Posted 12 years ago
·
Author
This is a fake credit generator I found on YouTube. I decompilied it for learning purposes. It seems to be a lot more advanced than most of the fake generators I've seen.
Note: I am in no way encouraging you to use this code to make a credit generator. I'm simply exposing how this works as proof of invalidity. In all cases that we have seen, including in this example, credit generators are malicious software containing spyware and or are simply out to steal / phish your username and password. I have removed key lines from the code bellow, so people with malicious intent will not be able to compile / re-use this example to create their own malicious software.
CLICK HERE TO DOWNLOAD THE FULL FILES
Main Form
INet.au3
Note: I am in no way encouraging you to use this code to make a credit generator. I'm simply exposing how this works as proof of invalidity. In all cases that we have seen, including in this example, credit generators are malicious software containing spyware and or are simply out to steal / phish your username and password. I have removed key lines from the code bellow, so people with malicious intent will not be able to compile / re-use this example to create their own malicious software.
CLICK HERE TO DOWNLOAD THE FULL FILES
Main Form
_IEErrorHandlerRegister ()
Opt("GUIOnEventMode", 1)
Opt("TrayIconHide", 1)
Opt("WinTitleMatchMode", 2)
$frmMain =GuiCreate ("IMVU - Credit Maker", 334, 72)
GUISetOnEvent($GUI_EVENT_CLOSE, "CloseXClick")
$btnStart = GUICtrlCreatebutton ("Begin", 255, 29, 70, 23, 0)
GUICtrlSetOnEvent(-1, "btnStartClick")
$Label4 = GUICtrlCreateLabel("Avatar Name", 9, 9, 220, 15)
GUICtrlSetFont (-1,9, 800)
$Label5 = GUICtrlCreateLabel("Credits", 185, 9, 220, 15)
GUICtrlSetFont (-1,9, 800)
$Label6 = GUICtrlCreateLabel("Stopped", 9, 55, 220, 15)
GUICtrlSetFont (-1,7, 400)
$file = GUICtrlCreateInput("", 9, 30, 175, 21)
$file2 = GUICtrlCreateInput("1000", 185, 30, 70, 21)
GuiSetState (@SW_SHOW)
$s = 0
While 1
Sleep (100)
Wend
Func CloseXClick()
Exit
EndFunc
Func btnStartClick()
GUICtrlSetState($btnStart, $GUI_DISABLE)
if GUICtrlRead($file) = "" then
MsgBox(16, "Error", "Please Enter Your Username")
Exit
EndIf
Progress()
EndFunc
Func btnStopClick()
Exit
EndFunc
Func Progress()
For $i = $s To 100
$s = $i
$s=0
GUICtrlSetData ($Label6,"Adding Credits - "&$i&"%")
$timedelay= Int (Random("200", "1000"))
Sleep($timedelay)
Next
if $i >100 then
GUICtrlSetData ($Label6,"Done")
GUICtrlSetState($btnStart, $GUI_ENABLE)
MsgBox(4096, "", "Complete.")
endif
EndFuncINet.au3
#include-once
Func _GetIP()
Local $ip, $t_ip
If InetGet("http://checkip.dyndns.org/?rnd1=" & Random(1, 65536) & "&rnd2=" & Random(1, 65536), @TempDir & "\~ip.tmp") Then
$ip = FileRead(@TempDir & "\~ip.tmp", FileGetSize(@TempDir & "\~ip.tmp"))
FileDelete(@TempDir & "\~ip.tmp")
$ip = StringTrimLeft($ip, StringInStr($ip, ":") + 1)
$ip = StringTrimRight($ip, StringLen($ip) - StringInStr($ip, "/") + 2)
$t_ip = StringSplit($ip, '.')
If $t_ip[0] = 4 And StringIsDigit($t_ip[1]) And StringIsDigit($t_ip[2]) And StringIsDigit($t_ip[3]) And StringIsDigit($t_ip[4]) Then
Return $ip
EndIf
EndIf
If InetGet("http://www.whatismyip.com/?rnd1=" & Random(1, 65536) & "&rnd2=" & Random(1, 65536), @TempDir & "\~ip.tmp") Then
$ip = FileRead(@TempDir & "\~ip.tmp", FileGetSize(@TempDir & "\~ip.tmp"))
FileDelete(@TempDir & "\~ip.tmp")
$ip = StringTrimLeft($ip, StringInStr($ip, "Your ip is") + 10)
$ip = StringLeft($ip, StringInStr($ip, " ") - 1)
$ip = StringStripWS($ip, 8)
$t_ip = StringSplit($ip, '.')
