[Release] Cabal dlog.dat Decrypter

Page 1 of 18 1 2311 Last »
09/21/2012 14:50 HellSpider#1
Hi.

This is a small application I wrote today to decrypt the hidden dlog.dat file found in Cabal\Data\UserData folder.

The file includes information on suspicious modules, which Cabal staff uses to determine if your account should be terminated.

The application is coded in MASM.

~Instructions~

1) Move dlog.exe to Cabal\Data\UserData folder
2) Execute dlog.exe
3) Decrypted file decrypted_dlog.txt will be created in the same folder

The error "The file does not have any data!" means the filesize is 0 -> nothing is logged.


_
09/21/2012 15:14 bonakid0510#2
Quote:
fixedmain.exe;zsjgpx.dll;AhAScr.dll;aswCmnBS.dll;a swCmnOS.dll;aswCmnIS.dll;Aavm4h.dll;AavmRpch.dll;a shBase.dll;aswEngLdr.dll;ashTask.dll;aswAux.dll;as wProperty.dll;wtsapi32.dll;mikezWH.dll;
that's what i have in my log file. ^^
09/21/2012 15:26 inssider#3
Quote:
Originally Posted by bonakid0510 View Post
that's what i have in my log file. ^^
Very ugly log.
The fixedmain.exe and mikezWH.dll,i am sure will lead your account to ban soon.
For your safety,transfer all your items to another account.
09/21/2012 15:33 babystanley#4
this way it will not be tracked the hack that we were using right?
09/21/2012 15:43 urosjoj#5
so with this i cant get banned??????
09/21/2012 15:46 pptJR#6
nimdnsNSP.dll;nimdnsResponder.dll;

this is what in my log. dont know what it is though. :))
09/21/2012 15:48 inssider#7
Quote:
Originally Posted by babystanley View Post
this way it will not be tracked the hack that we were using right?
I don't think that deleting the log will clean your tracks.
Anyway,now whit this tool,we can monitoring and understand better how it works.
This is the meaning of the release.

Quote:
Originally Posted by pptJR View Post
nimdnsNSP.dll;nimdnsResponder.dll;

this is what in my log. dont know what it is though. :))
nimdnsnsp.dll= National Instruments Zeroconf Namespace Service Provider
nimdnsResponder.dll= National Instruments Zeroconf Library

So i think you are safe at the moment.
09/21/2012 16:00 beyondmithril#8
fixedmain.exe;visicom_antiphishing.dll;mgAdaptersP roxy.dll;MSVCR71.dll; - CABAL PH log files. do know these files?
09/21/2012 16:05 alipunga2#9
Quote:
Originally Posted by beyondmithril View Post
fixedmain.exe;visicom_antiphishing.dll;mgAdaptersP roxy.dll;MSVCR71.dll; - CABAL PH log files. do know these files?
fixedmain.exe for the bypass.. others i dont know :)
09/21/2012 16:16 cobyowner09#10
avsda.dll; this is mind
09/21/2012 16:17 pptJR#11
Quote:
Originally Posted by inssider View Post
nimdnsnsp.dll= National Instruments Zeroconf Namespace Service Provider
nimdnsResponder.dll= National Instruments Zeroconf Library

So i think you are safe at the moment.
okay thanks. i have been wondering because mikez and crckd's dlls are on the dl.enc but not on the decrypted_dl.txt. i hope what you think is right. :)
09/21/2012 16:20 urosjoj#12
QUESTION:

if there isnt any hack .dll's written in dlog.dat that means the hack is undetected and won't get me banned?????????????
09/21/2012 16:23 ceejay2010#13
crckd.dll;xpsp3res.dll

^^
09/21/2012 16:26 urosjoj#14
pls anyone answer my question above, it is very important!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
09/21/2012 16:37 inssider#15
man,what is so hard?
Open your decrypted dlog.dll and see if you have any of the blacklisted track.

If u don't have any of these in your dlog,i think you are safe.

Good luck!
Page 1 of 18 1 2311 Last »