torjus/oubliette
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: capture SSH exec commands (PLAN.md 4.4)

Browse Source 
Bots often send commands via `ssh user@host <command>` (exec request)
rather than requesting an interactive shell. These were previously
rejected silently. Now exec commands are captured, stored on the session
record, and displayed in the web UI session detail page.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Torjus Håkestad
2026-02-15 17:43:11 +01:00
parent 3c20e854aa
commit 0133d956a5
14 changed files with 206 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
PLAN.md
View File

@@ -210,3 +210,6 @@ Many bots send a command directly via `ssh user@host <command>` (an SSH "exec" r
- Store the command on the session record before closing the channel
- Optionally return plausible fake output for common commands (e.g. `uname`, `id`, `cat /etc/passwd`) to encourage further interaction
- Surface exec commands in the web UI (session detail view)
#### 4.4.1 Fake Exec Output
Return plausible fake output for common exec commands (e.g. `uname`, `id`, `cat /etc/passwd`) to encourage bots to interact further. Implement after collecting data on what bots commonly try to run.