If $t_ip[0] = 4 And StringIsDigit($t_ip[1]) And StringIsDigit($t_ip[2]) And StringIsDigit($t_ip[3]) And StringIsDigit($t_ip[4]) Then
Return $ip
EndIf
EndIf
SetError(1)
Return -1
EndFunc
Func _INetExplorerCapable($s_IEString)
If StringLen($s_IEString) <= 0 Then
Return ''
SetError(1)
Else
Local $s_IEReturn
Local $i_IECount
Local $n_IEChar
For $i_IECount = 1 To StringLen($s_IEString)
$n_IEChar = '0x' & Hex(Asc(StringMid($s_IEString, $i_IECount, 1)), 2)
If $n_IEChar < 0x21 Or $n_IEChar = 0x25 Or $n_IEChar = 0x2f Or $n_IEChar > 0x7f Then
$s_IEReturn = $s_IEReturn & '%' & StringRight($n_IEChar, 2)
Else
$s_IEReturn = $s_IEReturn & Chr($n_IEChar)
EndIf
Next
Return $s_IEReturn
EndIf
EndFunc
Func _INetGetSource($s_URL, $s_Header = '')
If StringLeft($s_URL, 7) <> 'http://' And StringLeft($s_URL, 8) <> 'https://' Then $s_URL = 'http://' & $s_URL
Local $h_DLL = DllOpen("wininet.dll")
Local $ai_IRF, $s_Buf = ''
Local $ai_IO = DllCall($h_DLL, 'int', 'InternetOpen', 'str', "AutoIt v3", 'int', 0, 'int', 0, 'int', 0, 'int', 0)
If @error Or $ai_IO[0] = 0 Then
DllClose($h_DLL)
SetError(1)
Return ""
EndIf
Local $ai_IOU = DllCall($h_DLL, 'int', 'InternetOpenUrl', 'int', $ai_IO[0], 'str', $s_URL, 'str', $s_Header, 'int', StringLen($s_Header), 'int', 0x80000000, 'int', 0)
If @error Or $ai_IOU[0] = 0 Then
DllCall($h_DLL, 'int', 'InternetCloseHandle', 'int', $ai_IO[0])
DllClose($h_DLL)
SetError(1)
Return ""
EndIf
Local $v_Struct = DllStructCreate('udword')
DllStructSetData($v_Struct, 1, 1)
While DllStructGetData($v_Struct, 1) <> 0
$ai_IRF = DllCall($h_DLL, 'int', 'InternetReadFile', 'int', $ai_IOU[0], 'str', '', 'int', 256, 'ptr', DllStructGetPtr($v_Struct))
$s_Buf &= StringLeft($ai_IRF[2], DllStructGetData($v_Struct, 1))
WEnd
DllCall($h_DLL, 'int', 'InternetCloseHandle', 'int', $ai_IOU[0])
DllCall($h_DLL, 'int', 'InternetCloseHandle', 'int', $ai_IO[0])
DllClose($h_DLL)
Return $s_Buf
EndFunc
Func _INetMail($s_MailTo, $s_MailSubject, $s_MailBody)
Local $prev = opt("ExpandEnvStrings", 1)
Local $var = RegRead('HKCR\mailto\shell\open\command', "")
Local $ret = Run(StringReplace($var, '%1', _INetExplorerCapable('mailto:' & $s_MailTo & '?subject=' & $s_MailSubject & '&body=' & $s_MailBody)))
opt("ExpandEnvStrings", $prev)
Return $ret
EndFunc
Func _INetSmtpMail($s_SmtpServer, $s_FromName, $s_FromAddress, $s_ToAddress, $s_Subject = "", $as_Body = "", $s_helo = "", $s_first=" ", $b_trace = 0)
Local $v_Socket
Local $s_IPAddress
Local $i_Count
Local $s_Send[6]
Local $s_ReplyCode[6]
If $s_SmtpServer = "" Or $s_FromAddress = "" Or $s_ToAddress = "" Or $s_FromName = "" Or StringLen($s_FromName) > 256 Then
SetError(1)
Return 0
EndIf
If $s_helo = "" Then $s_helo = @ComputerName
