This project is a remote access backdoor written in C. It establishes a TCP connection between two programs and allows remote command execution and file transfer.
The goal of this project is to apply networking and low-level C skills and to understand how backdoor-style malware works internally.
-
server.c
Creates a TCP socket, listens on port8080, accepts one connection, sends commands, uploads files, and receives downloaded files. -
client.c
Connects to the server, receives commands, executes them, and handles file upload and download.
- Protocol:
TCP - Address Family:
AF_INET(IPv4) - Port:
8080 - Blocking sockets
- Single connection only
- Commands are sent from the server to the client
- The client executes commands using
popen() - Command output is sent back line by line
- Output ends when the client sends the flag
"1"
download <file>: client reads a local file and sends it to the serverupload <file>: server sends a file to the client- File size is sent first as
uint64_t - Endianness handled using
htobe64()andbe64toh() - Data sent in chunks of
1024bytes
- The client supports
cd <path> - Directory change is handled using
chdir()
- Socket functions:
socket(),bind(),listen(),accept(),connect() - File handling:
fopen(),fread(),fwrite() - File size detection:
stat() - Process execution:
popen()
gcc server.c -o server gcc client.c -o client
- Server waits for user input and sends commands
- Client executes received commands
- Communication continues until
exitis sent
- No encryption
- The concept of persistence does not exist
- Does not include techniques to bypass antivirus
- It can be detected by firewals
This project exists to:
- Apply TCP socket programming in C
- Practice low-level file and process handling
- Understand how backdoor-style remote access works
- Analyze insecure remote command execution
Lkwads – Cybersecurity Student & Low-Level Programming Enthusiast