Sicheats (h4x0r) trainers now contain DRM but why?

[Joe Forster/STA]

(On a side note, Empire - unlike us, hackers - has a real life, so don't expect him to drop in and reply every hour... well, not even every day...)

[cocodrilo]

understand English but do not write to express myself properly, the only reason to write in Spanish.

Fear is a trainer of 3 with a Trojan, is the same but down from another page. I myself have fallen. that's the big problem down other sites with junk and then say we are.

say that there are no resources, I remember that they have not done anything with the law in their hands. cheathappens encourage you to take legal action, that we laugh all day long.

I am the first that this situation is sickening.

legally you can clarify things in these directions:

http://www.delitosinformaticos.com/1...cias/denuncias

everything else is said in forums, they are just guesses. clarify legally vote and the game ends quickly.

with the law in their hands, in Spanish:

Quote:

Por último, también está el artículo 12 de la Declaración Universal de Derechos
Humanos: “Nadie será objeto de injerencias arbitrarias en su vida privada, su familia, su domicilio o su correspondencia, ni de ataque a su honra o a su reputación.”

La doctrina del Tribunal Constitucional distingue respecto al derecho a la intimidad los siguientes puntos:
• El derecho fundamental a la intimidad reconocido por el art. 18.1 CE tiene por objeto garantizar al individuo un ámbito reservado de su vida, vinculado con el respeto de su dignidad como persona (art. 10.1 CE), frente a la acción y el conocimiento de los demás, sean éstos poderes públicos o simples particulares.
• El derecho a la intimidad atribuye a su titular el poder de resguardar ese ámbito reservado, no sólo personal sino también familiar (SSTC 231/1988, de 2 de diciembre, y 197/1991, de 17 de octubre), frente a la divulgación del mismo por terceros y una publicidad no deseada.

the only one who has committed and continues to commit criminal acts are the people of cheathappens publishing information (in your site) STOLEN AND STAFF. Come on guys, make a complaint because I have really wanted to meet you.


thanks.

Quote:

I simply added the malware note as it was just something odd that I noticed while looking at the authorization process.

the authorization process is only a HTTP PROTOCOL POST, user and password + key. key is information in your profile, encripted with Rijndael and base64 to prevent lost data. ¿more?

[TippeX]

So if i downloaded the fear 3 trainer from sicheats (as joe did), it would not contain the trojan... Correct?

[Joe Forster/STA]

@cocodrilo: I sent an E-mail to the address that you used to register on FileForums. (And, no, I don't read or write Spanish.)

I think cocodrilo is suggesting that there's a fake version of the trainer, that can be downloaded from fake sites acting as Sicheats, and this trainer does contain a trojan. Actually, I think I have two versions of the trainer, one downloaded from Sicheats, the other from GCW, and, no, they're not identical. Could the one on GCW be the fake with a trojan inside?! If so, Empire should check (even more) whether Sicheats' trainers have been really uploaded by Sicheats people or by someone else (possibly malicious fakes).

Quote:

Originally Posted by tazzoun

I was only stating an observation that I had made.

You continue to amaze me. What observation? This: It actively scans memory and HD for anything with the word "cheathappens" and then attaches a viral signature to it so those files no longer function.? So what does it search for: executables or files in general or directory names or what? What is this "cheathappens": general text anywhere in the file, copyright block in executables or what? What happens: a stub added to executables and the entry point redirected, "cheathappens" replaced with "fuck you" or what? Can you send me actual example files?! Or is this something that you've read somewhere - probably, a Cheathappens-friendly site - and fell for it without any suspicion?

I feel as if taking part in the following conversation:
Citizen: (panting) Constable, sir, John killed Fred!
Constable: Now cool down. Have you seen Fred?
- Yes. He was lying on the sofa.
- And was he breathing?
- I don't know.
- Then he could've been just sleeping. Have you seen the weapon?
- Yes, it was a knife.
- And where was it?
- In the kitchen.
- Well, obviously, there are knives in the kitchen. Have you seen John?
- No.
- Now, seriously, have you actually seen John kill Fred?!
- Errr, no.
- Then what the fuck are you talking about?! Let me take your hand, I'll escort you to a mental asylum.

So what the hell am I supposed to think about what you wrote?!

[AFKGun]

If anyone want to find out the h4x0r trainer's purpose would scan the program for outbound data, destination IP can be detected by 3rd party firewall like ZoneAlarm, and type of data can be capture by WireShark etc.

