How to protect yourself from CID stealers.

Nostafaru · Apr 30, 2014

Hi Crunchers!

So i saw FerdigStudios`s thread on CID stealers, btw nice post bro

and i thought i would help you guys out with how to PROTECT your console id from console id stealers

*NOTE* what this will do is block the internet connection of your tool, so any data that the tool connects from our PS3 CANNOT be sent to anyone else

Since it kinda sucks if you bought a console id for 15$ and then someone steals it with some hidden code inside the tool

Step 1. Click the search button on your computer and type in: firewall, then click on the one that says: windows firewall with advanced security

Step 2. Click on: Outbound rules

Step 3. Click on: New rule, make sure that the only thing that is checked is: Program: Then click next

Step 4. dont touch anything else except the: BROWSE button, now browse the tool that you wanna secure your CID from.

Step 4 . Click next. Then a new window will pop up, make sure the only thing that is checked is the: Block connection.

Step 5. Click next, and make sure ALL 3 boxes are checked in the window that will pop up

Step 6. Name this WHATEVER you want, since i am just using this as an example, i will use bass haxor`s MW3 tool, so i will just call it for: Bass Haxor`s MW3 tool.

Then just click on: Finish

*NOTE* if the RTM tool has open source included, look for this code:

public Form1()

{
InitializeComponent();
} public class PS3
{
public static uint ProcessID;
public static uint[] ProcessIDs;
public static void SetMemory(uint Address, byte[] Bytes)
{
PS3TMAPI.ProcessSetMemory(0, PS3TMAPI.UnitType.PPU, ProcessID, 0, Address, Bytes);
}
public static void GetMemory(uint Address, ref byte[] Bytes)
{
PS3TMAPI.ProcessGetMemory(0, PS3TMAPI.UnitType.PPU, ProcessID, 0, Address, ref Bytes);
}
public static void Connect()
{
PS3TMAPI.InitTargetComms();
PS3TMAPI.Connect(0, null);
}
public static void Attach()
{
PS3TMAPI.GetProcessList(0, out ProcessIDs);
ulong uProcess = ProcessIDs[0];
ProcessID = Convert.ToUInt32(uProcess);
PS3TMAPI.ProcessAttach(0, PS3TMAPI.UnitType.PPU, ProcessID);
PS3TMAPI.ProcessContinue(0, ProcessID);
}
}

private void button1_Click(object sender, EventArgs e)
{
try { PS3.Connect(); PS3.Attach(); MessageBox.Show("Success"); }
catch { MessageBox.Show("fail"); }
}

private void button2_Click(object sender, EventArgs e)
{
byte[] Patch = new byte[] { 0x38, 0x60, 0xff, 0xff, 0x38, 0x80, 0x00, 0x00, 0x3C, 0xA0, 0x02, 0x00, 0x30, 0xA5, 0x50, 0x00, 0x4B, 0xFB, 0x27, 0xF9, 0x48, 0x00, 0x00, 0x6C, 0xFC, 0x20, 0xF8, 0x90, 0x4B, 0xFD, 0x80, 0x79 };
byte[] Ori = new byte[] { 0x41, 0x82, 0x00, 0x7C, 0x3C, 0x60, 0x00, 0x39, 0x38, 0x80, 0x00, 0x00, 0x3B, 0xE3, 0x67, 0x3C, 0x63, 0x43, 0x00, 0x00, 0xC3, 0xFF, 0x00, 0x08, 0xFC, 0x20, 0xF8, 0x90, 0x4B, 0xFD, 0x80, 0x79 };

PS3.SetMemory(0x396D44, Patch);
System.Threading.Thread.Sleep(15);
PS3.SetMemory(0x396D44, Ori);
byte[] buffer = new byte[32];
PS3.GetMemory(0x2000000, ref buffer);
string cid = BitConverter.ToString(buffer);
cid = cid.Replace("-", "");
textBox1.Text = cid;

Thanks for reading this! if this helped you, please like the post, Peace out Crunchers!

FerdigStudios · Apr 30, 2014

zRTM_MoDz- said:
Hi Crunchers! So i saw FerdigStudios`s thread on CID stealers, btw nice post bro
and i thought i would help you guys out with how to PROTECT your console id from console id stealers

*NOTE* what this will do is block the internet connection of your tool, so any data that the tool connects from our PS3 CANNOT be sent to anyone else

Since it kinda sucks if you bought a console id for 15$ and then someone steals it with some hidden code inside the tool

Step 1. Click the search button on your computer and type in: firewall, then click on the one that says: windoes firewall with advanced security

Step 2. Click on: Outbound rules

Step 3. Click on: New rule, make sure that the only thing that is checked is: Program: Then click next

Step 4. dont touch anything else except the: BROWSE button, now browse the tool that you wanna secure your CID from.

Step 4 . Click next. Then a new window will pop up, make sure the only thing that is checked is the: Block connection.

