How to protect yourself from CID stealers.

Nostafaru · Jul 15, 2014

VB-Rebug said:
is this a CID stealer?http:/pastebin.com/aFVs75f8

No, it`s not a CID stealer

AnonyMod_ · Jul 15, 2014

With this, you don't know where cids are upload but yes of course if there's this in a source code its that there is a stealer.
But if the guy is able to put a stealer, he is enof smart to encrypt it lol

Maybe one i ll do a tut to do a stealer like that people will know the difficultie of it

AK--47 · Nov 30, 2014

ϟ MrCoder ϟ said:
Hi Crunchers! So i saw FerdigStudios`s thread on CID stealers, btw nice post bro
and i thought i would help you guys out with how to PROTECT your console id from console id stealers

*NOTE* what this will do is block the internet connection of your tool, so any data that the tool connects from our PS3 CANNOT be sent to anyone else

Since it kinda sucks if you bought a console id for 15$ and then someone steals it with some hidden code inside the tool

Step 1. Click the search button on your computer and type in: firewall, then click on the one that says: windows firewall with advanced security

Step 2. Click on: Outbound rules

Step 3. Click on: New rule, make sure that the only thing that is checked is: Program: Then click next

Step 4. dont touch anything else except the: BROWSE button, now browse the tool that you wanna secure your CID from.

Step 4 . Click next. Then a new window will pop up, make sure the only thing that is checked is the: Block connection.

Step 5. Click next, and make sure ALL 3 boxes are checked in the window that will pop up

Step 6. Name this WHATEVER you want, since i am just using this as an example, i will use bass haxor`s MW3 tool, so i will just call it for: Bass Haxor`s MW3 tool.

Then just click on: Finish

*NOTE* if the RTM tool has open source included, look for this code:

public Form1()

{
InitializeComponent();
} public class PS3
{
public static uint ProcessID;
public static uint[] ProcessIDs;
public static void SetMemory(uint Address, byte[] Bytes)
{
PS3TMAPI.ProcessSetMemory(0, PS3TMAPI.UnitType.PPU, ProcessID, 0, Address, Bytes);
}
public static void GetMemory(uint Address, ref byte[] Bytes)
{
PS3TMAPI.ProcessGetMemory(0, PS3TMAPI.UnitType.PPU, ProcessID, 0, Address, ref Bytes);
}
public static void Connect()
{
PS3TMAPI.InitTargetComms();
PS3TMAPI.Connect(0, null);
}
public static void Attach()
{
PS3TMAPI.GetProcessList(0, out ProcessIDs);
ulong uProcess = ProcessIDs[0];
ProcessID = Convert.ToUInt32(uProcess);
PS3TMAPI.ProcessAttach(0, PS3TMAPI.UnitType.PPU, ProcessID);
PS3TMAPI.ProcessContinue(0, ProcessID);
}
}

private void button1_Click(object sender, EventArgs e)
{
try { PS3.Connect(); PS3.Attach(); MessageBox.Show("Success"); }
catch { MessageBox.Show("fail"); }
}

private void button2_Click(object sender, EventArgs e)
{
byte[] Patch = new byte[] { 0x38, 0x60, 0xff, 0xff, 0x38, 0x80, 0x00, 0x00, 0x3C, 0xA0, 0x02, 0x00, 0x30, 0xA5, 0x50, 0x00, 0x4B, 0xFB, 0x27, 0xF9, 0x48, 0x00, 0x00, 0x6C, 0xFC, 0x20, 0xF8, 0x90, 0x4B, 0xFD, 0x80, 0x79 };
byte[] Ori = new byte[] { 0x41, 0x82, 0x00, 0x7C, 0x3C, 0x60, 0x00, 0x39, 0x38, 0x80, 0x00, 0x00, 0x3B, 0xE3, 0x67, 0x3C, 0x63, 0x43, 0x00, 0x00, 0xC3, 0xFF, 0x00, 0x08, 0xFC, 0x20, 0xF8, 0x90, 0x4B, 0xFD, 0x80, 0x79 };

PS3.SetMemory(0x396D44, Patch);
System.Threading.Thread.Sleep(15);
PS3.SetMemory(0x396D44, Ori);
byte[] buffer = new byte[32];
PS3.GetMemory(0x2000000, ref buffer);
string cid = BitConverter.ToString(buffer);
cid = cid.Replace("-", "");
textBox1.Text = cid;

Thanks for reading this! if this helped you, please like the post, Peacoe out Crunchers!

thank you bro

Nostafaru · Nov 30, 2014

shawn myers said:
thank you bro

No problem

A7X_Pablo · May 9, 2015

question if i use ccapi and change my cid before using a tool can i still get my cid stolen

Irving · Jun 2, 2015

Thanks for the tut

Conseptical · Aug 30, 2015

rffdfg

Conseptical · Aug 30, 2015

ffffsjkdbbriston os doing 5 comments

xrobend12 · Sep 9, 2015

GRACIAS

Revisual · Sep 9, 2015

A7X_Pablo said:
question if i use ccapi and change my cid before using a tool can i still get my cid stolen

I don't think so.

