99% Sure One Just Attempted to Infect me

[Adam]

Well he said i could have a test slave and i still aint had that yet no logs have come in yet....

I sent a test slave. I have no clue if your project neptune is setup right.

 

[Robbie]

More pics:
The process it starts isn't the same as mine:
The process I used is msdcsc.exe
While the procces it started was MSBuild.exe

Spoiler

He crypted mine for me and i tested it on myself and i have that too. Cant remove it. GREAT!

 

[Adam]

More pics:
The process it starts isn't the same as mine:
The process I used is msdcsc.exe
While the procces it started was MSBuild.exe

Spoiler

No shit it corrupted. I should of been more specific in the post. I enabled startup on my crypter while you had it enabled on your RAT. There are a different set of settings to use if it is setup like that.

 

[Gengar_mybb_import19743]

More pics:
The process it starts isn't the same as mine:
The process I used is msdcsc.exe
While the procces it started was MSBuild.exe

Spoiler

Your replies are getting worse and worse, a crypter injects the infected file into a different process.

 

[Pro]

Ex-Rune is coming after me! Uh-Oh. How bout we get some staff verdict instead of all the exrune kids telling me I have no knowledge of hacking pointlessly flaming me.

 

[Chacho Skuds]

Lmao @ Pro's ignorance.

 

[Adam]

My RAT injects into AppLaunch...
http://puu.sh/sX2F
I will show all my victims if needed.

 

[Pro]

Also:

Negative (-1): Has no knowledge of hacking, >gets free crypt, assumes user who crypted is infecting him because it has persistence enabled.

No Crypters i've heard of allow you to enable or disable persistence installation. That's something configured in server setup.

 

[Voodin]

I say the staff should give Pro and One timeouts to make them think about what they have done.

 

[Adam]

http://puu.sh/sX42
Those are the exact settings I use for my RAT as those are the settings specified in my crypter tutorial for BlackShades.

 

[Pro]

My RAT injects into AppLaunch...
http://puu.sh/sX2F
I will show all my victims if needed.

Spoiler

AppLaunch


From OP.


Game?

 

[Techno]

Also:

Negative (-1): Has no knowledge of hacking, >gets free crypt, assumes user who crypted is infecting him because it has persistence enabled.

No Crypters i've heard of allow you to enable or disable persistence installation. That's something configured in server setup.

Sadly plenty of crypters do that. I think the files are just corrupted and nothing really happened.

 

[ViN_mybb_import10810]

I say the staff should give Pro and One timeouts to make them think about what they have done.

It is a possibility that they both did not do anything. Just a little confusion.

 

[Techno]

I say the staff should give Pro and One timeouts to make them think about what they have done.

It is a possibility that they both did not do anything. Just a little confusion.

That's what I am thinking. /Closed till I get home (omw)

 

[Adam]

My RAT injects into AppLaunch...
http://puu.sh/sX2F
I will show all my victims if needed.

Spoiler

AppLaunch


From OP.


Game?

I have no clue if my crypter injects into appalaunch or my RAT does.

 

[Gengar_mybb_import19743]

My RAT injects into AppLaunch...
http://puu.sh/sX2F
I will show all my victims if needed.

Spoiler

AppLaunch


From OP.


Game?

I have no clue if my crypter injects into appalaunch or my RAT does.

If you crypted your rat with your crypter they will have the same process when ran.

 

[Pro]

Closing this until mike gets home, I re-opened by accident. H4x

 

[Chewbaka]

Why don't you just ask for him to recrypt then watch over teamviewer?

 

[Pro]

Why don't you just ask for him to recrypt then watch over teamviewer?

I don't care about the crypt. If he tried to infect me he would just change the settings to cover his ass anyway.

 

[Adam]

http://screensnapr.com/v/xjPPBD.png
I crypted this DarkComet server for reddom while he watched me on TV. The process it injects into is: AppLaunch.