|
Index of /it/projects/wsh
|
Name Last modified Size Description
![[DIR]](/icons/back.gif)
Parent Directory 04-Sep-2007 18:52 -
![[ ]](/icons/unknown.gif)
CHANGELOG 07-May-2006 22:00 1k
![[TXT]](/icons/text.gif)
fr_README.txt 07-May-2006 22:00 6k
patch_221_to_222 07-May-2006 21:58 8k
![[ ]](/icons/compressed.gif)
wsh-1.2.3.tar.gz 23-Dec-2002 09:42 5k
wsh-1.3.2.tar.gz 28-Feb-2003 15:02 6k
wsh-1.3.3.tar.gz 19-Mar-2003 00:50 6k
wsh-2.0.0.tar.gz 17-May-2003 06:57 9k
wsh-2.0.1.tar.gz 18-May-2003 15:04 16k
wsh-2.0.2.tar.gz 02-Jul-2003 14:54 16k
wsh-2.1.0.tar.gz 10-Oct-2003 09:25 22k
wsh-2.2.1.tar.gz 15-Jul-2004 10:00 24k
wsh-2.2.2.tar.gz 07-May-2006 21:58 25k
WSH 2.2.2
=========
===============================================================================
GRAY-WORLD.NET / WSH
====================
The WSH program is part of the Gray-World.net projects.
Our Gray-World Team uses the http://gray-world.net website to present the
projects and publications we are working at. Our activity dwells in the NACS
(Network Access Control System) bypassing research field and is related to
computer and network security topics.
===============================================================================
WSH (Web Shell) - remote UNIX/WIN shell, that works via HTTP/HTTPS.
FEATURES
--------
+ SSL support (*);
+ command line history support (**);
+ file upload/download;
+ protect server part script usage with secret key in HTTP message;
+ data flow Xor encoding;
+ can work trough HTTP proxy server (to hide client ip or bypass firewall);
(*) Net::SSLeay package is required on the client host:
Download it at:
http://search.cpan.org/author/SAMPO/Net_SSLeay.pm-1.22/
(**) - next packages are required on the client host:
1) readline-4.2a.tar.gz or later from
http://www.gnu.org/directory/readline.html
2) ReadLine-Gnu-1.12.tar.gz or later from
http://search.cpan.org/search?dist=Term-ReadLine-Gnu
HOW IT WORKS
------------
+----------+ +------------+ | +-------------------+
| CLIENT |<-HTTP->| http proxy |<-HTTP->| WEB SERVER |
| wsh-c.pl | | (optional) | | | /cgi-bin/wsh-s |
+----------+ +------------+ | +-------------------+
|
Firewall?
wsh-c.pl provides shell-like prompt, encapsulating user commands into HTTP
POST requests and sending them to the wsh-s script on the target web server
directly or via HTTP proxy server; wsh-s extracts and executes commands from
HTTP post requests and returns STDOUT and STDERR output as HTTP response
message. By default both scripts encode HTTP data using Xor.
INSTALLATION
------------
1. Check path to perl in the "config.pl" file;
2. Run "config.pl" : `./config.pl`
OPTIONAL ----------------------------------------------------
Modify the file "wsh-c.conf", if you want to use HTTP proxy;
use_proxy 1
proxy_ip <ip>
port <port>
Check other client configuration options also..
-------------------------------------------------------------
3. For the wsh-s.c and WshServlet.java, check the Shell (*Nix or Win32)
location;
4a. Perl server version :
+ Check path to perl and permissions of the newly created "wsh-c.pl";
+ Upload wsh-s.pl under the target cgi-bin directory and check path to
perl;
4b. C server version :
+ Upload wsh-s.c under the target cgi-bin directory and compile it
(remove the source code after) :
* Under *Nix : gcc -g2 -Wall -o wsh-s wsh-s.c
* Under Win32 (Visual C++) : cl /W3 wsh-s.c ws2_32.lib
* Under Win32 Cygwin : Set the WIN32_RUN variable in the source
code and build it as for the *Nix version.
4c. Java servlet version :
+ Upload the java built version under a servlet executable location.
z. Double check path to perl and global parameters such as encode in server
and client scripts.
About SSL :
a. If you use a SSL wsh-c.pl client, you can configure the client to check the
server certificate CN (but this check can be circumvented !):
my $ssl_set_check=1; # (0 || 1) don't or check the webserver
# ssl certificate with internal
# ssl_crt_subject.
my $ssl_crt_subject="/C=Fr/ST=Paris/L=Paris/O=XXX/OU=XXX/CN=XXX";
=> You only have to execute the wsh-c.pl client one time and grab the CN
displayed by the error message.
b. We didn't check the wsh-c-SSL.pl client on a Win32 platform. If you manage
to install the Net::SSLeay on Win32 and check wsh-c-SSL.pl, send us a mail.
USAGE
-----
sh# client/wsh-c.pl targethost.com/cgi-bin/wsh-s.pl <Key>
..or
sh# client/wsh-c.pl targethost.com/cgi-bin/wsh-s <Key>
..if you install the wsh-s C version or
sh# client/wsh-c.pl targethost.com/servlet/WshServlet <Key>
..if you install the wsh-s java servlet version.
<Key> is the default KEY, if you do not change it with config.pl or manually
in wsh-c.conf and wsh-s.pl/wsh-s.c/WshServlet.java files.
WSH commands:
exit as is;
history show commands history;
!<number> execute command with history <number>;
wshget <file> get <file> from remote host to local directory;
wshput <file> put <file> from local directory to remote host;
lect <lecter:> change to lecter on Win32 (ex: "lect d:");
LICENSE
-------
WebShell is distributed under the terms of the GNU General Public License v2.0
and is copyright (c) 2002,2003,2004 Alex Dyatlov <alex [at] gray-world.net>
and Simon Castro <scastro [at] entreelibre.com>.
See the file COPYING for details.
AUTHORS
-------
Alex Dyatlov <alex [at] gray-world.net> - basic WSH code.
Simon Castro <scastro [at] entreelibre.com> - WIN environment and SSL support,
wsh-s C version,
WshServlet java version.
Latest WSH version is available on the official gray-world.net website :
http://gray-world.net/
or on its mirror :
http://www.entreelibre.com/gray-world.net/
WSH discussion board at:
http://gray-world.net/board/