Modifies the hosts file in order to block sites hosting Kant's rat

Overview

HostsMod

Description

In the Minecraft cheating community, it's not uncommon for clients or client cracks/leaks to be malware. The most famous example of this would be the Autumn client "crack", released by Kant. This application attempts to blacklist known hosts of Kant's malware, in order to prevent someone from accidentally getting themselves ratted.

I've also decided to include common IP logger links.

Domains

mvncentral.net
vladvilcu2006.tech
verble.software
jonathanhardwick.me
etc.catering
batonrogue.tech
grabify.link
bmwforum.co
leancoding.co
spottyfly.com
stopify.co
yoütu.be
discörd.com
minecräft.com
freegiftcards.co
disçordapp.com
särahah.eu
särahah.pl
xda-developers.us
quickmessage.us
fortnight.space
fortnitechat.site
youshouldclick.us
joinmy.site
crabrave.pw
lovebird.guru
trulove.guru
dateing.club
otherhalf.life
shrekis.life
datasig.io
datauth.io
headshot.monster
gaming-at-my.best
progaming.monster
yourmy.monster
screenshare.host
imageshare.best
screenshot.best
gamingfun.me
catsnthing.com
mypic.icu
catsnthings.fun
curiouscat.club
gyazo.nl

Important

One of the domains, "mvncentral.net" is disguised as Maven Central, which is not a malicious site, however "mvncentral.net" is.

Many of the domains may appear to be suspended. This is due to the fact that Kant, the purchaser of the domains and person who spread the malware this program attempts to block, purchased these domains fraudulently. Though they are suspended, I have decided to include them anyways.

Usage

Run as administrator

Comments
  • Still not working?

    Still not working?

    Everything seems normal with the hosts file after modification, however after running netstat i still have multiple connections from mvncentral.net on my computer.

    Btw, a factory reset did nothing.

    Please help because i dont want to be doxxed. I already ran a scan with malwarebytes, windows defender and adwcleaner.

    I'm sorry for spamming the issues, but this really is an issue.

    opened by ghost 6
  • Issue with blocking websites.

    Issue with blocking websites.

    After running hostsmod, I visit a malicious link, and it doesn't get blocked. Does this only take effect after a reboot?

    Also, do you know where the location of the RAT is from mvncentral.net? I downloaded the Remix "crack" and I need to remove it rq.

    opened by ghost 5
  • How to remove kant + Make less

    How to remove kant + Make less "fear" when checking if infected

    Hi, i'm body, recently i got infected by kant/eviate rat a new version that is somehow good?

    So, how to remove it ?

    You will need a usb key and if you want to save your data, you will need an external usb drive

    -> Reset your router -> Get another pc that isn't infected -> Use windows media creation tool to create a bootable usb -> Reset your pc with that usb key

    If you have saved your data -> Delete all exe files, they may have been infected, we don't know.

    Once you are back on windows, run HostsMod for never getting ratted again. I hope for you that everything went well

    If you want to know if you are infected ? Run netstat, if you see mvncentral.net a bunch of times you are infected. Myself being infected and mvncentral.net blocked, i thought i was protected but nah. This doesn't actually stops if you are already infected but prevents to be infected.

    To see if you are infected you can also download process hacker and go in network tab, search for anything where remote address is mvncentral.net.

    If you see like svchost in local address the well know domain mvncentral.net It's because, in your hosts file the domain mvncentral.net is the first one, it redirect that domain to localhost. This means that process hacker will replace 127.0.0.1 to mvncentral.net in the network tab.

    So my suggestion, add as blocked domain BEFORE mvncentral.net : 127.0.0.1, localhost get redirected to localhost which is the same so nothing will happen except that it process hacker it will show that.

    Cheers, body, hope u got some reading xd

    opened by Body-Alhoha 3
  • Hosts file for archlinux users

    Hosts file for archlinux users

    Disclaimer:This maybe dont work on the following arch linux based distros: Garudalinux,Arcolinux,Manjaro Please respect my work i made this url list with a gnu nano editor (very hard) How to apply this?

    1. Copy the code i placed down to /etc/hosts folder/file
    2. Save it (You NEED sudo to do this)
    3. Restart your pc or broswer or log out and log back
    4. Done

    Static table lookup for hostnames.

    See hosts(5) for details.

