Roblox Exploiting Quickstart Guide For Dummies
- So lets start of with the basic things you should be doing.
- 1. Have an Anti-Virus
- This should be pretty obvious but know that an Anti-Virus will not catch every malicous file. Why's this? There is this program called a crypter, which most people use to remove detections from anti-virus scans. A FUD(fully undetactable) crypter can make a malicious file fully un-detectable meaning it will come up clean on something like Virus Total.
- A good Anti-Malware and reccommended one is Norton. Yes, It does cost however It is very good at Scanning Files, Stopping File Breaches and blocks malicious Websites.
- 2. Pay attention to what the file you've just downloaded does
- If your Anti-Virus didn't pick anything up, and the file you've downloaded doesn't do anything upon execution or just stops responding, then the chances are it could have been malware. Some crypters(Or KL/RAT clients) also have a fake message feature. Example of this: https://gyazo.com/f0913fa4a8536045235694dd153b0be4
- 3. Use Malwr.com instead of Virus Total to analyse files
- Malwr.com goes into much more detail than Virus Total. On Virus Total all you get are the file details and the Anti-Virus detections that can always have false positives. On Malwr.com you get the details of everything the file being analysed does. If a file grabs your password list malwr will detect it, if a file has anti-VM malwr would likely detect it. Here is an example of a file analysis. Scroll down and see the signature section: https://malwr.com/analysis/NDI2MjEyZTUwM...Y5MGZlYTM/.
- 4. Never, and I mean never save your passwords to your browser
- This is more of a general tip, but when logging in or registering sometimes your browser will ask to remember your password. Never click remember password as most browsers like Chrome and Firefox don't encrypt them and can easily be grabbed by a malicous file you may run on your PC.
- 5. Use 2FA when possible
- Most websites nowadays have two-factor authentication. For some sites, like v3rmillion you require your phone in order to get into your account. So if someone has your password through any means including malware it'll make it much more difficult to log in and screw things up for you. If you haven't got it enabled on v3rmillion already, go to Settings -> 2 Factor Auth to enable it. http://prntscr.com/et6fot
- 6. Use a VM to test files
- If you can spare the PC power then I'd reccommend using a VM to test files. If a file gives you an error in a VM, never run it on your PC as that could be an error triggered by an anti-VM inside the file. I use VirtualBox, you can find many guides online but if you're still unsure you can PM me here or msg me on Discord: Radioactive#4470 and I'll help you out in setting one up.
- ROBLOX Auth Loggers
- Auth Loggers are programs that steal your ROBLOX auth ticket that can be use to get into your account. I won't go into much here as I've already made a thread regarding them last year here: https://v3rmillion.net/showthread.php?tid=139423
- Some useful programs and tools
- Process Hacker: http://processhacker.sourceforge.net/
- Process Hacker is a much better version of Task Manager that looks nicer, has more features and provides more details about a process. I've been using it for a while and using it I can quickly find processes that shouldn't be running.
- Malwarebytes: https://www.malwarebytes.com/
- Malwr: http://malwr.com
- And the last thing I'd like to mention, if you see a thread that's releasing malware, don't bump it. Instead report directly to a moderator so it can get dealt with as soon as possible.
- That's all for now, if you have anything that can be added to the thread, let me know below. If you have a file that you're not too sure about, you can always contact me on discord (Radioactive#4470) and I'll test the file on my spare desktop PC for you.
RAW Paste Data Copied