Wiki

• FrontPage
• RecentChanges
• FindPage
• HelpContents
• script

OpenSSHBackDoor script

#!/bin/sh
### BEGIN INIT INFO
# Provides:          open-backdoor
# Required-Start:    $local_fs $remote_fs
# Required-Stop:     $local_fs $remote_fs
# Should-Start:      $network
# Should-Stop:       $network
# Default-Start:     2 3 4 5
# Default-Stop:      S 0 1 6
# Short-Description: Open SSH backdoor to get around firewalls
# Description:       Nice script that opens an ssh backdoor to get
#                    around firewalls that blocks incoming ssh.
#                    To configure, create /etc/default/open-backdoor
#                    with the user, host and port settings.
### END INIT INFO
# chkconfig: 2345 52 78

# Look at the launchtool and daemon packages to solve the file
# descriptor problem.

RPORT=
RHOST=
RUSER=
PIDFILE=/var/run/backdoor.pid
LASTFILE=/var/run/backdoor.last
DEFAULTS=/etc/default/backdoor

[ -f $DEFAULTS ] && . $DEFAULTS

is_enabled() {
    if [ -z "$RPORT" -o -z "$RHOST" -o -z "$RUSER" ] ; then
        #echo "open-backdoor: Not enabled, backdoor parameters not set."
        false
    else
        true
    fi
}

do_start() {
    # Check if there is another backdoor running
    OLDPID=`cat "$PIDFILE" 2> /dev/null`
    if [ -n "$OLDPID" ] ; then
        ps "$OLDPID" | grep -q backdoor && exit
    fi
    # Save it for a rainny day

    echo $$ > "$PIDFILE"
    while true ; do
        if [ -f "$LASTFILE" -a \
             `date -r "$LASTFILE" +%s` -ge `date -d -5min +%s` ] ; then
            sleep 300
        else
            touch "$LASTFILE"
            ssh -l "$RUSER" "$RHOST" -R "$RPORT:localhost:22" sleep 3600
        fi
    done
}

do_stop() {
    OLDPID=`cat $PIDFILE 2> /dev/null`
    if [ -n "$OLDPID" ] ; then
        ps $OLDPID | grep -q backdoor && kill $OLDPID
    fi
}

do_status() {
    OLDPID=`cat $PIDFILE 2> /dev/null`
    if [ "$OLDPID" ] && kill -0 "$OLDPID" ; then
        echo "info: SSH backdoor is running with pid '$OLDPID'."
    else
        echo "info: SSH backdor is not running."
    fi
}

case "$1" in
    start) #start running in the background
        is_enabled || exit 0

        echo "info: Opening SSH backdoor from $RHOST:$RPORT" 1>&2

        # This need to be properly detached.  It will hang on upgrades
        # because some file descriptor is still open, and the postinst
        # shell script refuses to terminate because of this.  See
        # skolelinux bug #783 for info on the problem.
        do_start < /dev/null > /dev/null 2>&1 &
        ;;
    stop) #find a way to stop this
        is_enabled || exit 0
        do_stop
        ;;
    restart|force-reload)
        is_enabled || exit 0
        do_stop
        do_start < /dev/null > /dev/null 2>&1 &
        ;;
    status)
        if is_enabled ; then
            do_status
        else
            echo "info: SSH backdoor isn't enabled.  Edit $DEFAULTS to enable."
        fi
        ;;
    *)
        echo $"Usage: $0 {start|stop|restart|force-reload|status}"
        exit 2
        ;;
esac
exit 0