Yeah i was jst going through my files, and i opened Radio DJ Panel and this happened

http://www.tehupload.com/images/408547746130err.png

Oh dear, of all the times I have used Radio DJ Panel I have never came across a bug.

:rolleyes:


http://www.tehupload.com/images/408547746130err.png

you may have got a leeched version or w/e

Did you download it directly from Scriptz site?

I got it from Habboring when it was up xd

Post the sorce of functions.php

I dont have it anymore (i hit heal so it deleted it)

AVG says everything is a virus.

Somebody post the "functions.php" file source-code.

It's a javascript downloader frmo what I know, which means it downloads somthing from the internet into the script/web server. Hardly a virus.

RadioDJPanel is Zend protected..

RadioDJPanel is Zend protected..
Which can be easily decrypted :
http://www.tareeinternet.com/forum/knowledgebase/274-decoding-eval-gzinflate-base64_decode.html
:eusa_whis

Which can be easily decrypted :
http://www.tareeinternet.com/forum/knowledgebase/274-decoding-eval-gzinflate-base64_decode.html
:eusa_whis

If I upload the zend code, can you decrypt it then? ;P

If so; here's the code:



<?php $_F=__FILE__;$_X='Pz48P3BocA0KDQojIyMjIyMjIyMjIyMj IyMjIyMjIyMjIyMjIyMjIyMjIyMjIw0KIyBDMnB5cjRnaHQgTj J0NGM1DQojIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj IyMjIw0KIyBBbGwgc2NyNHB0LCBjMmQ1LCAxbmQgMW55IGYycm 0gMmYgcHIyZ3IxbW00bmcNCiMgYzJudDE0bjVkIDRuIHRoNSBS MWQ0MiBESiBQMW41bCBzY3I0cHQgZDRzdHI0YjN0NWQNCiMgYn kgUTM0Y2tTY3I0cHR6IDJyIDFueSAyZiA0dCdzIDFmZjRsNDF0 NXMgNHMNCiMgMnduNWQgMW4gYzJweXI0Z2h0NWQgdDIgUTM0Y2 tTY3I0cHR6LiBZMjMNCiMgbTF5IG4ydCBtMmQ0ZnkgMW55IDJm IHRoNSBjMmQ1IDFuZCB0aDVuDQojIDNzNS9jbDE0bSA0dCAxcy B5MjNyIDJ3bi4NCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj IyMjIyMjIyMjDQojIEozc3QgQSBGcjQ1bmRseSBSNW00bmQ1ci AgOikNCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj IyMjDQoNCg0KIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIy MjDQojIEVuY3J5cHQ0Mm4gU3QzZmYNCiMjIyMjIyMjIyMjIyMj IyMjIyMjIyMjIyMjIyMjIw0KZjNuY3Q0Mm4gNW5jcnlwdDJyKC