commit e3ae35233f9abeb043ed394e64ce4d2912d0ecd8 Author: exhq Date: Mon Jul 8 18:54:19 2024 +0330 bruh diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..aceedef --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +.idea +.idea/* diff --git a/README.md b/README.md new file mode 100644 index 0000000..6375285 --- /dev/null +++ b/README.md @@ -0,0 +1,10 @@ +# ish (insecure shell) +## most horrible way to access a server +this tool opens a udp (yes, udp. who the fuck needs to make sure their packets are sent successfully) socket and accepts commands to be sent, there is no password, cus security is for pussies. oh also there's a hardcoded limit of 1024 bytes, idk what would happen if someone sends bigger than that +other features: +- the shell process is killed after the output is sent, every time a new request is sent +- you're stuck with /bin/sh, so no bash +- the directory of sh is hardcoded, so this wont work on nixos + + +usage: run `go run ./src/.`, and to send a command run `echo -n "" | socat - udp:localhost:5060` on another terminal. have fun with your insecure shell :) \ No newline at end of file diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..78bafa0 --- /dev/null +++ b/go.mod @@ -0,0 +1,3 @@ +module exhq.dev/ish + +go 1.22.5 diff --git a/src/main.go b/src/main.go new file mode 100644 index 0000000..63ac20c --- /dev/null +++ b/src/main.go @@ -0,0 +1,41 @@ +package main + +import ( + "bytes" + "fmt" + "log" + "net" + "os/exec" +) + +func main() { + udpserv, err := net.ListenPacket("udp", ":5060") + if err != nil { + panic(err) + } + defer udpserv.Close() + for { + buf := make([]byte, 1024) + _, addr, err := udpserv.ReadFrom(buf) + if err != nil { + continue + } + go response(udpserv, addr, buf) + + } +} +func response(udpServer net.PacketConn, addr net.Addr, buf []byte) { + command := string(buf[:bytes.IndexByte(buf, 0)]) + print("\"" + command + "\"") + cmd := exec.Command("sh", "-c", command) + output, err := cmd.CombinedOutput() + if err != nil { + fmt.Println("Error:", err) + return + } + + _, err = udpServer.WriteTo(output, addr) + if err != nil { + log.Printf("%v", err) + } +}