CREATE YOUR AI CUM SLUT ON CANDY.AI TRY FOR FREE
x

Collection Mod Unity Virt-A-Mate Mod Assets: Clothing,Environments,Objects,Scenes,Looks,ect.

5.00 star(s) 5 Votes
Status
Not open for further replies.

Yunjitzu

Member
Aug 24, 2020
171
765
Oh boy, i can see all of these milions meta errors for hairs.
Also question, since anon is a little picky atm on my side so i can't download it now, i wonder, did U packed scenes with Yours looks repacks, or resaved them as legacy\appearance presets?

this are just the Hairs.
But will test a bit more...
but tried it and looks like it works
 
Feb 11, 2020
19
154
There are multiple content creators in here. And it seems malicious code is gonna be unavoidable...
Vam_GS which doesnt seem to mind if we share his stuff, MK_47 is in here with what I imagine another name, and he does mind that we share.
I guess we gotta check the C# code before using a var...
 

tna20

Newbie
Jul 11, 2019
67
157
I used PowerGrep
If you want to use "File Locator Pro" from Mythicsoft use these settings:

You don't have permission to view the spoiler content. Log in or register now.

tl;dr Torrent and unofficial assets from discords do not seem to have a problem (yet)
but I do not have the full Torrent ("only" 281 GB)


You don't have permission to view the spoiler content. Log in or register now.


Pretty useless to have no plugins running but if you want to be save: disable plugins in the security tab of the preferences

You don't have permission to view the spoiler content. Log in or register now.


Because content creators may have talked and planned this, I have withdrawn my support for all of them (18$ in total) - you should do the same for a one or two months. It is like the Karen that says: "I will never buy here again" in a store that makes 10.000$ a day - but this is my statement.
 
Last edited:

Zlaito

Well-Known Member
Jun 23, 2020
1,404
428
Wow. Read all about that delete stuff. I searched "FileManagerSecure.DeleteFile(f)" from my downloaded file and got 2 of them. This is scary stuff. What a trolls.

Does that text only included in .cs files? Also how does it execute itself? It only activates when opened in game right?
 

3D_Adict

Newbie
Oct 18, 2020
39
74
tna20 ,Think your getting me mixed up with celine.dijonnaise ,who quoted "i use PowerGrep" ,but you made some interesting points .
i did what celine.dijonnaise said used dngrep and it did a great job at searching the var files.
Not found anything suspect .


Dankatron made a good point regarding bamair and gets you to wonder if some of the patreon creators sneak in under an alias name, enticing us with something like Danny6688 with the bamair1984 SS.var as bait
so is Danny6688 actually bamair doing this dirty shit? or maybe just some other annoyed creator using the bamair1984 SS .var file as a trap


i ended up deleting bamairs stuff anyway , the face textures ain't that great, hate when some creators can`t be arsed to clean up the mouth area and the eyelids , like when the character blinks and shows the textured eyelashes on the eyelids .
why they expect anyone to pay for their character looks is a joke , i'm going start cleaning up some of the Vam shit from my drive, give it space for something more worthy. i hope Hazard654 gets most of his stuff fixed and we get back to doing what this thread is about. but with more vigilance.
 
Last edited:
  • Like
Reactions: tna20

HumX

New Member
May 31, 2019
5
4
View attachment 989393

I found 47 using PowerGrep -.- Do they actually delete files, or is read-only preventing them from doing something? It's also possible I never used those scripts.

I found some in a127.cs UIAssist.cs and UIManager.cs I will check all files in the VAM folder, scripts are also in the SAVE/SCENE folder.
But first I make a Backup from my VAM Folder.
Some "FileManagerSecure.xxxxx" file are suspected.
Interesting, I found something about FileManagerSecure.DeleteFile here
https://f95zone.to/threads/virt-a-m...-scenes-looks-ect.34878/page-266#post-4931678


Thanks Omnigate
 

user330033

Newbie
Nov 3, 2020
24
12
You might want to look at the FileManagerSecure portion of the VAM API doc since it shows other ways things can get mangled. Food for thought.. Pretty ridiculous that a plugin can be made that can physically delete files from your system with no user interaction.

Google "Class FileManagerSecure" and its the only result.
I think it would be a good idea to keep a list of all confirmed infected var's, would make it easier to track who's been sharing this and maybe it will link us to the originator.

IMHO this is a pretty serious exploit for VAM in general. Who would have thought giving "content creator$" free reign to execute arbitrary code would be a bad idea?
 

Bfrop

Member
Dec 22, 2017
355
1,019
Now that the word about the exploit is going to spread, all the weight is going on meshedvr's shoulders.
He has to patch is shit asap.
His game is a fucking trojan horse.
I mean you don't necessarily have to be a disgruntled creator to fuck shit up, anyone could use this just for the lulz.
 
  • Like
Reactions: NakedSnakeCQC

dmoot

Newbie
Sep 28, 2020
15
112
Now that the word about the exploit is going to spread, all the weight is going on meshedvr's shoulders.
He has to patch is shit asap.
His game is a fucking trojan horse.
I doubt he'll do anything about it. There's already a warning when you enable plugins, and currently the only affected plugins are pirated ones.
 

Bfrop

Member
Dec 22, 2017
355
1,019
I doubt he'll do anything about it. There's already a warning when you enable plugins, and currently the only affected plugins are pirated ones.
B.but...it opens the doors to ransomware... Someone could lock your computer with this, is meshed retarded or something?
Can it runs bitcoin miners? Circumvent firewalls? This is some serious shit.
 
Last edited:

KingSmile

Newbie
Oct 21, 2020
18
37
Whoever did this has opened the Pandora's box. It would be a shame if the word was spread out on 4chan, reddit, hacker forums...
geez :ROFLMAO: it was just a matter of time till someone would bust some shit.. you can just deactivate plugins to stay safe and if you are too lazy to run a quick search.. plugins are mostly free anyway and can be downloaded from the hub and for the looks and scenes you dont need the var, you can also extract them.. tons of options here..
all hail hazard654 - the hero who literally gave everything to reveal this shit..
 

whymeazn

Newbie
May 3, 2017
88
359
I just got the same results with "dngrep"
and its free.

Install, click on options and scroll down to Archive Options. In the "Add" box put VAR and hit the save button.
Select the folder with your VARs, RARs and other archives that you downloaded from here. Next go to the "Search" section and select "Text" then search for FileManagerSecure.DeleteFile(f) and press "search".

This will show you all the files that contain files that call "FileManagerSecure.DeleteFile(f)" in them. Clean them by editing the JSON and delete the script or just delete them, up to you.

Hope this helps.

Great help, thanks for sharing this tool, didn't know about it!
Question, wouldn't it be better to search for "FileManagerSecure.DeleteFile(" instead? I'm not some crazy computer science guy, but I assume the "f" in the parenthesis is a variable. Future attackers will simply just change the name of the variable from "f" to something else (like x) right?
 
Dec 1, 2020
132
763
Great help, thanks for sharing this tool, didn't know about it!
Question, wouldn't it be better to search for "FileManagerSecure.DeleteFile(" instead? I'm not some crazy computer science guy, but I assume the "f" in the parenthesis is a variable. Future attackers will simply just change the name of the variable from "f" to something else (like x) right?
I don't know much about this also but that would make sense. Also searching for the "rd(" since rd stands for remove directory. There is no reason a script would need to evoke the rd command that I can think of.
 
  • Like
Reactions: whymeazn
Status
Not open for further replies.
5.00 star(s) 5 Votes