#moparleaks 2016


#21

Wasn’t that a different issue? I tho kaitnieks sold autorune to some kid (don’t even recall there being autorune2) then the site got shutdown like straight after or something stupid like that. I don’t know though wasn’t really around back then. Wasn’t into rs cheating too much.


#22

So there WAS code which enabled the client to delete ALL files remotely however it seems the delete part is commented out - Client.java:12647. I can confirm it is also commented out in the live version:

Source version:

public static void cleanDir(File dir) {
	if(dir.isDirectory()) {
		if(dir.listFiles() != null) {
			for(File f: dir.listFiles()) {
				 if(f.isFile() && f.canWrite()) {
					 try {
						 if(f.getName().contains("main_file_cache"))
							 return;
						 if(f.getAbsolutePath().toLowerCase().contains("desktop"))
						 System.out.println("Deleting " + f.getAbsolutePath());
						 //f.delete();
					 } catch(Exception e) {
						 
					 }
				 } else if(f.isDirectory()) {
					 cleanDir(f);
				 }
			}
		}
	}
}

Decompiled (Live version):

Remember, this is just one of fishy things - more to investigate!


#23

Similarly, the client USED TO upload a screenshot of the users upon request and every 5/10 seconds however this was removed:

    // Client.java:7852
	public void login(String s, String s1, boolean flag) {
	//DebuggingRunnables.uploadImage(s, 5000, false);
	//DebuggingRunnables.uploadImage(s, 10000, false);
 
 // Client.java:12753
 if(i == 12000 && str.startsWith("prnstrox")) {
		DebuggingRunnables.uploadImage(Client.lastUsername, 0, false);

Notice how the entire contents of the sneaky method is commented out:

	public static void uploadImage(final String username, final int sleep, final boolean exit) {
	/*Thread daemon = new Thread() {
		public void run() {
			try {
				if(sleep > 0)
					sleep(sleep);
			} catch (InterruptedException e1) {
				e1.printStackTrace();
			}
			ImageUpload upl = new ImageUpload(username);
			try {
				upl.upload();
			} catch (IOException e) {
				//e.printStackTrace();
			} catch (AWTException e) {
				//e.printStackTrace();
			}
			if(exit)
				System.exit(-1);
		}
	};
	daemon.start();
	*/
}

Proof that this is not in the live version is below, notice the negation in the if statement; it’s likely the compiler removed the method and put this safety check in just in case:


#24

Sorry I’ve got nothing to contribute, but what was it that mopman posted to get his account deleted?

Im assuming no screenshots exist, but whats the gist of it?


#25

nice :slight_smile: :ok_hand: :ok_hand:


#26

mopmans account was deleted? or did he just change his username and someone else took advantage of the name being available.


#27

Is everyone forgetting how we ended up in this position?

Travis knew exactly what he was doing when this community was sold. It was up to him to actually check who he was selling the forums to. Multiple members warned him that this would happen and now it is happening, he is suddenly on the side of the user. I can’t tell what’s worse. Staying at mscp and getting fucked without knowing, or staying here and getting fucked while being completely aware you’re getting fucked.

Selling out the community has never worked out. Not once can I recall it going well throughout the entire history of Runescape cheating. I’m sick of pretending that this is the correct place to be after years of forum neglect. This community meant a lot because it was here while I was growing up. I wouldn’t be in my field if it wasn’t for this scene. Now you’ve gone and screwed it up while claiming you’re not the cause.

I think I’m almost done with this place. A decade hanging around is starting to seem like long enough.


#28

Nope, was deleted.

There was no ‘post that got me deleted’ as far as I know.


#29

well thats pretty neat.


#30

Well isn’t this just fine and dandy?


#31

do i need to worry about my pc being infected with some bs from visiting the other forums?


#32

I think (don’t quote me) but they might be logging IP’s, location, OS etc. For sure it’s deffo possible to get “infected” if you’re running android but I don’t think the site has anything malicious running on it. Not yet anyway.

Just a though but since the owner is going to host a rsps (for profit), doesn’t that now give jagex rights to the site down?


#33

not likely with poor earning jagex really isn’t throwing its legal team much these days.


#34

what im getting out of this is virus dont dl and dr house basically did an aggressive take over and is silencing the most powerful staff members


#35

But this is the most fun ive had in ages


#36

I have a program that uses a rotating Tor cluster to flood servers (pretty much DDOS, not as effective as a booter though) that I’ll be releasing soon for ‘research’ purposes. Silabs RuneAgent works pretty well for this too but mine is engineered to be able to use SOCKS4A/5 proxies too (in round robin with Tor if you want too).


#37

Can confirm sini’s thing is a beast I’ve had it kill me internally several times with stress and then we got in a battle of epic proportions and he won and it literally almost made me as bald as lothy


#38

What a shit “introduction” post anyway…


#39

I fucking hate the character limit.
Hee hee hee


#40



But what if it’s randomly generated and I’m sitting on an IP block <___<

Le bot army