SSH Key Uploading
This commit is contained in:
parent
54c9523f22
commit
00d5256f43
@ -154,9 +154,11 @@ if (isset($_REQUEST["act"])){
|
|||||||
echo "hidden";
|
echo "hidden";
|
||||||
}?>>
|
}?>>
|
||||||
<button class="col keyButton" onclick="generateSSH('<?php echo $UserName; ?>', '<?php echo $UserId; ?>', '<?php echo $AuthToken; ?>')">Generate</button>
|
<button class="col keyButton" onclick="generateSSH('<?php echo $UserName; ?>', '<?php echo $UserId; ?>', '<?php echo $AuthToken; ?>')">Generate</button>
|
||||||
<button class="col keyButton" onclick="uploadSSH()">Upload</button>
|
<button class="col keyButton" onclick="uploadSSH('<?php echo $UserId; ?>', '<?php echo $AuthToken; ?>' )">Upload</button>
|
||||||
<button class="col keyButton" onclick="testSwal()">Test Popup</button>
|
<button class="col keyButton debug" onclick="testSwal()">Test Popup</button>
|
||||||
|
<form id="uploadForm" enctype="multipart/form-data">
|
||||||
<input id="keyfile" type="file" style="display: none;"/>
|
<input id="keyfile" type="file" style="display: none;"/>
|
||||||
|
</form>
|
||||||
</div>
|
</div>
|
||||||
<div class="row copyright">
|
<div class="row copyright">
|
||||||
<!-- TODO: Make this file PHP and make the canary dependent on /etc/ttyserver/canary -->
|
<!-- TODO: Make this file PHP and make the canary dependent on /etc/ttyserver/canary -->
|
||||||
|
@ -30,6 +30,10 @@ function validateUsername($username){
|
|||||||
return (preg_match("/^([a-zA-Z0-9_.]+)$/", $username) == 1);
|
return (preg_match("/^([a-zA-Z0-9_.]+)$/", $username) == 1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function validatePublicKey($key){
|
||||||
|
return (preg_match("/^(ssh-rsa AAAAB3NzaC1yc2|ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNT|ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzOD|ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1Mj|ssh-ed25519 AAAAC3NzaC1lZDI1NTE5|ssh-dss AAAAB3NzaC1kc3)[0-9A-Za-z+\/]+[=]{0,3}( .*)?$/", $key) == 1);
|
||||||
|
}
|
||||||
|
|
||||||
if (checkParameters(array("pubkey", "userId", "authToken"))){
|
if (checkParameters(array("pubkey", "userId", "authToken"))){
|
||||||
error("Missing parameters");
|
error("Missing parameters");
|
||||||
}
|
}
|
||||||
@ -38,6 +42,10 @@ $userToken = $_POST["authToken"];
|
|||||||
$userId = $_POST["userId"];
|
$userId = $_POST["userId"];
|
||||||
$pubkey = $_POST["pubkey"];
|
$pubkey = $_POST["pubkey"];
|
||||||
|
|
||||||
|
if(!validatePublicKey($pubkey)){
|
||||||
|
error("Invalid public key");
|
||||||
|
}
|
||||||
|
|
||||||
$request = curl_init();
|
$request = curl_init();
|
||||||
curl_setopt($request, CURLOPT_URL, "https://hackers.town/api/v1/accounts/verify_credentials");
|
curl_setopt($request, CURLOPT_URL, "https://hackers.town/api/v1/accounts/verify_credentials");
|
||||||
curl_setopt($request, CURLOPT_RETURNTRANSFER, 1);
|
curl_setopt($request, CURLOPT_RETURNTRANSFER, 1);
|
||||||
|
102
index.js
102
index.js
@ -1,5 +1,5 @@
|
|||||||
const DEBUG = false;
|
const DEBUG = true;
|
||||||
var isMobile = false; //initiate as false
|
var isMobile = false;
|
||||||
|
|
||||||
const dbp = (msg) => {
|
const dbp = (msg) => {
|
||||||
if(DEBUG){
|
if(DEBUG){
|
||||||
@ -7,9 +7,16 @@ const dbp = (msg) => {
|
|||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
const dbd = (msg) => {
|
||||||
|
if(DEBUG){
|
||||||
|
console.dir(msg);
|
||||||
|
}
|
||||||
|
};
|
||||||
|
|
||||||
const SwalConfig = {
|
const SwalConfig = {
|
||||||
color: "#79F257",
|
color: "#79F257",
|
||||||
background: "#022601",
|
background: "#022601",
|
||||||
|
buttonsStyling: false,
|
||||||
}
|
}
|
||||||
|
|
||||||
const isOverflown = ({ clientHeight, scrollHeight }) => scrollHeight > clientHeight
|
const isOverflown = ({ clientHeight, scrollHeight }) => scrollHeight > clientHeight
|
||||||
@ -24,21 +31,17 @@ const setCookie = (cname, cvalue, exdays) => {
|
|||||||
const resizeText = ({ element, elements, minSize = 10, maxSize = 512, step = 1, unit = 'px' }) => {
|
const resizeText = ({ element, elements, minSize = 10, maxSize = 512, step = 1, unit = 'px' }) => {
|
||||||
dbp("Resize");
|
dbp("Resize");
|
||||||
(elements || [element]).forEach(el => {
|
(elements || [element]).forEach(el => {
