Post: Console Sniffer Leached/Exposed
Options
03-04-2017, 02:58 AM
#1
Bygone
Guest
Have a look at the link here ---> You must login or register to view this content.
4, (Have not taken the time to verify this one but it's rumored it's a backdoor & try's to prevent/block access from any similar competitor programs/services/applications)
LANC Source used in console sniffer: You must login or register to view this content.
Read the side classes and have a look at the linked source mentioned above ↑
Below are some reference's to look at you can review over yourself. Hope this provides some insight for other's
Screenshot 1:
You must login or register to view this content.
You must login or register to view this content.
Last edited by
Bygone
; 03-05-2017 at 02:27 PM.
The following 3 users say thank you to Bygone for this useful post:
03-04-2017, 03:00 AM
#2
Algebra
[move]mov eax, 69[/move]
Originally posted by Riftulus
For everyone who uses any kind of network sniffer... Especially on PSN or for gaming online I would strongly advise you to steer clear of the sniffer known as "Console Sniffer" Why you might ask? Well put most simply For 1 The program in question is used from a leaked source. 2, they worked off Lanc v2 source. 3, The leach/degenerate who "Developed" it Known as Obamasu or on NGU as "Bottom Feeder" from the looks of it does not appear to be quite trustworthy.
Have a look at the link here ---> You must login or register to view this content.
4, (Have not taken the time to verify this one but it's rumored it's a backdoor & try's to prevent/block access from any similar competitor programs/services/applications)
LANC Source used in console sniffer: You must login or register to view this content.
Read the side classes and have a look at the linked source mentioned above ↑
Below are some reference's to look at you can review over yourself. Hope this provides some insight for other's
Screenshot 1:
You must login or register to view this content. Link: You must login or register to view this content.
You must login or register to view this content. Link: You must login or register to view this content.
Have a look at the link here ---> You must login or register to view this content.
4, (Have not taken the time to verify this one but it's rumored it's a backdoor & try's to prevent/block access from any similar competitor programs/services/applications)
LANC Source used in console sniffer: You must login or register to view this content.
Read the side classes and have a look at the linked source mentioned above ↑
Below are some reference's to look at you can review over yourself. Hope this provides some insight for other's
Screenshot 1:
You must login or register to view this content. Link: You must login or register to view this content.
You must login or register to view this content. Link: You must login or register to view this content.
I strongly agree with you
The following user thanked Algebra for this useful post:
03-17-2017, 09:50 AM
#4
Algebra
[move]mov eax, 69[/move]
Originally posted by TxcticaLx
Unfortunately I have to agree with Geekiedad, he is correct, all its doing is pulling the username and adding the username to griddata
It doesnt seem to be malicious at all, I'd however be checking within "MACLookup" and "LocalMachine" to see if its implanting any data which doesnt need to be, or redirecting packets to your PC from an unknown source - you have to remember, once you allow an application through a firewall to use network features, you are allowing the whole application, code can be hidden anywhere, it can even be hidden within more code, it can even server side redirect you to a command which is automatically downloaded without prompt through the application, and thats what I'd be looking for over this
Check out the API and make sure it isnt built maliciously either or modified from the original source
It doesnt seem to be malicious at all, I'd however be checking within "MACLookup" and "LocalMachine" to see if its implanting any data which doesnt need to be, or redirecting packets to your PC from an unknown source - you have to remember, once you allow an application through a firewall to use network features, you are allowing the whole application, code can be hidden anywhere, it can even be hidden within more code, it can even server side redirect you to a command which is automatically downloaded without prompt through the application, and thats what I'd be looking for over this
Check out the API and make sure it isnt built maliciously either or modified from the original source
If you unpack the code then you will see that it edits your host file located in C:\Windows\System32\drivers\etc\hosts
What it does is it blocks certain sites. Octosniff and serenpity
03-17-2017, 03:38 PM
#6
Algebra
[move]mov eax, 69[/move]
Originally posted by TxcticaLx
I never denied that, I was referring to the statement made about it being a trojan or backdoor, I can see the hosts edit bruv
That is why he said it is rumoured. If you read the thread he states it in plain text.
Copyright © 2024, NextGenUpdate.
All Rights Reserved.
