Windows configs, and readme.
This commit is contained in:
parent
b02757dae0
commit
032b2facaf
19
README.md
19
README.md
@ -1,6 +1,6 @@
|
||||
# ding
|
||||
## What is ding?
|
||||
ding is a client-server thing written in python. Its aim is to execute a set of commands remotely, which commands can be set in the server's config file.
|
||||
ding is a client-server thing written in python3. Its aim is to execute a set of commands remotely, which commands can be set in the server's config file.
|
||||
|
||||
## How does it work?
|
||||
The server will wait for a command to be sent by a client. If the command is present within the servers config file it will then execute the command, else nothing will happen.
|
||||
@ -12,16 +12,23 @@ The authentication is done via a SSL Client Certificate signed by an (self gener
|
||||
![Screenshot of ding](/img/dingScreenshot.png)
|
||||
[Can't read a thing?](https://raw.githubusercontent.com/Bandie/ding/master/img/dingScreenshot.png)
|
||||
|
||||
## Requirements
|
||||
* Install python3 on your target computers.
|
||||
|
||||
## Installation
|
||||
At every step please read carefully what the generate certificates scripts want from you. The information on the certificates doesn't need to be true and can be totally random. They only need to be different from one another.
|
||||
|
||||
Step 1 to 3 can only be run on UNIX or GNU/Linux.
|
||||
|
||||
1. Run `./1_generateCA.sh` to generate a CA.
|
||||
2. Run `./2_generateServCert.sh` to generate a signed Server Certificate.
|
||||
3. Run `./3_generateClientCert.sh` to generate a signed Client Certificate.
|
||||
4. Move `ding_client`, `ding_client.cfg`, `ding_client.crt`, `ding_client.key` and `CA.crt` to the computer which should be able to send commands to the server.
|
||||
5. Do some configuration on the server and client (ding\_server.cfg, ding\_client.cfg).
|
||||
6. Start the server using `./ding_server`. You may want to put this in a tmux session ([Ctrl+B, D] ;) ).
|
||||
7. Try out the client using `./ding_client <command>`.
|
||||
* UNIX or GNU/Linux: Also move `ding_client.cfg` to that computer.
|
||||
* Windows: Also move `ding_client.win.cfg` to that computer.
|
||||
5. Do some configuration on the server and client (ding\_server.cfg, ding\_client.cfg or ding\_server.win.cfg, ding\_client.win.cfg on Windows).
|
||||
6. Start the server using `./ding_server` or `python .\ding_server` on Windows. (You may want to put this in a tmux session. [Ctrl+B, D] ;) ).
|
||||
7. Try out the client using `./ding_client <command>` òr `python .\ding_client <command>` on Windows.
|
||||
|
||||
## Optional: Cleartext password with timeout
|
||||
If you want to be sure that this power won't be abused by bad people using your computer, you may want to add a password (saved in cleartext).
|
||||
@ -29,9 +36,9 @@ The password will be sent inside the TLS connection.
|
||||
|
||||
To do so:
|
||||
|
||||
1. Open your `ding_server.cfg`.
|
||||
1. Open your `ding_server.cfg` or `ding_server.win.cfg`.
|
||||
2. Set `pw_on=true`.
|
||||
3. Set a password, like `password=abc def`.
|
||||
4. Set a password timeout: `pwtimeout=10` for 10 seconds.
|
||||
|
||||
If you have a password with special characters as in spaces and the like, you may want to use quotation marks around your password. `./ding_client "abc def"`.
|
||||
If you have a password with special characters as in spaces and the like, you may want to use quotation marks around your password. `./ding_client "abc def"` or `python .\ding_client "abc def"` on Windows.
