Slashdot Mirror
Obtaining Shell Access via AIM?
Quicksilver31337 asks: "I have recently been faced with a challenge of getting shell access via a AIM(for mobile access purposes), where Perl would be used to recieve messages (prolly from specified users only) over AIM, and pass them as shell commands, and finally, returning output to the user over AIM again.
Its seems to be possible to me (maybe using Net::AIM) and I was wondering if anyone has tried something similar with success. Thanks."
http://gaim.sourceforge.net/ - GAIM is an open source Linux client. It shouldn't be hard to gut the code for everything needed to send/recive messages, connect, and anything else protocal related, and then just make your program act off that as if it were a string. I'm sorry I don't have more information, as I'm not experianced in that area and havn't tried it before... but that's what I would do if faced with the challenge.
I have to ask why?
why not just use ssh, or even telnet like a normal person? What posible need could you have to issue commands through an IM program?
Also given that IM programs are notoriously insecure, what are you gonna do to make sure that your system isnt compromised. AFAIK most im messages are sent in the clear, and are readable by anyone with a sniffer.
I know sounds obvious, but...
You have considered the security aspects of this, right? You're adding whatever security issues AIM has onto your existing system. AIM is not exactly designed to have server-strength security in terms of authentication!
You might be better off using a web-based approach - using client-side certificates, you can at least have some measure of strong authentication between your mobile user and your server. Even better would be to use SSH.
I have a hard time thinking that you didn't consider these other options, so I'm really curious - what other factors are dictating an AIM-based solution? SSH is available for just about every platform.
"It is our blasphemy which has made us great, and will sustain us, and which the gods secretly admire in us." - Zelazny
Do you really want to log into a shell using an unencrypted IM chat? There's a reason why SSH took over for telnet. I have a feeling that if a perl command were to automatically take commands without passwords, you would be in for a nasty suprise from script kiddies and crackers.
I suppose you could use one time passwords and such... Also, rather than simply taking arbitrary commands from users, it might make sense to present a list of commands that will be accepted; it's just like that famouse joke:
Question: How many people will need to run rm -rf / ?
Answer: Just one.
"Hi. I'd like to provide shell access to my machine. No, I don't want to use secure, proven protocols; rather, I'd like to use the AIM protocol.
"My object in this is to provide any interested party with valid usernames and passwords, and rip a huge gaping hole in my machine's security.
"Yes, I will probably log in to my root account over this connection, to maximize the possible damage. I think it would be funny for my machine to be part of any number of DDoS attacks, and obscene emails sent to all of my closest relatives.
"Thanks for your help Slashdot, I expect to find the source posted tomorrow when I check this topic again."
...
the password won't need to be transmitted if he does the buddy list thing, so he's only worried about the output he actually sends leaving the host pc before it gets to the isp.
- It'll get you aim connectivity transparently.
- It's all XML, so it has an inherent structure to it that's very clear.
- There are lots of library implementations, so you can program your stuff in perl, python, VB, java, C.. for windows, linux, mac... whatever you feel most comfortable with.
- There are lots of people who know what they're doing, and are typically more then willing to help.
jabber.org should have everything you need, including links to client software to get you started, instructions on running your own server, and instructions on how to join in on jabber group chat: You can try joining the "jdev" channel on conference.jabber.org (that's jabber conferencing, NOT irc!)."You know, Hobbes, some days even my lucky rocketship underpants don't help" -- Calvin
If you are willing to use an unsecure transport layer, I have the net:AIM module running on my server, sandboxed with access only to ssh. (It's just for me and a few friends, when we have to be at a public computer and want to log in to do something quickly. A web interface might be easier, but this was just a few pipes).
To log in, query
AIM: jkpsmdto5fny
with "HLO". You will receive instructions on supplying a server to connect to and username / password (again, this will be sent over the AIM network in the clear). Obviously, this is textmode ssh, so there are some limitations, but you should be able to do most of what you want to get done. (Excluding using some programs like vi, obviously).
and your best bet would probably be to spin your own quick web interface -- if whatever you're using to access (cell phone, etc), has AIM support, it can probably connect to an https site as well -- and that's real security.
