1745826 Members
3986 Online
108722 Solutions
New Discussion юеВ

Re: perl socket script

 
SOLVED
Go to solution
jerry1
Super Advisor

perl socket script

In these two examples below I have:
socket.server.perl
socket.client.perl

All it does is send a text string from
client to server and puts it in a file.
Can someone tell me how I can use this
example script to send and run a command on the
remote server instead of just sending the
string to a file on the remote server? See
code below. Is there is perl execute command
if recieved on the server side?

socket.client.perl
#!/usr/bin/perl
#===============================================
# Client -- using object interface
# Support Windows and UNIX
#===============================================
use IO::Socket;
my $sock = new IO::Socket::INET (
PeerAddr => '128.166.11.13',
PeerPort => '9999',
Proto => 'tcp',
);
die "Could not create socket: $!\n" unless $sock;
print $sock "Hi there!\n";
$sock->send("Hi again!\n");

close($sock);


socket.server.perl
#!/usr/bin/perl
#===============================================
# Server -- using object interface
# Support Windows and UNIX
#===============================================

#use Proc::Daemon;
use IO::Socket;
#Proc::Daemon::Init();

use POSIX qw(setsid);

sub daemonize {
die "Can't fork" unless defined (my $child = fork());
exit 0 if $child;
setsid();
open(STDIN, "open(STDOUT, ">/dev/null");
open(STDERR, ">&STDOUT");
chdir '/';
umask(0);
#$ENV{PATH} = '/bin:/sbin:/usr/bin:/usr/sbin';
return $$;
};

&daemonize;
while() {


6 REPLIES 6
A. Clay Stephenson
Acclaimed Contributor
Solution

Re: perl socket script

It looks like part of your server side got chopped off but anyway, it's rather simple. Perl has the system function so once you capture the socket's input, you can build up as complicated a command as you wish.

my $dir = '/etc';
my $cmd = sprintf("ls -l %s",$dir);
my $cc = system($cmd);

This is just to illustrate what is possible. I would be rather careful in how you craft this because this could be a huge security hole. Normally it's not a good idea to build a general purpose remote command executor like this because it would be rather easy to do something rm -r * from /. The safer approach is to build a server that can only perform very limited actions.


If it ain't broke, I can fix that.
jerry1
Super Advisor

Re: perl socket script

Sorry about that. Here is the script in it's
entirety.
It would be taylored to only execute one
command not an open perl script. Better
than having root .rhosts everywhere.
I think where it does the:

print F $Line;

at the bottom is where I could put some
kind of execute statement.
Take the string and run it not print it
to a file.



socket.client.perl
#!/usr/bin/perl
#===============================================
# Client -- using object interface
# Support Windows and UNIX
#===============================================
use IO::Socket;
my $sock = new IO::Socket::INET (
PeerAddr => '128.166.11.13',
PeerPort => '9999',
Proto => 'tcp',
);
die "Could not create socket: $!\n" unless $sock;
print $sock "Hi there!\n";
$sock->send("Hi again!\n");

close($sock);


socket.server.perl
#!/usr/bin/perl
#===============================================
# Server -- using object interface
# Support Windows and UNIX
#===============================================

#use Proc::Daemon;
use IO::Socket;
#Proc::Daemon::Init();

use POSIX qw(setsid);

sub daemonize {
die "Can't fork" unless defined (my $child = fork());
exit 0 if $child;
setsid();
open(STDIN, "open(STDOUT, ">/dev/null");
open(STDERR, ">&STDOUT");
chdir '/';
umask(0);
#$ENV{PATH} = '/bin:/sbin:/usr/bin:/usr/sbin';
return $$;
};

&daemonize;
while() {
my $new_sock = $sock->accept();

####################################
# Put a message to file. #
####################################

while(defined($Line = <$new_sock>)) {
open (F,"+>>/lhome/root/testfile.txt");
print F $Line;
close F;
};
close($sock);
}; #End of while cycle
A. Clay Stephenson
Acclaimed Contributor

Re: perl socket script

In that case, $Line has your input so you can use it to execute whatever you like.

Typically, your client should send a formatted request string of some type. I like to use to separate the fields and then your server responds each time it sees a new line of input.

If it ain't broke, I can fix that.
jerry1
Super Advisor

Re: perl socket script

I used your system($cmd) syntax and it works!

Thanks Clay. This solves many problems here.
No more .rhosts to remote shutdown dbs for
backups. No more buying expensive agents
to do remote shutdowns etc...

Now I have to have some kind of check on
the server side for valid commands.

I don't understand your tab format??
A. Clay Stephenson
Acclaimed Contributor

Re: perl socket script

All I am saying in that any client/server architecture, you must establish some sort of protocol.

Let's suppose that your server does 4 things:
1) lists files in a dedicated directories
2) removes 1 file
3) add's a line to an existing file
4) kill the server

Your create client requests that adhere to this, for example, you formant your protocol like this
request_codestring1string2

Now every line sent to the server expects these 3 arguments -- although some may simply be dummy args. Tabs are nice because unlike spaces or colons or commas they are not typically part of strings. Typically the request_code is something very easy to parse; e.g 1 - list; 2 - remove, 4 - kill,kill,kill

If you wanrt to see some examples of this along with a little explanation, go to www.sysadminmag.com and look under the April '03 issue. I wrote an article that used Perl a Perl client/server pair to implement multi-host semaphores. Their web page also has a source code link where you will find the client and server pieces.

If it ain't broke, I can fix that.
jerry1
Super Advisor

Re: perl socket script

Thanks Clay, I found your article. A bit
above me at this point.

For now though. I just wanted something
simple to get around the root .rhosts problem. I was thinking as a security measure
of passing a code to the server.pl but don't
know the perl syntax at this time.
Could you show me the simple syntax for
passing two args.

e.g.

From client.pl send:

1234 shutdown.sh

On server.pl check code then run command:

1234 shutdown.sh


On my client.perl I currently have:

print $sock "shutdown.sh"

On my server.perl I have:

while(defined($Line = <$new_sock>)) {
system($Line);
close($sock);
}; #End


I don't know how to separate the first arg
"1234" and test if it is a match before
running shutdown.sh. I assume this is what
you mean by tab delimits and I assume it
would be in your code I looked at on:
http://www.samag.com/documents/s=7898/sam0304a/0304a.htm