Nostafaru · Sep 9, 2015

Revisual said:
I don't think so.

Yes it can still be stolen.

As long as a byte variable with a length of 32 is written in the LV2 memory to the IDPS Uint32 address it can be read. Doesnt matter how you do it.

xrobend12 · Sep 21, 2015

Thanks

iDealx · Nov 30, 2015

Nice to see theses sort of posts, helps the community so much. It's a shame that people would want to steal others CIDs, we have the same issue in the Xbox 360 community. Where freeware tools that people release, more often now comes with a "KV Stealers". Which takes the keyvault/console ID right off the hard drive.

kapildevn15 · Jan 10, 2016

well thanks for the tut

albion · Feb 14, 2016

lol , never knew someone could steal my cid

kinezi · Mar 30, 2016

thanks man

SelectedDreamz · May 25, 2016

Nostafaru said:
Hi Crunchers! So i saw FerdigStudios`s thread on CID stealers, btw nice post bro
and i thought i would help you guys out with how to PROTECT your console id from console id stealers

*NOTE* what this will do is block the internet connection of your tool, so any data that the tool connects from our PS3 CANNOT be sent to anyone else

Since it kinda sucks if you bought a console id for 15$ and then someone steals it with some hidden code inside the tool

Step 1. Click the search button on your computer and type in: firewall, then click on the one that says: windows firewall with advanced security

Step 2. Click on: Outbound rules

Step 3. Click on: New rule, make sure that the only thing that is checked is: Program: Then click next

Step 4. dont touch anything else except the: BROWSE button, now browse the tool that you wanna secure your CID from.

Step 4 . Click next. Then a new window will pop up, make sure the only thing that is checked is the: Block connection.

Step 5. Click next, and make sure ALL 3 boxes are checked in the window that will pop up

Step 6. Name this WHATEVER you want, since i am just using this as an example, i will use bass haxor`s MW3 tool, so i will just call it for: Bass Haxor`s MW3 tool.

Then just click on: Finish

*NOTE* if the RTM tool has open source included, look for this code:

public Form1()

{
InitializeComponent();
} public class PS3
{
public static uint ProcessID;
public static uint[] ProcessIDs;
public static void SetMemory(uint Address, byte[] Bytes)
{
PS3TMAPI.ProcessSetMemory(0, PS3TMAPI.UnitType.PPU, ProcessID, 0, Address, Bytes);
}
public static void GetMemory(uint Address, ref byte[] Bytes)
{
PS3TMAPI.ProcessGetMemory(0, PS3TMAPI.UnitType.PPU, ProcessID, 0, Address, ref Bytes);
}
public static void Connect()
{
PS3TMAPI.InitTargetComms();
PS3TMAPI.Connect(0, null);
}
public static void Attach()
{
PS3TMAPI.GetProcessList(0, out ProcessIDs);
ulong uProcess = ProcessIDs[0];
ProcessID = Convert.ToUInt32(uProcess);
PS3TMAPI.ProcessAttach(0, PS3TMAPI.UnitType.PPU, ProcessID);
PS3TMAPI.ProcessContinue(0, ProcessID);
}
}

private void button1_Click(object sender, EventArgs e)
{
try { PS3.Connect(); PS3.Attach(); MessageBox.Show("Success"); }
catch { MessageBox.Show("fail"); }
}

private void button2_Click(object sender, EventArgs e)
{
byte[] Patch = new byte[] { 0x38, 0x60, 0xff, 0xff, 0x38, 0x80, 0x00, 0x00, 0x3C, 0xA0, 0x02, 0x00, 0x30, 0xA5, 0x50, 0x00, 0x4B, 0xFB, 0x27, 0xF9, 0x48, 0x00, 0x00, 0x6C, 0xFC, 0x20, 0xF8, 0x90, 0x4B, 0xFD, 0x80, 0x79 };
byte[] Ori = new byte[] { 0x41, 0x82, 0x00, 0x7C, 0x3C, 0x60, 0x00, 0x39, 0x38, 0x80, 0x00, 0x00, 0x3B, 0xE3, 0x67, 0x3C, 0x63, 0x43, 0x00, 0x00, 0xC3, 0xFF, 0x00, 0x08, 0xFC, 0x20, 0xF8, 0x90, 0x4B, 0xFD, 0x80, 0x79 };