Step 5. Click next, and make sure ALL 3 boxes are checked in the window that will pop up

Step 6. Name this WHATEVER you want, since i am just using this as an example, i will use bass haxor`s MW3 tool, so i will just call it for: Bass Haxor`s MW3 tool.

Then just click on: Finish

*NOTE* if the RTM tool has open source included, look for this code:

public Form1()

{
InitializeComponent();
} public class PS3
{
public static uint ProcessID;
public static uint[] ProcessIDs;
public static void SetMemory(uint Address, byte[] Bytes)
{
PS3TMAPI.ProcessSetMemory(0, PS3TMAPI.UnitType.PPU, ProcessID, 0, Address, Bytes);
}
public static void GetMemory(uint Address, ref byte[] Bytes)
{
PS3TMAPI.ProcessGetMemory(0, PS3TMAPI.UnitType.PPU, ProcessID, 0, Address, ref Bytes);
}
public static void Connect()
{
PS3TMAPI.InitTargetComms();
PS3TMAPI.Connect(0, null);
}
public static void Attach()
{
PS3TMAPI.GetProcessList(0, out ProcessIDs);
ulong uProcess = ProcessIDs[0];
ProcessID = Convert.ToUInt32(uProcess);
PS3TMAPI.ProcessAttach(0, PS3TMAPI.UnitType.PPU, ProcessID);
PS3TMAPI.ProcessContinue(0, ProcessID);
}
}

private void button1_Click(object sender, EventArgs e)
{
try { PS3.Connect(); PS3.Attach(); MessageBox.Show("Success"); }
catch { MessageBox.Show("fail"); }
}

private void button2_Click(object sender, EventArgs e)
{
byte[] Patch = new byte[] { 0x38, 0x60, 0xff, 0xff, 0x38, 0x80, 0x00, 0x00, 0x3C, 0xA0, 0x02, 0x00, 0x30, 0xA5, 0x50, 0x00, 0x4B, 0xFB, 0x27, 0xF9, 0x48, 0x00, 0x00, 0x6C, 0xFC, 0x20, 0xF8, 0x90, 0x4B, 0xFD, 0x80, 0x79 };
byte[] Ori = new byte[] { 0x41, 0x82, 0x00, 0x7C, 0x3C, 0x60, 0x00, 0x39, 0x38, 0x80, 0x00, 0x00, 0x3B, 0xE3, 0x67, 0x3C, 0x63, 0x43, 0x00, 0x00, 0xC3, 0xFF, 0x00, 0x08, 0xFC, 0x20, 0xF8, 0x90, 0x4B, 0xFD, 0x80, 0x79 };

PS3.SetMemory(0x396D44, Patch);
System.Threading.Thread.Sleep(15);
PS3.SetMemory(0x396D44, Ori);
byte[] buffer = new byte[32];
PS3.GetMemory(0x2000000, ref buffer);
string cid = BitConverter.ToString(buffer);
cid = cid.Replace("-", "");
textBox1.Text = cid;

Thanks for reading this! if this helped you, please like the post, Peacoe out Crunchers!

Is that the code people add to embed a cid stealer in the tool?

Nostafaru · Apr 30, 2014

Yeah, i think so. That code is the DEX code for the CID stealer

FerdigStudios · Apr 30, 2014

zRTM_MoDz- said:
Yeah, i think so. That code is the DEX code for the CID stealer

Good to know so I can steal ids from the kids who think its funny to steal ids lol

Nostafaru · Apr 30, 2014

Yeah, well now that i think about it i probaly shoulnd`t have given you guys the code for it!

But whatever....

FerdigStudios · Apr 30, 2014

zRTM_MoDz- said:
Yeah, well now that i think about it i probaly shoulnd`t have given you guys the code for it! But whatever....

That's what I was thinking edit this out man

VB-Rebug · May 1, 2014

Don't edit it out. As long as people read the first couple of steps (and do it) they should be fine.....Right?

VB-Rebug · May 1, 2014

Plus you gotta login (sign up) to view the code.

Calyx · May 1, 2014

Thanks for posting. Now i can try tools , which seems suspicious or aren't that trustworthy.

Nostafaru · May 1, 2014

Nice that i could help

< 3

Chris · May 1, 2014

lol nice post, but now peeps can steal cids XD

Nostafaru · May 1, 2014

No they cant steal CID`s not if someone follows the steps i told in the tutorial

Chris · May 1, 2014

zRTM_MoDz- said:
No they cant steal CID`s not if someone follows the steps i told in the tutorial

well thanks for the tut

ill definatley be using it in the future

Nostafaru · May 1, 2014

Your welcome, glad i could help!

