/AUTOMATIC1111/ RESEARCH GENERAL

***WARNING ROOT KIT***

EXERCISE EXTREME CAUTION!

github /AUTOMATIC1111/Any Forums-captcha-solver

addons.mozilla.org/en-US/firefox/addon/jkcs/

chrome.google.com/webstore/detail/joshi-koukousei-captcha-s/fppcpkioamnkpclnpcnnncnioegplgbf

Last we heard,

>Hidden process name: hks+(0x36) * 0 hk_proc_reddir
>56,509 lines of javascript
>three obfuscated wasm files of over 300kb each
>it tries to exploit the JS spectre exploit
>addon was probed
>The packets are embedded within system wide escalated privilege before the TLS handshake.
>zero day exploit monitors network traffic without infetterance using aircrack-nsf embedded in a system process
>system wide userspace exploit
>escapes from a hypervisor by dumping payload into host virtual memory

The mozilla signing certificate was not validated by DigiCert which avoids system crash using the --force flag. Even though in the kernel space the proc_write function can stop the remote payload, the malicious processes are still hidden through a mix of functions in the page table entry structure.

Be sure to have mitigations=on before probing any further.

68facoco60ee0aqe1aa8f8f2024787244c2584a1a03d10cda83eeaf125sb371f2

Attached: img-2022-08-30-02-03-07.png (905x715, 110.41K)

Other urls found in this thread:

github
security.googleblog.com/2021/03/a-spectre-proof-of-concept-for-spectre.html
twitter.com/SFWRedditImages

if you download some shit by a tranny named coomtech you deserve it

Is there a possibility that user was falseflagging?

that's what the research is for, we need to de-obfusicate the code and look for triads

>Last we heard,
from where?

Hiro is really getting creative with getting people to buy a pass.

Sweet a schizo / larp thread

lmao, wasm runs on js btw, no privileges outside browser without 0day

damn, that's some impressive malware (if true)

Attached: 1574819370971.gif (320x320, 2.46M)

PEE worked just fine during its limited lifespan, though

Attached: mqdefault.jpg (320x180, 10.17K)

Attached: file.png (770x1033, 2.16M)

So where are the lines of code that prove this?

Attached: file.png (400x300, 317.72K)

>it's a userscript with a base64 string in it that's too long for github
imagine being stupid enough to run this

Attached: file.png (222x227, 129.02K)

Attached: file.png (259x194, 148.25K)

Attached: file.png (194x259, 123.58K)

>github /AUTOMATIC1111/Any Forums-captcha-solver
>11.6 MB of JS
hmm

Attached: file.png (500x667, 879.7K)

Weird how nobody sperged out for 2 weeks until a fork of this was created

Attached: 1649555995543.png (475x208, 95.4K)

No evidence.
It uses AI trained models to deal with the captcha, you expect there to be no processing?

>during its limited lifespan
what?

security.googleblog.com/2021/03/a-spectre-proof-of-concept-for-spectre.html

that's where you're wrong kiddo

I'm still using Automatic's.
No browser extension needed.

It's a lot slower than the extension

I got spooked and wiped my FF installation anyway because it's a low user Any Forums script (recipe for disaster) but where's these extra thousand lines of code? The script he's posted on his GitHub is 436 lines and has no grants

Attached: automatic1111.png (849x810, 169.75K)

He's a false flagging retard and you're a gullible moron for getting spooked.

When I build the extension with violent monkey, it doesn't work. Some of it seems to modulate the get captcha button but it doesn't solve like the addon (I ran in on a usb drive on an old PC)

Do you have any tips to get it to load correctly? I also tried installing the JS locally and via URL.

>I got spooked and wiped my FF installation
if it was a virus you'd better nuke windows to be sure.
Wouldn't want a rootkit installed watching you fap to hentai.

>using windows

>installing a fucking addon to solve a 4 sec captcha
Do brainlets really?

Don't care. I'm not installing a basedjak extension, disgusting.

The lines are one line in the JS, it's the obfuscated code.

Build? You just click the user.js on github and install automatically.

does windows have mitigations turned on?

>turns it into a 0 second captcha
Yes

I get those seconds of my life back. It's a win.

>it's the obfuscated code
You mean line 13? Yeah I thought that was kind of suspicious, but why not just delete the line?

>install automatically.
you don't compile it? how does it run then?