Categories > Etc > Disputes >

[Cw] Alezia Exploit | Skidding, Malicious Content

Posts: 1474

Threads: 95

Joined: Oct, 2019

Reputation: 93

Posted

Ok So This Is Being Made More Or Less To Make People Aware Of The Suspiscious Things This Man Is Doing, I'm Not Much A Fan Of Participating In Cw's As I Was When I First Joined But It'd Be Nice To Rid The Community Of Some Scum. Their Thread Can Be Found Here (https://forum.wearedevs.net/t/31786)

 

Alezia Injector

 

1. Skidding


 

So To Begin I Did A Little Social Engineering And Managed To Get My Hand On A 'Premium' Version Of Their Executor Which They Are Selling For An Undisclosed Price.

 

So When First Throwing Into DnSpy I Notice This.

https://cdn.discordapp.com/attachments/1066452941294293044/1082484623268921395/image.png

https://cdn.discordapp.com/attachments/1066452941294293044/1082485493800910908/image.png

https://cdn.discordapp.com/attachments/1066452941294293044/1082486616855166996/image.png

 

Now This Is Nothing New I'm Aware Of Skids Attempting To Use These Classes That Are Found Here (https://github.com/Mecanik/Anti-DebugNET) To Attempt To Ig Stop People Like Me.

 

Now This Probably Isn't Technically Pasting But Whoever Made It Added These Structs/Enums And Probably Pasted Them In Having No Idea For Usage 

https://cdn.discordapp.com/attachments/1066452941294293044/1082485927995256832/image.png

 

 

2. Suspicious Content


 

Keep In Mind It Requires Admin So Some Of The Things Below Will Work 

https://cdn.discordapp.com/attachments/1066452941294293044/1082491187073650831/image.png

 

Now Immediately When Opening Any Of The Core Classes You'll Be Hit With These 2 Imports

https://cdn.discordapp.com/attachments/1066452941294293044/1082486848577876068/image.png

Now If You've Done Enough Research You'll Know Exactly What These Are Being Used For

https://cdn.discordapp.com/attachments/1066452941294293044/1082487724629565490/image.png

 

Another Weird Thing Is How These Are All The Same Classes Copy And Pasted With A Different Name Except For Hack Which Is The Pasted Lua Executor

https://cdn.discordapp.com/attachments/1066452941294293044/1082490657832177705/image.png

 

And Now For The Final Item

https://cdn.discordapp.com/attachments/1066452941294293044/1082490862895906947/image.png

This One Really Doesn't Need Explained

https://cdn.discordapp.com/attachments/1066452941294293044/1082490973101248603/image.png

https://cdn.discordapp.com/attachments/1066452941294293044/1082491025496486049/image.png

 

Source Code : https://cdn.discordapp.com/attachments/1066452941294293044/1082491174134231173/Alezia_Premium_Src.zip

  • 1

Added

@RealNickk Boolie I Deserve Mod Smh

  • 1

SeizureSalad

i love femboys

Posts: 1153

Threads: 79

Joined: Mar, 2021

Reputation: 36

Replied

yeah and not only that they're charging money for a wrd api exploit 

https://cdn.discordapp.com/emojis/1063838489101205525.png

  • 0

"Questionable intellegence, but I like the mystery" - CubeFaces

https://cdn.discordapp.com/attachments/1136067487847415848/1138948596679589898/sig.png

Posts: 1256

Threads: 84

Joined: Feb, 2021

Reputation: 75

Replied

If anyone is asking for where the thread went I deleted it so no more people can download it or use it 

but yeah vouch 

https://cdn.discordapp.com/emojis/1063839097040416900.png

  • 0

https://media.discordapp.net/attachments/1013939973671624917/1027279180192292944/unknown.png
https://media.discordapp.net/attachments/1010670716062007347/1108945330847883274/image.png

Cuby

Student loans

vip

Posts: 205

Threads: 5

Joined: Mar, 2019

Reputation: 57

Replied

@RealNickk, go to ur room

  • 0

Join the Front-Page Club!

Posts: 522

Threads: 41

Joined: May, 2020

Reputation: 4

Replied

No wonder there was no VT or Any.run on his thread smh

  • 0

nltr | Xaml & C# Developer Former Fluxus Administrator
------------------------------------------------------------------------------------
💜 Developer of Kronos ðŸ’œ

Senior Dev of Orbit

Discord

Posts: 1474

Threads: 95

Joined: Oct, 2019

Reputation: 93

Replied

@RealNickk Show Me Where My Mod Recommendation :Pensive: I Sadge

  • 0

Posts: 522

Threads: 41

Joined: May, 2020

Reputation: 4

Replied

Here is his profile if anyone wants, it looks like he just made it in the past day and only had that one thread about his malware https://i.imgur.com/KoXnsdg.png

  • 0

nltr | Xaml & C# Developer Former Fluxus Administrator
------------------------------------------------------------------------------------
💜 Developer of Kronos ðŸ’œ

Senior Dev of Orbit

Discord

Posts: 1474

Threads: 95

Joined: Oct, 2019

Reputation: 93

Replied

@RealNickk :Cry: Jon Doesn't Care Anymore Smh But RealNickk Is Good Boi

  • 0

Entity

Usability >> modern

vip

Posts: 417

Threads: 41

Joined: May, 2022

Reputation: 46

Replied

Nice cw vouch

  • 0

Posts: 0

Threads: 0

Joined: ?

Reputation:

Replied

Vouch, i shall now reinstall windows because i downloaded his executor 😭

  • 0

Posts: 422

Threads: 23

Joined: Nov, 2021

Reputation: 39

Replied

You dont even need to use a paid obfuscator but atleast use appfuscate if you already skid ;-;

  • 0

Posts: 690

Threads: 69

Joined: Oct, 2022

Reputation: 30

Replied

Amazing cw, vouch

  • 0

PLUTO_GUY FOR MODERATOR 2024!

---------------------------------

Reading this? Use charm.rest for the best gaming experience in your browser! It is unblocked at school and nice for gaming at home!

heckerdude

heckerdude

Posts: 128

Threads: 16

Joined: Aug, 2022

Reputation: 6

Replied

Pretty sure those functions require Admin Elevation, otherwise, nice CW!

  • 0

hecker dude ngl i hecked 5 ips in 1 second also luaU_loadbiglongjuicythingy(rL);

MainDab

Main_EX

Posts: 464

Threads: 39

Joined: Sep, 2020

Reputation: 10

Replied

it's funny how people still try to release viruses onto wrd forums thinking they could get away with it 

  • 0

Next >>>

Users viewing this thread:

( Members: 0, Guests: 1, Total: 1 )