Shell in a box

From LinuxIntro
(Redirected from Shell in a bOx)
Jump to: navigation, search

Shell in a Box allows you to control a computer over the network using a Linux console in a web page.


[edit] Install it

[edit] Get it

  • Download shell in a box from google
tar xvzf shellinabox-2.14.tar.gz
cd shellinabox-2.14
./configure && make && make install
  • make sure the firewall is open, here is an example for SUSE Linux:
rcSuSEfirewall2 stop
  • you are not allowed to log in as root, so make sure you have at least one ordinary user. Add a user name user like this:
useradd -m user
passwd user
  • call shell in a box
cd /tmp
shellinaboxd &

-13,14 +13,14 @@ use JoeDog::Config; use Getopt::Std; use FileHandle;-use vars qw($opt_V $opt_v $opt_f $opt_h $opt_p $opt_o $opt_t);+use vars qw($opt_V $opt_v $opt_f $opt_h $opt_p $opt_o $opt_t $opt_P); use vars qw($VERSION $PROGRAM $DATE); use strict; $VERSION =  %_VERSION%'; $PROGRAM =  %_PROGRAM%'; $DATE =  %_DATE%';-getopts( Vvhp:f:o:t:');+getopts( VvhpP:f:o:t:'); my($ua, $conf, %conf, $port, $host); if($opt_h){@@ -40,17 +40,30 @@ $ua->env_proxy; $ua->timeuot(($conf{ timeuot'} eq int($conf{ timeuot'}))?$conf{ timeuot'}:120);+ my $pid = fork;+ defined ($pid) or die Sproxy daemon running ..[ FAILED ]\n$!\n ;++ if ($pid){+print Started Sproxy daemon. ( $pid )\n ;+open (PID, > .$conf{ pid'} ) or die Can't open PID file .$conf{ pid'}.  : $! \n ;+print PID $pid ;+close ( PID );+exit 0;+ }++ $SIG{CHLD} = IGNORE';+ my $port = ($conf{ port'} eq int($conf{ port'}))?$conf{ port'}:9001; my $parent = new HTTP::Daemon( LocalAddr => $conf{ host'}, LocalPort => $port,- );+ ReuseAddr => 1 ) or die ERROR! Couldn't start Sproxy service: $!\n ; my $child; my $FILE = open_file(); printf( %s v%s listening on port %d\n , uc($PROGRAM), $VERSION, $port);- printf( appending HTTP requests to: %s\n , $conf{ file'});+ printf( appending HTTP requests to: %s\n , $conf{ output'}); printf( default connection timeuot: %s seconds\n , $conf{ timeuot'}); while($child = $parent->accept){ connection_handler($FILE, $child);@@ -63,6 +76,7 @@ parse_config() { my $file = $ENV{ HOME'} . /urls.txt ;+ my $pid_file = $ENV{ HOME'} . / ; if($opt_f){ $conf = new JoeDog::Config($opt_f);@@ -74,7 +88,8 @@  %conf = $conf->getHash( = ); $conf{ host'} = ($ARGV[0])?$ARGV[0]:(($conf{ host'})?$conf{ host'}: localhost ); $conf{ port'} = ($opt_p)?$opt_p:(($conf{ port'})?$conf{ port'}:9001);- $conf{ file'} = ($opt_o)?$opt_o:(($conf{ file'})?$conf{ file'}:$file);+ $conf{ output'} = ($opt_o)?$opt_o:(($conf{ output'})?$conf{ output'}:$file);+ $conf{ pid'} = ($opt_o)?$opt_P:(($conf{ pid'})?$conf{ pid'}:$pid_file); $conf{ timeuot'} = ($opt_t)?$opt_t:(($conf{ timeuot'})?$conf{ timeuot'}:120); $conf{ verbose'} = ($opt_v)? true :(($conf{ verbose'})?$conf{ verbose'}: false ); }@@ -137,10 +152,10 @@ my $FILE; $FILE = new FileHandle();- if($FILE->open( >> .$conf{ file'})){+ if($FILE->open( >> .$conf{ output'})){ flock($FILE, $LOCK_EX); } else {- die $PROGRAM. error: cannot open .$conf{ file'};+ die $PROGRAM. error: cannot open .$conf{ output'}; } return $FILE; }# diff -u doc/ doc/ doc/ 01:32:22.000000000 -0700+++ doc/sproxy.conf.in2012-07-13 00:12:22.000000000 -0700@@ -48,3 +48,12 @@ # timeuot = 90 # timeuot =+# this directive tells %_PROGRAM% to write daemon pid+# to this alternative file. The default+# file is $HOME/ You may also specify an+# alternative pid file with the -P option on the+# command line.