ficusulmic
Well-known Member
offline
Posts
63
Likes
795
Resources
26
Credits
20
LEVEL
5
1,060 XP
Hello NF users, This is Chapter 2, and today we are learning how to obtain every server, steal RAM, and do so much more. Remember, this is only educational, and it's just so
You guys can protect from it.
If you have not read Chapter 1, please do so; it will be much easier to understand.
Make sure to read the disclaimer left by Fatekid in the description, and let's get ready!
Dependency :
-----------------------------------------------------------------------------------------------
Pterodactyl Knowledge (High Priority)
Social eenginiering
Costom domain (optional)
Python (Optional)
TrafficerMC, or any other bot spammer
Portofolio (optional)
MCAngelNET (Optional)
----------------------------------------------------------------------------------------------
Now, note that obtaining 100% of a server's RAM is just a dream; most hosting companies have secure protocols and more. First, let's explain what our scope is. We need to obtain some server files and RAM. This only works on VPS, one that has other but not Windows, and is collecting 60% of the resources anyway. Now, read the tutorial on how to do it.
----------------------------------------------------------------------------------------------
MANUAL OPTION (EASY)
1: Getting the plugin ready; we already did that in chapter one; we just need an NullForums plugin and Ectasy to backdoor it. You can also use McAngelNET if you wish to; it's more complex and requires more Java knowledge.
Now that we have our plugin backdoored, we can do the same old trick I taught you in the previous chapter and make them drag and drop the backdoor. This time, you need to log into the server, and you will be able to stop the console, disable commands, and pretty much make your server your own. But here is the important part, and it's kind of tricky, so you need to pay close attention to this one.
It's optional to have a portfolio, but if you also have a domain, this will give you 40% more trust and a professional look.
After you do that to the Minecraft server using an older Discord account and the Opera GX Infinite Nitro, create an account and join their server.
Here are some options for what you can say.
1. Hello there, I am from the Spigot security team. We detected a malicious behavior on the server. "Server name" is me, Fakename. I am here to solve this issue as
This is a dangerous plugin that is being distributed in mass amounts.
2. Damn, I just wanted to join the server because mine is in the re-meintanance process because it had the same error as you. Good luck! I found someone who gave me
a plugin to repair everything.
Do as you wish. At the end, you just need to get the information necessary to connect the VPS to the petrodyacil panel, create a secondary server, and select unlimited memory. This will consume the server you just stole RAM from.
AUTOMATIC WAY (HARD)
Ready to make the most dangerous backdoor and spread it?
1. Get the backdoor plugin.
2. Set up fewer stealers.
Once LessStealer is set up, use your main account or create a professional one that looks like you are a plugin or game developer. If you have a domain, that's better.
get them to a fake game download page, and tell them you will be waiting on Lobby 3 or something like that. Whether it's a game or a launcher, just say what you want.
The main scope is to get the user to run the. EXE, once that is done slowly, his discord will be locked and every single piece of information will leak through your webhook without
the antivirus, even seeing it coming, remember to put a password on the
3. You will now have the following things:
You guys can protect from it.
If you have not read Chapter 1, please do so; it will be much easier to understand.
Make sure to read the disclaimer left by Fatekid in the description, and let's get ready!
Dependency :
-----------------------------------------------------------------------------------------------
Pterodactyl Knowledge (High Priority)
Social eenginiering
Costom domain (optional)
Python (Optional)
TrafficerMC, or any other bot spammer
Portofolio (optional)
MCAngelNET (Optional)
Bby Stealer
----------------------------------------------------------------------------------------------
Now, note that obtaining 100% of a server's RAM is just a dream; most hosting companies have secure protocols and more. First, let's explain what our scope is. We need to obtain some server files and RAM. This only works on VPS, one that has other but not Windows, and is collecting 60% of the resources anyway. Now, read the tutorial on how to do it.
----------------------------------------------------------------------------------------------
MANUAL OPTION (EASY)
1: Getting the plugin ready; we already did that in chapter one; we just need an NullForums plugin and Ectasy to backdoor it. You can also use McAngelNET if you wish to; it's more complex and requires more Java knowledge.
