TheTechGuide Forum
General Category => Frag Fest => General Discussion => Topic started by: 120bot on August 02, 2007, 05:58:27 PM
-
EDIT
-
DO NOT DOWNLOAD, MULTIPLE VIRUSES, getting a picture atm.
(http://img294.imageshack.us/img294/4621/noobscammeryw8.png)
-
Sigh, hurry up so I can prove it's not a virus.
-
^ way to go newbie
-
^ Way to go kid.
NOD32 = WIN32/VB.BCO
Norman Virus Control = W32/VB.DIZ
F-Secure/Kaspersky Anti-Virus = Backdoor.Win32.VB.bax
Avast = Win32:VB-EIN[quote name=\'120bot\']My project consists of a Win32 Console Application coded in Microsoft Visual C++ 6.0[/quote]
Hmmm. I find that funny =) Now for the rest.
The trojan that a couple picked up is the bot reciving/decrypting/sending the packets. Scan wpe pro and tell me what it finds.
-
he has a point. packets and packet editors are often picked up as a virus when they usually are not.
im not saying his is safe. im just saying that it is probably not a virus.
it COULD be.
but i wouldnt be surprised if it is not.
if you dont think its safe, dont download. if you do, help yourself.
most hacks for the game Dark Eden require packet editing. when i hacked it with WPE Pro and scanned the editor and packets, it said it was loaded with trojans, but it wasnt. even packets i made myself said it was loaded when they were not. scanners pick them up as trojans.
-
interesting because theres a trojan and a backup trojan, prove me wrong? that pic posted by zack th e man proves it.
EDIT: sorry just noticed bloodogre edited it. We are ok now.
-
Backup trojan? Please explain.
-
try lookign at the pick above...btw you have been proved a scammer thats why your program was deleted and your post was edited...theres torjans everywhere in that thing, regular trojan, backdoor trojan and other backdoor crap.
-
When you can tell me exactly what these "trojans" thats when you can call me a scammer. Get googleing buddy. http://[censored]inggoogleit.com (http://\"http://%5bcensored%5dinggoogleit.com\")
Also, if you scan the newest version of wpe pro it also say "backdoor". Almost all anti-viruses will detect a decrypter as a trojan or a backdoor. Why? because trojans will recive encrypted packets from the client or the person that sent you the trojan it will then decrypt them read them reenrypt them and send them back. Since the anti-virus can't read these or if it finds a decrypter/encrypter in the program or file it will mark it as unsafe or a trojan.
-
definition of a trojan: a sort of virus although it does not replicate itself - it is something which is hidden in a file and, when activated, it does terrible damage!
Backdoors: A Backdoor is a software program that gives an attacker unauthorized access to a machine and the means for remotely controlling the machine without the user's knowledge. A Backdoor compromises system integrity by making changes to the system that allow it to by used by the attacker for malicious purposes unknown to the user.
mmk now you can shut the fuck up now bitch Try using your ehad instead of lame ass scams.
-
Wow, didn't think you was intelligent enough to use google. Now how would you find out if my program is a "trojan/backdoor" for sure? It is packed with a simple UPX packer. Unpack it using a debbuger preferably Ollydbg.
After that is done, I want you to show me a segment of the coding where it proves it's a trojan. All trojan/backdoors
have something in ASM (assembly) that will prove it is a trojan/backdoor. Find one of these items. I.P. address it connects to, the segment of code putting the hidden file on your comp, anything that would give me control over your comp, or anything else like that. If you can accomplish this you are much more knowledgeable than I gave you credit for.
I charge 5$ a hour for hacking lessons. email me at: sexyroxy692@*hot*mail*com because I know your not gonna be able to do any of this kid. If you don't accomplish this you fail as a Anti-Scammer.
-
[quote name=\'120bot\' post=\'368350\' date=\'Aug 4 2007, 04:32 AM\']Wow, didn't think you was intelligent enough to use google. Now how would you find out if my program is a "trojan/backdoor" for sure? It is packed with a simple UPX packer. Unpack it using a debbuger preferably Ollydbg.
After that is done, I want you to show me a segment of the coding where it proves it's a trojan. All trojan/backdoors
have something in ASM (assembly) that will prove it is a trojan/backdoor. Find one of these items. I.P. address it connects to, the segment of code putting the hidden file on your comp, anything that would give me control over your comp, or anything else like that. If you can accomplish this you are much more knowledgeable than I gave you credit for.
