Some dumbass kid put his personal email/password into his keylogger.
[code]Name: BILAL HJIOUAJ
Date of Birth: 05/05/1994
Email: mcmaster9911@gmail.com
U.S. Citizen: Yes
Permanent Address: <withheld>
<withheld> TX 78660
County: <withheld>[/code]
I am so confused about why so many "hacks" and stuff are in visual basic.
[QUOTE=ZenX2;34883893]I am so confused about why so many "hacks" and stuff are in visual basic.[/QUOTE]
It's easy to do.
I found this in pastebin
[url]http://pastebin.com/AxyV7Mvm[/url]
it actually contains a crypted assembly it decrypts, then runs.
[editline]26th February 2012[/editline]
I now have a decrypted version of that Assembly. combing through it now
[editline]26th February 2012[/editline]
it contained a crypted version of something that decrypts ANOTHER PE.
I think I am down to the final layer now, seeing as it this assembly called: servernamewithoutexe
[editline]26th February 2012[/editline]
and that seems to be a non .net executable sadly.
I just got a 30k views Guild Wars bot, I get an account every 1 to 3 hours that works.
Easy way to packrat my main
well, it seems they have found a way to block reflector.
[QUOTE=Thugaim;34885534]I just got a 30k views Guild Wars bot, I get an account every 1 to 3 hours that works.
Easy way to packrat my main[/QUOTE]
This is a felony.
Every person is a felony.
[QUOTE=Thugaim;34885534]I just got a 30k views Guild Wars bot, I get an account every 1 to 3 hours that works.
Easy way to packrat my main[/QUOTE]
So your taking the accounts that the keyloggers get?
This guy is clever, used variable names of odd characters.
[editline]26th February 2012[/editline]
Well I hit a snag here, it uploads everything to a website, not IRC.
[QUOTE=nekosune;34885646]This guy is clever, used variable names of odd characters.
[editline]26th February 2012[/editline]
Well I hit a snag here, it uploads everything to a website, not IRC.[/QUOTE]
That's probably obfuscation.
[url]http://trs.tegarte.com/hc/tyler/index.php[/url]
if anyone is intrested, I may just write a spammer to fill his db with junk.
[editline]27th February 2012[/editline]
[QUOTE=Darwin226;34885701]That's probably obfuscation.[/QUOTE]
it was, but it had a side effect of blocking reflector from working. but lookign through the code, it all seems to go to that url now. which when visit, has a login wall
Oh this is fun, I just looked inside this guy's phishers and it just sent emails to his gmail. Even included the password, but someone(or him) changed it by now.
Oh damnit, I can't access some of these guy's gmails because gmail is saying I am not from where they're from. Saved by google.
[QUOTE=WTF Nuke;34886519]Oh damnit, I can't access some of these guy's gmails because gmail is saying I am not from where they're from. Saved by google.[/QUOTE]
Its easy to get around. Just look at their youtube profile and get a proxy from that area :P.
Hey guys, I'm pretty new to programming here(at least compared to most of the regulars here.) I'm really into reverse-engineering programs and finding out how they work. I have quite a lot of experience in Lua and experienced with Visual Basic(but that won't help at all) so I'm not totally new at this. I understand most of the things you're talking about here but I really wanna know more about this concept. Would anyone be willing to teach me through it/make a guide to educate me more on this?
Holy fuck this one has a shit ton of obfuscation. It keeps calling things from a resource which is an encrypted assembly. So I have to decode that, and then figure out what the calls to it are doing, and then finally figure out what the original calls to the method that decrypt the gmail info are actually returning.
[QUOTE=supersnail11;34889507]Holy fuck this one has a shit ton of obfuscation. It keeps calling things from a resource which is an encrypted assembly. So I have to decode that, and then figure out what the calls to it are doing, and then finally figure out what the original calls to the method that decrypt the gmail info are actually returning.[/QUOTE]
Wanna hook a brother up with this challenge?
[QUOTE=Phreebird;34889707]Wanna hook a brother up with this challenge?[/QUOTE]
[url]http://www.mediafire.com/?1lwuhs1lgpj15cj[/url]
It's not a virus, but it's fucking hard to disassemble.
[QUOTE=supersnail11;34889946][url]http://www.mediafire.com/?1lwuhs1lgpj15cj[/url]
It's not a virus, but it's fucking hard to disassemble.[/QUOTE]
Thank you good sir.
[img]http://i.imgur.com/r4CVn.png[/img]
Found on the GMail account.
[editline]27th February 2012[/editline]
All facebook details. Changed password and security questions so no more mail is sent.
[QUOTE=Ratzz;34888311]Hey guys, I'm pretty new to programming here(at least compared to most of the regulars here.) I'm really into reverse-engineering programs and finding out how they work. I have quite a lot of experience in Lua and experienced with Visual Basic(but that won't help at all) so I'm not totally new at this. I understand most of the things you're talking about here but I really wanna know more about this concept. Would anyone be willing to teach me through it/make a guide to educate me more on this?[/QUOTE]
1. Download ILSpy
2. Drag 'n drop .NET exe file into ILSpy window
3. Profit
[QUOTE=OldFusion;34877470]the owner goes to the same channel and activates the bots with a password, the password is packed in the executable.[/QUOTE]
how 2 rsa ???
[QUOTE=supersnail11;34890248][img]http://i.imgur.com/r4CVn.png[/img]
Found on the GMail account.
[editline]27th February 2012[/editline]
All facebook details. Changed password and security questions so no more mail is sent.[/QUOTE]
I found a few and I just deleted the whole Google account instead.
Found some "runescape l33t hackr" hotmail account. Wasn't obfuscated, only had 2 accounts sent from it. Deleted account.
I remember one time when i did this and figured some dickwad keylogged himself. I dropped all his runescape money.
[QUOTE=Simspelaaja;34893130]1. Download ILSpy
2. Drag 'n drop .NET exe file into ILSpy window
3. Profit[/QUOTE]
Is it really that easy?
Sorry, you need to Log In to post a reply to this thread.
