SoundInfinity

()

Reputation: 8 [rate]

Joined: Nov, 2018

Profile Picture

Activity Feed


Replied to thread: Add A Section Just For Exploit Releases


I kinda agree with this cause it would be nice to see everyone's exploit in a single section with its own standard/requirements, like virustotal, previews, and descriptions of the "features"

 

But, imo this website is mostly for ppl to hang around so it aint necessarily gonna get much user traffic 

Created a new thread: I think I found out why WRD API is down...


Well, I as a normal human being yk we curious... so, I went ahead and scooped around to find out what this event was about. After a couple of minutes I landed on v3rmillion. There I found out the APIs ACE vulnerability is pretty serious. Also, WRD's API was not the only affected.

 

Who were caught in this?

My perspective is that every exploit that has support for getrenv is currently in the scope of this exploit. These include: Script-Ware, KRNL, Synapse, WeAreDevs, etc.

 

The first three have reported to have fixed the issue.

 

 

What happened?

Someone found out a way to require a CorePackage, these are scripts that ROBLOX uses internally. And, to put into perspective they have system level of access (not sure). The author of the thread showed a video where he opened a URL in a browser from the Synapse Executor Window.

 

What can I do?

YOU MY FRIEND SHALL PANIC YOUR COMPUTER IS NOW MINE GOOD LUCK TRYING TO RECOVER THOSE COOKIE CLICKER POINTS CUZ NOW I HAVE YOUR ROBLOX COOKIES

 

SNIPPET (1)

local pack = assert(getrenv().require(game.CorePackages.UniversalApp.Linking.LinkingProtocol),"LinkingProtocol not found")

(innefficient vulnerability check on fix)

 

SNIPPET (2)

local MBS = game:GetService("MessageBusService")

local urlid = MBS:GetMessageId("Linking", "openURLRequest")

MBS:Publish(urlid, {url = "notepad.exe"})

(this opens a notepad window ono) [v3rm:cuck333]

 

SOURCE(s)

[MAJOR VULNERABILITY] [RELAUNCH SYNAPSE / OTHER EXPLOITS NOW] ACE/CE VULNERABILITY (www.v3rmillion.net)

 

Replied to thread: Not starting


@julisceaser19 I don't think this is roblox related lol

 

"Arbitrary code execution (ACE) is a form of cyber attack which allows the attacker to execute code in software or on hardware."

"Remote code execution (RCE) is an exploit that allows the code to be executed on a network."

(source: www.litigationsupporttipofthenight.com)

 

Found a better site: https://www.checkpoint.com/cyber-hub/cyber-security/what-is-remote-code-execution-rce/

 

 

Someone probably got system privileges through lua? idk

 

Replied to thread: fe car thing


@x0f20 true, actual users would just copy and paste and hope it ain't patched

Replied to thread: fe car thing


@Vilictus this is probably a force join, or he uses it for discord to popup the join server thing.

local json = {
   ["cmd"] = "INVITE_BROWSER",
   ["args"] = {
       ["code"] = "hsdcAFZY9E"
   },
   ["nonce"] = 'a'
}

Replied to thread: any feature suggestions for this ui?


ngl, this looks kinda professional. Something that Microsoft would make, just missing more spyware.

Created a new thread: [release] Script Query


Hello everyone, I am here to present to you the ULTIMATE AND MAGNIFICENT SCRIPT QUERY SCRIPT!!!! Although, this glamorous script will only fetch the scripts listed in the scripts page, its core use is not too far from its vision. You see its usage is quite simple as shown below:

 

_G.ScriptSearchAPI:search('Dex'):GetCodeAsync(function(code)
  loadstring(code)()
end)

To fully experience its use, you are recommended to insert it into your "autoexec" folder

 

Further details & how to load it, can be found here: https://github.com/sound-infinity/script-query

 

What can I do with this?

  1. Extend your command line GUI with another command!
  2. Create a Script Hub
  3. Etc.

 

(i made this for fun, so enjoy!)

Replied to thread: [REL] 🌠 Retail Tycoon API | Create Scripts Easily 🌠


@Klem Although this script is not that useful in the exploiting side of things, you know... because script devs are not actually gonna use. I have to say, this is a great and nice contribution.

Replied to thread: [BUG] WRD Api gets redownloaded non-stop on injection.


@crazy_cat my bad... but essentially the comment still stands tho, probably Nihon doesn't use the API correctly, or they added a loop/timer.

Replied to thread: [BUG] WRD Api gets redownloaded non-stop on injection.


This isn't a bug.

 

this is what happens on the code:

 

call LaunchExploit()

      -> call  IsUpdated()

          -> read IsPatched

          -> call DownloadFile()

      -> call Inject()

 

this will always download the latest update.

Replied to thread: Krnl Autoexecute


After a little testing I did, it worked just fine.

 

first I rewrote the script (cause that one you got looks bothers me lol):

local safe_http_request = request or http_request or (http and http.request) or (syn and syn.request)
assert(type(safe_http_request) == "function", "error: not able to do http request. function is undefined.")

local request = {
	Url = table.concat({
		"http://api.eclipsehub.xyz/auth",
		"?key=",
		tostring(mainKey or getgenv().mainKey),
	}),
	Headers = {
		["User-Agent"] = "Eclipse",
	},
}

local response = safe_http_request(request)
assert(response, "error: failed to fetch remote content!")
local response_body = response.Body
do

	local loader = loadstring(response_body)
	if type(loader) == "function" then
		local suc, msg = pcall(loader)
		if not suc then
			print("error:", msg)
		end
	else
		print("error: loader is not a function!")
        print("error: loader_str:", loader)
        print("error: response_str:", response_body)
	end
end

then:

  1. navigated to "autoexec"
  2. created file "eclipse.lua"
  3. pasted my script
  4. joined a game.
  5. injected krnl

result:

The GUI loaded up and no errors were fired.

Replied to thread: Advanced Search Bar


@Moon great features but in plain sight they're kinda unnecessary.

 

in my opinion:

 

from

  • Go to "User Search" and search the user & view all their threads.
  • Most threads you're interested in shouldn't go past their first page.

mentions

  • Why would you need this? unless you are stalking somebody
  • But from my little knowledge of coding, Jon would need to store the threadIds where they are mentioned. occupying more server storage though probably in kilobytes

before & after

  • not really useful for this forum. Why would you look up old stuff?

 

Am not saying they are entirely useless but in the cases where they could be used in this forum seem kinda pointless.

Replied to thread: Good IDE for developing exploit scripts?


@CJ99 First, what are the issues you have with Visual Code? What features are you looking for to develop exploit scripts?

 

 

In my opinion Visual Code is the best IDE for exploit scripts IF properly setup. Recently, I started to develop a script to interface with metatables and it helped me by a lot, provided me with documentation and static code check.  Also, its debugging function may not work, but that is because Roblox is a running client so you must use an exploit to actually test the scripts.

Replied to thread: are there any working grab knife scripts rn


@ThatPhoenix "terrible feature" lmao

 

Replied to thread: Best 10 dollar exploit? 😎


@Porgums If you are gonna expend money, best way to go is with Synapse. It is like the windows of exploits (it is the targeted audience).