ION_Archive/web-to-fish
1
0
Fork 0
mirror of https://github.com/ION606/web-to-fish.git synced 2026-05-14 18:36:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

migrated

Browse Source
This commit is contained in:
ION606
2024-12-15 11:36:16 -05:00
parent a518ec550e
commit 4e8a65fcb7
3 changed files with 1061 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files
main.js
+21 -22
View File
@@ -4,6 +4,7 @@ import { fileURLToPath } from 'url';
import session from 'express-session'; import session from 'express-session';
import expressWs from 'express-ws'; import expressWs from 'express-ws';
import { spawn } from 'node-pty'; import { spawn } from 'node-pty';
import linuxpam from 'node-linux-pam';
import json from './secrets/config.json' with { type: 'json' }; import json from './secrets/config.json' with { type: 'json' };
const __dirname = path.dirname(fileURLToPath(import.meta.url)), const __dirname = path.dirname(fileURLToPath(import.meta.url)),
@@ -43,41 +44,39 @@ app.get('/login', (req, res) => {
}); });
// process login app.post('/login', async (req, res) => {
app.post('/login', (req, res) => {
try { try {
const username = req.body.username; const username = req.body.username;
const password = req.body.password; const password = req.body.password;
if (!username) return res.sendStatus(404); // validate input
else if (!password) return res.sendStatus(401); if (!username) return res.status(400).send('Username is required');
if (!password) return res.status(400).send('Password is required');
const shell = spawn('su', [`${username}`], { // authenticate using PAM
cwd: process.env.HOME, linuxpam.pamAuthenticate({
env: process.env username,
}); password,
serviceName: 'login',
req.on('end', () => shell.kill()); }, (err, success) => {
console.log(err);
shell.onData((data) => { if (err.message.includes('User not known')) res.sendStatus(404);
if (data?.toLowerCase().trim() === 'password:') shell.write(password + '\n'); else if (err.message.includes('Authentication failure')) res.sendStatus(401);
else if (data.includes('does not exist')) res.sendStatus(404); else if (success) {
else if (data.includes('Authentication failure')) res.sendStatus(401);
else if (data.includes('Welcome to fish')) {
req.session.authenticated = true; req.session.authenticated = true;
res.redirect('/shell'); req.session.username = username;
shell.kill(); return res.redirect('/shell');
} }
else if (data.match(/\[\w+@\w+ \w+\]\$ ?/)) shell.write('fish\n'); else console.error("what?", err, success);
else console.error(`unknown terminal output:\n"${data}"`);
}); });
} } catch (err) {
catch (err) {
console.error(err); console.error(err);
res.status(500).send('Internal server error');
} }
}); });
// shell interface // shell interface
app.get('/shell', requireAuth, (req, res) => { app.get('/shell', requireAuth, (req, res) => {
res.sendFile('shell.html', { root: path.join(__dirname, 'HTML') }); res.sendFile('shell.html', { root: path.join(__dirname, 'HTML') });
package-lock.json
Generated
+1039
View File
File diff suppressed because it is too large Load Diff
package.json
+1
View File
@@ -14,6 +14,7 @@
"express": "^4.21.2", "express": "^4.21.2",
"express-session": "^1.18.1", "express-session": "^1.18.1",
"express-ws": "^5.0.2", "express-ws": "^5.0.2",
"node-linux-pam": "^0.2.1",
"node-pty": "^1.0.0" "node-pty": "^1.0.0"
}, },
"type": "module" "type": "module"