Basically, it's not about morality of "pwning the pwners". It's about going for the lowest hanging fruit. The hackers that create these bogus tools know that anyone searching for these tools (instead of making it themselves) are incapable of double checking code and finding that kind of stuff. They also know that people doing this kind of stuff have info that they might want and that they don't encrypt or even isolate their stuff from their deployer devices: crypto wallets, personal files for blackmailing/selling, pr0n (sometimes the illegal kind). They know their targets well, and so, they make the perfect honeypot for them. And since it's a criminal targeting a potential criminal (since some are just prankster kids, not actual hackers), they know the conned won't do anything about it.
its not that anyone searching for this aren't able to double check, but enough of them don't and the cost to the uploader is almost nothing, just like how you get obvious scam emails not because they think you specifically will fall for it but because they know statistically enough people will fall for it versus the low cost of automatically sending out the same email. It wouldn't matter if 95% of people who look at the tools don't end up downloading it as long as enough do to offset the cost of making new github accounts.
> anyone searching for these tools (instead of making it themselves) what kind of logic is this, why in the world would you implement every hacktool you might need? at that point why not create your own compiler, standards, operating system, etc... if the implementation exists, and supports your usecase sufficiently theres no point in wasting time reinventing the wheel, regardless of whether or not you can.
@@dragoneye8610 no one is saying don't reuse tools, is the price you pay really worth ? It is just a matter of balance pros and cons. There is no honour among thieves, hacking is illegal, so if you see a hack tool. .. from a hacker ..... Well, enough has been said.
This is absolutely true. The first program I ever remember making was a keylogger to steal runescape passwords. I disguised it as a tool to DDoS people in pvp.
@@stage6fan475it’s a cool game engine, and there are some really cool games made using it, but on average it’s just for scammers to prey on kids with mommy’s credit card.(the Roblox company, the sketchy companies that make most of the slopp games, and those selling ‘hacks’ for Roblox)
To be fair, when you're actually programming and you put two text panes side by side in VIM or something like that, line wrap can be very, very distracting IMO. I really don't like it under normal circumstances. But yeah for something like this, it's great. Maybe when auditing code, use line wrapping, and when writing your own software, don't
@@youreyesarebleeding1368 I had the same problem. I solved it by splitting horizontally instead of vertically, unless you doing some really complicated stuff, but at that point it make sense to use several terminals under tiling wm
> passively complain that JH has ads and sponsors, which there are blockers for > Gaslight someone else for potentially not using an adblocker Logic/10
@@UnknownEntity420 I didn't mean to be toxic, though now that you say that I do see it, so sry. Second of all, John now has full videos that are dedicated to "show this beautiful and amazing work of xyz, 'oh and by the way I am lucky that they are sponsoring today's video'"
Another great point about why it's important to talk about even though these discord pirate wannabes deserve the results of their software...is that this kind of software is primarily used by children/teenagers/immature adults. They may not consider the consequences, or think they have nothing worth being stolen. But they are likely to share a computer or network with someone who does.
Not very bizarre because russians are typically brainwashed to be doublethinking when they are very young. Standard procedure of an authoritarian country.
Not very bizarre because russians are typically brain washed to be double-thinking when they are very young. Standard procedure of an authoritarian country.
I found this people rat before this video, they had multiple hosting websites where they storage the stolen files. I have all of their source codes. Also took down 4/5 websites of them, Good Job
Me after stealing a random github Downloader script from github (Ended up having to read documentation without knowing what it's documenting and just decided to use a git module to clone a repo and then remove the .git folder)
People fell for my closed source info stealer disguised as a Roblox executor, over 40+ ppl ran it before the git got taken down. It wasn't just kids either, didn't do anything with the stolen info besides mess around on their discord account.
