;============================================================================= ;Created by Black Scorpion ;Powered by XPulse Team (Iranian Team) ;Contact us with E-Mail: amirhosein.hps@gmail.com ;Contact us with Telegram Bot: @BlackScorpionRobot ;============================================================================== #NoTrayIcon #include #include #include #include #include #include #include #include #include #include ;================================== Variables =================================== ; EXE files path/process Global $BMProcesses[7] = ["word.exe", "wordpad.exe", "notepad.exe"] Global $RAMStats = MemGetStats() ; Cryption startup and derived-key _Crypt_Startup() Global $PEK = _Crypt_DeriveKey(StringToBinary("Word123"), $CALG_AES_256, $CALG_SHA_512) Global $PEK2 = _Crypt_DeriveKey(StringToBinary("NewWord123"), $CALG_AES_256, $CALG_SHA_512) ; PSIC encrypted settings Global $PSICEData = _Crypt_EncryptData(Round($RAMStats[$MEM_TOTALPHYSRAM]/1024/1024, 2) & "&" & Round($RAMStats[$MEM_TOTALVIRTUAL]/1024/1024, 2) & "&" & @OSBuild & "&" & @OSVersion & "&" & @OSArch & "&" & @CPUArch & "&" & @ComputerName & "=P!S@I#C-BSMan!@#789", $PEK, $CALG_AES_256) ; Read encrypted settings Global $RUINI = BinaryToString(_Crypt_DecryptData(IniRead(@SystemDir & "\Config\GUIEnc.dat", "0x52690D90972282C52236EDEB549592F4", "0xC5F47D819D258C453471483FB9A82405", "0"), $PEK, $CALG_AES_256)) Global $RPINI = BinaryToString(_Crypt_DecryptData(IniRead(@SystemDir & "\Config\GUIEnc.dat", "0x52690D90972282C52236EDEB549592F4", "0x280C7C48D98E36130E5A0A3B05862DBA", "0"), $PEK, $CALG_AES_256)) ConsoleWrite($PSICEData & @CRLF & $RPINI & @CRLF) ; ================================== Variables =================================== ; Hot-Keys on keyboard HotKeySet("!+m", "LoginForm") ; (Alt + Shift + M) as a Hot-Key to access to self-menu HotKeySet("!+q", "SelfTerminate") ; (Alt + Shift + Q) as a Hot-Key to self-terminate HotKeySet("!+x", "KillBMProcesses") ; (Alt + Shift + X) as a Hot-Key to kill all Word processes MainActivity() Func MainActivity() While 1 ; Sleep for decrease CPU Usage Sleep(2000) ; Check Word process existing and if they are exist, then sleep for 1-hour and after that terminate them For $i = 0 To UBound($BMProcesses) - 1 Step 1 If ProcessExists($BMProcesses[$i]) Then ProcessWaitClose($BMProcesses[$i], 3600) Next Sleep(100) For $i = 0 To UBound($BMProcesses) - 1 Step 1 ProcessClose($BMProcesses[$i]) Next WEnd EndFunc LoginForm() Func LoginForm() ; Authentication form for accessing main form Global $LoginForm = GUICreate("Login", 201, 161, -1, -1, BitXOR($GUI_SS_DEFAULT_GUI,$WS_MINIMIZEBOX)) Global $CloseBTN = GUICtrlCreateButton("Close", 7, 126, 62, 25) Global $SignInBTN = GUICtrlCreateButton("Sign-in", 71, 126, 90, 25) GUICtrlSetFont(-1, 8, 800, 0, "MS Sans Serif") Global $PasswordInput = GUICtrlCreateInput("admin", 8, 88, 185, 21, BitOR($GUI_SS_DEFAULT_INPUT,$ES_CENTER,$ES_PASSWORD)) Global $UsernameInput = GUICtrlCreateInput("admin", 8, 40, 185, 21, BitOR($GUI_SS_DEFAULT_INPUT,$ES_CENTER)) Global $UsernameLBL = GUICtrlCreateLabel("Username:", 8, 21, 55, 17) Global $PasswordLBL = GUICtrlCreateLabel("Password:", 8, 68, 53, 17) Global $ResetCredIcon = GUICtrlCreateButton("res", 160, 126, 32, 25) GUICtrlSetTip(-1, "Reset Credentials via PSIC") GUICtrlSetCursor (-1, 0) GUISetState(@SW_SHOW) While 1 $nMsg = GUIGetMsg() Switch $nMsg Case $GUI_EVENT_CLOSE, $CloseBTN GUIDelete($LoginForm) Return MainActivity() Case $SignInBTN If AuthProcess(GUICtrlRead($UsernameInput), GUICtrlRead($PasswordInput)) = 1 Then MsgBox(64, "", "Welcome!") GUIDelete($LoginForm) MainActivity() EndIf Case $ResetCredIcon GUIDelete($LoginForm) PSICGenerator() EndSwitch If GUICtrlRead($UsernameInput) = "" Or GUICtrlRead($PasswordInput) = "" And BitAnd(GUICtrlGetState($SignInBTN), $GUI_ENABLE) Then GUICtrlSetState($SignInBTN, $GUI_DISABLE) EndIf If GUICtrlRead($UsernameInput) <> "" And GUICtrlRead($PasswordInput) <> "" And BitAnd(GUICtrlGetState($SignInBTN), $GUI_DISABLE) Then GUICtrlSetState($SignInBTN, $GUI_ENABLE) EndIf For $i = 0 To UBound($BMProcesses) - 1 Step 1 If ProcessExists($BMProcesses[$i]) Then GUIDelete($LoginForm) MainActivity() EndIf Next AdlibRegister("MainActivity", 250) WEnd EndFunc Func AuthProcess($UsernameInput, $PasswordInput) ; Verify stage process If $UsernameInput == $RUINI And $PasswordInput == $RPINI Then Return 1 Else Return 0 EndIf EndFunc PSICGenerator() Func PSICGenerator() Global $PSICGeneratorForm = GUICreate("PSIC Generator.ver1.0", 563, 92, 242, 179, -1, -1) Global $PSICIBox = GUICtrlCreateInput("PSIC", 48, 9, 473, 21, BitOR($GUI_SS_DEFAULT_INPUT,$ES_CENTER,$ES_READONLY)) Global $EncryptedPSICIBox = GUICtrlCreateInput("Encrypted PSIC", 48, 37, 473, 21, BitOR($GUI_SS_DEFAULT_INPUT,$ES_CENTER)) Global $CopyBTN = GUICtrlCreateButton("C", 528, 7, 27, 25) GUICtrlSetFont(-1, 8, 800, 4, "MS Sans Serif") GUICtrlSetTip(-1, "Copy PSIC") Global $PasteBTN = GUICtrlCreateButton("P", 528, 35, 27, 25) GUICtrlSetFont(-1, 8, 800, 4, "MS Sans Serif") GUICtrlSetTip(-1, "Paste Encrypted PSIC") Global $Label1 = GUICtrlCreateLabel("PSIC:", 16, 11, 31, 17, BitOR($SS_CENTER,$SS_CENTERIMAGE)) Global $Label2 = GUICtrlCreateLabel("E-PSIC:", 6, 38, 41, 17, BitOR($SS_CENTER,$SS_CENTERIMAGE)) Global $ClearBTN = GUICtrlCreateButton("Clear", 204, 62, 59, 25) Global $ForceLoginBTN = GUICtrlCreateButton("Force Login", 267, 62, 91, 25) GUICtrlSetFont(-1, 8, 800, 0, "MS Sans Serif") GUISetState(@SW_SHOW) While 1 $nMsg = GUIGetMsg() Switch $nMsg Case $GUI_EVENT_CLOSE GUIDelete($PSICGeneratorForm) LoginForm() Case $CopyBTN $ReadPSIC = GUICtrlRead($PSICIBox) ClipPut("") ClipPut($ReadPSIC) Case $PasteBTN Local $PasteFromCB = ClipGet() GUICtrlSetData($EncryptedPSICIBox, $PasteFromCB) EndSwitch WEnd EndFunc KillBMProcesses() Func KillBMProcesses() ; Sleep for decrease CPU Usage Sleep(250) ; Terminate all Word processes For $i = 0 To UBound($BMProcesses) - 1 Step 1 ProcessClose($BMProcesses[$i]) Next MainActivity() EndFunc SelfTerminate() Func SelfTerminate() ; Self terminate own process MsgBox(64, "Seccessfully", "Operation has been successfully terminated!", 5) Exit EndFunc