Closed WilleLX1 closed 1 year ago
There are several control codes that you can send to the control pipe (documentation section 3.3 Control Pipe).
For example CONTROL_USER_SHELLEXEC
or CONTROL_USER_RUNPE
are useful control codes to execute an EXE file.
There is a code example in C++ to demonstrate sending a ShellExec control code. Data that you send must be in a specific format that is described in the documentation and that you can get a better grasp on from the example.
Other control codes just have different parameters, but the logic is always the same.
Hello again! Thank you for the help, I really appreciate it.
Regards WilleLX1
Hello! This is most likely a simple question, but I desperately need assistance. So I know that the rootkit starts a pipe and that any data I send to it is executed. The only issue here is that I have no idea how or what data I should send. Any assistance would be greatly appreciated. Regards WilleLX1