MonkeyShell: using XML-RPC for access to a remote shell

From: Abe Usher (securitylist_at_sharp-ideas.net)
Date: 10/11/04

  • Next message: Crist J. Clark: "Re: MonkeyShell: using XML-RPC for access to a remote shell" 
    Date: Sun, 10 Oct 2004 20:57:48 -0400
To: freebsd-security@freebsd.org

    Security pundits have been warning about the dangers implicit with Web
    services for years. A good starting point for understanding the security
    issues related to Web services can be found at:
    http://searchwebservices.techtarget.com/originalContent/0,289142,sid26_gci872720,00.html

    Of course to really understand the security risks posed by Web services,
    you need to understand the basics of Web services. Enter an application
    I wrote called "Monkey Shell."

    MonkeyShell is a simple open source Python application that uses
    extensible markup language remote procedure calls (XML-RPC) to execute
    commands through a remote system shell.

    I kept the code terse (less than 100 lines total) so that it can be
    studied easily. It is similar to netcat except instead of "shell
    shoveling" data through a raw TCP connection, it wraps data in XML and
    transports it over HTTP.

    MonkeyShell is freely available at:
    http://www.sharp-ideas.net/

    Cheers,
    Abe Usher, CISSP

    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

  • Next message: Crist J. Clark: "Re: MonkeyShell: using XML-RPC for access to a remote shell"

    Relevant Pages

    • MonkeyShell: using XML-RPC for access to a remote shell
      ... Security pundits have been warning about the dangers implicit with Web ... Of course to really understand the security risks posed by Web services, ... I wrote called "Monkey Shell." ... MonkeyShell is a simple open source Python application that uses ...
      (Pen-Test)
    • [fw-wiz] MonkeyShell: using XML-RPC for access to a remote shell
      ... Security pundits have been warning about the dangers implicit with Web ... Of course to really understand the security risks posed by Web services, ... I wrote called "Monkey Shell." ... MonkeyShell is a simple open source Python application that uses ...
      (Firewall-Wizards)
    • Microsoft .NET
      ... reading up various documents that discuss - "What is Microsoft .Net" ... I'm trying to write a paper on security and software development using ... utilize connected solutions using Web services, ... language, of course, but also: ...
      (microsoft.public.dotnet.general)
    • MonkeyShell: using XML-RPC for access to a remote shell
      ... Security pundits have been warning about the dangers implicit with Web ... Of course to really understand the security risks posed by Web services, ... I wrote called "Monkey Shell." ... MonkeyShell is a simple open source Python application that uses ...
      (NT-Bugtraq)
    • [Full-Disclosure] MonkeyShell: using XML-RPC for access to a remote shell
      ... Security pundits have been warning about the dangers implicit with Web ... Of course to really understand the security risks posed by Web services, ... I wrote called "Monkey Shell." ... MonkeyShell is a simple open source Python application that uses ...
      (Full-Disclosure)