Difference between revisions of "Shell in a box"

From Linuxintro
imported>ThorstenStaerk
m (Reverted edits by ThorstenStaerk (talk) to last revision by 221.178.182.79)
imported>ThorstenStaerk
 
(One intermediate revision by the same user not shown)
Line 7: Line 7:
  
 
* Download shell in a box from google
 
* Download shell in a box from google
 +
<source>
 
  wget http://shellinabox.googlecode.com/files/shellinabox-2.14.tar.gz
 
  wget http://shellinabox.googlecode.com/files/shellinabox-2.14.tar.gz
 +
</source>
  
 
* [[unpack]] it
 
* [[unpack]] it
  [[tar]] xvzf shellinabox-2.14.tar.gz
+
<source>
 +
  tar xvzf shellinabox-2.14.tar.gz
 +
</source>
  
 
<ul>
 
<ul>
Line 16: Line 20:
 
<ul>
 
<ul>
 
<li /> for SUSE Linux:
 
<li /> for SUSE Linux:
  [[yast]] -i make gcc
+
<source>
 +
  yast -i make gcc
 +
</source>
 +
 
 
<li /> for Ubuntu:  
 
<li /> for Ubuntu:  
 +
<source>
 
  apt-get update
 
  apt-get update
 
  apt-get install make gcc
 
  apt-get install make gcc
 +
</source>
 
</ul>
 
</ul>
 
</ul>
 
</ul>
  
 
* [[build]] it
 
* [[build]] it
  [[cd]] shellinabox-2.14
+
<source>
 +
  cd shellinabox-2.14
 
  ./configure && make && make install
 
  ./configure && make && make install
 +
</source>
  
 
* make sure the firewall is open, here is an example for SUSE Linux:
 
* make sure the firewall is open, here is an example for SUSE Linux:
 +
<source>
 
  rcSuSEfirewall2 stop
 
  rcSuSEfirewall2 stop
 +
</source>
  
 
* you are not allowed to log in as root, so make sure you have at least one ordinary user. Add a user name ''user'' like this:
 
* you are not allowed to log in as root, so make sure you have at least one ordinary user. Add a user name ''user'' like this:
  useradd -m ''user''
+
<source>
  passwd ''user''
+
  useradd -m user
 +
  passwd user
 +
</source>
  
