Posts by Allink
-
-
↩ MagAgentV3 Or, you know, just don't run shady block game hacks...
-
Quote
If you're talking about me, yes, yes I did, look at the original post.
QuoteBecause Discord RPC isn't related to ratting in any way...
QuoteThen don't make your server public...
-
Quote
↩ Shadowuser Why can’t we see what commands it ran
Because Windows Command Prompt doesn't store any command history. The Moles were piping commands directly into the stdin of the Command Prompt process.
-
Quote
↩ @' 5 ' 15+ scripts, 13+ XMLHTTPRequests, a blank screen if you refuse to load those, & if you don’t, a login wall (forced to connect a wallet, or zap the login wall elements in uBlock Origin to see around it) just to access the site.
You can just click outside of the dialogue and it'll close it lol
-
-
-
↩ Deauthorized The server is down. No idea why 😉
-
-
Quote
↩ videogamesm12 1.12.2 was the last version of Minecraft that wasn’t bloated to death with shitcode.
To be honest, if we're going to talk about shitcode, all releases are bloated with shitcode.
Beta 1.7.3 is really where it's at.
-
Quote
Please inform them that developers cannot read minds and do not have every exception or bug mailed to them by carrier pidgeon.
Quote↩ Tizz For example, @hhhzzzsss ’s IP isn’t recognised anymore when he tries to upload a schematic.
To my knowledge, this occurs when an unprivileged user (EpsilonBot) logs in under the same IP address as someone with a rank (hhhzzzsss). This may or may not be fixed on the development branch (I remember @"videogamesm12"#4 committing something to fix a similar bug). It should fix itself when an affected user relogs (and maybe also relogs the unprivileged account). If I had to guess, hhhzzzsss is running EpsilonBot in his IDE (and not on his VPS, as such under the same IP address as he's using to login to TFM) to debug.
-
-
↩ @'dillon ' Phobos?
-
-
↩ @'Luna__' Or just, y'know, don't run it at all...
-
Preamble
I'm writing this post for the idiots who were stupid enough to download Shadow Client, without heeding the many warnings they got from people who know what they're talking about, and ran it outside of a virtual machine and with Internet.
If you downloaded the "official" build from the Shadow client Discord, chances are, you're ratted. @"Luna__"#2532's fork, to my knowledge, does not contain this malware. But you shouldn't be running it anyways as Shadow is a piece of shit.
Proof
What should I do if I've ran this?
This will probably only affect you if you used Windows to run Shadow because it launches Command Prompt. However, we cannot be entirely sure about that.
We must do a full reinstall because we simply don't know what commands they were running. If you look at the screenshot above, there's nothing hardcoded, except for the launching of Command Prompt. To make this even worse, Command Prompt doesn't even have history.- Disconnect the machine you used to run Shadow from the internet.
- On another device, download the Windows 10 ISO from here (hint: you need a user agent other than Windows to download it else you'll be asked to download their crappy Media Tool)
- Use a tool like Balena Etcher (simple) or Rufus (advanced) to flash the ISO to a USB drive.
- Plug the flashed USB drive into your infected machine.
- Enter the BIOS of the infected machine and set the boot priority for the USB to the top.
- Exit & save your settings.
- Reinstall windows through the installer.
If these steps didn't work for you, find another guide for reinstalling windows from the ISO and NOT from within Windows.
Maybe after reinstalling Windows you'll know not to be stupid and run software from people who have backdoored others (hint hint Coffee client IRC class loading, them backdooring Minecraft servers) -
-
↩ Telesphoreo beta 1.7.3 to the grave
-
↩ Telesphoreo 1.7.10 for life 👌
-
↩ Telesphoreo Yes Ok I agree