mirror of
https://github.com/vxunderground/MalwareSourceCode.git
synced 2024-12-26 13:25:26 +00:00
121 lines
4.7 KiB
C#
121 lines
4.7 KiB
C#
|
// Decompiled with JetBrains decompiler
|
|||
|
|
// Type: Bmc.Broker.Proxy.ProxyComponent
|
|||
|
|
// Assembly: ticketservice, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
|
|||
|
|
// MVID: 3DFB8186-7053-43AF-8B45-70866071B1F2
|
|||
|
|
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00001-msil\Trojan.Win32.Patched.mf-fd200e64412b6be5c177c3cfa7b94e83e807ff04211ce324f12e2ffa5537eb36.exe
|
|||
|
|
|
|||
|
|
using Bmc.Broker.Config;
|
|||
|
|
using Bmc.RegistryAccess;
|
|||
|
|
using Microsoft.Win32;
|
|||
|
|
using Net.LShift.Utilities;
|
|||
|
|
using System;
|
|||
|
|
using System.Net;
|
|||
|
|
using System.Runtime.InteropServices;
|
|||
|
|
|
|||
|
|
namespace Bmc.Broker.Proxy
|
|||
|
|
{
|
|||
|
|
public class ProxyComponent
|
|||
|
|
{
|
|||
|
|
public const int WINHTTP_ACCESS_TYPE_DEFAULT_PROXY = 0;
|
|||
|
|
public const int WINHTTP_ACCESS_TYPE_NO_PROXY = 1;
|
|||
|
|
public const int WINHTTP_ACCESS_TYPE_NAMED_PROXY = 3;
|
|||
|
|
private const int WINHTTP_AUTOPROXY_AUTO_DETECT = 1;
|
|||
|
|
private const int WINHTTP_AUTOPROXY_CONFIG_URL = 2;
|
|||
|
|
private const int WINHTTP_AUTOPROXY_RUN_INPROCESS = 65536;
|
|||
|
|
private const int WINHTTP_AUTOPROXY_RUN_OUTPROCESS_ONLY = 131072;
|
|||
|
|
private const int WINHTTP_AUTO_DETECT_TYPE_DHCP = 1;
|
|||
|
|
private const int WINHTTP_AUTO_DETECT_TYPE_DNS_A = 2;
|
|||
|
|
private static readonly IntPtr WINHTTP_NO_PROXY_NAME = IntPtr.Zero;
|
|||
|
|
private static readonly IntPtr WINHTTP_NO_PROXY_BYPASS = IntPtr.Zero;
|
|||
|
|
|
|||
|
|
[DllImport("winhttp.dll", CharSet = CharSet.Unicode, SetLastError = true)]
|
|||
|
|
private static extern IntPtr WinHttpOpen(
|
|||
|
|
string pwszUserAgent,
|
|||
|
|
int dwAccessType,
|
|||
|
|
IntPtr pwszProxyName,
|
|||
|
|
IntPtr pwszProxyBypass,
|
|||
|
|
int dwFlags);
|
|||
|
|
|
|||
|
|
[DllImport("winhttp.dll", CharSet = CharSet.Unicode, SetLastError = true)]
|
|||
|
|
private static extern bool WinHttpCloseHandle(IntPtr hInternet);
|
|||
|
|
|
|||
|
|
[DllImport("winhttp.dll", CharSet = CharSet.Unicode, SetLastError = true)]
|
|||
|
|
private static extern bool WinHttpGetProxyForUrl(
|
|||
|
|
IntPtr hSession,
|
|||
|
|
string lpcwszUrl,
|
|||
|
|
ref WINHTTP_AUTOPROXY_OPTIONS pAutoProxyOptions,
|
|||
|
|
ref WINHTTP_PROXY_INFO pProxyInfo);
|
|||
|
|
|
|||
|
|
[DllImport("winhttp.dll", CharSet = CharSet.Unicode, SetLastError = true)]
|
|||
|
|
private static extern bool WinHttpGetIEProxyConfigForCurrentUser(
|
|||
|
|
ref WINHTTP_CURRENT_USER_IE_PROXY_CONFIG pProxyConfig);
|
|||
|
|
|
|||
|
|
public static ProxyComponent Instance => SingletonFactory.GetInstance(typeof (ProxyComponent)) as ProxyComponent;
|
|||
|
|
|
|||
|
|
public void SetupForProxy(WebRequest request)