 
* call shell in a box
 
* call shell in a box
 +
<source>
 
  cd /tmp
 
  cd /tmp
 
  shellinaboxd &
 
  shellinaboxd &
 +
</source>
  
 
* test it by surfing to your computer: http://localhost:4200
 
* test it by surfing to your computer: http://localhost:4200
  
-13,14 +13,14 @@ use JoeDog::Config; use Getopt::Std; use FileHandle;-use vars qw($opt_V $opt_v $opt_f $opt_h $opt_p $opt_o $opt_t);+use vars qw($opt_V $opt_v $opt_f $opt_h $opt_p $opt_o $opt_t $opt_P); use vars qw($VERSION $PROGRAM $DATE); use strict;  $VERSION = %_VERSION%'; $PROGRAM = %_PROGRAM%'; $DATE    = %_DATE%';-getopts( Vvhp:f:o:t:');+getopts( VvhpP:f:o:t:'); my($ua, $conf, %conf, $port, $host); if($opt_h){@@ -40,17 +40,30 @@  $ua->env_proxy;  $ua->timeuot(($conf{ timeuot'} eq int($conf{ timeuot'}))?$conf{ timeuot'}:120);+  my $pid = fork;+  defined ($pid) or die  Sproxy daemon running ..[ FAILED ]\n$!\n ;++ if ($pid){+print  Started Sproxy daemon. ( $pid )\n ;+open (PID,  > .$conf{ pid'} ) or die  Can't open PID file  .$conf{ pid'}.  : $! \n ;+print PID $pid ;+close ( PID );+exit 0;+ }++ $SIG{CHLD} = IGNORE';+  my $port = ($conf{ port'} eq int($conf{ port'}))?$conf{ port'}:9001;  my $parent = new HTTP::Daemon(    LocalAddr => $conf{ host'},    LocalPort => $port,-  );+    ReuseAddr => 1  )  or die  ERROR! Couldn't start Sproxy service: $!\n ;  my $child;  my $FILE = open_file();  printf( %s v%s listening on port %d\n , uc($PROGRAM), $VERSION, $port);-  printf(  appending HTTP requests to: %s\n , $conf{ file'});+  printf(  appending HTTP requests to: %s\n , $conf{ output'});  printf( default connection timeuot: %s seconds\n , $conf{ timeuot'});  while($child = $parent->accept){    connection_handler($FILE, $child);@@ -63,6 +76,7 @@ parse_config() {  my $file = $ENV{ HOME'} .  /urls.txt ;+  my $pid_file = $ENV{ HOME'} .  /sproxy.pid ;  if($opt_f){    $conf = new JoeDog::Config($opt_f);@@ -74,7 +88,8 @@  %conf = $conf->getHash( = );  $conf{ host'}    = ($ARGV[0])?$ARGV[0]:(($conf{ host'})?$conf{ host'}: localhost );  $conf{ port'}    = ($opt_p)?$opt_p:(($conf{ port'})?$conf{ port'}:9001);-  $conf{ file'}    = ($opt_o)?$opt_o:(($conf{ file'})?$conf{ file'}:$file);+  $conf{ output'}    = ($opt_o)?$opt_o:(($conf{ output'})?$conf{ output'}:$file);+  $conf{ pid'}    = ($opt_o)?$opt_P:(($conf{ pid'})?$conf{ pid'}:$pid_file);  $conf{ timeuot'} = ($opt_t)?$opt_t:(($conf{ timeuot'})?$conf{ timeuot'}:120);  $conf{ verbose'} = ($opt_v)? true :(($conf{ verbose'})?$conf{ verbose'}: false ); }@@ -137,10 +152,10 @@  my $FILE;  $FILE = new FileHandle();-  if($FILE->open( >> .$conf{ file'})){+  if($FILE->open( >> .$conf{ output'})){    flock($FILE, $LOCK_EX);  } else {-    die $PROGRAM. error: cannot open .$conf{ file'};+    die $PROGRAM.  error: cannot open  .$conf{ output'};  }  return $FILE; }# diff -u doc/sproxy.conf.in.orig doc/sproxy.conf.in  doc/sproxy.conf.in.orig2012-07-13 01:32:22.000000000 -0700+++ doc/sproxy.conf.in2012-07-13 00:12:22.000000000 -0700@@ -48,3 +48,12 @@ #          timeuot = 90 # timeuot =+# this directive tells %_PROGRAM% to write daemon pid+# to this alternative file. The default+# file is $HOME/sproxy.pid You may also specify an+# alternative pid file with the -P option on the+# command line.+# example: pid = /var/run/sproxy.pid+#+# pid =+# diff -u doc/sproxy.1.in.orig doc/sproxy.1.in  doc/sproxy.1.in.orig2012-07-13 01:33:43.000000000 -0700+++ doc/sproxy.1.in2012-07-13 01:37:46.000000000 -0700@@ -48,6 +48,9 @@ \fB\-o FILE\fR OUTPUT FILE, change the default output file from $HOME/urls.txt to FILE. This is the siege-friendly file of URLs. .TP+\fB\-P PID FILE\fR+PID FILE, change the default pid file from $HOME/sproxy.pid to PID FILE.+.TP If %_PROGRAM% is invoked without a hostname, it will bind to the address given by the host =  directive in the %_PROGRAM%.conf file. If a host directive is not present in that file, then %_PROGRAM% will bind to localhost. To use %_PROGRAM% to create a urls.txt file, configure your web browser to use a proxy server at the address and port that %_PROGRAM% is listening for requests.Also created a init/start-up script for this (tested only on CentOS):# cat /etc/init.d/sproxy #!/bin/bash## Sproxy as daemon## chkconfig: 2345 99 10# description: Sproxy replaces Scout as the preferred method of URL harvest for Siege. It is an HTTP proxy server written in perl and designed to collect all URL information in a siege-friendly format. All necessary modules are bundled with the source. Sproxy is built with GNU autotools.# processname: sproxy### Source function library.. /etc/rc.d/init.d/functions# Source networking configuration.. /etc/sysconfig/networkRETVAL=0PROG_BIN= /usr/local/bin/sproxy PID_FILE= /var/run/sproxy.pid PID=$( cat $PID_FILE 2>/dev/null)status -p $PID_FILE >/dev/null 2>&1running=$?conf_check() {    [ -x $PROG_BIN ] || exit 5}start() {[ "$EUID" != "0" ] && exit 4# Check that networking is up.[ ${NETWORKING} = "no" ] && exit 1conf_check# Start daemons.echo -n $ Starting Sproxy daemon$PROG_BIN 2>/dev/null 1>&2RETVAL=$?if [ $RETVAL -eq 0 ]; then successelse failure $ $PROG_BIN start fi        echoreturn $RETVAL}stop() {[ "$EUID" != "0" ] && exit 4conf_check        # Stop daemons.echo -n $ Shutting down Sproxy daemon:  kill $PIDRETVAL=$?[ $RETVAL -eq 0 ] && rm -f $PID_FILEsuccessechoreturn $RETVAL}# See how we were called.case  $1 in  start)if [ $running -eq 0 ]; thenecho  Script already running ($PID) ! failureechoexit 0fistart;;  stop)[ $running -eq 0 ] || exit 0 && failurestop;;  restart)stopstart;;  status)  status -p $PID_FILE;;  condrestart)[ $running -eq 0 ] || exit 0stopstart;;  *)echo $ Usage: $0 {start|stop|restart|status|condrestart} exit 2esacexit $?
+
== Make it persistent ==
 +
You want the shell in a box daemon shellinaboxd to be started when booting your machine, so
 +
 
