Movie

Sign In | Sign Up

My Profile

Voodooman
15535
.....
Points: 62
Country: Russia
RSS Add Friend

Shortcuts

Categories

My Talk

UniBitComPatch v1.0 released Mon May 19, 08 05:31 PM

Guy there HIT_HAT tiped me with his found that peer-id isnt variable string and showed me how its generated.

Its generated during initialisation of Bitcomet.exe by using separate Strings '-' 'B' 'C', then there are few pointers to version strings, but these version string are program wide (uses everywhere from caption and about) so its not good idea to change them, but there is another solution, replace pointers in peed id generatin opcode with fixed values in stack.

2XTREAM and others

News about UniBitCometPatch

http://torrents.ru/forum/viewtopic.php?p=9199497#9199497

(use any online Russian 2 English translator, possibly to download beta files u may need accaunt there sorry im in internet via smartphone last 2 weeks, so i cant upload to my site)

Please test newest beta versions of patch made from scratch.

Version 1.4 is middle-step release for unpacked Bitcomet only (just as previous).

Version 1.5 is inline patch for packed Bitcomet, its ataching micro opcode in entry point as sub routine, then it initialising original code, and monitoring when packer`s loader unpacking original code image into RAM and then this micro opcode searching and replacing values in runing process, works similar to external with exeption that it internal and works with any packer)

Please test both versions with different Bitcomets.

Also can u please use some network packet sniffer\spoofer and look if it works ok if u will change part of client id string from BC0100 to BC0070 (1.0 to 0.7), i have reports that some trackers only allows 0.7 client ID so in next 1.6 release i wanna implement spoofing of client id, but i have some doubts that NEW things like peer exchange or torrent sharing may not work after that (possible reason that Bitcomet may "think" that if peer is 0.70 that it probably dont have such features and possible if Bitcomet works like this B0070 id may broke that functions)

Also i wanna know if there r some trackers that may ban such spoofed client id or refuse to work with 0.70.

Because i have problems with internet at home i cannot test it all myself.

2XTREAM and others

News about UniBitCometPatch

http://torrents.ru/forum/viewtopic.php?p=9199497#9199497

(use any online Russian 2 English translator)

Please test newest beta versions of patch made from scratch.

Hi, i temporary removed patch from my site, read details of that issue at my site.

UniBitComPatch v1.0 released Wed Apr 2, 08 01:26 PM

TADAAAAAAAA!!!

Thats the respond from Kaspersky lab that prove that my patch absolutly SAFE !!!

No viruses and no trojans!!!!

about B2E inside getUBCPupdate.exe

> Attachment: b2e.zip

> False positive.

Hello.

Sorry,this was a false detection

it will be fixed in the next updates

thank you for your help

-----------------

Virus Analyst, Kaspersky Lab.

Now if everyone ask u can show them this quote and refer to future virus database updates where b2e will be removed))

But there few others antivirs still got it in list, also some got CLOSEAPP in in list so beware for few more False positives

TADAAAAAAAA!!!

Thats the respond from Kaspersky lab that prove that my patch absolutly SAFE !!!

No viruses and no trojans!!!!

about B2E inside getUBCPupdate.exe

> Attachment: b2e.zip

> False positive.

Hello.

Sorry,this was a false detection

it will be fixed in the next updates

thank you for your help

-----------------

Virus Analyst, Kaspersky Lab.

Now if everyone ask u can show them this quote and refer to future virus database updates where b2e will be removed))

But there wef other antivirs got in list, also some got CLOSEAPP in in list.

UniBitComPatch v1.0 released Wed Mar 26, 08 11:04 AM

No problem, b2e its just 3rd party loader\launcher (that probably was also used by some trojanmakers to load trojans so thats why it was added in kaspersky 6 database) it keep all the other files unloaded to make them possible to replace during update and then deleting all the temporal files.

By the way u really should upgrade to kaspersky 7, its much better, have less false reports and enhanced analysis methods more heuristic and less byte signatures checking.