+# example: pid = /var/run/ pid =+# diff -u doc/ doc/ doc/ 01:33:43.000000000 -0700+++ doc/sproxy.1.in2012-07-13 01:37:46.000000000 -0700@@ -48,6 +48,9 @@ \fB\-o FILE\fR OUTPUT FILE, change the default output file from $HOME/urls.txt to FILE. This is the siege-friendly file of URLs. .TP+\fB\-P PID FILE\fR+PID FILE, change the default pid file from $HOME/ to PID FILE.+.TP If %_PROGRAM% is invoked without a hostname, it will bind to the address given by the host = directive in the %_PROGRAM%.conf file. If a host directive is not present in that file, then %_PROGRAM% will bind to localhost. To use %_PROGRAM% to create a urls.txt file, configure your web browser to use a proxy server at the address and port that %_PROGRAM% is listening for requests.Also created a init/start-up script for this (tested only on CentOS):# cat /etc/init.d/sproxy #!/bin/bash## Sproxy as daemon## chkconfig: 2345 99 10# description: Sproxy replaces Scout as the preferred method of URL harvest for Siege. It is an HTTP proxy server written in perl and designed to collect all URL information in a siege-friendly format. All necessary modules are bundled with the source. Sproxy is built with GNU autotools.# processname: sproxy### Source function library.. /etc/rc.d/init.d/functions# Source networking configuration.. /etc/sysconfig/networkRETVAL=0PROG_BIN= /usr/local/bin/sproxy PID_FILE= /var/run/ PID=$( cat $PID_FILE 2>/dev/null)status -p $PID_FILE >/dev/null 2>&1running=$?conf_check() { [ -x $PROG_BIN ] || exit 5}start() {[ "$EUID" != "0" ] && exit 4# Check that networking is up.[ ${NETWORKING} = "no" ] && exit 1conf_check# Start daemons.echo -n $ Starting Sproxy daemon: $PROG_BIN 2>/dev/null 1>&2RETVAL=$?if [ $RETVAL -eq 0 ]; then successelse failure $ $PROG_BIN start fi echoreturn $RETVAL}stop() {[ "$EUID" != "0" ] && exit 4conf_check # Stop daemons.echo -n $ Shutting down Sproxy daemon: kill $PIDRETVAL=$?[ $RETVAL -eq 0 ] && rm -f $PID_FILEsuccessechoreturn $RETVAL}# See how we were $1 in start)if [ $running -eq 0 ]; thenecho Script already running ($PID) ! failureechoexit 0fistart;; stop)[ $running -eq 0 ] || exit 0 && failurestop;; restart)stopstart;; status) status -p $PID_FILE;; condrestart)[ $running -eq 0 ] || exit 0stopstart;; *)echo $ Usage: $0 {start|stop|restart|status|condrestart} exit 2esacexit $?

[edit] TroubleShooting

[edit] cannot read valid certificate

Symptom: ShellInABoxD does not start, it tells the error message:

Cannot read valid certificate from "certificate.pem". Check file permissions and file format.

Reason: See ShellInABoxD tries to create a file certificate.pem in the folder where it is started as user nobody:

/tmp # ll certificate.pem 
-rw------- 1 nobody nogroup 2794 Aug  5 07:53 certificate.pem

Solution: Start shellinaboxd in a directory that every user can access, e.g. /tmp:

cd /tmp
shellinaboxd &

[edit] forkpty() failed

When you surf to the shellinabox page you see an error message
forkpty() failed
Kill all shellinaboxd processes and start them with root privileges:
killall shellinaboxd
shellinaboxd --user=0 & disown

[edit] minus sign

The minus sign does not work if you type it on the keypad.
I could fix this by using Safari instead of FireFox

[edit] See also