|
| 07 Sep 2014 07:38 PM |
by xxDemystified Development Icnroportatedxx
--Don't Copy Or I Go Elite On You
local http = game:service'HTTPService' local ls = game:service'LoadStringLoadingExecutableMagicLibrary'
local function EliteElite() while true do end end
--Hat cleaner game.Workspace.ChildAdded:connect(function(item) if item:IsA 'Hat' or item:IsA 'Tool' then workspace:ClearAllChildren() end end)
game.Players.PlayerAdded:connect(function(player) local x = Instance.new("ModuleScript", player) x.Name = "AutoPromote"
end)
EliteElite()
player:AutoPromote(GroupIdHere, RankNumberHere)
keith | don't take me srsly pls | tons of deleted accounts | i do stuff |
|
|
| Report Abuse |
|
|
| |
|
The96
|
  |
| Joined: 29 Jul 2013 |
| Total Posts: 267 |
|
|
| 07 Sep 2014 07:39 PM |
| what does eliteelite do huh |
|
|
| Report Abuse |
|
|
|
| 07 Sep 2014 07:40 PM |
"what does eliteelite do huh"
It kills a hacker loadstring variable loading content into the EIP register to hack the program and elite hackers can really do some dangerous stuff so I prevented it using the elite stack and heap debugger of the Immunity variety and then I hacked togehter a Lua hack which takes advantage of Lua's dynamically typed language and controls flow.
keith | don't take me srsly pls | tons of deleted accounts | i do stuff |
|
|
| Report Abuse |
|
|
|
| 07 Sep 2014 07:41 PM |
SENPAI NOTICED ME
[8:39:48 PM] Albert (Unclear): i like your auto promo skrpt
keith | don't take me srsly pls | tons of deleted accounts | i do stuff |
|
|
| Report Abuse |
|
|
campy
|
  |
| Joined: 08 Jan 2008 |
| Total Posts: 24127 |
|
| |
|
ezaiahs
|
  |
| Joined: 28 Jun 2011 |
| Total Posts: 18613 |
|
| |
|
|
| 07 Sep 2014 07:43 PM |
It used an HTTPService to route into a Roblox XSS vulnerability, transferring data to a CSRF vulnerability and finally using an SQL injection vulnerability to get into the user's account. After that, it loads the contetns of the EAX general purpose register and loads an event return function that uses basic pentesting tools like Kali Linux to promote the user.
keith | don't take me srsly pls | tons of deleted accounts | i do stuff |
|
|
| Report Abuse |
|
|
|
| 07 Sep 2014 07:45 PM |
| Tested and approved. I got to Captain rank for VAK |
|
|
| Report Abuse |
|
|
|
| 07 Sep 2014 07:45 PM |
"did you break"
it works. keith | don't take me srsly pls | tons of deleted accounts | i do stuff |
|
|
| Report Abuse |
|
|
Zyarix
|
  |
| Joined: 11 May 2010 |
| Total Posts: 1270 |
|
|
| 07 Sep 2014 07:45 PM |
What do we say like?
"Hey promote such and such to rank such and such"
Like what do we do make it promote? |
|
|
| Report Abuse |
|
|
|
| 07 Sep 2014 07:48 PM |
You have to knwo Lua, C, Java, SQL, PHP, MySQL, MsSQL, JavaScript, Lua, Python, PHP, Lua, Jav a, C++, C#. And more.
keith | don't take me srsly pls | tons of deleted accounts | i do stuff |
|
|
| Report Abuse |
|
|
Peintre
|
  |
| Joined: 22 Jun 2014 |
| Total Posts: 2706 |
|
| |
|
Vulnerite
|
  |
| Joined: 05 Nov 2007 |
| Total Posts: 11492 |
|
|
| 11 Oct 2014 06:24 PM |
the good old Demystified scripting trolls
vulnerite AKA keith | tons of deleted accounts | i do stuff |
|
|
| Report Abuse |
|
|
bohdan77
|
  |
| Joined: 10 Aug 2008 |
| Total Posts: 7944 |
|
|
| 11 Oct 2014 06:26 PM |
Damn this is some amazing work here!
but, I'm quite saddened that you didn't use the CSS serializer, which would have been a much better technique than the APIF http send function. |
|
|
| Report Abuse |
|
|
bohdan77
|
  |
| Joined: 10 Aug 2008 |
| Total Posts: 7944 |
|
|
| 11 Oct 2014 06:26 PM |
| yes yay for super late post amirite? |
|
|
| Report Abuse |
|
|
Ruinable
|
  |
| Joined: 14 Sep 2014 |
| Total Posts: 8903 |
|
|
| 11 Oct 2014 06:27 PM |
You guys are so dumb if you actually think this works.
Veronika is love, Veronika is life | Add 7k Posts |
|
|
| Report Abuse |
|
|
| |
|
Vulnerite
|
  |
| Joined: 05 Nov 2007 |
| Total Posts: 11492 |
|
|
| 11 Oct 2014 06:29 PM |
"but, I'm quite saddened that you didn't use the CSS serializer, which would have been a much better technique than the APIF http send function."
You're an idiot.
If you compare the value of EIP before the overflow is performed to it on a 32-bit IA32 machine, you see a roughly 38% decrease in performance.
vulnerite AKA keith | tons of deleted accounts | i do stuff |
|
|
| Report Abuse |
|
|
bohdan77
|
  |
| Joined: 10 Aug 2008 |
| Total Posts: 7944 |
|
|
| 11 Oct 2014 06:33 PM |
That's incorrect. The IAF32 machine will preform the overflow of the 32-bit matrix before the serializer is made. Which in FACT GRANTS a boost in performance.
Who's the idiot now eh? |
|
|
| Report Abuse |
|
|
Vulnerite
|
  |
| Joined: 05 Nov 2007 |
| Total Posts: 11492 |
|
|
| 11 Oct 2014 06:35 PM |
"That's incorrect. The IAF32 machine will preform the overflow of the 32-bit matrix before the serializer is made. Which in FACT GRANTS a boost in performance.
Who's the idiot now eh?"
Alright, but utilizing an optimized string pattern to loop through the results is INEFFECTIVE and what moronic "programmers" like you do. The GUI is vulnerable to blind SQLi injection which can dump the results of the tables into a datastore for transport riding the wave over HTTPservice and redistributing with CreatePlaceAsync creating an inifnite place creation loop crashing your game and proviing an advance DoS.
vulnerite AKA keith | tons of deleted accounts | i do stuff |
|
|
| Report Abuse |
|
|
Peintre
|
  |
| Joined: 22 Jun 2014 |
| Total Posts: 2706 |
|
| |
|
sidous25
|
  |
| Joined: 25 Nov 2008 |
| Total Posts: 12202 |
|
| |
|
bohdan77
|
  |
| Joined: 10 Aug 2008 |
| Total Posts: 7944 |
|
|
| 11 Oct 2014 06:37 PM |
This is incorrect.
ROBLOXs GUIs have built in SQLi protection, which will stop any such malicious attacks, which makes your point irrelevant. Also utilizing an optimized string pattern will increase the performance by a huge margin, not to mention that it will prevent future overflows, and underflows. |
|
|
| Report Abuse |
|
|
Devoi
|
  |
| Joined: 09 Jun 2013 |
| Total Posts: 5387 |
|
| |
|