What triggers me most is the fact that these ppl are trying to rat people that want to spread stealers, like bro why not just hide rat inside of stealer that spreader gonna spread, so that original ratter would get more infections
im ashamed to say it bit 4 years ago i used to rat people with fake tools, though since i was actually competent and wasnt a skid like most people who did this. i decided to fully obfustcate my code in a package, id simply import my custom-made package as whatever i named it, and then in the actual tool itself it would automatically download and run my rat when the package is imported, to not raise suspicion, that same package handled other things too, this also led to skids using my package, and it become widespread and anyone who used it id get their information. i did this on roblox and discord and no one knows, the package does not exist online anymore, though, i still have its source code
Are you using Spectre here (wallpaper shown at 10:32) because it was a leftover VM from the Windows mod video or do you like to use it to have a less expensive VM? I'm just curious because I've been considering it for VMs when I don't feel like degrading my SSD lifespan by 40GB Edit: I've just realized the masterful subversive storytelling in why you were using Spectre for this video...
Can you make a video about Magisk (android root), it seems it is open source but some important parts are closed source (blobs), there is also a way to use magisk in wsa in windows
Lain would NEVER have to analyze this software to understand it's malware and exactly how it works. She would just know intuitively what the base64 decoded values are, what net requests are being made, amongst other things.
Probably because they decrypt without needing any extra information from the user (like a master password) so the malware just needs to to do the exact same thing as the browser to get the exact same information. Never said I'm any good at computer security but this is just my general take.
Please start a patreon and do some training type videos. I would definitely sign up. If your schedule allows for such activities And thank you for this content📚 Time
Thank you. This shows how powerful Python is. Also, open source would protect you if you are good enough to read the code. Despite your clickbaity thumbnail, it was not invisible. Wouldn't a simple wordwrap catch this much easier? (Wordwrap unknown programs, folks)
I thought this was going to be some weird unicode thing where it turns text invisible via special characters, not just a bunch of spaces to hide the code offscreen, lmao.
Can we detect easily a type of requests and actions on our machine? Or suspicious requests live scan ? Like I always wonder if it’s possible to identify those suspicious activity even in the programs himself before executing it. To identify if it’s malware / can be / or legit actions. Especially with non open source software. It should be possible to have a custom protection that can even let us allow precise actions and tell us details about it. Hybrid analysis is something that look like that but it would be great as an anti virus. Idk if one exists already.
This is what malware detection programs/services try to do, ye, these days it goes further than just static binary scan, you can upload a sample to some sandbox online and have report showing where it connects, what files it's using, what processes it's spawning
@@ragingcow the people who put malware in their discord scripts aren't doing it just to "hack the hackers back", really, they're just going for whoever'll download their stuff. hackers will hack anyone if it means profit or a good time, moral or immoral.
It's crazely interesting. As at first when i've started cheating on Minecraft I would never expect any kind or rat or virus running trough until the day my discord account started going crazy 😂
I only have a basic knowledge of Python, but I am amazed to see this work on “how it works”. Would this area be cybersecurity? Any tips for an aspiring developer?
Im so confused about the audio through the entire Video, it jumps back and forth from bad quality to good quality and then back to bad quality, sadly it's bothering me very much!
It seems like some spotty noise cancellation settings or solutions. Things like Krisp (just as a simple example) are great and all, but some "one click cut all" solutions aren't as pretty as they seem in certain scenarios. In this scenario, his background noise cancellation solution seems to suffer during long winded conversations. Essentially, it's trying to adapt, but cutting out his voice thinking it's background noise in the process.
@@mahrag580 well it isn't skid logic, for one (not saying that using another persons tool in any case is skid-like, but programming things yourself is a really good practice in most cases)
HAHA sending these types of people junk is so fun to me. Malware devs and scammers are lazy so spamming them usually works out. In my experience anyways.
It seems like some spotty noise cancellation settings or solutions. Things like Krisp (just as a simple example) are great and all, but some "one click cut all" solutions aren't as pretty as they seem in certain scenarios. In this scenario, his background noise cancellation solution seems to suffer during long winded conversations. Essentially, it's trying to adapt, but cutting out his voice thinking it's background noise in the process.
hardcoded domain.... misspellings... base64....... this is almost adorable
ikr XD
teach me senpai
@@CastellaCapella just learn python and base64 encoding
@simswapping on tele is 10k+$, doesnt matter how bad his coding skills are dude is making a bag
and also russo domain, which is another giant red flag.
