[Warning] Day Z radar malicious

[suspense 210]

EDIT: Post has been reviewed and approved by moderators and admins, below is a copy of what the post contained when i posted it first.

This would normally go against everything i stand for, i would never ever speak of something that the moderators clearly state shouldnt be on this site, however, i feel like i need to make this post.

Adrian(the guy posting all the fuzz about matt.) posted the radar program 15 minutes ago on a cheating site. I know a bunch of admins already use this program on their servers.

This site requires manual moderation to inspect the files and make sure they are not malicious, the program was in fact malicious containing a trojan, i suggest every single admin that used this(even tho not allowed) to stop using it immidiatly.

If mods deem this thread against the rules, i wish you take in this information and make your own as a warning, this is a huge threat to people running servers, lots of info could be leaked.

NOTE: Please do not link to this program or anything "related" to it. If you dont know what this is, then dont mind this thread. For those that do, take the warning seriously.

Edited August 7, 2012 by Suspenselol

[Disgraced 1123]

Hackception.

[masterbrain 20]

Nice to know... THANK YOU FOR THE THREAD!

[SPESSMEHREN (DayZ) 16]

Why exactly is the program malicious?

Honestly the whole shitfest that went down when the guy posted that file is mind-boggling and absolutely hilarious.

[{SAS}DocStone 24]

Do we know if it is the same program that was originally released or has it been modified in any way? Has anyone compared MD5 Hash values? What program identified the virus? What was the virus' signature file? So many questions, and not one single answer.

[khalimerot 76]

It's like in the cheat section...

No proof , it didn't happen...

[NocturnalS1n 37]

This whole "warning" seems suspicious. You just happened to be browsing this cheat site? Not to mention further investigation I found the thread and the 2nd line you posted isn't even there. Oh also, coming fromt eh thread, the program linked isn't even the same size as the tool.

Plus, if you Google Day Z Radar, there is a hack tool by the same time that is different from the tool linked ont he forums. The tool is just a script parser. In fact the tool would probably be allowed if much of the features were removed, such as the map, tent, and vehicle placement. Its ability to show players using hacked weapons is quite interesting.

Either way, its far to easy to abuse with the features I stated, but hopefully someone can come up with a program that parse through the file just as easily and take from it only the non-abusable bits.

But as I said, after a lot of looking into this supposed threat, it seems more like a scare tactic. That deleted thread contained a COMPLETELY different set of files form the tool that was posted days ago.

So better to warn people that go out fo their way to get it, even more so since its abusable and disapproved.

[jonesyx@gmail.com 19]

Because people are being absolute morons about this and suspenselol is contributing his inane blather to other threads, here's the anti-virus scan for the most recent executable:

https://www.virustot...sis/1344427551/

It gets Win32 virus on two anti-viruses from China, one designed primarily for Latin America and one anti-malware program known for a history of high false positives. Note that it gets nothing from the major anti-virus makers.

edit: Here are the hashes and the exact file size since apparently somebody decided to release a hack with the exact same name or some shit.

SHA256: 9699aab346932c84e83eab8a23278f578fc1aac78af22b631f36e2020209ee44

SHA1: 5d739faf0a5b6790a02341679b6a5f26b65a9a7c

MD5: e2f1c15bbd2af2ce6be4d705e402cf43

File size: 6.2 MB ( 6534041 bytes )

File system activity
Opened files...
C:\9699aab346932c84e83eab8a23278f578fc1aac78af22b631f36e2020209ee44 (successful)
Read files...
C:\9699aab346932c84e83eab8a23278f578fc1aac78af22b631f36e2020209ee44 (successful)
Registry activity
Set keys...
KEY: HKEY_CURRENT_USER\SOFTWARE\PC SOFT\WinDev\12.0\APPLI\9699aab346932c84e83eab8a23278f578fc1aac78af22b631f36e2020209ee44\LAST_FRAMEWORK
TYPE: REG_SZ
VALUE: 120055n (successful)
Mutex activity
Created mutexes...
9699AAB346932C84E83EAB8A23278F578FC1AAC78AF22B631F36E2020209EE44 (successful)
Runtime DLLs
user32.dll (successful)
advapi32.dll (successful)
c:\wd120vm.dll (failed)
\wd120vm.dll (failed)
wd120vm.dll (failed)
msimg32.dll (successful)
comctl32.dll (successful)
gdi32.dll (successful)

