Introduzione Oggi mi sono trovato nella necessità di dover utilizzare un utente, tramite protocollo ssh, per eseguire un singolo e semplice comando da remoto verso un server linux.
Per ragioni di sicurezza mi sono chiesto se esistesse la possibilità di limitare tale utenza all’esecuzione di un unico programma, senza ricorrere a jail (chroot) o shell “castrate” di terze parti.
Googolando e leggendo il man di ssh ho scoperto una soluzione facile e carina:...
Tested on:
Faraday Community Edition
BackBox Linux 3.x x86_64
Download Faraday claudio@backbox3:~$ wget https://github.com/infobyte/faraday/archive/master.zip Install requirements claudio@backbox3:~$ sudo pip install psycopg2
Downloading/unpacking psycopg2
Running setup.py egg_info for package psycopg2
Installing collected packages: psycopg2
Running setup.py install for psycopg2
Successfully installed psycopg2
Cleaning up...
claudio@backbox3:~$ Modify installation script claudio@backbox3:~$ unzip master.zip
claudio@backbox3:~$ cd faraday-master/
claudio@backbox3:~/faraday-master$ ls
apis AUTHORS config data deps exporters faraday.py gui install....
[claudio@localhost ~]$ python ipfire_cgi_shellshock.py
___ _______ _______ __ _______ __
| | _ | _ |__.----.-----. | _ .-----|__|
|. |. 1 |. 1___| | _| -__| |. 1___| _ | |
|. |. ____|. __) |__|__| |_____| |. |___|___ |__|
|: |: | |: | |: 1 |_____|
|::.|::.| |::.| |::.. . |
`---`---' `---' `-------'
_______ __ __ __ _______ __ __
| _ | |--.-----| | | _ | |--....
[claudio@localhost ~]$ ./bash_env_rci_v2.py
_______ _______ __
| _ .-----.--.--. | _ .---.-.-----| |--.
|. |___| | | | |. 1 | _ |__ --| |
|. | |__|__|_____| |. _ |___._|_____|__|__|
|: 1 | |: 1 \
|::.. . | |::.. . /
`-------' `-------'
___ ___ _______ _______ _______ ___
| Y | | _ | | _ | _ | |
| | |_|___| | |. l |. 1___|....
[claudio@localhost ~]$ ./aLFIscanner.py -u 10.0.0.67 -t lfi.php?ID=
$$\ $$$$$$$$\ $$$$$$\
$$ | $$ _____|\_$$ _|
$$$$$$\ $$ | $$ | $$ |
\____$$\ $$ | $$$$$\ $$ |
$$$$$$$ |$$ | $$ __| $$ |
$$ __$$ |$$ | $$ | $$ |
\$$$$$$$ |$$$$$$$$\ $$ | $$$$$$\
\_______|\________|\__| \______|
$$$$$$\
$$ __$$\
$$ / \__| $$$$$$$\ $$$$$$\ $$$$$$$\ $$$$$$$\ $$$$$$\ $$$$$$\
\$$$$$$\ $$ _____|\____$$\ $$ __$$\ $$ __$$\ $$ __$$\ $$ __$$\
\____$$\ $$ / $$$$$$$ |$$ | $$ |$$ | $$ |$$$$$$$$ |$$ | \__|
$$\ $$ |$$ | $$ __$$ |$$ | $$ |$$ | $$ |$$ ____|$$ |
\$$$$$$ |\$$$$$$$\$$$$$$$ |$$ | $$ |$$ | $$ |\$$$$$$$\ $$ |
\______/ \_______|\_______|\__| \__|\__| \__| \_______|\__|
An0th3r LFI sC4Nn3r v1....