Backdoor Framework : A little client/server framework for writing back doors.

+ backdoor: A backdoor is deliberate functionality that bypasses official publicly-documented authorization methods for that software and is intended by the author to be known to a limited audience.
+ protected resource: some resource that should be accessed/modified only when the software has authorized an agent to do so.
+ agent: user, process, object, etc. that can be authenticated and/or authorized to perform some action on a protected resource.
+ authentication: confirmation that an agent is who it claims to be.
+ authorization: confirmation that an agent is allowed to access some protected resource.

This server represents firmware running on some hardware. Normal firmware is event driven by interrupts from hardware, such as sensors, and connections by agents such as via web, ssh, etc. We want to keep things simple, so we treat agents
and hardware interrupts the same way. All agents and interrupts are represented by clients that connect to the server via Unix domain socket and issue zero or more commands to the server. The server processes each command from each client
sequentially and invokes the server_interrupt function synchronously after each command.

Clients (agents, simulated hardware) connect to the server via Unix domain socket and send a one-byte command followed by some number of one-byte arguments. The number of arguments is intrinsic to the command. Each client may send zero or
more commands, but the next client is not processed until the current one closes the connection.

* When invoked with no arguments, this program becomes the server.
* When invoked with arguments, this program becomes the client. The arguments are the integer commands and command
* arguments. Command names and variable names are also accepted.

Example: in one shell run “./backdoor-framework”. In another shell run these commands:
$ ./backdoor-framework nop
$ ./backdoor-framework set voltage 100
$ ./backdoor-framework exit



Download :  | Clone URL
Source :