hi !
i'm coding a backdoor, and when i send a command, the server execute this command (fortunately) with system()
but i wanted to know how can i redirect the output from the cmd to the socket?
i thought about close() and dup() but i'm not sure that is works for system()
or can I get the output into a char* ?

thx ;)

Returning the output of the command isnt possible with system() or any exec*() command.
I once found the following code somewhere on the net (dont remember where, i've made a few modifications to it). Works on both linux and windows machines.

/* POPEN.C: This program uses _popen and _pclose to receive a
* stream of text from a system process.
*/

#include <stdio.h>
#include <stdlib.h>

int main( int argc, char *argv[] )
{
char psBuffer[128];
FILE *pPopenBuffer;

if(argc < 1)
return -1;

/* Run the command so that it writes its output to a pipe. Open this
* pipe with read text attribute so that we can read it
* like a text file.
*/
if( (pPopenBuffer = _popen(argv[1], "r" )) == NULL )
return -1;

/* Read pipe until end of file. End of file indicates that
* the command closed its standard out (probably meaning it's
* terminated).
*/
while(!(feof(pPopenBuffer) ))
{
if(fgets( psBuffer, 128, pPopenBuffer ) != NULL)
printf(psBuffer );
else
return -1;
;
}

/* Close pipe and print return value of the command. */
printf( "\nProcess returned %d\n", _pclose( pPopenBuffer ) );
return 0;
}