mirror of
https://github.com/vxunderground/MalwareSourceCode.git
synced 2024-12-27 13:55:26 +00:00
111 lines
3.3 KiB
C#
111 lines
3.3 KiB
C#
|
// Decompiled with JetBrains decompiler
|
|||
|
// Type: Bmc.Broker.Proxy.ProxyInfo
|
|||
|
// Assembly: ticketservice, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null
|
|||
|
// MVID: 3DFB8186-7053-43AF-8B45-70866071B1F2
|
|||
|
// Assembly location: C:\Users\Administrateur\Downloads\Virusshare-00001-msil\Trojan.Win32.Patched.mf-fd200e64412b6be5c177c3cfa7b94e83e807ff04211ce324f12e2ffa5537eb36.exe
|
|||
|
|
|||
|
using System;
|
|||
|
using System.Collections;
|
|||
|
using System.Net;
|
|||
|
using System.Text.RegularExpressions;
|
|||
|
|
|||
|
namespace Bmc.Broker.Proxy
|
|||
|
{
|
|||
|
public class ProxyInfo : IWebProxy
|
|||
|
{
|
|||
|
public static readonly Regex schematizedProxyRegex = new Regex("^([a-zA-Z]+)=(.*)");
|
|||
|
public static readonly Regex hostAndPortRegex = new Regex("^[a-zA-Z0-9.]+:[0-9]+");
|
|||
|
private static readonly char[] splitChars = new char[5]
|
|||
|
{
|
|||
|
' ',
|
|||
|
';',
|
|||
|
'\n',
|
|||
|
'\r',
|
|||
|
'\t'
|
|||
|
};
|
|||
|
private ICredentials creds;
|
|||
|
public bool useProxy;
|
|||
|
public Hashtable proxies;
|
|||
|
public Uri defaultProxy;
|
|||
|
public string[] bypassDomains;
|
|||
|
public bool bypassLocal;
|
|||
|
|
|||
|
public ProxyInfo()
|
|||
|
{
|
|||
|
this.creds = (ICredentials) null;
|
|||
|
this.useProxy = false;
|
|||
|
this.proxies = new Hashtable();
|
|||
|
this.defaultProxy = (Uri) null;
|
|||
|
this.bypassDomains = new string[0];
|
|||
|
this.bypassLocal = true;
|
|||
|
}
|
|||
|
|
|||
|
private Uri UriFrom(string str) => str.IndexOf(':') == -1 || ProxyInfo.hostAndPortRegex.Match(str).Success ? new Uri("http://" + str) : new Uri(str);
|
|||
|
|
|||
|
public void LoadFrom(WINHTTP_PROXY_INFO wpi)
|
|||
|
{
|
|||
|
if (wpi.dwAccessType == 1)
|
|||
|
{
|
|||
|
this.useProxy = false;
|
|||
|
}
|
|||
|
else
|
|||
|
{
|
|||
|
this.useProxy = true;
|
|||
|
foreach (string str in wpi.lpszProxy == null ? new string[0] : wpi.lpszProxy.Split(ProxyInfo.splitChars))
|
|||
|
{
|
|||
|
Match match = ProxyInfo.schematizedProxyRegex.Match(str);
|
|||
|
if (match.Success)
|
|||
|
this.proxies[(object) match.Groups[1].ToString()] = (object) this.UriFrom(match.Groups[2].ToString());
|
|||
|
else
|
|||
|
this.defaultProxy = this.UriFrom(str);
|
|||
|
}
|
|||
|
this.bypassDomains = wpi.lpszProxyBypass == null ? new string[0] : wpi.lpszProxyBypass.Split(ProxyInfo.splitChars);
|
|||
|
this.bypassLocal = false;
|
|||
|
foreach (string bypassDomain in this.bypassDomains)
|
|||
|
{
|
|||
|
if (bypassDomain == "<local>")
|
|||
|
{
|
|||
|
this.bypassLocal = true;
|
|||
|
break;
|
|||
|
}
|
|||
|
}
|
|||
|
if (!this.bypassLocal)
|
|||
|
return;
|
|||
|
string[] strArray = new string[this.bypassDomains.Length - 1];
|
|||
|
int num = 0;
|
|||
|
foreach (string bypassDomain in this.bypassDomains)
|
|||
|
{
|
|||
|
if (bypassDomain != "<local>")
|
|||
|
strArray[num++] = bypassDomain;
|
|||
|
}
|
|||
|
this.bypassDomains = strArray;
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
public ICredentials Credentials
|
|||
|
{
|
|||
|
get => this.creds;
|
|||
|
set => this.creds = value;
|
|||
|
}
|
|||
|
|
|||
|
public Uri GetProxy(Uri dest)
|
|||
|
{
|
|||
|
if (!this.useProxy)
|
|||
|
return (Uri) null;
|
|||
|
return this.proxies.ContainsKey((object) dest.Scheme) ? (Uri) this.proxies[(object) dest.Scheme] : this.defaultProxy;
|
|||
|
}
|
|||
|
|
|||
|
public bool IsBypassed(Uri dest)
|
|||
|
{
|
|||
|
if (!this.useProxy || this.bypassLocal && (dest.IsLoopback || dest.Host.IndexOf('.') == -1))
|
|||
|
return true;
|
|||
|
foreach (string bypassDomain in this.bypassDomains)
|
|||
|
{
|
|||
|
if (bypassDomain == dest.Host)
|
|||
|
return true;
|
|||
|
}
|
|||
|
return false;
|
|||
|
}
|
|||
|
}
|
|||
|
}
|