BTW i released v1.2 with "BitComet" user agent)) Feel free to test with all trackers u know)

Well not every suspect is actualy murderer, i mean that Antivirus that uses byte check signature, also possibly its catching technique i used (runing not exe but dll files which downloading file from intrnet) that usualy u can c in malware (actualy trojan downloaders works in same way), but anyway 70% of aniviruses i know catching programs that arent malware at all but have some similiarities.

Another reason possibly is packer and manualy edited signatures of that packer.

Anyway i can give u my word that its 100% false report (i rechecke myself with Kaspersky and Dr Web with maximum level of security and nothing suspicious was found) u can check online both files here http://www.kaspersky.com/scanforvirus

Updater consist from 4 main components, popup dll that shows ending message of success or failure, downloader dll that downloading Update.rar file from my site, unrar dll that unpacking update.rar, and sublauncher with joined closeapp.exe (console tool that termination UBCP process to overright patch if ut still runing .. i did that sublauncher for one purpose - to unload original GetUBCPupdate.exe so unrar module could be able to overrite both updater and patch. After u clicking ok on popup window that sublauncher unloading everything and cleaning temorary files.

Can u tell me more details on that? Whats was that antivirus and what was exacly that file in report and additional info?

UniBitComPatch v1.0 released Mon Mar 24, 08 01:35 PM

Well not every suspect is actualy murderer, i mean that Antivirus that uses byte check signature, also possibly its catching technique i used (runing not exe but dll files which downloading file from intrnet) that usualy u can c in malware (actualy trojan downloaders works in same way), but anyway 70% of aniviruses i know catching programs that arent malware at all but have some similiarities.

Another reason possibly is packer and manualy edited signatures of that packer.

Anyway i can give u my word that its 100% false report (i rechecke myself with Kaspersky and Dr Web with maximum level of security and nothing suspicious was found) u can check online both files here http://www.kaspersky.com/scanforvirus

Updater consist from 4 main components, popup dll that shows ending message of success or failure, downloader dll that downloading Update.rar file from my site, unrar dll that unpacking update.rar, and sublauncher with joined closeapp.exe (console tool that termination UBCP process to overright patch if ut still runing .. i did that sublauncher for one purpose - to unload original GetUBCPupdate.exe so unrar module could be able to overrite both updater and patch. After u clicking ok on popup window that sublauncher unloading everything and cleaning temorary files.

Can u tell me more details on that? Whats was that antivirus and what was exacly that file in report and additional info?

well after that i have idea to change user agent to just BitComet or Bitcomet with fake version number.... like Bitcomet/9.9 surely it will be not banned

its possible, i just did it in old school way, because as i know, no torrent trackers baning Bittorrent/3.4.2, when some rare baning user agent with Bitcomet string inside... another reason that patch works for every version and it would be odd if bitcomet 0.99 will have Bitcomet/1.0 user agent or 1.0 will have Bitcomet/0.97 in user agent))

Anyway it makes no sence to change it to Bitcomet/with version#, because user agent isnt used for identification of client)

XSTREM dont worry man!! update your guides on forums, there is no incompatibility with any tracker anymore)))

I released universal heuristic patch (it works with any version 9x-1.x and theoretical it will work with all future releases) it replacing BROWSER user agent with BitTorrent one (Mozilla/4.0 to Bittorent/3.4.2) and after that no more double loging, no more 403 errors, no mor ban of BitComet for "smartass tricks".

After all any version works like sharm!

its UniBitComPatch v1.0 - Universal Bitcomet Patch (user agent spoofer)

Just check thes links for additional information and spep by sped guide

http://torrents.ru/forum/viewtopic.php?t=729636 or

http://torrents.ru/forum/viewtopic.php?p=7778745#7778745

Its in russian so use google translator to read it (im currently translating this guide into english, will release normal translation in the end of this week or somewher during next one), there is also my guide how to unpack PeCompact protected executables.

