Results 1 to 11 of 11
  1. #1
    GloryHacks's Avatar
    Join Date
    Mar 2013
    Gender
    male
    Location
    USA
    Posts
    18
    Reputation
    10
    Thanks
    0

    Exclamation Why was I banned?

    My Old Username: ikillindreams

    Code:
    Dbox = Drop box
    Okay so i was banned for a post in DayZ Hacks. It was posted so users could earn some $$$ for dayz keys. I Offered $5 for anyone that could crack a GUID That i wrote in vb.net. I Encrypted the file so the users couldn't just open it in a code viewer. This program would ping a dBox text file that would respond with its contents. Then it would take the contents and decrypt it into a GUID and it would check that against the users GUID.

    You have been banned for the following reason:
    Posting a "crack me" that connects to Dbox to download an archive.

    Date the ban will be lifted: 03-15-2013, 12:00 AM
    There are a few words in here that don't make sense.
    download an archive.
    This is not true because the GUID Program does not download anything. The following is code from my GUID Challange file

    Code:
        Public Function GetPage(ByVal PageURL As String) As String
            Dim S As String = ""
            Try
                Dim Request As HttpWebRequest = WebRequest.Create(PageURL)
                Dim Response As HttpWebResponse = Request.GetResponse()
                Using Reader As StreamReader = New StreamReader(Response.GetResponseStream())
                    S = Reader.ReadToEnd
                End Using
            Catch ex As Exception
                Debug.WriteLine("FAIL: " + ex.Message)
            End Try
            Return S
        End Function
    Let me pick this apart for anyone that does not know vb.net

    First
    Code:
    GetPage(ByVal PageURL As String)
    This is the name and arguments of the function
    it would be used like such
    Code:
    GetPage("https://www.google.com/")
    this would get the response of google

    Next
    Code:
    WebRequest.Create(PageURL)
    This will create a new web request at the page. in this case, google.com

    Next
    Code:
    Request.GetResponse()
    This will get the response of the webpage. in this case, google.com

    Next
    Code:
    New StreamReader(Response.GetResponseStream())
    So this creates a StreamReader (They are used for reading streams) at it will mark the response stream as the code that needs to be read

    Next
    Code:
    S = Reader.ReadToEnd
    And
    Code:
    Return S
    Okay so the first once gets the response from google.com and converts it into readable text. The second part makes the function return the text. The code is read from the response that dbox gives the program.
    No files are downloaded in the process so how is it that i got banned for it downloading files?

    in case an admin would like to view my program for himself I added it to the post (No it is still encrypted. I need the decrypter that is inside it for a project)
    Last edited by GloryHacks; 03-08-2013 at 04:55 PM.

  2. #2
    Flengo's Avatar
    Join Date
    May 2010
    Gender
    male
    Location
    Ontario, Canada
    Posts
    15,689
    Reputation
    3319
    Thanks
    11,100
    My Mood
    Happy
    You uploaded a file that connected to the internet, knowing that no internet connectivity was allowed.

    You knew the rules, and I also mentioned them to you. Yet you still posted it.

    Personally, you willingly broke the rules in my mind. Should have thought about it or asked higher staff first.


    I Read All Of My PM's & VM's
    If you need help with anything, just let me know.
     
     
    VM | PM

    Publicist Since 04.04.2015
    Middleman Since Unknown - Unknown
    Global Moderator Since 08.01.2013
    Donator Since 05.29.2013

    Minion+ Since 04.18.2013

    District 187 Minion Since 04.04.2013
    Steam Minion Since 02.26.2013
    WarRock Minion Since 02.19.2013
    A.V.A Minion Since 02.13.2013
    DayZ Minion Since 01.21.2013
    Combat Arms Minion Since 12.26.2012
    Contributor Since 11.16.2012
    Member Since 05.11.2010


  3. #3
    GloryHacks's Avatar
    Join Date
    Mar 2013
    Gender
    male
    Location
    USA
    Posts
    18
    Reputation
    10
    Thanks
    0
    Quote Originally Posted by Flengo View Post
    You uploaded a file that connected to the internet, knowing that no internet connectivity was allowed.

    You knew the rules, and I also mentioned them to you. Yet you still posted it.