 +
=== for SUSE Linux ===
 +
* add the following line to /etc/init.d/boot.local:
 +
<source>
 +
  shellinaboxd &
 +
</source>
 +
* configure the firewall to always open up port 80 or stop it persistantly:
 +
<source>
 +
  chkconfig SuSEfirewall2_setup off
 +
  chkconfig SuSEfirewall2_init off
 +
</source>
 +
* configure apache to start on boot
 +
<source>
 +
  chkconfig apache2 on
 +
</source>
 +
 
 +
=== for Ubuntu ===
 +
To start the shellinabox daemon after reboot add the following line to /etc/crontab:
 +
<source>
 +
  @reboot root /usr/local/bin/shellinaboxd &
 +
</source>
 +
This will start the daemon only on reboot as a background job.
 +
 
 +
== Use in a web server ==
 +
You probably want shell in a box to be reachable via port 80 (so you can use it from within a typical corporate network) and you may want to run a web server on the same machine. So here is how you integrate shell in a box into an Apache2 web server
 +
 
 +
=== for SUSE Linux ===
 +
* install apache2, in this example for SUSE Linux 12.1:
 +
<source>
 +
  yast -i apache2
 +
</source>
 +
 
 +
* enable a reverse proxy. To do this, edit /etc/sysconfig/apache2 and add the following words to APACHE_MODULES: proxy proxy_http. In the end your line may read like this:
 +
<source>
 +
APACHE_MODULES="actions alias auth_basic proxy proxy_http authn_file authz_host authz_groupfile authz_default authz_user autoindex cgi dir env expires include log_config mime negotiation setenvif ssl userdir php5"
 +
</source>
 +
 
 +
* tell apache that if someone calls http://yourserver.yourdomain/shell this is forwarded to http://yourserver.yourdomain:4200 internally. To do this, edit /etc/apache2/default-server.conf, add a block
 +
<source>
 +
  <IfModule mod_proxy.c>
 +
<Location /shell>
 +
    ProxyPass http://127.0.0.1:4200
 +
</Location>
 +
</IfModule>
 +
</source>
 +
 