|
||||||
let i = minSize
|
let i = minSize;
|
||||||
let overflow = false
|
let overflow = false;
|
||||||
|
const parent = el.parentNode;
|
||||||
const parent = el.parentNode
|
|
||||||
|
|
||||||
while (!overflow && i < maxSize) {
|
while (!overflow && i < maxSize) {
|
||||||
el.style.fontSize = `${i}${unit}`
|
el.style.fontSize = `${i}${unit}`;
|
||||||
overflow = isOverflown(parent)
|
overflow = isOverflown(parent);
|
||||||
|
if (!overflow) i += step;
|
||||||
if (!overflow) i += step
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// revert to last state where no overflow happened
|
// revert to last state where no overflow happened
|
||||||
el.style.fontSize = `${i - step}${unit}`
|
el.style.fontSize = `${i - step}${unit}`;
|
||||||
})
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
const saveFile = (name, type, data) => {
|
const saveFile = (name, type, data) => {
|
||||||
@ -57,7 +60,6 @@ const saveFile = (name, type, data) => {
|
|||||||
const disableNonDesktopElements = () => {
|
const disableNonDesktopElements = () => {
|
||||||
var disableElements = document.getElementsByClassName("desktopOnly");
|
var disableElements = document.getElementsByClassName("desktopOnly");
|
||||||
for(var i=0; i< disableElements.length; i++){
|
for(var i=0; i< disableElements.length; i++){
|
||||||
// disableElements.item(i).style.display = "none";
|
|
||||||
var gutter = disableElements.item(i);
|
var gutter = disableElements.item(i);
|
||||||
gutter.classList.remove("col-4");
|
gutter.classList.remove("col-4");
|
||||||
gutter.classList.add("col-1");
|
gutter.classList.add("col-1");
|
||||||
@ -68,13 +70,11 @@ const disableNonDesktopElements = () => {
|
|||||||
content.classList.add("col-10");
|
content.classList.add("col-10");
|
||||||
var te = document.getElementById("resizer");
|
var te = document.getElementById("resizer");
|
||||||
window.fitText(te);
|
window.fitText(te);
|
||||||
|
|
||||||
var buttons = document.getElementsByClassName("keyButton");
|
var buttons = document.getElementsByClassName("keyButton");
|
||||||
for(var i=0; i<buttons.length; i++){
|
for(var i=0; i<buttons.length; i++){
|
||||||
var bttn = buttons.item(i);
|
var bttn = buttons.item(i);
|
||||||
bttn.style.height = "15vw";
|
bttn.style.height = "15vw";
|
||||||
}
|
}
|
||||||
// document.getElementById("bttn").style.height = "15vw";
|
|
||||||
}
|
}
|
||||||
|
|
||||||
const failMsg = (msg) => {
|
const failMsg = (msg) => {
|
||||||
@ -87,31 +87,23 @@ const failMsg = (msg) => {
|
|||||||
}, 1000);
|
}, 1000);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const validatePubKey = (key) => {
|
||||||
|
return /^(ssh-rsa AAAAB3NzaC1yc2|ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNT|ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzOD|ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1Mj|ssh-ed25519 AAAAC3NzaC1lZDI1NTE5|ssh-dss AAAAB3NzaC1kc3)[0-9A-Za-z+\/]+[=]{0,3}( .*)?$/.test(key);
|
||||||
|
}
|
||||||
|
|
||||||
const generateSSH = async (name, id, token) => {
|
const sendSSH = (key, id, token) => {
|
||||||
dbp("Generate Key");
|
|
||||||
// debugger;
|
|
||||||
generateKeyPair("RSASSA-PKCS1-v1_5", 4096, "namehere")
|
|
||||||
.then((keys) => {
|
|
||||||
var KeyExport = new JSZip();
|
|
||||||
KeyExport.file("HackersTownTTY-"+name, keys[0]);
|
|
||||||
KeyExport.file("HackersTownTTY-"+name+".pub", keys[1]);
|
|
||||||
KeyExport.generateAsync({type:"blob"})
|
|
||||||
.then((content) => {
|
|
||||||
saveFile("HackersTownTTY-"+name+".zip", "application/zip", content);
|
|
||||||
});
|
|
||||||
var payload = {
|
var payload = {
|
||||||
pubkey: keys[1],
|
pubkey: key,
|
||||||
userId: id,
|
userId: id,
|
||||||
authToken: token
|
authToken: token
|
||||||
};
|
};
|
||||||
$.post("https://tty.hackers.town/auth/setKey.php", payload, (response) => {
|
$.post("https://tty.hackers.town/auth/setKey.php", payload, (response) => {
|
||||||
dbp(response);
|
dbp(response);
|
||||||
// debugger;
|
|
||||||
if(response.status){
|
if(response.status){
|
||||||
Swal.fire({
|
Swal.fire({
|
||||||
...SwalConfig,
|
...SwalConfig,
|
||||||
title: "Success!",
|
title: "Success!",
|
||||||
|
text: "Your key has been uploaded to the server."