|
|||
|
|
{
|
|||
|
|
IWebProxy proxy = this.GetProxy(request);
|
|||
|
|
if (proxy == null)
|
|||
|
|
return;
|
|||
|
|
proxy.Credentials = (ICredentials) this.ProxyCredential;
|
|||
|
|
request.Proxy = proxy;
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
private IWebProxy GetProxy(WebRequest request)
|
|||
|
|
{
|
|||
|
|
ProxyInfo proxy = (ProxyInfo) null;
|
|||
|
|
try
|
|||
|
|
{
|
|||
|
|
if (this.GetProxyAutoDetect())
|
|||
|
|
proxy = ProxyComponent.GetDynamicProxyForUrl(request.RequestUri.ToString());
|
|||
|
|
}
|
|||
|
|
catch (Exception ex)
|
|||
|
|
{
|
|||
|
|
proxy = (ProxyInfo) null;
|
|||
|
|
}
|
|||
|
|
if (proxy != null)
|
|||
|
|
return (IWebProxy) proxy;
|
|||
|
|
return this.GetProxyEnable() ? (IWebProxy) WebProxy.GetDefaultProxy() : (IWebProxy) null;
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
public NetworkCredential ProxyCredential => this.ProxyUserName == "" && this.ProxyPassword == "" ? (NetworkCredential) null : new NetworkCredential(this.ProxyUserName, this.ProxyPassword);
|
|||
|
|
|
|||
|
|
private bool GetProxyAutoDetect()
|
|||
|
|
{
|
|||
|
|
WINHTTP_CURRENT_USER_IE_PROXY_CONFIG pProxyConfig = new WINHTTP_CURRENT_USER_IE_PROXY_CONFIG();
|
|||
|
|
ProxyComponent.WinHttpGetIEProxyConfigForCurrentUser(ref pProxyConfig);
|
|||
|
|
return pProxyConfig.fAutoDetect;
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
private bool GetProxyEnable() => (int) Registry.CurrentUser.OpenSubKey("Software\\Microsoft\\Windows\\CurrentVersion\\Internet settings", false).GetValue("ProxyEnable") != 0;
|
|||
|
|
|
|||
|
|
private string ProxyUserName => ConfigurationManager.Instance[(FIELD) 13];
|
|||
|
|
|
|||
|
|
private string ProxyPassword => ConfigurationManager.Instance[(FIELD) 14];
|
|||
|
|
|
|||
|
|
public static ProxyInfo GetDynamicProxyForUrl(string addressUrl)
|
|||
|
|
{
|
|||
|
|
IntPtr num = ProxyComponent.WinHttpOpen(BuildVersion.ProductTitle, 0, ProxyComponent.WINHTTP_NO_PROXY_NAME, ProxyComponent.WINHTTP_NO_PROXY_BYPASS, 0);
|
|||
|
|
if (num == IntPtr.Zero)
|
|||
|
|
return (ProxyInfo) null;
|
|||
|
|
try
|
|||
|
|
{
|
|||
|
|
WINHTTP_AUTOPROXY_OPTIONS pAutoProxyOptions = new WINHTTP_AUTOPROXY_OPTIONS();
|
|||
|
|
pAutoProxyOptions.dwFlags = 1;
|
|||
|
|
pAutoProxyOptions.dwAutoDetectFlags = 3;
|
|||
|
|
pAutoProxyOptions.fAutoLoginIfChallenged = true;
|
|||
|
|
WINHTTP_PROXY_INFO pProxyInfo = new WINHTTP_PROXY_INFO();
|
|||
|
|
if (!ProxyComponent.WinHttpGetProxyForUrl(num, addressUrl, ref pAutoProxyOptions, ref pProxyInfo))
|
|||
|
|
return (ProxyInfo) null;
|
|||
|
|
ProxyInfo dynamicProxyForUrl = new ProxyInfo();
|
|||
|
|
dynamicProxyForUrl.LoadFrom(pProxyInfo);
|
|||
|
|
return dynamicProxyForUrl;
|
|||
|
|
}
|
|||
|
|
finally
|
|||
|
|
{
|
|||
|
|
ProxyComponent.WinHttpCloseHandle(num);
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
}
|