CBE - Controle by E-mail vr 1.1
w3b
created: 2006-03-20 00:04:54
perlmonks
prlmnks
CBE.pm 
package CBE;
use warnings;
use strict;
   
my $pop3 = 'pop3.server';
my $login = 'email@adress';
my $pass = 'password';
my $number = 'phone_number';

sub check {   

my $last;
    
if( -e 'num' ){
        open(NUM, "num"); 
        $last = int();
} else {
        open(NUM, ">>num");
        $last = '0';
}   
    
close NUM;

 my $pop = Net::POP3->new($pop3) || die("Can't connect");
        my $now = $pop->login($login, $pass) || die("Can't connect");

if ($last < $now){
        my $msg = $pop->get($now);
        my $auth;
        for my $line (@$msg){
                if( $line =~ /(<$number@(.*)>)$/ ){
                        $auth = '1';
                }
        }
         while( my $line = shift @$msg ) {
            last while $line =~ /^Status:/;
         }
         chomp(@$msg);

        my $string = @$msg[1];

        if(@$msg[1] =~ /=(.*)=/){
        my @arr=split(/=(.*)=/,$1);

if (system(`$arr[0]`)){
                     &log_save($arr[0],'yes');
                    } else {
                     &log_save($arr[0],'no');
                    }
        }
        }
open(WRI, ">num");
print WRI $now;
close WRI;

$pop->quit;
sleep 5;

}

sub log_save {

 my $log = shift;
 my $status = shift;
 open(LOG, '>>log.txt');

 print LOG "Command: $log\n";
 print LOG "Date: ".localtime()."\n";
 print LOG "Success: $status\n";
 print LOG "-----------\n";

 close LOG;

}
cbe.pl 
#!/usr/bin/perl
use warnings;
use strict;

use Net::POP3;
use CBE;

while(1){
CBE::check();
}
Re: CBE - Controle by E-mail vr 1.1
tirwhan
created: 2006-03-20 01:56:59
perlmonks
prlmnks

That's horribly insecure and allows anyone who finds out (or guesses) the recipient address and a valid phone number to run any command they like on your machine.

To do this at least somewhat securely you should encrypt your command with a private key unique to the sender and only execute if it can be decrypted with the public key stored on the recipient machine. Personally I'd still not use that and rather set up a system that performs specific actions only (instead of blindly executing any command it receives), but that's just me.


All dogma is stupid.
Re^2: CBE - Controle by E-mail vr 1.1
w3b
created: 2006-03-20 07:58:11
perlmonks
prlmnks
I think about this.... in next version you have to write password in subject, and then the commend will run. Thanks for suggestions
Re^3: CBE - Controle by E-mail vr 1.1
tirwhan
created: 2006-03-20 08:13:14
perlmonks
prlmnks

That's still no good. Email is cleartext and, unless you're using the SMTP server on the same host as the POP server, has to pass through multiple hosts over which you probably have no control. Anyone can read the cleartext password on the way, you need to use some form of encryption if you want to have a mechanism that's even borderline secure.


All dogma is stupid.
Re^4: CBE - Controle by E-mail vr 1.1
w3b
created: 2006-03-20 09:02:22
perlmonks
prlmnks
Yes it's true... hmmm next good sugestions =] i will remeber about it in next version... i will use ssl
Re: CBE - Controle by E-mail vr 1.1
salva
created: 2006-03-20 08:39:34
perlmonks
prlmnks
there is a version of PuTTY for Symbian, that lets you SSH to your boxes from your phone and run any command you want in a secure manner.
Re^2: CBE - Controle by E-mail vr 1.1
w3b
created: 2006-03-20 09:07:55
perlmonks
prlmnks
I have nokia 3100 :( i will look for it... Thanks for link:)

perlmonks.org content © perlmonks.org and salva, tirwhan, w3b

prlmnks.org © 2006 edmund von der burg (eccles & toad)

v 0.03