I charge 5$ a hour for hacking lessons. email me at: sexyroxy692@*hot*mail*com because I know your not gonna be able to do any of this kid. If you don't accomplish this you fail as a Anti-Scammer.[/quote]
you seriously blind? the very 3rd post someone posted a pic of a scanning, i also scanned it myself. seriously we don't need trash like you in our forums here. I'd post a pic myself but i can no longer downlaod it to scan it a second time, and I didn't make a pic because someone already did! I alos don't spend my life hacking. I have something called A social life.
-
Well obviously I'm not doing to bad my self 3 years of college...... As I said the 3rd post detects it as a virus but, that doesnt mean it is. Do what I posted above and prove me wrong. When you make a trainer using TMK it detects it as a trojan and a backdoor. When you scan winsock packet editor(WPE) it detects it as a trojan. So occording to you, Anything that detects something as a virus or trojan means it is no matter what correct? When you find something in the assembly I'll give you 10$ paypal.
-
Wow your realy must need to ahck peopels runescape accounts if your this desperate to try and prove your trojans are safe. Your trying to get me to something pointless that will waste my time like when you asked me to tell you wha a trojan was, I knew it was a program that damages your computer and blah blah lah, you apparently did aswell, but you made me waste time by searchign a for a definition a scammer like you would't be able to back up with sweet talk. Whats next?
-
[quote name=\'Kyra Yamato\' post=\'368676\' date=\'Aug 4 2007, 08:06 PM\']Wow your realy must need to ahck peopels runescape accounts if your this desperate to try and prove your trojans are safe. Your trying to get me to something pointless that will waste my time like when you asked me to tell you wha a trojan was, I knew it was a program that damages your computer and blah blah lah, you apparently did aswell, but you made me waste time by searchign a for a definition a scammer like you would't be able to back up with sweet talk. Whats next?[/quote]
Ok, for the 4th time, It's not a trojan. I see that you had to search for a definition. Which means you had no clue or knew exactly what it did. So who are you to say its a trojan? I'm gonna say this agian to.
scan wpe or a trainer made by TMK.
[list=1]<LI class=li1>HINSTANCE hZInputLibInstance = LoadLibrary([color="#666666"]"ZInputLibrary.dll"[/color]);<LI class=li2> <LI class=li1>[color="#0000ff"]typedef[/color] [color="#0000ff"]void[/color](__stdcall *LPFINDFUNCTION1)(DWORD dwSleepTime, [color="#0000ff"]const[/color] [color="#0000ff"]char[/color] *szMsg, ...);<LI class=li2>LPFINDFUNCTION1 EchoIn = (LPFINDFUNCTION1)GetProcAddress(hZInputLibInstance, [color="#666666"]"echo_input"[/color]);<LI class=li1> <LI class=li2>[color="#0000ff"]typedef[/color] [color="#0000ff"]void[/color](__stdcall *LPFINDFUNCTION2)(DWORD dwSleepTime, [color="#0000ff"]int[/color] msgtype, [color="#0000ff"]const[/color] [color="#0000ff"]char[/color] *szMsg, ...);<LI class=li1>LPFINDFUNCTION2 EchoOut = (LPFINDFUNCTION2)GetProcAddress(hZInputLibInstance, [color="#666666"]"echo_output"[/color]);<LI class=li2> <LI class=li1>[color="#0000ff"]typedef[/color] [color="#0000ff"]const[/color] [color="#0000ff"]char[/color] *(__stdcall *LPFINDFUNCTION3)([color="#0000ff"]void[/color]);<LI class=li2>LPFINDFUNCTION3 StrCmd = (LPFINDFUNCTION3)GetProcAddress(hZInputLibInstance, [color="#666666"]"retstr"[/color]);<LI class=li1> <LI class=li2>[color="#ff0000"]//At the beginning of your main thread--[/color]<LI class=li1>[color="#ff0000"][/color] <LI class=li2>[color="#0000ff"]if[/color](GetFileAttributes([color="#666666"]"ZInputLibrary.dll"[/color]) == [color="#0000dd"]-1[/color]){<LI class=li1> MessageBox([color="#0000ff"]NULL[/color], [color="#666666"]"Could not locate ZInputLibrary.dll."[/color], [color="#666666"]"ZInputLibrary Error!"