vB Telnet/ SSH Web Shell by Dr Erwin Loh version 1.0

This allows you Telnet/ SSH Shell access via your vB 3.x.x Admin CP.
This is very useful if you are somewhere where you cannot get Telnet or SSH shell access, or you are behind a firewall.

Disclaimer: The author does not take responsibility for any detriment that comes out of the use of this script. Use at your own risk!


Installation (full instructions in Install.txt in ZIP file):

1) Set a second layer of popup usernames and passwords for added security.
2) Upload "ssh.php" to your /admincp folder.

3) Make a link to the SSH shell in your Admin CP.

Finish!

Once this is installed, you can just click on the "vB SSH/ Telnet" link in your Admin CP on the left column underneath your "vBulletin Options" to access this.


Enjoy! :)

Dr. Erwin Loh

Excuse the profanity, but OMFG - what a treat it is to see you at work!

Thanks for this one!

Excellant !!!

Magnificant! ;)
I will install this asap.

But ... might this be a great security leak? Can you user "su" to becom root? :ninja:

Magnificant! ;)
I will install this asap.

But ... might this be a great security leak? Can you user "su" to becom root? :ninja:
If they know the su password, they don't need to login through the admincp first :D They can login remote anyway through different means.

Wow, great hack. How do you do it. I've been looking for this actually, since I'm behind a firewall.

Thanks a lot. :)

Can this be used outside of vB?

Erwin.. I have tried to use web based ssh clients before and have not been able to use them when I was behind a firewall.. Is all of the port 22 data handled by the admin CP from within the server, or is the browser from the client-side actually trying to connect to port 22??

Wow :)

You have so much time to release Hacks, you would have had enough time to stay here as admin ;)

it seems to log in as nobody on the server, is it possible to log in as my user?

I'm of course not allowed to run 'su'

Erwin.. I have tried to use web based ssh clients before and have not been able to use them when I was behind a firewall.. Is all of the port 22 data handled by the admin CP from within the server, or is the browser from the client-side actually trying to connect to port 22??
It uses port 80, http, not port 22. :) So it bypasses firewalls.

No, you can't su -.

At the moment, because apache/ httpd is usually owned by nobody, you log in as nobody. I can see if that can be bypassed, but then that would be a security issue.

@Xenon - these are just hacks I use on my site. Thought I would share. :)

Even so i miss you :p

hmm, can't you change your account so 'login as'
(i can't test it, as i don't think i should install this here ^^)

Warning: Cannot modify header information - headers already sent by (output started at /home/neocort2/public_html/admincp/ssh.php:1) in /home/neocort2/public_html/admincp/ssh.php on line 147

Warning: Cannot modify header information - headers already sent by (output started at /home/neocort2/public_html/admincp/ssh.php:1) in /home/neocort2/public_html/admincp/ssh.php on line 148


any ideas?

Why should we need one?
Any idea?

Why should we need one?
Any idea?
I use it from work, where I don't have SSH access because of the work's firewall. :)

Thanks for the Hack,

But I got this error:

Fatal error: Call to undefined function: proc_open() in /home/virtual/site9/fst/var/www/html/forums/admincp/ssh.php on line 127

anyone?

Thanks for the Hack,

But I got this error:

Fatal error: Call to undefined function: proc_open() in /home/virtual/site9/fst/var/www/html/forums/admincp/ssh.php on line 127

anyone?
What version php are you running?

Now only if this support VT100 emulation so I could watch TOP. :)

As the owner of my server I do wish I could do su so I could restart processes. Or at least I wish you could get a ssh login prompt so I can login with the user who I want to access various parts of my server. :)

Great work!

What version php are you running?

PHP Version 4.2.2

PHP Version 4.2.2
Mmm... not sure - I do suggest upgrading to 4.3.6 (even 4.3.7 is out).

Warning: Cannot modify header information - headers already sent by (output started at /home/neocort2/public_html/admincp/ssh.php:1) in /home/neocort2/public_html/admincp/ssh.php on line 147

Warning: Cannot modify header information - headers already sent by (output started at /home/neocort2/public_html/admincp/ssh.php:1) in /home/neocort2/public_html/admincp/ssh.php on line 148


any ideas?

bump. :)

bump. :)
Seriously, I have no idea why that's the case. :) Try removing the header references in ssh.php

Seriously, I have no idea why that's the case. :) Try removing the header references in ssh.php
I'll comment those out and let ya know. :)

hmm it seams i can not use this lovely script =( Mayby just a easy thing to fix.

Everytime i enter the name and pass in the popup window the popup windows cleares and i have to add it again. ??? i can not use this script yet =(
Anybody knows why this is the case ?

hmm it seams i can not use this lovely script =( Mayby just a easy thing to fix.

Everytime i enter the name and pass in the popup window the popup windows cleares and i have to add it again. ??? i can not use this script yet =(
Anybody knows why this is the case ?
Do you .htaccess protect your admin directory? If you do, then you can't use the popup password in this script - comment that section out in the php file.

I do not use htacces.
but im gonna try do that anyway.

I've installed it. I can't seem to make use of it due to the said issue of being logged in as 'nobody' and without a password. I get no prompt for a password.

I just installed your script, but it keeps asking for a user name /password again and again. I enter all three user names and passwords -- but still not luck.

i changed the passwords and still same error!

I tried in vbb 3.7.3 but the are errors :( Can you make update? thanks