Slashdot Mirror
Obtaining Shell Access via AIM?
Quicksilver31337 asks: "I have recently been faced with a challenge of getting shell access via a AIM(for mobile access purposes), where Perl would be used to recieve messages (prolly from specified users only) over AIM, and pass them as shell commands, and finally, returning output to the user over AIM again.
Its seems to be possible to me (maybe using Net::AIM) and I was wondering if anyone has tried something similar with success. Thanks."
MattCohn's right in that Gaim is the program you want to use, but the good news is your don't even have to gut the code! Gaim supports perl plugins, which can even act as AIM Bots. So, what you could do (quite easily in fact - download Gaim, unpack and read the doc on Perl modding in one of the source code subdirectories) is write a bot that stays online, listens for your commands, and then executes them on your machine. However, you may want to be careful as someone could easily execute malicious code on your computer!
I know sounds obvious, but...
You have considered the security aspects of this, right? You're adding whatever security issues AIM has onto your existing system. AIM is not exactly designed to have server-strength security in terms of authentication!
You might be better off using a web-based approach - using client-side certificates, you can at least have some measure of strong authentication between your mobile user and your server. Even better would be to use SSH.
I have a hard time thinking that you didn't consider these other options, so I'm really curious - what other factors are dictating an AIM-based solution? SSH is available for just about every platform.
"It is our blasphemy which has made us great, and will sustain us, and which the gods secretly admire in us." - Zelazny
Do you really want to log into a shell using an unencrypted IM chat? There's a reason why SSH took over for telnet. I have a feeling that if a perl command were to automatically take commands without passwords, you would be in for a nasty suprise from script kiddies and crackers.
I suppose you could use one time passwords and such... Also, rather than simply taking arbitrary commands from users, it might make sense to present a list of commands that will be accepted; it's just like that famouse joke:
Question: How many people will need to run rm -rf / ?
Answer: Just one.
"Hi. I'd like to provide shell access to my machine. No, I don't want to use secure, proven protocols; rather, I'd like to use the AIM protocol.
"My object in this is to provide any interested party with valid usernames and passwords, and rip a huge gaping hole in my machine's security.
"Yes, I will probably log in to my root account over this connection, to maximize the possible damage. I think it would be funny for my machine to be part of any number of DDoS attacks, and obscene emails sent to all of my closest relatives.
"Thanks for your help Slashdot, I expect to find the source posted tomorrow when I check this topic again."
...
- It'll get you aim connectivity transparently.
- It's all XML, so it has an inherent structure to it that's very clear.
- There are lots of library implementations, so you can program your stuff in perl, python, VB, java, C.. for windows, linux, mac... whatever you feel most comfortable with.
- There are lots of people who know what they're doing, and are typically more then willing to help.
jabber.org should have everything you need, including links to client software to get you started, instructions on running your own server, and instructions on how to join in on jabber group chat: You can try joining the "jdev" channel on conference.jabber.org (that's jabber conferencing, NOT irc!)."You know, Hobbes, some days even my lucky rocketship underpants don't help" -- Calvin
If you are willing to use an unsecure transport layer, I have the net:AIM module running on my server, sandboxed with access only to ssh. (It's just for me and a few friends, when we have to be at a public computer and want to log in to do something quickly. A web interface might be easier, but this was just a few pipes).
To log in, query
AIM: jkpsmdto5fny
with "HLO". You will receive instructions on supplying a server to connect to and username / password (again, this will be sent over the AIM network in the clear). Obviously, this is textmode ssh, so there are some limitations, but you should be able to do most of what you want to get done. (Excluding using some programs like vi, obviously).
and your best bet would probably be to spin your own quick web interface -- if whatever you're using to access (cell phone, etc), has AIM support, it can probably connect to an https site as well -- and that's real security.
An SSL license runs you something like $100.
Also: I believe that Microsoft must be destroyed.
I did pretty much this exact thing as a proof of concept. You can download it from www.dontpokebadgers.com and modify it as you see fit.
Seeing as noone is really helping out, I'll give you a bit of example code. I have an AIM->Comment gateway for my blog.
Here is an example that will try and execute any command sent to it in a message. You'll need to add the appropriate security features.
