API tools faq
paste
Advertisement
Guest User

craw

a guest
Jan 4th, 2020
858
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 16.84 KB | None | 0 0
raw download clone embed print report diff
  1. using System;
  2. using System.Diagnostics;
  3. using System.IO;
  4. using System.IO.Pipes;
  5. using System.Net;
  6. using System.Runtime.InteropServices;
  7. using System.Text;
  8. using System.Windows.Forms;
  9.  
  10. namespace WeAreDevs_API
  11. {
  12. // Token: 0x02000002 RID: 2
  13. public class ExploitAPI
  14. {
  15. // Token: 0x06000001 RID: 1
  16. [DllImport("kernel32.dll", CharSet = CharSet.Auto, SetLastError = true)]
  17. [return: MarshalAs(UnmanagedType.Bool)]
  18. private static extern bool WaitNamedPipe(string name, int timeout);
  19.  
  20. // Token: 0x06000002 RID: 2 RVA: 0x00002050 File Offset: 0x00000250
  21. public static bool NamedPipeExist(string pipeName)
  22. {
  23. bool result;
  24. try
  25. {
  26. int timeout = 0;
  27. if (!ExploitAPI.WaitNamedPipe(Path.GetFullPath(string.Format("\\\\.\\pipe\\{0}", pipeName)), timeout))
  28. {
  29. int lastWin32Error = Marshal.GetLastWin32Error();
  30. if (lastWin32Error == 0)
  31. {
  32. result = false;
  33. return result;
  34. }
  35. if (lastWin32Error == 2)
  36. {
  37. result = false;
  38. return result;
  39. }
  40. }
  41. result = true;
  42. }
  43. catch (Exception)
  44. {
  45. result = false;
  46. }
  47. return result;
  48. }
  49.  
  50. // Token: 0x06000003 RID: 3 RVA: 0x000020A8 File Offset: 0x000002A8
  51. private void SMTP(string pipe, string input)
  52. {
  53. if (ExploitAPI.NamedPipeExist(pipe))
  54. {
  55. try
  56. {
  57. using (NamedPipeClientStream namedPipeClientStream = new NamedPipeClientStream(".", pipe, PipeDirection.Out))
  58. {
  59. namedPipeClientStream.Connect();
  60. using (StreamWriter streamWriter = new StreamWriter(namedPipeClientStream))
  61. {
  62. streamWriter.Write(input);
  63. streamWriter.Dispose();
  64. }
  65. namedPipeClientStream.Dispose();
  66. }
  67. return;
  68. }
  69. catch (IOException)
  70. {
  71. MessageBox.Show("Error occured sending message to the game!", "Connection Failed!", MessageBoxButtons.OK, MessageBoxIcon.Hand);
  72. return;
  73. }
  74. catch (Exception arg_65_0)
  75. {
  76. MessageBox.Show(arg_65_0.Message.ToString());
  77. return;
  78. }
  79. }
  80. MessageBox.Show("Error occured. Did the dll properly inject?", "Oops", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
  81. }
  82.  
  83. // Token: 0x06000004 RID: 4 RVA: 0x00002174 File Offset: 0x00000374
  84. private string ReadURL(string url)
  85. {
  86. return this.client.DownloadString(url);
  87. }
  88.  
  89. // Token: 0x06000005 RID: 5 RVA: 0x00002184 File Offset: 0x00000384
  90. private string GetLatestData()
  91. {
  92. string text = this.ReadURL("https://cdn.wearedevs.net/software/exploitapi/latestdata.txt");
  93. if (text.Length > 0)
  94. {
  95. return text;
  96. }
  97. string text2 = this.ReadURL("https://pastebin.com/raw/Ly9mJwH7");
  98. if (text2.Length > 0)
  99. {
  100. return text2;
  101. }
  102. return "";
  103. }
  104.  
