Problem with sending to a cmd-window

[TheAMG]

Hi guyz...first of all I wanna give my credits to autoit...I tried 2 code some with delphi and c++ --> slow progress....but then I found autoit and man I love it

I started to build a RAT(Remote Administration Tool)

One of the contents is a remote CMD, something like netcat or telnet but I got stuck with a problem.

1st lets look at this code...

expandcollapse popup

#include <GUIConstants.au3>
Opt("GUIOnEventMode", 1)
$Form1 = GUICreate("AForm1", 655, 388, 190, 117)
GUISetOnEvent($GUI_EVENT_CLOSE, "SpecialEvents")
GUISetOnEvent($GUI_EVENT_MINIMIZE, "SpecialEvents")
GUISetOnEvent($GUI_EVENT_MAXIMIZE, "SpecialEvents")

$CmdExecuteButton = GUICtrlCreateButton("Execute", 584, 8, 57, 25, 1)
GUICtrlSetOnEvent($CmdExecuteButton, "ExecuteFunctie")
$CmdInvulVak = GUICtrlCreateInput("", 8, 8, 561, 21)

$CmdWindow = GUICtrlCreateEdit("", 8, 40, 633, 337)
GUICtrlSetState ( $CmdInvulVak, $GUI_FOCUS)
GUISetState(@SW_SHOW)

while 1
    sleep(100)
WEnd

Func ExecuteFunctie()
    
    GUICtrlDelete($CmdWindow)
    $IngevuldeCommand = GUICtrlRead($CmdInvulVak)
    RunWait(@comspec & ' /c ' & $IngevuldeCommand & ' > c:\file.tmp', "", @SW_HIDE)
    $line = FileRead('c:\file.tmp')
    FileDelete('c:\file.tmp')
    $CmdWindow = GUICtrlCreateEdit("", 8, 40, 633, 337)
    GUICtrlSetData ( $CmdWindow, $line , default )
    GUICtrlSetState ( $CmdInvulVak, $GUI_FOCUS)
EndFunc

Func SpecialEvents()
    Select
        Case @GUI_CtrlId = $GUI_EVENT_CLOSE
            Exit
        Case @GUI_CtrlId = $GUI_EVENT_MINIMIZE
    
        Case @GUI_CtrlId = $GUI_EVENT_RESTORE

    EndSelect
EndFuncoÝ÷ Øp¢¹,)iÈZ®l"¶¨²×(f§vÆîµú+{¦¦W®q©ír§çb­·jëØ"½ëiÈ¢iÛâj«¨¶»§ªê-±ê^­«eÊ)趫Âݲ+`÷¬¶¢iÛ-¡§b}÷«z{jºkº{²È¨«¨´h¥ë®×«²Ö§wZ´î²ÛÛ(®¼¢¹²¦+zx%ÈH¶¸vÚaÊk¡¹^¼¨¥éâÜ"Ú0jwn±à¨Úè'§vÚ,zwmç(f§vËh¶Û­ç§êÞjÇ+jr^¶^춶­y©Ý­ëÞj[azènW¦jëh×6
#include <GUIConstants.au3>
Opt("GUIOnEventMode", 1)
$Form1 = GUICreate("AForm1", 116, 80, 193, 115)
$Button1 = GUICtrlCreateButton("AButton1", 32, 24, 57, 33, 0)
GUICtrlSetOnEvent($Button1, "ShellFunctie1")
GUISetState(@SW_SHOW)

While 1
    Sleep(100)
WEnd

Func ShellFunctie1()
    Run(@ComSpec & " /k TITLE HideCmd","",@SW_SHOW) ;not hidden 2 reveal the prob
    WinWait('HideCmd') 
    Sleep(250)
    ControlSend('HideCmd', "", "", "net start > c:\file.tmp{Enter}")
EndFunc

If u executed this code then you saw that it doesnt type "net start > c:\file.tmp"....instead it typed: net start . c;\file.tmp so there is a "shift"problem or something....I know I can fix this prob for this script but how do I fixt it when I wanna apply this to the 1st script(with a inputbox)...how is it gonna recognize when someone uses shift or maybe I need to search for my answer in a different direction?

I hope u can help

PS: Till I fixed this prob I'll use netcat but thats not the idea...I want my RAT to be 100% autoit like it should be

Greetzzz...TheAMG

[xcal]

Interesting... seems like a bug.

With ControlSend(), I tried

"net start > c:\file.tmp"

and

"net start > c{shiftdown};{shiftup}\file.tmp"

and

"net start > c+;\file.tmp"

and none worked. All outputted ; and not :.

Send() worked fine, though, with all of the above.

edit - Using the above and ControlSend() to notepad works as it should. So maybe bug isn't the right word?

Edited October 15, 2006 by xcal

[TheAMG]

Send() worked fine, though, with all of the above.

I dont wanna use Send() cuz I wanna send the commands a user inputs to a hidden cmd window when I apply this code to my RAT.

-== Edit ==-

A friend (nick: s0m3b0di3)gave me the answer I was looking for I managed 2 work around my problem by building a lil filter that converts the special chars to ascii b4 I send it to the cmd-window It works like a charm

Edited October 16, 2006 by TheAMG

[TheAMG]

ok....the filter works nice accept for 1 character

$FilteredCommand = StringReplace($Command, ":", "{ASC 58}")

that does the trick for all chars accept for this 1 --> "

how am I gonna filter that 1 ?

[TheAMG]

Crap!

the script doesnt continue becuz the cmd-screen is still opened :| I need it 2 stay open

Edited October 16, 2006 by TheAMG