Seriously how much that i don't get what is going on? So far i only understand h4x0r and CH, one is accusing for code stealing. Seriously, a real hacker wouldn't give a fk for just one code. Unless one is fighting for their life's work.

[TippeX]

You getting a feeling of deja-vu joe?

[tazzoun]

Tippex and Joe: I downloaded the trainer from GCW, not from h4x0r's website. My guess is that after reading these posts, h4x0r removed the malware from the trainers posted on his own site. After the whole fake trainer thing, shouldn't Empire ALREADY only be accepting h4x0r trainers from h4xor himself? You can clearly see why it's pointless to waste time on this as h4x0r can easily control the files on his own website and files from anywhere else (even this site) could POSSIBLY be fake or tampered with.

This whole thing could probably easily be cleared up by a simple post by Empire. He can tell you where the trainer came from (if it DID come from h4x0r, then why does it no longer match the one on his website?) and if he knew about the DRM and if he supports it, etc.

[Joe Forster/STA]

Quote:

Originally Posted by AFKGun

destination IP can be detected by 3rd party firewall like ZoneAlarm

Just on a completely off-topic side note, using the free version of ZoneAlarm is one of the best ways to NOT defend your computer against attacks coming from the network. See http://www.matousec.com/projects/pro...ge/results.php for suggestions on which firewall to use.

Quote:

Originally Posted by tazzoun

After the whole fake trainer thing, shouldn't Empire ALREADY only be accepting h4x0r trainers from h4xor himself?

He is but there could still be "security holes" in him acting as a "human firewall". Although let me add: none of us - other than Empire and h4x0r themselves - knows how Empire checks this and it's just how it should be.

Quote:

Originally Posted by tazzoun

h4x0r can easily control the files on his own website and files from anywhere else (even this site) could POSSIBLY be fake or tampered with.

After how we defended him against Cheathappens, I can hardly believe that he personally would upload intentionally infected versions of his trainers to GCW. And, even if he did, it would become obvious within days, if not hours, that (almost) all Sicheats trainers on GCW are different from the originals and those on GCW (almost) all contain some kind of malware. I find this completely unrealistic!

Quote:

Originally Posted by tazzoun

This whole thing could probably easily be cleared up by a simple post by Empire.

Sure. And I already answered this, look above.

[cocodrilo]

Quote:

Could the one on GCW be the fake with a trojan inside?

No no, not in this site. one contains a valid key (already banned) user and password for direct use. in others sites.

this dll is a trainer published in sicheats, for the first templar game:

http://www.sendspace.com/file/w1e1vn

please search for stealt code, malicious code etc. is the only published online trainer with one hit kill option, which I can explain how it works and how to get to separate the player from enemies.

[Maxgrilo]

I think people are starting to lose focus on the real issue here. Malware or not, should GCW be hosting files that REQUIRE you to register at a third party site (which may or may not be harvesting your info or might at any time in the future) in order to simply use the file? It's my opinon that files hosted on this site should run independently of any outside program or authentication process. Just because these trainers may not collect or send any data now, that could easily be changed at any point down the road by h4x0r's team once the trainers were being readily accepted and posted on this site.

[AFKGun]

Off-topic Reply to Joe: Yes I see how it is not recommended but I tried it ZA like 5 years ago and it tracks every program's incoming/outgoing connections in detail, so is useful on that part. I don't really use 3rd party firewall for protection, Windows Firewall somewhat good enough for me.

EDIT: And to addon, h4x0r's trainer need NFO to boot, so modded tr with hex edit? Not quite possible with UPX compressing i think

EDIT2: BOOM! 4 more F3AR v16 trainers added to GCW DL page.

[Joe Forster/STA]

Quote:

Originally Posted by Maxgrilo

Just because these trainers may not collect or send any data now, that could easily be changed at any point down the road by h4x0r's team once the trainers were being readily accepted and posted on this site.

I already wrote that everything that is not caught by the virus scanner as obvious malware is "readily" accepted; it's always been so. If h4x0r - or anyone else, for that matter - wanted to distribute trainers - or any stuff that is on-topic on GCW, for that matter - infected with a trojan via GCW then he or she could've done that years ago. (Although Empire might have some aces up his sleeve for such tricks, I don't know.)

The situation is new and can't really decide whether I should support this kind of trainers. The final word is obviously Empire's but, if we start a discussion about it, then it may take a week or more: we, moderators, have no special "0-second" communication channel to him either!

