GitHub - massgravel/Microsoft-Activation-Scripts: Open-source Windows and Office activator featuring HWID, Ohook, TSforge, KMS38, and Online KMS activation methods, along with advanced troubleshooting.
github.com
Open-source Windows and Office activator featuring HWID, Ohook, TSforge, KMS38, and Online KMS activation methods, along with advanced troubleshooting. - massgravel/Microsoft-Activation-Scripts

There is a potential BYTECODE virus in the “OPEN SOURCE” Microsoft products MAASGRAVE activator. Here is how the virus is hidden and created AT RUN TIME!

https://github.com/massgravel/Microsoft-Activation-Scripts

I ran the MASSGRAVE “open source” activator on a virtual machine using VMware Workstation. The “open source” code actually also contains “BYTECODE” sections. WHEN YOU RUN THE “HARMLESS LOOKING open source” script, IT basically constructs several virus exe files during runtime FROM THE BYTECODE SECTION !!

TSforge_Activation.exe" TSforgeCLI.exe LibTSforge.dll

These exe files are what does the activation. It also installs backdoors, and potential malware !!

Can some other developer verify this on a virtual machine?

Please spread this message to more advanced Software engineers who understand “BYTECODE” HIDING and exe construction IN OPENSOURCE SCRIPTS AND HAVE THEM TAKE A LOOK AT IT! Also the first method makes you trust a their website! You don’t know what you are downloading from them!

I tried to post this Redit, but Redit is blocking this!

spoiler
  • DesolateMood@lemmy.zipEnglish
    0·
    10 days ago

    The IRM command in PowerShell downloads a script from a specified URL, and the IEX command executes it.

    Always double-check the URL before executing the command and verify the source if manually downloading files.

    Be cautious, as some spread malware disguised as MAS by using different URLs in the IRM command

    Are you positive that you downloaded the correct files?