# msrt **Repository Path**: mo-shan/msrt ## Basic Information - **Project Name**: msrt - **Description**: 基于linux平台(x86) 远程工具 - **Primary Language**: C - **License**: Not specified - **Default Branch**: master - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 1 - **Created**: 2020-09-01 - **Last Updated**: 2022-06-24 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README ### 工具介绍 - 基于linux C 的 sock编程开发的网络工具,客户端可以远程执行服务端的系统命令,适用于内网不能开通具有sudo权限的ssh场景。 - 在linux平台(x64) centos 6 测试通过 ### 安装教程 ``` moshan@ms-style git >> git clone https://gitee.com/mo-shan/msrt.git ``` ##### 1、目录结构 ``` moshan@ms-style git >> cd msrt moshan@ms-style msrt >> tree -L 2 . ├── build │ ├── msrt.o │ ├── my_check_comm.o │ ├── my_check_ip.o │ ├── my_client.o │ ├── my_create_dir.o │ ├── my_find_char.o │ ├── my_get_log_file.o │ ├── my_help.o │ ├── my_log.o │ ├── my_md5.o │ ├── my_read_conf.o │ ├── my_replace_str.o │ ├── my_server.o │ ├── my_split.o │ ├── my_strncpy.o │ └── my_system.o ├── head │ ├── default.h │ ├── log.h │ └── md5.h ├── Makefile ├── msrt ├── msrt.c └── src ├── my_check_comm.c ├── my_check_ip.c ├── my_client.c ├── my_create_dir.c ├── my_find_char.c ├── my_get_log_file.c ├── my_help.c ├── my_log.c ├── my_md5.c ├── my_read_conf.c ├── my_replace_str.c ├── my_server.c ├── my_split.c ├── my_strncpy.c └── my_system.c 3 directories, 37 files moshan@ms-style msrt >> ``` > clone后即可使用,也可自己修改重新编译。 > - 在msrt目录下执行make进行编译即可. > - 如果新增或者删除文件, 请根据实际情况对Makefile文件做修改. ``` moshan@ms-style msrt >> make 正在编译 : msrt.c --> build/msrt.o 正在编译 : src/my_check_comm.c --> build/my_check_comm.o 正在编译 : src/my_client.c --> build/my_client.o 正在编译 : src/my_find_char.c --> build/my_find_char.o 正在编译 : src/my_help.c --> build/my_help.o 正在编译 : src/my_md5.c --> build/my_md5.o 正在编译 : src/my_server.c --> build/my_server.o 正在编译 : src/my_strncpy.c --> build/my_strncpy.o 正在编译 : src/my_replace_str.c --> build/my_replace_str.o 正在编译 : src/my_check_ip.c --> build/my_check_ip.o 正在编译 : src/my_create_dir.c --> build/my_create_dir.o 正在编译 : src/my_get_log_file.c --> build/my_get_log_file.o 正在编译 : src/my_log.c --> build/my_log.o 正在编译 : src/my_read_conf.c --> build/my_read_conf.o 正在编译 : src/my_split.c --> build/my_split.o 正在编译 : src/my_system.c --> build/my_system.o 正在链接 : ./build/msrt.o ----------+ ./build/my_check_comm.o --------- | ./build/my_client.o --------- | ./build/my_find_char.o --------- | ./build/my_help.o --------- | ./build/my_md5.o --------- | ./build/my_server.o --------- | ./build/my_strncpy.o --------- | --> msrt ./build/my_replace_str.o --------- | ./build/my_check_ip.o --------- | ./build/my_create_dir.o --------- | ./build/my_get_log_file.o --------- | ./build/my_log.o --------- | ./build/my_read_conf.o --------- | ./build/my_split.o --------- | ./build/my_system.o ----------+ moshan@ms-style msrt >> ``` ##### 2、使用说明 ``` moshan@ms-style msrt >> ./msrt --help 参数介绍 : [Version : 1.0] -r | --role server|client [ 指定一个角色,以什么角色运行 ] -h | --host 192.168.1.1 [ 以client角色运行时,需要使用这个参数指定server端的ip ] -p | --port 9298 [ server角色表示监听哪个端口,client表示访问server端的哪个端口 ] -c | --comm 'shell command' [ shell命令,-r client才有效,建议用引号引起来 ] -hw | --host-white '192.168.1.1,192.168.1.0/24' [ 白名单,表示允许哪些地址访问,-r server才有效,建议用引号引起来 ] -hb | --host-black '192.168.1.1,192.168.0.0/16' [ 黑名单,表示不允许哪些地址访问,-r server才有效,建议用引号引起来 ] -cb | --comm-black 'rm,shutdown,reboot,init' [ 命令黑名单,不允许哪些命令执行,-r server才有效,建议用引号引起来 ] --pass 'password string' [ -r server指定了密码后, client连接的时候也要指定密码 ] --conf 'conf file path' [ 配置文件路径 ] --log 'log file path' [ 日志文件路径, 输出的日志都打入到这个文件 ] 注意 : 黑白名单中, 只要有一项满足拒绝访问就会拒绝. 1、使用了白名单, 但是client不在白名单中, 这会被拒绝访问 2、使用了黑名单, client在黑名单中, 这也会被拒绝访问 用例介绍 : server : ./msrt -r server -p 9298 -hw 192.168.1.100 -hb 192.168.1.200 --pass mypassword --log log_path client : ./msrt -r client -h 192.168.1.100 -p 9298 -c 'hostname' 配置文件 : host = 192.168.1.1 port = 9298 password = 123456 log = /var/log/msstyle.log host-white = 192.168.1.1,192.168.1.0/24,192.168.0.0/16 host-black = 192.168.1.1,192.168.1.0/24,192.168.0.0/16 comm-black = rm,shutdown,reboot,init,halt,init 如有其他疑问, 请联系: mo_shan@yeah.net moshan@ms-style msrt >> ``` ##### 3、测试用例 ##### (1)测试1 > server端启用无限制模式 - server端 ``` moshan@ms-style msrt >> ./msrt --role server --port 9298 [2020-09-01 10:05:54:497] [WARN] Version : 1.0 [2020-09-01 10:05:54:497] [INFO] SERVER --> Server started... [2020-09-01 10:05:54:497] [INFO] SERVER --> Listen port : 9298 [2020-09-01 10:06:26:967] [INFO] SERVER --> Server get connection from 192.168.1.11 [2020-09-01 10:06:26:969] [INFO] SERVER --> [ cmd : hostname ] Command executed successfully! [2020-09-01 10:06:26:969] [INFO] SERVER --> Disconnect from 192.168.1.11 [2020-09-01 10:06:33:054] [INFO] SERVER --> Server get connection from 192.168.1.11 [2020-09-01 10:06:33:074] [INFO] SERVER --> [ cmd : ip a ] Command executed successfully! [2020-09-01 10:06:33:074] [INFO] SERVER --> Disconnect from 192.168.1.11 [2020-09-01 10:06:38:925] [INFO] SERVER --> Server get connection from 192.168.1.11 [2020-09-01 10:06:38:952] [INFO] SERVER --> [ cmd : date ] Command executed successfully! [2020-09-01 10:06:38:952] [INFO] SERVER --> Disconnect from 192.168.1.11 [2020-09-01 10:06:43:723] [INFO] SERVER --> Server get connection from 192.168.1.11 [2020-09-01 10:06:43:762] [INFO] SERVER --> [ cmd : date ] Command executed successfully! [2020-09-01 10:06:43:762] [INFO] SERVER --> Disconnect from 192.168.1.11 ``` - client端 ``` moshan@ms-style msrt >> ./msrt -r client -h 192.168.1.10 -c "hostname" [2020-09-01 10:06:26:974] [WARN] Version : 1.0 ms-style moshan@ms-style msrt >> ./msrt -r client -h 192.168.1.10 [2020-09-01 10:06:31:355] [WARN] Version : 1.0 192.168.1.10:9298 shell > ip a 1: lo: mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo 2: eth0: mtu 1500 qdisc mq state UP qlen 1000 link/ether 38:bc:01:61:e8:6c brd ff:ff:ff:ff:ff:ff inet 192.168.1.10/26 brd 10.208.49.255 scope global eth0 3: eth1: mtu 1500 qdisc noop state DOWN qlen 1000 link/ether 38:bc:01:61:e8:6d brd ff:ff:ff:ff:ff:ff 192.168.1.10:9298 shell > date Tue Sep 1 10:06:43 CST 2020 192.168.1.10:9298 shell > ``` ##### (2)测试2 > server端启用命令ip黑名单 - server端 ``` #黑名单测试 