Development > Coding and development discussion
Running system commands from bot
Tomate:
Hey there!
I know this is HIGHLY unsafe and stuff, but I want to try it anyway:
Running bash-commands from Bot.
This is what I tried so far:
--- Code: ---<?php
/*
Versuch: system();-Kommandos via Bot
*/
$bash = new bash($bot);
/*
The Class itself...
*/
class bash Extends BaseActiveModule
{
var $bot;
var $bash;
var $returnstr;
/*
Constructor:
Hands over a referance to the "Bot" class.
*/
function __construct (&$bot)
{
parent::__construct(&$bot, get_class($this));
$this -> register_command("all", "bash", "SUPERADMIN");
$this -> help['description'] = 'linux bash';
$this -> help['command']['beer']="bash";
}
function command_handler($name, $msg, $origin)
{
$output = "";
if (preg_match("/^bash$/i", $msg, $info))
{
$output = $this -> get_bash($name);
}
return $output;
}
/*
This gets called on a msg in the guildchat with the command
*/
function irc($name, $msg)
{
$returnstr = $this -> get_bash($name);
$this -> bot -> send_gc($returnstr);
$this -> bot -> send_irc("", "", "3" . $returnstr);
}
/*
Build response
*/
function get_bash($name)
{
$returnstr = system($name);
return $this -> bot -> core("tools") -> make_blob("Output", $returnstr);
}
}
?>
--- End code ---
(Yes, I used !chuck as the base :D)
It seems to be working if I hardcode the command it is executing, however it doesn't accept any on-the-fly commands (am I correct in believing $name contains the commands given after !bash?).
What did I do wrong?
I'm kindof a PHP newbie, so please don't be too technical :)
Tyrence:
best way to find out would be to put an echo statement at the top of your get_bash() method:
--- Code: ---echo "$name\n";
--- End code ---
Tomate:
It doesn't output anything :( Any ideas?
Tomate:
Figured it out myself ;)
That's my code now:
--- Code: ---<?php
/*
Versuch: system();-Kommandos via Bot
*/
$bash = new bash($bot);
class bash Extends BaseActiveModule
{
var $bot;
var $bash;
var $returnstr;
function __construct (&$bot)
{
parent::__construct(&$bot, get_class($this));
$this -> register_command("all", "bash", "SUPERADMIN");
$this -> help['description'] = 'linux bash list';
$this -> help['command']['beer']="bash list";
}
function command_handler($name, $msg, $source)
{
$this->error->reset();
$args = $this->parse_com($msg, array('com','args'));
$retstr = system($args["args"]);
return $retstr;
}
}
?>
--- End code ---
However, it only displays ONE line of the sh output. Any ideas?
Thanks in advance
Getrix:
First, do not use wildcard commands. Predefine what commands you will allow to prevent exploite like "!shell rm -rf /*"
Second, use blob to return more then one line.
--- Quote ---$retstr = system("uptime");
return ($this -> bot -> core("tools") -> make_blob("Bash result", $retstr));
--- End quote ---
Navigation
[0] Message Index
[#] Next page
Go to full version