By comparison I uploaded a random game trainer for The Witcher.

https://www.virustot...dfe08/analysis/

21/42, primarily because it modifies a program's memory.

Edited August 8, 2012 by Sodajones

[cm. (DayZ) 28]

hahahaahh this is so stupid.

I have the source code for the program, it's not malicious at all.

I could release "Arma2.exe" as a trojan on that site and it would get flagged, would you then go and make a thread telling everyone to uninstall arma 2 because it's malicious?

Hilarity all around, so many nubs on this forum.

[jonesyx@gmail.com 19]

hahahaahh this is so stupid.

I have the source code for the program, it's not malicious at all.

I could release "Arma2.exe" as a trojan on that site and it would get flagged, would you then go and make a thread telling everyone to uninstall arma 2 because it's malicious?

Hilarity all around, so many nubs on this forum.

Stuck in moron factory send help cm

[Delta Smoke 01 765]

Why exactly is the program malicious?

Honestly the whole shitfest that went down when the guy posted that file is mind-boggling and absolutely hilarious.

Would you still find it hilarious if the admin using it, went to your camp, took everything, stole all your vehicles and camped your last logout point to blow your brains out ?

[cm. (DayZ) 28]

Would you still find it hilarious if the admin using it, went to your camp, took everything, stole all your vehicles and camped your last logout point to blow your brains out ?

protip: an admin cbf waiting an indefinite amount of time for some random who may re-log in the same area... What if the player goes to a different server?

I think some people take DayZ far too seriously. All this lynch mob against admins is not healthy for people who fucking pay to keep servers up for FREE for other people.

Rather than having a go, why don't you realise that the current anti-cheat is not sufficient and using 3rd party tools can help in this area?

Edited August 8, 2012 by cm.

[{SAS}DocStone 24]

Would you still find it hilarious if the admin using it, went to your camp, took everything, stole all your vehicles and camped your last logout point to blow your brains out ?

Are you being serious there? We had procon tools for BC2, it showed where players were when they killed another player. Did admins use it to tell their fellow clan members where the enemy was? No, they used it to spot aimbotters doing one shot kills with a pistol or a shotgun from across the map time and time again. I am sick and tired of the abuse admins get when without them you wouldn't have a damn alpha with 1M players, and to see it coming from a DayZ Forum Team Member is even more of a slap in the face. Not all Admins run a server off their parent's credit cards, some actually pay for their own dedicated box, some actually spend more time maintaining the server than actually playing it, and some admins actually take their responsibilities seriously, perhaps you would like to remember that the next time you decide to paint us all with the same brush.

You want to be more concerned with the hackers that can flag up every tent and vehicle on the map, can teleport there in a second and then script kill everyone they find there. When Admins ban those players, that's when I laugh, and by god do I laugh heartily. Mind you, the leniency you show the hackers is what I really find hilarious, they are (in your eyes) the lesser of two evils, and seem to be less of a problem than "Rogue Admin".

Be careful how you treat your community, because remember, without us you have nothing.

[jonesyx@gmail.com 19]

Be careful how you treat your community, because remember, without us you have nothing.

Our illustrious DayZ Forum Team strikes again.

where did you find these people, a hospital for the mentally infirm?