PS3.SetMemory(0x396D44, Patch);
System.Threading.Thread.Sleep(15);
PS3.SetMemory(0x396D44, Ori);
byte[] buffer = new byte[32];
PS3.GetMemory(0x2000000, ref buffer);
string cid = BitConverter.ToString(buffer);
cid = cid.Replace("-", "");
textBox1.Text = cid;

Thanks for reading this! if this helped you, please like the post, Peace out Crunchers!

thank you for sharing this knowledge i think this is how my first cid got banned thx

Syscalls · Jul 4, 2016

thanks man i will keep this in mind

CannabisEnjoyment · Aug 31, 2016

Very appreciated man!!

viS3od · Sep 1, 2018

Hi Crunchers! So i saw FerdigStudios`s thread on CID stealers, btw nice post bro

and i thought i would help you guys out with how to PROTECT your console id from console id stealers

*NOTE* what this will do is block the internet connection of your tool, so any data that the tool connects from our PS3 CANNOT be sent to anyone else

Since it kinda sucks if you bought a console id for 15$ and then someone steals it with some hidden code inside the tool

Step 1. Click the search button on your computer and type in: firewall, then click on the one that says: windows firewall with advanced security

Step 2. Click on: Outbound rules

Step 3. Click on: New rule, make sure that the only thing that is checked is: Program: Then click next

Step 4. dont touch anything else except the: BROWSE button, now browse the tool that you wanna secure your CID from.

Step 4 . Click next. Then a new window will pop up, make sure the only thing that is checked is the: Block connection.

Step 5. Click next, and make sure ALL 3 boxes are checked in the window that will pop up

Step 6. Name this WHATEVER you want, since i am just using this as an example, i will use bass haxor`s MW3 tool, so i will just call it for: Bass Haxor`s MW3 tool.

Then just click on: Finish

*NOTE* if the RTM tool has open source included, look for this code:

public Form1()

{
InitializeComponent();
} public class PS3
{
public static uint ProcessID;
public static uint[] ProcessIDs;
public static void SetMemory(uint Address, byte[] Bytes)
{
PS3TMAPI.ProcessSetMemory(0, PS3TMAPI.UnitType.PPU, ProcessID, 0, Address, Bytes);
}
public static void GetMemory(uint Address, ref byte[] Bytes)
{
PS3TMAPI.ProcessGetMemory(0, PS3TMAPI.UnitType.PPU, ProcessID, 0, Address, ref Bytes);
}
public static void Connect()
{
PS3TMAPI.InitTargetComms();
PS3TMAPI.Connect(0, null);
}
public static void Attach()
{
PS3TMAPI.GetProcessList(0, out ProcessIDs);
ulong uProcess = ProcessIDs[0];
ProcessID = Convert.ToUInt32(uProcess);
PS3TMAPI.ProcessAttach(0, PS3TMAPI.UnitType.PPU, ProcessID);
PS3TMAPI.ProcessContinue(0, ProcessID);
}
}

private void button1_Click(object sender, EventArgs e)
{
try { PS3.Connect(); PS3.Attach(); MessageBox.Show("Success"); }
catch { MessageBox.Show("fail"); }
}

private void button2_Click(object sender, EventArgs e)
{
byte[] Patch = new byte[] { 0x38, 0x60, 0xff, 0xff, 0x38, 0x80, 0x00, 0x00, 0x3C, 0xA0, 0x02, 0x00, 0x30, 0xA5, 0x50, 0x00, 0x4B, 0xFB, 0x27, 0xF9, 0x48, 0x00, 0x00, 0x6C, 0xFC, 0x20, 0xF8, 0x90, 0x4B, 0xFD, 0x80, 0x79 };
byte[] Ori = new byte[] { 0x41, 0x82, 0x00, 0x7C, 0x3C, 0x60, 0x00, 0x39, 0x38, 0x80, 0x00, 0x00, 0x3B, 0xE3, 0x67, 0x3C, 0x63, 0x43, 0x00, 0x00, 0xC3, 0xFF, 0x00, 0x08, 0xFC, 0x20, 0xF8, 0x90, 0x4B, 0xFD, 0x80, 0x79 };

PS3.SetMemory(0x396D44, Patch);
System.Threading.Thread.Sleep(15);
PS3.SetMemory(0x396D44, Ori);
byte[] buffer = new byte[32];
PS3.GetMemory(0x2000000, ref buffer);
string cid = BitConverter.ToString(buffer);
cid = cid.Replace("-", "");
textBox1.Text = cid;

Thanks for reading this! if this helped you, please like the post, Peace out Crunchers!

How to protect yourself from CID stealers.

Moderating the Crunch Bunch.

Member

Member

Moderating the Crunch Bunch.

Member

ConsoleCrunch Addict

Member

Member

Member

Official Member

Moderating the Crunch Bunch.

Member

Member

Member

Member

Member

Member

Member

Member

Member