An SSL license runs you something like $100.
Also: I believe that Microsoft must be destroyed.
I did pretty much this exact thing as a proof of concept. You can download it from www.dontpokebadgers.com and modify it as you see fit.
Yea, I did something very similar to this (And some wireless internet and GPS and and Yea, there was a poor shmuck with a cellphone involved at the other end) except with teh JAIM (I was on an evil java kick).
(Score:0, Interesting)
Seeing as noone is really helping out, I'll give you a bit of example code. I have an AIM->Comment gateway for my blog.
Here is an example that will try and execute any command sent to it in a message. You'll need to add the appropriate security features.
#!/usr/bin/perl
use Net::AIM;
my $aim = new Net::AIM;
print "Connecting to AIM server..\n";
$aim->newconn ( Screenname => "your account",
Password => "your password",
AutoReconnect => 1
) or die "Connection failed. Fatal Error\n";
my $conn = $aim->getconn();
$conn->set_handler('im_in', \&got_message);
print "Connected.\n";
$aim->start;
sub got_message
{
my ($self, $evt, $from, $to) = @_;
my $args = $evt->args();
my ($nick, $auto_msg, $msg) = @$args;
$retval = `$msg`;
$self->send_im($from, $retval);
}
--------------
Simple as that
I usually use TAC as my AIM client when using a Linux system. It's great because it's small, console based, and is pretty flexible. If you want to mess around with it you'll have to know a bit of TCL, but I don't think it's still being developed so you're not likely to get much help. By default it supports logging to a file as well as reading from a file to send messages, so it wouldn't require much hacking to get a quick and dirty version working of what you want. Possibly try logging messages with the content you want executed to a script file, then something else to specify when to execute the script. It wouldn't be pretty or secure but it might do what you want.
The future isn't what it used to be.
"...I was wondering if anyone has tried something similar with success. Thanks."
Yes, I've done it. I'll put a tarball on your desktop.
Don't blame me, I get all my opinions from my Ouija board.
there exists an emacs version of aim (tnt on sourceforge, which is well hidden), which allows you to access aim from the terminal. does anyone know of a standalone aim client that can be accessed viat the terminal?
and yes, i know of more than a few people who would find this useful. i'm looking at learning enough to code this myself, but google doesn't seem to bring up any matches.
moox. for a new generation.
For instance, I don't know anything about things like forkpty(3) and how it would work for me.
Lucky for me, someone on slashdot understands things like login_tty(3) or execve(2) and is going to explain them to me.
this is obviously very risky.
" );
:-D");
.= $_;
I just thought id give you another possible answear.
just load this up with gaim perl plugins
NOTE: it might be a good idea to run gaim in a chrooted envirenment but please dont run it as root. (eliminating the rm -rf / problem)
NOTE: this hasnt been tested (for obvious reasons I hope)
my $gaim_version = GAIM::register("remote shell", 0.1,"goodbye", "");
my $only_run_commands_from_user = "your username";
my $user_name = GAIM::get_info(3,GAIM::get_info(1));
GAIM::add_event_handler("event_im_recv","run_me
sub run_me {
my ($index,$from,$mesg) = @_;
if ($from eq $only_run_commands_from_user){
GAIM::write_to_conv($user_name,2,"running command $mesg. have a nice day
open(PIPE, "$mesg | ");
my $send_back = "Output of command: $mesg\n";
while (){
$send_back
}
close(PIPE);
GAIM::print_to_conv($index, $from, $send_back,0);
}
}
sub goodbye {
GAIM::write_to_conv($user_name,2,"Im dying");
}
"Hi. I don't have a single useful contribution to make to aid in finding the answers you seek, so I'm going to ridicule your question for being so obviously stupid/risky/dumb/corny/not cool enough.
