Jump to content
UBot Underground

Recommended Posts

I know i have promised several times to help the community escape the antivirus alerts on ubots and i have been working closely with other developers from SmartPackerX to help wrap ubots and allow safe code signing.
 
 
As some of you know, at the moment of writing this post it is not possible to digitally sign ubot studio apps and the problem is caused by the ubot structure and that is kinda boring to explain in details but i'm sure that out of curiosity you will most likely try to do it at some point in the future and notice that your bot won't work anymore.
The reason is that the code signing certificate will rewrite some parts of the bot making it un-usable.
 
 
1st. thing you will need is a Code Signing Certificate :
 
- StartSSL : $60 for 2 years (depending on your location it takes around two weeks to receive a letter with a confirmation code)
 
- LeaderSSL : don't personally work with them but i know the process takes less time 
 
- GoDaddy : a little more expensive but they are fast into issuing the certificate
 
 
2nd. you will need one of the bellow virtual environments to wrap your bots :
 
- Smart Packer ProX (included with 50% discount in UBotter Labs)
 
$100 and i personally love it because of the protection it offers and is lightning fast with encryption support. Before posting here i have contacted the developer and received a coupon for Smart Packer Pro X 20%: UBOT16OFF20
  

 
** you will not be able to use UbotLocker inside a virtual environment.
 
 
3rd. after you have the certificate ready and installed on your developer machine you can either use Visual Studio SDK or just download the DigiCert Utility Tool or StartSSL.com Tool to sign your bots.
 
 
 
Hope it helps my UBuddies :D

  • Like 6
  • Thanks 1
Link to post
Share on other sites

Nice post...

 

Have been thinking of code signing for over 2yrs now....

 

Have been wanting to try for over 1 yr....

 

I personally dont have many AV problems with my bots and software tools...

 

Now can see its working I will get on it :)

 

I personally use NSIS which is free, and once I have setup codesigning I will make a detailed post sharing how I do it :)

 

 

Glad to read this post macster, and sure others will find this very useful...

 

And your all in one license solution looks great for those who want to jump on it without any headaches running their own licensing server!

 

KUDOS to Macster :)

Link to post
Share on other sites

Nice post...

 

Have been thinking of code signing for over 2yrs now....

 

Have been wanting to try for over 1 yr....

 

I personally dont have many AV problems with my bots and software tools...

 

Now can see its working I will get on it :)

 

I personally use NSIS which is free, and once I have setup codesigning I will make a detailed post sharing how I do it :)

 

KUDOS to Macster :)

 

You should think seriously into signing your bots for the future and no need to learn the hard way as you can simply use DigiCERT to sign pretty much any application including NSIS.

 

 

Glad to read this post macster, and sure others will find this very useful...

 

And your all in one license solution looks great for those who want to jump on it without any headaches running their own licensing server!

 

KUDOS to Macster :)

 

Glad you like it.

All MOD users will soon receive access to custom UBotter Labs plan, and also all future MOD users will also receive free access to UBotter Labs.

 

Also, the mod will soon be upgraded and connected to your UBotter account so you can use them both in parallel.

Link to post
Share on other sites

I have some great news buds :)

 

Very soon SmartPacker Pro will be included inside UBotter Labs Silver, Gold and Platinum yearly plans :)

 

* all UBotter Labs members who have any of the above yearly plans will receive SmartPacker Pro for FREE as soon as it will be integrated inside the system.

Link to post
Share on other sites

Great news uBuddies :)

 

UBotter Labs joined forces with SmartPacker Solutions and we are now offering both SmartPacker Pro versions totally for FREE inside the UBotter Labs yearly plans :)

 

If you already have SmartPacker Pro and also want to join UBotter Labs we will discount 50% of whatever it is you paid for your SmartPacker software.

 

Check the website https://www.ubotter.com or contact me for more information :)

Link to post
Share on other sites

 

 

** you will not be able to use UbotLocker inside a virtual environment.

 

Are you saying that with both of these companies (Smart Packer and BoxedApp) anything we package will not be able to be used with Meters license system? 

Link to post
Share on other sites

Are you saying that with both of these companies (Smart Packer and BoxedApp) anything we package will not be able to be used with Meters license system? 