    Personally, you willingly broke the rules in my mind. Should have thought about it or asked higher staff first.
    Flengo you personally approved the first file. This one is no different then that file (Other then the decryption method) so i assumed that reading a string from an online text file was allowed
    Last edited by GloryHacks; 03-08-2013 at 07:16 PM.

  4. #4
    Flengo's Avatar
    Join Date
    May 2010
    Gender
    male
    Location
    Ontario, Canada
    Posts
    15,689
    Reputation
    3319
    Thanks
    11,100
    My Mood
    Happy
    Quote Originally Posted by GloryHacks View Post
    Flengo you personally approved the first file. This one is no different then that file (Other then the decryption method) so i assumed that reading a string from an online text file was allowed
    When I analyzed the file I didn't find traces of web connections. However, Master131 might have.

    I asked Dave about your thread and he said it was generally okay


    I Read All Of My PM's & VM's
    If you need help with anything, just let me know.
     
     
    VM | PM

    Publicist Since 04.04.2015
    Middleman Since Unknown - Unknown
    Global Moderator Since 08.01.2013
    Donator Since 05.29.2013

    Minion+ Since 04.18.2013

    District 187 Minion Since 04.04.2013
    Steam Minion Since 02.26.2013
    WarRock Minion Since 02.19.2013
    A.V.A Minion Since 02.13.2013
    DayZ Minion Since 01.21.2013
    Combat Arms Minion Since 12.26.2012
    Contributor Since 11.16.2012
    Member Since 05.11.2010


  5. #5
    GloryHacks's Avatar
    Join Date
    Mar 2013
    Gender
    male
    Location
    USA
    Posts
    18
    Reputation
    10
    Thanks
    0
    Quote Originally Posted by Flengo View Post


    When I analyzed the file I didn't find traces of web connections. However, Master131 might have.

    I asked Dave about your thread and he said it was generally okay
    But generally okay wont get me unbanned will it?

  6. #6
    master131's Avatar
    Join Date
    Apr 2010
    Gender
    male
    Location
    Melbourne, Australia
    Posts
    8,802
    Reputation
    3165
    Thanks
    73,307
    My Mood
    Breezy
    I was told by someone who monitored your "challenge" and found that it connected to D-Box (which already at that point isn't allowed) and also found a "GUID Challenge.rar" hosted on your account and he told me that it downloads the archive (it might just a coincidence it's on your D-Box account). I couldn't confirm it because I didn't have the time to bother recovering the IL method bodies from the assembly because of .NET Reactor. Nevertheless, you still broke the rules by connecting to D-Box in the first place.



    (D-Box uses Amazon S3 to host their files and their certificate is issued by Thawte CA)



    Oh, and care to explain why you have keystealer related stuffs hosted on your D-Box account? (60276985, Update.exe)
    http://pastebin.com/wTFGpKHd
    Last edited by master131; 03-09-2013 at 07:46 PM.
    Donate:
    BTC: 1GEny3y5tsYfw8E8A45upK6PKVAEcUDNv9


    Handy Tools/Hacks:
    Extreme Injector v3.6.1 *NEW* Windows 10 compatible!
    A powerful and advanced injector in a simple GUI.
    Can scramble DLLs on injection making them harder to detect and even make detected hacks work again!

    Minion Since: 13th January 2011
    Moderator Since: 6th May 2011
    Global Moderator Since: 29th April 2012
    Super User/Unknown Since: 23rd July 2013
    'Game Hacking' Team Since: 30th July 2013

    --My Art--
    [Roxas - Pixel Art, WIP]
    [Natsu - Drawn]
    [Natsu - Coloured]


    All drawings are coloured using Photoshop.

    --Gifts--
    [Kyle]

  7. The Following 3 Users Say Thank You to master131 For This Useful Post:

    [MPGH]Flengo (03-09-2013),Maxedout (03-10-2013),[MPGH]NormenJaydenFBI (03-10-2013)

  8. #7
    aIW|Convery's Avatar
    Join Date
    Oct 2010
    Gender
    male
    Posts
    2,876
    Reputation
    124
    Thanks
    595
    My Mood
    Cynical
    > Post a crackMe
    > Connects to a Dbox account
    > SSL because why not
    > Reads 10.7Kb of data
    > Writes something to the filesys (can't recall how much, just that it was 11 file writes in the log)
    > A quick google lookup on the account ( 60276985 ) shows that he's using a funny name while selling his warez and hating on MPGH mods ;3 (Kegan's Information (Kid Fails at DDoS) - Pastebin.com)
    > URL accessed is a .rar file

    So ye, a kid that sells keystealers, RATs, is DDoSing people because he's so badass and then whines when he get banned..