Also u can directly grab a copy of patch from my site http://voodooman.gta-action.ru/

(its in english) but anyway read my guides with translator..

Btw u will be surprised when u will read information in About window ;)

once again sorry for repeating my post...))

BitComet 1.0 BETA released. Tue Mar 18, 08 06:24 PM

XSTREM dont worry man!! update your guides on forums, there is no incompatibility with any tracker anymore)))

I released universal heuristic patch (it works with any version 9x-1.x and theoretical it will work with all future releases) it replacing BROWSER user agent with BitTorrent one (Mozilla/4.0 to Bittorent/3.4.2) and after that no more double loging, no more 403 errors, no mor ban of BitComet for "smartass tricks".

After all any version works like sharm!

its UniBitComPatch v1.0 - Universal Bitcomet Patch (user agent spoofer)

Just check thes links for additional information and spep by sped guide

http://torrents.ru/forum/viewtopic.php?t=729636 or

http://torrents.ru/forum/viewtopic.php?p=7778745#7778745

Its in russian so use google translator to read it (im currently translating this guide into english, will release normal translation in the end of this week or somewher during next one), there is also my guide how to unpack PeCompact protected executables.

Also u can directly grab a copy of patch from my site http://voodooman.gta-action.ru/

(its in english) but anyway read my guides with translator..

Btw u will be surprised when u will read information in About window ;)

Sorry for spaming about that like 3 times))

1.00 Beta [20080311] Tue Mar 18, 08 06:21 PM

XSTREM dont worry man!! update your guides on forums, there is no incompatibility with any tracker anymore)))

I released universal heuristic patch (it works with any version 9x-1.x and theoretical it will work with all future releases) it replacing BROWSER user agent with BitTorrent one (Mozilla/4.0 to Bittorent/3.4.2) and after that no more double loging, no more 403 errors, no mor ban of BitComet for "smartass tricks".

After all any version works like sharm!

its UniBitComPatch v1.0 - Universal Bitcomet Patch (user agent spoofer)

Just check thes links for additional information and spep by sped guide

http://torrents.ru/forum/viewtopic.php?t=729636 or

http://torrents.ru/forum/viewtopic.php?p=7778745#7778745

Its in russian so use google translator to read it (im currently translating this guide into english, will release normal translation in the end of this week or somewher during next one), there is also my guide how to unpack PeCompact protected executables.

Also u can directly grab a copy of patch from my site http://voodooman.gta-action.ru/

(its in english) but anyway read my guides with translator..

Btw u will be surprised when u will read information in About window ;)

BitComet - TCP/IP Patches Tue Mar 18, 08 01:31 PM

To use latest Bitcomet with many private trackers u will need to patch Bitcomet.exe first!

U can find information about my fix here:

http://torrents.ru/forum/viewtopic.php?p=7778745#7778745

NO more authorization problems, no more 403\tracker respond error!!!

No more baned bitcomet, because of Browser user-agent!!!

Use all latest bitcomets with any private\public trackers!!!!

Get universal User-agent spoofer patch from link above, patch bitcomet.exe and use it with any version!!!

All instructions u can read at link above (its in russian use google translator)

Also u can directly get it from my site http://voodooman.gta-action.ru/ (its in english)

Hope it will help everyone to move on latest Bitcomet from antient "recomended" 0.70

BitComet - Help Tue Mar 18, 08 01:28 PM

[url]http://torrents.ru/forum/viewtopic.php?p=7778745#7778745[/url]

NO more authorization problems, no more 403\tracker respond error!!!

No more baned bitcomet, because of Browser user-agent!!!

Use all latest bitcomets with any private\public trackers!!!!

Get universal User-agent spoofer patch from link above, patch bitcomet.exe and use it with any version!!!

All instructions u can read at link above (its in russian use google translator)

Also u can directly get it from my site http://voodooman.gta-action.ru/ (its in english)