Comments on: CardBoosterShop Bot (CBSBot) for Magic Online (mtgo) has an account-stealing backdoor! http://blog.nerdbucket.com/cardboostershop-bot-cbsbot-for-magic-online-mtgo-has-an-account-stealing-backdoor/article How can a crappy site with boring games waste more space? Sun, 18 Jul 2010 22:32:54 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Nerdmaster http://blog.nerdbucket.com/cardboostershop-bot-cbsbot-for-magic-online-mtgo-has-an-account-stealing-backdoor/article/comment-page-1#comment-4420 Nerdmaster Fri, 13 Feb 2009 19:57:00 +0000 http://blog.nerdbucket.com/?p=82#comment-4420 <p>I'm betting somebody could do this pretty easily with a small amount of research.</p> <p>However, that will no longer allow one to run the bot - it now stores all data remotely, so if you don't allow it to contact the CBS site, you effectively have no bot. I keep meaning to write a "mock" site so that a little hackery (/etc/hosts kind of thing, but for windows) could allow me to run a "safe" bot, but the work involved just isn't worth it....</p> <p>And that's not even the full problem - it could be that the software <strong>still</strong> has password-stealing mechanisms where the author types in a special command and your bot spits out the password in a trade window. I don't know if this is the case, but it's not something I can rule out easily these days.</p> I’m betting somebody could do this pretty easily with a small amount of research.

However, that will no longer allow one to run the bot – it now stores all data remotely, so if you don’t allow it to contact the CBS site, you effectively have no bot. I keep meaning to write a “mock” site so that a little hackery (/etc/hosts kind of thing, but for windows) could allow me to run a “safe” bot, but the work involved just isn’t worth it….

And that’s not even the full problem – it could be that the software still has password-stealing mechanisms where the author types in a special command and your bot spits out the password in a trade window. I don’t know if this is the case, but it’s not something I can rule out easily these days.

]]> By: Marius http://blog.nerdbucket.com/cardboostershop-bot-cbsbot-for-magic-online-mtgo-has-an-account-stealing-backdoor/article/comment-page-1#comment-4192 Marius Thu, 05 Feb 2009 04:35:18 +0000 http://blog.nerdbucket.com/?p=82#comment-4192 <p>Ok im not an expert in any field of some sorts, but i was reading this and it got me thinking isnt it possible to run a program that blocks ALL internett connections except from the required to wizards, i bet they have spesific adresses like login.mtgo.wizards1.com for example and such? and just block everything apart from the ones your really need?</p> Ok im not an expert in any field of some sorts, but i was reading this and it got me thinking isnt it possible to run a program that blocks ALL internett connections except from the required to wizards, i bet they have spesific adresses like login.mtgo.wizards1.com for example and such? and just block everything apart from the ones your really need?

]]> By: Richaal http://blog.nerdbucket.com/cardboostershop-bot-cbsbot-for-magic-online-mtgo-has-an-account-stealing-backdoor/article/comment-page-1#comment-2514 Richaal Tue, 09 Dec 2008 00:36:12 +0000 http://blog.nerdbucket.com/?p=82#comment-2514 <p>Hi, wow i started playing today since mtgo v2 and i see this whole mess with cbs. I remember the good old yatbot that used to be good. I was gonna use cbs but i think i wont know. Im gonna start developing a yatbot like bot that trades cards for cards and cards for tix ive done bots for mmorpgs and for mtgo v2 so im expecting a beta version 2 months from now well xmas is near so maybe earlier lets see if i can get most of the job done during these vacations. I warn you guys its gonna be a basic bot, dont expect anything better than trading cards for cards or tix untill 2-4months after the realease of the basic bot. Only issue is you might need a dual-core quad-core to run more than one bot.</p> Hi, wow i started playing today since mtgo v2 and i see this whole mess with cbs. I remember the good old yatbot that used to be good. I was gonna use cbs but i think i wont know. Im gonna start developing a yatbot like bot that trades cards for cards and cards for tix ive done bots for mmorpgs and for mtgo v2 so im expecting a beta version 2 months from now well xmas is near so maybe earlier lets see if i can get most of the job done during these vacations. I warn you guys its gonna be a basic bot, dont expect anything better than trading cards for cards or tix untill 2-4months after the realease of the basic bot. Only issue is you might need a dual-core quad-core to run more than one bot.

]]> By: Nerdmaster http://blog.nerdbucket.com/cardboostershop-bot-cbsbot-for-magic-online-mtgo-has-an-account-stealing-backdoor/article/comment-page-1#comment-2166 Nerdmaster Mon, 01 Dec 2008 07:05:37 +0000 http://blog.nerdbucket.com/?p=82#comment-2166 <p>Yeah, I had some other tips, but it appears the latest obfuscator is just insane, so none of my contacts has had much luck really checking out the latest bot.</p> <p>I continue to be botless, but better that than having my computer compromised, I suppose.</p> Yeah, I had some other tips, but it appears the latest obfuscator is just insane, so none of my contacts has had much luck really checking out the latest bot.

