+- Blizzard Sector (https://www.blizzsector.co)
+-- Forum: Diablo II (https://www.blizzsector.co/forum-4.html)
+--- Forum: Hacks Bots and Editors (https://www.blizzsector.co/forum-16.html)
+--- Thread: AutoAim v1 Fix2 (/thread-27099.html)
AutoAim v1 Fix2 - droxid - 02-14-2006
ink:
h**p://rapidshare.de/files/13246447/AutoAimv1_droxid_recompile.Fix2.zip.html
description:
Basically a simple program,which will drop another file which then will be injected into the specified classname.
Simple to use, screenshot included in the file.
I normally make hacks for cs, but i thought i'd give d2 a try after looking at a few private source codes for d2, wasn't too difficult.
Credits:
Aphex - http://iamaphex.com
drocon
stm
Coded in VC + TASM
Have fun
![[Image: icon_biggrin.gif]](http://images.edgeofnowhere.cc/images/smiles/icon_biggrin.gif){kind=icon}
Any queries don't hesistate to PM me
AutoAim v1 Fix2 - FraterPerdurabo - 02-15-2006
NC called it clean. Can someone with some skills have a look at the code?
AutoAim v1 Fix2 - droxid - 02-15-2006
someone scan it please to proove it's legit and debug it if you must -_-;
p.s. you don't have to use it if you don't want to?
Additional Comment:
Any feedback is necessary to advance on the program
AutoAim v1 Fix2 - Snipz - 02-15-2006
Whats this all about
http://iamaphex.com/
AutoAim v1 Fix2 - droxid - 02-15-2006
just part of creditz, used bits of his code injection technology, and made it into full exe injection.
AutoAim v1 Fix2 - bayarea - 02-15-2006
HMMM If I were anyone else like an adim I would close this thread right now b4 anyone gets a trojan.
Additional Comment:
Plus I bet once you use this (if its legit) its detectable fosho
AutoAim v1 Fix2 - DaRK_IMMoRTAL - 02-15-2006
not to mention... check for key-loggers... any professional programmers here to check this out?
AutoAim v1 Fix2 - droxid - 02-15-2006
1. It's not detectable
2. It's not a trojan
3. It's not a keylogger
don't belive me? don't use it.
Scan it, hex it, disasmble it, debug it
AutoAim v1 Fix2 - madderThanu - 02-15-2006
This is defnitely suspicious, the .exe is packed and the PE header is all messed up, apparently to make it harder to disassemble or figure out what it does. Kind of irrelevant anyway since with all the messed up headers it crashes on startup (at least on my Win2K). I wouldn't recommend you touch this.
AutoAim v1 Fix2 - droxid - 02-15-2006
Who leaves big exes unpacked nowadays?
Just packed for security reasons, no ripping code etc, but if you were a good programmer, it's very easy to disassemble.
And it doesn't crash... :S
AutoAim v1 Fix2 - madderThanu - 02-15-2006
droxid Wrote:Who leaves big exes unpacked nowadays?People who have nothing to hide?
Packers detected:
PE_PATCH, UPACK, PE_PATCH.PECOMPACT, PECBUNDLE, PECOMPACT
Infected with Backdoor.Win32.Agent.rk, big surprise there.
AutoAim v1 Fix2 - FraterPerdurabo - 02-15-2006
Ban this droxoid "pr0"grammer.
AutoAim v1 Fix2 - droxid - 02-18-2006
False positive...
Do you even know what .rk is?
Please, if you're noob and all you can do is scan the file on a honeypot site, stfu.
AutoAim v1 Fix2 - Quadzilla2win - 02-18-2006
you shouldn't use aa anyway. aa is for noobs that have no dueling skills.
AutoAim v1 Fix2 - slashbomb - 02-18-2006
Ok i Scanned it using Virustotal & Virusjotti. Results from both:
File: AutoAimv1_droxid_recompile.Fix2.zip Status: INFECTED/MALWARE (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5 294123b0887ec25b41e286f68b6d892a Packers detected: PE_PATCH, UPACK, PE_PATCH.PECOMPACT, PECBUNDLE, PECOMPACT
Scanner results
AntiVir Found nothing
ArcaVir Found Heur.Win32
Avast Found nothing
AVG Antivirus Found BackDoor.Agent.AMQ
BitDefender Found nothing
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
Fortinet Found W32/Agent.RK!bdr
Kaspersky Anti-Virus Found Backdoor.Win32.Agent.rk
NOD32 Found nothing
Norman Virus Control Found nothing
UNA Found nothing
VBA32 Found Backdoor.Win32.Agent.rk
This is a report processed by VirusTotal on 02/17/2006 at 16:46:39 (CET) after scanning the file "AutoAimv1_droxid_recompile.Fix2.zip" file.AntivirusVersionUpdateResultAntiVir6.33.1.5002.17.2006no virus foundAvast4.6.695.002.16.2006no virus foundAVG71802.16.2006BackDoor.Agent.AMQAvira6.33.1.5002.17.2006no virus foundBitDefender7.202.17.2006no virus foundCAT-QuickHeal8.0002.16.2006(Suspicious) - DNAScanClamAVdevel-2006012602.17.2006no virus foundDrWeb 4.3302.17.2006no virus foundeTrust-InoculateIT23.71.7802.17.2006no virus foundeTrust-Vet12.4.208602.17.2006no virus foundEwido3.502.17.2006Backdoor.Agent.rkFortinet2.69.0.002.17.2006W32/Agent.RK!bdrF-Prot3.16c02.17.2006no virus foundIkarus0.2.59.002.17.2006no virus foundKaspersky4.0.2.2402.17.2006Backdoor.Win32.Agent.rkMcAfee469902.17.2006no virus foundNOD32v21.141302.17.2006no virus foundNorman5.70.1002.17.2006no virus foundPanda9.0.0.402.17.2006Suspicious fileSophos4.02.002.17.2006no virus foundSymantec8.002.17.2006no virus foundTheHacker5.9.4.09702.16.2006no virus foundUNA1.8302.16.2006Backdoor.AgentVBA323.10.502.17.2006Backdoor.Win32.Agent.rk
AutoAim v1 Fix2 - Burner03 - 02-18-2006
Kid, until you learn how to program please, dont put trojans in your shit. Thanks
AutoAim v1 Fix2 - madderThanu - 02-20-2006
droxid Wrote:False positive...Oh the irony...
Do you even know what .rk is?
Please, if you're noob and all you can do is scan the file on a honeypot site, stfu.
AutoAim v1 Fix2 - classifyed - 03-08-2006
Kind of obvious apon the first post. Self injections for aa = bad unless its made buy paul
AutoAim v1 Fix2 - DaRK_IMMoRTAL - 03-08-2006
lol did anyone even read the person who scanned it found backdoors? lol..
-.- or is everyone here too lazy to scan it and would much rather spam