Sign in to follow this  
Followers 0
seclinix

Runing a task via Message

8 posts in this topic

ok i have created an Autoit Rootkit that i am using to test a new operating system i have made and i wanted to know how to run a program when it recieves the comand run "Program"

eg. when i send to the client *RootKit*

run notepad

it will start notepad but if i had...

run explorer

it will start the explorer...

sorry if i dont make much sense i just want to make a simple run feature.

here is an example code except i want it to run the text after run

While 1
       $Message = TCPRecv( $nMain_Socket, $Bytes )
       
       If $Message = "Run" Then Run ($Run The Program)
WEnd

Share this post


Link to post
Share on other sites

hmmm...

well, in your case I would use a

CODE

select

case

endselect

type of sequence, it would turn out a little cleaner.

the syntax for running the program can be handled multiple ways:

directly from the awesome and complete AutoIT help file:

CODE

Run ( "filename" [, "workingdir" [, flag[, standard_i/o_flag]]] )

and the included example of running notepad:

CODE

Run("Notepad.exe", "", @SW_MAXIMIZE)

and examples of DOS style commands:

CODE

Run(@ComSpec & " /c " & 'commandName', "", @SW_HIDE)

You could even have your program follow up with a ProcessExist command to verify that your command executed appropriately.

Again, all of this is in the help file- hopefully this is what you're looking for.

Share this post


Link to post
Share on other sites

uhm sorry no not really, i want it like a command like so...

i can use stringleft to get the first 3 letters to see if it is a run command then i want to activate it afterwards

the client on the remote pc will only see messages like

run notepad

send message

run explorer.exe

so it will not know what it is meant to run, is there something like a loop, parse func?

where it will read a line in the format...

run, The thing to be opened

Share this post


Link to post
Share on other sites

StringSplit()

Share this post


Link to post
Share on other sites

i found out what i needed to do...

StringTrimLeft

after it read what the command was i had to take out the command and execute the stuff after command

so i took the run out of

run notepad.exe

Share this post


Link to post
Share on other sites

you could use

if stringinstr($message,"run|") then run(Stringreplace($message,"run|",""))

and then you should change your "Rootkit" so it sends "run|notepad.exe"


My Scripts:Radioblog Club Music DownloaderOther stuff:Fun movieIm serious read the help file it helps :PFight 'Till you drop. Never stop, You Cant give up. Til you reach the top Fight! you’re the best in town Fight!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0