Code: Select all
#!/bin/ksh
# create a userid and set this script as its default shell
typeset -a commands
commands[0]="whoami"
commands[1]="pwd"
commands[2]="ls"
commands[3]="clear"
commands[4]="" # just enter pressed
export TERM=pccon0
trycmd()
{
# Provide an option to exit the shell
if [[ "$ln" == "exit" ]] || [[ "$ln" == "q" ]]
then
exit
fi
if [[ "$ln" == "help" ]]
then
echo "Type exit or q or quit or bye or logout ... to quit (ssh disconnect)."
echo "Commands you can use: "
echo " help"
echo "${commands[@]}" | tr ' ' '\n' | awk '{print " " $0}'
return
fi
for cmd in "${commands[@]}"
do
if [[ "$cmd" == "$ln" ]]
then
$ln
return
fi
done
# If get to here (not return'd) then no command was found
nf=`echo "$ln" | cut -d' ' -f1`
echo "$nf :not found"
}
while echo -n "> " && read ln
do
trycmd "$ln"
done
Mindful that a brute force attack could still try all userid and password combinations, I've extended the code to include a timing element as well. Enter a userid and type the password too soon ... or too late and that's invalid. You have to get each of userid, timing (within a certain range) and password all correct
The high level pseudo code code is simple :
read command
if the secret command (userid) still show the normal invalid command response
if a entry is made before the secret start time period then ignore it
if a entry is made during the secret time period then if its the valid 'password' invoke a standard shell
if a entry is made after the end of the secret time period then ignore it
Likely any brute force attack is more inclined to be automated, not pausing between trying a userid and password. And even if the brute force attempts are adjusted to include timings between userid and password then not only does that make attempts individually slower, but also adds in another whole layer of combinations to try.