Skip to content

Latest commit

 

History

History
31 lines (25 loc) · 1.5 KB

README.md

File metadata and controls

31 lines (25 loc) · 1.5 KB

watershell

This will allow you to run commands through iptables or other linux packet filters.

It is essentially a sniffer. It sniffs for udp datagrams to a specified port and then runs a command if a keyword is found

The two keywords right now are run:(command) and status

  • run: will run the command that comes after the colon as root
  • status: will send a reply packet with the string "up"

Status will not work if the port is not filtered, block ICMP port unreachable messages somehow and it should reply fine if it really is listening

Configuring

You can hard code values at the top of watershell.c or you can use command line arguments when you launch it. There are three options:

  • PORT: this defines the port to check for, -p flag, default 12345
  • PROMISC: whether to sniff all traffic or not, -p flag, default false
  • DEBUG: verbose logging output to display to the user running the binary

If promiscuous mode is on any traffic that goes over the network that is UDP and matches the spectfied port will trigger the program, for example sending UDP traffic with a payload of run:reboot to 8.8.8.8 will reboot the listening machine if it is on the same network as the originator. This is useful if you don't want to make direct contact with the machine but still want to send it commands. The status reply will have a spoofed source of the destination host you specified.

Compiling

Compile by hand or use the Makefile.

gcc watershell.c -o watershell
# OR
make
# OR
make watershell