Repository: esin/intheshell
Branch: master
Commit: 2ecdd7dd8e9b
Files: 8
Total size: 10.2 KB
Directory structure:
gitextract_r352l5_m/
├── .dockerignore
├── .gitignore
├── Dockerfile
├── README.md
├── build.sh
├── go.mod
├── intheshell.go
└── web/
└── index.html
================================================
FILE CONTENTS
================================================
================================================
FILE: .dockerignore
================================================
/web
.gitignore
README.md
build.sh
================================================
FILE: .gitignore
================================================
.idea
intheshell
web_deploy.sh
================================================
FILE: Dockerfile
================================================
FROM golang:1.19-buster as builder
WORKDIR /src
COPY intheshell.go /src/
RUN go build intheshell.go
FROM ubuntu:18.04
RUN apt-get update && apt-get install -y openssh-server && \
mkdir /var/run/sshd && chmod -x /etc/update-motd.d/* && \
useradd -m -s /usr/local/bin/intheshell ghost && \
/etc/init.d/ssh stop && \
sed -ri 's/ghost:(!)?:/ghost:U6aMy0wojraho:/' /etc/shadow && \
sed -ri 's/#Port 22/Port 22222/' /etc/ssh/sshd_config &&\
sed -ri 's/#PasswordAuthentication yes/PasswordAuthentication yes/' /etc/ssh/sshd_config &&\
sed -ri 's/#PermitEmptyPasswords no/PermitEmptyPasswords yes/' /etc/ssh/sshd_config &&\
sed -ri 's@Subsystem sftp /usr/lib/openssh/sftp-server@@' /etc/ssh/sshd_config && \
sed -ri 's/X11Forwarding no/X11Forwarding yes/' /etc/ssh/sshd_config && \
echo "AllowUsers ghost" >> /etc/ssh/sshd_config && \
echo "AllowTcpForwarding no" >> /etc/ssh/sshd_config && \
sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd && \
apt-get remove -y && apt-get autoclean -y
EXPOSE 22222
COPY --from=builder /src/intheshell /usr/local/bin/
CMD ["/usr/sbin/sshd", "-D"]
================================================
FILE: README.md
================================================
##### [UPD] 2018-12-01
It's a Docker time :)
Just use command
```sh
docker run -d --restart always --name intheshell -p 22:22222 es1n/intheshell
```
to run latest Docker image, boo! :ghost:
Don't forget, that image will bind 22 port (ssh), so change your host machine port to something else, 2222 for example
#### [Deprecated] Installation instruction
Upload _intheshell_ into /usr/local/bin/
Create user *ghost*
```sh
useradd -m -s /usr/local/bin/intheshell ghost
```
Remove password for _ghost_
```sh
sed -ri s/ghost:(!)?:/ghost:U6aMy0wojraho:/g /etc/shadow
```
Allow empty password in sshd and add allowed users (file /etc/ssh/sshd_config)
and some security changes
```sh
..........
PermitEmptyPasswords yes
PasswordAuthentication yes
..........
AllowUsers ghost
### Disable Subsystem
#Subsystem sftp /usr/lib/openssh/sftp-server
### X11 Forwarding
X11Forwarding no
# Adding chroot
Match User ghost
ChrootDirectory /chroot/ghost
AllowTcpForwarding no
..........