RzdHI0bmcpDQp7DQogICAgJHN0cjRuZyA9IHN0cnI1digkc3Ry NG5nKTsNCiAgICAkc3RyNG5nYSA9IG1kaShzaDE2KCRzdHI0bm cpKTsNCiAgICAkc3RyNG5nbyA9IHN0cnI1dihjcmNvYShzdHJs NW4oJHN0cjRuZ2EpKSk7DQogICAgJHN0cjRuZ3UgPSBjcnlwdC gkc3RyNG5nYSwgJHN0cjRuZ28pOw0KICAgICRzdHI0bmdpID0g c2gxNihtZGkoYjFzNWV1XzVuYzJkNShzdHI0bmdvKSkpOw0KIC AgICRmNG4xbCA9IG1kaShzdHJyNXYoYjFzNWV1XzVuYzJkNShz aDE2KGNyeXB0KCRzdHI0bmc4LCAkc3RyNG5ndSkpKSkpOw0KIC AgIHI1dDNybiAkZjRuMWw7DQp9DQoNCmYzbmN0NDJuIDVuY3J5 cHQoJHN0cjRuZykNCnsNCiAgICAkc3RyNG5nID0gc3RycjV2KC RzdHI0bmcpOw0KICAgICRzdHI0bmdhID0gbWRpKHNoMTYoJHN0 cjRuZykpOw0KICAgICRzdHI0bmdvID0gY3J5cHQoJHN0cjRuZ2 EsICRzdHI0bmdhKTsNCiAgICAkc3RyNG5ndSA9IGIxczVldV81 bmMyZDUoc2gxNihtZGkoJHN0cjRuZ28pKSk7DQogICAgJHN0cj RuZ2kgPSBjcmNvYShzdHJyNXYoJHN0cjRuZ3UpKTsNCiAgICAk c3RyNG5nZSA9IHNoMTYobWRpKCRzdHI0bmdpKSk7DQogICAgJH N0cjRuZzcgPSBzdHJsNW4oY3J5cHQoJHN0cjRuZ2ksICRzdHI0 bmdhKSk7ICANCiAgICAkc3RyNG5nOCA9IDVuY3J5cHQycigkc3 RyNG5nNyk7DQogICAgJGY0bjFsID0gc3RycjV2KG1kaShzaDE2 KGIxczVldV81bmMyZDUoY3J5cHQoJHN0cjRuZzgsICRzdHI0bm d1KSkpKSk7DQogICAgcjV0M3JuICRmNG4xbDsNCn0NCg0KZjNu Y3Q0Mm4gNW5jKCRzdHI0bmcpDQp7DQogICAgJHN0cjRuZyA9IH N0cnI1digkc3RyNG5nKTsNCiAgICAkc3RyNG5nYSA9IG1kaShz aDE2KCRzdHI0bmcpKTsNCiAgICAkc3RyNG5nbyA9IGNyeXB0KC RzdHI0bmdhLCAkc3RyNG5nYSk7DQogICAgJHN0cjRuZ3UgPSBi MXM1ZXVfNW5jMmQ1KHNoMTYobWRpKCRzdHI0bmdvKSkpOw0KIC AgICRzdHI0bmdpID0gY3Jjb2Eoc3RycjV2KCRzdHI0bmd1KSk7 DQogICAgJHN0cjRuZ2UgPSBzaDE2KG1kaSgkc3RyNG5naSkpOw 0KICAgICRzdHI0bmc3ID0gc3RybDVuKGNyeXB0KCRzdHI0bmdp LCAkc3RyNG5nYSkpOyAgDQogICAgJHN0cjRuZzggPSA1bmNyeX B0MnIoJHN0cjRuZzcpOw0KICAgICRmNG4xbCA9IHN0cnI1diht ZGkoc2gxNihiMXM1ZXVfNW5jMmQ1KGNyeXB0KCRzdHI0bmc4LC Akc3RyNG5ndSkpKSkpOw0KICAgIHI1dDNybiAkZjRuMWw7DQp9 DQoNCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIw0KIy BSNXM0ejUgT3Y1cnM0ejVkIFByMmY0bDUgSW0xZzVzDQojIyMj IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMNCmYzbmN0NDJuID RtMWc1UjVzNHo1KCR3NGR0aCwgJGg1NGdodCwgJHQxcmc1dCkg eyANCjRmICgkdzRkdGggPiAkaDU0Z2h0KSB7IA0KJHA1cmM1bn QxZzUgPSAoJHQxcmc1dCAvICR3NGR0aCk7IA0KfSA1bHM1IHsg