 

 

Currently it is not possible to safely wrap the locker.dll inside the virtual environment as it needs to read machine data (HWID) that in some cases and depending on the machine where it runs, the packer won't be able to read that and your bot does not open. 

I know that the SmartPacker team works to implement code signing capabilities into their software directly, plus easier integration for both ubot source files and ubotlocker.

 

On a side note, if you already have the UNLEASHED MOD for ubotlocker and any of the above packers, you don't really need to use the ubotlocker once your bot is signed. Off course other security checks and measures need to be taken since you will have to build your own validation popup using any type of dialog plugin/window as it is explained into the mod documentation. (simple process)

Link to post
Share on other sites
  • 11 months later...

As I'm new to the whole UBot Studio - World, I need some help. 

Do I understand it correctly, that it is not possible to develop bots with UBot Studio that don't trigger false positive - alerts? 

 

I just tried to do a simple "alert('hello')", compiled it and ran into Avast telling me about Win32:Malware-gen. I don't have any 3rd-party plugins in use and still it appears.

That's a big issue, isn't it? I mean, how shall we use UBot Studio to develop nice bots when facing issues like virus and malware warnings at customers computers. That's actually harming trust a lot in our software. I wouldn't buy software that causes these alerts myself... 

 

Helping me out with a short introduction would be awesome. 

 

Regards,

Chris

Link to post
Share on other sites

As I'm new to the whole UBot Studio - World, I need some help. 

 

Do I understand it correctly, that it is not possible to develop bots with UBot Studio that don't trigger false positive - alerts? 

Not entirely true and it also depends on the combination of plugins used. However don't believe those Avast or AVG crap engines as i use Bitdefender and is not always bugging me with false positives like i seen to everyone who uses free commercial engines. Nowadays Microsoft itself is flagging almost all apps that are not signed and trusted.

  • Like 1
Link to post
Share on other sites

...  it also depends on the combination of plugins used ...

 

Well, like I said, I haven't used any plugins with UBot Studio and it got flagged althought the bot didn't even connect to the internet or have anything that could be "suspicious". It was just a simple alert. 

 

I wouldn't mind for myself and just ignore the warnings (whitelist the specific Bot-Folder) but it's sort of difficult to explain this to customers buying the software. It doesn't benefit the relationship with them asking them to ignore malware- or virus-warnings.

Link to post
Share on other sites

Well, like I said, I haven't used any plugins with UBot Studio and it got flagged althought the bot didn't even connect to the internet or have anything that could be "suspicious". It was just a simple alert. 

 

I wouldn't mind for myself and just ignore the warnings (whitelist the specific Bot-Folder) but it's sort of difficult to explain this to customers buying the software. It doesn't benefit the relationship with them asking them to ignore malware- or virus-warnings.

Well considering that you offer to your clients "bots" that are not like "ordinary" software applications it is not very dificult to explain that in some cases they need to whitelist the software and you can offer them a link to a virustotal.com scan of your software showing different reports.

 

Overall, for this reasons i have posted this tutorial to help avoid major issues by signing your software and increasing trust with customers.

  • Like 1
Link to post
Share on other sites
  • 1 year later...

Is this still up2date in times of free SSL services for websites?

StartSSL now takes $400 per year..  :blink:

 

1. SSL cannot be used to sign software app.

2. Code_Signing does help to stop OS showing alerts or blocking the bot to run, but unfortunately it does NOT avoid AV alerts

Link to post
Share on other sites
  • 2 weeks later...
  • 5 months later...
  • 1 year later...

Go to the "Start" menu and select "Control Panel.

 

Double click the "Security Center" icon and click "Change the way Security Center alerts me" link under Resources in the "Security Center" window. Uncheck the options you don't want to get the alerts for in the "Alert Settings" window and click OK.

Link to post
Share on other sites
  • 1 year later...

This continues to be an issue not just with Ubot but custom-built software in general. When I create C# or Python packages often they can get flagged by Anti-virus if not packaged and signed. With more organizations taking blacklisting and whitelisting approaches to software this is bound more to happen. A good way to bypass this may be to use Ubot to support more SaaS based operations and data management behind the scenes, but that may not be ideal for everyone's use case, because it is not running directly on a customer's computer.

Link to post
Share on other sites
  • 9 months later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...