    EDIT:
    master131, you little ninja :3
    Last edited by aIW|Convery; 03-09-2013 at 07:34 PM.

  9. #8
    GloryHacks's Avatar
    Join Date
    Mar 2013
    Gender
    male
    Location
    USA
    Posts
    18
    Reputation
    10
    Thanks
    0
    Quote Originally Posted by aIW|Convery View Post
    > Post a crackMe
    > Connects to a Dbox account
    > SSL because why not
    > Reads 10.7Kb of data
    > Writes something to the filesys (can't recall how much, just that it was 11 file writes in the log)
    > A quick google lookup on the account ( 60276985 ) shows that he's using a funny name while selling his warez and hating on MPGH mods ;3 (Kegan's Information (Kid Fails at DDoS) - Pastebin.com)
    > URL accessed is a .rar file

    So ye, a kid that sells keystealers, RATs, is DDoSing people because he's so badass and then whines when he get banned..

    EDIT:
    master131, you little ninja :3
    Code:
    Friend Function hwid() As String
            Return GetProcessorId() & GetMACAddress() & GetVolumeSerial()
        End Function
        Friend Function GetProcessorId() As String
            Dim strProcessorId As String = String.Empty
            Dim query As New SelectQuery("Win32_processor")
            Dim search As New ManagementObjectSearcher(query)
            Dim info As ManagementObject
            For Each info In search.Get()
                strProcessorId = info("processorId").ToString()
            Next
            Return strProcessorId
        End Function
        Friend Function GetMACAddress() As String
            Dim mc As ManagementClass = New ManagementClass("Win32_NetworkAdapterConfiguration")
            Dim moc As ManagementObjectCollection = mc.GetInstances()
            Dim MACAddress As String = String.Empty
            For Each mo As ManagementObject In moc
                If (MACAddress.Equals(String.Empty)) Then
                    If CBool(mo("IPEnabled")) Then MACAddress = mo("MacAddress").ToString()
    
                    mo.Dispose()
                End If
                MACAddress = MACAddress.Replace(":", String.Empty)
            Next
            Return MACAddress
        End Function
        Friend Function GetVolumeSerial(Optional ByVal strDriveLetter As String = "C") As String
            Dim disk As ManagementObject = New ManagementObject(String.Format("win32_logicaldisk.deviceid=""{0}:""", strDriveLetter))
            disk.Get()
            Return disk("VolumeSerialNumber").ToString()
        End Function
    Last time i checked. It is required to read some data to check a users hwid.... Unless someone knows how to do it without reading data.

    And honestly i dont know how it wrote files... Might have been another program but i would have loved to view the log of that

    ---------- Post added at 10:53 PM ---------- Previous post was at 10:51 PM ----------

    Quote Originally Posted by master131 View Post
    I was told by someone who monitored your "challenge" and found that it connected to D-Box (which already at that point isn't allowed) and also found a "GUID Challenge.rar" hosted on your account and he told me that it downloads the archive (it might just a coincidence it's on your D-Box account). I couldn't confirm it because I didn't have the time to bother recovering the IL method bodies from the assembly because of .NET Reactor. Nevertheless, you still broke the rules by connecting to D-Box in the first place.



    (D-Box uses Amazon S3 to host their files and their certificate is issued by Thawte CA)



    Oh, and care to explain why you have keystealer related stuffs hosted on your D-Box account? (60276985, Update.exe)
    Kegan's Information (Kid Fails at DDoS) - Pastebin.com
    And yeah i would love to explain that. I make a keystealer and i sell it. Its not my responsibility to monitor what my buyers do with it. And i have the source code (But im sorry i cant let you see the decrypting process) if you want to see everything else though i am perfectly fine with that @Flengo @NormenJaydenFBI
    Last edited by GloryHacks; 03-09-2013 at 10:04 PM.