[suspense 210]

Because people are being absolute morons about this and suspenselol is contributing his inane blather to other threads, here's the anti-virus scan for the most recent executable:

https://www.virustot...sis/1344427551/

It gets Win32 virus on two anti-viruses from China, one designed primarily for Latin America and one anti-malware program known for a history of high false positives. Note that it gets nothing from the major anti-virus makers.

edit: Here are the hashes and the exact file size since apparently somebody decided to release a hack with the exact same name or some shit.

SHA256: 9699aab346932c84e83eab8a23278f578fc1aac78af22b631f36e2020209ee44

SHA1: 5d739faf0a5b6790a02341679b6a5f26b65a9a7c

MD5: e2f1c15bbd2af2ce6be4d705e402cf43

File size: 6.2 MB ( 6534041 bytes )

File system activity
Opened files...
C:\9699aab346932c84e83eab8a23278f578fc1aac78af22b631f36e2020209ee44 (successful)
Read files...
C:\9699aab346932c84e83eab8a23278f578fc1aac78af22b631f36e2020209ee44 (successful)
Registry activity
Set keys...
KEY: HKEY_CURRENT_USER\SOFTWARE\PC SOFT\WinDev\12.0\APPLI\9699aab346932c84e83eab8a23278f578fc1aac78af22b631f36e2020209ee44\LAST_FRAMEWORK
TYPE: REG_SZ
VALUE: 120055n (successful)
Mutex activity
Created mutexes...
9699AAB346932C84E83EAB8A23278F578FC1AAC78AF22B631F36E2020209EE44 (successful)
Runtime DLLs
user32.dll (successful)
advapi32.dll (successful)
c:\wd120vm.dll (failed)
\wd120vm.dll (failed)
wd120vm.dll (failed)
msimg32.dll (successful)
comctl32.dll (successful)
gdi32.dll (successful)

By comparison I uploaded a random game trainer for The Witcher.

https://www.virustot...dfe08/analysis/

21/42, primarily because it modifies a program's memory.

A virustotal of the release? Thats one hell of a good job you did there, except, i think you forgot virustotal is of absolutely no use when the program creates out and ingoing connections AFTER opening it. Prove it with code, and i will believe you. Until you do, you have no understanding of this, and that is clear(mind you, this is not an offense towards you, a lot of people trust virustotal with their life, if you have no technical understanding of this, you are just one more guy spewing random nonsense)

On top of that, this release you posted info from, is 4.3mb smaller then the compromised release, he could have modified it after he was banned, i havent checked the newest release yet.

[SPESSMEHREN (DayZ) 16]

Would you still find it hilarious if the admin using it, went to your camp, took everything, stole all your vehicles and camped your last logout point to blow your brains out ?

Are you fucking kidding me? What is there to steal? Our vehicles are stolen every fucking day by hackers. EVERY FUCKING DAY. And these guys just get a maphack of their own and know exactly where the vehicles are.

Your post is exactly what is wrong with the dev team. Yes, there are some shitty admins out there who probably would abuse this tool. But if that's the case, THEY SHOULD NOT HAVE A DAYZ SERVER in the first place. YOUR dev team is responsible for ensuring that responsible people operate DayZ servers. If you have cheaters who would abuse said scripts operating dayZ servers, that is a failure on behalf of THE DEV TEAM.

I operate a DayZ server, and I WILL be using this tool. And I sincerenly hope you're just a forum mod and have no say in the development of this mod, because if this mod is being developed with the "oh wait server admins might use this to cheat, can't let them read the logs or restart the server!" mindset, i might go and download some scripts because there's no way any admin can ever ban anyone for anything.

Edited August 11, 2012 by SPESSMEHREN

[Guz (DayZ) 16]

Are you fucking kidding me? What is there to steal? Our vehicles are stolen every fucking day by hackers. EVERY FUCKING DAY. And these guys just get a maphack of their own and know exactly where the vehicles are.

