• Welcome to Valhalla Legends Archive.
 

Tricking people for d2 stuff ( wrong)

Started by Denial, November 30, 2003, 01:12 AM

Previous topic - Next topic

Skywing

#15
Quote from: Thing on November 30, 2003, 03:53 PM
Peeking at the source of http://<removed> shows that a window containing test.hta is opened.  test.hta source is here http://forum.valhallalegends.com/files/test.hta.htm Once executed, the following files are created:

c:\cmdl32.exe
c:\documents and settings\user\windows\1.MZP
c:\documents and settings\user\windows\win types\1.MZP
c:\documents and settings\user\windows\win types\Win Const0.idx - 0 bytes
c:\documents and settings\user\windows\win types\Win Const1.idx - 0 bytes
c:\documents and settings\user\windows\win types\Win Const.exe
c:\documents and settings\user\windows\win types\Win Const1.dat is created upon execution of Win Const.exe and is where all of your keystrokes are logged. :)

The trojan connects to 24.2.211.159 on TCP port 85 where the machines happily chat with each other waiting for the master to take control.

That's all I have time to mess with for now.  I might let it run tonight and see what happens.
It might be interesting to report that address to the ISP's abuse dept. and see what happens to his Internet access.

K

Quote from: Skywing on November 30, 2003, 09:24 PM
It might be interesting to report that address to the ISP's abuse dept. and see what happens to his Internet access.

Already been done  ;)
http://www.comcast.net/memberservices/contactus/contact_us.jsp
24.2.211.159  [c-24-2-211-159.client.comcast.net]

Denial

Ah lets all go there and complain! i went as well
Actus non facit reum nisi mens sit rea

iago

This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


warz

#19
Oh please, this is a damn computer. I'm completely cold hearted when it comes to other peoples computers. I could render somebodies computer completely useless by deleting crucial files, and not feel the least bit bad about doing so. If you waited for somebody to do something to you in certain situations online, then there'd be no risks. In the case of waiting, it's either play or be played. Somebody has to act first.

On a side note:
In a way, Denial helped out c0ke. By simply placing that link there, before explaining what it does, might (and has) potentially lead people to click it, and then continue to read on (I almost did). I was thinking about this earlier, when I almost clicked it before reading on. It somewhat ties into this topic though.

Zerg

Quote from: warz on December 01, 2003, 05:49 PM
Oh please, this is a damn computer. I'm completely cold hearted when it comes to other peoples computers. I could render somebodies computer completely useless by deleting crucial files, and not feel the least bit bad about doing so. If you waited for somebody to do something to you in certain situations online, then there'd be no risks. In the case of waiting, it's either play or be played. Somebody has to act first.

On a side note:
In a way, Denial helped out c0ke. By simply placing that link there, before explaining what it does, might (and has) potentially lead people to click it, and then continue to read on (I almost did). I was thinking about this earlier, when I almost clicked it before reading on. It somewhat ties into this topic though.
It's true, about helping out c0ke, that wasn't cool. Just look at mitosis, he clicked it, but then again, he's another story...
oh and warz, if the case is play or be played, then why simply just NOT play, and maybe everyone can eventually not play, so we can never be played? </delusion>

warz

Too bad people DO use computers. Good luck telling people to stop.

Denial

It's not like i wanted people to click there hence first word i said SCAM so that should give a clue that if you go there scam? and then i explained right below it about it. So if you don't read everything and you go there then um my bad?
Actus non facit reum nisi mens sit rea

CrAzY

Quote from: j0k3r on November 30, 2003, 06:48 AM
Ah c0ke... I recognize the name...

The easiest way not to get hacked is not to visit sites you don't know about. Idiots are always coming into channels saying 'omg i just got hacked wtf give me some items i have nothing' and it's pathetic.

I agree that it shouldn't be done (by everyone), but it keeps the noobs on the lower rungs of the ladder and and it gets rid of some of the noobs.

Easiest way not to get hacked, is not to cheat :-).  Which also means, don't download anything acept from blizzard.
CrAzY

Kp

Quote from: CrAzY on December 05, 2003, 09:04 AM
Which also means, don't download anything acept from blizzard.

Easier said than done for those people running clients which have holes that permit remotely running code/doing other evil things.
[19:20:23] (BotNet) <[vL]Kp> Any idiot can make a bot with CSB, and many do!

c0ke

Quote from: j0k3r on November 30, 2003, 11:56 AM
Coke isn't very interested in D2, just making people unhappy.

Bingo!!  (sorta)
Origionally i did it to have fun with a few people from school.  Didnt want to fuck over anyone, no harmful intentions... although on occation i am rather evil.  anyways im done with battle.net (only reason im on this forum is because someone showed me the link)

j0k3r

Hey what's up c0ke, still hang around 2xx?

I can see why he is scamming people, especially if he has ebay, I just sold a skullder's ire in ebay for $40... These people have too much money.
QuoteAnyone attempting to generate random numbers by deterministic means is, of course, living in a state of sin
John Vo