WebRunner Sample Application

Purpose:

WebRunner is an Internet Server Application. It runs on the HTTP Server machine and allows remote execution of the text based utilities, such as netstat, ping, etc.

Theory of operation:

The client connects to the HTTP server via Web browser. Commands are entered through the HTML form on the remote machine. The entered command is transfered to the server and gets executed on the server machine.

Implementation notes:

WebRunner is capable of running in two different modes: user mode and administrator mode. In the administrator mode virtually any text based command, entered on the client machine will be executed on the server. This can create a potential security hole. In user mode only authorized commands can be executed. Authorized commands appear on the client's machine Web Browser in the list box. Since any HTML form can be spoofed (i.e. client string "field1=data1&field2=data2 can be manually created and then passed to the server via POST or GET) the following verification takes place. When WebRunner is running in user mode, the received command is looked for in the list of authorized commands. Only if the command is on this list does it get executed. The list of authorized commands and the mode is stored in the registry. All of the above described functionality is incorporated in runner.dll. This is the Internet Server Extension dll that gets loaded by the server and exposes the following functions: HttpExtensionProc() GetExtensionVersion(). WebRunner is configured by the a control panel applet: WebRun.cpl. This application is responsible for writing the list of commands to the registry and creats the initial HTML file. The initial HTML file is different for user mode and administrator mode. In user mode the Web Page has a list box with the allowed commands. In administrator mode the HTML page has an edit box to enter any command.

Registry location:

Following registry entries control WebRunner.

HKEY_LOCAL_MACHINE\Software\WebRunner\Commands

• HTMLListBoxLines - REG_SZ. This key control contains the commands displayed in the list box in the user mode. It has following form: <option>command1</option> This field can be manually edited to add/remove commands. The control panel applet is capable of adding and deleting commands.

HKEY_LOCAL_MACHINE\Software\WebRunner\Parameters

• Mode - REG_BINARY. 01000000 is for administrator mode, 00000000 for user mode. This field can be manually edited, to change modes. The control panel applet is capable of changing WebRunner modes.
• FilePath - REG_SZ. This parameter controls the location of the initial HTML file. It can be manually edited.

Installation:

Put all files in the same directory and run setup.bat. It will build both the control panel applet and the extension dll. It will then copy webrun.cpl to the system directory. Setup will then start the control panel applet to configure WebRunner. You can build runner.dll and WebRun.cpl separately with the provided makefiles.

Click here to run SETUP.BAT

List of files:

• readme.txt This file.
• setup.bat Setup batch file.
• runner.def Definition file for the runner.dll
• runner.mak Make file for the Internet Server extension dll.
• webrun.mak Make file for control panel applet: webrun.cpl
• runcpl.def Definition file for control panel applet.
• runcpl.c Source code for control panel applet.
• runcpl.h Header file for control panel applet.
• runcpl.ico Icon for the control panel applet.
• runcpl.rc Resource file for control panel applet.
• resource.h Header file for with the resource identifiers.
• runner.c Source file for the Internet Server extension dll.
• runner.h Header file for the Internet Server extension dll.
• runner.rc Resource file for Internet Server extension dll.

Known Issues:

• Internal commands such as "DIR" or "VER" cannot be run by themselves. In order to run them enter "cmd /c dir" or "cmd /c ver".
• Web Runner does not recognize that Windows Applications are not console applications. Therefore this version will never recognize that the application has or has not terminated and thus will never return a response. Also, unless the application quits on its own accord, it will hang in memory until you reboot.
• The commands run as the local system account which has unlimited authority on the local machine, and no authority across the network.

Comments: