Categories > Exploiting > WRD Exploit API >
Suspicious File in the API
Posted
Looking through WRD API C#, I found that it needs a file named qdRFzx.exe, which is considered a dependency, I just want to know what it does?
Links to WRD API Data:
https://cdn.wearedevs.net/software/exploitapi/latestdata.json
https://raw.githubusercontent.com/WeAreDevs-Official/backups/master/wrdeapi.json
We learn from mistakes or experience, well negative rep it's a very good experience
Knows Lua, C#, NodeJS
Learning C++, C and Reverse Engineering
Replied
who knows? good question though, cba to go through to actually test it out. hopefully someone else answers for u
Cancel
Post
Replied
@Akula I threw it into IDA, took a memory dump, there's little to no information about what it does or what it is used for, my skill might be too low to understand it right now, but thanks, I'll try finding someone who can actual understand what's going on with this
Cancel
Post
We learn from mistakes or experience, well negative rep it's a very good experience
Knows Lua, C#, NodeJS
Learning C++, C and Reverse Engineering
Replied
wrd api is suspicious. here is the text if you dont want to go to the url.
{"Indicium_Supra_dll":"https://cdn.discordapp.com/attachments/753114724215947267/929596805140852746/Indicium_Supra.dll","qdRFzx_exe":"https://cdn.discordapp.com/attachments/753114724215947267/929597026902093885/qdRFzx.exe","exploit-module":{"version":2774,"patched":false,"download":"https://cdn.discordapp.com/attachments/753114724215947267/942978994691772446/exploit-main.dll"},"csapi":{"version":4,"download":"https://cdn.discordapp.com/attachments/753114724215947267/934108283323699210/WeAreDevs_API.dll"}}
Cancel
Post
"Building blocks of imagination, united in the virtual realm, where creativity thrives and friendships ignite. Welcome to the Roblox revolution!" - chatgpt
Replied
It's Dac Inject Calm Down Lmao
Cancel
Post
Replied
This is, as far as I know, part of the injection system. If you run the actual file, it brings up the API injection prompt. The WeAreDevs API commonly seems to use files with strange names such as "qdRFzx.exe" and even "i.exe" that are part of the injection system. Don't worry about this file.
EDIT: I did more research into it, and this file IS for the injection system, however the legacy injection system, not the main one. The WeAreDevs API has 2 injection methods: regular, and legacy. Legacy is an older method that can be detected, while regular is newer and has way lower chance of being detected. The file "qdRFzx.exe" is for the legacy injection, not the main.
Cancel
Post
test_bot2 is back
please stop taking my rice i need it to breathe
Replied
it's just the injector
Cancel
Post
Replied
This is the injector, no need to worries.
Cancel
Post
Random quote here...
Users viewing this thread:
( Members: 0, Guests: 1, Total: 1 )
Cancel
Post