    127.0.0.1 mvncentral.net 127.0.0.1 vladvilcu2006.tech 127.0.0.1 verble.software 127.0.0.1 jonathanhardwick.me 127.0.0.1 etc.catering 127.0.0.1 tlrepo.cc 127.0.0.1 khonsarifamily.tech 127.0.0.1 batonrogue.tech 127.0.0.1 verbleisover.party 127.0.0.1 grabify.link 127.0.0.1 bmwforum.co 127.0.0.1 leancoding.co 127.0.0.1 spottyfly.com 127.0.0.1 stopify.co 127.0.0.1 yoütu.be 127.0.0.1 discörd.com 127.0.0.1 minecräft.com 127.0.0.1 freegiftcards.co 127.0.0.1 disçordapp.com 127.0.0.1 särahah.eu 127.0.0.1 särahah.pl 127.0.0.1 xda-developers.us 127.0.0.1 quickmessage.us 127.0.0.1 fortnight.space 127.0.0.1 fortnitechat.site 127.0.0.1 youshouldclick.us 127.0.0.1 joinmy.site 127.0.0.1 crabrave.pw 127.0.0.1 lovebird.guru 127.0.0.1 trulove.guru 127.0.0.1 dateing.club 127.0.0.1 otherhalf.life 127.0.0.1 shrekis.life 127.0.0.1 datasig.io 127.0.0.1 datauth.io 127.0.0.1 headshot.monster 127.0.0.1 gaming-at-my.best 127.0.0.1 progaming.monster 127.0.0.1 yourmy.monster 127.0.1.1 screenshare.host 127.0.1.1 imageshare.best 127.0.0.1 screenshot.best 127.0.0.1 gamingfun.me 127.0.0.1 catsnthing.com 127.0.0.1 mypic.icu 127.0.0.1 catsnthings.fun 127.0.0.1 curiouscat.club 127.0.0.1 gyazo.nl 127.0.0.1 gaymers.ax 127.0.0.1 ps3cfw.com 127.0.0.1 iplogger.org 127.0.0.1 steancomunnity.ru 127.0.0.1 streamcommunnlty.ru 127.0.0.1 streancommunuty.ru 127.0.0.1 streamconmunitlu.me 127.0.0.1 xn--yutube-iqc.com 127.0.0.1 yȯutube.com 127.0.0.1 streamconmunitlu.me 127.0.0.1 stearncomminuty.ru 127.0.0.1 steamcommunytu.ru 127.0.0.1 steamcommnuitry.com 127.0.0.1 stearncomunitu.ru 127.0.0.1 stearncormunsity.com 127.0.0.1 steamcommunytiu.ru 127.0.0.1 streammcomunnity.ru 127.0.0.1 steamcommunytiy.ru 127.0.0.1 stearncommunytiy.ru 127.0.0.1 strearncomuniity.ru.com 127.0.0.1 steamcomminytiu.ru 127.0.0.1 steamcconuunity.co 127.0.0.1 tournament-predator.xyz 127.0.1.1 steamcomminytiu.com 127.0.1.1 store-stempowered.com 127.0.1.1 stemcomnunity.ru.com 127.0.1.1 steamcommynitu.ru 127.0.1.1 discord-nitro.site 127.0.1.1 steamcommurnuity.com 127.0.1.1 dlscord.space 127.0.1.1 steamcomminutiu.ru 127.0.1.1 steamcommunrlity.com 127.0.1.1 steamcommytiny.com 127.0.1.1 steamcommunityu.ru 127.0.1.1 lemonchase.club 127.0.1.1 discod.art 127.0.1.1 steamgivenitro.com 127.0.1.1 xpro.gift 127.0.1.1 disscord-nitro.com 127.0.1.1 dirscod.com 127.0.1.1 dlscord.in 127.0.1.1 discorcl.link 127.0.1.1 steamcommunity.link 127.0.1.1 discorb.co 127.0.1.1 discord-nitro.su

    ``

    opened by lavakiddo 4
  • Accounts that i termed on my yt alt

    Accounts that i termed on my yt alt

    • ~~MASHH (Exhi crack I think)~~ nevermind its up again https://www.youtube.com/channel/UC5gQG08CYH4ZwMvdAyHQpnA
    • Wolfx (Remix 1.6.7 crack)
    • Verble (In the proccess of terming, yt staff bad)

    Will update (TM)

    opened by ghost 0
Releases(2.0.1)
Owner
Gardening_Tool
Developer @ PurplePrison, Corrosion & AntiCheat developer. I'm interested in Java bytecode as well as C++ development. Newb#9658
Gardening_Tool
A MCBE dll mod (mainly for testing) which modifies some piston functions

PistonFuckery A MCBE dll mod (mainly for testing) which modifies some piston functions. The current version modifies PistonBlockActor::_checkAttachedB

Luke7720 2 Apr 24, 2022
AngryWindows - Modifies the Blue Screen of Death for 1909/20h1/20h2/21h1.

