Multi-Threaded Ping Checker

Since both ping checkers that are available here on MPGH are quite slow (and do not look that well either), i decided to try my luck with one myself. My ping checker is significanly faster and looks way better imho (you may disagree here but that is okay).
I achived the speed boost by multi-threading and ping every server simultaneously.
Also this ping check is not going to be outdated anytime soon, since it grabs the IPs of the ROTMG-Servers at runtime from the ROTMG Site.

Why should you use my ping checker over the others?

Well, it is faster, better looking UI, animations and Llamas, yes there are hidden Llamas in my ping checkers, try to find them.

ROTMG Ping Checker

ROTMG Ping Checker Minimal

Ping Checker comparison

I took both other ping checkers that are available here on MPGH and compared them with mine (with expected results).

Both are significantly slower and show similar results, the ping times are not equal since they vary quite a lot due to the server-clusters they use.
Credit and thanks to ruusey for creating the Java version of the ping checker found here: https://www.mpgh.net/forum/showthread.php?t=1430800
Also credits and thanks to New for making the first version of the ping checker, found here: https://www.mpgh.net/forum/showthread.php?t=1147858

This is the first program for me to release, like ever and i am quite exited for you opinions, so please let me know what you think about this small project.
Maybe you have any ideas what i could change.

Also if anyone wants the source code, just contact me.

Virusscans for ROTMG Ping Checker
https://www.virustotal.com/gui/file/...504a/detection
https://virusscan.jotti.org/en-US/fi...job/kccd026pec

Virusscans for ROTMG Ping Checker Minimal
https://www.virustotal.com/gui/file/...5610/detection
https://virusscan.jotti.org/en-US/fi...job/ytkepzsquf

ROTMG Ping Checker_mpgh.net.zip ROTMG ping Checker Minimal_mpgh.net.zip

//Approved

How do you use it though? I can't even seem to open the file correctly

Hella nice release thanks!

Originally Posted by Luumi

How do you use it though? I can't even seem to open the file correctly

You just download the .zip and extract the .exe file to a directory of your choice, after that you just need to double click it.
IF you realy can't even start it, you may need to install .net framework (just google it and get it from the microsoft website).

What UI framework did you use? It looks really nice

Originally Posted by avatarfighter

What UI framework did you use? It looks really nice

I used Bunifu UI for the Animations, Round Edges (Form itself and the Button), DragControl, and the ShadowPanels. Everything else is done with the normal WinForms.
Hope that helped

Am i to paranoid?

When i first scanned the .zip i was confused because i already got 2 detections which i was confused of, making the servers rescan the .zip you uploaded to jotti and virustotal gives 0 detections.

They seem to share the same SHA256 signature so why do they have different scan outcomes?
Curious if i was just being an idiot i uploaded it to my favourite online analysis site. (Link to the scan is on the bottom of my comment)

So the site got the same hits as my scans in Virustotal (using at one point Virustotal too)
Despite the detection being "Labeled as: Suspicious.low.ml" (between 2-3%)
It has a "Threat Score: 75/100" Which is damn high O.o

I won't say that you made a virus or anything since the design looks good and the program does what it should but its still odd for me.
Anyways would like to see your response on the different scan outcomes!

Hybrid-Analysis Scanresult:
https://www.hybrid-analysis.com/samp...6e5cd86eda5843

Comparing:

The rescan of the file from your link:

The scan of the downloaded .exe

PS: Why does it write to the certificates in the registry or is that normal and im just being hyper critical?

Access types:
"ROTMGPingChecker.exe" (Access type: "CREATE"; Path: "HKCU\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICAT ES\CA")
"ROTMGPingChecker.exe" (Access type: "CREATE"; Path: "HKCU\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICAT ES\CA\CERTIFICATES")
"ROTMGPingChecker.exe" (Access type: "CREATE"; Path: "HKCU\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICAT ES\CA\CRLS")
"ROTMGPingChecker.exe" (Access type: "CREATE"; Path: "HKCU\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICAT ES\CA\CTLS")
"ROTMGPingChecker.exe" (Access type: "CREATE"; Path: "HKLM\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICAT ES\CA\CERTIFICATES")
"ROTMGPingChecker.exe" (Access type: "CREATE"; Path: "HKLM\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICAT ES\CA\CRLS")
"ROTMGPingChecker.exe" (Access type: "CREATE"; Path: "HKLM\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICAT ES\CA\CTLS")
"ROTMGPingChecker.exe" (Access type: "CREATE"; Path: "HKCU\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICAT ES\DISALLOWED")
"ROTMGPingChecker.exe" (Access type: "CREATE"; Path: "HKCU\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICAT ES\DISALLOWED\CERTIFICATES")
"ROTMGPingChecker.exe" (Access type: "CREATE"; Path: "HKCU\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICAT ES\DISALLOWED\CRLS")
"ROTMGPingChecker.exe" (Access type: "CREATE"; Path: "HKCU\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICAT ES\DISALLOWED\CTLS")
"ROTMGPingChecker.exe" (Access type: "CREATE"; Path: "HKLM\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICAT ES\DISALLOWED\CERTIFICATES")
"ROTMGPingChecker.exe" (Access type: "CREATE"; Path: "HKLM\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICAT ES\DISALLOWED\CRLS")
"ROTMGPingChecker.exe" (Access type: "CREATE"; Path: "HKLM\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICAT ES\DISALLOWED\CTLS")
"ROTMGPingChecker.exe" (Access type: "CREATE"; Path: "HKLM\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICAT ES\ROOT\CERTIFICATES")
"ROTMGPingChecker.exe" (Access type: "CREATE"; Path: "HKLM\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICAT ES\ROOT\CRLS")
"ROTMGPingChecker.exe" (Access type: "CREATE"; Path: "HKLM\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICAT ES\ROOT\CTLS")
"ROTMGPingChecker.exe" (Access type: "CREATE"; Path: "HKCU\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICAT ES\TRUSTEDPEOPLE")
"ROTMGPingChecker.exe" (Access type: "CREATE"; Path: "HKCU\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICAT ES\TRUSTEDPEOPLE\CERTIFICATES")
"ROTMGPingChecker.exe" (Access type: "CREATE"; Path: "HKCU\SOFTWARE\POLICIES\MICROSOFT\SYSTEMCERTIFICAT ES\TRUSTEDPEOPLE\CRLS")