I continue to be botless, but better that than having my computer compromised, I suppose.

]]> By: Formerbotuser http://blog.nerdbucket.com/cardboostershop-bot-cbsbot-for-magic-online-mtgo-has-an-account-stealing-backdoor/article/comment-page-1#comment-1670 Formerbotuser Thu, 20 Nov 2008 17:50:54 +0000 http://blog.nerdbucket.com/?p=82#comment-1670 <p>Hi, After the problems posted on the gleemax forum about this bot i went looking into Reverse Engineering the bot cause i want to know what the maker was able to see (paypal pass maybe?!?!). But since i'm not exactly a computer genius it didnt work out for me although i found a program that should give you the opportunity to take a look into the code (coded with autoIt3 i believe). On this forum: http://defcon5.biz/phpBB3/viewtopic.php?f=5&t=234&st=0&sk=t&sd=a&start=50 you can read about how to get the code.. It doesnt seem to work for me atm, but ill try to contact the programmer of myAut2Exe if he could help me out here..</p> <p>Ill keep you posted...</p> Hi, After the problems posted on the gleemax forum about this bot i went looking into Reverse Engineering the bot cause i want to know what the maker was able to see (paypal pass maybe?!?!). But since i’m not exactly a computer genius it didnt work out for me although i found a program that should give you the opportunity to take a look into the code (coded with autoIt3 i believe). On this forum: http://defcon5.biz/phpBB3/viewtopic.php?f=5&t=234&st=0&sk=t&sd=a&start=50 you can read about how to get the code.. It doesnt seem to work for me atm, but ill try to contact the programmer of myAut2Exe if he could help me out here..

Ill keep you posted…

]]> By: Nerdmaster http://blog.nerdbucket.com/cardboostershop-bot-cbsbot-for-magic-online-mtgo-has-an-account-stealing-backdoor/article/comment-page-1#comment-1201 Nerdmaster Wed, 29 Oct 2008 03:17:08 +0000 http://blog.nerdbucket.com/?p=82#comment-1201 <p>No idea.... I've found one that actually looks like the ripped-off version of CBS the author was talking about. So if anybody finds a legit bot out there, I'd LOVE to hear about it!</p> No idea…. I’ve found one that actually looks like the ripped-off version of CBS the author was talking about. So if anybody finds a legit bot out there, I’d LOVE to hear about it!

]]> By: botwanted http://blog.nerdbucket.com/cardboostershop-bot-cbsbot-for-magic-online-mtgo-has-an-account-stealing-backdoor/article/comment-page-1#comment-1151 botwanted Sat, 25 Oct 2008 07:16:04 +0000 http://blog.nerdbucket.com/?p=82#comment-1151 <p>what's a safe bot to use?</p> what’s a safe bot to use?

]]> By: Newbunkle http://blog.nerdbucket.com/cardboostershop-bot-cbsbot-for-magic-online-mtgo-has-an-account-stealing-backdoor/article/comment-page-1#comment-1017 Newbunkle Tue, 14 Oct 2008 15:38:21 +0000 http://blog.nerdbucket.com/?p=82#comment-1017 <p>As I posted over on the Magic forums, this is both terrifying and awesome. I haven't been so interested in a scandal like this since Limbo of the Lost. You're a genius for figuring this out, well done.</p> As I posted over on the Magic forums, this is both terrifying and awesome. I haven’t been so interested in a scandal like this since Limbo of the Lost. You’re a genius for figuring this out, well done.

]]> By: Nerdmaster http://blog.nerdbucket.com/cardboostershop-bot-cbsbot-for-magic-online-mtgo-has-an-account-stealing-backdoor/article/comment-page-1#comment-995 Nerdmaster Sun, 12 Oct 2008 20:05:20 +0000 http://blog.nerdbucket.com/?p=82#comment-995 <p>Andrew, rasguy, I actually considered that at first, but after some investigating, that string is exactly the same no matter what user or password you type into the bot. I can't figure out why the author did that, other than perhaps to claim that it's always been like that or something. Or maybe to confuse me into trying to decrypt it.</p> Andrew, rasguy, I actually considered that at first, but after some investigating, that string is exactly the same no matter what user or password you type into the bot. I can’t figure out why the author did that, other than perhaps to claim that it’s always been like that or something. Or maybe to confuse me into trying to decrypt it.

]]> By: rasguy http://blog.nerdbucket.com/cardboostershop-bot-cbsbot-for-magic-online-mtgo-has-an-account-stealing-backdoor/article/comment-page-1#comment-991 rasguy Sun, 12 Oct 2008 14:01:45 +0000 http://blog.nerdbucket.com/?p=82#comment-991 <p>I don't think that is a dummy string. I believe it's the same information encrypted.</p> I don’t think that is a dummy string. I believe it’s the same information encrypted.

]]>