Remote control a linux machine, via terminal

dindibo4

New Member
Credits
0
Hey, I made two python programs, in two different computers, that uses sockets to communicate between the two computers.
Then, I wanted to execute a terminal command at the client program and the command it self will be sent from the remote controller program, then the client will send the result back to the second program.
This is what I've tried:

The controller side:

Code:
import socket

s = socket.socket()
s.connect(('kali', 6655))

getInput = lambda: raw_input("client> ")

cmd = getInput()

while cmd != "###STOP###":
  s.send(cmd)
  reply = s.recv(1024)
  print("Output:\n\n{0}".format(reply))
  cmd = getInput()
s.send("###STOP###")
The Controlled side:

Code:
import socket
import os

s = socket.socket()
s.bind(('', 6655))
s.listen(1)

c, addr = s.accept()
print 'connected to: {0}'.format(addr)

cmd = ""
result = ""

getInput = lambda: c.recv(1024)
execute = lambda cmd: os.popen(cmd).read()

cmd = getInput()

while cmd != '###STOP###':
    result = execute(cmd)
    c.send(result)
    cmd = getInput()

Those programs kinda work, it only worked for a few simple commands, for example: ls, pwd, cat, shutdown now. But when I tried more complex commands like: cd, rmdir, firefox. The program at the controlling side stopped working and I could not insert any input to send it to the controlled machine, it first executed those commands but afterwards, it was paused.

Does somebody know a different method that allows me to execute those commands or at least what's causing this problem?
Thanks in advance.
 
Last edited:


Rob

Administrator
Staff member
Credits
80
Hey there - welcome to the site!

I don't know python, but you can achieve the same results just using ssh.. for instance:
Code:
ssh [email protected] "uptime"
will show you uptime on the remote server.. you can also run a complete local script on a remote machine like:
Code:
ssh [email protected] "bash -s" < /path/to/local/script.sh
If you're looking to run the remote firefox on your local display, then you should be able to use something like
Code:
ssh -X [email protected] "firefox"
Also, this is more smooth / helpful if you set up ssh keys between the two so you aren't prompted for a password each time.
 

dindibo4

New Member
Credits
0
Hey there - welcome to the site!

I don't know python, but you can achieve the same results just using ssh.. for instance:
Code:
ssh [email protected] "uptime"
will show you uptime on the remote server.. you can also run a complete local script on a remote machine like:
Code:
ssh [email protected] "bash -s" < /path/to/local/script.sh
If you're looking to run the remote firefox on your local display, then you should be able to use something like
Code:
ssh -X [email protected] "firefox"
Also, this is more smooth / helpful if you set up ssh keys between the two so you aren't prompted for a password each time.
Hey and thanks for your reply.
I don't know much about ssh but I won't mind using it for this purpose.
But what do I need to type instead of the "[email protected]"? at
Code:
ssh [email protected] "uptime"
do I need to open up an ssh server for that?
 

dindibo4

New Member
Credits
0
The remote server may already be running an ssh server.. depending on the distribution. the [email protected] would be something like [email protected] (the remote username @ its hostname or IP).

You can try just the ssh [email protected] part without the command to see if it gives you a login prompt.
It doesn't seems to work.
I have a windows 10 machine and another machine with kali linux and I tried to connect from the linux machine to the windows by ssh.
I typed in the terminal
Code:
ssh [My computer's username]@[The IPv4 address of the machine]
and that's what I've got:
Code:
ssh: connect to host XXX.XXX.XXX.XXX port 22: Connection timed out
Then I tried the opposite(tried to connect from window 10 to linux) and I've got this error:
Code:
ssh: connect to host XXX.XXX.XXX.XXX port 22: Connection refused
Have I done something wrong?
 

Rob

Administrator
Staff member
Credits
80
Sorry, I assumed you had two linux machines. Windows doesn't have an ssh server out of the box.

But, from windows to kali should work.. can you type this on the kali box?
Code:
ps aux | grep ssh
and
Code:
netstat -tanp | grep ssh
This will tell us if ssh is running and what port its listening on.

