2023-04-23 16:07:51 -07:00
|
|
|
|
# Pillager
|
2023-04-24 20:06:41 -07:00
|
|
|
|
|
2023-11-08 02:53:06 -08:00
|
|
|
|
[](LICENSE)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
[](https://github.com/qwqdanchun/Pillager/releases)
|
|
|
|
|
|
|
|
|
|
|
|
|
2023-04-24 20:13:02 -07:00
|
|
|
|
<img src=".\Pillager.png"/>
|
2023-04-24 20:06:41 -07:00
|
|
|
|
|
2024-02-09 06:52:26 -08:00
|
|
|
|
[中文说明](./README_ZH.md)
|
2023-04-24 20:06:41 -07:00
|
|
|
|
|
2024-02-09 06:52:26 -08:00
|
|
|
|
## Introduction
|
2023-04-24 20:06:41 -07:00
|
|
|
|
|
2024-02-09 06:52:26 -08:00
|
|
|
|
Pillager is a tool for exporting and decrypting useful data from target computer.
|
2023-04-24 20:06:41 -07:00
|
|
|
|
|
2024-02-09 06:52:26 -08:00
|
|
|
|
## Support
|
|
|
|
|
|
|
|
|
|
|
|
#### Browser
|
|
|
|
|
|
|
|
|
|
|
|
| Browser Name | BookMarks | Cookies | Passwords | Historys | Local Storage | Extension Settings |
|
2023-10-26 00:37:40 -07:00
|
|
|
|
| :------------ | :-------: | :-----: | :-------: | :------: | :-----------: | :----------------: |
|
|
|
|
|
|
| IE | ✅ | ❌ | ✅ | ✅ | ❌ | ❌ |
|
|
|
|
|
|
| Edge | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
|
|
|
|
|
|
| Chrome | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
|
|
|
|
|
|
| Chrome Beta | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
|
2023-11-01 06:16:23 -07:00
|
|
|
|
| Chrome SxS | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
|
2023-10-26 00:37:40 -07:00
|
|
|
|
| Chromium | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
|
2023-11-01 06:16:23 -07:00
|
|
|
|
| Brave-Browser | ✅ | ✅ | ✅ | ✅ | 🚧 | 🚧 |
|
2023-11-06 06:47:55 -08:00
|
|
|
|
| QQBrowser | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
|
2023-11-01 06:16:23 -07:00
|
|
|
|
| SogouExplorer | ✅ | ✅ | ✅ | ✅ | 🚧 | 🚧 |
|
2023-11-18 22:21:22 -08:00
|
|
|
|
| 360Chrome | ❌ | ✅ | ✅ | ❌ | ✅ | ✅ |
|
2023-11-03 09:53:51 -07:00
|
|
|
|
| 360ChromeX | ❌ | ✅ | ✅ | ❌ | ✅ | ✅ |
|
2023-11-01 06:16:23 -07:00
|
|
|
|
| Vivaldi | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 |
|
|
|
|
|
|
| CocCoc | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 |
|
|
|
|
|
|
| Torch | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 |
|
|
|
|
|
|
| Kometa | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 |
|
|
|
|
|
|
| Orbitum | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 |
|
|
|
|
|
|
| CentBrowser | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 |
|
|
|
|
|
|
| 7Star | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 |
|
|
|
|
|
|
| Sputnik | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 |
|
|
|
|
|
|
| Epic Privacy | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 |
|
|
|
|
|
|
| Uran | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 |
|
|
|
|
|
|
| Yandex | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 |
|
2024-02-09 06:59:45 -08:00
|
|
|
|
| Opera | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 |
|
|
|
|
|
|
| Opera GX | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 | 🚧 |
|
2023-11-06 06:47:55 -08:00
|
|
|
|
| FireFox | ✅ | ✅ | ✅ | ✅ | ❌ | ✅ |
|
2023-10-07 04:09:27 -07:00
|
|
|
|
|
2024-02-09 06:52:26 -08:00
|
|
|
|
✅ Support,🚧 Haven't Tested,❌ Not Support
|
2024-01-23 21:38:48 -08:00
|
|
|
|
|
2024-02-09 06:52:26 -08:00
|
|
|
|
#### Software
|
2023-10-26 00:37:40 -07:00
|
|
|
|
|
2024-02-09 06:52:26 -08:00
|
|
|
|
* Acount Takeover
|
|
|
|
|
|
* Telegram
|
|
|
|
|
|
* Skype
|
|
|
|
|
|
* Enigma
|
|
|
|
|
|
* DingTalk
|
|
|
|
|
|
* Line
|
|
|
|
|
|
* Discord
|
|
|
|
|
|
* MailMaster
|
|
|
|
|
|
* Foxmail
|
|
|
|
|
|
* FileZilla
|
|
|
|
|
|
* Password Recovery
|
|
|
|
|
|
* MobaXterm
|
|
|
|
|
|
* Xmanager
|
|
|
|
|
|
* RDCMan
|
|
|
|
|
|
* FinalShell
|
|
|
|
|
|
* Navicat
|
|
|
|
|
|
* SQLyog
|
2024-02-11 01:21:48 -08:00
|
|
|
|
* SecureCRT
|
2024-02-09 06:52:26 -08:00
|
|
|
|
* Outlook
|
|
|
|
|
|
* MailBird
|
|
|
|
|
|
* WinSCP
|
|
|
|
|
|
* DBeaver
|
|
|
|
|
|
* CoreFTP
|
|
|
|
|
|
* Snowflake
|
|
|
|
|
|
* Personal Infomation
|
|
|
|
|
|
* QQ
|
|
|
|
|
|
* VSCode
|
|
|
|
|
|
* Netease CloudMusic
|
2023-11-13 01:25:17 -08:00
|
|
|
|
|
2024-02-09 06:52:26 -08:00
|
|
|
|
Will add more ......