TL;DW: Base64 + a bunch of tabbed code at an attempt at hiding
not it isnt? just change the exec to a print? its literaly that simple
Bruh
@fatedsky6700 Did you watch the video? Cause' that's literally what this is
@@SkyyySi I don't think bro watched the video cause idek what they are talking about
@@fatedsky6700bro forgot to use his eyes
"want to raid a discord server ?"
"yes"
"then let me take over your computer and it will be used to raid"
That's funny because it's obvious and true.
Basically, it's not about morality of "pwning the pwners". It's about going for the lowest hanging fruit. The hackers that create these bogus tools know that anyone searching for these tools (instead of making it themselves) are incapable of double checking code and finding that kind of stuff. They also know that people doing this kind of stuff have info that they might want and that they don't encrypt or even isolate their stuff from their deployer devices: crypto wallets, personal files for blackmailing/selling, pr0n (sometimes the illegal kind).
They know their targets well, and so, they make the perfect honeypot for them. And since it's a criminal targeting a potential criminal (since some are just prankster kids, not actual hackers), they know the conned won't do anything about it.
its not that anyone searching for this aren't able to double check, but enough of them don't and the cost to the uploader is almost nothing, just like how you get obvious scam emails not because they think you specifically will fall for it but because they know statistically enough people will fall for it versus the low cost of automatically sending out the same email. It wouldn't matter if 95% of people who look at the tools don't end up downloading it as long as enough do to offset the cost of making new github accounts.
> anyone searching for these tools (instead of making it themselves)
what kind of logic is this, why in the world would you implement every hacktool you might need? at that point why not create your own compiler, standards, operating system, etc... if the implementation exists, and supports your usecase sufficiently theres no point in wasting time reinventing the wheel, regardless of whether or not you can.
@@dragoneye8610 no one is saying don't reuse tools, is the price you pay really worth ? It is just a matter of balance pros and cons. There is no honour among thieves, hacking is illegal, so if you see a hack tool. .. from a hacker ..... Well, enough has been said.
This is absolutely true. The first program I ever remember making was a keylogger to steal runescape passwords. I disguised it as a tool to DDoS people in pvp.
@@dragoneye8610 terry davis quotes go here
Something about discord and roblox scammers is cringe...
Everything about roblox is cringe; most things about discord are cringe.
@@stage6fan475it’s a cool game engine, and there are some really cool games made using it, but on average it’s just for scammers to prey on kids with mommy’s credit card.(the Roblox company, the sketchy companies that make most of the slopp games, and those selling ‘hacks’ for Roblox)
@@stage6fan475 agree
roblox has a ton of "get rich quick" methods, way more than discord and any other game/platform. tons of millionaires just from roblox
Everything about scammers is cringe
imagine submitting a PR called "Remove malware" how would they respond
LMAOO that would be the funniest open source thing ever
so its basically skids hacking skids, right?
No honor among thieves, or something like that.
This is what happens when you don’t know what you’re doing….
@@bitterlemonboy no honor among kids
fr
@@Valentyn90Ano honor among skids
line wrap boutta be crazy
It’s hard to feel sympathy for those who cheat or use scamming/spamming software get hacked.
line wrap: exists
hacker: oh no, he is protected
9:58 ratting the ratter itself... lovely
This is why I don't really like when text editors doesn't wrap lines by default
OPT + Z ftw
To be fair, when you're actually programming and you put two text panes side by side in VIM or something like that, line wrap can be very, very distracting IMO. I really don't like it under normal circumstances. But yeah for something like this, it's great. Maybe when auditing code, use line wrapping, and when writing your own software, don't
@@youreyesarebleeding1368 I had the same problem. I solved it by splitting horizontally instead of vertically, unless you doing some really complicated stuff, but at that point it make sense to use several terminals under tiling wm
You are like John Hammond but the good old videos with no ads & sponsors
I got ads on this video
@@HyperCodec why are you not using an adblocker?
> passively complain that JH has ads and sponsors, which there are blockers for
> Gaslight someone else for potentially not using an adblocker
Logic/10
@@UnknownEntity420 I didn't mean to be toxic, though now that you say that I do see it, so sry.