|
||||
|
11
ding_client
11
ding_client
@ -3,15 +3,20 @@
|
||||
# Author: Bandie Canis
|
||||
# License: 2-Clause BSD License
|
||||
|
||||
import sys, ssl, socket
|
||||
import sys, ssl, socket, os
|
||||
import configparser
|
||||
|
||||
CONFIG = "ding_client.cfg"
|
||||
|
||||
global exitcode
|
||||
exitcode = 1
|
||||
|
||||
def readConfig():
|
||||
|
||||
if(os.name == 'nt'):
|
||||
CONFIG = "ding_client.win.cfg"
|
||||
else:
|
||||
CONFIG = "ding_client.cfg"
|
||||
|
||||
cfg = configparser.SafeConfigParser()
|
||||
try:
|
||||
cfg.read(CONFIG)
|
||||
@ -39,7 +44,7 @@ def send(conn, cmd):
|
||||
if(buf == b"OK CMD"):
|
||||
exitcode = 0
|
||||
elif(buf == b"ERR NO_CMD"):
|
||||
print("Error. Server said: The command doesn't exist/isn't set.", file=sys.stderr)
|
||||
print("Error. Server said: The command isn't set on the server.", file=sys.stderr)
|
||||
exitcode = 1
|
||||
elif(buf == b"ERR CMD_ERR"):
|
||||
print("Error. Server said: The command doesn't work because the file doesn't exist on the server.")
|
||||
|
10
ding_client.win.cfg
Normal file
10
ding_client.win.cfg
Normal file
@ -0,0 +1,10 @@
|
||||
[Client]
|
||||
host=192.168.1.137
|
||||
port=13573
|
||||
|
||||
|
||||
cafile=CA.crt
|
||||
#Client Certificate/key signed by the CA above
|
||||
certfile=ding_client.crt
|
||||
keyfile=ding_client.key
|
||||
|
@ -6,7 +6,6 @@
|
||||
import ssl, socket, subprocess, time, os
|
||||
import configparser
|
||||
|
||||
CONFIG = "ding_server.cfg"
|
||||
|
||||
def getTimestamp():
|
||||
t = "[" + time.strftime("%Y-%m-%d %H:%M:%S") + "]"
|
||||
@ -102,8 +101,13 @@ def main():
|
||||
|
||||
def init():
|
||||
|
||||
global host, port, cafile, certfile, keyfile, pw_on, password, pwtimeout, tmppw_on, context, bindsocket
|
||||
global CONFIG, host, port, cafile, certfile, keyfile, pw_on, password, pwtimeout, tmppw_on, context, bindsocket
|
||||
|
||||
if(os.name == 'nt'):
|
||||
CONFIG = "ding_server.win.cfg"
|
||||
else:
|
||||
CONFIG = "ding_server.cfg"
|
||||
|
||||
cfg = configparser.SafeConfigParser()
|
||||
cfg.read(CONFIG)
|
||||
|
||||
@ -153,6 +157,7 @@ def init():
|
||||
quit(1)
|
||||
|
||||
print("Running ding server on ", host, ":", port,
|
||||
"\nConfig: ", CONFIG,
|
||||
"\nCAFile: ", cafile,
|
||||
"\nCertfile: ", certfile,
|
||||
"\nKeyfile: ", keyfile,
|
||||
|
41
ding_server.win.cfg
Normal file
41
ding_server.win.cfg
Normal file
@ -0,0 +1,41 @@
|
||||
[Server]
|
||||
host=192.168.1.136
|
||||
port=13573
|
||||
|
||||
[Security]
|
||||
# Certificate of the OWN CA
|
||||
cafile=CA.crt
|
||||
|
||||
# Server's certificate [signed by the CA above]
|
||||
certfile=ding_server.crt
|
||||
|
||||
# Server's private key
|
||||
keyfile=ding_server.key
|
||||
|
||||
## Optional cleartext password
|
||||
# To unlock the commands you need to send the password before sending the command.
|
||||
# Example:
|
||||
# python .\ding_client "My password"
|
||||
# python .\ding_client lock
|
||||
|
||||
# Password on? (true/false)
|
||||
pw_on=false
|
||||
|
||||
# The password.
|
||||
# If you have a password with special characters as in spaces and the like, you may want to use quotation marks around your password: python .\ding_client "abc def"
|
||||
password=abc def
|
||||
|
||||
# Password timeout in seconds
|
||||
pwtimeout=10
|
||||
|
||||
|
||||
[Commands]
|
||||
# Syntax:
|
||||
# SERVER_COMMAND: Command --which --should_be --executed
|
||||
#
|
||||
# For cmd.exe:
|
||||
# a_cmd_command: C:\Windows\System32\cmd.exe /C <Your cmd commands here>
|
||||
#
|
||||
# For powershell:
|
||||
# a_ps_command: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <Powershell commands here>
|
||||
lock: C:\Windows\System32\rundll32.exe user32.dll,LockWorkStation
|
Loading…
Reference in New Issue
Block a user