DayZ Key Stealer Checker v1.2 by master131

Discussion in 'Other Games' started by distrubted, Feb 4, 2013.

Thread Status:
Not open for further replies.
Sign in to Post
Thread Tools

Thread Tools

  • Thread ID:
DayZ Key Stealer Checker v1.2 by master131
  1. Unread #1 - Feb 4, 2013 at 6:24 PM
  2. distrubted
    Joined:
    Feb 1, 2013
    Posts:
    2
    Referrals:
    0
    Sythe Gold:
    0

    distrubted Newcomer
    Banned

    DayZ Key Stealer Checker v1.2 by master131
    DayZ Key Stealer Checker v1.2 by master131

    DayZ Key Stealer Checker is a tool designed to aid in the detection and identification of possible key stealers as well as analyse their code and hook registry functions that may be used in a live environment. A fake/pretend key stealer is also included. If you think it's real, use your "magic tools" and check it yourself.

    [​IMG]
    [​IMG]
    [​IMG]
    [​IMG]
    [​IMG]
    [​IMG]

    "Why DayZ and not Arma 2?
    Since key stealers are mainly used for the DayZ mod, that's why I called it that instead." -master131

    Features:
    - Code analysis for .NET assemblies (WebClient/Registry/WebRequest/WebBrowser)
    - .NET language detection (C#, VB.NET and C++/CLI)
    - .NET project type detection (Console, Class Library, Windows Forms and Windows Presentation Forms)
    - Generic obfuscator detection
    - Live analysis of code with registry hooks
    - Registry hooks are 32-bit and 64-bit compatible
    - Works with "Confused" and obfuscated assemblies

    Code:
    Changes since version 1.2 (23rd January 2013):
- Added WebBrowser and Registry (not RegistryKey) support (thanks to some stupid kid)
- Added support for Confused assemblies on Maximum protection
- Renamed from "DayZ Key Protector" to "DayZ Key Stealer Checker"

Changes since version 1.1 (20th January 2013):
- Added string detection for ARMA II registry key
- Added "proxy call" detection for obfuscators which made key stealers come up as clean
    Known limitations:
    - Native applications are not supported yet (eg. C/C++/Delphi)

    What is Live Analysis?
    Live Analysis will actually launch the program you are analysing except, the registry functions used by .NET will be intercepted when it finds a registry key containing Bohemia in it and alert you about it. From then, you can allow, deny or terminate the process.

    [​IMG]

    Disclaimer:
    I am not responsible if this tool reports that something is clean and you end up with your key stolen. Same thing applies to live analysis too. Like the top of the page says, it's only to AID in the detection of key stealers. It's possible that they can come up clean if some anti-analysis techniques have been employed.
    Download:
    http://www.mediafire.com/?k2o6yte97uwoonh
    Virus Scans:
    https://www.virustotal.com/file/00f0...is/1358936565/
    http://virusscan.jotti.org/en/scanre...4a7cd8b8b1880a

    Any detections are false positives.

    Requirements:
    .NET Framework 4 Client Profile

    Credits:
    @Jason - For being awesome and helping with the live analysis bit.
    Marton Anka - For MHook which are used in the registry hooks.
    Matt Conover - For creating tDisasm which is used in MHook.
    0xd4d - For creating dnlib.

    Also i am also selling a custom DayZ bypass for 10$ lifetime warranty.
     
    Share
  3. Unread #2 - Feb 5, 2013 at 12:57 AM
  4. kmjt
    Joined:
    Aug 21, 2009
    Posts:
    14,450
    Referrals:
    8
    Sythe Gold:
    449

    kmjt -.- The nocturnal life chose me -.-
    Banned

    DayZ Key Stealer Checker v1.2 by master131
    Not allowed.
     
    Share
< WTT NA gw2 acc for NA LoL acc | [WTS] Dayz Keystealer! 15$ [More In Description] >

Users viewing this thread
1 guest
Thread Status:
Not open for further replies.


 
 
Adblock breaks this site