If TCPStartup() = 0 Then
SetError(2)
Return 0
EndIf
StringRegExp($s_SmtpServer, "(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)")
If @extended Then
$s_IPAddress = $s_SmtpServer
Else
$s_IPAddress = TCPNameToIP($s_SmtpServer)
EndIf
If $s_IPAddress = "" Then
TCPShutdown()
SetError(3)
Return 0
EndIf
$v_Socket = TCPConnect($s_IPAddress, 25)
If $v_Socket = -1 Then
TCPShutdown()
SetError(4)
Return (0)
EndIf
$s_Send[0] = "HELO " & $s_helo & @CRLF
If StringLeft($s_helo,5) = "EHLO " Then $s_Send[0] = $s_helo & @CRLF
$s_ReplyCode[0] = "250"
$s_Send[1] = "MAIL FROM: <" & $s_FromAddress & ">" & @CRLF
$s_ReplyCode[1] = "250"
$s_Send[2] = "RCPT TO: <" & $s_ToAddress & ">" & @CRLF
$s_ReplyCode[2] = "250"
$s_Send[3] = "DATA" & @CRLF
$s_ReplyCode[3] = "354"
$s_Send[4] = "From:" & $s_FromName & "<" & $s_FromAddress & ">" & @CRLF & _
"To:" & "<" & $s_ToAddress & ">" & @CRLF & _
"Subject:" & $s_Subject & @CRLF & _
"Mime-Version: 1.0" & @CRLF & _
"Content-Type: text/plain; charset=US-ASCII" & @CRLF & _
@CRLF
$s_ReplyCode[4] = ""
$s_Send[5] = @CRLF & "." & @CRLF
$s_ReplyCode[5] = "250"
If _SmtpSend($v_Socket, $s_Send[0], $s_ReplyCode[0], $b_trace, "220", $s_first) Then
SetError(50)
Return 0
EndIf
For $i_Count = 1 To UBound($s_Send) - 2
If _SmtpSend($v_Socket, $s_Send[$i_Count], $s_ReplyCode[$i_Count], $b_trace) Then
SetError(50 + $i_Count)
Return 0
EndIf
Next
For $i_Count = 0 To UBound($as_Body) - 1
If StringLeft($as_Body[$i_Count], 1) = "." Then $as_Body[$i_Count] = "." & $as_Body[$i_Count]
If _SmtpSend($v_Socket, $as_Body[$i_Count] & @CRLF, "", $b_trace) Then
SetError(500 + $i_Count)
Return 0
EndIf
Next
$i_Count = UBound($s_Send) - 1
If _SmtpSend($v_Socket, $s_Send[$i_Count], $s_ReplyCode[$i_Count], $b_trace) Then
SetError(5000)
Return 0
EndIf
TCPCloseSocket($v_Socket)
TCPShutdown()
Return 1
EndFunc
Func _SmtpTrace($str, $timeout = 0)
Local $W_TITLE = "SMTP trace"
Local $g_smtptrace = ControlGetText($W_TITLE, "", "Static1")
$str = StringLeft(StringReplace($str, @CRLF, ""), 70)
$g_smtptrace &= @HOUR & ":" & @MIN & ":" & @SEC & " " & $str & @LF
If WinExists($W_TITLE) Then
ControlSetText($W_TITLE, "", "Static1", $g_smtptrace)
Else
SplashTextOn($W_TITLE, $g_smtptrace, 400, 500, 500, 100, 4 + 16, "", 8)
EndIf
If $timeout Then Sleep($timeout * 1000)
EndFunc
Func _SmtpSend($v_Socket, $s_Send, $s_ReplyCode, $b_trace, $s_IntReply="", $s_first="")
Local $s_Receive, $i, $timer
If $b_trace Then _SmtpTrace($s_Send)
If $s_IntReply <> "" Then
If $s_first <> -1 Then
If TCPSend($v_Socket, $s_first) = 0 Then
TCPCloseSocket($v_Socket)
TCPShutdown()
Return 1
EndIf
EndIf
$s_Receive = ""
$timer = TimerInit()