Second of all, John now has full videos that are dedicated to "show this beautiful and amazing work of xyz, 'oh and by the way I am lucky that they are sponsoring today's video'"
@@UnknownEntity420 I don't think he was talking about youtube ads, rather paid sponsorships inside the videos
Another great point about why it's important to talk about even though these discord pirate wannabes deserve the results of their software...is that this kind of software is primarily used by children/teenagers/immature adults. They may not consider the consequences, or think they have nothing worth being stolen. But they are likely to share a computer or network with someone who does.
"1312" is a well known abstraction of the "acab" acronym. Kind of bizarre choice for a Russian domain name that's used for stealing login credentials.
why would that be bizarre?
first time ive heard of it 😮
though hacker culture tends to be anti-establishment so the choice doesnt seem that out of line
Not very bizarre because russians are typically brainwashed to be doublethinking when they are very young. Standard procedure of an authoritarian country.
Not very bizarre because russians are typically brain washed to be double-thinking when they are very young. Standard procedure of an authoritarian country.
Oh yeah "Well-known", touch grass bud
2:00 C:\Users\lainiwakura
Lain detected, respected. Also, profile avatar from there, nice :D
**Laughs in line wrap**
not even that, if i find a document with a super long horizontal scroll the first thing i do is find what makes it like that
@@GraveUypo i use line numbering. if the file has no "Line 2" on the same screen, but a small scrollbar... there is something funny going on.
yeah nah i use vim in terminal. * laughs in line wrap and no sequential line numbers on the same screen *
I found this people rat before this video, they had multiple hosting websites where they storage the stolen files. I have all of their source codes. Also took down 4/5 websites of them,
Good Job
You are a Legend. Thank you for what you do
You dint tho did u
@@cammmy6063either pull up proof or stop calling cap on random stuff
@@cammmy6063 Yes i did sir
and how exactly did you take them down?
1:33 I always found these "source code level hacks" to be insanely clever and fascinating. Just a simple abuse of valid syntax in an unintended way.
i would agree if it werent for the example 1:33 is literally just holding space and hoping the user’s text editor doesn’t wrap the text 😂
7:08 never knew eric was a lain fan, sick man!!
3:00 to copy in terminals, just highlight everything and press enter. To paste, right click.
I don’t know who will fall for this, executing random python code from a private repo with like 2 followers, like why?
Me after stealing a random github Downloader script from github (Ended up having to read documentation without knowing what it's documenting and just decided to use a git module to clone a repo and then remove the .git folder)
People fell for my closed source info stealer disguised as a Roblox executor, over 40+ ppl ran it before the git got taken down. It wasn't just kids either, didn't do anything with the stolen info besides mess around on their discord account.
what if instead of eric parker, bro was freaky parker, and he made freakyware content
that would be pretty freaky tbf
Stop
It's time to stop
Oh no
they should just call all pr0n related malware "freakyware"
What triggers me most is the fact that these ppl are trying to rat people that want to spread stealers, like bro why not just hide rat inside of stealer that spreader gonna spread, so that original ratter would get more infections
Bro is onto something
He can't even spell 'python' guarantee you he wrote none of that code, what a skid
Oh look its blue! The guy that was ratting users of his kik mod!
Oh look it's blue! The guy that was ratting users of his kik mod!
Thank God i Didnt Download your Project
@@kbpw imagine ratting people, he must be very delusional
would't a python linter be screeching at the code for pep 8 violations and open security issues / pr/ reported the repo
the line had some kind of ignore, behind it, so no.
@@lathlager not quite, # type: ignore used by only some of the tools, others used # noqa
1:51 I didn't know this channel was owned by squidward!
this is an incredibly interesting and well-made video. Glad it got randomly pushed to my feed
1:20 skill issue. *Real Programmers* use Notepad, and notepad has line wrapping so something like that wouldn't get hidden.