Originally Posted by GenerationGhost

First i want to thank you for all the research you have done

I have no functionality that would classify my tool as virus / Malware etc. of any kind.
I do had to use a NuGet Packet called "Fody" and "Costura.Fody" to embed the Bunifu UI (GUI-Framework i used) dll files into that .exe as my first post got deleted for using "non clean dlls" (whatever they mean with that), these packeges are going to load the embeded dll files at runtime, maybe that is what they said could potentionaly be harmful, since you never know what's inside those dlls.
But that is only a speculation of mine, interesting would be what the ping checker minimal would give you for results as it does not use the UI package (hence the minimal

)
And about that regestry thing, i am not accessing it via my code, but here i also have a guess why it does it, at the start of the tool it starts a webrequest to rotmg (to get all server names and IPs).

Code:

        private void GetServerInfos()
        {
            const string webrequestSite = "https://realmofthemadgodhrd.appspo*****m/char/list";
            const string serverSearch = "<Server><Name>";
            const string endNameSearch = "</Name>";
            const string endDNSSearch = "</DNS><Lat>";

            WebRequest request = WebRequest.Create(webrequestSite);
            request.Credentials = CredentialCache.DefaultCredentials;
            WebResponse response = request.GetResponse();
            System.IO.StreamReader read = new System.IO.StreamReader(response.GetResponseStream());
            string responseString = read.ReadToEnd();
            while (responseString.Contains(serverSearch))
            {
                responseString = responseString.Substring(responseString.IndexOf(serverSearch) + 14, responseString.Length - (responseString.IndexOf(serverSearch) + 14));
                string server = responseString.Substring(0, responseString.IndexOf(endNameSearch));
                responseString = responseString.Remove(0, server.Length + 12);
                string ip = responseString.Substring(0, responseString.IndexOf(endDNSSearch));
                servers.Add(new ServerInfo(server, ip));
            }
        }

Yes i know, that string-handling is not very good, but it get's the job done.

Hope this was enought information but i would be curious to look throught the code with you if you want to.

@Maik8 I have a suggestion, maybe optional, but you could have it repeatedly scan, 10 times or so (a customizable amount even), and then average all the times. That way you can get a more accurate ping.

Originally Posted by GenerationGhost

The minimal version, at the very least, is safe in my eyes. The full version loads an assembly (which is probably what triggers the AV in the scans) for the custom UI. I'm not about to reverse the ui stuff, so I assume it's okay but I'm only running the minimal version myself. To answer your question, "Am I too paranoid?" Nope, paranoia is healthy to have here, especially considering the sheer amount of malicious programs that have slipped through.

Originally Posted by 059

Yeah i thoght about that too, wouldn't be much work either, going to do it next week tho, i am not at home this weekend and it is alread 5am here (Germany) and i realy should go to bed

Originally Posted by 059

Yeah, both versions are not doing anything different exept the UI-stuff. As i said i can just upload the whole source code and you can dig into it yourself, but keep in mind that i would not want others to publish my code as theirs ofc.

@GenerationGhost i just made a check on the AV-Check site you used for the minimal version and got a similar result (1% and 70/100) but i also found something interesting. The port (2050) i use to check the connection (normal icmp pings aren ot possible as the servers do not answer) are marked as "uncommon" and as that "malicious".

But as i already wrote in the post and this comment, i am willing to let you dig in the source-code if you want to, as long as you won't publish my tool / brand it as yours etc.

I believe you meant to say it has llamas, unless you meant it has Tibetan Buddhism spiritual leaders in it.

@Downloadleech yeah, sorry for that, the german word for them is Lama and i must have overlooked it, thanks!

llamas

Ping Checker -> Go to the About tab and click the "ROTMG Ping Checker" label.
Ping Checker Minimal -> click my name (branding).

I do know that my ping changes constantly, is there a way to make it auto refresh constantly other than just clicking the button at the bottom? Also thanks amazing work.

Originally Posted by MrVirtual

I do know that my ping changes constantly, is there a way to make it auto refresh constantly other than just clicking the button at the bottom? Also thanks amazing work.

Yeah, i am going to add that in the next version, but i will do it next week tho as i am not at home till tuesday.

Multi-Threaded Ping Checker

Post a Reply

Similar Threads

Tags for this Thread