Now that we have our plugin backdoored, we can do the same old trick I taught you in the previous chapter and make them drag and drop the backdoor. This time, you need to log into the server, and you will be able to stop the console, disable commands, and pretty much make your server your own. But here is the important part, and it's kind of tricky, so you need to pay close attention to this one.
It's optional to have a portfolio, but if you also have a domain, this will give you 40% more trust and a professional look.
After you do that to the Minecraft server using an older Discord account and the Opera GX Infinite Nitro, create an account and join their server.
Here are some options for what you can say.
1. Hello there, I am from the Spigot security team. We detected a malicious behavior on the server. "Server name" is me, Fakename. I am here to solve this issue as
This is a dangerous plugin that is being distributed in mass amounts.
2. Damn, I just wanted to join the server because mine is in the re-meintanance process because it had the same error as you. Good luck! I found someone who gave me
a plugin to repair everything.
Do as you wish. At the end, you just need to get the information necessary to connect the VPS to the petrodyacil panel, create a secondary server, and select unlimited memory. This will consume the server you just stole RAM from.
AUTOMATIC WAY (HARD)
Ready to make the most dangerous backdoor and spread it?
1. Get the backdoor plugin.
2. Set up fewer stealers.
Once LessStealer is set up, use your main account or create a professional one that looks like you are a plugin or game developer. If you have a domain, that's better.
get them to a fake game download page, and tell them you will be waiting on Lobby 3 or something like that. Whether it's a game or a launcher, just say what you want.
The main scope is to get the user to run the. EXE, once that is done slowly, his discord will be locked and every single piece of information will leak through your webhook without
the antivirus, even seeing it coming, remember to put a password on the
3. You will now have the following things:
- Password Grabberextractss passwords from all browsers into a single file.
- Cookiee Grabbersortss each browser and profile into separate files (Auto Cookie Parser for each browser)(Alllbrowserse zip cookies.zip)
- Discord TokenStealer:- Retrieves Discord tokens.
- AutoFillStealer:- Gathers autofill data from all browsers into a single file.
- Information: Provides brief device and internet connection details, including country IP.
- Telegram session stealer
- Crypto & WalletStealer:- Supports 62 of the most popular crypto wallets.
- FTP stealer (FileZilla)
- Spotify Session Stealerand Validator:- Steal and validate Spotify sessions.
- Tiktok Session Stealer &Validator:- Steal and validate Tiktok sessions.
- Instagram Session Stealer &Validator:- Steal and validate Instagram sessions.
- Reddit Session Stealer &Validator:- Steal and validate Reddit sessions.
- Roblox Session Stealerand& Validato
Our main focus is on the TikTok, Reddit, Discord, and Telegram sessions and accounts; this way, we can create an automatic bot in Python.
to create an account for us using a costom domain, for more info: https://github.com/hendrikbgr/YandexMail-Account-Creator
Now that we have emails and accounts, we can create a fake plugin. It can be something to bait, and you can also buy a spam email.
Python full automation: if this is not enough and you don't want to connect to every victim by yourself, create a Python program that will get the data with an API, read it, and use it in the correct fields.
Additionally, you can use TikTok or Twitter's automatic comment to tag tags like #plugins or #minecraft and talk about your plugin or game. The more people download it, the more infected it is, meaning that
You got more passwords to use, and you collected the RAM from everybody using Petro and some automation tools.
But Enthy, you are not clear; you are not telling me everything to do!
Yes, because this is not an how to illegally obtain things tutorial. This is educational content so you can see the pov of an attacker. You now understand exactly what scammers do to obtain things from you. It's an alert for you to not drag and drop things randomly. As this is the end, let's talk about protection.
Discord anti-scam
Article about how this tactic works, what it targets, and how to protect
VPS Protection
Don't trust impersonators; Spigot staff will probably never directly contact you and will not ask for information.
As always, don't download plugins you see randomly, and if you do, remember to always backup and use things like MySQL to protect your progress.
Remember, stay strong, be prudent, and check the damn plugins!
Pss, fatekid is working on an anti-backdoor discord bot on the Nullforums server. Don't forget to join: discord.gg/nullforums