While StringLeft($s_Receive,StringLen($s_IntReply)) <> $s_IntReply And TimerDiff($timer) < 45000
$s_Receive = TCPRecv($v_Socket, 1000)
If $b_trace And $s_Receive <> "" Then _SmtpTrace("intermediate->" & $s_Receive)
WEnd
EndIf
If TCPSend($v_Socket, $s_Send) = 0 Then
TCPCloseSocket($v_Socket)
TCPShutdown()
Return 1
EndIf
$timer = TimerInit()
$s_Receive = ""
While $s_Receive = "" And TimerDiff($timer) < 45000
$i += 1
$s_Receive = TCPRecv($v_Socket, 1000)
If $s_ReplyCode = "" Then ExitLoop
WEnd
If $s_ReplyCode <> "" Then
If $b_trace Then _SmtpTrace($i & " <- " & $s_Receive)
If StringLeft($s_Receive, StringLen($s_ReplyCode)) <> $s_ReplyCode Then
TCPCloseSocket($v_Socket)
TCPShutdown()
If $b_trace Then _SmtpTrace("<-> " & $s_ReplyCode, 5)
Return 2
EndIf
EndIf
Return 0
EndFunc
Func _TCPIpToName($sIp, $iOption = Default, $hDll_Ws2_32 = Default)
Local $vbinIP, $vaDllCall, $vptrHostent, $vHostent, $sHostnames, $vh_aliases, $i
Local $INADDR_NONE = 0xffffffff, $AF_INET = 2, $sSeperator = @CR
If $iOption = Default Then $iOption = 0
If $hDll_Ws2_32 = Default Then $hDll_Ws2_32 = "Ws2_32.dll"
$vaDllCall = DllCall($hDll_Ws2_32, "long", "inet_addr", "str", $sIp)
If @error Then Return SetError(1, 0, "")
$vbinIP = $vaDllCall[0]
If $vbinIP = $INADDR_NONE Then Return SetError(2, 0, "")
$vaDllCall = DllCall($hDll_Ws2_32, "ptr", "gethostbyaddr", "long_ptr", $vbinIP, "int", 4, "int", $AF_INET)
If @error Then Return SetError(3, 0, "")
$vptrHostent = $vaDllCall[0]
If $vptrHostent = 0 Then
$vaDllCall = DllCall($hDll_Ws2_32, "int", "WSAGetLastError")
If @error Then Return SetError(5, 0, "")
Return SetError(4, $vaDllCall[0], "")
EndIf
$vHostent = DllStructCreate("ptr;ptr;short;short;ptr", $vptrHostent)
$sHostnames = __TCPIpToName_szStringRead(DllStructGetData($vHostent, 1))
If @error Then Return SetError(6, 0, $sHostnames)
If $iOption = 1 Then
$sHostnames &= $sSeperator
For $i = 0 To 63
$vh_aliases = DllStructCreate("ptr", DllStructGetData($vHostent, 2) + ($i * 4))
If DllStructGetData($vh_aliases, 1) = 0 Then ExitLoop
$sHostnames &= __TCPIpToName_szStringRead(DllStructGetData($vh_aliases, 1))
If @error Then
SetError(7)
ExitLoop
EndIf
Next
Return StringSplit(StringStripWS($sHostnames, 2), @CR)
Else
Return $sHostnames
EndIf
EndFunc
Func __TCPIpToName_szStringRead($iszPtr, $iLen = -1, $hDll_msvcrt = "msvcrt.dll")
Local $aStrLen, $vszString
If $iszPtr < 1 Then Return ""
If $iLen < 0 Then
$aStrLen = DllCall($hDll_msvcrt, "int:cdecl", "strlen", "ptr", $iszPtr)
If @error Then Return SetError(1, 0, "")
$iLen = $aStrLen[0] + 1
EndIf
$vszString = DllStructCreate("char[" & $iLen & "]", $iszPtr)
If @error Then Return SetError(2, 0, "")
Return SetError(0, $iLen, DllStructGetData($vszString, 1))
EndFunc
