[Release] Sroprot backdoor(Exploit)

During some researches in the new guard from Chernobyl I found something interesting that can be abused on everyone that purchased his guard.

In his Agent source-code this exist:
[Only registered and activated users can see links. Click Here To Register...]

The VOID is:
So the backdoor is exploiting AgentServer with Opcode 0x9998.

Since the "Enable Security filter is always enabled".

Enjoy for the people who got fooled, you should fix this.

I don't see anything strange about this, since this software is supposed to be licensed to user, and also is given to people for testing (assholes are everywhere, u know, haha). Licensed builds doesent have this "feature".

Quote:

Originally Posted by dwordptr I don't see anything strange about this, since this software is supposed to be licensed to user, and also is given to people for testing (assholes are everywhere, u know, haha). Licensed builds doesent have this "feature".

sorry Alex but b1tches are everywhere

Quote:

Originally Posted by dwordptr I don't see anything strange about this, since this software is supposed to be licensed to user, and also is given to people for testing (assholes are everywhere, u know, haha). Licensed builds doesent have this "feature".

The strange part is that you purchase fixes, not fixes with a backdoor which can be found and abused. Imagine when you bought his shit and someone knew about this exploit, then 100 dollar boom gone, and yeah. That's the strange part, selling an exploit-fix which has a exploit-backdoor.

HEY Purchase my fix, but ONLY I can CRASH YOU, XAXAXXA HEADSHOT (-*-)


Also, this sourcecode I got, is purchased, and it exist in here. So do not try to save your own ass, since if you weren't Chernobyl you would never answer with "licensed build doesn't have this feature"

Quote:

Originally Posted by Gray Face The strange part is that you purchase fixes, not fixes with a backdoor which can be found and abused. Imagine when you bought his shit and someone knew about this exploit, then 100 dollar boom gone, and yeah. That's the strange part, selling an exploit-fix which has a exploit-backdoor. HEY Purchase my fix, but ONLY I can CRASH YOU, XAXAXXA HEADSHOT (-*-)

How about you read my post ?.

Quote:

Originally Posted by dwordptr How about you read my post ?.

And I believe that 1.0.3.1 is sroprot latest version? It do not exist? OK!

[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]

I guess it don't exist.

No, 1.3.4 is the latest version. Still, if you want it disabled, just remove opcode handler from Program.cs as following
Also, remove NetEngine.AgentServer.SecurityFilter.cs file.

Quote:

Originally Posted by dwordptr No, 1.3.4 is the latest version. Still, if you want it disabled, just remove opcode handler from Program.cs as following Code: //packetProcessor.RegisterClientMsg(0x9998, new PacketHandler(SecurityFilter.HandleClient)); Also, remove NetEngine.AgentServer.SecurityFilter.cs file.

No, The opcode exists in UserContext.cs

Also I do not use your filter.

[Only registered and activated users can see links. Click Here To Register...]

Quote:

Originally Posted by dwordptr No, 1.3.4

This one is 1.3.1, saw from the folder a second ago.

Quote:

Originally Posted by Skipper* Gray_Face, can you send it over? or is that not allowed?

Allowed and allowed, Why would I share it? just wanted to inform users of sroprot that it has a backdoor!

Then you have way older build.

Quote:

Originally Posted by dwordptr Then you have way older build.

3 updates from your (NEWEST) is not considered old. Also this .exe was edited at 2015-06-21 so, 7 days ago.

Also you should fix 0x631D, gateway dies from that OPCODE, but I guess you are pr0 c0der.

Since 1.3.1 it was reworked alot.

About filter for opcode/spacket data - that will be added with scripting system (packet opcode/data pattern search).

Quote:

Originally Posted by Gray Face 3 updates from your (NEWEST) is not considered old. Also this .exe was edited at 2015-06-21 so, 7 days ago. Also you should fix 0x631D, gateway dies from that OPCODE, but I guess you are pr0 c0der.

thats true getaway dies easy .

Quote:

Originally Posted by dwordptr Then you have way older build.

same as here

Requesting the new build since you are afk from skype

Quote:

Originally Posted by Pure3viL thats true getaway dies easy . same as here Requesting the new build since you are afk from skype

His shit "sroprot" is not good, he even made a backdoor to exploit his own customers. That's not something normal that you would do as a protection provider.

Quote:

Originally Posted by Gray Face His shit "sroprot" is not good, he even made a backdoor to exploit his own customers. That's not something normal that you would do as a protection provider.

You are just one of bunch people, who get sroprot from somebody. Wouldn't you do such kind of shit in your own security if you know that you get fucked from every side?

Use brain lil.

Quote:

Originally Posted by Cooldpix You are just one of bunch people, who get sroprot from somebody. Wouldn't you do such kind of shit in your own security if you know that you get fucked from every side? Use brain lil.

I was using my brain, both yes and no. I got the SROPROT from hacking a server which purchased it. So well yeah, I was not planning to use it but I love to check out how the code looks and so on.

So you could say that I stepped right in it.

But well, haters going to hate and fame is the game.

W/E - WIN!