|
||||||
});
|
});
|
||||||
}else{
|
}else{
|
||||||
Swal.fire({
|
Swal.fire({
|
||||||
@ -123,10 +115,23 @@ const generateSSH = async (name, id, token) => {
|
|||||||
}).fail(() => {
|
}).fail(() => {
|
||||||
dbp("Failed");
|
dbp("Failed");
|
||||||
});
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
const generateSSH = async (name, id, token) => {
|
||||||
|
dbp("Generate Key");
|
||||||
|
generateKeyPair("RSASSA-PKCS1-v1_5", 4096, "namehere")
|
||||||
|
.then((keys) => {
|
||||||
|
var KeyExport = new JSZip();
|
||||||
|
KeyExport.file("HackersTownTTY-"+name, keys[0]);
|
||||||
|
KeyExport.file("HackersTownTTY-"+name+".pub", keys[1]);
|
||||||
|
KeyExport.generateAsync({type:"blob"})
|
||||||
|
.then((content) => {
|
||||||
|
saveFile("HackersTownTTY-"+name+".zip", "application/zip", content);
|
||||||
|
});
|
||||||
|
sendSSH(keys[1], id, token);
|
||||||
}).catch((err) => {
|
}).catch((err) => {
|
||||||
dbp(err);
|
dbp(err);
|
||||||
});
|
});
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
const testSwal = () => {
|
const testSwal = () => {
|
||||||
@ -136,18 +141,31 @@ const testSwal = () => {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
const uploadSSH = () => {
|
const uploadSSH = (id, token) => {
|
||||||
//request local file
|
//request local file
|
||||||
// $("#keyfiie").trigger("click");
|
|
||||||
var kf = document.getElementById("keyfile");
|
var kf = document.getElementById("keyfile");
|
||||||
kf.onchange = function(e) {
|
kf.onchange = function(e) {
|
||||||
// File selected
|
// File selected
|
||||||
|
var file = e.target.files[0];
|
||||||
|
if(file){
|
||||||
|
dbd(file);
|
||||||
|
var reader = new FileReader();
|
||||||
|
reader.readAsText(file, "UTF-8");
|
||||||
|
reader.onload = function (evt) {
|
||||||
|
var pubkey = evt.target.result;
|
||||||
|
if(validatePubKey(pubkey)){
|
||||||
|
sendSSH(pubkey, id, token);
|
||||||
|
}else{
|
||||||
|
failMsg("Invalid key");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
reader.onerror = function (evt) {
|
||||||
|
failMsg("Unable to load Keyfile");
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
}
|
||||||
kf.click();
|
kf.click();
|
||||||
dbp("Nextttt");
|
|
||||||
|
|
||||||
//upload file
|
|
||||||
}
|
}
|
||||||
|
|
||||||
const beginOauth = () => {
|
const beginOauth = () => {
|
||||||
@ -155,7 +173,7 @@ const beginOauth = () => {
|
|||||||
$.ajax({
|
$.ajax({
|
||||||
url: "https://tty.hackers.town/auth?act=id"
|
url: "https://tty.hackers.town/auth?act=id"
|
||||||
}).then((data) => {
|
}).then((data) => {
|
||||||
// console.table(data);
|
dbd(table);
|
||||||
if(data.id){
|
if(data.id){
|
||||||
var redirect = "https://hackers.town/oauth/authorize?"+
|
var redirect = "https://hackers.town/oauth/authorize?"+
|
||||||
"response_type=code&client_id="+data.id+"&redirect_uri="+
|
"response_type=code&client_id="+data.id+"&redirect_uri="+
|
||||||
@ -201,4 +219,12 @@ $(() => {
|
|||||||
if(!isRetry){
|
if(!isRetry){
|
||||||
console.log("%cWelcome Hacker!", "color: #ff0000; font-size: 7em; font-style: italic; font-family: 'Times New Roman', Times, serif;");
|
console.log("%cWelcome Hacker!", "color: #ff0000; font-size: 7em; font-style: italic; font-family: 'Times New Roman', Times, serif;");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Enable Extra Debug Stuff
|
||||||
|
if(DEBUG){
|
||||||
|
dbp("Debug Mode Enabled");
|
||||||
|
$('.debug').each((i,e)=>{
|
||||||
|
e.style.display = "unset";
|
||||||
|
});
|
||||||
|
}
|
||||||
});
|
});
|
13
style.css
13
style.css
@ -74,3 +74,16 @@ span {
|
|||||||
.swal2-modal {
|
.swal2-modal {
|
||||||
border: 2px solid #79F257;
|
border: 2px solid #79F257;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
.debug {
|
||||||
|
display: none;
|
||||||
|
}
|
||||||
|
|
||||||
|
.swal2-confirm, .swal2-deny, .swal2-cancel {
|
||||||
|
border: 1px solid #79F257;
|
||||||
|
background-color: #377326;
|
||||||
|
color: #79F257;
|
||||||
|
border-radius: 3px;
|
||||||
|
padding: 8px;
|
||||||
|
min-width: 100px;
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user