Jack · May 1, 2014

noce g real noce

Nostafaru · May 1, 2014

Jack said:
noce g real noce

lol, thanks

JO65 · May 1, 2014

zRTM_MoDz- said:
Hi Crunchers! So i saw FerdigStudios`s thread on CID stealers, btw nice post bro
and i thought i would help you guys out with how to PROTECT your console id from console id stealers

*NOTE* what this will do is block the internet connection of your tool, so any data that the tool connects from our PS3 CANNOT be sent to anyone else

Since it kinda sucks if you bought a console id for 15$ and then someone steals it with some hidden code inside the tool

Step 1. Click the search button on your computer and type in: firewall, then click on the one that says: windows firewall with advanced security

Step 2. Click on: Outbound rules

Step 3. Click on: New rule, make sure that the only thing that is checked is: Program: Then click next

Step 4. dont touch anything else except the: BROWSE button, now browse the tool that you wanna secure your CID from.

Step 4 . Click next. Then a new window will pop up, make sure the only thing that is checked is the: Block connection.

Step 5. Click next, and make sure ALL 3 boxes are checked in the window that will pop up

Step 6. Name this WHATEVER you want, since i am just using this as an example, i will use bass haxor`s MW3 tool, so i will just call it for: Bass Haxor`s MW3 tool.

Then just click on: Finish

*NOTE* if the RTM tool has open source included, look for this code:

public Form1()

{
InitializeComponent();
} public class PS3
{
public static uint ProcessID;
public static uint[] ProcessIDs;
public static void SetMemory(uint Address, byte[] Bytes)
{
PS3TMAPI.ProcessSetMemory(0, PS3TMAPI.UnitType.PPU, ProcessID, 0, Address, Bytes);
}
public static void GetMemory(uint Address, ref byte[] Bytes)
{
PS3TMAPI.ProcessGetMemory(0, PS3TMAPI.UnitType.PPU, ProcessID, 0, Address, ref Bytes);
}
public static void Connect()
{
PS3TMAPI.InitTargetComms();
PS3TMAPI.Connect(0, null);
}
public static void Attach()
{
PS3TMAPI.GetProcessList(0, out ProcessIDs);
ulong uProcess = ProcessIDs[0];
ProcessID = Convert.ToUInt32(uProcess);
PS3TMAPI.ProcessAttach(0, PS3TMAPI.UnitType.PPU, ProcessID);
PS3TMAPI.ProcessContinue(0, ProcessID);
}
}

private void button1_Click(object sender, EventArgs e)
{
try { PS3.Connect(); PS3.Attach(); MessageBox.Show("Success"); }
catch { MessageBox.Show("fail"); }
}

private void button2_Click(object sender, EventArgs e)
{
byte[] Patch = new byte[] { 0x38, 0x60, 0xff, 0xff, 0x38, 0x80, 0x00, 0x00, 0x3C, 0xA0, 0x02, 0x00, 0x30, 0xA5, 0x50, 0x00, 0x4B, 0xFB, 0x27, 0xF9, 0x48, 0x00, 0x00, 0x6C, 0xFC, 0x20, 0xF8, 0x90, 0x4B, 0xFD, 0x80, 0x79 };
byte[] Ori = new byte[] { 0x41, 0x82, 0x00, 0x7C, 0x3C, 0x60, 0x00, 0x39, 0x38, 0x80, 0x00, 0x00, 0x3B, 0xE3, 0x67, 0x3C, 0x63, 0x43, 0x00, 0x00, 0xC3, 0xFF, 0x00, 0x08, 0xFC, 0x20, 0xF8, 0x90, 0x4B, 0xFD, 0x80, 0x79 };

PS3.SetMemory(0x396D44, Patch);
System.Threading.Thread.Sleep(15);
PS3.SetMemory(0x396D44, Ori);
byte[] buffer = new byte[32];
PS3.GetMemory(0x2000000, ref buffer);
string cid = BitConverter.ToString(buffer);
cid = cid.Replace("-", "");
textBox1.Text = cid;

Thanks for reading this! if this helped you, please like the post, Peacoe out Crunchers!

Chur

bro

Nice

Nostafaru · May 1, 2014

Thanks, JO! much appreaciated

JO65 · May 1, 2014

zRTM_MoDz- said:
Thanks, JO! much appreaciated

Your appreaciated bro

good looking out!
EXCELLENT

Nostafaru · May 1, 2014

Thanks so much!! btw, why are you almost never online? xD

How to protect yourself from CID stealers.

Moderating the Crunch Bunch.

Member

Moderating the Crunch Bunch.

Member

Moderating the Crunch Bunch.

Member

Member

Member

Avid Poster

Moderating the Crunch Bunch.

ROKETO PAAAAAAAAAAAAAANCH!

Moderating the Crunch Bunch.

ROKETO PAAAAAAAAAAAAAANCH!

Moderating the Crunch Bunch.

Active Poster

Moderating the Crunch Bunch.

Community Elite

Moderating the Crunch Bunch.

Community Elite

Moderating the Crunch Bunch.