¡Hacking Drop Packages!

Greetings Hero online players:

Finally I can contribute something to our community, after couple of weeks of hard work i found a bug in Sother Plains, specifically with the leopards, It is about of sending to Hero's server, a series of packages of information which I obtained grinding and recording with the Wpe Pro. I modified slightly that packages to make the server believe that we do not receive anything, then we receive many times the same drop, in this case gold. When i discovered this was really exited, its awesome for make gold faster tan after.

->How to use it?:

You must go to Sp where noone can see you, becouse when you presh inject button your character starts to do rare movements, looks shining and some other things. Just open hero, go to the spot and then presh “inject” if your pc get paralyzed, dont worrie, ist normal becouse it consumes your pc while you are using it. After presh “Inject” just watch your invetory and look how faster your gold increase.

¡Good luck!

[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]

Download Rapdshare:
[Only registered and activated users can see links. Click Here To Register...]

Download Megaupload:
[Only registered and activated users can see links. Click Here To Register...]

mm.. i've been analyzing it... and some antivirus jump .. but at the moment of analyzing conections that it use.. i didnt find nothing, so its not backdoorized.. then i decompile it and check the modules and...not rare at all...i tested it for see what files it create and nothing.. I think Avs are a false positive...

anyway im gonna try it on my pc

Antivir: Nothing found
ArcaVir: Nothing found
AVG: Nothing found
BitDefender: Nothing found
VirusBlokAda32: Nothing found
VirusBuster: Nothing found

[Only registered and activated users can see links. Click Here To Register...]
Scanned by [Only registered and activated users can see links. Click Here To Register...]


[ArcaVir] 2010-06-23 Found nothing
[G DATA] 2010-06-24 Found nothing
[Avast! antivirus] 2010-06-23 Found nothing
[Ikarus] 2010-06-24 Found nothing
[Grisoft AVG Anti-Virus] 2010-06-23 Found nothing
[Kaspersky Anti-Virus] 2010-06-24 Found nothing
[Avira AntiVir] 2010-06-23 TR/Dropper.Gen
[ESET NOD32] 2010-06-23 Found nothing
[Softwin BitDefender] 2010-06-24 Found nothing
[Panda Antivirus] 2010-06-23 Found nothing
[ClamAV] 2010-06-23 Found nothing
[Quick Heal] 2010-06-24 Found nothing
[CPsecure] 2010-06-24 Found nothing
[Sophos] 2010-06-24 Found nothing
[Dr.Web] 2010-06-24 Found nothing
[VirusBlokAda VBA32] 2010-06-23 Found nothing
[Frisk F-Prot Antivirus] 2010-06-23 Found nothing
[VirusBuster] 2010-06-23 Found nothing
[F-Secure Anti-Virus] 2010-06-24 Found nothing

[Only registered and activated users can see links. Click Here To Register...]

a-squared 5.0.0.30 2010.06.24 -
AhnLab-V3 2010.06.24.00 2010.06.24 -
AntiVir 8.2.4.2 2010.06.23 TR/Dropper.Gen
Antiy-AVL 2.0.3.7 2010.06.23 -
Authentium 5.2.0.5 2010.06.23 -
Avast 4.8.1351.0 2010.06.23 -
Avast5 5.0.332.0 2010.06.23 -
AVG 9.0.0.836 2010.06.23 -
BitDefender 7.2 2010.06.24 -
CAT-QuickHeal 10.00 2010.06.23 (Suspicious) - DNAScan
ClamAV 0.96.0.3-git 2010.06.23 -
Comodo 5198 2010.06.23 -
DrWeb 5.0.2.03300 2010.06.24 -
eSafe 7.0.17.0 2010.06.23 -
eTrust-Vet 36.1.7663 2010.06.24 -
F-Prot 4.6.1.107 2010.06.23 -
F-Secure 9.0.15370.0 2010.06.24 -
Fortinet 4.1.133.0 2010.06.23 -
GData 21 2010.06.24 -
Ikarus T3.1.1.84.0 2010.06.24 -
Jiangmin 13.0.900 2010.06.15 -
Kaspersky 7.0.0.125 2010.06.24 -
McAfee 5.400.0.1158 2010.06.24 -
McAfee-GW-Edition 2010.1 2010.06.23 -
Microsoft 1.5902 2010.06.23 -
NOD32 5223 2010.06.23 -
Norman 6.05.10 2010.06.23 -
nProtect 2010-06-23.02 2010.06.23 -
Panda 10.0.2.7 2010.06.23 Suspicious file
PCTools 7.0.3.5 2010.06.24 -
Prevx 3.0 2010.06.24 -
Rising 22.53.03.03 2010.06.24 -
Sophos 4.54.0 2010.06.24 -
Sunbelt 6498 2010.06.24 -
Symantec 20101.1.0.89 2010.06.24 -
TheHacker 6.5.2.0.303 2010.06.24 -
TrendMicro 9.120.0.1004 2010.06.24 -
TrendMicro-HouseCall 9.120.0.1004 2010.06.24 -
VBA32 3.12.12.5 2010.06.23 -
ViRobot 2010.6.21.3896 2010.06.24 -
VirusBuster 5.0.27.0 2010.06.23 -

