by other nodes with the appropriate passkey. It can also be used in reaction to an incursion to scramble the data on a node, and thus often serves as a cheap passive IC.

Note that transmissions and data encrypted by technomancers and Resonance forms can only be decrypted by other technomancers and Resonance forms.

  • Duration - Sustained
  • Test - No test is needed to scramble commlink transmissions to defend against Spoof and Scanner attempts. However, see Decrypt for details on Decrypting the Encrypted transmissions.
  • Agent - Encrypt is often run as an Agent. It automatically encrypts communications and files as long as it's loaded.
  • Default - A user can attempt to manually encrypt individual files by performing a Logic + Electronic Warfare test, with hits becoming the threshold for future decryption attempts. This is a relatively simple process, taking a few Combat Turns at most. If an exact time is needed, the GM should have the user perform a Logic + Electronic Warfare (Threshold depending on size of the data, 1 Combat Turn) Extended test.

Scan[]

This is a common use program.

Scan is used to detect hidden nodes. While most hidden nodes are not a direct threat to the scanning node (they are hidden, after all, and not connected to the node), this program is useful for finding stealth RFID tags or hidden commlinks in the area.

  • Duration - Sustained
  • Test - Logic + Electronic Warfare (Scan limits hits). Unlike other tests, this is not Opposed (hidden nodes still route wireless traffic, and you are only getting general information). Hits determine the degree of information. 1 hit will only tell you that there are one or more hidden nodes in the area (nearly useless), 2 hits will tell you the approximate number of hidden nodes, 3 hits will tell you how many hidden devices are within mutual Signal range (since it is mutual, it is likely only to be drones, commlinks, vehicles, etc.), and 4+ hits will find the presence of Stealth tags and other anomalies that are not in mutual Signal range.
  • Agent - Scan can be run as an Agent, which allows Scan to continuously detect hidden nodes (using System + Scan for hidden nodes within Signal range). This can be cumbersome, so the GM is encouraged only to roll if the hidden node is important for the objective.
  • Default - The hacker can try to pinpoint the location of a particular hidden node through a Logic + Electronic Warfare Extended test, with a Threshold equal to 10 - Signal of the hidden node and an interval of 1 Combat Turn. It's finding a needle in a haystack, essentially.

Sniffer[]

This program is used to intercept wireless traffic, allowing one to eavesdrop on wireless transmissions. This includes commcalls, radio links, and simple streaming data transfers (want to know what Joe Coogle is watching on the Trid?). It is often foiled by the Encrypt program, and the traffic needs to be Decrypted before eavesdropping can begin. This supercedes the Complex Action: Capture Wireless Signal in SR4A p 229.

  • Duration - Instant
  • Test - Logic + Electronic Warfare (Sniffer limits hits) test against a variable threshold depending on the wireless traffic in the area and the type of transmission. Only 1 hit is needed in areas with sparse wireless connectivity (Static Zones). Typical suburb/corporate campus wireless traffic or highly regulated wireless traffic (such as security zones) require 2 hits. Spam zones requires 1 hit + the degree of spam in the area (adding the negative modifier as a positive modifier to the threshold instead). 4 hits are needed against Satellite Uplink transmissions.
  • Agent - None.
  • Default - A hacker can attempt to manually tap into wireless traffic. This takes a Logic + Electronic Warfare Extended test with a Threshold of 10 and interval of 1 Combat Turn in VR and 1 minute in AR. This is usually not very useful except for surveillance on a long-term event (like watching a Trid/Simsense show or movie), as most people begin and end a particular wireless stream in the span of a few minutes.

Alternatively, a hacker can go the Hardware method and install a tap onto a fiber trunk. This does not catch wireless traffic, but instead catches wired traffic along a network backbone or a wired connection (which still exists in 2070).

Cybercombat programs[]

Skill Test: Logic + Cybercombat

Cybercombat programs are used to damage either icons or personas. Some of them have additional effects, while others are designed to simply crash an icon/persona. For Attack, Black Hammer, and Blackout, the hacker can only attack a node if it is within mutual Signal range and an active Access ID known by the hacker. This is commonly determined by a Matrix Perception test (often assisted by an Analyze program), although it can be determined by a successful Trace/Track program.

Attack[]

The most common way, bar none, to crash a system. Attack programs are brute force methods of disabling and destroying electronic devices. They range from viral code to common exploits in system vulnerabilities.

Attack can be used against a specific program. If the program is running as an Agent in its Home Node, it defends using the Home Node's System + Firewall. Otherwise, it simply defends using its Program Rating. If the Agent takes a number of boxes of damage equal to its rating, it is down for the count and can't be reloaded.

Systems have a Matrix Condition monitor of 8 + System/2 round up, per default SR4A rules.

