[QUESTION]

05/27/2008 00:45 jkjkmaster#1

Ok, while i was playing ms i saw a guy hacking. he had awsome hacks.
so i asked him for his hacks but he didn't give them to me. read on.
He said that he made a UCE that was somehow inside a maplestory file. it had the file's info inside it. He also said that he changed the files name

i don't no if this is possible he could be lying but if this is possible this could be a powerful hack.
PLEASE POST YOUR KNOWLEDGE!

05/27/2008 06:01 spritelleh#2

Wow. See how reliable this forum is. we don't even answer. Been 5 hours since oyu asked and no ones bothered to answer you. Well, anyways, heres what I think.

Chances are, he does have a file like that. Chances are he also tried to make oyu think he made them too. He most likely got it from a friend. It might be a packet editor. It might not be. It is possible to do that though. He could have edited just like we did with PCOMDebug files. Anyways, that's all I have to say for now.

05/28/2008 00:40 jkjkmaster#3

thx this was helpful :)

05/28/2008 00:51 GamePhail#4

[Only registered and activated users can see links. Click Here To Register...]

He probably used that bypass...it gets executed similar to GGK(Start ggk, start maple)

[Only registered and activated users can see links. Click Here To Register...]

Antivirus Version Last Update Result
AhnLab-V3 2008.5.28.0 2008.05.27 -
AntiVir 7.8.0.19 2008.05.27 TR/Crypt.TPM.Gen
Authentium 5.1.0.4 2008.05.27 -
Avast 4.8.1195.0 2008.05.27 -
AVG 7.5.0.516 2008.05.27 -
BitDefender 7.2 2008.05.28 -
CAT-QuickHeal 9.50 2008.05.26 -
ClamAV 0.92.1 2008.05.27 PUA.Packed.Themida
DrWeb 4.44.0.09170 2008.05.27 -
eSafe 7.0.15.0 2008.05.27 -
eTrust-Vet 31.4.5826 2008.05.27 -
Ewido 4.0 2008.05.27 -
F-Prot 4.4.4.56 2008.05.27 -
F-Secure 6.70.13260.0 2008.05.27 -
Fortinet 3.14.0.0 2008.05.27 -
GData 2.0.7306.1023 2008.05.27 -
Ikarus T3.1.1.26.0 2008.05.27 Generic.Sdbot
Kaspersky 7.0.0.125 2008.05.27 -
McAfee 5304 2008.05.27 -
Microsoft None 2008.05.27 -
NOD32v2 3136 2008.05.27 -
Norman 5.80.02 2008.05.27 -
Panda 9.0.0.4 2008.05.27 -
Prevx1 V2 2008.05.28 -
Rising 20.46.12.00 2008.05.27 -
Sophos 4.29.0 2008.05.27 Mal/Basine-C
Sunbelt 3.0.1123.1 2008.05.17 -
Symantec 10 2008.05.27 -
TheHacker 6.2.92.321 2008.05.27 -
VBA32 3.12.6.6 2008.05.27 -
VirusBuster 4.3.26:9 2008.05.27 Packed/Themida
Webwasher-Gateway 6.6.2 2008.05.28 Trojan.Crypt.TPM.Gen

Just the usual false positives...but w/e, use at you own risk...runs kernel mode functions that I want to keep private so I packed it with Themida.

Cheers.

05/29/2008 00:33 jkjkmaster#5

if this works it'll make me happy :) then i can hack

05/29/2008 00:39 jkjkmaster#6

wait a tick. he only has 1 post and now i got a process called exxplorer.
and my firewall wants to block it.
um those arent false positives

05/30/2008 22:11 spritelleh#7

I was just looking at the 1 post thing. It's not nice to judge someone by their post but that's pretty suspicious

05/31/2008 00:23 jkjkmaster#8

cuz usually someone with 1 post would do that like on other forums

05/31/2008 03:36 spritelleh#9

Yep. Elitepvpers is small though. Well, smaller then some. Makes it where we don't have MODOATORS FOR EVERY SECTION! WHICH I SHOULD BE! So that kind of stuff can't be deleted.

05/31/2008 03:50 spritelleh#10

I downloaded the file. And, I'd hate to repel a new Elitepvper so I can't lie to y'all. There are no suspect files. They file is aparently clean. My Antivirus didn't stop it either. I think it's clean. But, considering the way it looks to have had lack of effort and time. I'm not going to execute it. That's up to y'all to trust. Just keep in mind. It's possible to make an udetected trojan.