View Full Version : PackerBreaker - Yet another universal unpacker tool
niucool
October 22nd, 2012, 23:41
PackerBreaker is yet another universal unpacker tool to help you to unpack, decompress and decrypt most of the programs packed, compressed or encrypted with the very well knowns software protection programs like UPX, ASPack, FSG, ACProtect, etc.
PackerBreaker uses advanced emulation technology to unpack packed programs.
2666
PackerBreaker could support following packers:
UPX
NSPACK
eXpressor
FSG
telock
ReCrypt
Orien
Aspack
telock
ReCrypt
AcProtect
MEW
Molebox
mpress
EXE STEALTH
VPacker
yoda’s cryptor 1.2
WinUpack 0.39 final
PECompact
PETITE 2.2
Morphnah Beta
…
PackerBreaker also includes a PE signature detector based on the PEiD Signatures Database.
PackerBreaker could be downloaded from http://www.sysreveal.com/category/packerbreaker/
Indy
October 23rd, 2012, 11:21
SHDE result(tracer"
.
2667
2668
niucool
October 23rd, 2012, 12:04
What is this? A trace log of SysTracer? PackerBreaker never drops a driver.
blabberer
October 23rd, 2012, 12:17
though packer breaker doesn't seem to drop a driver
it suspicioulsy creates an exe when analysing it self
also it seems to hate process monitors because
on top of some boring custom packer it uses themida professional it seems
from oreans (an your packer breaker cant identify what you packed it with
to be frank a free exe/app that looks fishy on first sight
and would need a a lot of verification/debugging
before one can actually try to use it
takes the joy out of it
Code:
:
: %s------------------------------------------------
: --- Themida Professional ---
: --- (c)2010 Oreans Technologies ---
: ------------------------------------------------
:
:
Log data
Address Message
Window 002102b2
Name Themida
Class #32770
WndProc 00000000
Style WS_SYSMENU WS_DLGFRAME WS_BORDER WS_CLIPSIBLINGS WS_VISIBLE WS_POPUP DS_ABSALIGN DS_SETFONT DS_MODALFRAME DS_NOIDLEMSG DS_3DLOOK
ExStyle WS_EX_DLGMODALFRAME WS_EX_WINDOWEDGE WS_EX_LEFT WS_EX_LTRREADING WS_EX_RIGHTSCROLLBAR WS_EX_CONTROLPARENT
HInstance 7e410000
ParentWnd 00000000
Id 00000000
UserData 0013fe9c
DlgProc 00000000
MsgResult 00000000
DlgUser 00000000
Unicode TRUE
ThreadId 0000095c
ProcessId 000008e0
Window 001f02b0
Name A debugger has been found running in your system.
Please, unload it from memory and restart your program.
Class Static
WndProc 00000000
Style WS_GROUP WS_VISIBLE WS_CHILD DS_MODALFRAME DS_CONTEXTHELP
ExStyle WS_EX_NOPARENTNOTIFY WS_EX_LEFT WS_EX_LTRREADING WS_EX_RIGHTSCROLLBAR
HInstance 7e410000
ParentWnd 002102b2
Id 0000ffff
UserData 00000000
DlgProc 00000000
MsgResult 00176258
DlgUser 00000000
Unicode TRUE
ThreadId 0000095c
ProcessId 000008e0
PROCESS 865bc448 SessionId: 0 Cid: 08e0 Peb: 7ffde000 ParentCid: 0b08
DirBase: 0fc80400 ObjectTable: e1c5c200 HandleCount: 67.
Image: PackerBreaker.exe
PROCESS 865bc448 SessionId: 0 Cid: 08e0 Peb: 7ffde000 ParentCid: 0b08
DirBase: 0fc80400 ObjectTable: e1c5c200 HandleCount: 67.
Image: PackerBreaker.exe
VadRoot 86587958 Vads 103 Clone 0 Private 1304. Modified 287. Locked 0.
