RE: Web shell? (I'm not asking for much...)

From: Jeff Barr (
Date: Fri Mar 02 2001 - 06:49:02 PST

This is what you are looking for:

It is a small CGI. There is no applet involved.

Note that this is from a different Rohit than the progenitor of this list.



>From the site:

Product Overview

CGI-Telnet is a CGI script that allows you to execute commands on your web
server. It is a useful tool if you don't have telnet access to your server.


Ease of use: CGI-Telnet has a user interface similar to a standard telnet
client and is therefore very easy to use. It provides command prompts
similar to the operating system that it is running on.

Compatibility: CGI-Telnet works on Unix and Windows NT. It has been tested
on Windows NT 4.0 running IIS, Linux and Solaris running Apache. It is
compatible with all browsers. It has been tested using Microsoft Internet
Explorer (Windows), Netscape (Windows), Netscape (Linux) and Lynx (Linux).

File Transfers: You can upload and download files from your server. All
files on the server can be downloaded as long as you have read permissions
on them. These include files that are normally not even visible to a FTP /etc/passwd/;-)

Minimal Configuration: The only configuration change that you need to make
is to change the password. If you running the script on Windows NT, you'll
need to make one more change to the script. See the Installation Section for
more details.

Command Timeouts: CGI-Telnet automatically times out all commands after a
specified duration. This is useful, for programs that hang or take very long
to execute like "find /". The timeout period can be changed or you can turn
this option off. See the installation section for more details. The timeout
period doesn't work if you're running the script on Windows NT.

Real-Time Output: Output is displayed as it is generated, so you don't have
to wait for a command to complete to see the result. This is useful for
commands like ping, tracert, traceroute, find, etc.

Change Directory: Directory information is maintained internally, so you
don't need to change the directory each time you run a command.

Security: A password is required to login. After you disconnect, you need to
login to run commands again. Even if a page has been cached by your browser,
you'll need to re-login before running commands. Closing the browser also
logs you out.

-----Original Message-----
From: Jeff Bone []
Sent: Thursday, March 01, 2001 12:50 PM
Subject: Web shell? (I'm not asking for much...)

Kragen's GIF-based chat thingie he posted about the other day has had
me thinking...

It's always been tres annoying to me that I have to have local
software installed to get (secure) access to a remote shell on some
server machine on which I've got an account. Neo-nazi firewall
admins, and all that, telnet regarded harmful, etc. Why shouldn't I
be able to access an interactive shell from any browser, interaction
tunneled over an HTTP connection and secured through i.e. SSL?
Wouldn't that be an acceptable alternative to i.e. SSH?

Anybody seen anything like that? Applet, GIF-based thingie,
whatever? Something I could huck up onto a Web server then go to
town? Surely this exists, surely somebody wrote something like this
way back in the dark ages of the Web.

Bueller? Bueller?

Pointers appreciated.


This archive was generated by hypermail 2b29 : Fri Apr 27 2001 - 23:13:16 PDT