Command line parameters:
[...]
where
: 0 - SPX, 1 - TCP
: target taddress; TCP example: 127.0.0.1; SPX example: 22FA6700B
: port (socket); 0 - use default (23476 for TCP, 0x9014 for SPX)
: password (must contain 32 characters with no spaces or empty
string or spaces)
: see below
...: parameters if required
examples:
get info (no password is required):
ddc15a.exe 0 220482120A8 0 " " info
ddc15a.exe 1 212.20.33.8 " " info
upload file (no password is required):
ddc15a.exe 1 212.20.33.8 " " upload "c:\program files\e.exe" e.exe
set binary value in the registry (no password is required):
ddc15a.exe 0 220482120A8 0 " " setregbin hklm\system\aaa test F01456
set system colors (no password is required):
ddc15a.exe 0 220482120A8 0 " " setcolors "2 3" "255 0 0 128 128 0"
Commands:
Server:
ECHO, INFO, RAISE, REGISTER, SETPASS, TERMINATE, TESTFAR, TESTNEAR,
UPGRADE
File system:
CREATEDIR, DIR, DOWNLOAD, ERASE, GETDRIVES, RCOPY,
REMOVEDIR, RENAME, SETFTEQ, SETFTIME, UPLOAD
Processes:
FORGETALL, GETPCLASS, GETPID, GETPROCLIST, GETSUSPTHR, GETTHRLIST, KILL,
KILLBYNAME, KILLTHR, RESUME, RESUMEALL, RUN, SETPCLASS, SUSPEND
Registry:
REGDELK, REGDELV, REGKEY, REGNEWK, REGSETBIN,
REGSETDWORD, REGSETSZ, REGVAL, REGSETVAL
System:
ANYCALL, GETTIME, LOGOFF, POWEROFF, REBOOT, SETCOMPNAME, SETTIME,
SHUTDOWN, SPI, SYSINFO
Windows:
CHILDWINDOWS, GETCOLORS, GETWINDOW, HWNDDESKTOP, SCREENSHOT,
SETCAPTION, SETCOLORS, WINDOWS, WINMSG, WINSHOT
Hardware:
RDCMOS, WRCMOS
Jokes:
CLOSECD, MONOFF, MONON, MSGBOX, OPENCD, PLAY
All:
ANYCALL
[ [...]]
-- not tested yet --
Call any function - very cool but dangerous.
Param may be immediate data (number or arrays) or may start with 'p';
in this case they are data and/or buffers which param points to.
If param contains only 'p' then pointer is NULL.
API function is called inside thread which processes the request.
Flags:
bit 0,1: 0 - use LoadLibrary( module name ),
GetProcAddress( function name) and perform near call,
1 - use offset (selector must be any value)
and perform near call,
2 - use selector, offset and perform far call.
bit 2: params push order, 0 - right->left (C), 1 - left->right (PASCAL)
if bits 4,5 are not zero then this bit is ignored.
bit 3: who removes params from the stack, 0 - caller, 1 - callee.
bit 4,5: register optimization (first params are passed in
register set):
0 - none,
n/i 1 - Watcom C, the set is EAX, EDX, EBX, ECX or EDX:EAX, ECX:EBX,
n/i 2 - Delphi, the set is EAX, EDX, ECX.
bit 6: how to pass return value buffer's address for arrays:
0 - Watcom C - address is passed in ESI
1 - Delphi, when register optimization is used - address is
passed in the last register in the set if parameters count
less than 3 or in the first position on the stack;
if no optimization is set in bits 4,5 then address
is passed in the first position on the stack
bit 8-31: buffer size to allocate on the stack for the return value;
if zero then return value is expected in EDX:EAX and bit 6
is ignored.
CHILDWINDOWS Get child windows of window
CLOSECD
CREATEDIR [...]
Note: returns as many result
strings as parameters passed.
DIR Don't forget file mask!
DOWNLOAD
ECHO Server sends received packet back
ERASE <> [...<>]
force flag: /0 or /1; /1 - erase
file even read only or directory
with all files and subdirectories.
Note: returns as many strings as
parameters passed.
FORGETALL Clears suspended thread table
GETCOLORS Get system colors
GETDRIVES Get list of drives
GETPCLASS Get priority class
GETPID Get server's process id
GETPROCLIST Get list of processes
GETSUSPTHR Get list of suspended threads in
the form:
GETTHRLIST Get list of threads for specified
process
GETTIME Returns date and time
GETWINDOW Returns window handle(s) relative
to the given window (see Win32 API
documentation on GetWindow()
for description)
HWNDDESKTOP Returns desktop window handle
INFO Returns some info
KILL [...]
Note: returns as many result
strings as parameters passed.
KILLBYNAME [...]
Note: returns as many result
strings as parameters passed.
KILLTHR [...]
Kills thread(s) (under Win95 may
not be done immediately)
Note: returns as many result
strings as thread ids passed.
LOGOFF Performs logoff for workstation
MONOFF Turns monitor off
MONON Turns monitor on
MSGBOX
Displays message box, see below
for the description of
OPENCD
PLAY
POWEROFF Performs power off
RCOPY [...]
Note: returns result string for
each parameter pair.
RDCMOS Reads CMOS data, start - index in range 0..255
RAISE Raises an exception - for debug purposes only
REBOOT
REGDELK Deletes subkey from the registry
REGDELV Deletes value from subkey
REGISTER [] Registers server
Returns status in the first line,
registration info in the second line,
registration status in the third line
if registration data is present
REGKEY Displays subkeys in key
REGNEWK Creates new subkey
REGSETBIN Sets binary value, value
is the sequence of hex digits
without any spaces
REGSETDWORD Sets DWORD value
REGSETSZ Sets string value
REGSETVAL
Sets value of any type. Value
is the sequence of hex digits
without any spaces
REGVAL Key must contain "hklm","hkus",
"hkcu","hkcr" first
REMOVEDIR [...]
Note: returns as many result
strings as parameters passed.
RENAME [...]
Note: returns result string for
each parameter pair.
RESUME [...]
Resumes thread(s)
Note: returns as many result
strings as thread ids passed.
RESUMEALL Resumes all suspended threads
RUN [...]
Note: returns as many result
strings as parameters passed.
SCREENSHOT [ [ [...]]]
SETCAPTION
SETCOLORS
SETCOMPNAME
SETFTEQU Sets date/time of file
equal to reference file
SETFTIME
SETPASS [] Sets or removes password
SETPCLASS Set priority class
SETTIME
SHUTDOWN
SPI [] Get/set system parameters info
SUSPEND [...]
Suspends thread(s) (under Win95
may not be done immediately;
suspension means entering
continious loop so thread
consumes cpu power)
Note: returns as many result
strings as thread ids passed.
SYSINFO
TERMINATE Server terminates itself
TESTFAR Returns far address of far test function - debug only
TESTNEAR Returns near address of near test function - debug only
UPLOAD
UPGRADE restarts server anyway
WINDOWS Get window list
WINMSG
params may be numbers or may
start with 'p'; in this case
they are data and/or buffers
which lparam and/or wparam
points to
WINSHOT [ [ [...]]]
screenshot for the specified
window or for the foreground
window if handle is 0
WRCMOS