Your post is exactly what is wrong with the dev team. Yes, there are some shitty admins out there who probably would abuse this tool. But if that's the case, THEY SHOULD NOT HAVE A DAYZ SERVER in the first place. YOUR dev team is responsible for ensuring that responsible people operate DayZ servers. If you have cheaters who would abuse said scripts operating dayZ servers, that is a failure on behalf of THE DEV TEAM.

I operate a DayZ server, and I WILL be using this tool. And I sincerenly hope you're just a forum mod and have no say in the development of this mod, because if this mod is being developed with the "oh wait server admins might use this to cheat, can't let them read the logs or restart the server!" mindset, i might go and download some scripts because there's no way any admin can ever ban anyone for anything.

You got a point and they need to improve their security.

But if you hack then you are the same as all the hackers.

I got killed so many times by hackers and i still play this.

Why?

Because its addicted.

If you hate it then go ahead and hack and i hope that battleye improved their security and bans you.

[OrLoK 16182]

Hello there

if the devs of radar made the program open source then we as a community could check and compile the code in the knowledge that everything is fine and dandy.

Rgds

LoK

[SPESSMEHREN (DayZ) 16]

You got a point and they need to improve their security.

But if you hack then you are the same as all the hackers.

I got killed so many times by hackers and i still play this.

Why?

Because its addicted.

If you hate it then go ahead and hack and i hope that battleye improved their security and bans you.

BattlEye will never improve its security, and if I use a BattlEye bypass, I'm as good as invisible.

I actually enjoy playing ARMA II, so I'd never risk my CD key and use hacks. The reason there are so many hackers out there is because people bought ARMA II and Combined Ops just to play DayZ and got bored of it for one reason or another (its too hard, too unforgiving, not Call of Duty, too many bugs, hackers, etc), tried regular ARMA II and didn't like it, so they downloaded hacks to have "fun" in DayZ since it doesn't matter to them if they get globally banned.

[oyci3c 2]

Would you still find it hilarious if the admin using it, went to your camp, took everything, stole all your vehicles and camped your last logout point to blow your brains out ?

U serious or just trolling? Christ...

[zyfer.nyholm@gmail.com 131]

@Delta-Smoke

:Forum wont quote:

tbh a tool like this could be soooooo handy and fix most of the admin problems we have, we suspect we have atleast one little cheater on our server who plays there regulary, he doesnt script kill or do obvious hacking but let me tell you this, no matter where we camp, no matter where, it gets found, all our stuff gone, we even caught them running to our camp, they were straight in our camp, we moved it 2 hours ago maybe and BAM, they were in the same bushy forrest like us and hell broke lose, we killed them all and they left and we moved, 1 day after the move our camp was found again, most of our shit is spread out 3km from eachother and everything gets found in the same timespan, if one car is missing 3km from some of our other shit, that shit would be found.

we had the chopper and i dont land that shit on hills, i land it in forests in small tree clearings that arent marked on the map, that gets found aswell, its truly amazing, and these guys are online from the evening to late morning EU time, we havent banned them as we have no proof of hacking, one of them even spawned in at one of our old camps, and just as one of our dude's was there getting our stuff from the tents, someone logs in almost next to him and my mate dies.

We dont run our server like other admins, we need proof they are hacking even though we are convinced and have a feeling that they do hack, if they dont, they have issues.

Edited August 12, 2012 by Zyfer

[Adrien (DayZ) 30]

Since the app is "unsupported", I can't link to my website with the whole source code + source code of the main 2 buttons released, that would prove that I didn't add anything malicious at all.

I love the irony of using a hacker forum to get arguments against an anti-hacker tool.

Brilliant, pure genius.

Thread is nowhere to be found.

Anyway, I did almost everything with the tool (even added Lingor map, under test) and I stopped developing it.

Also, considering the .5 update, people already uncommented the commented lines and they got the logs back. "rocket"science, if you ask me.

Since I'll probably get banned again for some obscure reason, I also will give a bigger gift for the whole DayZ community. :)