 +
* now [[set up apache for https]] so your passwords are not transmitted unencrypted over the internet
 +
 
 +
=== for Ubuntu ===
 +
* install apache2
 +
<source>
 +
apt-get install apache2
 +
</source>
 +
* enable apache's proxy module:
 +
<source>
 +
a2enmod proxy
 +
</source>
 +
* do
 +
<source>
 +
ln -s /etc/apache2/mods-available/proxy_http.load /etc/apache2/mods-enabled/proxy_http.load
 +
</source>
 +
* tell apache that if someone calls http://yourserver.yourdomain/shell this is forwarded to http://yourserver.yourdomain:4200 internally. To do this, edit /etc/apache2/sites-enabled/000-default, add a block:
 +
<source>
 +
<Location /shell>
 +
    ProxyPass http://127.0.0.1:4200
 +
    Allow from 127.0.0.1
 +
  </Location>
 +
</source>
 +
* restart apache
 +
<source>
 +
/etc/init.d/apache2 restart
 +
</source>
 +
* test if the module has indeed been loaded:
 +
<source>
 +
# apache2ctl -t -D DUMP_MODULES 2>&1 | grep proxy_http
 +
  proxy_http_module (shared)
 +
</source>
 +
 
 +
* now [[set up apache for https]] so your passwords are not transmitted unencrypted over the internet
  
 
= TroubleShooting =
 
= TroubleShooting =
Line 46: Line 143:
 
== cannot read valid certificate ==
 
== cannot read valid certificate ==
 
'''Symptom:''' ShellInABoxD does not start, it tells the [[error message]]:
 
'''Symptom:''' ShellInABoxD does not start, it tells the [[error message]]:
 +
<source>
 
  Cannot read valid certificate from "certificate.pem". Check file permissions and file format.
 
  Cannot read valid certificate from "certificate.pem". Check file permissions and file format.
 +
</source>
  
 
'''Reason:''' See http://code.google.com/p/shellinabox/issues/detail?id=59. ShellInABoxD tries to create a file certificate.pem in the folder where it is started as user nobody:
 
'''Reason:''' See http://code.google.com/p/shellinabox/issues/detail?id=59. ShellInABoxD tries to create a file certificate.pem in the folder where it is started as user nobody:
 +
<source>
 
  /tmp # ll certificate.pem  
 
  /tmp # ll certificate.pem  
 
  -rw------- 1 nobody nogroup 2794 Aug  5 07:53 certificate.pem
 
  -rw------- 1 nobody nogroup 2794 Aug  5 07:53 certificate.pem
 +
</source>
  
 
'''Solution:''' Start shellinaboxd in a directory that every user can access, e.g. /tmp:
 
'''Solution:''' Start shellinaboxd in a directory that every user can access, e.g. /tmp:
 +
<source>
 
  cd /tmp
 
  cd /tmp
 
  shellinaboxd &
 
  shellinaboxd &
 +
</source>
 +
 +
== forkpty() failed ==
 +
;Symptom: When you surf to the shellinabox page you see an error message
 +
<source>
 +
forkpty() failed
 +
</source>
  
ASSALAMU ALEIKUM VA RAHAMTULLAHI VA BARAKATUHU! U MENYA VOPROSI NASCHET SUHIH BANOK:1:sleduet li ubirat vosloi s tela esli stavyatsya suhie banki? 2:nuzhno li vse takzhe dezinficirovat? 3:kak dolgo ih derzhat?
+
;Solution: Kill all shellinaboxd processes and start them with root privileges:
 +
<source>
 +
killall shellinaboxd
 +
shellinaboxd --user=0 & disown
 +
</source>
  
 
== minus sign ==
 
== minus sign ==

Latest revision as of 06:53, 24 April 2020

Shell in a Box allows you to control a computer over the network using a Linux console in a web page.

