Graal Forums

Graal Forums (https://forums.graalonline.com/forums/index.php)
-   Bomy Island Main Forum (https://forums.graalonline.com/forums/forumdisplay.php?f=80)
-   -   Bad AFK program *urgent read* (https://forums.graalonline.com/forums/showthread.php?t=5172)

06-19-2001 04:35 PM
Bad AFK program *urgent read*
 
Well, it seems after someone sent me this screen shot:
http://police.nexose.net/aneurism.jpg

and asked me if I wanted to check it out. Knowing this person I'm like sure, I will check it out.

after tring to use the program without sucess and errors I sent it to Mold, one of the staff members at piehax0r. He checked it out with his hex editor and found a few things out.

The program pretends to disconnect you from AOL and comes up with a prompt to enter your username and password.

here is a hex screen shot:
http://police.nexose.net/ane-hex.GIF

after doing so, it sends your username and password to an email address ( its encrypted so can't find out whos email it is )

then it changes your autoexec.bat and messes up your programs such as graal, icq, irc ect.


So this is basically a ISP account stealer. Since I don't have a dial-up internet account or windows 95/98/me I was not affected by this programs wrath.

just thought everyone would like to know.

bigs thanks goes to Mold for this one.

greezi 06-19-2001 04:48 PM
thank Mafu ;)

waar 06-19-2001 05:02 PM
yeah, and you fired me from police for sending you this program. i had no idea it had all this in it.

Tolerian28 06-19-2001 05:34 PM
PHEW!!!! :(

lucky i read about this, my friend just got that program so i told him to delete it straight away!!!!!

hakman 06-19-2001 05:35 PM
????
 
HOW LONG DOES IT HAVE TO BE RUNNING BFORE THIS TAKES AFFECt????

06-19-2001 11:54 PM
O ****!!! I gave funnylink a AOL Account for this, and i find out it's stealing my aol accounts?? ****ing dammit! how i get this thing out of my puter? i use cable but i use aol for my email.

06-19-2001 11:57 PM
Is it like a thing that stays on your puter and everytime you open aol it trys stealing your password? or is it when you have that prog open along with aol?

Krakken_2001 06-20-2001 12:00 AM
Bwahaha @ st00pid AOL users... AOL sucks

06-20-2001 12:01 AM
I only use aol for email... I use Meida One Road Runner for internet.

Krakken_2001 06-20-2001 12:02 AM
aww well =P

T-Squad 06-20-2001 12:03 AM
:D im smart and dont download stuff ...except roms and other stuff

Rekad 06-20-2001 12:05 AM
uhoh... I use MSN for internet access, and they have almost the same setup as aol....

06-20-2001 12:54 AM
Is msn dialup?

Rekad 06-20-2001 12:59 AM
Quote:
Originally posted by IcePick_2001
Is msn dialup?
yep, the best because no one else uses it around here, I get not that much lag

NightLord 06-20-2001 12:59 AM
Quote:
Originally posted by IcePick_2001
O ****!!! I gave funnylink a AOL Account for this, and i find out it's stealing my aol accounts?? ****ing dammit! how i get this thing out of my puter? i use cable but i use aol for my email.
Easy on the language there big cat.

cheaterzx22 06-20-2001 05:43 AM
Hahaha that's funny. It'd be great if a non-aol user got it. Who would fall for that anyway?

Zulithe 06-20-2001 05:48 AM
Wow... cat is out of the bag now! Don't use this program obviously!

EThor 06-20-2001 06:15 AM
*Phew*

Thanks for warning everyone :)

Fai 06-20-2001 06:25 AM
I just saw Cloud Strife using a marquee program. L0L. And I thought he commited suicide?

Lugie 06-20-2001 06:25 AM
AHHH LEO HAS TO TEACH ME STUFFAX0RS RIGHT NOW HOW TO STOP THIS SHIZNITAX0RS LOLX0RS$%@&@

Rekad 06-20-2001 06:27 AM
thats a great idea, target Graal users with hax0rin programs, most of em are too stupid to realize what happened.

annr 06-20-2001 07:29 AM
you couldn't hex that yourself?

and i laugh at the aol users who play graal and use this program. : /

cds96 06-20-2001 07:33 AM
no its twisted whos gonna kill himself

John_Hardy 06-20-2001 01:53 PM
I use nll: i only use AOL if i want to download a massive program over night.

Bhala 06-20-2001 03:37 PM
lol all of the cheating programs have virus is them or other stuff....it is stupid to d\l any of them

06-20-2001 03:47 PM
Heh heh heh...I pity AOL users who actually do give out their password to people in IM windows, if ever. I've known a few people who do that...Seeing as much, I think I'll go wipe out a chat with my beautiful pet nul/nul. nul/nul owns you...

NightLord 06-20-2001 06:03 PM
nul/nul whatnow?

evilive 06-20-2001 08:31 PM
I've never heard of the program. Besides, I know how to type, so I don't need that kind of thing ;)

Butz 06-20-2001 09:53 PM
Glad I'm not dumb enough to use AOL..
Pure Cable modem!!