  10. #9
    master131's Avatar
    Join Date
    Apr 2010
    Gender
    male
    Location
    Melbourne, Australia
    Posts
    8,802
    Reputation
    3165
    Thanks
    73,307
    My Mood
    Breezy
    Quote Originally Posted by GloryHacks View Post
    And yeah i would love to explain that. I make a keystealer and i sell it. Its not my responsibility to monitor what my buyers do with it. And i have the source code (But im sorry i cant let you see the decrypting process) if you want to see everything else though i am perfectly fine with that @Flengo @NormenJaydenFBI
    Alright, whatever. Oh and, I've already broken your "trial" system in "Updater.exe" by finding the text file (New Text Document.txt) with the key but OK.
    Last edited by master131; 03-09-2013 at 10:54 PM.
    Donate:
    BTC: 1GEny3y5tsYfw8E8A45upK6PKVAEcUDNv9


    Handy Tools/Hacks:
    Extreme Injector v3.6.1 *NEW* Windows 10 compatible!
    A powerful and advanced injector in a simple GUI.
    Can scramble DLLs on injection making them harder to detect and even make detected hacks work again!

    Minion Since: 13th January 2011
    Moderator Since: 6th May 2011
    Global Moderator Since: 29th April 2012
    Super User/Unknown Since: 23rd July 2013
    'Game Hacking' Team Since: 30th July 2013

    --My Art--
    [Roxas - Pixel Art, WIP]
    [Natsu - Drawn]
    [Natsu - Coloured]


    All drawings are coloured using Photoshop.

    --Gifts--
    [Kyle]

  11. #10
    GloryHacks's Avatar
    Join Date
    Mar 2013
    Gender
    male
    Location
    USA
    Posts
    18
    Reputation
    10
    Thanks
    0
    Quote Originally Posted by master131 View Post
    Alright, whatever. Oh and, I've already broken your "trial" system in "Updater.exe" by finding the text file (New Text Document.txt) with the key but OK.
    okay but what does that have to do with anything? So I was banned because some user claimed something that was not true. Am I still gonna remain banned because of that?

  12. #11
    master131's Avatar
    Join Date
    Apr 2010
    Gender
    male
    Location
    Melbourne, Australia
    Posts
    8,802
    Reputation
    3165
    Thanks
    73,307
    My Mood
    Breezy
    Despite the ban reason not being entirely accurate, you still broke the rules.

    /closed
    Donate:
    BTC: 1GEny3y5tsYfw8E8A45upK6PKVAEcUDNv9


    Handy Tools/Hacks:
    Extreme Injector v3.6.1 *NEW* Windows 10 compatible!
    A powerful and advanced injector in a simple GUI.
    Can scramble DLLs on injection making them harder to detect and even make detected hacks work again!

    Minion Since: 13th January 2011
    Moderator Since: 6th May 2011
    Global Moderator Since: 29th April 2012
    Super User/Unknown Since: 23rd July 2013
    'Game Hacking' Team Since: 30th July 2013

    --My Art--
    [Roxas - Pixel Art, WIP]
    [Natsu - Drawn]
    [Natsu - Coloured]


    All drawings are coloured using Photoshop.

    --Gifts--
    [Kyle]

  13. The Following 5 Users Say Thank You to master131 For This Useful Post:

    aIW|Convery (03-09-2013),[MPGH]Flengo (03-09-2013),Looty (03-19-2013),Maxedout (03-10-2013),[MPGH]NormenJaydenFBI (03-10-2013)

Similar Threads

  1. Why was Obama banned?
    By !~_Creedy_~! in forum Combat Arms Hacks & Cheats
    Replies: 2
    Last Post: 07-25-2009, 04:38 PM
  2. Why was I banned?
    By xEnd in forum General
    Replies: 8
    Last Post: 02-19-2009, 03:49 PM
  3. Why was I banned?
    By crunk69 in forum CounterStrike (CS) 1.6 Hacks / Counter Strike: Source (CSS) Hacks
    Replies: 9
    Last Post: 01-01-2009, 02:58 AM
  4. why was I banned?
    By feeldabeat17 in forum General
    Replies: 59
    Last Post: 12-17-2008, 09:04 PM
  5. Why was Mastasnip3 banned?
    By Typlo in forum General
    Replies: 12
    Last Post: 06-27-2008, 06:27 PM