DeviceMap e287d088
Token e3c1b750
ElapsedTime 01:35:21.468
UserTime 00:00:00.281
KernelTime 00:00:05.578
QuotaPoolUsage[PagedPool] 42820
QuotaPoolUsage[NonPagedPool] 4120
Working Set Sizes (now,min,max) (1793, 50, 345) (7172KB, 200KB, 1380KB)
PeakWorkingSetSize 2595
VirtualSize 47 Mb
PeakVirtualSize 48 Mb
PageFaultCount 3096
MemoryPriority BACKGROUND
BasePriority 8
CommitCharge 1722
DebugPort 86bc2a88
THREAD 85f0a5c8 Cid 08e0.095c Teb: 7ffdd000 Win32Thread: e3cd2cb8 WAIT
THREAD 85e7fc98 Cid 08e0.0808 Teb: 7ffdc000 Win32Thread: 00000000 WAIT
THREAD 86054288 Cid 08e0.00a0 Teb: 7ffdb000 Win32Thread: 00000000 WAIT
THREAD 86580898 Cid 08e0.02d0 Teb: 7ffda000 Win32Thread: 00000000 WAIT
THREAD 8656bda8 Cid 08e0.0130 Teb: 7ffd9000 Win32Thread: 00000000 WAIT
THREAD 86bbe168 Cid 08e0.052c Teb: 7ffd8000 Win32Thread: 00000000 WAIT
THREAD 86462aa0 Cid 08e0.0118 Teb: 7ffd7000 Win32Thread: 00000000 WAIT
THREAD 85ea54f8 Cid 08e0.0f30 Teb: 7ffd6000 Win32Thread: 00000000 WAIT
THREAD 85f28d10 Cid 08e0.0370 Teb: 7ffd5000 Win32Thread: 00000000 WAIT
THREAD 86053328 Cid 08e0.012c Teb: 7ffd4000 Win32Thread: 00000000 WAIT
THREAD 85efd870 Cid 08e0.08a0 Teb: 7ffaf000 Win32Thread: 00000000 WAIT
THREAD 86bf0250 Cid 08e0.0bd0 Teb: 7ffae000 Win32Thread: 00000000 WAIT
THREAD 85e19508 Cid 08e0.0ea4 Teb: 7ffad000 Win32Thread: 00000000 WAIT
THREAD 85e8e8c0 Cid 08e0.00e0 Teb: 7ffac000 Win32Thread: 00000000 WAIT
THREAD 85fb1b90 Cid 08e0.0990 Teb: 7ffab000 Win32Thread: 00000000 WAIT
THREAD 85f875b8 Cid 08e0.0a64 Teb: 7ffaa000 Win32Thread: 00000000 WAIT
THREAD 85e03020 Cid 08e0.09f0 Teb: 7ffa9000 Win32Thread: 00000000 WAIT
THREAD 865ea4f8 Cid 08e0.0aec Teb: 7ffa8000 Win32Thread: 00000000 WAIT
THREAD 86ce6da8 Cid 08e0.0afc Teb: 7ffa7000 Win32Thread: 00000000 WAIT
THREAD 86ccc020 Cid 08e0.0af8 Teb: 7ffa6000 Win32Thread: 00000000 WAIT
THREAD 865792e0 Cid 08e0.09a0 Teb: 7ffa5000 Win32Thread: 00000000 WAIT
THREAD 85e944c8 Cid 08e0.0b00 Teb: 7ffa4000 Win32Thread: 00000000 WAIT
THREAD 85f1b820 Cid 08e0.0bd8 Teb: 7ffa3000 Win32Thread: 00000000 WAIT
THREAD 85e5cda8 Cid 08e0.0b48 Teb: 7ffa2000 Win32Thread: 00000000 WAIT
THREAD 86089020 Cid 08e0.0b38 Teb: 7ffa1000 Win32Thread: 00000000 WAIT
niucool
October 23rd, 2012, 13:41
Hehe, you are right. Even I tried to make all my utilities free and simple, I had to add some protections to my code, but we are in a Malware Analysis and unpacking forum, you have to try it at your own risk.
VirusBuster
October 23rd, 2012, 16:22
Could you add command line support?
niucool
October 23rd, 2012, 17:06
Quote:
| [Originally Posted by VirusBuster;93519]Could you add command line support? |
Maybe in next version.
disavowed
October 29th, 2012, 10:34
Quote:
| [Originally Posted by niucool;93518]we are in a Malware Analysis and unpacking forum, you have to try it at your own risk. |
Thanks, you've just encouraged me to never try anything you share with us.