Merlin2 06-21-2001 02:59 AM
like omg loala i usedzz zaola naso imn guana ah4x0r you know hahahazzz loala ike omg


i could of hexed that like omg LOAL OPEN IT IN A HEX PROGRAM OR A COMPILER PROGRAM LOAL

CrazedMerlin 06-21-2001 03:13 AM
Quote:
Originally posted by Merlin2
like omg loala i usedzz zaola naso imn guana ah4x0r you know hahahazzz loala ike omg


i could of hexed that like omg LOAL OPEN IT IN A HEX PROGRAM OR A COMPILER PROGRAM LOAL
HELP MAI IQ SI FALLING AND IT CVANT GET UPO

06-21-2001 03:14 AM
It is pretty hard to get it up while falling. :)

CrazedMerlin 06-21-2001 03:14 AM
Quote:
Originally posted by Deadly_PK
It is pretty hard to get it up while falling. :)
:(((?:)))?

Zulithe 08-01-2001 06:07 AM
UPDATE!
 
Travis Rosenbaum (ZenZagg), the coder of Aneurism, e-mailed me and a few other people from the Graal community recently. He had this to say, please read it

Quote:
Hello, I am writing to you in regard to a program I wrote for use with Graal (which really was never intended to be distributed, but since it has been, I guess I'll clear up a few things):

1. I looked at a Google cache of the "Trojan Report" article
(http://www.google.com/search?q=cache...lnet.net/+aneu) and was about to get very angry about someone making unfounded claims about my software.
2. I saw that "Mold" had been very resourceful in hex editing my code and finding what appeared to be part of some Trojan code (http://police.nexose.net/ane-hex.GIF) I noted that someone said the 'email address was encrypted so cant find out whose email it is' well, that's because there IS NO EMAIL ADDRESS, AND NOTHING TO SEND.

I looked at the code in the screenshot, and wondered a bit...how could that code have gotten into my program...? And then it hit me--I reopened the Visual Basic (programming language) project and I noticed that I had used something called FuncBin.bas I obtained off of a open source programming site. I only wanted the functions in the file that allowed you to send text
to the Graal window, but it turns out this file was originally written
for AOL programs, (at the time I thought nothing of this, because I had no use for those extra functions and wrote this program just for my sole use)

Well, I looked into the file, and there were literally hundreds of
AOL-related functions which also included functions that used the text in that screenshot to fool people into giving them their passwords. After researching this for a while, I noticed a comment in the file which said the functions were dated back to 1997 (Like, AOL 2.5 days) and pretty much was useless today anyway. I never used any of these AOL functions in the working
code of my program, I am surprised that they are even there, and
inflamed that my name is plastered on something one could suspect as a Trojan. IT DOES NOTHING BUT WHAT IS INTENDED, I WOULD LIKE TO SEE EVEN ONE CASE WHERE MY PROGRAM HAS HARMED ANYONE OR PERFORMED ANY OF THE THINGS PEOPLE ARE
ACCUSING IT OF DOING. I DONT EVEN USE AOL!

I have always been dedicated to making quality software and would never try to take advantage of my users; if need be, I will release a new version of
Aneurism with all that extra crap removed from the source code (its only taking up space anyway). Next time I give out a program, I'll make sure I know what's in the whole file before doing so. Please, next time you attempt to label a program as a Trojan, at least contact the author first? I AGAIN REPEAT, THE FUNCTIONS THAT YOU SEE IN THE HEX EDITOR ARE DORMANT AND THE FILE THEY COME FROM IS OUT OF DATE BY AT LEAST 4 YEARS, WERE NOT CREATED BY ME, AND ARE NOT USED BY THE PROGRAM. I would like feedback on this issue so that if need be, I will release a new version with the SendText routines programmed in by hand (I've since learned windows API, so I dont need third-party source code anymore). I assure the community that this program is not a trojan, nor is it capable of acting as such. PLEASE SPREAD THIS INFORMATION.

I would like to have some means of dispelling this rumor, and I am
sending carbon copies of this email to other members of the Graal community, replies are encouraged. I tried posting on the Graal Communications Board, but I have to have a pay account, and I can't do that right now.

Sincerely,

Travis Rosenbaum (ZenZagg)
AIM: ZenZagg
ICQ: 10028033


P.S. If you have any more comments/questions, please don't hesitate to
ask.

Cloud_X 08-01-2001 06:09 AM
I got that along with a clean program (he says it is) im going to try it maybe dunno i have a lot of important stuff on this computer.

_0AfTeRsHoCk0_ 08-01-2001 06:41 AM
Why bother downloading something like that anyways? If you are going to be idle your text will stay up there for as long as you are idle

Torankusu 08-01-2001 06:48 AM
hi.

Cloud_X 08-01-2001 06:58 AM
Quote:
Originally posted by _0AfTeRsHoCk0_
Why bother downloading something like that anyways? If you are going to be idle your text will stay up there for as long as you are idle
Wouldnt use it. I made my own little neat AFK bot that times you and says how long you have been gone. I never use it though hehe


All times are GMT +2. The time now is 10:05 AM.

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2026, vBulletin Solutions Inc.
Copyright (C) 1998-2019 Toonslab All Rights Reserved.