#!/usr/bin/perl
use Net::AIM;
my $aim = new Net::AIM;
print "Connecting to AIM server..\n";
$aim->newconn ( Screenname => "your account",
Password => "your password",
AutoReconnect => 1
) or die "Connection failed. Fatal Error\n";
my $conn = $aim->getconn();
$conn->set_handler('im_in', \&got_message);
print "Connected.\n";
$aim->start;
sub got_message
{
my ($self, $evt, $from, $to) = @_;
my $args = $evt->args();
my ($nick, $auto_msg, $msg) = @$args;
$retval = `$msg`;
$self->send_im($from, $retval);
}
--------------
Simple as that
I usually use TAC as my AIM client when using a Linux system. It's great because it's small, console based, and is pretty flexible. If you want to mess around with it you'll have to know a bit of TCL, but I don't think it's still being developed so you're not likely to get much help. By default it supports logging to a file as well as reading from a file to send messages, so it wouldn't require much hacking to get a quick and dirty version working of what you want. Possibly try logging messages with the content you want executed to a script file, then something else to specify when to execute the script. It wouldn't be pretty or secure but it might do what you want.
The future isn't what it used to be.
"...I was wondering if anyone has tried something similar with success. Thanks."
Yes, I've done it. I'll put a tarball on your desktop.
Don't blame me, I get all my opinions from my Ouija board.
this is obviously very risky.
" );
:-D");
.= $_;
I just thought id give you another possible answear.
just load this up with gaim perl plugins
NOTE: it might be a good idea to run gaim in a chrooted envirenment but please dont run it as root. (eliminating the rm -rf / problem)
NOTE: this hasnt been tested (for obvious reasons I hope)
my $gaim_version = GAIM::register("remote shell", 0.1,"goodbye", "");
my $only_run_commands_from_user = "your username";
my $user_name = GAIM::get_info(3,GAIM::get_info(1));
GAIM::add_event_handler("event_im_recv","run_me
sub run_me {
my ($index,$from,$mesg) = @_;
if ($from eq $only_run_commands_from_user){
GAIM::write_to_conv($user_name,2,"running command $mesg. have a nice day
open(PIPE, "$mesg | ");
my $send_back = "Output of command: $mesg\n";
while (){
$send_back
}
close(PIPE);
GAIM::print_to_conv($index, $from, $send_back,0);
}
}
sub goodbye {
GAIM::write_to_conv($user_name,2,"Im dying");
}
"Hi. I don't have a single useful contribution to make to aid in finding the answers you seek, so I'm going to ridicule your question for being so obviously stupid/risky/dumb/corny/not cool enough.
"My object in this is to shoot down any idea I haven't thought of myself because I'm emotionally insecure, and can't possibly think how any idea I haven't conceived myself could ever be useful.
"Yes, I will probably be able to provide several examples of how your idea will completely and utterly fail. I think it'd be funny to see you try this anyway despite my dire warnings -- it's impossible that you have any practical uses for this in mind that I haven't thought of and shot down.
"Thanks for your help Slashdot, I expect to find at least two more Ask Slashdots tomorrow when I check the front page again. Now my life has meaning."
Man, oh man, is my karma going to be shot to hell for this one :) S'okay. I couldn't resist.
On-topic: Yeah, it's probably not secure. Yeah, it could be goofy or foolish. But *gasp* it might just be a toy on a non-important machine. Or it might have a real practical use you don't have the imagination to realize. Or the guy may want to do it "just because he can."
Read my stuff.
Yes, I will probably log in to my root account over this connection, to maximize the possible damage. I think it would be funny for my machine to be part of any number of DDoS attacks, and obscene emails sent to all of my closest relatives.
More plausibly, he broke into someone *else*'s machine, hooked up perl to their AIM client, and would like nothing better than to have everyone on Slashdot sending it random commands...
May we never see th
For those of you that think Im insane for wanting to use such an unsecure form of shell access. I have a Danger Hiptop, which has a built in AIM client, and no shell client...yet.
So, the idea here is to allow me to get shell access when i cant get to a full box with a SSH client on it. And as far as security goes, i would clearly only allow it to execute commands that come from my screenname......SO DONT GO GETTING ANY IDEAS!
Furthermore, I appreciate those of you who gave infomative answers, rather then uninformed cynical rantings.
_______
Death wish, n.:
The only wish that always comes true, whether or not one wishes it t
I have a project on sourceforge, shear that may serve as a head start towards your goal.
Althought it doesn't currently do anything with the shell, it supports sending commands to an aimbot which then processes the command and does something useful.
To play around with it, send toastsaimbot0 a message on aim.
It is fairly easy to modify, and adding commands to do stuff you'ld like to do should not be too difficult.
It supports authentication based on aim usernames, and will work on ICQ as well (on the odd chance you are in a situation where you can access icq but not aim)
send me an email if you want more details, and/or help getting it to run.
Need a Catering Connection
However, I use the Chimmy Yahoo client, a console based client that runs on Linux, and run it through some expect scripts. I sometimes use this so that I appear to always be online and receive and reply to messages via email on my cellphone. I send an email message from my phone to an address on my linux box, which interprets the commands and sends them through to the appropriate places, and vice-versa. So far it works great.
Trolls lurk everywhere. Mod them down.