moshan@ms-style msrt >> ./msrt --role server -cb echo,cat -hb 192.168.1.11 [2020-09-01 18:17:42:931] [WARN] Version : 1.0 [2020-09-01 18:17:42:931] [INFO] SERVER --> Server started... [2020-09-01 18:17:42:931] [INFO] SERVER --> Listen port : 9298 [2020-09-01 18:17:47:903] [ERROR] SERVER --> The server uses a host-black-list and the client address[192.168.1.11] is in the blacklist. #白名单测试 moshan@ms-style msrt >> ./msrt --role server -cb echo,cat -hw 192.168.1.12 [2020-09-01 18:18:34:844] [WARN] Version : 1.0 [2020-09-01 18:18:34:844] [INFO] SERVER --> Server started... [2020-09-01 18:18:34:844] [INFO] SERVER --> Listen port : 9298 [2020-09-01 18:18:37:545] [ERROR] SERVER --> The server uses a host-white-list and the address[192.168.1.11] is not in the whitelist ``` - client端 ``` #黑名单测试 moshan@ms-style msrt >> ./msrt -r client -h 192.168.1.10 -c "ls -l /root/install.log" [2020-09-01 18:17:47:904] [WARN] Version : 1.0 [2020-09-01 18:17:47:908] [WARN] CLIENT --> Access denied. [2020-09-01 18:17:47:908] [ERROR] CLIENT --> Failed to read message! You have new mail in /var/spool/mail/root moshan@ms-style msrt >> #白名单测试 moshan@ms-style msrt >> ./msrt -r client -h 192.168.1.10 -c "ls -l /root/install.log" [2020-09-01 18:18:37:547] [WARN] Version : 1.0 [2020-09-01 18:18:37:551] [WARN] CLIENT --> Access denied. [2020-09-01 18:18:37:551] [ERROR] CLIENT --> Failed to read message! moshan@ms-style msrt >> ``` > 注意: > - server端启用了黑名单,client的ip在黑名单中,client将无法连接到server。 > - server端启用了白名单,client的ip不在白名单中,client也无法连接到server。 ##### (3)测试3 > server端启用命令黑名单 - server端 ``` moshan@ms-style msrt >> ./msrt --role server -cb echo,cat [2020-09-01 18:07:55:024] [WARN] Version : 1.0 [2020-09-01 18:07:55:024] [INFO] SERVER --> Server started... [2020-09-01 18:07:55:024] [INFO] SERVER --> Listen port : 9298 [2020-09-01 18:08:00:272] [INFO] SERVER --> Server get connection from 192.168.1.11 [2020-09-01 18:08:00:273] [ERROR] GLOBAL --> 暂不支持 'echo' 的操作! [2020-09-01 18:08:12:370] [INFO] SERVER --> Server get connection from 192.168.1.11 [2020-09-01 18:08:12:370] [ERROR] GLOBAL --> 暂不支持 'cat' 的操作! [2020-09-01 18:08:19:980] [INFO] SERVER --> Server get connection from 192.168.1.11 [2020-09-01 18:08:19:985] [INFO] SERVER --> [ cmd : ls -l /root/install.log ] Command executed successfully! [2020-09-01 18:08:19:985] [INFO] SERVER --> Disconnect from 192.168.1.11 ``` - client端 ``` moshan@ms-style msrt >> ./msrt -r client -h 192.168.1.10 -c "echo 1" [2020-09-01 18:08:00:280] [WARN] Version : 1.0 [2020-09-01 18:08:00:284] [WARN] CLIENT --> This command is not supported!. moshan@ms-style msrt >> ./msrt -r client -h 192.168.1.10 -c "cat /root/install.log" [2020-09-01 18:08:12:377] [WARN] Version : 1.0 [2020-09-01 18:08:12:381] [WARN] CLIENT --> This command is not supported!. moshan@ms-style msrt >> ./msrt -r client -h 192.168.1.10 -c "ls -l /root/install.log" [2020-09-01 18:08:19:988] [WARN] Version : 1.0 -rw-r--r--. 1 root root 21102 Jun 13 2018 /root/install.log moshan@ms-style msrt >> ``` > 注意: > - server端启用命令黑名单,如果client发送的请求是黑名单里的命令将拒绝执行。