DQokcDVyYzVudDFnNSA9ICgkdDFyZzV0IC8gJGg1NGdodCk7IA 0KfSANCiR3NGR0aCA9IHIyM25kKCR3NGR0aCAqICRwNXJjNW50 MWc1KTsgDQokaDU0Z2h0ID0gcjIzbmQoJGg1NGdodCAqICRwNX JjNW50MWc1KTsgDQpyNXQzcm4gInc0ZHRoPVwiJHc0ZHRoXCIg aDU0Z2h0PVwiJGg1NGdodFwiIjsgDQp9IA0KDQoNCiMjIyMjIy MjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIw0KIyBTNXQgVGg1IEQ1 ZjEzbHQgVDRtNXoybjUNCiMjIyMjIyMjIyMjIyMjIyMjIyMjIy MjIyMjIyMjIw0KIyBUMiBDaDFuZzUgUjVmNXIgVDI6IA0KIyBo dHRwOi8vd3d3Lm0yZHc1c3QuYzJtL2g1bHAva2JpLWFpOC5odG 1sDQojIGh0dHA6Ly93d3cudGg1cHIyajVjdHMuMnJnL2Q1di96 Mm41LnR4dA0KIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIy MjDQpwM3Q1bnYoIlRaPUFtNXI0YzEvTTJudHI1MWwiKTsNCg0K DQojIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMNCiMgQj FkIFcycmQgRjRsdDVyDQojIyMjIyMjIyMjIyMjIyMjIyMjIyMj IyMjIyMjIyMNCiMgTjJ0IGYyciB5MjNyIGNoNGxkcjVuIDJyIH A1MnBsNSB3NHRoIElRJ3MNCiMgbDJ3NXIgdGgxbiBpMCA6UA0K IyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjDQpmM25jdD QybiBsMW5nMzFnNV9mNGx0NXIoJHN0cjRuZykgew0KICAkMmJz YzVuNHQ0NXMgPSAxcnIxeSgNCiAgICAgICJmM2NrIiwNCiAgIC AgICJmM2NrNXIiLA0KICAgICAgImI0dGNoIiwNCiAgICAgICJj MmNrIiwNCiAgICAgICJuNGdnNXIiLA0KICAgICAgInAzc3N5Ii wNCiAgICAgICIxc3NoMmw1IiwNCiAgICAgICJiMXN0MXJkIiwN CiAgICAgICJjM250IiwNCiAgICAgICJzaDR0IiwNCiAgICAgIC JiM2xsc2g0dCIsDQogICAgICAid2gycjUiDQogICAgICApOw0K ICAgIGYycjUxY2ggKCQyYnNjNW40dDQ1cyAxcyAkYzNyczVfdz JyZCkgew0KICAgICAgICA0ZiAoc3RyNHN0cih0cjRtKCRzdHI0 bmcpLCRjM3JzNV93MnJkKSkgew0KICAgICAgICAgICAgJGw1bm d0aCA9IHN0cmw1bigkYzNyczVfdzJyZCk7DQogICAgICAgICAg ICBmMnIgKCQ0ID0gNjsgJDQgPD0gJGw1bmd0aDsgJDQrKykgew 0KICAgICAgICAgICAgICAgICRzdDFycyAuPSAiKioqKiI7DQog ICAgICAgICAgICB9DQogICAgICAgICAgICAkc3RyNG5nID0gNX I1ZzRfcjVwbDFjNSgkYzNyczVfdzJyZCwkc3QxcnMsdHI0bSgk c3RyNG5nKSk7DQogICAgICAgICAgICAkc3QxcnMgPSAiIjsNCi AgICAgICAgfQ0KICAgIH0NCiAgICByNXQzcm4gJHN0cjRuZzsN Cn0NCj8+';eval(base64_decode('JF9YPWJhc2U2NF9kZWNv ZGUoJF9YKTskX1g9c3RydHIoJF9YLCcxMjM0NTZhb3VpZScsJ2 FvdWllMTIzNDU2Jyk7JF9SPWVyZWdfcmVwbGFjZSgnX19GSUxF X18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOy RfWD0wOw=='));?>