[Only registered and activated users can see links. Click Here To Register...]


I dont trust this file

I was not confident when I saw the avs, but after a good analysis .. I have not found anything ... but want to see the opinion of another

Quote:

Originally Posted by Elhandar I was not confident when I saw the avs, but after a good analysis .. I have not found anything ... but want to see the opinion of another

yeah i also tryed it on my old pc and the program dont start i think its a fake with hide key logger i think he has added it with Binder or a packer, he only added the other files to make it look like a hack/bot so this is fake, i can confirm that


DONT DOWNLOAD IF YOU DONT WANT TO GET HACKED

lol I think you can not confirm anything without proof,
you're saying with this comment that my analysis is worthless without even giving me a trial or at least tell me that Porl skip, u can not say "yes is infected" because if so, tell me where logs are saved or files created or where it connects and there if I'm going to believe:)

Quote:

Originally Posted by Elhandar lol I think you can not confirm anything without proof, you're saying with this comment that my analysis is worthless without even giving me a trial or at least tell me that Porl skip, u can not say "yes is infected" because if so, tell me where logs are saved or files created or where it connects and there if I'm going to believe:)

The thing is that the program runs in background then i can tell its fake

Virus....

No way....there are ppl that say it works... i guess it broke when you downloead it... but i downloaded again from this post.. and still working... btw.. i wrote that some antivirus still detecting it as UNKNOW... but just avira and other one... try re-downloading it.. maybe it fix

i checked it with kasperski and there a virus and why the hell u use schlatters bot for ur virus input u god damit idiot -.-

Quote:

Originally Posted by Gameznacional No way....there are ppl that say it works... i guess it broke when you downloead it... but i downloaded again from this post.. and still working... btw.. i wrote that some antivirus still detecting it as UNKNOW... but just avira and other one... try re-downloading it.. maybe it fix

>.> it cant break when someone download it.... nice it made me laugh :).
I scanned it with my Spyware Scanner and the Virus it gives is not very harmfull to the computer, so there really nothing to worry about. I would still not use it if i was you >.>

lolz.. if it was that simple to decieve the server's packets.. we would be doin' it by ourself not everyone here is lame dude.. think about where u are before u decide to post keylogging tools.. not only that.. it was just sounding too good to be true.. wat u needed to do to prove it was working is a video.. (not an edited video) BUT a legit video proving ur discovery.. and if u can do that for gold.. u could raise the drop rate aswell of rares like TL and dracs.. but as i said.. if it was that easy we'd all be doing it!

i dont understand this drop rate packet enthusiasm...because the packets are generated and proofed by the server and if u generate u own virtual fake packets u will see it on u hero client, but on the next login its all lost. In the most case the server dont accept any item/gold that is generated by the client...only if u find a bug, but with that good luck!

It's this true or only a fake?

Quote:

Originally Posted by CyPy14 It's this true or only a fake?

Well we don't really know i think its a fake i scaned it and i got trojan and virus from it so, i will not use it.