Remote control a linux machine, via terminal

dindibo4

New Member
Joined
Oct 4, 2018
Messages
13
Reaction score
1
Credits
0
Hey, I made two python programs, in two different computers, that uses sockets to communicate between the two computers.
Then, I wanted to execute a terminal command at the client program and the command it self will be sent from the remote controller program, then the client will send the result back to the second program.
This is what I've tried:

The controller side:

Code:
import socket

s = socket.socket()
s.connect(('kali', 6655))

getInput = lambda: raw_input("client> ")

cmd = getInput()

while cmd != "###STOP###":
  s.send(cmd)
  reply = s.recv(1024)
  print("Output:\n\n{0}".format(reply))
  cmd = getInput()
s.send("###STOP###")

The Controlled side:

Code:
import socket
import os

s = socket.socket()
s.bind(('', 6655))
s.listen(1)

c, addr = s.accept()
print 'connected to: {0}'.format(addr)

cmd = ""
result = ""

getInput = lambda: c.recv(1024)
execute = lambda cmd: os.popen(cmd).read()

cmd = getInput()

while cmd != '###STOP###':
    result = execute(cmd)
    c.send(result)
    cmd = getInput()

Those programs kinda work, it only worked for a few simple commands, for example: ls, pwd, cat, shutdown now. But when I tried more complex commands like: cd, rmdir, firefox. The program at the controlling side stopped working and I could not insert any input to send it to the controlled machine, it first executed those commands but afterwards, it was paused.

Does somebody know a different method that allows me to execute those commands or at least what's causing this problem?
Thanks in advance.
 
Last edited:


Hey there - welcome to the site!

I don't know python, but you can achieve the same results just using ssh.. for instance:
Code:
ssh user@remote-server "uptime"
will show you uptime on the remote server.. you can also run a complete local script on a remote machine like:
Code:
ssh user@rremote-server "bash -s" < /path/to/local/script.sh

If you're looking to run the remote firefox on your local display, then you should be able to use something like
Code:
ssh -X user@remote-server "firefox"

Also, this is more smooth / helpful if you set up ssh keys between the two so you aren't prompted for a password each time.
 
Hey there - welcome to the site!

I don't know python, but you can achieve the same results just using ssh.. for instance:
Code:
ssh user@remote-server "uptime"
will show you uptime on the remote server.. you can also run a complete local script on a remote machine like:
Code:
ssh user@rremote-server "bash -s" < /path/to/local/script.sh

If you're looking to run the remote firefox on your local display, then you should be able to use something like
Code:
ssh -X user@remote-server "firefox"

Also, this is more smooth / helpful if you set up ssh keys between the two so you aren't prompted for a password each time.

Hey and thanks for your reply.
I don't know much about ssh but I won't mind using it for this purpose.
But what do I need to type instead of the "user@remote-server"? at
Code:
ssh user@remote-server "uptime"
do I need to open up an ssh server for that?
 
The remote server may already be running an ssh server.. depending on the distribution. the user@remote-server would be something like [email protected] (the remote username @ its hostname or IP).

You can try just the ssh user@host part without the command to see if it gives you a login prompt.
 
The remote server may already be running an ssh server.. depending on the distribution. the user@remote-server would be something like [email protected] (the remote username @ its hostname or IP).

You can try just the ssh user@host part without the command to see if it gives you a login prompt.
It doesn't seems to work.
I have a windows 10 machine and another machine with kali linux and I tried to connect from the linux machine to the windows by ssh.
I typed in the terminal
Code:
ssh [My computer's username]@[The IPv4 address of the machine]
and that's what I've got:
Code:
ssh: connect to host XXX.XXX.XXX.XXX port 22: Connection timed out
Then I tried the opposite(tried to connect from window 10 to linux) and I've got this error:
Code:
ssh: connect to host XXX.XXX.XXX.XXX port 22: Connection refused
Have I done something wrong?
 
Sorry, I assumed you had two linux machines. Windows doesn't have an ssh server out of the box.

But, from windows to kali should work.. can you type this on the kali box?
Code:
ps aux | grep ssh

and
Code:
netstat -tanp | grep ssh

This will tell us if ssh is running and what port its listening on.