AngryWindows When you are trying to fuzz or exploit the kernel and your machine becomes sentient and starts building up saltiness from you bullying it

Jon 106 Nov 16, 2022
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

PetitPotam PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions :) The tools use the

Topotam 1.4k Nov 23, 2022
Playbit System interface defines an OS-like computing platform which can be implemented on a wide range of hosts

PlaySys The Playbit System interface PlaySys defines an OS-like computing platform which can be implemented on a wide range of hosts like Linux, BSD,

Playbit 236 Nov 12, 2022
This is the repo that hosts the code for Mozilla's translation service

Translation service HTTP service that uses bergamot-translator and compressed neural machine translation models for fast inference on CPU. Running loc

Mozilla 18 Sep 7, 2022
Contains Algorithms and Competitive Programming sites solutions (codeforces, codechef, etc.)

✨ hacktoberfest2021 ?? ?? Contributing to hacktoberfest 2021 Welcome to hacktoberfest 2021 Public Repository. ????‍?? A month-long celebration from Oc

null 13 Oct 22, 2022
A template for experimenting with JUCE's hosting code

juce-wrapper This is a JUCE based plug-in that loads and wraps a single VST, VST3, or AU plug-in (in this case an instrument plug-in, which requires M

Shane Dunne 6 Nov 16, 2022
Hosting library for JSFX

ysfx Hosting library for JSFX Description This package provides support for audio and MIDI effects developed with the JSFX language. These effects exi

JP Cimalando 110 Nov 21, 2022
Block Cipher Reverse Engineering: A Challenge by Nintendo European Research & Development

My algorithm cracks NERD HireMe for any output within 1 Second without Brute-Force! Read more if you want to find out how this was accomplished or execute this algorithm yourself on Wandbox - Online C++ Compiler

Alexander Töpfer 58 Nov 15, 2021
This is a simple filter that will block any attempt to access streams beginning with

Triggering the notification only requires that you visit a particular path on an NTFS volume.

OSR Open Systems Resources, Inc. 73 Nov 1, 2022
A framework for implementing block device drivers in user space

BDUS is a Linux 4.0+ framework for developing block devices in user space. More specifically, it enables you to implement block device drivers as regu

Alberto Faria 26 May 24, 2022
Unix pager (with very rich functionality) designed for work with tables. Designed for PostgreSQL, but MySQL is supported too. Works well with pgcli too. Can be used as CSV or TSV viewer too. It supports searching, selecting rows, columns, or block and export selected area to clipboard.

Unix pager (with very rich functionality) designed for work with tables. Designed for PostgreSQL, but MySQL is supported too. Works well with pgcli too. Can be used as CSV or TSV viewer too. It supports searching, selecting rows, columns, or block and export selected area to clipboard.

Pavel Stehule 1.9k Dec 1, 2022
Generating block-structured grids for ocean domains

This is an implementation of the Paper "Automatic Generation of Load-Balancing-Aware Block-Structured Grids for Complex Ocean Domains" presented at th

null 2 Feb 10, 2022
A simple utility that cold patches dwm (uDWM.dll) in order to disable window rounded corners in Windows 11

Win11DisableRoundedCorners A simple utility that cold patches the Desktop Window Manager (uDWM.dll) in order to disable window rounded corners in Wind

Valentin-Gabriel Radu 494 Nov 27, 2022
This repository was created in order to keep local data with code in the cloud.

Airplane Ino Данный репозиторий был создан для совсместной комфортной работы над проектом. В данном файле(README.md) будет размещена основная полезная

surpri6e 0 Aug 11, 2022
DLL Hijack Search Order Enumeration BOF

DLL Hijack Search Order BOF What is this? This is a Cobalt Strike BOF file, meant to use two arguments (path to begin, and a DLL filename of interest)

null 118 Nov 25, 2022
Rangeless - c++ LINQ -like library of higher-order functions for data manipulation

rangeless::fn range-free LINQ-like library of higher-order functions for manipulation of containers and lazy input-sequences. Documentation What it's

null 182 Sep 9, 2022
Example code for collecting weather data from an ESP32 and then uploading this data to InfluxDB in order to create a dashboard using Grafana.

InfluxGrafanaTutorial Example code for collecting weather data from an ESP32 and then uploading this data to InfluxDB in order to create a dashboard u

Michael Klements 8 Oct 8, 2022