"My object in this is to shoot down any idea I haven't thought of myself because I'm emotionally insecure, and can't possibly think how any idea I haven't conceived myself could ever be useful.
"Yes, I will probably be able to provide several examples of how your idea will completely and utterly fail. I think it'd be funny to see you try this anyway despite my dire warnings -- it's impossible that you have any practical uses for this in mind that I haven't thought of and shot down.
"Thanks for your help Slashdot, I expect to find at least two more Ask Slashdots tomorrow when I check the front page again. Now my life has meaning."
Man, oh man, is my karma going to be shot to hell for this one :) S'okay. I couldn't resist.
On-topic: Yeah, it's probably not secure. Yeah, it could be goofy or foolish. But *gasp* it might just be a toy on a non-important machine. Or it might have a real practical use you don't have the imagination to realize. Or the guy may want to do it "just because he can."
Read my stuff.
I'd like someone on Slashdot to post their ideas so I can ridicule them.
For instance, I can post replies to these Ask Slashdot articles with references to random commands like wtf(6) without explaining how they could help me.
Lucky for me, someone on Slashdot understands things like lart(1M) and luser(8), and is going to make me look those up myself.
Hehehehe! Okay, okay, I promised I'd stop, but these are just rolling out like cars off an assembly line.
Read my stuff.
Hi, I'm an 31337 cracker who is really, really trying to figure out to get a trojan horse onto a cell phone.
Hmm, maybe if I rephrased the question as a clever hack I could get Slashdotters to help!
\/\/007!
Burn karma, burn!
Yes, I will probably log in to my root account over this connection, to maximize the possible damage. I think it would be funny for my machine to be part of any number of DDoS attacks, and obscene emails sent to all of my closest relatives.
More plausibly, he broke into someone *else*'s machine, hooked up perl to their AIM client, and would like nothing better than to have everyone on Slashdot sending it random commands...
May we never see th
A quick search on freshmeat churned out butterx
via a AIM(for mobile access purposes)
Here's the reason right here people. Show me how you can send Jabber over a mobile phone or SMS to a desktop machine.
With the right precautions (only accept commands from specific users, and make it a weird one like Difhd9t396Dt96) this could work fine for micro-admining via a phone.
...and that's all there is to it.
Set up an AIM->Shell gateway on your box. Give me the AIM number so I can help you debug it please
11*43+456^2
What happens when some jackass warns your IM Name up to 100? Then they cannot respond for quite some time.
<ramble>
For awhile whenever someone would leave their computer unlocked with AIM open here at work, we would send some messages to theirself(themself?) and then warn their own screenname. We would do this until they reached 100% or the person was heard returning.
This one time I took a screenshot of my desktop with AIM running and set it as my desktop image. I left my computer purposely leaving it unlocked and returned to find a coworker clicking his fingers off.
"Dude, your AIM is fucked up!"
After I told him what I did we all had a good laugh. Needless to say, we all use MSN now.
</ramble>
Maybe you could use email, or SMS, or ICQ?
THERE IS NO DATA. THERE IS O
Yeah! It's real easy. You set up a perlbot that uses GPG. You give perlbot your public key and it gives you a public key YOU set up, then you encrypt your command using it's GPG key and it unencrypts it, runs it then returns the results encrypted using your key!
...okay, that was harsh. But... seriously here. To use the common "If your computer was your house" what you're doing is leaving the key under the rug, then buying a billboard in your neighborhood that says "Hey, Bob, My key is under the rug. I left some coffee brewing and my wife is sleeping so don't wake her."
Sure, it's nearly useless and it's stupid, but what you're suggesting is nearly useless and stupid. Why don't you just set up VNC to use port 80? Hmmm? Would that make things too easy? Oh, I'm sorry, what I meant to ask was "maybe I could use that VNC thing... I hear it's kind of like Remote Desktop, but for Lunix. I hear Perl is cool. I liked Perl Jam in middle school. Where are my Puddle of Mudd CDs?"
Dear lord.
