A better telnet URL handler

After I wrote yesterday’s post, Philip reminded me of the dangers of not validating your inputs. Here is a better telnet/ssh handler which checks the URL passed to it.

Update 2010-08-27: don’t use this script either! See my next post for a better one.

#!/usr/bin/perl
# parse URL
($protocol,$host) = split /:\/\//, $ARGV[0];
($host,$port) = split /:/, $host;

# validate input
if ( $protocol !~ /^(telnet|ssh)$/ || $host !~ /^[a-zA-Z0-9.-]+$/ || $port !~ /(^[a-zA-Z0-9_-]+$|^$)/ ) {
        warn "Invalid URL";
        exit 1;
}

# if SSH, add -p argument
if ( $protocol eq "ssh" && $port != '' ) { $port = "-p $port" ; }

# call terminal emulator
exec("konsole --hold -e $protocol $host $port");
exit;

This script only accepts telnet:// and ssh:// URLs, where the host is a valid domain name and the port is a valid port (including text aliases like “smtp” from /etc/services). It passes SSH port arguments correctly and tells Konsole to stay open after the session terminates.

You can download a more advanced form of this script here.

Tags: , ,

  1. Philip’s avatar

    I’m treating this as a game, so please don’t take this as anything but playful commentary.

    I think the script you posted still has one vulnerability: if $host is “-ntest”, and $port is “localhost”, the telnet case will overwrite the file “test” in the current directory, often the user’s home directory.

    so I’d check host and port for not starting with a “-“.

    Also, I think “:” is used in IPv6 IPs, which one might reasonably want to ssh to.

    I’d also suggest the reuse of $host is slightly confusing, and would suggest replacing the first instance with $authority (not a lovely term, but that’s what RFC3986 says).

    ($authority also includes the username, which might be good to add to ssh for those of us who didn’t get the entire internet to reserve our user name :) )

    Again, this is merely commentary, not criticism or a demand you fix your script right now. Definitely no offense intended.

    Reply

    1. tyler’s avatar

      Oh, it’s game on. :)

      Reply

    2. Sysgone’s avatar

      problem is when url are as: telnet://host:port/

      its remedium:
      # parse URL
      ($protocol,$host,$port) = ($ARGV[0] =~m|(.*)://([a-zA-Z0-9.-]*):([0-9]*)|);

      Reply

      1. Tyler Wagner’s avatar

        Thanks for the feedback, but you should see the last post in this series.

        Reply

      2. Ben L’s avatar

        Not working on most recent firefox (35.0.1) I get a page from firefox saying:
        “The address wasn’t understood

        Firefox doesn’t know how to open this address, because one of the following protocols (ssh) isn’t associated with any program or is not allowed in this context.

        You might need to install other software to open this address.”

        Reply

        1. Tyler Wagner’s avatar

          I haven’t used Firefox for over a year, nor telnet:// links. If you fix it, do let me know. Note that later versions of this post exist – just read the top.

          Reply

Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.