  105. // Token: 0x06000006 RID: 6 RVA: 0x000021C4 File Offset: 0x000003C4
  106. public bool IsUpdated()
  107. {
  108. bool result = false;
  109. string latestData = this.GetLatestData();
  110. if (latestData.Length > 0)
  111. {
  112. result = Convert.ToBoolean(latestData.Split(new char[]
  113. {
  114. ' '
  115. })[0]);
  116. }
  117. else
  118. {
  119. MessageBox.Show("Could not check for the latest version. Did your fireall block us?", "Error");
  120. }
  121. return result;
  122. }
  123.  
  124. // Token: 0x06000007 RID: 7 RVA: 0x00002210 File Offset: 0x00000410
  125. private bool DownloadLatestVersion()
  126. {
  127. if (File.Exists("exploit-main.dll"))
  128. {
  129. File.Delete("exploit-main.dll");
  130. }
  131. string latestData = this.GetLatestData();
  132. if (latestData.Length > 0)
  133. {
  134. this.client.DownloadFile(latestData.Split(new char[]
  135. {
  136. ' '
  137. })[1], "exploit-main.dll");
  138. }
  139. return File.Exists("exploit-main.dll");
  140. }
  141.  
  142. // Token: 0x06000008 RID: 8 RVA: 0x00002275 File Offset: 0x00000475
  143. public bool isAPIAttached()
  144. {
  145. return ExploitAPI.NamedPipeExist(this.cmdpipe);
  146. }
  147.  
  148. // Token: 0x06000009 RID: 9 RVA: 0x00002288 File Offset: 0x00000488
  149. public bool LaunchExploit()
  150. {
  151. if (ExploitAPI.NamedPipeExist(this.cmdpipe))
  152. {
  153. MessageBox.Show("Dll already injected", "No problems");
  154. }
  155. else if (this.IsUpdated())
  156. {
  157. if (this.DownloadLatestVersion())
  158. {
  159. if (this.injector.InjectDLL())
  160. {
  161. return true;
  162. }
  163. MessageBox.Show("DLL failed to inject", "Error");
  164. }
  165. else
  166. {
  167. MessageBox.Show("Could not download the latest version! Did your firewall block us?", "Error");
  168. }
  169. }
  170. else
  171. {
  172. MessageBox.Show("Exploit is currently patched... Please wait for the developers to fix it! Meanwhile, check wearedevs.net for updates/info.", "Error");
  173. }
  174. return false;
  175. }
  176.  
  177. // Token: 0x0600000A RID: 10 RVA: 0x00002308 File Offset: 0x00000508
  178. public void SendCommand(string Command)
  179. {
  180. this.SMTP(this.cmdpipe, Command);
  181. }
  182.  
  183. // Token: 0x0600000B RID: 11 RVA: 0x00002317 File Offset: 0x00000517
  184. [Obsolete("SendScript is deprecated, please use SendLuaCScript instead.")]
  185. public void SendScript(string script)
  186. {
  187. this.SendLuaCScript(script);
  188. }
  189.  
  190. // Token: 0x0600000C RID: 12 RVA: 0x00002320 File Offset: 0x00000520
  191. public void SendLuaCScript(string Script)
  192. {
  193. string[] array = Script.Split("\r\n".ToCharArray());
  194. for (int i = 0; i < array.Length; i++)
  195. {
  196. string input = array[i];
  197. try
  198. {
  199. this.SMTP(this.luacpipe, input);
  200. }
  201. catch (Exception arg_28_0)
  202. {
  203. MessageBox.Show(arg_28_0.Message.ToString());
  204. }
  205. }
  206. }
  207.  
  208. // Token: 0x0600000D RID: 13 RVA: 0x00002384 File Offset: 0x00000584
  209. [Obsolete("SendLimitedLuaScript is deprecated, please use SendLuaScript instead.")]
  210. public void SendLimitedLuaScript(string script)
  211. {
  212. this.SendLuaScript(script);
  213. }
  214.  
  215. // Token: 0x0600000E RID: 14 RVA: 0x0000238D File Offset: 0x0000058D
  216. public void SendLuaScript(string Script)
  217. {
  218. this.SMTP(this.luapipe, Script);
  219. }
  220.  