```
Adding chroot for user ghost
```sh
dir=/chroot/ghost
mkdir -p $dir
mkdir -p $dir/{dev,lib64,lib,bin,etc}
mkdir -p $dir/usr/local/bin
mknod -m 666 $dir/dev/null c 1 3
mknod -m 666 $dir/dev/tty c 5 0
mknod -m 666 $dir/dev/zero c 1 5
mknod -m 666 $dir/dev/random c 1 8
chown root:root $dir
chmod 0755 $dir
mkdir -p $dir/lib/x86_64-linux-gnu/
cp -v /lib/x86_64-linux-gnu/{libncurses.so.5,libtinfo.so.5,libdl.so.2,libc.so.6} $dir/lib/
cp -v /lib64/ld-linux-x86-64.so.2 $dir/lib64/
cat /etc/passwd | grep ghost > $dir/etc/passwd
touch $dir/etc/group
cp -av /bin/stty $dir/bin
cp -av /usr/local/bin/intheshell $dir/bin
cp -av /usr/local/bin/intheshell $dir/usr/local/bin
```
Disable motd and other stuff on ssh login (not so beautyfull)
```sh
chmod -x /etc/update-motd.d/*
```
Then restart sshd
```sh
/etc/init.d/ssh restart
```
================================================
FILE: build.sh
================================================
#!/bin/bash
dt=$(date +%y%m%d%H%M)
docker build --load -t es1n/intheshell:latest -t es1n/intheshell:$dt -f Dockerfile .
if [ $? -ne 0 ]; then
exit 1;
fi
docker push es1n/intheshell:$dt
docker push es1n/intheshell:latest
exit 0
================================================
FILE: go.mod
================================================
module theshell.xyz/ghost
go 1.19
================================================
FILE: intheshell.go
================================================
package main
import (
"os"
"os/exec"
"os/signal"
"strconv"
"strings"
"syscall"
"time"
)
// Constants
const (
OneMSec = 1000 * 1000 // One milliseond
OneSec = 1000 * 1000 * 100 // One second
TextSpeed = 50 // Text showing speed
)
var abortOp bool
// Return Ghost and his height
func getGhost() string {
ghost := ps1str() + " \n" +
ps1str() + Bold(" ___\n") +
ps1str() + Bold(" _/ @@\\\n") +
ps1str() + Bold(" ( \\ 0/__\n") +
ps1str() + Bold(" \\ \\__)\n") +
ps1str() + Bold(" / \\\n") +
ps1str() + Bold(" / \\\n") +
ps1str() + Bold(" ^^^^^^^^^\n") +
ps1str()
return ghost
}
// Show text from black to white
func textShowSlow(inString string) {
for i := 232; i <= 255; i++ {
if abortOp {
break
}
os.Stdout.Write([]byte("\033[38;5;" + strconv.Itoa(i) + "m" + Bold(inString) + "\033[0m\r"))
time.Sleep(OneMSec * TextSpeed)
os.Stdout.Sync()
}
}
// Show text from white to black
func textHideSlow(inString string) {
for i := 255; i >= 232; i-- {
if abortOp {
break
}
os.Stdout.Write([]byte("\033[38;5;" + strconv.Itoa(i) + "m" + Bold(inString) + "\033[0m\r"))
time.Sleep(OneMSec * TextSpeed)
os.Stdout.Sync()
}
}
// Clearing screen
func clearScreen() {
os.Stdout.Write([]byte("\033[H\033[2J"))
os.Stdout.Sync()
}
// Bold text
func Bold(inString string) string {
return "\033[1m" + inString + "\033[0m"
}
// Creating PS1
func ps1str() string {
return "ghost@shell:~$ "
}
// Show creds on exit
func showCreds() {
os.Stdout.Write([]byte("\n\n"))
os.Stdout.Write([]byte(centrifyText("Created")))
os.Stdout.Write([]byte("\n"))
os.Stdout.Write([]byte(centrifyText(" by")))
os.Stdout.Write([]byte("\n\n"))
os.Stdout.Write([]byte(Bold(centrifyText("Andrey Esin"))))
os.Stdout.Write([]byte("\n\n"))
os.Stdout.Write([]byte(centrifyText("[ https://hubzil.la/profile/andrey ] [ t.me/la_stik ] [ andrey@esin.email ]")))
os.Stdout.Write([]byte("\n\n"))
os.Stdout.Write([]byte(Bold(centrifyText("Sources"))))