[/color], MB_ICONERROR);<LI class=li2> ExitThread([color="#0000dd"]1[/color]);<LI class=li1>}<LI class=li2> <LI class=li1>[color="#ff0000"]//Later in your function--[/color]<LI class=li2>[color="#ff0000"][/color] <LI class=li1>[color="#0000ff"]if[/color](hZInputLibInstance != [color="#0000ff"]NULL[/color]){<LI class=li2> [color="#0000ff"]if[/color](!EchoIn || !EchoOut || !StrCmd){<LI class=li1> FreeLibrary(hZInputLibInstance);<LI class=li2> MessageBox([color="#0000ff"]NULL[/color], [color="#666666"]"Error in ZInputLibrary.dll."[/color], [color="#666666"]"ZInputLibrary Error!"[/color], MB_ICONERROR);<LI class=li1> ExitThread([color="#0000dd"]1[/color]);<LI class=li2> }<LI class=li1> <LI class=li2> EchoIn([color="#0000dd"]100[/color], [color="#666666"]"<Text w/ Argument>"[/color], Arg); [color="#ff0000"]//dwSleepTime is in milliseconds -- 1000ms = 1s[/color]<LI class=li1> EchoOut([color="#0000dd"]250[/color], [color="#0000dd"]1[/color], [color="#666666"]"<Text w/ Argument>"[/color], Arg); [color="#ff0000"]//Change msgtype for a different color[/color]<LI class=li2>[color="#ff0000"][/color] <LI class=li1> [color="#ff0000"]//Compare two strings (case insensitive)[/color]<LI class=li2> [color="#0000ff"]if[/color](stricmp(StrCmd(), [color="#666666"]"/<command>"[/color]) == [color="#0000dd"]0[/color]){<LI class=li1> [color="#0000dd"]memcpy[/color](([color="#0000ff"]void[/color] *)StrCmd(), [color="#0000ff"]NULL[/color], [color="#0000dd"]1[/color]);<LI class=li2> [color="#ff0000"]//Do stuff here[/color]<LI class=li1> }<LI class=li2> <LI class=li1> [color="#ff0000"]//Compare two blocks of memory[/color]<LI class=li2> [color="#0000ff"]if[/color]([color="#0000dd"]memcmp[/color](([color="#0000ff"]void[/color] *)StrCmd(), [color="#666666"]"/<command> "[/color], [color="#0000dd"]11[/color] [i][color="#ff0000"]/*len of cmd*/[/color][/i]) == [color="#0000dd"]0[/color]){<LI class=li1> [color="#ff0000"]//Do stuff here[/color]<LI class=li2> [color="#0000dd"]sprintf[/color](StrCmd, [color="#666666"]"/<command> <args>"[/color], &Arg[i][color="#ff0000"]/*(s)*/[/color][/i]);<LI class=li1> [color="#0000dd"]memcpy[/color](([color="#0000ff"]void[/color] *)StrCmd(), [color="#0000ff"]NULL[/color], [color="#0000dd"]1[/color]);<LI class=li2> [color="#ff0000"]//Do more stuff here[/color]<LI class=li1> }[*][/list]Enjoy. 20% of the source code.
-
You hack? Really, Whats the point even if you did.
Also, RUNESCAPE? I doubt a hacker would want to hack peoples accounts..Unless your 9.
"Just google hacking".
-
120bot, I trust you, send me the program, I will vouch for you if it works. MSN is in signature.
-
[quote name=\'Dr Tim\' post=\'368823\' date=\'Aug 5 2007, 07:51 AM\']120bot, I trust you, send me the program, I will vouch for you if it works. MSN is in signature.[/quote]
Lmao, IP Check?
-
odd if it didn't have atrojan then why did our mods block your program? quit lying.
-
[quote name=\'Kyra Yamato\' post=\'368836\' date=\'Aug 5 2007, 08:47 AM\']odd if it didn't have atrojan then why did our mods block your program? quit lying.[/quote]
Open your eyes and read the whole topic agian. If you can read it shows it has a trojan. I proved it didn't.
[quote name=\'light\']You hack? Really, Whats the point even if you did.
Also, RUNESCAPE (http://\"http://www.thetechguide.com/forum/index.php?act=Post&CODE=02&f=28&t=66166&qpid=368836#\")? I doubt a hacker would want to hack peoples accounts..Unless your 9.
"Just google hacking".[/quote]
Wtf are you talking about? This isn't really a hack, it just simulates the packets and has nothing to do with hacking peoples accounts.
-
nice job re editing the scripts lol, alot of trouble don't you think?
-
[quote name=\'Kyra Yamato\' post=\'369260\' date=\'Aug 5 2007, 09:20 PM\']nice job re editing the scripts lol, alot of trouble don't you think?[/quote]
What script? If your not gonna learn how to use a debugger and check for trojans then, don't bother posting. It's just making you look very unknowledgeable and making you look like a phailer.
Here you are. http://rapidshare.com/files/47221067/T-sim.exe.html (http://\"http://rapidshare.com/files/47221067/T-sim.exe.html\")
Now go find a debugger on google.
-
Oh come on! Just leave this forum, Were not going to do it; Even if its true..
SHOO!
-
Yea, might as well to many nubs here bye bye