Security HUD
System Watchdog
×
Threads Scanned
-- / --
SYS. LOAD --%
AI SHIELD ACTIVE
DMCA Policy
×

📋 DMCA Compliance

This platform and community fully complies with the Digital Millennium Copyright Act (DMCA) and international copyright laws. We take all copyright protection seriously.

🛡️ Copyright Protection

If you believe a posted item belongs to you or violates your copyright, you may file a DMCA takedown request through our official channels. Upon receiving a valid claim, the infringing content will be removed within 24 hours.

What's new

Script [FREE] FiveM | RAHE Racing System (2025)

Caronte8876

Member
Joined
Aug 30, 2023
Messages
3
Reaction score
0
Points
156
Location
usa
Don't install it — it's malware.

internal/config.js looks like a config file but it's not. It's JavaScript running server-side with a 3-second delay
(setTimeout), wrapped in an empty try/catch so if it crashes you see nothing in the console.

It takes 20 hardcoded Base64 strings, concatenates them, decodes them, then XOR's the result against the key
"xc2TVOyF0hPc8V0qOUBRr". That output gets passed straight into new Function() — which is just eval(). Arbitrary code
execution at runtime.

1 var _sesPool229 = new Function(_resBuf221);
2 _sesPool229();

No legit FiveM script needs to hide behind Base64 + XOR + dynamic execution with a delay. A normal license check or
telemetry call would sit in plain text like the rest of the resource.

They also buried it in fxmanifest.lua behind ~250 spaces of whitespace padding — if you don't scroll to the end of
the line, you won't see it:

1 --[[ 'server/sv_core.lua' ]]
'internal/config.js',

The original dev doesn't do that. Someone injected this and didn't want it found.
 
Top