Need help to write a stealer on Win

[icecat89]

Hi guys, I'm willing to write a good stealer that should be written with C/C++ that steal sysinfo,steam,discord maybe and work with lot of chromium, also able to bypass at least some AVs, tho the idea is about gaining more exp on C/C++, I'll make the repo public so ppl can do some changes and everyone will get experience, since i've time for such things, if someone also have good ideas i'll make something similar, need blogs, good github repos and articles for such thing, probably the logs will be sent to a specific C2 or to discord bot (through D++ (using discord API))
the future goal is writing something really powerful such as dokito stealer, and something far in the far future like Raccoon stealer or something, thank you all

 

[Quake3]

А что именно вам непонятно? Какой этап разработки стиллера ?

Есть конкретные вопросы, так пишите.

 

[vxero]

Well, you'll get a lot of experience. Though it might be too late to get any profit out of this. Just looks like dreams for me.
First, I recommend designing your solution, especially bottle necks. Second, just implement. While you're implementing you'll learn C/C++.

Edited: I've never done something like that in this context. However, any other product is built similar ways.

 

[icecat89]

Quake3 sorry for delay to respo,and also for not giving lot information, the idea is that i need some resources to build a good stealer, since you are a moderator here, you probably have a lot in your mind, also if you think that making a stealer nowadays is useless, then tell me somthing better to make,i can do anything since i'e time, willing to build good carier in C/C++ before degging into the kernel stuff, so maybee if you have some good articles to bypass ABE and dealing with AVs through some DLL sideloding or any trick, probably also will make the panel just to build the executable file, and the logs will be send to telegram or discord using tokens,also as i mentioned, i want evryone to get experience, so will make the repository in github public so people can contrubute on it, any good src codes will be usefull, thanks again Quake3

 

[icecat89]

Well, you'll get a lot of experience. Though it might be too late to get any profit out of this. Just looks like dreams for me.
First, I recommend designing your solution, especially bottle necks. Second, just implement. While you're implementing you'll learn C/C++.

Edited: I've never done something like that in this context. However, any other product is built similar ways.

hi, why do you think that something like this is too late? is it hard to build or what? at least stealing steam or discord info is usefull, as i mentioned if you have good ideas, just tell us

 

[vxero]

hi, why do you think that something like this is too late? is it hard to build or what? at least stealing steam or discord info is usefull, as i mentioned if you have good ideas, just tell us

Nobody will tell you what tricks they use

 

[thulean]

Start out with a simple task. Such as setting up the client and server and just making them be able to communicate with each other. Then work on another simple task like grabbing discord tokens. Think about it logically. Where are they stored? How to decrypt them? etc

 

[icecat89]

Start out with a simple task. Such as setting up the client and server and just making them be able to communicate with each other. Then work on another simple task like grabbing discord tokens. Think about it logically. Where are they stored? How to decrypt them? etc

will try brother, then will send you sample, thank you..any blogs btw will be useful if you have some, not necessary verry to be master blogs, but only related to the topic

 

[ski]

look at donPAPI at GitHub, it written in python. You can implement it into C or can do something different with new cve

 

[xmarina]

All you need for chrome based browsers which is like 80% of the work is to find a good way to get SQLite where you don't need an external DLL.

there are some lightweight ones but i think you can use clib/sqlite3.h

just by doing something like

gcc main.c sqlite3.c -lpthread -o foo

then you use the Win32 DPAPI crypt functions to get the encryption key. There are a lot of stealers on github which do this and you can simply translate the code.

For wallets each wallet has a separate method for recovering, for example for desktop wallets its usually files, for browser wallets its a different process. To be honest it doesn't seem like any stealer i know has implemented wallet stealing properly, usually you will end up having to do it manually with a RAT, but if you focus on it a little you might be able to get it right. But usually if you google "[SOME WALLET] file recovery" you will get the method, then you need figure a way to implement these in code.

A road block you might run into, is that C++/C is way too low level, then you will get stuck trying to write code for interacting with system components which would be 2-3 lines of code in a high-level language, that is why most stealers use C# or Python, because really its not a very complex operation. An intermediate solution I have thought of is writing it in rust, which might have a little best of both worlds i.e its unmanaged code but at the same time you wont need to worry about low level complexities.

 

[DoubleDe]

All you need for chrome based browsers which is like 80% of the work is to find a good way to get SQLite where you don't need an external DLL.

there are some lightweight ones but i think you can use clib/sqlite3.h

just by doing something like

gcc main.c sqlite3.c -lpthread -o foo

then you use the Win32 DPAPI crypt functions to get the encryption key. There are a lot of stealers on github which do this and you can simply translate the code.

For wallets each wallet has a separate method for recovering, for example for desktop wallets its usually files, for browser wallets its a different process. To be honest it doesn't seem like any stealer i know has implemented wallet stealing properly, usually you will end up having to do it manually with a RAT, but if you focus on it a little you might be able to get it right. But usually if you google "[SOME WALLET] file recovery" you will get the method, then you need figure a way to implement these in code.

A road block you might run into, is that C++/C is way too low level, then you will get stuck trying to write code for interacting with system components which would be 2-3 lines of code in a high-level language, that is why most stealers use C# or Python, because really its not a very complex operation. An intermediate solution I have thought of is writing it in rust, which might have a little best of both worlds i.e its unmanaged code but at the same time you wont need to worry about low level complexities.

Это устаревшая информация. Теперь ключ шифрования временный и получают его через процесс chromebroker, чтобы получить ключ надо инжектить хром, для чего, вероятно, и нужен dll. Dpapi не поможет.