Hey,

Lets clear a few things up here:

First:
RDJP is SAFE. JS/Downloader.Agent is a detection for JavaScript files that may have malicious intent to download and execute additional threat onto the computer.

The key word here is MAY, you know, MAY HAVE MALICIOUS INTENT. It doesn't mean it bloody does.


Secondly:
RDJP is not encoded with Zend, It uses the Base64 system. So what --ss-- posted would work as Base64 can be decoded very easily.

.:; Johno

Hey,

Lets clear a few things up here:

First:
RDJP is SAFE. JS/Downloader.Agent is a detection for JavaScript files that may have malicious intent to download and execute additional threat onto the computer.

The key word here is MAY, you know, MAY HAVE MALICIOUS INTENT. It doesn't mean it bloody does.


Secondly:
RDJP is not encoded with Zend, It uses the Base64 system. So what --ss-- posted would work as Base64 can be decoded very easily.

.:; Johno
May - so we best check it, and I'm an epic fail so I cba ;)

The decoded string would be:


<?php

###################################
# C2pyr4ght N2t4c5
###################################
# All scr4pt, c2d5, 1nd 1ny f2rm 2f pr2gr1mm4ng
# c2nt14n5d 4n th5 R1d42 DJ P1n5l scr4pt d4str4b3t5d
# by Q34ckScr4ptz 2r 1ny 2f 4t's 1ff4l41t5s 4s
# 2wn5d 1n c2pyr4ght5d t2 Q34ckScr4ptz. Y23
# m1y n2t m2d4fy 1ny 2f th5 c2d5 1nd th5n
# 3s5/cl14m 4t 1s y23r 2wn.
###################################
# J3st A Fr45ndly R5m4nd5r :)
###################################


##############################
# Encrypt42n St3ff
##############################
f3nct42n 5ncrypt2r($str4ng)
{
$str4ng = strr5v($str4ng);
$str4nga = mdi(sh16($str4ng));
$str4ngo = strr5v(crcoa(strl5n($str4nga)));
$str4ngu = crypt($str4nga, $str4ngo);
$str4ngi = sh16(mdi(b1s5eu_5nc2d5(str4ngo)));
$f4n1l = mdi(strr5v(b1s5eu_5nc2d5(sh16(crypt($str4ng8, $str4ngu)))));
r5t3rn $f4n1l;
}

f3nct42n 5ncrypt($str4ng)
{
$str4ng = strr5v($str4ng);
$str4nga = mdi(sh16($str4ng));
$str4ngo = crypt($str4nga, $str4nga);
$str4ngu = b1s5eu_5nc2d5(sh16(mdi($str4ngo)));
$str4ngi = crcoa(strr5v($str4ngu));
$str4nge = sh16(mdi($str4ngi));
$str4ng7 = strl5n(crypt($str4ngi, $str4nga));
$str4ng8 = 5ncrypt2r($str4ng7);
$f4n1l = strr5v(mdi(sh16(b1s5eu_5nc2d5(crypt($str4ng8, $str4ngu)))));
r5t3rn $f4n1l;
}

f3nct42n 5nc($str4ng)
{
$str4ng = strr5v($str4ng);
$str4nga = mdi(sh16($str4ng));
$str4ngo = crypt($str4nga, $str4nga);
$str4ngu = b1s5eu_5nc2d5(sh16(mdi($str4ngo)));
$str4ngi = crcoa(strr5v($str4ngu));
$str4nge = sh16(mdi($str4ngi));
$str4ng7 = strl5n(crypt($str4ngi, $str4nga));
$str4ng8 = 5ncrypt2r($str4ng7);
$f4n1l = strr5v(mdi(sh16(b1s5eu_5nc2d5(crypt($str4ng8, $str4ngu)))));
r5t3rn $f4n1l;
}

##############################
# R5s4z5 Ov5rs4z5d Pr2f4l5 Im1g5s
##############################
f3nct42n 4m1g5R5s4z5($w4dth, $h54ght, $t1rg5t) {
4f ($w4dth > $h54ght) {
$p5rc5nt1g5 = ($t1rg5t / $w4dth);
} 5ls5 {
$p5rc5nt1g5 = ($t1rg5t / $h54ght);
}
$w4dth = r23nd($w4dth * $p5rc5nt1g5);
$h54ght = r23nd($h54ght * $p5rc5nt1g5);
r5t3rn "w4dth=\"$w4dth\" h54ght=\"$h54ght\"";
}


##############################
# S5t Th5 D5f13lt T4m5z2n5
##############################
# T2 Ch1ng5 R5f5r T2:
# http://www.m2dw5st.c2m/h5lp/kbi-ai8.html
# http://www.th5pr2j5cts.2rg/d5v/z2n5.txt
##############################
p3t5nv("TZ=Am5r4c1/M2ntr51l");