|
2023-12-14 04:40:57 -08:00
|
|
|
|
|
2024-02-09 06:52:26 -08:00
|
|
|
|
#### System
|
2023-11-01 06:16:23 -07:00
|
|
|
|
|
2024-02-09 06:52:26 -08:00
|
|
|
|
* Wifi
|
|
|
|
|
|
* ScreenShot
|
2024-02-11 20:29:40 -08:00
|
|
|
|
* InstalledApp
|
2023-04-24 20:06:41 -07:00
|
|
|
|
|
2024-02-09 06:52:26 -08:00
|
|
|
|
## Usage
|
2023-04-24 20:06:41 -07:00
|
|
|
|
|
2024-02-09 06:52:26 -08:00
|
|
|
|
This project uses Github Action to auto build and upload the [Release](https://github.com/qwqdanchun/Pillager/releases)
|
2023-04-24 20:06:41 -07:00
|
|
|
|
|
2024-02-09 06:52:26 -08:00
|
|
|
|
* [Pillager.exe](https://github.com/qwqdanchun/Pillager/releases/download/AutoBuild/Pillager.exe) is exe for .Net Framework v3.5
|
|
|
|
|
|
* [Pillager.bin](https://github.com/qwqdanchun/Pillager/releases/download/AutoBuild/Pillager.bin) is shellcode built with Donut
|
|
|
|
|
|
* [cs-plugin.zip](https://github.com/qwqdanchun/Pillager/releases/download/AutoBuild/cs-plugin.zip) is plugin for CobaltStrike
|
2023-04-24 20:06:41 -07:00
|
|
|
|
|
2024-02-09 06:52:26 -08:00
|
|
|
|
Pillager.exe is just for testing. It will be detect as malware by most Anti-Virus softwares.
|
2023-11-01 06:16:23 -07:00
|
|
|
|
|
2024-02-09 06:52:26 -08:00
|
|
|
|
Run the shellcode in your way, and find the result at `%Temp%\Pillager.zip`.
|
2023-11-01 06:16:23 -07:00
|
|
|
|
|
2024-02-09 06:52:26 -08:00
|
|
|
|
## Feature
|
2023-06-28 17:37:26 -07:00
|
|
|
|
|
2024-02-09 06:52:26 -08:00
|
|
|
|
* Shellcode file size is less than 100kb
|
|
|
|
|
|
* Using self version of Donut,shellcode is suitable for both .Net Framework v3.5/v4.x
|
2023-11-06 04:43:40 -08:00
|
|
|
|
|
2023-11-13 01:25:17 -08:00
|
|
|
|
## Contributors
|
|
|
|
|
|
|
|
|
|
|
|
<a href="https://github.com/qwqdanchun/Pillager/graphs/contributors">
|
|
|
|
|
|
<img src="https://contrib.rocks/image?repo=qwqdanchun/Pillager" />
|
|
|
|
|
|
</a>
|
|
|
|
|
|
|
2024-02-09 06:52:26 -08:00
|
|
|
|
## 404 StarLink Project
|
2023-11-06 06:47:55 -08:00
|
|
|
|
|
2023-11-06 04:43:40 -08:00
|
|
|
|
|
|
|
|
|
|
|
2024-02-09 06:52:26 -08:00
|
|
|
|
Pillager has joined [404星链计划](https://github.com/knownsec/404StarLink)
|