  • Duration - Sustained
  • Test - Logic + Cybercombat (Attack limits hits) test against the target's System + Firewall (or Program Rating, if attacking an Agent). Note that Technomancer targets also get a +2 to Matrix Defense rolls and may possibly benefit from a Shield Complex Form. The Attack program deals a DV equal to its Rating, plus net hits from the Run Program: Attack test. This damage is resisted by System + Armor.
  • Agent - Running as an Agent, Attack programs are the most common form of IC run by a system. Roll System + Attack against hacker targets. Remember that an Access ID is needed before an Attack can be initiated, requiring either a successful Trace/Track or a successful Matrix Perception test.
  • Default - Hackers can spend a Complex Action to create a quick and dirty one-shot attack program. Roll Logic + Cybercombat to determine the rating of the Attack program. The Attack program must be run in the Hacker's next Complex action.

Black Hammer/Blackout[]

Black Hammer can only be run against living VR targets like Hacker personas and Technomancers. It deals Physical damage. Blackout is the kinder, gentler variant of Black Hammer and deals Stun damage, but uses the same rules. While Black Hammer is used to kill invading hackers outright, Blackout often carries the Psychotropic program option.

  • Duration - Sustained
  • Test - Logic + Cybercombat (Black Hammer limits hits) test against the target's System + Firewall (or Program Rating, if attacking an Agent). Note that Technomancer targets also get a +2 to Matrix Defense rolls and may possibly benefit from a Shield Complex Form. The Black Hammer program deals a DV equal to its Rating, plus net hits from the Run Program: Black Hammer test against the target's Physical condition monitor (Blackout affects the Stun condition monitor). This damage is resisted by Willpower + Biofeedback Filter.
  • Agent - Running as an Agent, Black Hammer is the infamous "Black IC" of legend. Remember that an Access ID is needed before Black Hammer can be initiated, requiring either a successful Trace/Track or a successful Matrix Perception test.
  • Default - Yeah, right. Dream on.

Data Bomb[]

Exploit programs[]

Skill Test: Logic + Hacking

Exploit programs are often used to provide a "quick and dirty" solution to the usual hacking methods (which often take hours, if not days). They tend to be "libraries" of known exploits and social engineering techniques to crack most commercial systems.

Exploit[]

The eponymous Exploit program is a large "toolbox" of various security hacks that allows the Hacker to break into a system.

Redirect[]

This program fragments the datatrail that the hacker uses to reach a connected node and scatters it to remote nodes to prevent the Track program (and Trace IC) from finding the hacker's physical location and Access ID.

Stealth[]

This program is used to prevent a Matrix Perception test from finding the hacker.

Spoof[]

This program creates a fake user-level ID on the node that the Hacker is accessing. This ID can be used for any mundane tasks allotted to normal users, such as operating basic controls of a camera (movement, record/playback, etc.) or non-restricted access to a public database. When the node is running on Alert, the ID is purged from the system and no longer works.

Resonance Forms (Technomancer)[]

Resonance Forms are special tasks analogous (but not identical) to programs that can only be used by a living persona. Technomancers, depending on tradition, can use either Charisma, Logic, or Intuition to "cast" their Resonance Forms. The base skill used to run a Resonance Form is always their Base Attribute + Resonance + Appropriate Skill. Bonuses to Cracking Skill Group or Electronics Skill Group skills from Magic or Cyberware/Bioware do NOT apply to this roll, as Technomancer abilities transcend both magic and machine. For example, an Encephalon does not provide bonus dice and Dynomitan (Augmentation, p90) does not provide bonus +1 dice pool to Intuition-based Technomancer traditions.

Complex Forms[]

Any of the regular programs usable by Hackers can be learned as a Complex Form. They are treated as programs with a rating equal to the Technomancer's Resonance. They cost 3 Build Points at Character Creation or 5 Karma after Character Creation. Note that for Technomancers, some of the programs are redundant to learn as a Complex Form. Also, Technomancers get a free Biofeedback Filter complex form equal to their Willpower, per canon.

Compiling Forms[]

These forms tap into the Deep Resonance and create or modify entities in the Matrix. The effects of Compiling Forms are not reproducible by normal Hacker programs. Also, Compiling Forms cause Fading when they are executed.

Decompiling Forms[]

These forms tap into the Dissonance and disrupt or destroy entities in the Matrix. The effects of Decompiling Forms are not reproducible by normal Hacker programs. Also, Compiling Forms cause Fading when they are executed.

Devices[]

Commlinks[]

Drones[]

For the purposes of these house rules, the terms Pilot and System are synonymous. To get a higher Pilot rating, you'd use the System purchasing rules. If a drone does not have a listed Pilot rating, it is assumed to be 3. If a drone does not have a listed Response rating, it is assumed to be identical to its Pilot rating.