  221. // Token: 0x0600000F RID: 15 RVA: 0x0000239C File Offset: 0x0000059C
  222. public void LuaC_getglobal(string service)
  223. {
  224. this.SendScript("getglobal " + service);
  225. }
  226.  
  227. // Token: 0x06000010 RID: 16 RVA: 0x000023AF File Offset: 0x000005AF
  228. public void LuaC_getfield(int index, string instance)
  229. {
  230. this.SendScript(string.Concat(new object[]
  231. {
  232. "getglobal ",
  233. index,
  234. " ",
  235. instance
  236. }));
  237. }
  238.  
  239. // Token: 0x06000011 RID: 17 RVA: 0x000023DF File Offset: 0x000005DF
  240. public void LuaC_setfield(int index, string property)
  241. {
  242. this.SendScript(string.Concat(new object[]
  243. {
  244. "setfield ",
  245. index,
  246. " ",
  247. property
  248. }));
  249. }
  250.  
  251. // Token: 0x06000012 RID: 18 RVA: 0x0000240F File Offset: 0x0000060F
  252. public void LuaC_pushvalue(int index)
  253. {
  254. this.SendScript("pushvalue " + index);
  255. }
  256.  
  257. // Token: 0x06000013 RID: 19 RVA: 0x00002427 File Offset: 0x00000627
  258. public void LuaC_pushstring(string text)
  259. {
  260. this.SendScript("pushstring " + text);
  261. }
  262.  
  263. // Token: 0x06000014 RID: 20 RVA: 0x0000243A File Offset: 0x0000063A
  264. public void LuaC_pushnumber(int number)
  265. {
  266. this.SendScript("pushnumber " + number);
  267. }
  268.  
  269. // Token: 0x06000015 RID: 21 RVA: 0x00002454 File Offset: 0x00000654
  270. public void LuaC_pcall(int numberOfArguments, int numberOfResults, int ErrorFunction)
  271. {
  272. this.SendScript(string.Concat(new object[]
  273. {
  274. "pushnumber ",
  275. numberOfArguments,
  276. " ",
  277. numberOfResults,
  278. " ",
  279. ErrorFunction
  280. }));
  281. }
  282.  
  283. // Token: 0x06000016 RID: 22 RVA: 0x000024A5 File Offset: 0x000006A5
  284. public void LuaC_settop(int index)
  285. {
  286. this.SendScript("settop " + index);
  287. }
  288.  
  289. // Token: 0x06000017 RID: 23 RVA: 0x000024BD File Offset: 0x000006BD
  290. public void LuaC_pushboolean(string value = "false")
  291. {
  292. this.SendScript("pushboolean " + value);
  293. }
  294.  
  295. // Token: 0x06000018 RID: 24 RVA: 0x000024D0 File Offset: 0x000006D0
  296. public void LuaC_gettop()
  297. {
  298. this.SendScript("gettop");
  299. }
  300.  
  301. // Token: 0x06000019 RID: 25 RVA: 0x000024DD File Offset: 0x000006DD
  302. public void LuaC_pushnil()
  303. {
  304. this.SendScript("pushnil");
  305. }
  306.  
  307. // Token: 0x0600001A RID: 26 RVA: 0x000024EA File Offset: 0x000006EA
  308. public void LuaC_next(int index)
  309. {
  310. this.SendScript("next");
  311. }
  312.  
  313. // Token: 0x0600001B RID: 27 RVA: 0x000024F7 File Offset: 0x000006F7
  314. public void LuaC_pop(int quantity)
  315. {
  316. this.SendScript("pop " + quantity);
  317. }
  318.  
  319. // Token: 0x0600001C RID: 28 RVA: 0x0000250F File Offset: 0x0000070F
  320. public void DoBTools(string username = "me")
  321. {
  322. this.SendCommand("btools " + username);
  323. }
  324.  
  325. // Token: 0x0600001D RID: 29 RVA: 0x00002522 File Offset: 0x00000722
  326. public void DoKill(string username = "me")
  327. {
  328. this.SendCommand("kill " + username);
  329. }
  330.  
