Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feture request #28

Closed
GoogleCodeExporter opened this issue Sep 8, 2015 · 19 comments
Closed

feture request #28

GoogleCodeExporter opened this issue Sep 8, 2015 · 19 comments

Comments

@GoogleCodeExporter
Copy link

I want to send parameter to the running shell.
for example i want to send ip address and the shellinabox will telnet the ip.
Every time i want telnet to different ip and do it in same time .
the parameter can send by POST or GET

Thanks a lot

Guy

Original issue reported on code.google.com by guy.elg@gmail.com on 17 Aug 2009 at 7:29

@GoogleCodeExporter
Copy link
Author

Can you use CGI mode? That's what most people use for this particular use case. 
I just 
added a (very!) simple example on how to use it: 
http://shellinabox.googlecode.com/svn/trunk/shellinabox/cgi-mode-example.sh

Original comment by zod...@gmail.com on 17 Aug 2009 at 5:16

  • Changed state: Done

@GoogleCodeExporter
Copy link
Author

the problem with that solution is that the program is still running even when i 
close
the session.
In daemon mode only one instance is running.
the best solution is if i could pass parameters to the daemon as a part of the
opening session.
for example http://127.0.0.1:4200?cmd=ls will run ls command.

Original comment by guy.elg@gmail.com on 19 Aug 2009 at 2:42

@GoogleCodeExporter
Copy link
Author

The daemon doesn't know whether you closed the session, or whether your browser 
is
just really slow to send requests. So, it'll wait a little longer to see if new
requests arrive. If you check again after a minute or two, you'll see that the 
daemon
has terminated.

In general, passing commands in the URL is a very bad idea. This would allow 
anybody
to run arbitrary commands on your computer. Even worse than that, this allows 
attacks
from outside your firewall, too. All an attacker needs to do is trick you into
viewing an HTML page that has a hidden link (e.g. in an image, style sheet, or
iframe) pointing to the service inside of your firewall.

They could do this by sending you e-mail with a suitable HTML document, or by
tricking you into visiting a web site that is under their control.

Having said all of that, and while I really don't think you should deploy 
ShellInABox
in this fashion, I do think that there is some value in the session having 
access to
the URL where the service is hosted. I added code that makes this URL available 
as a
new "${url}" variable, which you can access from the service description.

Original comment by zod...@gmail.com on 19 Aug 2009 at 7:12

  • Changed state: Fixed

@GoogleCodeExporter
Copy link
Author

first i want to thank you for all your work.
If i can be more precise with my question, the thing that i want to do is that:
user will enter ip address in text form and then the shellinabox will telnet 
the ip.
the ip will pass with a POST method.
right now i use a little script that ask for the ip from the user only when the 
new
window open with a shellinabox .   

TNX again
Guy

Original comment by guy.elg@gmail.com on 20 Aug 2009 at 12:05

@GoogleCodeExporter
Copy link
Author

Does that "${url}" parameter allow you to do what you want, or do you still 
need 
changes. This was a little unclear from your last message.

Original comment by zod...@gmail.com on 20 Aug 2009 at 10:07

@GoogleCodeExporter
Copy link
Author

The "${url}" parameter does not solve my problem.
If i need to telnet 100 server then i need to create 100 urls and if new server 
is
create then i need to add new url.
Does i do something wrong ?

Original comment by guy.elg@gmail.com on 23 Aug 2009 at 12:23

@GoogleCodeExporter
Copy link
Author

No wonder you are not happy. You only had half the changelist.

You could have made this work, if you had full control over your DNS server. 
Create a 
wild card A record for the machine that hosts ShellInABox. Then encode your 
target 
addresses in the hostname.

But of course, a much easier way is to encode the target address as 
http://my.domain:4200/?target. You then want a service description of the form

"/:$(id -u):$(id -g):HOME:"'/bin/bash -c "u=${url}; exec telnet 
\"\${u##*\\?}\""'

This should now work with the code that is in SVN.

Original comment by zod...@gmail.com on 23 Aug 2009 at 3:32

@GoogleCodeExporter
Copy link
Author

sorry for my late answer.
The solution work great :-)
thanks.

I still have minor problem, when i try to add the parameter trough
/etc/default/shellinabox (ubuntu 9.04) its fail .
the problem is that the parameter pass as 2 commands, before the "-c" and 
another after.
do you have any idea ? 

