Copyright (c).

Permission is granted to copy, distribute and/or modify this document

under the terms of the GNU Free Documentation License, Version 1.2

or any later version published by the Free Software Foundation;

with no Invariant Sections, no Front-Cover Texts, and no Back-Cover

Texts.  A copy of the license is included in the section entitled "GNU

Free Documentation License".

Contents

  1. Who is Steinbeck?
  2. What is Steinbeck?
  3. Motivation
  4. Features
  5. How it works?
  6. Usage and Configuration
  7. Troubleshooting
  8. Authors
  9. Credits

1. Who is Steinbeck

Obviously, this must be the first question (tough everybody, more or less, knows who he is). John Steinbeck was born in 1902 in Salinas, CA. He is one of the most influential American writers with Nobel Prize for Literature. Here is an informational line from nobelprize.org;

 "Steinbeck first became widely known with Tortilla Flat (1935), a series of humorous stories  about Monterey paisanos." That book is one of my favourites.

2. What is Steinbeck?

Steinbeck easifies a simple job in a secure way. It can be used to run shell scripts on a (linux)unix box with SSH server during which it can check on-going progress and grab the end result.

3. Motivation

Steinbeck may be used by system admins or security testers who have to deal with running scripts on (many) remote machines and/or getting results back.

4. Features

·         platform independence with java ;)

·         secure connection with ssh

·         multi-threading

·         result grabbing

·         progress updating

the last two features can be utilized with small changes in the scripts. read on.

5. How it works?

Steinbeck utilizes SSH for the underlying connection between client and server (box in which a script will be run). It uses jsch-0.1.20.jar, which is an open source pure java implementation of SSH2. For more information, see http://www.jcraft.com/jsch/.

6. Usage and Configuration

After running java -jar Steinbeckv1.1.jar users can form tuples each comprising a remote machine (with username -root-, password, IP, port) a script to run, remote working directory and local working directory.

After adding/editing tuples to the list, user can run all of the scripts simultenously and see them progressing (like Nessus) in case scripts are configured. It should be that simple. There is one thing that is kind of important with scripts to run. If user wants Steinbeck to show the on going progress of remotely running scripts on remote machines, then user has to make her script to create a "progress.txt" file, which should include a progress score between 0 and 100. Normally, script should create this file as the first thing in the current directory (i.e. "touch progress.txt"). Then once in a while, after reasonable calculations, script should update the internals of this file with a number. An example script may look like this;

    touch progress.txt

    sleep 5

    echo 10 > progress.txt

    sleep 5

    echo 20 > progress.txt

    sleep 5

    echo 30 > progress.txt

    sleep 10

    echo 90 > progress.txt

    sleep 5

    ls -al > results.txt

    echo 100 > progress.txt

As one can note from the end of the file, any results should be written into results.txt before progress becomes 100. No worries tough, when grabbed, this results.txt will be renamed as {REMOTE_IP}+results.txt on the local box in the working directory. So, if the user is running multiple scripts in a single remote machine he has to make sure that tuples point to different local working directories.

After configuration of scripts are handled, then in order to add|edit|remove any sessions user has to use Manage menu item. This should be straightforward. But one important thing to note is this, when user adds or edits a tuple, (and pressing Done button), a connection test will take place to remote box. Any errors (authentication, connection) can be tackled here.

User can start running scripts by using Run menu item, or by using the Start button. This will open another window having progress bars updating (if scripts are configured!). User can stop running sessions or when they are all done, a pop-up message will appear (Again this is possible if scripts are configured properly).

For a session, {IP+Username+Port+RemotePath+LocalPath} tuple is a key. So, as long as this tuple is unique, user can run a session and get response (results.txt that is).

7. Troubleshooting

7.1 Be sure that the items below are applied to SSH server configuration file (/etc/ssh/sshd_config);

 

  PasswordAuthentication Yes

  PermitRootLogin Yes (if connected as "root")

 

7.2 For some reason, when echo is used in the scripts (for other reasons than forming results.txt or progress.txt), program stops. So, don't use smt. like this in the scripts:

 

    ...

    echo "Hello there"

    ...

 

7.3 Try to use Sun's JRE although Steinbeck should run with any specification-compliant java runtime. But that is in theory, of course.

 

7.4 Scripts will not work on a Linux machine after they were generated on a Windows or a Macintosh box.

8. Authors

Developed by bedirhan urgun ([email protected])

9. Credits

Thanks to Omer Faruk Sen and EnderUNIX.