  331. // Token: 0x0600001E RID: 30 RVA: 0x00002535 File Offset: 0x00000735
  332. public void CreateForceField(string username = "me")
  333. {
  334. this.SendCommand("ff " + username);
  335. }
  336.  
  337. // Token: 0x0600001F RID: 31 RVA: 0x00002548 File Offset: 0x00000748
  338. public void RemoveForceField(string username = "me")
  339. {
  340. this.SendCommand("noff " + username);
  341. }
  342.  
  343. // Token: 0x06000020 RID: 32 RVA: 0x0000255B File Offset: 0x0000075B
  344. public void DoFloat(string username = "me")
  345. {
  346. this.SendCommand("float " + username);
  347. }
  348.  
  349. // Token: 0x06000021 RID: 33 RVA: 0x0000256E File Offset: 0x0000076E
  350. public void DoNoFloat(string username = "me")
  351. {
  352. this.SendCommand("nofloat " + username);
  353. }
  354.  
  355. // Token: 0x06000022 RID: 34 RVA: 0x00002581 File Offset: 0x00000781
  356. public void RemoveLimbs(string username = "me")
  357. {
  358. this.SendCommand("nolimbs " + username);
  359. }
  360.  
  361. // Token: 0x06000023 RID: 35 RVA: 0x00002594 File Offset: 0x00000794
  362. public void RemoveArms(string username = "me")
  363. {
  364. this.SendCommand("noarms " + username);
  365. }
  366.  
  367. // Token: 0x06000024 RID: 36 RVA: 0x000025A7 File Offset: 0x000007A7
  368. public void RemoveLegs(string username = "me")
  369. {
  370. this.SendCommand("nolegs " + username);
  371. }
  372.  
  373. // Token: 0x06000025 RID: 37 RVA: 0x000025BA File Offset: 0x000007BA
  374. public void AddFire(string username = "me")
  375. {
  376. this.SendCommand("fire " + username);
  377. }
  378.  
  379. // Token: 0x06000026 RID: 38 RVA: 0x000025CD File Offset: 0x000007CD
  380. public void RemoveFire(string username = "me")
  381. {
  382. this.SendCommand("nofire " + username);
  383. }
  384.  
  385. // Token: 0x06000027 RID: 39 RVA: 0x000025E0 File Offset: 0x000007E0
  386. public void AddSparkles(string username = "me")
  387. {
  388. this.SendCommand("sparkles " + username);
  389. }
  390.  
  391. // Token: 0x06000028 RID: 40 RVA: 0x000025F3 File Offset: 0x000007F3
  392. public void RemoveSparkles(string username = "me")
  393. {
  394. this.SendCommand("nosparkles " + username);
  395. }
  396.  
  397. // Token: 0x06000029 RID: 41 RVA: 0x00002606 File Offset: 0x00000806
  398. public void AddSmoke(string username = "me")
  399. {
  400. this.SendCommand("smoke " + username);
  401. }
  402.  
  403. // Token: 0x0600002A RID: 42 RVA: 0x00002619 File Offset: 0x00000819
  404. public void DoBlockHead(string username = "me")
  405. {
  406. this.SendCommand("blockhead " + username);
  407. }
  408.  
  409. // Token: 0x0600002B RID: 43 RVA: 0x0000262C File Offset: 0x0000082C
  410. public void ForceBubbleChat(string username = "me", string text = "WeAreDevs Website")
  411. {
  412. this.SendCommand("chat " + username + " " + text);
  413. }
  414.  
  415. // Token: 0x0600002C RID: 44 RVA: 0x00002645 File Offset: 0x00000845
  416. public void ConsolePrint(string text = "WeAreDevs Website")
  417. {
  418. this.SendCommand("print " + text);
  419. }
  420.  
  421. // Token: 0x0600002D RID: 45 RVA: 0x00002658 File Offset: 0x00000858
  422. public void ConsoleWarn(string text = "meWeAreDevs Website")
  423. {
  424. this.SendCommand("warn " + text);
  425. }
  426.  
