 The other day I posted a quick video showing a very simple web interface I made for setting commands through Busybox using HTTPD on Android. This is done by adding Busybox's HTTPD server, its web service, to the startup script so it's running as root, which means any CGI script, any shell script, or other type of script that I run through it will also run as root. And I threw a few examples, CGI scripts in here, and you know, a few of them are fine, you know, because they're just running one command. My CMD command right here is the main portion of it and still needs a lot of work because it's very insecure right now because basically, even though the web server is running on a loopback device and is password protected, meaning that you can only connect to it through the local host and you need a password, and it shouldn't be able to be sniffed because it's using a loopback device. Once you log in, any website you can go to can now issue commands to your device as root, which obviously is a bad idea. I'm going to implement some sort of key for that. But another option here, and I was going to originally do an interface like this because I wanted to do some stuff through the web browser. I thought it'd be easier to have a history going of commands on running and have different types of outputs in the web browser, but it's also nice to have a real shell. I normally use connect bot, but again, with the newer versions of Android, as far as I can tell, they've disabled the set UID so you can't issue, you know, have something run as root. Even as root, I can't seem to at this point, as far as my knowledge goes, I can't seem to remount the sys folder as root. But I can still do that obviously through Clockwork Mod, which is how I'm doing most of this. But something I did come up with just, you know, now, I had two scripts here to use if you're using a full version of Busybox, which did I, there's one up on GitHub already pre-compiled for, for Android. I might fork that out over to my project here just so it's all in one place. But once you have a full version of Busybox running, there's a copy of Telnet, a Telnet service in there, which obviously you can set up to do remote connections, which I have it set up so you can start it through this web interface by running this telnet.cgi, which basically just starts it up. I have it just set on, I just kind of picked a number 686 here for the port. And now this will automatically log in as root as no user name and password. So you probably don't want to do this unless you're on your network at home. You know that no one else is on your network and you kill the service when you're done. But I have it there because sometimes it's, it's, you want to work on it remotely, even though this is Telnet, it's unencrypted and there's no password. So probably wouldn't want to use this too much, you know, testing purposes only here. I did also put a second script called telnet.telnetd underscore localcgi, which basically the same thing but binds it to the local host, meaning you can only connect to it through the local device. So this will be if you have something like connectbot, which is the shell that I normally use on Android. As of right now, I can't get SU to run on it, but I can start this telnet and use busybox and connectbot to connect back into itself. And of course, if you're connected through USB, you can do this through an ADB shell as well. So let me give you an example here. I'm going to open up a shell and it's a little bit bigger. And I'm going to ADB shell, bringing it as sudo just because I don't have permissions to the device unless I do and I don't want to change the permissions on that. That's just the way I do it. Now if I take SU, you know, I don't have permission to do that, which actually I don't think I have an SU. I tried putting a binary on there and again, it didn't work like it used to. But if I was to on the device, I should have done this before I started the tutorial. Actually, did I already do it? I might have already done it. If I do busybox telnet and I do 127.0.0.1 and I set port 868, there we go. So once I start that service as route through my web interface, which still needs some work, but it's still relatively secure right now. I can go into my web browser, connect to my local host preferably in this case again, since there's some security issues, I would do it as a private incognito window, start the service and then kill the web browser, but the service should keep running and here we can then, you know, log in like so. So I am route now if I who am I, it's going to say user unknown, but you can see the UID is zero. So I am route. So there you go. This again is a loopback so I can only do it from local device. I'm doing it right now through USB, through the ADB shell, but I can also do it on the device as through the connect bot or some other shell. Now, if I was to exit out completely, if I was to end map and so now I'm on my desktop device and I end map that device, which is on the network at port 102, I'm sorry, IP 102. Now you can see port 8080 here is showing as open and that is actually the web browser, the busy box service I have running, but if I go to my web browser and I try to go to 192.168.1.102 at port 8080, it's going to say forbidden because it's only allowing loopback connections. So you can see there's a service running, but you're not able to connect to it. And even if you did, it's password protected, although it's not encrypted, but again, loopback device, so it does not matter. And but you'll notice that we don't see port 8080. I can even, you know, say look at I'm sorry, port 868. It's saying it's closed. But again, if I connect to the device through the shell, some, you know, on that device, I can then use busy box, telnet client to connect to the telnet server like a type, like so. And again, I have root through that. Again, there's no username password, but it can only be done through the local device. So it's basically no different than SU used to be. Actually, it might be slightly more secure, but just through obscurity, which isn't really good security. But before you had an SU service on there that you would run to run as root with no username passwords. And everyone knows you knew you did that unless you changed to something else. This is less likely, you know, for someone to notice if you got some sort of malware on your device, which hopefully you're smart enough not to let that happen. So again, still some security issues, you know, especially with the web interface here and the main, you know, command thing here. Because again, it's unlikely to happen. But if someone knew you were doing this or if a lot of people started doing it this way, websites could just set up a little JavaScript that's basically runs commands as root when you go to the website. So still very unsafe testing purposes. Now, if you do it, open your browser private incognito window, do what you need to do and then kill the browser because again, it's password protected. So that would prevent other websites from accessing it as long as you use a secure username password. But if you were to connect and then just start browsing the web after you type in username and password, you're giving every website the possibility of rooting your device, not rooting. It's already rooted, you know, anyway, so it's a work in progress coming along, definitely some stuff you might want to look at, but definitely some security issues we need to work on. And again, I have some ideas. I'm going to be busy over the next week. So I won't really be able to work on this much, but hopefully in the weeks to come, I plan initiating some sort of key that you can add to it for some sort of security. Anyway, this is an overview. Love you may not understand anything I said, but those some of you media, you know, more advanced, medium users, hopefully understood most of what I was talking about. Again, just an overview, keeping you up to date with what I'm working on. I thank you for watching. Please visit filmsbychris.com. That's Chris the K. There should be a link in the description. This all this code is up at GitHub. My username is middle X 1000. Right now the project's called Shell Web UI. So you can search my projects, my repositories there and have a look at that. And as always, I hope that you have a great day. Okay, this is an introduction to filmsbychris.com. I'm Chris. That's Chris the K. That's me right there. My daughter Ember and my wife, Jennifer. We pretty much live in the swamps of Florida. I'm a firefighter by day as well as by night. We work long hours, but that's not why you're here. You're here about the videos I put up on YouTube. These videos are mainly about computers and programming, which means most of my videos look something like this. And if that's what you're interested in, great. If not, that's all right. I do videos on other topics, too, such as video editing, special effects, photo editing, 3D design, and music creation. If you are one of my viewers and you enjoy my videos, my Patreon page is a place where you can go to help support my videos. So I ask that you take the time to go to my Patreon page and look at different levels of rewards you can receive for different levels of backing. There should be a link in the description of this video if you're watching it on YouTube. Otherwise, you can visit patreon.com forward slash metalx1000. And I thank you for your time and your support. Have a great day.