Silkut
November 1st, 2012, 08:00
Quote:
| [Originally Posted by niucool;93518]Hehe, you are right. Even I tried to make all my utilities free and simple, I had to add some protections to my code, but we are in a Malware Analysis and unpacking forum, you have to try it at your own risk. |
We are in malware analysis and unpacking forum, yes. But please take note that distributing malware disguised as a tool in order to infect ppl here won't be tolerated.
niucool
November 1st, 2012, 10:55
OK, Let's end up this joke.
Seriously, it is a tool for unpacking, it has been downloaded more than 4000 times (from my website and other forums) and got lots of positive evaluations since I released it, I also got many bug reports which made me improve this tool.
Some of links are here (sorry, Chinese only):
http://www.52pojie.cn/thread-165750-1-1.html
http://www.unpack.cn/thread-84401-1-1.html
Some guys dislike it only because it uses Themida as its packer. I respect their choice, and on the other hand, I also want to keep my honor for my work and distributing it as a free tool.
Darkelf
November 1st, 2012, 12:42
Well, keep it then.
Aimless
November 1st, 2012, 13:24
Niucool, you realize that most automatic unpackers are used by people who don't know manual unpacking, right? This gives an opportunity for a malware artist, to put something unnecessary and take advantage of that fact. Now, you deny doing so (though, all evidence points to the contrary), but you are doing a piss poor job with your attitude.
Most people on this board are excellent reversers for many years who can smell a suspicious application a mile off. So first things first:
1. Why are you releasing tools in the malware board, rather than the tools board?
2. Why are you packing your software if it's free. I agree not everyone is IDA PRO, but I'd suggest you get rid of the notion that I won't let anyone copy my code. Cracking an application, and reverse engineering a full program from assembly to be able for recompilation are 2 very different things. Chances are, people who can do the latter, are already having their own coded unpackers.
3. Your attitude of "I'm so smart, I'm distributing this as a riddle, solve it whether its malware or not" is probably going to give you negative responses. It's not a smart attitude. It's smarmy. Understand the difference.
4. Yes, it may have been download 4000 times. By people who generally don't know what they are doing, perhaps. Here, the reversers know.
5. Why is there no full disclosure? If your app is packed by themida and creates and EXE, then that's OK. But let it be known BEFORE you post the app link. ESPECIALLY if you're posting in the malware section.
It's nice to know you code and want to distribute your tools. Problem is, this experience will tell you are not to be trusted. Niucool? well, don't know if he's distributing malware in the name of tools. THAT is the attitude that will spread around. If it has not already. Then, where's the honor?
Peace.
Have Phun
niucool
November 1st, 2012, 13:45
Thank you for your reply, Aimless. For your questions:
1. I did not notice that I post in a wrong board till you told me. It is my fault, since I am new to this forum, I just find a board with name "unpacking" and post it, shame on me. It also explains your question no 5.
Could someone help me to move this post to a proper board?
2. Do you mean you should not pack a program if it is free? If yes, I disagree.
3. Sorry for my bad joke, I didn't know it is a board only for malware.
4. The places I posted also have many reversers with experiences.
5. Sorry again for my mistake.
-------------------------------------
Sorry for my slow mind, I have a silly question here:
I'm a little confused, is this Malware Analysis and Unpacking Forum a Malware Analysis and Unpacking or Malware Analysis and Unpacking forum? Why could other normal software be posted here?
disavowed
November 1st, 2012, 14:32
Quote:
| [Originally Posted by niucool;93586]is this Malware Analysis and Unpacking Forum a Malware Analysis and Unpacking or Malware Analysis and Unpacking forum? |
Malware
Analysis and Unpacking
You're right, though; it's not very clear
_genuine
November 1st, 2012, 18:24
Quote:
[Originally Posted by disavowed;93587]Malware Analysis and Unpacking
You're right, though; it's not very clear |
That is an interesting play with words, I never noticed it..ambiguous indeed.
Woodmann
November 1st, 2012, 21:50
Howdy,
This has nothing to do with whether or not it's in the correct forum,
it has to do with the perceived tone of the written words.
Packing a free program seems silly to me. What does this prove ?
Unless you are trying to goad people into trying to unpack a variation
of a protection, why not say so ?.
If the program is free, why do I need to unpack it to see whats going on ?
Unless you have new ground breaking coding technology that nobody
knows about, whats the point ?
Actually, whats the point to your thread ?
Can you sum it up in one non-run on sentence without
countering every point that I have brought up ?