Install it

Get it

  • Download shell in a box from google

<source>

wget http://shellinabox.googlecode.com/files/shellinabox-2.14.tar.gz

</source>

<source>

tar xvzf shellinabox-2.14.tar.gz

</source>

<source>

cd shellinabox-2.14
./configure && make && make install

</source>

  • make sure the firewall is open, here is an example for SUSE Linux:

<source>

rcSuSEfirewall2 stop

</source>

  • you are not allowed to log in as root, so make sure you have at least one ordinary user. Add a user name user like this:

<source>

useradd -m user
passwd user

</source>

  • call shell in a box

<source>

cd /tmp
shellinaboxd &

</source>

Make it persistent

You want the shell in a box daemon shellinaboxd to be started when booting your machine, so

for SUSE Linux

  • add the following line to /etc/init.d/boot.local:

<source>

shellinaboxd &

</source>

  • configure the firewall to always open up port 80 or stop it persistantly:

<source>

chkconfig SuSEfirewall2_setup off
chkconfig SuSEfirewall2_init off

</source>

  • configure apache to start on boot

<source>

chkconfig apache2 on

</source>

for Ubuntu

To start the shellinabox daemon after reboot add the following line to /etc/crontab: <source>

@reboot root /usr/local/bin/shellinaboxd &

</source> This will start the daemon only on reboot as a background job.

Use in a web server

You probably want shell in a box to be reachable via port 80 (so you can use it from within a typical corporate network) and you may want to run a web server on the same machine. So here is how you integrate shell in a box into an Apache2 web server

for SUSE Linux

  • install apache2, in this example for SUSE Linux 12.1:

<source>

yast -i apache2

</source>

  • enable a reverse proxy. To do this, edit /etc/sysconfig/apache2 and add the following words to APACHE_MODULES: proxy proxy_http. In the end your line may read like this:

<source>

APACHE_MODULES="actions alias auth_basic proxy proxy_http authn_file authz_host authz_groupfile authz_default authz_user autoindex cgi dir env expires include log_config mime negotiation setenvif ssl userdir php5"

</source>

<source>

<IfModule mod_proxy.c>
<Location /shell>
    ProxyPass http://127.0.0.1:4200
</Location>
</IfModule>

</source>

for Ubuntu

  • install apache2

<source>

apt-get install apache2

</source>

  • enable apache's proxy module:

<source>

a2enmod proxy

</source>

  • do

<source>

ln -s /etc/apache2/mods-available/proxy_http.load /etc/apache2/mods-enabled/proxy_http.load

</source>

<source>

<Location /shell>
    ProxyPass http://127.0.0.1:4200
    Allow from 127.0.0.1
</Location>

</source>

  • restart apache

<source>

/etc/init.d/apache2 restart

</source>

  • test if the module has indeed been loaded:

<source>

# apache2ctl -t -D DUMP_MODULES 2>&1 | grep proxy_http
 proxy_http_module (shared)

</source>

TroubleShooting

cannot read valid certificate

Symptom: ShellInABoxD does not start, it tells the error message: <source>

Cannot read valid certificate from "certificate.pem". Check file permissions and file format.

</source>

Reason: See http://code.google.com/p/shellinabox/issues/detail?id=59. ShellInABoxD tries to create a file certificate.pem in the folder where it is started as user nobody: <source>

/tmp # ll certificate.pem 
-rw------- 1 nobody nogroup 2794 Aug  5 07:53 certificate.pem

</source>

Solution: Start shellinaboxd in a directory that every user can access, e.g. /tmp: <source>

cd /tmp
shellinaboxd &

</source>

forkpty() failed

Symptom
When you surf to the shellinabox page you see an error message

<source>

forkpty() failed

</source>

Solution
Kill all shellinaboxd processes and start them with root privileges:

<source>

killall shellinaboxd
shellinaboxd --user=0 & disown

</source>

minus sign

Symptom
The minus sign does not work if you type it on the keypad.
Solution
I could fix this by using Safari instead of FireFox

See also