RPort
Search…
Script and command execution

Command execution

Enabling script and command execution is not global and it is not an either/or decision. You can control which commands are allowed and which are not on a fine-grained level. See the example below.
1
[remote-commands]
2
## Enable or disable execution of remote commands sent by server.
3
## Defaults: true
4
#enabled = true
5
​
6
## Limit the maximum length of the command output that is sent back to server.
7
## Applies to the stdout and stderr separately.
8
## If exceeded {send_back_limit} bytes are sent.
9
## Defaults: 2048
10
#send_back_limit = 2048
11
​
12
## Allow commands matching the following regular expressions.
13
## The filter is applied to the command sent. Full path must be used.
14
## See {order} parameter for more details how it's applied together with {deny}.
15
## Defaults: ['^/usr/bin/.*','^/usr/local/bin/.*','^C:\\Windows\\System32\\.*']
16
#allow = ['^/usr/bin/.*','^/usr/local/bin/.*','^C:\\Windows\\System32\\.*']
17
​
18
## Deny commands matching one of the following regular expressions.
19
## The filter is applied to the command sent. Full path must be used.
20
## See {order} parameter for more details how it's applied together with {allow}.
21
## With the below default filter only single commands are allowed.
22
## Defaults: ['(\||<|>|;|,|\n|&)']
23
#deny = ['(\||<|>|;|,|\n|&)']
24
​
25
## Order: ['allow','deny'] or ['deny','allow']. Order of which filter is applied first.
26
## Defaults: ['allow','deny']
27
##
28
## order: ['allow','deny']
29
## First, all allow directives are evaluated; at least one must match, or the command is rejected.
30
## Next, all deny directives are evaluated. If any matches, the command is rejected.
31
## Last, any commands which do not match an allow or a deny directive are denied by default.
32
## Example:
33
## allow: ['^/usr/bin/.*']
34
## deny: ['^/usr/bin/zip']
35
## All commands in /usr/bin except '/usr/bin/zip' can be executed. Full path must be used.
36
##
37
## order: ['deny','allow']
38
## First, all deny directives are evaluated; if any match,
39
## the command is denied UNLESS it also matches an allow directive.
40
## Any command which do not match any allow or deny directives are permitted.
41
## Example:
42
## deny: ['.*']
43
## allow: ['zip#x27;]
44
## All commands are denied except those ending in zip.
45
##
46
#order = ['allow','deny']
Copied!
Last modified 1mo ago
Export as PDF
Copy link