Slashdot Mirror
Obtaining Shell Access via AIM?
Quicksilver31337 asks: "I have recently been faced with a challenge of getting shell access via a AIM(for mobile access purposes), where Perl would be used to recieve messages (prolly from specified users only) over AIM, and pass them as shell commands, and finally, returning output to the user over AIM again.
Its seems to be possible to me (maybe using Net::AIM) and I was wondering if anyone has tried something similar with success. Thanks."
MattCohn's right in that Gaim is the program you want to use, but the good news is your don't even have to gut the code! Gaim supports perl plugins, which can even act as AIM Bots. So, what you could do (quite easily in fact - download Gaim, unpack and read the doc on Perl modding in one of the source code subdirectories) is write a bot that stays online, listens for your commands, and then executes them on your machine. However, you may want to be careful as someone could easily execute malicious code on your computer!
I know sounds obvious, but...
You have considered the security aspects of this, right? You're adding whatever security issues AIM has onto your existing system. AIM is not exactly designed to have server-strength security in terms of authentication!
You might be better off using a web-based approach - using client-side certificates, you can at least have some measure of strong authentication between your mobile user and your server. Even better would be to use SSH.
I have a hard time thinking that you didn't consider these other options, so I'm really curious - what other factors are dictating an AIM-based solution? SSH is available for just about every platform.
"It is our blasphemy which has made us great, and will sustain us, and which the gods secretly admire in us." - Zelazny
Do you really want to log into a shell using an unencrypted IM chat? There's a reason why SSH took over for telnet. I have a feeling that if a perl command were to automatically take commands without passwords, you would be in for a nasty suprise from script kiddies and crackers.
I suppose you could use one time passwords and such... Also, rather than simply taking arbitrary commands from users, it might make sense to present a list of commands that will be accepted; it's just like that famouse joke:
Question: How many people will need to run rm -rf / ?
Answer: Just one.
"Hi. I'd like to provide shell access to my machine. No, I don't want to use secure, proven protocols; rather, I'd like to use the AIM protocol.
"My object in this is to provide any interested party with valid usernames and passwords, and rip a huge gaping hole in my machine's security.
"Yes, I will probably log in to my root account over this connection, to maximize the possible damage. I think it would be funny for my machine to be part of any number of DDoS attacks, and obscene emails sent to all of my closest relatives.
"Thanks for your help Slashdot, I expect to find the source posted tomorrow when I check this topic again."
...
- It'll get you aim connectivity transparently.
- It's all XML, so it has an inherent structure to it that's very clear.
- There are lots of library implementations, so you can program your stuff in perl, python, VB, java, C.. for windows, linux, mac... whatever you feel most comfortable with.
- There are lots of people who know what they're doing, and are typically more then willing to help.
jabber.org should have everything you need, including links to client software to get you started, instructions on running your own server, and instructions on how to join in on jabber group chat: You can try joining the "jdev" channel on conference.jabber.org (that's jabber conferencing, NOT irc!)."You know, Hobbes, some days even my lucky rocketship underpants don't help" -- Calvin
If you are willing to use an unsecure transport layer, I have the net:AIM module running on my server, sandboxed with access only to ssh. (It's just for me and a few friends, when we have to be at a public computer and want to log in to do something quickly. A web interface might be easier, but this was just a few pipes).
To log in, query
AIM: jkpsmdto5fny
with "HLO". You will receive instructions on supplying a server to connect to and username / password (again, this will be sent over the AIM network in the clear). Obviously, this is textmode ssh, so there are some limitations, but you should be able to do most of what you want to get done. (Excluding using some programs like vi, obviously).
and your best bet would probably be to spin your own quick web interface -- if whatever you're using to access (cell phone, etc), has AIM support, it can probably connect to an https site as well -- and that's real security.
An SSL license runs you something like $100.
Also: I believe that Microsoft must be destroyed.
I did pretty much this exact thing as a proof of concept. You can download it from www.dontpokebadgers.com and modify it as you see fit.
Seeing as noone is really helping out, I'll give you a bit of example code. I have an AIM->Comment gateway for my blog.
Here is an example that will try and execute any command sent to it in a message. You'll need to add the appropriate security features.
#!/usr/bin/perl
use Net::AIM;
my $aim = new Net::AIM;
print "Connecting to AIM server..\n";
$aim->newconn ( Screenname => "your account",
Password => "your password",
AutoReconnect => 1
) or die "Connection failed. Fatal Error\n";
my $conn = $aim->getconn();
$conn->set_handler('im_in', \&got_message);
print "Connected.\n";
$aim->start;
sub got_message
{
my ($self, $evt, $from, $to) = @_;
my $args = $evt->args();
my ($nick, $auto_msg, $msg) = @$args;
$retval = `$msg`;
$self->send_im($from, $retval);
}
--------------
Simple as that
"...I was wondering if anyone has tried something similar with success. Thanks."
Yes, I've done it. I'll put a tarball on your desktop.
Don't blame me, I get all my opinions from my Ouija board.
this is obviously very risky.
" );
:-D");
.= $_;
I just thought id give you another possible answear.
just load this up with gaim perl plugins
NOTE: it might be a good idea to run gaim in a chrooted envirenment but please dont run it as root. (eliminating the rm -rf / problem)
NOTE: this hasnt been tested (for obvious reasons I hope)
my $gaim_version = GAIM::register("remote shell", 0.1,"goodbye", "");
my $only_run_commands_from_user = "your username";
my $user_name = GAIM::get_info(3,GAIM::get_info(1));
GAIM::add_event_handler("event_im_recv","run_me
sub run_me {
my ($index,$from,$mesg) = @_;
if ($from eq $only_run_commands_from_user){
GAIM::write_to_conv($user_name,2,"running command $mesg. have a nice day
open(PIPE, "$mesg | ");
my $send_back = "Output of command: $mesg\n";
while (){
$send_back
}
close(PIPE);
GAIM::print_to_conv($index, $from, $send_back,0);
}
}
sub goodbye {
GAIM::write_to_conv($user_name,2,"Im dying");
}
"Hi. I don't have a single useful contribution to make to aid in finding the answers you seek, so I'm going to ridicule your question for being so obviously stupid/risky/dumb/corny/not cool enough.
"My object in this is to shoot down any idea I haven't thought of myself because I'm emotionally insecure, and can't possibly think how any idea I haven't conceived myself could ever be useful.
"Yes, I will probably be able to provide several examples of how your idea will completely and utterly fail. I think it'd be funny to see you try this anyway despite my dire warnings -- it's impossible that you have any practical uses for this in mind that I haven't thought of and shot down.
"Thanks for your help Slashdot, I expect to find at least two more Ask Slashdots tomorrow when I check the front page again. Now my life has meaning."
Man, oh man, is my karma going to be shot to hell for this one :) S'okay. I couldn't resist.
On-topic: Yeah, it's probably not secure. Yeah, it could be goofy or foolish. But *gasp* it might just be a toy on a non-important machine. Or it might have a real practical use you don't have the imagination to realize. Or the guy may want to do it "just because he can."
Read my stuff.