So, what do you want ? (In one short sentence)
Woodmann
niucool
November 1st, 2012, 22:23
I just want to share my tool and I made a mistake for posting in a wrong place.
There are tons of tools free but packed, I'm not the only author doing so. IMHO, there is not direct relation between free program and unpacked program.
blabberer
November 2nd, 2012, 01:24
i perceive i started this flurry and let me try to end this before it ends up in a war of words
niucool
your intentions look good publishing a well written tool for free is indeed quiet welcome i in fact do not use commercial tools for my hobby
as far as i can and you can verify it by looking at my postings
and i know a lot lot of quality free tools that comes from software giants to one time artists.
so let us leave that part alone you wrote a tool you offered it for free you are an angel done over with it
now let me try to explain why the post by me
i also happen to moderate the tool library to which you posted your packer breaker
and i did not know what i was thinking when i moderated your packer breaker
i approved it and realized i might have made a very big mistake by approving it without having checked it as your tool was
new had no previous records in the database had no recommendations whatsoever from supposedly trusted sites
so i reached your site (it looked legit from first appearance) i downloaded and fed it to my local av
moved it to a vm's ran it in isolated environments tried to rip it apart to ascertain if it is a
MAASQUERADEWARE or genuine while at the same time ringing alarm bells to powers that be to re moderate
the entry if required and all of this happened because your gift appears to be whats shown in image below
hope you understand the depth of problem and not counter words with words
please let peace prevail over triumph
niucool
November 2nd, 2012, 01:50
blabberer, thank you for your reply. I appreciate for your test in details.
To be honest, I did not totally catch what your meaning is. Did that text in image show in your debugger or something else? Is it a debug message from Themida? Since my program does not generate that message indeed.
I'd like to PM the original packer to you, you could try to pack any exe with it and see if the message persists.
Kayaker
November 2nd, 2012, 06:35
niucool, you should also understand that people sometimes present riddles in their replies, the meanings of which are also meant to be reversed. It's actually one of the more enjoyable things about this forum, reversing is not always limited to code reversing here. It may have something to do with the teachings of +Fravia, whom most of the older reversers here were influenced by, and taught us to question and reverse everything we see, not just programs.
Blabberer has a reputation for clever wit. Try googling for the latin phrase in the image, which is what I had to do, to transcribe the historical reference to the modern day meaning. It's funny and quite appropriate.
Don't take it the wrong way, your program is appreciated by those who want to use it at their own discretion. But do understand that any program presented here packed under layers of encryption HAS to be questioned, as reversers that just comes as second nature and there's nothing unusual about the skepticism. It's what keeps us all safe.
(PS, you don't have to quote the entire post you are directly replying to unless it's required to make a point, that just makes it more difficult to read.)
Oh, and as for the forum name, to go further off topic. Well it used to be called the "Packing and Unpacking" forum or some such silly thing. At some point I got sick and tired of the whole scene here because it had become the "Help me crack Asprotect, here's my broken IAT dump" forum. Hoping to change the focus of it and to cash in on the increasing interest in malware analysis at the time, I changed the name after discussing it with the other moderators. The "Unpacking" part of the name was kept since that aspect of reversing still seemed pertinent. To be honest I never noticed the ambiguity either and always thought of "Malware Analysis" and "Unpacking" as separate aspects of the forum name. Hey, I'm easy, suggest a better name and maybe we'll change it. As long as the IAT dumps don't start again...
Cheers,
Kayaker
niucool
November 2nd, 2012, 11:14
Wow, this post must be the hottest in our forum now, Cheers~~
Thanks you Kayaker, I doubt I might be still in chaos without your explain.
I once believed it was a horrible experience to me since I always thought in my way and treat myself a victim of misunderstood, but I don't think so now. I meet you guys here and know what you think and how you treat a program in your way, I learned a lot, and on the other hand, you might know me a bit more which could make us easier to understand each other in the future.
Thank you again to Blabberer and other guys who followed this thread.
Aimless
November 2nd, 2012, 13:29
On the funnier side niucool, you're still quoting previous posts.
Have Phun
niucool
November 2nd, 2012, 15:49
Hehe, I will reply to your thread if you did not give me the hint.
FYI, I just released my new build for some bugs found in other forums, and I added the command line support and removed the anti-debug option of themida for this forum, but still packed, sorry.
