Dailydave mailing list archives
Re: Sending remote procedure calls through e-mail (RPC-Mail)
From: Cristiano Lincoln Mattos <lincoln () tempest com br>
Date: Wed, 20 Oct 2004 00:41:26 -0200
On Wednesday 20 October 2004 00:27, Abe Usher wrote:
what you have is basically unencrypted and weakly authenticated command
execution on the system, since all you rely on is the secrecy of the "special
account" and a simple passphrase -- both can be sniffed, or the account
gathered from mail server logs. not exactly secure.
be nice to see the system trying to execute "Get slim without Gym!" if a
spam with the passprase in the body reached the account :)
Cristiano Lincoln Mattos
Have you ever had the need to remotely send a command to a system, but you could not access it directly via ssh or telnet because the firewall is blocking all inbound connections? The practice of portknocking <http://www.portknocking.org/> provides an interesting network authentication mechanism for establishing a connection to a networked computer that has no open ports (as advertised on portknocking.org). While I find portknocking ingenious, it is somewhat cumbersome and overly complex for most users. I propose an alternative - send remote procedure calls via e-mail. I've coded an application that fits the bill: RPC-Mail. The premise of RPC-Mail is simple: (1) Construct an e-mail message that has a command that you want one of your remote PCs to execute. (2) Send the e-mail to a special account that is only used by RPC-Mail. (3) Have the remote PC set up with a scheduled task or cron job to periodically execute the application RPC-Mail.py. (4) When RPC-Mail.py executes, it parses all of the subject lines and message bodies of e-mail messages that it finds. If the message body contains a special passphrase, RPC-Mail executes the subject line as a command, and returns standard output as an e-mail message. For more information check out my full write up on: http://www.sharp-ideas.net/ Cheers, Abe Usher, CISSP _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
-- Cristiano Lincoln Mattos Tempest Security Technologies - www.tempest.com.br _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Sending remote procedure calls through e-mail (RPC-Mail) Abe Usher (Oct 19)
- Re: Sending remote procedure calls through e-mail (RPC-Mail) David Maynor (Oct 19)
- Message not available
- Fwd: Sending remote procedure calls through e-mail (RPC-Mail) Chris Kuethe (Oct 19)
- Re: Sending remote procedure calls through e-mail(RPC-Mail) Kurt Seifried (Oct 19)
- Fwd: Sending remote procedure calls through e-mail (RPC-Mail) Chris Kuethe (Oct 19)
- Re: Sending remote procedure calls through e-mail (RPC-Mail) Cristiano Lincoln Mattos (Oct 19)
- Re: Sending remote procedure calls through e-mail (RPC-Mail) Chris Kuethe (Oct 19)
- Re: Sending remote procedure calls through e-mail (RPC-Mail) Frank Knobbe (Oct 19)
- 'pr0jekt MAYHeM -- "~el8 team"' in full effect on the Daily Dave, etc =) robert (Oct 19)
- Re: Sending remote procedure calls through e-mail (RPC-Mail) Chris Kuethe (Oct 19)
- Re: Sending remote procedure calls through e-mail (RPC-Mail) Peter Busser (Oct 20)
- Re: Sending remote procedure calls through e-mail (RPC-Mail) John Bryson (Oct 20)
- Re: Sending remote procedure calls through e-mail (RPC-Mail) Paul Wouters (Oct 20)
- Re: Sending remote procedure calls through e-mail (RPC-Mail) John Bryson (Oct 20)
- Re: Sending remote procedure calls through e-mail (RPC-Mail) John Bryson (Oct 20)