Vscode has it too, but it isn't enabled by default
Notepad++ has it too as a setting
Gotta keep that code below 80 columns /s
My dude, almost every editor has line wrapping as an option.
lol, the code will be look worse bruh 🗿
very intresting! will be sure to double check silly repos now! never considered hidden python code using semi colons.
cat ears
uhhhh
oh look its the bloxshade guy :D
eric i hope u see this, this guy made a virus called bloxshade lol
@@brandnewkutta do you realize bloxshade is open source?
no
2:10 Eric did you really type out 'and'
Open source is not always 100% secure, but it is still easier to thoroughly analyze the code than to reverse engineer closed source code for malware.
im ashamed to say it bit 4 years ago i used to rat people with fake tools, though since i was actually competent and wasnt a skid like most people who did this. i decided to fully obfustcate my code in a package, id simply import my custom-made package as whatever i named it, and then in the actual tool itself it would automatically download and run my rat when the package is imported, to not raise suspicion, that same package handled other things too, this also led to skids using my package, and it become widespread and anyone who used it id get their information. i did this on roblox and discord and no one knows, the package does not exist online anymore, though, i still have its source code
Cool!
things like this are exactly why I took my grandparents' admin account away from them on their Mac.
because I know grandma is a big discord troll /s
you can talk about other people hiding code but you can't hide the cat ears, also thanks for giving me something to watch while eating!
Are you using Spectre here (wallpaper shown at 10:32) because it was a leftover VM from the Windows mod video or do you like to use it to have a less expensive VM? I'm just curious because I've been considering it for VMs when I don't feel like degrading my SSD lifespan by 40GB
Edit: I've just realized the masterful subversive storytelling in why you were using Spectre for this video...
That's a good point, cloning 40 gb of vm every time just to nuke it afterwards with malware
@@alespi2535you can also just create a snapshot and reset it afterwards
Can you make a video about Magisk (android root), it seems it is open source but some important parts are closed source (blobs), there is also a way to use magisk in wsa in windows
I'd be interested in this! +1
What parts of magisk are closed source?
i think everything is open sourced
Magisk is most likely legit, it has 46k stars on github.
No? Magisk only works on android, not windows
New mic?
Underwater video lul
Yeah was wondering what was happening with the audio
"Hello, how are you?
I am under da water
Plis help me, here too much raining wooo"
Oh so I’m the weirdo for enabling soft wrap.
lmao i stumbed across this git repo randomly, and now youtube recommends me this video xD
the battle of the skids
Why does everything discord or cheat related always have malware 😭
Big community’s just accumulate a lot of filth.
On small that filth is either well known or kicked out.
Probably because it works
6:03 no way you can just post to any uid 😭😭😭😭😭
what monkey made that stealer
uid issue
beautiful IDOR vuln. if only they had a bug bounty program...
Of course it's that country domain
Pyhton 0:00🔥
the laugh at 5:58 is so peak
tbh i dreamt about hiding fun "easter eggs" like this, and imo every green programmers feel the same way that i do.
Lain would NEVER have to analyze this software to understand it's malware and exactly how it works. She would just know intuitively what the base64 decoded values are, what net requests are being made, amongst other things.
Looks very windows dependant, but I think it could still be a hazard in linux...
It calls CMD in like stage3 or 2. It definitely wouldn’t work.
I love you so much Eric Parker please dont get pregnant 😢😢🙏🙏
That's why I always use Option + Z (Mac) or Alt + Z (Win) to wrap code to fit into the window in vscode
If only these people used their "talents" for good.
How are chrome cookies so insecure that a script can just trawl the hard drive and decrypt them?
NEVER trust browsers password managers
Probably because they decrypt without needing any extra information from the user (like a master password) so the malware just needs to to do the exact same thing as the browser to get the exact same information.
Never said I'm any good at computer security but this is just my general take.
Please start a patreon and do some training type videos. I would definitely sign up.
If your schedule allows for such activities
And thank you for this content📚
Time
Thank you. This shows how powerful Python is. Also, open source would protect you if you are good enough to read the code. Despite your clickbaity thumbnail, it was not invisible. Wouldn't a simple wordwrap catch this much easier? (Wordwrap unknown programs, folks)
Multiple lain references. Based.
you and ebola man should make a video together
I noticed you are using Ghost Specter version of windows, I'm curious what's your opinion on it given that most people on YT seem to be attacking it
It's good. I used it for 3 years and no issues. But nowadays you probably want to use revi os
>Not as legit as it would seem
It’s software designed for raiding discords. It doesn’t seem legit to begin with.