If you are still interested in this tool, you could have a try.
blabberer
November 2nd, 2012, 16:09
Quote:
| To be honest, I did not totally catch what your meaning is. |
i intentionally had to image the virgils aeneid work word knowing fully well that you wont be able catch it
and partly because this board doesn't support Greek character set
and i wanted to stress that i could have wrote Wooden Horse that led to the fall of troy
and appropriately but unsuccessfully warned by the interrogator loocoon of sinon a greek perjurer and the bearer of the gift of trojan horse
but i packed my wording in Greek / latin so that you are forced to de-maze it before you understand what was written first
and what was meant secondly and what was intended as a third corallary
hope you got the point
btw do not quote this entire reply if and when you are replying
quote selected parts if you wish so use copy paste one or two relevent lines and use "[" quote "]" XXXXXXXX "[" /Quote "]" tags around it
i removed all the superfluous quotes in the entire thread
Kayaker
November 2nd, 2012, 16:27
Quote:
[Originally Posted by Indy;93515]SHDE result(tracer".
2667
|
Btw, Indy - thanks for posting your AV hook detector and especially the pdb file. It was useful and interesting to trace.
PS, did you figure out what it was you were really infected by?
Not to beat a dead horse, but for future reference, these are the kinds of things that are most appreciated by the community here, tools or examples that
teach. That's what this whole board is about after all. They don't necessarily require source code, but the stuff that is open to examination is the most desired.
Indy
November 2nd, 2012, 22:42
Kayaker
http://www.woodmann.com/forum/showthread.php?14974-SHDE&p=93606#post93606 ("http://www.woodmann.com/forum/showthread.php?14974-SHDE&p=93606#post93606")
blabberer
November 3rd, 2012, 00:39
Quote:
| PS, did you figure out what it was you were really infected by? |
when i tried testing the Av.exe (indy it is blocked as malware.gen by antivirus ) i saw the hooks in my system only by avast which i use
the new shde.exe isnt blocked and it too seems to indicate i have hooks by avast
actually i tested it first in a vm with no av installed and all i got was invalid handle message no debug strings
and it seemed the debug strings enable bit was toggled by initialize function
Code:
7C90E4FF Exception C0000008 (INVALID HANDLE)
7C90D05E COND: settinb break on context->eip = 004015B6
7C90D05E Breakpoint at ntdll.ZwContinue
7C90E4C8 Breakpoint at ntdll.KiRaiseUserExceptionDispatcher
7C90E4FF Exception C0000008 (INVALID HANDLE)
7C90D05E COND: settinb break on context->eip = 004015B6
7C90D05E Breakpoint at ntdll.ZwContinue
004015B6 Breakpoint at SHDE.004015B6 (ApiGate+0F)
7C90E4C8 Breakpoint at ntdll.KiRaiseUserExceptionDispatcher
7C90E4FF Exception C0000008 (INVALID HANDLE)
7C90D05E COND: settinb break on context->eip = 004015EC
7C90D05E Breakpoint at ntdll.ZwContinue
004015EC Breakpoint at SHDE.004015EC (ApiGate2+17)
7C90E4C8 Breakpoint at ntdll.KiRaiseUserExceptionDispatcher
7C90E4FF Exception C0000008 (INVALID HANDLE)
7C90D05E COND: settinb break on context->eip = 004015EC
7C90D05E Breakpoint at ntdll.ZwContinue
7C90E4C8 Breakpoint at ntdll.KiRaiseUserExceptionDispatcher
7C90E4FF Exception C0000008 (INVALID HANDLE)
7C90D05E COND: settinb break on context->eip = 004015EC
7C90D05E Breakpoint at ntdll.ZwContinue
004015EC Breakpoint at SHDE.004015EC (ApiGate2+17)
7C90E4C8 Breakpoint at ntdll.KiRaiseUserExceptionDispatcher
7C90E4FF Exception C0000008 (INVALID HANDLE)
7C90D05E COND: settinb break on context->eip = 004015EC