Edit: you should see something like this if it's running:
Code:
[email protected]:~# ps aux|grep ssh
root       518  0.0  0.2  11948  4100 ?        Ss   12:05   0:00 sshd: [email protected]/0
root       547  0.0  0.1  10388  3088 ?        Ss   Dec10   0:00 /usr/sbin/sshd -D
root       743  0.0  0.0   4248   900 pts/0    R+   12:09   0:00 grep ssh
[email protected]:~# netstat -tanp|grep ssh
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      547/sshd
tcp        0      0 192.168.2.162:22        192.168.2.43:50659      ESTABLISHED 518/sshd: [email protected]/
tcp6       0      0 :::22                   :::*                    LISTEN      547/sshd
 

dindibo4

New Member
Credits
0
Sorry, I assumed you had two linux machines. Windows doesn't have an ssh server out of the box.

But, from windows to kali should work.. can you type this on the kali box?
Code:
ps aux | grep ssh
and
Code:
netstat -tanp | grep ssh
This will tell us if ssh is running and what port its listening on.

Edit: you should see something like this if it's running:
Code:
[email protected]:~# ps aux|grep ssh
root       518  0.0  0.2  11948  4100 ?        Ss   12:05   0:00 sshd: [email protected]/0
root       547  0.0  0.1  10388  3088 ?        Ss   Dec10   0:00 /usr/sbin/sshd -D
root       743  0.0  0.0   4248   900 pts/0    R+   12:09   0:00 grep ssh
[email protected]:~# netstat -tanp|grep ssh
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      547/sshd
tcp        0      0 192.168.2.162:22        192.168.2.43:50659      ESTABLISHED 518/sshd: [email protected]/
tcp6       0      0 :::22                   :::*                    LISTEN      547/sshd
Unfortunately it doesn't work either,
I typed the commands that you told me to execute, the first one showed a text that's similar to what you've suggested,
but the second command haven't had any output.
Then I typed:
Code:
in the windows 10 machine, the command threw another "Connection refused" exception.
 

Rob

Administrator
Staff member
Credits
80
ok - so, the important thing being shown is there's no 'sshd' process running.

Start the ssh server with this:
Code:
systemctl start ssh
After, check the status with:
Code:
systemctl status ssh
(then ctrl-c to or the letter 'q' to quit out of the logging output)

Then, try ssh to the kali box again from windows machine.
 

dindibo4

New Member
Credits
0
ok - so, the important thing being shown is there's no 'sshd' process running.

Start the ssh server with this:
Code:
systemctl start ssh
After, check the status with:
Code:
systemctl status ssh
(then ctrl-c to or the letter 'q' to quit out of the logging output)

Then, try ssh to the kali box again from windows machine.
Thank you very much!
It finally works:)
 
Last edited:

mal-2

New Member
Credits
0
I'm not sure how python sockets implements the connection but in general a socket connection on Linux is a raw tcp connection without any encryption. So be sure to not use that over a public network.

The config file for the SSH-Daemon is in /etc/ssh/sshd_config . If the server is reachable from public its recommendable do restrict login as root (instead use an unprivileged login and setup a sudo environment). Also it's more comfortable and secure to set up a public key authentication as explain in this tutorial:
https://www.linux.org/threads/openssh.4182/
(also checkout "man sshd_config"; Tip: change the port of the SSH Server to something about 10000 as the internet is crowded of bots probing the standard ports for security holes)


In general I wouldnt recommend kali as an beginner Linux. Most "hacking" tools you can also get from the debian distro (check out https://packages.debian.org/sid/forensics-all https://packages.debian.org/sid/forensics-all-gui for example) and those tools exclusive on kali are mostly outdated anyway and need to be manually updated (in which case a clean install is favorable). Its even "dangerous" with Kali as you produce just virtual noise when you not exactly know what you are doing and that attracts attention from the bad guys as well.

Finally I'm somewhat irritated that "systemctl start ssh" works because the ssh-daemon (daemon is unix for "service" in windows) is called sshd. Ssh is as far I know just the client-process.
 


Members online


Latest posts

Top