##############################
# B1d W2rd F4lt5r
##############################
# N2t f2r y23r ch4ldr5n 2r p52pl5 w4th IQ's
# l2w5r th1n i0 :P
##############################
f3nct42n l1ng31g5_f4lt5r($str4ng) {
$2bsc5n4t45s = 1rr1y(
BAD WORDS REMOVED!
);
f2r51ch ($2bsc5n4t45s 1s $c3rs5_w2rd) {
4f (str4str(tr4m($str4ng),$c3rs5_w2rd)) {
$l5ngth = strl5n($c3rs5_w2rd);
f2r ($4 = 6; $4 <= $l5ngth; $4++) {
$st1rs .= "****";
}
$str4ng = 5r5g4_r5pl1c5($c3rs5_w2rd,$st1rs,tr4m($str4ng));
$st1rs = "";
}
}
r5t3rn $str4ng;
}
?>

Then you just have to clean it up. Its not that hard.

Yeah, like I cant see anything malicious in that file and my good AV hasn't picked anything up so yeah. Once again, SAFE.

.:; Johno

lol, probs phplockit or something :P!

The decoded string would be:


<?php

###################################
# C2pyr4ght N2t4c5
###################################
# All scr4pt, c2d5, 1nd 1ny f2rm 2f pr2gr1mm4ng
# c2nt14n5d 4n th5 R1d42 DJ P1n5l scr4pt d4str4b3t5d
# by Q34ckScr4ptz 2r 1ny 2f 4t's 1ff4l41t5s 4s
# 2wn5d 1n c2pyr4ght5d t2 Q34ckScr4ptz. Y23
# m1y n2t m2d4fy 1ny 2f th5 c2d5 1nd th5n
# 3s5/cl14m 4t 1s y23r 2wn.
###################################
# J3st A Fr45ndly R5m4nd5r :)
###################################


##############################
# Encrypt42n St3ff
##############################
f3nct42n 5ncrypt2r($str4ng)
{
$str4ng = strr5v($str4ng);
$str4nga = mdi(sh16($str4ng));
$str4ngo = strr5v(crcoa(strl5n($str4nga)));
$str4ngu = crypt($str4nga, $str4ngo);
$str4ngi = sh16(mdi(b1s5eu_5nc2d5(str4ngo)));
$f4n1l = mdi(strr5v(b1s5eu_5nc2d5(sh16(crypt($str4ng8, $str4ngu)))));
r5t3rn $f4n1l;
}

f3nct42n 5ncrypt($str4ng)
{
$str4ng = strr5v($str4ng);
$str4nga = mdi(sh16($str4ng));
$str4ngo = crypt($str4nga, $str4nga);
$str4ngu = b1s5eu_5nc2d5(sh16(mdi($str4ngo)));
$str4ngi = crcoa(strr5v($str4ngu));
$str4nge = sh16(mdi($str4ngi));
$str4ng7 = strl5n(crypt($str4ngi, $str4nga));
$str4ng8 = 5ncrypt2r($str4ng7);
$f4n1l = strr5v(mdi(sh16(b1s5eu_5nc2d5(crypt($str4ng8, $str4ngu)))));
r5t3rn $f4n1l;
}

f3nct42n 5nc($str4ng)
{
$str4ng = strr5v($str4ng);
$str4nga = mdi(sh16($str4ng));
$str4ngo = crypt($str4nga, $str4nga);
$str4ngu = b1s5eu_5nc2d5(sh16(mdi($str4ngo)));
$str4ngi = crcoa(strr5v($str4ngu));
$str4nge = sh16(mdi($str4ngi));
$str4ng7 = strl5n(crypt($str4ngi, $str4nga));
$str4ng8 = 5ncrypt2r($str4ng7);
$f4n1l = strr5v(mdi(sh16(b1s5eu_5nc2d5(crypt($str4ng8, $str4ngu)))));
r5t3rn $f4n1l;
}

##############################
# R5s4z5 Ov5rs4z5d Pr2f4l5 Im1g5s
##############################
f3nct42n 4m1g5R5s4z5($w4dth, $h54ght, $t1rg5t) {
4f ($w4dth > $h54ght) {
$p5rc5nt1g5 = ($t1rg5t / $w4dth);
} 5ls5 {
$p5rc5nt1g5 = ($t1rg5t / $h54ght);
}
$w4dth = r23nd($w4dth * $p5rc5nt1g5);
$h54ght = r23nd($h54ght * $p5rc5nt1g5);
r5t3rn "w4dth=\"$w4dth\" h54ght=\"$h54ght\"";
}