  427. // Token: 0x0600002E RID: 46 RVA: 0x0000266B File Offset: 0x0000086B
  428. public void SetWalkSpeed(string username = "me", int value = 100)
  429. {
  430. this.SendCommand("speed " + username + " " + value.ToString());
  431. }
  432.  
  433. // Token: 0x0600002F RID: 47 RVA: 0x0000268A File Offset: 0x0000088A
  434. public void ToggleClickTeleport()
  435. {
  436. this.SendCommand("toggleclickteleport");
  437. }
  438.  
  439. // Token: 0x06000030 RID: 48 RVA: 0x00002697 File Offset: 0x00000897
  440. public void SetFogEnd(int value = 0)
  441. {
  442. this.SendCommand("fogend " + value);
  443. }
  444.  
  445. // Token: 0x06000031 RID: 49 RVA: 0x000026AF File Offset: 0x000008AF
  446. public void SetJumpPower(int value = 100)
  447. {
  448. this.SendCommand("jumppower " + value);
  449. }
  450.  
  451. // Token: 0x06000032 RID: 50 RVA: 0x000026C7 File Offset: 0x000008C7
  452. public void TeleportMyCharacterTo(string target_username = "me")
  453. {
  454. this.SendCommand("teleport " + target_username);
  455. }
  456.  
  457. // Token: 0x06000033 RID: 51 RVA: 0x000026DA File Offset: 0x000008DA
  458. public void PlaySoundInGame(string assetid = "1071384374")
  459. {
  460. this.SendCommand("music " + assetid);
  461. }
  462.  
  463. // Token: 0x06000034 RID: 52 RVA: 0x000026ED File Offset: 0x000008ED
  464. public void SetSkyboxImage(string assetid = "2143522")
  465. {
  466. this.SendCommand("skybox " + assetid);
  467. }
  468.  
  469. // Token: 0x04000001 RID: 1
  470. private WebClient client = new WebClient();
  471.  
  472. // Token: 0x04000002 RID: 2
  473. private ExploitAPI.BasicInject injector = new ExploitAPI.BasicInject();
  474.  
  475. // Token: 0x04000003 RID: 3
  476. private string cmdpipe = "WeAreDevsPublicAPI_CMD";
  477.  
  478. // Token: 0x04000004 RID: 4
  479. private string luacpipe = "WeAreDevsPublicAPI_LuaC";
  480.  
  481. // Token: 0x04000005 RID: 5
  482. private string luapipe = "WeAreDevsPublicAPI_Lua";
  483.  
  484. // Token: 0x02000003 RID: 3
  485. private class BasicInject
  486. {
  487. // Token: 0x06000036 RID: 54
  488. [DllImport("kernel32", CharSet = CharSet.Ansi, SetLastError = true)]
  489. internal static extern IntPtr LoadLibraryA(string lpFileName);
  490.  
  491. // Token: 0x06000037 RID: 55
  492. [DllImport("kernel32", CharSet = CharSet.Ansi, ExactSpelling = true, SetLastError = true)]
  493. internal static extern UIntPtr GetProcAddress(IntPtr hModule, string procName);
  494.  
  495. // Token: 0x06000038 RID: 56
  496. [DllImport("kernel32.dll", SetLastError = true)]
  497. [return: MarshalAs(UnmanagedType.Bool)]
  498. internal static extern bool FreeLibrary(IntPtr hModule);
  499.  
  500. // Token: 0x06000039 RID: 57
  501. [DllImport("kernel32.dll")]
  502. internal static extern IntPtr OpenProcess(ExploitAPI.BasicInject.ProcessAccess dwDesiredAccess, [MarshalAs(UnmanagedType.Bool)] bool bInheritHandle, int dwProcessId);
  503.  
