bruh

.gitignore

@@ -0,0 +1,2 @@
+.idea
+.idea/*

README.md

@@ -0,0 +1,10 @@
+# ish (insecure shell)
+## most horrible way to access a server
+this tool opens a udp (yes, udp. who the fuck needs to make sure their packets are sent successfully) socket and accepts commands to be sent, there is no password, cus security is for pussies. oh also there's a hardcoded limit of 1024 bytes, idk what would happen if someone sends bigger than that  
+other features:
+- the shell process is killed after the output is sent, every time a new request is sent
+- you're stuck with /bin/sh, so no bash
+- the directory of sh is hardcoded, so this wont work on nixos
+
+
+usage: run `go run ./src/.`, and to send a command run `echo -n "<command>" | socat - udp:localhost:5060` on another terminal. have fun with your insecure shell :)

go.mod

@@ -0,0 +1,3 @@
+module exhq.dev/ish
+
+go 1.22.5

src/main.go

@@ -0,0 +1,41 @@
+package main
+
+import (
+	"bytes"
+	"fmt"
+	"log"
+	"net"
+	"os/exec"
+)
+
+func main() {
+	udpserv, err := net.ListenPacket("udp", ":5060")
+	if err != nil {
+		panic(err)
+	}
+	defer udpserv.Close()
+	for {
+		buf := make([]byte, 1024)
+		_, addr, err := udpserv.ReadFrom(buf)
+		if err != nil {
+			continue
+		}
+		go response(udpserv, addr, buf)
+
+	}
+}
+func response(udpServer net.PacketConn, addr net.Addr, buf []byte) {
+	command := string(buf[:bytes.IndexByte(buf, 0)])
+	print("\"" + command + "\"")
+	cmd := exec.Command("sh", "-c", command)
+	output, err := cmd.CombinedOutput()
+	if err != nil {
+		fmt.Println("Error:", err)
+		return
+	}
+
+	_, err = udpServer.WriteTo(output, addr)
+	if err != nil {
+		log.Printf("%v", err)
+	}
+}