Autosofts are simply Skillsofts for Drones and add a skill that the drone can use in addition to its appropriate rating when acting on its own. A rigger can also use the Autosoft instead of his/her own skill. For example, a Rigger can attack a target using the drone's Sensor + Gunnery (per standard rules) or let the drone's Autosoft (Gunnery) take over and roll Sensor + Autosoft (Gunnery) instead. RAW rules list the following Autosofts as these names:

  • Autosoft (Dodge) = Defense
  • Autosoft (Electronic Warfare) = Electronic Warfare
  • Autosoft (Gunnery) = Targeting
  • Autosoft (Perception) = Clearsight
  • Autosoft (Pilot X Vehicle) = Maneuver (X Vehicle)

In our rules, we will simply refer to the Autosoft by the skill it replaces. Autosofts are equivalent to a program, and thus take the same amount of "space" as a program. The drone or jumped-in rigger can take a Simple Action to load/unload an Autosoft.

  • Drones come with a standard complement of software at the device rating of the drone including a firewall, perception and an appropriate maneuver autosoft. Combat drones - anything with a weapon mount - come with a single combat autosoft and a dodge autosoft at the device rating.

Drone racks[]

Drone racks can be added to any drone or vehicle provided that the body of the vehicle is two values higher than the body of the drone to fit into the rack.

  • The number of drones that can be put on one vehicle = 2 ^ (body1 - body2 - 2) where body1= the body of the vehicle containing the rack and body2= the body of the drone to be placed in the rack. To add different types of drones to the same vehicle, treat each drone as if it was double the number of drones in the next lower body category, see example.
Example: Valkris has a large drone, an Iron Bobcat, body 4. She wants to install a drone rack for one minidrone (body 1) and add in as many microdrone (body 0) racks as it can carry. The minidrone rack behaves like 2 microdrone racks by the above equation, so it reduces the number of microdrones that could be carried by 2. The number of microdrones that can be carried = 2^(4-0-2) -2 = 2^2 -2 = 4 -2 = 2
  • For the above equation, motorcycles are treated as body 4, cars are treated as body 5 and vans/trucks are treated as body 6 because they need space to hold passengers. If the passenger amenities are removed, their body values are used instead. For cargo-carrying vehicles, the available body is the vehicle body minus twice the maximum possible number of passengers (just for these purposes, other modification slots are still available).
  • Cost = body2 * #drones in rack * 500 nuyen where body2 = the body of the drone to be placed in the rack or 2, whichever is higher. If automatically loading/launching racks are installed, multiply the cost by 5.
  • # modification slots used = body2 * # drones in rack where body2 = the body of the drone to be placed in the rack or 1, whichever is higher. The automatically loading/launching attribute adds one modification slot.
Example: In the example above, Valkris would spend 2*1*500+2*2*500=3000 nuyen. The drones would take up 1*1+1*2=3 modification slots

Devices and Programs[]

Cybercombat[]

Damage[]

Unlike in RAW SR4 rules, icon damage persists until it is repaired. You can't simply reboot the system and make it all better. We assume that Attack programs (which are also IC, if you may recall) are sophisticated enough to hunt down backups and cause some real damage to the software.

For Technomancers, of course, icon damage becomes real-life Stun damage and is healed through normal means.

Technomancers[]

Under Layflat Shadowrun house rules, Technomancers require a Commlink or a similar transmitter in order to send/receive wireless signals. While the ability to process and modify data is inherent in their wetware, wireless transmission is still impossible physiologically and is treated as such.

These house rules use the Technomancer Advanced rules in Unwired.

Sprites[]

Putting It All Together[]

Examples of common Hacking tasks:

The Maglock[]

Captain Jack Raptor, a technomancer, is trying to hack a Maglock (Rating 4) that is strapped to a locked briefcase. He is trying to Spoof an Access ID that works so he can get past the Maglock. The Maglock is programmed to Shutdown if an alert is raised (thus barring the door from opening completely without the use of heavy explosives).

He rolls: Resonance + Logic + Hacking (Possibly another +2 if he's running Hot Sim VR, but that might be awkward unless he has some actions to burn). His Spoof is a rating 4, so he can get 4 hits maximum. The device rolls: Rating 4 times 2, which is 8.

If the device wins, then it doesn't work, and he'll have to roll again at a minus 2 to attempt again. If he wins, then he gets the darn thing to open. If he glitches, then the Maglock goes on alert and starts to shutdown (successfully doing so in a couple of turns). If he critically glitches, not only does the Maglock shut down, but he's locked inside the Maglock until it shuts down (his virtual icon will be pounding on virtual walls while he virtually shouts "Let me out!"), causing him some dumpshock damage. "Luckily" for him, the Maglock is not connected to any other portion of the security system (since it was a portable maglock strapped to a briefcase).

Community content is available under CC-BY-SA unless otherwise noted.
Advertisement

Fan Feed

More RPG