the crazynation-virus
-------------------------
some ppl emailed us, that the latest version of the intro-liberator had a virus
unfortuantely it does really LOOK like that - but the virus is not in the IL
it's in titaniks latest cracks
yes you hear right, titanik infected his patches and abused a security hole
in intro liberator but instead to just fuck
with us he is fucking all people using intro liberator by infecting and screwing up their
systems and this is unbelievable lame and irresponsible for someone who was (yes, he WAS)
a shining figure in the scene, now all i can say is that he must be one of the biggest
assholes i have encountered in the coding scene in years, he is a disgrace
first here is what actually this thing is all about anyways
one of his protections consist of a table with pairs of addresses and values
to decode the intro correct, a routine has to copy each value into the position
of the address-part of each pair
e.g [1,"FACE"],[0," BAD] produces " BADFACE" at position 0 in the decryption-buffer
since i'm a real lazy guy and honestly never thought about the possibillity to abuse
this patching, i didn't include a simple if-statement to ensure that the addresses
never point out of my decryption-buffer :(
that's a real bug and titanik's hole to hack into the IL
he included a table, which writes executable (PC) code into the buffer and then puts the address
of the buffer onto the stack (since he can't modify the code itsels)
when IL stops, execution automatically continues at the actual address on the stack and
that's - you've guessed it already - in the buffer with the code
this code saves an exe (called badface.exe) and executes it
then badface.exe extracts the Win95/Libertine-virus from the rom and saves it as c:\mylene.exe
i have to admit, that this was a nice move in our encryption/decryption-competition
but even there are plenty possibillities of using this bug he decided to spread a virus
it seems that the existence of the il has hit him very hard since he reacted that sick
and i can only repeat in my opinion this is FUCKING LAME
yes - he is the best cracker in the scene, but if you really understand or even support
his move then you must be an idiot
if he can't improve his protection he shouldn't piss on other ppl who are just curious to learn
something they don't know - it's not their fault and he is absolutely not the fucking right
to screw up the systems of other freaks
some smart ppl may think, that this story is not true
for those i included a programm (getvir.exe) which fetches the code out of the cracked
C&C-USA-rom (.v64), the source and the resulting getvir.dat + badface.exe
since badface.exe is packed with pklite, i also included the decompressed file (depacked.exe)
don't start badface.exe as long as you don't have a virus-protection running, which can intercept
the execution of the virus!
you may rename the rom to prevent the extraction of the virus and still see the msg about the
deletion of win.com
i hope not to much ppl sufferd from titaniks way of "punishment!?" - go and thank HIM
BADFACE - freedom 0f information
PS: DEADBABE RULEZ??? No way - first grow up!