7C90D05E Breakpoint at ntdll.ZwContinue
7C90E4C8 Breakpoint at ntdll.KiRaiseUserExceptionDispatcher
7C90E4FF Exception C0000008 (INVALID HANDLE)
7C90D05E COND: settinb break on context->eip = 004015EC
7C90D05E Breakpoint at ntdll.ZwContinue
004015EC Breakpoint at SHDE.004015EC (ApiGate2+17)
7C9484DF Debug string: Hook: ZwSuspendProcess, 0xA9196D4F, \SystemRoot\System32\Drivers\aswSnx.SYS
7C9484DF Debug string: Hook: ZwDeleteKey, 0xA91D7B05, \SystemRoot\System32\Drivers\aswSnx.SYS
7C9484DF Debug string: Hook: ZwTerminateProcess, 0xA9196789, \SystemRoot\System32\Drivers\aswSnx.SYS
7C9484DF Debug string: Hook: ZwSuspendThread, 0xA9196ECE, \SystemRoot\System32\Drivers\aswSnx.SYS
7C9484DF Debug string: Hook: ZwSetContextThread, 0xA9196A90, \SystemRoot\System32\Drivers\aswSnx.SYS
7C9484DF Debug string: Hook: ZwTerminateThread, 0xA9196910, \SystemRoot\System32\Drivers\aswSnx.SYS
7C9484DF Debug string: Hook: ZwQueueApcThread, 0xA9197060, \SystemRoot\System32\Drivers\aswSnx.SYS
7C9484DF Debug string: Hook: ZwProtectVirtualMemory, 0xA9240AB6, \SystemRoot\System32\Drivers\aswSP.SYS
7C9484DF Debug string: Hook: ZwFreeVirtualMemory, 0xA924092D, \SystemRoot\System32\Drivers\aswSP.SYS
7C9484DF Debug string: Hook: ZwWriteVirtualMemory, 0xA9196305, \SystemRoot\System32\Drivers\aswSnx.SYS
7C9484DF Debug string: Hook: ZwQueryObject, 0xA919734B, \SystemRoot\System32\Drivers\aswSnx.SYS
7C9484DF Debug string: Hook: ZwDuplicateObject, 0xA919A437, \SystemRoot\System32\Drivers\aswSnx.SYS
7C9484DF Debug string: Hook: ZwQueryKey, 0xA91D768E, \SystemRoot\System32\Drivers\aswSnx.SYS
7C9484DF Debug string: Hook: ZwDeleteValueKey, 0xA91D7DF1, \SystemRoot\System32\Drivers\aswSnx.SYS
7C9484DF Debug string: Hook: ZwSetValueKey, 0xA91D7C5B, \SystemRoot\System32\Drivers\aswSnx.SYS
7C9484DF Debug string: Hook: ZwQueryValueKey, 0xA91D7500, \SystemRoot\System32\Drivers\aswSnx.SYS
7C9484DF Debug string: Hook: ZwEnumerateKey, 0xA91D79AC, \SystemRoot\System32\Drivers\aswSnx.SYS
7C9484DF Debug string: Hook: ZwEnumerateValueKey, 0xA91D7817, \SystemRoot\System32\Drivers\aswSnx.SYS
7C9484DF Debug string: Hook: ZwNotifyChangeKey, 0xA919A482, \SystemRoot\System32\Drivers\aswSnx.SYS
7C9484DF Debug string: Hook: ZwOpenSection, 0xA91A105E, \SystemRoot\System32\Drivers\aswSnx.SYS
7C9484DF Debug string: Hook: ZwOpenProcess, 0xA9199CA9, \SystemRoot\System32\Drivers\aswSnx.SYS
7C9484DF Debug string: Hook: ZwOpenThread, 0xA9199EDA, \SystemRoot\System32\Drivers\aswSnx.SYS
Process terminated, exit code 0
Indy
November 3rd, 2012, 02:14
blabberer
Any engine will be detected. As 1. no import, 2. contains signature's.
Works for you as it should. avast it crap.
Sab
November 7th, 2012, 22:10
There is a difference between packed and protected. if you wish to merely pack freeware, use UPX or similar, or protector with protections options all disabled. Hypothetically speaking here, even if your intentions are perfectly well (which they appear to be) what if the Themida protector you use for your free program is not purchased/licensed, which means its more or likely warez'd. If that's the case, do you have any procurement or analysis into the warez'd version to see if it is not infact backdoor'd? cant imagine how many keygens and "packed" or "packer" programs are backdoor'd in warez copies and in turn are inadvertently distributed. its like using poison ivy rat or dark comet, and then realizing the actual servers themselves are vulnerable to exploits... even though you use it legitimately...
Powered by vBulletin® Version 4.2.2 Copyright © 2018 vBulletin Solutions, Inc. All rights reserved.