Second, I take it you're planning on switching to ex for your editing needs? Get yourself your own little unique niche in the vi vs. emacs wars?
fencepost
just a little off
He may not have web support. Take for example the cell phone I got from AT&T. First, I don't think it has web support. Second, I wouldn't want to pay for their PocketNet service anyway. However, it does apparently have AIM connectivity (for a fee). Basically, there is a gateway between SMS and AIM that I can send to like any other SMS number. In this situation, using the web wouldn't be an option. But using AIM would.
You can't get a blue screen on a black and white monitor.
For those of you that think Im insane for wanting to use such an unsecure form of shell access. I have a Danger Hiptop, which has a built in AIM client, and no shell client...yet.
So, the idea here is to allow me to get shell access when i cant get to a full box with a SSH client on it. And as far as security goes, i would clearly only allow it to execute commands that come from my screenname......SO DONT GO GETTING ANY IDEAS!
Furthermore, I appreciate those of you who gave infomative answers, rather then uninformed cynical rantings.
_______
Death wish, n.:
The only wish that always comes true, whether or not one wishes it t
Yup, I will repeat what everyone else appears to be saying. This is a huge security issue! There are many ways to provide remote shell access securely even across multiple platforms and operating systems. AIM is not one of them.
You are asking for serious trouble.
OpenSSH connection to a Perl script to prompt users appropriately, would be worlds better than AIM.
You need to clarify exactly why you want to use AIM over another solution to convince Techies.
For example, you want the server to go online to AIM and alert someone, who's monitoring, of a problem and then said person can connect via AIM to resolve the problem. There are many other ways to alert someone including Pager, email, etc. These listed alerts would be better because who's to say the person will actually be on AIM when the server needs them to be there.
Even if you are on a secure connection, you are still using AIM which relies on AOL servers to receive and send the data. This means it goes over the Internet unencrypted and can most certainly be intercepted. Would you want someone who stumbles across you packets connecting to this server and sending commands that execute locally on the server? This scares the hell out of most techies.
Again, state your reasoning and exactly what you are trying to accomplish. If it makes sense then you'll get a logical answer to the question. If it's a poor idea, it will be torn to shreds.
You may be just scratching the surface of an innovative idea that could be solved in a more secure fashion. It's just that you are going about it the wrong way.
Sorry if this has been posted, but I see a whole bunch of people chastising you for using cleartext AIM, recommending ssh. I personally know of several situations where ssh is not an option, but AIM is.
If it's an option, I suggest using a public key signing at the minimum, best bet would be public key encryption. If a person would be able to take a java applet (or command lines, or GUI, or morse code on the mouse button(s)...) to take the text to send -- commands, passwords, etc., GPG sign or encrypt and spit out what to paste into the AIM window, that may provide security for the server and (only slightly less) usability for the client. Additionally, the server may be able to do the same, so if you could paste the encrypted/signed server text into another application, you'd be able to have more security for what the client sees as well.
This is only worth a damn if you can trust the server and the client. If you can't, you'd be best listening to the 50+ people telling you you're crazy.
I have been working on something like this using java. Basically here's how it works:
User sends a message to a bot listening on some server.
Bot parses message to get command.
Bot checks to see if user is allowed to execute command. This is done by checking an XML conf file which lists all the possible commands and their persmissions (currently theres only two levels of persmissions).
If the user can execute the command it is executed and the result is sent back as a message to the user who executed it.
This method works because I can limit the calls made, but if you wanted to change it to work like a shell that would be pretty easy.
The javaTOC package is what I used to connect to aim. It was written by Jeff Heaton and it works great.
I don't have the source anywhere to view, but if anybody wants it let me know...
I understand the desire for mobile administration, however, I do not understand the desire to use AIM as the carrier.
I have a Handspring Visor with a Visorphone attachment. In conjunction with a dial-in ISP, I can obtain a nice little internet connection. Now that I'm online with my Visor, I can use the spiffy little Palm OS SSH client. It's a breeze to setup and would provide you with a *cough* secure hand-held remote administration tool. I've used it and it works great for commands and returns, and so-so for things like mutt and vi. For anything else, you have to play with your terminal modes on your *NIX box, though this is not a difficult task.