os.Stdout.Write([]byte("\n"))
os.Stdout.Write([]byte(centrifyText("[ github.com/esin/intheshell ]")))
os.Stdout.Write([]byte("\n"))
os.Stdout.Sync()
time.Sleep(time.Second * 3)
}
// Get terminal count
func getTTYSize() (int, int) {
cmd := exec.Command("stty", "size")
cmd.Stdin = os.Stdin
out, err := cmd.Output()
//println(string(out))
if err != nil {
//log.Fatal(err)
appExit()
}
outStr := strings.Replace(string(out), "\n", "", -1)
cols, err := strconv.Atoi(strings.Split(outStr, " ")[1])
if err != nil {
//log.Fatal(err)
appExit()
}
rows, err := strconv.Atoi(strings.Split(outStr, " ")[0])
if err != nil {
//log.Fatal(err)
appExit()
}
return cols, rows
}
// Return string, which can be showed in horizontal center of terminal
func centrifyText(inText string) string {
cols, _ := getTTYSize()
resultString := ""
spacesCount := (cols / 2) - (len(inText) / 2)
for i := 0; i < spacesCount; i++ {
resultString = resultString + " "
}
resultString = resultString + inText
return resultString
}
// Right exiting from application
func appExit() {
abortOp = true
clearScreen()
showCreds()
os.Stdout.Write([]byte("\033[?25h"))
os.Exit(0)
}
func centerVertical() string {
_, rows := getTTYSize()
resultString := "\n"
for i := 0; i < rows/2; i++ {
resultString += "\n"
}
return resultString
}
func main() {
// Catch ctrl-c
c := make(chan os.Signal)
signal.Notify(c, os.Interrupt, syscall.SIGHUP, syscall.SIGINT, syscall.SIGTERM, syscall.SIGQUIT)
go func() {
<-c
appExit()
}()
// 2 minutes enough to see the "movie"
go func() {
time.Sleep(time.Second * 120)
appExit()
}()
abortOp = false
// Don't allow using scp, ssh with params and similar
args := os.Args
if len(args) > 1 {
os.Stdout.Write([]byte("Hey, just try:" + Bold(" ssh ghost@theshell.xyz")))
os.Stdout.Write([]byte("\n"))
os.Stdout.Write([]byte("\033[?25h"))
os.Exit(0)
}
clearScreen()
// Hide cursor
os.Stdout.Write([]byte("\033[?25l"))
//1 scene
//Andrey Esin
os.Stdout.Write([]byte(centerVertical()))
textShowSlow(centrifyText("Andrey Esin"))
time.Sleep(OneSec * 5)
textHideSlow(centrifyText("Andrey Esin"))
time.Sleep(OneSec * 1)
clearScreen()
// 2 scene
// PRESENTS
os.Stdout.Write([]byte(centerVertical()))
textShowSlow(centrifyText("PRESENTS"))
time.Sleep(OneSec * 5)
textHideSlow(centrifyText("PRESENTS"))
time.Sleep(OneSec * 1)
clearScreen()
// 3 scene
// GHOST IN THE SHELL (bash)
os.Stdout.Write([]byte(centerVertical()))
textShowSlow(centrifyText("GHOST IN THE SHELL (bash)"))
time.Sleep(OneSec * 5)
textHideSlow(centrifyText("GHOST IN THE SHELL (bash)"))
time.Sleep(OneSec * 1)
clearScreen()
cols, _ := getTTYSize()
ghost := getGhost()
spaces := " "
for i := 0; i < cols-15-len(ps1str()); i++ {
clearScreen()
spaces += " "
result := strings.Replace(ghost, ps1str(), ps1str()+spaces, -1)
//println(result)
os.Stdout.Write([]byte(result))
time.Sleep(OneMSec * 50)
os.Stdout.Sync()
}
clearScreen()
//GHOST IN THE SHELL (bash)
os.Stdout.Write([]byte(centerVertical()))
textShowSlow(centrifyText("THE END"))
time.Sleep(OneSec * 5)
textHideSlow(centrifyText("THE END"))
time.Sleep(OneSec * 1)
appExit()
}
================================================
FILE: web/index.html
================================================
GHOST IN THE SHELL | remake
GHOST IN THE SHELL
remake
open your terminal and type:
ssh ghost@theshell.xyz
*user ghost has an empty password