Quote:

Originally Posted by TippeX

You getting a feeling of deja-vu joe?

I have to say, even if a bit reluctantly: yes. But, you see, I'm always open to constructive suggestions so it would be a stupid idea - also see "mindless censorship" - to reject certain ideas right away, I'm rather trying to understand what people are trying to say.

Quote:

Originally Posted by AFKGun

Off-topic Reply to Joe: Yes I see how it is not recommended but I tried it ZA like 5 years ago and it tracks every program's incoming/outgoing connections in detail, so is useful on that part.

Ohhh, don't worry, I myself have been using ZoneAlarm for years... until I found that page.

[cocodrilo]

Someone uploaded a trainer infected, this trainer IS NOT FROM SICHEATS. This creates a file in system32/adobe/update.exe with image icon, steals passwords from firefox etc.

please check the md5 file with the original from sicheats.

[Lerianis]

Quote:

Originally Posted by tazzoun

First of all, I have been downloading trainers from here for a long time. I am not some kind of cheathappens lover so please don't dismiss me as such like you do everyone else that says a negative word about h4x0r.

I just downloaded the FEAR 3 trainer by h4x0r from the GCW website. Apparently to use this FREE trainer I have to go to sicheats.com, create an account there, create a FACEBOOK account, download some kind of key and then always leave my internet connection on so the FREE trainer can authenticate itself. Say what? How exactly is this different than cheathappens again? The only reason a FREE trainer would need all this type of crap is so that the creator can harvest the information being collected and sell it off to advertisers, etc.

After looking further at this "authentication" process of h4x0r's trainer, I then learned that it also carries with it a malicious payload that stays resident in memory even after the trainer is done. It actively scans memory and HD for anything with the word "cheathappens" and then attaches a viral signature to it so those files no longer function. This can easily be reproduced and examined by anyone with a debugger or memory scanner using the files from GCW or h4x0rs website.

So, I must ask the obvious question -- why does GCW continue to entertain this stuff from h4x0r? Seriously, is he paying you guys to host this crap?

So now I have to jump through about 10 hoops plus give h4x0r my personal information just to use a FREE trainer that I downloaded from GCW. What's next you guys? Selling trainers like cheathappens?

Agreed.... I love the trainers from Sicheats.com, but this kind of stuff is getting on my bad side.... I had the gall (in his mind) to post about it and how it was very suspicious that he called for this (not to mention that some people don't have always on internet connections), and the bastard banned me for doing that!

I am beginning to think that Sicheats isn't the 'white knight' in this and that he might have just as black an armor as Cheathappens.

Log-ins are a dealbreaker for me in my opinion..... free or not, there is no reason to require that and it IS just another form of DRM.

Quote:

Originally Posted by Maxgrilo

I think people are starting to lose focus on the real issue here. Malware or not, should GCW be hosting files that REQUIRE you to register at a third party site (which may or may not be harvesting your info or might at any time in the future) in order to simply use the file? It's my opinon that files hosted on this site should run independently of any outside program or authentication process. Just because these trainers may not collect or send any data now, that could easily be changed at any point down the road by h4x0r's team once the trainers were being readily accepted and posted on this site.

THAT is what I am worried about as well..... I don't want something on my damned computer that needs a connection to the internet just to use the thing. I simply don't..... if there is a PURPOSE behind the internet connection like with a browser that REQUIRES it, that is fine..... trainers? Don't require it in the slightest.

[darkedone02]

Quote:

Originally Posted by Lerianis

Agreed.... I love the trainers from Sicheats.com, but this kind of stuff is getting on my bad side.... I had the gall (in his mind) to post about it and how it was very suspicious that he called for this (not to mention that some people don't have always on internet connections), and the bastard banned me for doing that!

I am beginning to think that Sicheats isn't the 'white knight' in this and that he might have just as black an armor as Cheathappens.

Log-ins are a dealbreaker for me in my opinion..... free or not, there is no reason to require that and it IS just another form of DRM.



THAT is what I am worried about as well..... I don't want something on my damned computer that needs a connection to the internet just to use the thing. I simply don't..... if there is a PURPOSE behind the internet connection like with a browser that REQUIRES it, that is fine..... trainers? Don't require it in the slightest.

I did that as well, i spoke up about it but h4x0r's banned me for it, which is stupid. This is DRM, I stand up against it because it's stupid, and h4x0r's have doomed himself.