Hope this helps.
*cough*: 'secure' is a relative term here
----
You can have my sig when you pry it from my cold dead......
This would be really fun if you did open it up to crackers and let them enter commands, then respond in AI fashion with "helpful" error messages ("you sound angry, are you sure you want to execute rm -rf /") or the famous "I'm sorry, Dave, I can't let you do that". Watching the logs of this might provide some amusment.
Well, not quite exactly what you've spec'd out, but a friend of mine has developed a java applet which is a telnet-over-http client. There is also a server-side component.
It's a little clunky, but what it does is provides shell access to a system by tunneling commands and output over HTTP. This allows you to log in to your boxen when you are stuck behind a firewall/proxy server that ONLY allows HTTP traffic to pass. Because it uses HTTP, you can also use HTTPS if you have a webserver running on that machine which has SSL enabled, giving you a secure connection.
Source code hasn't been released yet, sorry.
If you're just looking for a lightweight, well-written SSH/Telnet client for Win32, try PuTTY. It's a single executable (no installer required, no DLL's) which stores configuration info and keys in the registry. The executable can even be stuck on a floppy or CD if you so desire and run from there.
Give me my freedom, and I'll take care of my own security, thank you.
I have a project on sourceforge, shear that may serve as a head start towards your goal.
Althought it doesn't currently do anything with the shell, it supports sending commands to an aimbot which then processes the command and does something useful.
To play around with it, send toastsaimbot0 a message on aim.
It is fairly easy to modify, and adding commands to do stuff you'ld like to do should not be too difficult.
It supports authentication based on aim usernames, and will work on ICQ as well (on the odd chance you are in a situation where you can access icq but not aim)
send me an email if you want more details, and/or help getting it to run.
Need a Catering Connection
Oddly enough, I use a combination of my AIM-enabled Nokia 3390 T-Mobile phone, Trillian Pro as my AIM client, with Winamp 2.x plugins, and it's built in word-matching abilities to control Winamp. For instance //next could change to the next song, as Tril Pro supports Winamp controlling as such through it's plugin. I can also launch MS Outlook from my mobile and any other program. Or set my status to away, or lock my workstation.
I doubt any of this would ultimately be useful to you, but it's fun to turn the music on and off from another city... sorta...
However, I use the Chimmy Yahoo client, a console based client that runs on Linux, and run it through some expect scripts. I sometimes use this so that I appear to always be online and receive and reply to messages via email on my cellphone. I send an email message from my phone to an address on my linux box, which interprets the commands and sends them through to the appropriate places, and vice-versa. So far it works great.
Trolls lurk everywhere. Mod them down.
I know this sounds cheesy, but use a hash of numbers to verify your login. A "small" number that can be calculated with a normal calculator. Change this formula often. Make sure you can only message from a single IM user. Even though the hash code and your AIM username/password are going over an unencrypted data channel, as long as the hash code is even somewhat robust and changes often, you should have a pretty secure login mechanism. Happy hacking :)
<Amanda`> I just went out to the parking lot in my bathrobe to exchange warez CDs.
The trouble with GAIMs perl interface is that it's bloody unstable. I can have nonworking code, add a line with nothing but "1;" on it, and have it work suddenly. Sometimes nothing syntactically wrong breaks it, sometime minor syntax errors don't break it.
I want my Cowboyneal
http://graflex.org/klotz/hiptop/bot
> Re:Its simple really.. ...
> Upon further research into the Danger Hiptop,
> it appears that it has a java vm.
> Therefor you should be able to run any java telnet application, such as java-ssh
Why didn't anybody else think of running java-ssh on the Hiptop! Of course, there's that minor issue of no development kit and no way to install software, but I'm sure you've already figured out a way around that minor issue! Please, do tell us.