Edit: you should see something like this if it's running:
Code:
root@kali-arm64:~# ps aux|grep ssh
root       518  0.0  0.2  11948  4100 ?        Ss   12:05   0:00 sshd: root@pts/0
root       547  0.0  0.1  10388  3088 ?        Ss   Dec10   0:00 /usr/sbin/sshd -D
root       743  0.0  0.0   4248   900 pts/0    R+   12:09   0:00 grep ssh
root@kali-arm64:~# netstat -tanp|grep ssh
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      547/sshd
tcp        0      0 192.168.2.162:22        192.168.2.43:50659      ESTABLISHED 518/sshd: root@pts/
tcp6       0      0 :::22                   :::*                    LISTEN      547/sshd
 
Sorry, I assumed you had two linux machines. Windows doesn't have an ssh server out of the box.

But, from windows to kali should work.. can you type this on the kali box?
Code:
ps aux | grep ssh

and
Code:
netstat -tanp | grep ssh

This will tell us if ssh is running and what port its listening on.

Edit: you should see something like this if it's running:
Code:
root@kali-arm64:~# ps aux|grep ssh
root       518  0.0  0.2  11948  4100 ?        Ss   12:05   0:00 sshd: root@pts/0
root       547  0.0  0.1  10388  3088 ?        Ss   Dec10   0:00 /usr/sbin/sshd -D
root       743  0.0  0.0   4248   900 pts/0    R+   12:09   0:00 grep ssh
root@kali-arm64:~# netstat -tanp|grep ssh
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      547/sshd
tcp        0      0 192.168.2.162:22        192.168.2.43:50659      ESTABLISHED 518/sshd: root@pts/
tcp6       0      0 :::22                   :::*                    LISTEN      547/sshd

Unfortunately it doesn't work either,
I typed the commands that you told me to execute, the first one showed a text that's similar to what you've suggested,
but the second command haven't had any output.
Then I typed:
Code:
ssh root@kali
in the windows 10 machine, the command threw another "Connection refused" exception.
 
Ok - can you paste the output of the commands?
Sure, there it is:
Code:
root@kali:~# ps aux | grep ssh
root      1103  0.0  0.0   7120   328 ?        Ss   15:24   0:00 /usr/bin/ssh-agent gnome-session
root      3380  0.0  0.0   4692   876 pts/0    S+   18:00   0:00 grep ssh
root@kali:~# netstat -tanp | grep ssh
root@kali:~#
 
ok - so, the important thing being shown is there's no 'sshd' process running.

Start the ssh server with this:
Code:
systemctl start ssh

After, check the status with:
Code:
systemctl status ssh
(then ctrl-c to or the letter 'q' to quit out of the logging output)

Then, try ssh to the kali box again from windows machine.
 
ok - so, the important thing being shown is there's no 'sshd' process running.

Start the ssh server with this:
Code:
systemctl start ssh

After, check the status with:
Code:
systemctl status ssh
(then ctrl-c to or the letter 'q' to quit out of the logging output)

Then, try ssh to the kali box again from windows machine.

Thank you very much!
It finally works:)
 
Last edited:
I'm not sure how python sockets implements the connection but in general a socket connection on Linux is a raw tcp connection without any encryption. So be sure to not use that over a public network.

The config file for the SSH-Daemon is in /etc/ssh/sshd_config . If the server is reachable from public its recommendable do restrict login as root (instead use an unprivileged login and setup a sudo environment). Also it's more comfortable and secure to set up a public key authentication as explain in this tutorial:
https://www.linux.org/threads/openssh.4182/
(also checkout "man sshd_config"; Tip: change the port of the SSH Server to something about 10000 as the internet is crowded of bots probing the standard ports for security holes)


In general I wouldnt recommend kali as an beginner Linux. Most "hacking" tools you can also get from the debian distro (check out https://packages.debian.org/sid/forensics-all https://packages.debian.org/sid/forensics-all-gui for example) and those tools exclusive on kali are mostly outdated anyway and need to be manually updated (in which case a clean install is favorable). Its even "dangerous" with Kali as you produce just virtual noise when you not exactly know what you are doing and that attracts attention from the bad guys as well.

Finally I'm somewhat irritated that "systemctl start ssh" works because the ssh-daemon (daemon is unix for "service" in windows) is called sshd. Ssh is as far I know just the client-process.
 

Members online


Top