Jump to content
[Please Read] Have problems logging in? Check here how to fix
[Please Vote] What financial markets do you trade now?

Does anybody have this system http://*eministrategies*.com/*momentum-strategy*/

tradernate

By tradernate
in Ninja Trader 7

 Share

Recommended Posts

joe11 Newbie

joe11

Posted
Posted
this web request is from the above source code, google says URL in plain text is:http://ninjatrader.dyndns.info/adc4da2c4faf8fbdee50d5515aed38f5/8928b845a0f1bcde32460d2d594a2a50.php

this php now redirects to NT support page but its original content is unknown. it could be a receiver before. its IP is 37.113.137.7 from russia.

this suspicious patched version dll

 

Oh Jeez, this hack harvests NT license and other info from our computer and ships it somewhere so I suppose later a remote bot master can control and use our computers! Thank you minch for detecting this and I hope the moderators here take a note. It looks like all educated dll posts by moranna has this *bad* code piggybacked. Let's watch for future posts by moranna, but then again moranna can impose as another new user! So we have to be careful with dll files. cs files are definitely better because we can review/read it before loading. Be safe. Open source rules!

Link to comment
Share on other sites
joe11 Newbie

joe11

Posted
Posted
Thanks Joe11 for your explanation. BTW how we check this "piggyback" (malicious inside) code ? Do you know any software or right application for detected it?

 

Hi laser1000it, thanks.

Our esteemed educators here are in a better position to answer this question. I am not a c# programmer, but I can read the code to see obvious items like changing directory, looking for potentially unnecessary files (for the indi to work), etc. Even in this example, I am not able to decode where the info is sent (out to the Internet!). That part is obfuscated/encoded. A programmer can understand/decode it better. In short, it is not easy for a non-programmer to check this, especially in dll. So the source code (cs file) is safer than dll. Some educated dll like this example was actually converted to source code first, but then it was padded with bad code, and re-compiled into dll (to hide the bad code!), ie, this not a *normal* education! If we are able to get the cs out of a dll, then I would just stop the education process there and not recompile it into dll again. On the other hand, if we can't get the cs file out of a dll and we are trying to remove the license check, I think that is when we have a "patched" dll, that removes the procedures of license checking but not converted to a cs file. That is my understanding. The programmers here may correct me if I am all wet with this logic :-) Otherwise hope this makes sense...

Link to comment
Share on other sites
yamantaka Newbie

yamantaka

Posted
Posted
Hi laser1000it, thanks.

Our esteemed educators here are in a better position to answer this question. I am not a c# programmer, but I can read the code to see obvious items like changing directory, looking for potentially unnecessary files (for the indi to work), etc. Even in this example, I am not able to decode where the info is sent (out to the Internet!). That part is obfuscated/encoded. A programmer can understand/decode it better. In short, it is not easy for a non-programmer to check this, especially in dll. So the source code (cs file) is safer than dll. Some educated dll like this example was actually converted to source code first, but then it was padded with bad code, and re-compiled into dll (to hide the bad code!), ie, this not a *normal* education! If we are able to get the cs out of a dll, then I would just stop the education process there and not recompile it into dll again. On the other hand, if we can't get the cs file out of a dll and we are trying to remove the license check, I think that is when we have a "patched" dll, that removes the procedures of license checking but not converted to a cs file. That is my understanding. The programmers here may correct me if I am all wet with this logic :-) Otherwise hope this makes sense...

 

I suggest the powers that be at II consider allowing links ONLY to .cs files; to prevent some knucklehead from harming our machines and stealing our identities.

Link to comment
Share on other sites
  • 4 weeks later...
  • 1 month later...
  • 8 months later...
  • 1 year later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing


About us

Indo-Investasi.com, is since 2008, one of the prime online destinations for information and discussion about forex trading, and online investments.

Share your experiences, find tools and learning materials, seek help, and make friends. More About us.

Indo-Investasi Community

Important Pages

Financial Disclaimer: Trading FOREX on margin carries a high level of risk, and may not be suitable for everyone. Past performance is not a guarantee of future results. The high degree of leverage can work against you as well as for you. Before deciding to invest in foreign exchange you should carefully consider your investment objectives, level of experience, and risk appetite. The possibility exists that you could sustain a loss of some or all of your initial investment and therefore you should not invest money that you cannot afford to lose. Please see our Terms & Conditions for more information.
×
×
  • Create New...