I don't think any one will get far with this.
Any way path to builder '\DDoS Bot\HBuilder\bin\Release' builder is called HBuilder.exe.
Now if you are connect to internet and try starting it, it will fail since it connect to dropbox to check if your HWID match. To get around that in this case just disconnect from internet our reject connection.Press Continue our Fortsätt in my case,
And the builder will show up.
Now we will use ilspy just to check why the above works. When Form is loaded it check if our HWID is in a text file, by "calling" cAntiLeak.Check();
And in cAntiLeak we find this,
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public static void Check() | |
| { | |
| try | |
| { | |
| WebClient Client = new WebClient(); | |
| string hwid = Conversions.ToString(cAntiLeak.GetHWID()); | |
| string usersdatabase = Client.DownloadString("http://dl.dropbox.com/u/33323141/hwid.txt"); | |
| if (!usersdatabase.Contains(hwid)) | |
| { | |
| File.WriteAllText(Application.StartupPath + "\\hwid.txt", hwid); | |
| Environment.Exit(0); | |
| } | |
| } | |
| catch (Exception expr_4B) | |
| { | |
| ProjectData.SetProjectError(expr_4B); | |
| ProjectData.ClearProjectError(); | |
| } | |
| } |
What makes it work by just disconnecting is that it it fail connecting it handle that using try catch. Download: http://www.sendspace.com/file/6k69bb Password for Archive is infected. And only for education usage, don't abuse. Have a nice day.
Inga kommentarer:
Skicka en kommentar