強烈要求Admin做野唔好再視而不見 Husky #1402 多次重複我出d post

微積分(冬馬和紗) 2019-1-11 04:51:53

:^(

lne 2019-1-11 04:58:37 #狗又黎料

Husky 2019-1-11 07:00:44 來自清晨的Husky VIRUS report

針對我所放既文件: HKG CS1.6 By C0RE.exe, 其他唔評論
我所用到既steam game crack/patch如下
1.
steam.dll:
https://www.virustotal.com/#/file/d6e5f07ff9fbed6a29be9524e5ec13eaf5fcbcdd36e59fc8f6029e44d3487e79/detection

2.
steamclient.dll:
https://www.virustotal.com/#/file/107b99f21fe0c12c17680173bfcc1e04e896b5c082f7f0b3a9c691a7d3295d6f/detection
比牙井參考下: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=HackTool:Win32/GameHack
Hacktools can be used to patch or "crack" some software so it will run without a valid license or genuine product key.

3.
revSrvBrowser.dll: 咁岩既又係 ClamAV
https://www.virustotal.com/#/file/94c7a655cae2f2ede1866f081fd1d8ba444e2e70c9b2756338bba425f1afabda/detection
有2舊野都係得ClamAV話有毒其他都話冇可信性有幾多呢

:^(

至於另一個 M$幫我解答左同埋其他都話冇

:^(

crack from https://cs.rin.ru

唔關事既patch
4. 比1.6食到unicode既patch
upatch.dll: safe
https://www.virustotal.com/#/file/0a81945af381f8ae30d019eaaa4e7527c5ca6baa931da6407663a5ed3c8adaa1/detection

5. 比4554版打中文既patch
hw.dll
https://www.virustotal.com/#/file/6543b7b0cedba086ccfac5f52e27b461abdb72698779aec1981ffec304a8a2dc/detection
hwpatcher.dll
https://www.virustotal.com/#/file/ff0eab0171830f48cdb2812ae4e4408a67de3e9d2ef971b511901534797bc660/detection

仲唔撚關事既exe
6.
cstrike.exe: wadiu 牙井終於捉到我了

:^(

https://www.virustotal.com/#/file/4df4df7dc5f15cbe95fcb01de7a6b53288e8de6bc41b6529f9a385298630b5e8/detection
再參考下M$講咩先:
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=TrojanDownloader%3AWin32%2FBanload
trojans that steal banking credentials and other sensitive data, and send it back to a remote attacker.
都痴撚線既

:^(

唔緊要到底係咪真係咁呢?
等我reverse黎睇睇下

:^(

驚牙井睇唔明opcodes 所以比張易睇D既

:^(

咦用到GetCurrentDirectoryA, wsprintfA同ShellExecuteA
呢幾個咩function黎架?
https://docs.microsoft.com/en-us/windows/desktop/api/winbase/nf-winbase-getcurrentdirectory
https://docs.microsoft.com/en-us/windows/desktop/api/winuser/nf-winuser-wsprintfa
https://docs.microsoft.com/en-us/windows/desktop/api/shellapi/nf-shellapi-shellexecutea

假設我裝個CS1.6係C drive C:\HKG CS1.6 By C0RE
Line 7: 拎目前路徑放落char Buffer 到
Line 8: 砌條Parameters string出黎 -game cstrike -steam %s
%s咩黎? 假設command line有野咪放落條string到囉依家當冇
Line 9: 再砌多條File string出黎, 拎番Line7得落既char放番入去
Line 10:

open
Opens the item specified by the lpFile parameter. The item can be a file or folder.

咁根據Line 7-9 砌埋一舊姐係 C:\HKG CS1.6 BY C0RE\hl.exe -game cstrike -steam
姐係咩? 用黎開game既program囉屌
我想知邊條on9仔寫多D 放落.bat到咪搞掂

:^(

畫沙 2019-1-11 07:03:25 收到wind樓豬又無覆診

永世名人 2019-1-11 07:08:11

:^(

井師傅

夏川真涼 2019-1-11 07:27:57 不如攝高枕頭諗下點解冇人入你嗰個

:^(

啡毛貓 2019-1-11 07:30:06 究竟有幾小學雞先仲玩告人

大會指定安全套 2019-1-11 07:32:26 此回覆已被刪除

萬寧貓 2019-1-11 09:04:27 出黎隻秋啦

永世名人 2019-1-11 12:36:54 人又中文字你雖然差d味又係中文

微積分(冬馬和紗) 2019-1-11 12:37:37

:^(

カイル 2019-1-11 13:00:10

:^(

又扮盲啦

美心力量 2019-1-11 13:26:29 咁變態！？有冇報驚??

加美尤.維達 2019-1-11 14:48:18 改乜呀，盲左？

コルネリウス 2019-1-11 14:52:43

:^(

短髮控 2019-1-11 14:56:40 兩隻小學雞=.=

米水比 2019-1-11 15:47:24 佢點搞你？

:^(

Husky 2019-1-11 17:33:25 55

加美尤.維達 2019-1-11 18:54:45 屌你老母改乜撚呀

Husky 2019-1-11 19:09:52 人地搵緊

:^(

比D時間牙井OK?

水樹奈奈 2019-1-11 19:31:48 下年聖誕見

:^(

加美尤.維達 2019-1-12 02:21:18 有證據未呀，垃圾

Husky 2019-1-12 06:02:30 下年應該有

🇯🇵Honda_10 2019-1-12 16:15:25 牙井又發功

:^(

微積分(冬馬和紗) 2019-1-12 16:21:58

:^(