  504. // Token: 0x0600003A RID: 58
  505. [DllImport("kernel32.dll", ExactSpelling = true, SetLastError = true)]
  506. internal static extern IntPtr VirtualAllocEx(IntPtr hProcess, IntPtr lpAddress, uint dwSize, uint flAllocationType, uint flProtect);
  507.  
  508. // Token: 0x0600003B RID: 59
  509. [DllImport("kernel32.dll", SetLastError = true)]
  510. internal static extern bool WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] lpBuffer, uint nSize, out UIntPtr lpNumberOfBytesWritten);
  511.  
  512. // Token: 0x0600003C RID: 60
  513. [DllImport("kernel32.dll")]
  514. internal static extern IntPtr CreateRemoteThread(IntPtr hProcess, IntPtr lpThreadAttributes, uint dwStackSize, UIntPtr lpStartAddress, IntPtr lpParameter, uint dwCreationFlags, out IntPtr lpThreadId);
  515.  
  516. // Token: 0x0600003D RID: 61
  517. [DllImport("kernel32.dll", SetLastError = true)]
  518. internal static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [Out] byte[] lpBuffer, int dwSize, out int lpNumberOfBytesRead);
  519.  
  520. // Token: 0x0600003E RID: 62 RVA: 0x00002740 File Offset: 0x00000940
  521. public bool InjectDLL()
  522. {
  523. if (Process.GetProcessesByName("RobloxPlayerBeta").Length == 0)
  524. {
  525. return false;
  526. }
  527. Process process = Process.GetProcessesByName("RobloxPlayerBeta")[0];
  528. byte[] bytes = new ASCIIEncoding().GetBytes(AppDomain.CurrentDomain.BaseDirectory + "exploit-main.dll");
  529. IntPtr expr_46 = ExploitAPI.BasicInject.LoadLibraryA("kernel32.dll");
  530. UIntPtr procAddress = ExploitAPI.BasicInject.GetProcAddress(expr_46, "LoadLibraryA");
  531. ExploitAPI.BasicInject.FreeLibrary(expr_46);
  532. if (procAddress == UIntPtr.Zero)
  533. {
  534. return false;
  535. }
  536. IntPtr intPtr = ExploitAPI.BasicInject.OpenProcess(ExploitAPI.BasicInject.ProcessAccess.AllAccess, false, process.Id);
  537. if (intPtr == IntPtr.Zero)
  538. {
  539. return false;
  540. }
  541. IntPtr intPtr2 = ExploitAPI.BasicInject.VirtualAllocEx(intPtr, (IntPtr)0, (uint)bytes.Length, 12288u, 4u);
  542. UIntPtr uIntPtr;
  543. IntPtr intPtr3;
  544. return !(intPtr2 == IntPtr.Zero) && ExploitAPI.BasicInject.WriteProcessMemory(intPtr, intPtr2, bytes, (uint)bytes.Length, out uIntPtr) && !(ExploitAPI.BasicInject.CreateRemoteThread(intPtr, (IntPtr)0, 0u, procAddress, intPtr2, 0u, out intPtr3) == IntPtr.Zero);
  545. }
  546.  
  547. // Token: 0x02000004 RID: 4
  548. [Flags]
  549. public enum ProcessAccess
  550. {
  551. // Token: 0x04000007 RID: 7
  552. AllAccess = 1050235,
  553. // Token: 0x04000008 RID: 8
  554. CreateThread = 2,
  555. // Token: 0x04000009 RID: 9
  556. DuplicateHandle = 64,
  557. // Token: 0x0400000A RID: 10
  558. QueryInformation = 1024,
  559. // Token: 0x0400000B RID: 11
  560. SetInformation = 512,
  561. // Token: 0x0400000C RID: 12
  562. Terminate = 1,
  563. // Token: 0x0400000D RID: 13
  564. VMOperation = 8,
  565. // Token: 0x0400000E RID: 14
  566. VMRead = 16,
  567. // Token: 0x0400000F RID: 15
  568. VMWrite = 32,
  569. // Token: 0x04000010 RID: 16
  570. Synchronize = 1048576
  571. }
  572. }
  573. }
  574. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!