##############################
# S5t Th5 D5f13lt T4m5z2n5
##############################
# T2 Ch1ng5 R5f5r T2:
# http://www.m2dw5st.c2m/h5lp/kbi-ai8.html
# http://www.th5pr2j5cts.2rg/d5v/z2n5.txt
##############################
p3t5nv("TZ=Am5r4c1/M2ntr51l");


##############################
# B1d W2rd F4lt5r
##############################
# N2t f2r y23r ch4ldr5n 2r p52pl5 w4th IQ's
# l2w5r th1n i0 :P
##############################
f3nct42n l1ng31g5_f4lt5r($str4ng) {
$2bsc5n4t45s = 1rr1y(
BAD WORDS REMOVED!
);
f2r51ch ($2bsc5n4t45s 1s $c3rs5_w2rd) {
4f (str4str(tr4m($str4ng),$c3rs5_w2rd)) {
$l5ngth = strl5n($c3rs5_w2rd);
f2r ($4 = 6; $4 <= $l5ngth; $4++) {
$st1rs .= "****";
}
$str4ng = 5r5g4_r5pl1c5($c3rs5_w2rd,$st1rs,tr4m($str4ng));
$st1rs = "";
}
}
r5t3rn $str4ng;
}
?>

Then you just have to clean it up. Its not that hard.

Yeah, like I cant see anything malicious in that file and my good AV hasn't picked anything up so yeah. Once again, SAFE.

.:; Johno

The numbers just have to be replaced with their corresponding vowels now to give the actual source but I guess we should protect the author's wishes and leave it semi encrypted :P.

I can't find anything that may cause harm , meh.

ye lol. its not hard to work out the values though :P

1 - A
2 - O
3 - U
4 - I
5 - E

We should make this a guessing game :rolleyes:

But matt, (it is matt isnt it) what u use to encode it? Looks like quite good base64 encryption technique.

ye lol. its not hard to work out the values though :P

1 - A
2 - O
3 - U
4 - I
5 - E

We should make this a guessing game :rolleyes:

But matt, (it is matt isnt it) what u use to encode it? Looks like quite good base64 encryption technique.

($_X,'123456aouie','aouie123456')
Correct ;).

Base 64 is quite easy to decode.
They have two parts which look like this:

<?php $_F=__FILE__;$_X='INSERTANVERYLONGSTRINGHERE+';eva l(base64_decode('ANOTHERLONGSTRING=='));?>
The first string is the actual encrypted data , the second string is the formula it will use to decrypt it self to show you the result of the actual function.

The first thing we do is spilt the two bits up, we then take the secound bit, the formula and decrypt it so we know how to format the actual string when it's been decrypted:

<?php
$formula = base64_decode('ANOTHERLONGSTRING==');
echo $formula;
?>
It would output something like this:

$_X=base64_decode($_X);$_X=strtr($_X,'123456aouie' ,'aouie123456');$_R=ereg_replace('__FILE__',"'".$_F."'",$_X);eval($_R)

We can now put it back together and echo out the result:

<?php
$_F=__FILE__;$_X='INSERTANVERYLONGSTRINGHERE+';
$_X=base64_decode($_X);
$_X=strtr($_X,'123456aouie','aouie123456');
$_R=ereg_replace('__FILE__',"'".$_F."'",$_X);
eval($_R);$_R=0;$_X=0;
echo "$_R";
?>

Quick and badly written guide but you should be able to understand it.

When I had AVG, I scanned it and it was totally fine :S

AVG said my iTunes had a trojan lmao.
Its not very good so i wouldnt rely on it always D:

AVG is stupid.

Yeah, as -ss- said, that method of encryption is very easy to crack. All you have to do is decrypt the base64, put the results of the base64 into the code and then change the final eval to echo and you'll be given the original code.

My AVG also found these files, however I have had AVG for a few months and it only picked that file up the other day, even though I do a full scan every day.

I just healed it and left it be because I knew it wouldn't be anything serious, probably something which technically could be used in a bad way although in this case isn't