RPort
Search…
RPort
RPort Knowledge Base
👀
WHAT IS RPORT
Features and benefits of RPort
🚀
GETTING STARTED
Install the RPort Server
Connecting Clients
Using the remote access
Renaming and tagging of clients
Organize clients with groups
Activate the vault
🗣️ NEED HELP?
Troubleshoot common problems
Request Support
🔦
DIGGING DEEPER
Using the API
RPort Technology Explained
Commands and Scripts
Executing commands
Executing scripts
Tacoscript
Client Configuration Options
Advanced client management
Updating RPort
Powered By GitBook
Executing commands
Execute command on a single client

Security notice

The execution of commands must be allowed in the rport client configuration file /etc/rport/rport.conf on Linux or C:\Program Files\rport\rport.conf on Windows.
You can create a list of allowed commands and a list of disallowed commands. This allows fine-grained filtering.
rport.conf
1
[remote-commands]
2
## Enable or disable execution of remote commands sent by server.
3
## Defaults: true
4
#enabled = true
5
6
## Allow commands matching the following regular expressions.
7
## The filter is applied to the command sent. Full path must be used.
8
## See {order} parameter for more details how it's applied together with {deny}.
9
## Defaults: ['^/usr/bin/.*','^/usr/local/bin/.*','^C:\\Windows\\System32\\.*']
10
#allow = ['^/usr/bin/.*','^/usr/local/bin/.*','^C:\\Windows\\System32\\.*']
Copied!
See all configuration options and more configuration examples.
Allowing remote command without restrictions makes the RPort server very powerful. Persons who have access to the RPort server API or the webinterface can take full controll over connected clients. 👉 It's highly recommended to use two-factor authentication.

Multiple commands

It is possible to execute multiple commands. On Windows, you must concatenate the commands with a single ampersand &. On Linux, you can use line breaks or the semicolon.
Execution of two command in a single run.
Bear in mind that the concatenation signs &, ; , \n must be allowed by the regular expression on the command restrictions.

👺Pitfalls

If you only want to allow a limited set of commands, pay special attention to the deny rules. Look at the following example.
rport.conf
1
allow = ['^systemctl (status|restart).*']
2
deny = []
3
order = ['allow','deny']
Copied!
These rules are leading to an unrestricted command execution because systemctl (status|restart) can be followed by any character. For example, systemctl status cron;poweroff is possible. If you want to allow just single command but with parameters, you must deny all characters that allow command concatenation.
rport.conf
1
deny = ['(\||<|>|;|,|\n|&)']
Copied!
Command concatenation rejected.

Windows PowerShell

Command are always executed on the cmd.exe shell of Windows. To execute a PowerShell command, you must prefix the command with powershell, for example, powershell "Get-Service spooler".
Executing powershell commands
If you only want to allow restarting any service via PowerShell change your configuration as follows.
1
allow = ['^powershell \"(Get|Restart)-Service .*\"']
2
deny = ['(\||<|>|;|,|\n|&)']
3
order = ['allow','deny']
Copied!
While the PowerShell is case insentive, the regular expression for the filtering are not. They are case sensitive and the commands must by typed in with the correct capitalization.
DIGGING DEEPER - Previous
Commands and Scripts
Next
Executing scripts
Last modified 29d ago
Export as PDF
Copy link
Contents
Security notice
Multiple commands
👺Pitfalls
Windows PowerShell