int _tmain(int argc, _TCHAR* argv[]){ DWORD Result; CShellEnvironment* p

1. int _tmain(int argc, _TCHAR* argv[])
2. {      
3.     DWORD Result;
4.     CShellEnvironment* pEnv = new CShellEnvironment(9304);
5.     if (pEnv->CreateEnvironment())
6.     {
7.         DWORD* pBuffer = (DWORD*)pEnv->CreateResource(sizeof(DWORD));
8.         CShellCode* pShell = new CShellCode(InvokeBotcheck, 36, TRUE);
9.         pShell->CreatePatch(4, (PBYTE)pBuffer, sizeof(DWORD));
10.         pShell->CreatePatch(10, (PBYTE)0, sizeof(DWORD));
11.         pShell->CreatePatch(16, (PBYTE)0, sizeof(DWORD));
12.         pShell->CreatePatch(22, (PBYTE)37560401, sizeof(DWORD));
13.  
14.         LPVOID remoteShell = pEnv->CreateResourceShell(pShell);
15.         pEnv->ExecuteRemoteFunc(remoteShell, NULL);
16.         pEnv->CopyFromResource(&Result, pBuffer, sizeof(DWORD));
17.  
18.         pEnv->FreeResource(pShell);
19.         pEnv->FreeResource(pBuffer);
20.  
21.         printf("Result obtained: %d", Result);
22.     }
23. }