This is so clever. 1:16
The level of skiddery is wild 💀 base64 encoding/decoding and a public domain 😭
this is how they did it way back in the day too , not through python but like through those keygen apps you'd download and run lol
I thought this was going to be some weird unicode thing where it turns text invisible via special characters, not just a bunch of spaces to hide the code offscreen, lmao.
Hardcoded domain... time to take down their entire service just by reporting their domain... (Also "obfuscating" code with base64 is just adorable).
Yeah, good luck with that. A russian registrar may be kind enough to tell you where exactly to shove your report.
i dont know what he is talking about but it sounds cool and stuff
ah criminals being criminals
This is good! Let those 12 year old discord skids get malware'd.
Can we detect easily a type of requests and actions on our machine? Or suspicious requests live scan ?
Like I always wonder if it’s possible to identify those suspicious activity even in the programs himself before executing it. To identify if it’s malware / can be / or legit actions.
Especially with non open source software.
It should be possible to have a custom protection that can even let us allow precise actions and tell us details about it. Hybrid analysis is something that look like that but it would be great as an anti virus. Idk if one exists already.
This is what malware detection programs/services try to do, ye, these days it goes further than just static binary scan, you can upload a sample to some sandbox online and have report showing where it connects, what files it's using, what processes it's spawning
I LOVE ALL YOUR VIDEOS
Where do you discuss the ChatGPT method?
Cant wait for someone to make an encoder that only uses whitespace characters
government level code obfuscation
i dont understand why this is immoral. The people who are downloading discord raiding scripts deserve to get hacked no?
@@ragingcow the people who put malware in their discord scripts aren't doing it just to "hack the hackers back", really, they're just going for whoever'll download their stuff. hackers will hack anyone if it means profit or a good time, moral or immoral.
Kitty ears
I hope they won't mind my delivered goodies
The site is already down lmao
Man. why do you gotta expose these programs, this is teaching people to NOT use hacks.
I like your voice. Can you start a second channel where you just read to us?
Nothing better than watching an Eric Parker vid after uni
thank god i use firefox
It's crazely interesting. As at first when i've started cheating on Minecraft I would never expect any kind or rat or virus running trough until the day my discord account started going crazy 😂
nga i was on the community like 3 years and you still cheating? get a life bro 💀 weirdo
A portion of these skids would be trying these on their parents hardware.
The lowest of the lowest going to the lowest levels
again? why do these people like to use requests so much?
Visual Studio Code Alt + Z:
9:07 real RSPVN raid tool were targeted 🗣️🔥
I only have a basic knowledge of Python, but I am amazed to see this work on “how it works”. Would this area be cybersecurity? Any tips for an aspiring developer?
about the end of the video, how would it manage to install into the host machine?
Im so confused about the audio through the entire Video, it jumps back and forth from bad quality to good quality and then back to bad quality, sadly it's bothering me very much!
Audio_Quality_Importance > Video_Quality_Importance
It seems like some spotty noise cancellation settings or solutions. Things like Krisp (just as a simple example) are great and all, but some "one click cut all" solutions aren't as pretty as they seem in certain scenarios. In this scenario, his background noise cancellation solution seems to suffer during long winded conversations.
Essentially, it's trying to adapt, but cutting out his voice thinking it's background noise in the process.
if you were to remove that one line of code, would it then be safe to run?
Tbh, if you want to nuke a discord server already, at least code it yourself 😭
what type of logic is this bruh
@@mahrag580 well it isn't skid logic, for one (not saying that using another persons tool in any case is skid-like, but programming things yourself is a really good practice in most cases)
Personally, I don't mind this since of the people they're targeting
i ratted my seft like this but the bot/webhook was invalid
HAHA sending these types of people junk is so fun to me. Malware devs and scammers are lazy so spamming them usually works out. In my experience anyways.
how many terrabytes you typically send?
what's up with the audio?
It seems like some spotty noise cancellation settings or solutions. Things like Krisp (just as a simple example) are great and all, but some "one click cut all" solutions aren't as pretty as they seem in certain scenarios. In this scenario, his background noise cancellation solution seems to suffer during long winded conversations.
Essentially, it's trying to adapt, but cutting out his voice thinking it's background noise in the process.
Lol he had to find a way to mention he uses rust
great video!
this is a trick that goes back to roblox