Slashdot Mirror

← Back to Stories (view on slashdot.org)

Obtaining Shell Access via AIM?

Posted by Cliff on from the terminals-pah!-that-would-be-too-easy dept.

Quicksilver31337 asks: "I have recently been faced with a challenge of getting shell access via a AIM(for mobile access purposes), where Perl would be used to recieve messages (prolly from specified users only) over AIM, and pass them as shell commands, and finally, returning output to the user over AIM again. Its seems to be possible to me (maybe using Net::AIM) and I was wondering if anyone has tried something similar with success. Thanks."

7 of 88 comments (clear)

  1. I use TAC by MiTEG · · Score: 3, Interesting

    I usually use TAC as my AIM client when using a Linux system. It's great because it's small, console based, and is pretty flexible. If you want to mess around with it you'll have to know a bit of TCL, but I don't think it's still being developed so you're not likely to get much help. By default it supports logging to a file as well as reading from a file to send messages, so it wouldn't require much hacking to get a quick and dirty version working of what you want. Possibly try logging messages with the content you want executed to a script file, then something else to specify when to execute the script. It wouldn't be pretty or secure but it might do what you want.

    --
    The future isn't what it used to be.
  2. Re:Very risky by 3-State+Bit · · Score: 3, Interesting

    I suppose you could use one time passwords and such...
    You could NOT use one-time passwords, unless you can do bitwise XORing in your head and remember as many bits as you'll ever type. If you can do both those, then you can do RSA in your head too. (Okay, that's a lie, but for our purposes...)
    Except when we read "password" as "session key", meaning that text following the password is not sent in the clear, but always changed by a function involving the session key, there's no such thing as a one-time password. Since AIM doesn't have anything that includes that "function", you can only use a session key by doing the operations in your head.
    So, no-go.

  3. Re:Security? by Anonymous Coward · · Score: 2, Interesting

    Obviously he's intending to use this to break into somebody elses' machine. He's considered security issues extensively.

  4. Re:Security? by rplacd · · Score: 2, Interesting

    A lot of this depends on what the remote user has access to. If you've got gaim on the user end, you can write your auth/encryption
    code as a perl plugin on both ends, and you're set.

    You (the remote user) open a chat window with the gaim running on the server.
    You type: /auth
    [ your perl plugin and the remote plugin talk to each other and agree on session keys and whatnot ]
    Remote: go ahead.
    You type: [commands to execute]
    Remote: [responses]
    You type: /end
    Remote: see ya.

    If the user has access to a web browser with Java 1.0 support, then the gaim plugin or whatever can trivially use s/key or opie to authenticate the user (there are many s/key or opie java applets out there). Similarly, the session can be encrypted (though you'd have to write the applet for that yourself). You'd write your command in one pane, hit a button, the applet will place the encrypted text in the other pane. You paste the encrypted text into your AIM client. When it responds, you paste the encrypted text into the applet, hit a button, and read the response.

    This fails in one area -- you can't run commands that read directly from /dev/tty (examples: sudo, passwd, etc).

    I'm speculating here, but maybe the poster wants to access servers behind some corporate firewall that allows IM clients but not remote access via ssh.

  5. Its simple really... by Quicksilver31337 · · Score: 3, Interesting

    For those of you that think Im insane for wanting to use such an unsecure form of shell access. I have a Danger Hiptop, which has a built in AIM client, and no shell client...yet.
    So, the idea here is to allow me to get shell access when i cant get to a full box with a SSH client on it. And as far as security goes, i would clearly only allow it to execute commands that come from my screenname......SO DONT GO GETTING ANY IDEAS!
    Furthermore, I appreciate those of you who gave infomative answers, rather then uninformed cynical rantings.

    --
    _______
    Death wish, n.:

    The only wish that always comes true, whether or not one wishes it t
  6. I actually did something like this by Gudlyf · · Score: 3, Interesting

    However, I use the Chimmy Yahoo client, a console based client that runs on Linux, and run it through some expect scripts. I sometimes use this so that I appear to always be online and receive and reply to messages via email on my cellphone. I send an email message from my phone to an address on my linux box, which interprets the commands and sends them through to the appropriate places, and vice-versa. So far it works great.

    --
    Trolls lurk everywhere. Mod them down.
  7. Make a hash by elphkotm · · Score: 2, Interesting

    I know this sounds cheesy, but use a hash of numbers to verify your login. A "small" number that can be calculated with a normal calculator. Change this formula often. Make sure you can only message from a single IM user. Even though the hash code and your AIM username/password are going over an unencrypted data channel, as long as the hash code is even somewhat robust and changes often, you should have a pretty secure login mechanism. Happy hacking :)

    --

    <Amanda`> I just went out to the parking lot in my bathrobe to exchange warez CDs.