Original comment by guy.elg@gmail.com on 13 Sep 2009 at 7:47

@GoogleCodeExporter
Copy link
Author

Just make sure you add some shell escaping:

SHELLINABOX_ARGS="${SHELLINABOX_ARGS} -s /telnet:$(id -u):$(id 
-g):HOME:/bin/bash\ -c\ 
u=\\\\\'\\\${url}\\\\\'\;'exec\ telnet\ \\\${u##*\\\?}'"

Alternatively, if this is too complicated, you could always write a wrapper 
shell 
script that just takes one argument. That would make escaping much easier -- or 
even 
unnecessary.

Original comment by zod...@gmail.com on 13 Sep 2009 at 11:33

@GoogleCodeExporter
Copy link
Author

Issue 37 has been merged into this issue.

Original comment by zod...@gmail.com on 25 Nov 2009 at 11:21

@GoogleCodeExporter
Copy link
Author

Just to get your opinion:

I'm using this service description:
shellinaboxd -s "/:$(id -u):$(id -g):HOME:"'/bin/bash -c "u=${url}; exec `cat 
/home/myuser/myfolder/\${u##*\\?}.cmd`"'

And I access it like http://192.168.0.1:4200/?file and I have the SSH command 
inside file.cmd, for instance.

My doubt is: is there any way a user could inject commands inside the URL, 
without being explicitely inside 
my cmd file? I don't see the way, so I'd like to know if you can see any.

Thanks.

Original comment by renat...@gmail.com on 27 Nov 2009 at 7:22

@GoogleCodeExporter
Copy link
Author

I'd be a little worried about somebody putting things like ../ into the URL in 
order 
to make ShellInABox read arbitrary files in your file system -- or even worse, 
if your 
machine has user-writable directories mounted, it would allow an attacker to 
run 
arbitrary code as a privileged user.

Original comment by zod...@gmail.com on 30 Nov 2009 at 9:13

@GoogleCodeExporter
Copy link
Author

Agreed.

I could put only the part after "ssh" in the command file or, even better, 
create a wrapper file which calls the 
command file only IF it is allowed (allowed = isin `ls /home/myuser/myfolder/`).

Original comment by renat...@gmail.com on 30 Nov 2009 at 9:38

@GoogleCodeExporter
Copy link
Author

I need some help with the cgi script. I wouldn't call myself new, but I dont 
get it.

First off the description is a cgi script, which instinctively make me think 
PERL. 
But this example is bash.

Secondly I dont understand what the expected user experience is.  Do they, 
browse to
my website whatever.com/cgi_mode.sh  and it will execute shell in a box?


Original comment by doobi...@gmail.com on 23 Mar 2010 at 9:25

@GoogleCodeExporter
Copy link
Author

I feel dumb, i just got it working guys. But my next question is long winded.

Currently I am running shellinabox via an apache proxy. I did this to ensure 
that it
was passing through my apache's manditory https connection. I think this is more
secure than running shellinabox on it's own, no?    Ok so shellinabox is config 
to
only allow local host, thus if I'm to connect to it remotely I must go through 
apache
https proxy.

Now when using this cgi script, it sounds to me like it spawns on a different 
port..
or does it pass through apache?  

I want the cgi-script to I can tie it into my php's session authentication but 
I dont
want it running on an unencrypted connection.  I want both, user auth + ssl

Original comment by doobi...@gmail.com on 23 Mar 2010 at 9:45

@GoogleCodeExporter
Copy link
Author

how can I throw 2 parameter through the url ? 
let say we have ?id=11&act=rename

it will detect 11%20rename 

Original comment by frysha...@gmail.com on 1 Jun 2010 at 3:25

@GoogleCodeExporter
Copy link
Author

how can i pass username and password in url so tht i dont need to ask user for 
username n password

Original comment by unique.a...@gmail.com on 28 Jan 2014 at 9:05

@GoogleCodeExporter
Copy link
Author

> how can i pass username and password in url so tht i dont need to ask user 
for username n password

+1. I also have this request. Is there any solution?

Original comment by 2411m...@gmail.com on 4 Apr 2014 at 2:56

@GoogleCodeExporter
Copy link
Author

To: zod...@gmail.com

Could you please tell how we can use your script (for using shellinabox in CGI 
mode)from a php file. In fact, I have a web application and I want every time 
to specify which host to connect to every time a user wants to connect to his 
machine, and then return the terminal to him in another window. In brief, I 
don't know how to make the script and php to interact whith each other, to make 
the app take the result rendered by the script.

Thank you in advance !!

Original comment by Abderrah...@gmail.com on 13 Aug 2014 at 4:05

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant