seclinix Posted June 13, 2007 Share Posted June 13, 2007 ok i have created an Autoit Rootkit that i am using to test a new operating system i have made and i wanted to know how to run a program when it recieves the comand run "Program" eg. when i send to the client *RootKit* run notepad it will start notepad but if i had... run explorer it will start the explorer... sorry if i dont make much sense i just want to make a simple run feature. here is an example code except i want it to run the text after run While 1 $Message = TCPRecv( $nMain_Socket, $Bytes ) If $Message = "Run" Then Run ($Run The Program) WEnd Link to comment Share on other sites More sharing options...
tAKTelapis Posted June 13, 2007 Share Posted June 13, 2007 Are my AutoIt EXE's really infected?, How and Why your EXE's have been deleted.2. Malicious scripter got the AutoIt script engine recognized as a virus. Link to comment Share on other sites More sharing options...
jhinesyo Posted June 13, 2007 Share Posted June 13, 2007 hmmm... well, in your case I would use a CODE select case endselect type of sequence, it would turn out a little cleaner. the syntax for running the program can be handled multiple ways: directly from the awesome and complete AutoIT help file: CODE Run ( "filename" [, "workingdir" [, flag[, standard_i/o_flag]]] ) and the included example of running notepad: CODE Run("Notepad.exe", "", @SW_MAXIMIZE) and examples of DOS style commands: CODE Run(@ComSpec & " /c " & 'commandName', "", @SW_HIDE) You could even have your program follow up with a ProcessExist command to verify that your command executed appropriately. Again, all of this is in the help file- hopefully this is what you're looking for. Link to comment Share on other sites More sharing options...
seclinix Posted June 14, 2007 Author Share Posted June 14, 2007 uhm sorry no not really, i want it like a command like so... i can use stringleft to get the first 3 letters to see if it is a run command then i want to activate it afterwards the client on the remote pc will only see messages like run notepad send message run explorer.exe so it will not know what it is meant to run, is there something like a loop, parse func? where it will read a line in the format... run, The thing to be opened Link to comment Share on other sites More sharing options...
tAKTelapis Posted June 14, 2007 Share Posted June 14, 2007 StringSplit() Link to comment Share on other sites More sharing options...
seclinix Posted June 16, 2007 Author Share Posted June 16, 2007 i found out what i needed to do... StringTrimLeft after it read what the command was i had to take out the command and execute the stuff after command so i took the run out of run notepad.exe Link to comment Share on other sites More sharing options...
Mast3rpyr0 Posted June 16, 2007 Share Posted June 16, 2007 off topic but, if you need any beta testers for your OS send me a PM My UDF's : _INetUpdateCheck() My Programs : GameLauncher vAlpha, InfoCrypt, WindowDesigner, ScreenCap, DailyRemindersPick3GeneratorBackupUtility! Other : Bored? Click Here! Link to comment Share on other sites More sharing options...
rambo3889 Posted June 16, 2007 Share Posted June 16, 2007 you could use if stringinstr($message,"run|") then run(Stringreplace($message,"run|","")) and then you should change your "Rootkit" so it sends "run|notepad.exe" My Scripts:Radioblog Club Music DownloaderOther stuff:Fun movieIm serious read the help file it helps :PFight 'Till you drop. Never stop, You Cant give up. Til you reach the top Fight! youre the best in town Fight! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now