From 89928841bcf2c5809a2b387b158cbc0d816a26a7 Mon Sep 17 00:00:00 2001 From: Elizabeth Cray Date: Fri, 29 Sep 2023 02:15:06 -0400 Subject: [PATCH] Added display and API for SSH fingerprints --- .gitignore | 2 + auth/index.php | 27 ++++++--- composer.lock | 156 ++++++++++++++++++++++++------------------------ fingerprint.php | 3 + index.js | 127 +++++++++++++++++++++++++++------------ index.php | 14 ++++- keygen.js | 15 ++--- send.php | 21 ++++--- style.css | 37 +++++++++++- tools/mkuser | 3 +- 10 files changed, 257 insertions(+), 148 deletions(-) create mode 100644 fingerprint.php mode change 100644 => 100755 index.php mode change 100644 => 100755 send.php diff --git a/.gitignore b/.gitignore index b848d66..696344a 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,4 @@ vendor/ config.json +composer.phar +DOMAIN_OVERRIDE diff --git a/auth/index.php b/auth/index.php index 86b0c77..02ef7c4 100644 --- a/auth/index.php +++ b/auth/index.php @@ -18,6 +18,7 @@ if (isset($_REQUEST["act"])){ $MastCode = $_REQUEST["code"]; } ?> + HackersTown Server Access @@ -29,7 +30,7 @@ if (isset($_REQUEST["act"])){ - + @@ -44,11 +45,15 @@ if (isset($_REQUEST["act"])){
- + "; + }else{ + echo ""; + }?>
- oauth->key."&client_secret=".$config->oauth->secret."&scope=read:accounts&redirect_uri=".$reqirectUri; + $origin = "https://tty.hackers.town"; + if(file_exists("/var/www/usergen/DOMAIN_OVERRIDE")){ + $origin = str_replace("\n", "", file_get_contents("/var/www/usergen/DOMAIN_OVERRIDE")); + } + $redirectUri = $origin."/auth"; + $options = "grant_type=authorization_code&code=".$MastCode."&client_id=".$config->oauth->key."&client_secret=".$config->oauth->secret."&scope=read:accounts&redirect_uri=".$redirectUri; curl_setopt($request, CURLOPT_POSTFIELDS, $options); $response = curl_exec($request); curl_close($request); @@ -134,7 +143,7 @@ if (isset($_REQUEST["act"])){ }?>> - @@ -157,16 +166,18 @@ if (isset($_REQUEST["act"])){
-
+ +
View Source on Git
- \ No newline at end of file + diff --git a/composer.lock b/composer.lock index 9433036..06822fe 100644 --- a/composer.lock +++ b/composer.lock @@ -8,22 +8,22 @@ "packages": [ { "name": "guzzlehttp/guzzle", - "version": "7.4.2", + "version": "7.8.0", "source": { "type": "git", "url": "https://github.com/guzzle/guzzle.git", - "reference": "ac1ec1cd9b5624694c3a40be801d94137afb12b4" + "reference": "1110f66a6530a40fe7aea0378fe608ee2b2248f9" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/guzzle/guzzle/zipball/ac1ec1cd9b5624694c3a40be801d94137afb12b4", - "reference": "ac1ec1cd9b5624694c3a40be801d94137afb12b4", + "url": "https://api.github.com/repos/guzzle/guzzle/zipball/1110f66a6530a40fe7aea0378fe608ee2b2248f9", + "reference": "1110f66a6530a40fe7aea0378fe608ee2b2248f9", "shasum": "" }, "require": { "ext-json": "*", - "guzzlehttp/promises": "^1.5", - "guzzlehttp/psr7": "^1.8.3 || ^2.1", + "guzzlehttp/promises": "^1.5.3 || ^2.0.1", + "guzzlehttp/psr7": "^1.9.1 || ^2.5.1", "php": "^7.2.5 || ^8.0", "psr/http-client": "^1.0", "symfony/deprecation-contracts": "^2.2 || ^3.0" @@ -32,10 +32,11 @@ "psr/http-client-implementation": "1.0" }, "require-dev": { - "bamarni/composer-bin-plugin": "^1.4.1", + "bamarni/composer-bin-plugin": "^1.8.1", "ext-curl": "*", - "php-http/client-integration-tests": "^3.0", - "phpunit/phpunit": "^8.5.5 || ^9.3.5", + "php-http/client-integration-tests": "dev-master#2c025848417c1135031fdf9c728ee53d0a7ceaee as 3.0.999", + "php-http/message-factory": "^1.1", + "phpunit/phpunit": "^8.5.29 || ^9.5.23", "psr/log": "^1.1 || ^2.0 || ^3.0" }, "suggest": { @@ -45,8 +46,9 @@ }, "type": "library", "extra": { - "branch-alias": { - "dev-master": "7.4-dev" + "bamarni-bin": { + "bin-links": true, + "forward-command": false } }, "autoload": { @@ -112,7 +114,7 @@ ], "support": { "issues": "https://github.com/guzzle/guzzle/issues", - "source": "https://github.com/guzzle/guzzle/tree/7.4.2" + "source": "https://github.com/guzzle/guzzle/tree/7.8.0" }, "funding": [ { @@ -128,38 +130,37 @@ "type": "tidelift" } ], - "time": "2022-03-20T14:16:28+00:00" + "time": "2023-08-27T10:20:53+00:00" }, { "name": "guzzlehttp/promises", - "version": "1.5.1", + "version": "2.0.1", "source": { "type": "git", "url": "https://github.com/guzzle/promises.git", - "reference": "fe752aedc9fd8fcca3fe7ad05d419d32998a06da" + "reference": "111166291a0f8130081195ac4556a5587d7f1b5d" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/guzzle/promises/zipball/fe752aedc9fd8fcca3fe7ad05d419d32998a06da", - "reference": "fe752aedc9fd8fcca3fe7ad05d419d32998a06da", + "url": "https://api.github.com/repos/guzzle/promises/zipball/111166291a0f8130081195ac4556a5587d7f1b5d", + "reference": "111166291a0f8130081195ac4556a5587d7f1b5d", "shasum": "" }, "require": { - "php": ">=5.5" + "php": "^7.2.5 || ^8.0" }, "require-dev": { - "symfony/phpunit-bridge": "^4.4 || ^5.1" + "bamarni/composer-bin-plugin": "^1.8.1", + "phpunit/phpunit": "^8.5.29 || ^9.5.23" }, "type": "library", "extra": { - "branch-alias": { - "dev-master": "1.5-dev" + "bamarni-bin": { + "bin-links": true, + "forward-command": false } }, "autoload": { - "files": [ - "src/functions_include.php" - ], "psr-4": { "GuzzleHttp\\Promise\\": "src/" } @@ -196,7 +197,7 @@ ], "support": { "issues": "https://github.com/guzzle/promises/issues", - "source": "https://github.com/guzzle/promises/tree/1.5.1" + "source": "https://github.com/guzzle/promises/tree/2.0.1" }, "funding": [ { @@ -212,26 +213,26 @@ "type": "tidelift" } ], - "time": "2021-10-22T20:56:57+00:00" + "time": "2023-08-03T15:11:55+00:00" }, { "name": "guzzlehttp/psr7", - "version": "2.2.1", + "version": "2.6.1", "source": { "type": "git", "url": "https://github.com/guzzle/psr7.git", - "reference": "c94a94f120803a18554c1805ef2e539f8285f9a2" + "reference": "be45764272e8873c72dbe3d2edcfdfcc3bc9f727" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/guzzle/psr7/zipball/c94a94f120803a18554c1805ef2e539f8285f9a2", - "reference": "c94a94f120803a18554c1805ef2e539f8285f9a2", + "url": "https://api.github.com/repos/guzzle/psr7/zipball/be45764272e8873c72dbe3d2edcfdfcc3bc9f727", + "reference": "be45764272e8873c72dbe3d2edcfdfcc3bc9f727", "shasum": "" }, "require": { "php": "^7.2.5 || ^8.0", "psr/http-factory": "^1.0", - "psr/http-message": "^1.0", + "psr/http-message": "^1.1 || ^2.0", "ralouphie/getallheaders": "^3.0" }, "provide": { @@ -239,17 +240,18 @@ "psr/http-message-implementation": "1.0" }, "require-dev": { - "bamarni/composer-bin-plugin": "^1.4.1", + "bamarni/composer-bin-plugin": "^1.8.1", "http-interop/http-factory-tests": "^0.9", - "phpunit/phpunit": "^8.5.8 || ^9.3.10" + "phpunit/phpunit": "^8.5.29 || ^9.5.23" }, "suggest": { "laminas/laminas-httphandlerrunner": "Emit PSR-7 responses" }, "type": "library", "extra": { - "branch-alias": { - "dev-master": "2.2-dev" + "bamarni-bin": { + "bin-links": true, + "forward-command": false } }, "autoload": { @@ -311,7 +313,7 @@ ], "support": { "issues": "https://github.com/guzzle/psr7/issues", - "source": "https://github.com/guzzle/psr7/tree/2.2.1" + "source": "https://github.com/guzzle/psr7/tree/2.6.1" }, "funding": [ { @@ -327,20 +329,20 @@ "type": "tidelift" } ], - "time": "2022-03-20T21:55:58+00:00" + "time": "2023-08-27T10:13:57+00:00" }, { "name": "league/oauth2-client", - "version": "2.6.1", + "version": "2.7.0", "source": { "type": "git", "url": "https://github.com/thephpleague/oauth2-client.git", - "reference": "2334c249907190c132364f5dae0287ab8666aa19" + "reference": "160d6274b03562ebeb55ed18399281d8118b76c8" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/thephpleague/oauth2-client/zipball/2334c249907190c132364f5dae0287ab8666aa19", - "reference": "2334c249907190c132364f5dae0287ab8666aa19", + "url": "https://api.github.com/repos/thephpleague/oauth2-client/zipball/160d6274b03562ebeb55ed18399281d8118b76c8", + "reference": "160d6274b03562ebeb55ed18399281d8118b76c8", "shasum": "" }, "require": { @@ -395,9 +397,9 @@ ], "support": { "issues": "https://github.com/thephpleague/oauth2-client/issues", - "source": "https://github.com/thephpleague/oauth2-client/tree/2.6.1" + "source": "https://github.com/thephpleague/oauth2-client/tree/2.7.0" }, - "time": "2021-12-22T16:42:49+00:00" + "time": "2023-04-16T18:19:15+00:00" }, { "name": "lrf141/oauth2-mastodon", @@ -512,21 +514,21 @@ }, { "name": "psr/http-client", - "version": "1.0.1", + "version": "1.0.3", "source": { "type": "git", "url": "https://github.com/php-fig/http-client.git", - "reference": "2dfb5f6c5eff0e91e20e913f8c5452ed95b86621" + "reference": "bb5906edc1c324c9a05aa0873d40117941e5fa90" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/php-fig/http-client/zipball/2dfb5f6c5eff0e91e20e913f8c5452ed95b86621", - "reference": "2dfb5f6c5eff0e91e20e913f8c5452ed95b86621", + "url": "https://api.github.com/repos/php-fig/http-client/zipball/bb5906edc1c324c9a05aa0873d40117941e5fa90", + "reference": "bb5906edc1c324c9a05aa0873d40117941e5fa90", "shasum": "" }, "require": { "php": "^7.0 || ^8.0", - "psr/http-message": "^1.0" + "psr/http-message": "^1.0 || ^2.0" }, "type": "library", "extra": { @@ -546,7 +548,7 @@ "authors": [ { "name": "PHP-FIG", - "homepage": "http://www.php-fig.org/" + "homepage": "https://www.php-fig.org/" } ], "description": "Common interface for HTTP clients", @@ -558,27 +560,27 @@ "psr-18" ], "support": { - "source": "https://github.com/php-fig/http-client/tree/master" + "source": "https://github.com/php-fig/http-client" }, - "time": "2020-06-29T06:28:15+00:00" + "time": "2023-09-23T14:17:50+00:00" }, { "name": "psr/http-factory", - "version": "1.0.1", + "version": "1.0.2", "source": { "type": "git", "url": "https://github.com/php-fig/http-factory.git", - "reference": "12ac7fcd07e5b077433f5f2bee95b3a771bf61be" + "reference": "e616d01114759c4c489f93b099585439f795fe35" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/php-fig/http-factory/zipball/12ac7fcd07e5b077433f5f2bee95b3a771bf61be", - "reference": "12ac7fcd07e5b077433f5f2bee95b3a771bf61be", + "url": "https://api.github.com/repos/php-fig/http-factory/zipball/e616d01114759c4c489f93b099585439f795fe35", + "reference": "e616d01114759c4c489f93b099585439f795fe35", "shasum": "" }, "require": { "php": ">=7.0.0", - "psr/http-message": "^1.0" + "psr/http-message": "^1.0 || ^2.0" }, "type": "library", "extra": { @@ -598,7 +600,7 @@ "authors": [ { "name": "PHP-FIG", - "homepage": "http://www.php-fig.org/" + "homepage": "https://www.php-fig.org/" } ], "description": "Common interfaces for PSR-7 HTTP message factories", @@ -613,31 +615,31 @@ "response" ], "support": { - "source": "https://github.com/php-fig/http-factory/tree/master" + "source": "https://github.com/php-fig/http-factory/tree/1.0.2" }, - "time": "2019-04-30T12:38:16+00:00" + "time": "2023-04-10T20:10:41+00:00" }, { "name": "psr/http-message", - "version": "1.0.1", + "version": "2.0", "source": { "type": "git", "url": "https://github.com/php-fig/http-message.git", - "reference": "f6561bf28d520154e4b0ec72be95418abe6d9363" + "reference": "402d35bcb92c70c026d1a6a9883f06b2ead23d71" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/php-fig/http-message/zipball/f6561bf28d520154e4b0ec72be95418abe6d9363", - "reference": "f6561bf28d520154e4b0ec72be95418abe6d9363", + "url": "https://api.github.com/repos/php-fig/http-message/zipball/402d35bcb92c70c026d1a6a9883f06b2ead23d71", + "reference": "402d35bcb92c70c026d1a6a9883f06b2ead23d71", "shasum": "" }, "require": { - "php": ">=5.3.0" + "php": "^7.2 || ^8.0" }, "type": "library", "extra": { "branch-alias": { - "dev-master": "1.0.x-dev" + "dev-master": "2.0.x-dev" } }, "autoload": { @@ -652,7 +654,7 @@ "authors": [ { "name": "PHP-FIG", - "homepage": "http://www.php-fig.org/" + "homepage": "https://www.php-fig.org/" } ], "description": "Common interface for HTTP messages", @@ -666,9 +668,9 @@ "response" ], "support": { - "source": "https://github.com/php-fig/http-message/tree/master" + "source": "https://github.com/php-fig/http-message/tree/2.0" }, - "time": "2016-08-06T14:39:51+00:00" + "time": "2023-04-04T09:54:51+00:00" }, { "name": "ralouphie/getallheaders", @@ -716,25 +718,25 @@ }, { "name": "symfony/deprecation-contracts", - "version": "v3.0.1", + "version": "v3.3.0", "source": { "type": "git", "url": "https://github.com/symfony/deprecation-contracts.git", - "reference": "26954b3d62a6c5fd0ea8a2a00c0353a14978d05c" + "reference": "7c3aff79d10325257a001fcf92d991f24fc967cf" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/deprecation-contracts/zipball/26954b3d62a6c5fd0ea8a2a00c0353a14978d05c", - "reference": "26954b3d62a6c5fd0ea8a2a00c0353a14978d05c", + "url": "https://api.github.com/repos/symfony/deprecation-contracts/zipball/7c3aff79d10325257a001fcf92d991f24fc967cf", + "reference": "7c3aff79d10325257a001fcf92d991f24fc967cf", "shasum": "" }, "require": { - "php": ">=8.0.2" + "php": ">=8.1" }, "type": "library", "extra": { "branch-alias": { - "dev-main": "3.0-dev" + "dev-main": "3.4-dev" }, "thanks": { "name": "symfony/contracts", @@ -763,7 +765,7 @@ "description": "A generic function and convention to trigger deprecation notices", "homepage": "https://symfony.com", "support": { - "source": "https://github.com/symfony/deprecation-contracts/tree/v3.0.1" + "source": "https://github.com/symfony/deprecation-contracts/tree/v3.3.0" }, "funding": [ { @@ -779,7 +781,7 @@ "type": "tidelift" } ], - "time": "2022-01-02T09:55:41+00:00" + "time": "2023-05-23T14:45:45+00:00" } ], "packages-dev": [], @@ -790,5 +792,5 @@ "prefer-lowest": false, "platform": [], "platform-dev": [], - "plugin-api-version": "2.3.0" + "plugin-api-version": "2.6.0" } diff --git a/fingerprint.php b/fingerprint.php new file mode 100644 index 0000000..6483118 --- /dev/null +++ b/fingerprint.php @@ -0,0 +1,3 @@ +/dev/null | /usr/bin/ssh-keygen -lf -'); +?> diff --git a/index.js b/index.js index 69ed8b0..2696c26 100644 --- a/index.js +++ b/index.js @@ -1,5 +1,7 @@ var DEBUG = false; var isMobile = false; +var USE_ORIGIN = ""; +// TODO: Add check for DOMAIN_OVERRIDE const dbp = (msg) => { if(DEBUG){ @@ -35,7 +37,7 @@ const setCookie = (cname, cvalue, exdays) => { const d = new Date(); d.setTime(d.getTime() + (exdays*24*60*60*1000)); let expires = "expires="+ d.toUTCString(); - document.cookie = cname + "=" + cvalue + ";" + expires + ";path=/auth"; + document.cookie = cname + "=" + cvalue + ";" + expires + ";SameSite=Strict;path=/auth"; } const resizeText = ({ element, elements, minSize = 10, maxSize = 512, step = 1, unit = 'px' }) => { @@ -107,7 +109,7 @@ const sendSSH = (key, id, token) => { userId: id, authToken: token }; - $.post("https://tty.hackers.town/auth/setKey.php", payload, (response) => { + $.post(USE_ORIGIN+"/auth/setKey.php", payload, (response) => { dbp(response); if(response.status){ Swal.fire({ @@ -125,7 +127,7 @@ const sendSSH = (key, id, token) => { }).then(()=>{ window.location.reload(); }); - } + } }).fail((resp) => { dbp("Failed"); dbd(resp); @@ -141,6 +143,14 @@ const sendSSH = (key, id, token) => { const generateSSH = async (name, id, token) => { dbp("Generate Key"); + if (window.location.protocol === "http:") { + Swal.fire({ + ...SwalConfig, + title: "Error!", + text: "You must use HTTPS to generate keys." + }); + return; + } generateKeyPair("RSASSA-PKCS1-v1_5", 4096, "namehere") .then((keys) => { var KeyExport = new JSZip(); @@ -189,7 +199,7 @@ const uploadSSH = (id, token) => { reader.onerror = function (evt) { failMsg("Unable to load Keyfile"); } - + } } kf.click(); @@ -198,13 +208,13 @@ const uploadSSH = (id, token) => { const beginOauth = () => { dbp("Auth"); $.ajax({ - url: "https://tty.hackers.town/auth?act=id" + url: USE_ORIGIN+"/auth?act=id" }).then((data) => { dbd(data); if(data.id){ var redirect = "https://hackers.town/oauth/authorize?"+ "response_type=code&client_id="+data.id+"&redirect_uri="+ - "https://tty.hackers.town/auth&scope=read:accounts"; + USE_ORIGIN+"/auth&scope=read:accounts"; dbp(redirect); dbp(window.location.pathname); if(window.location.pathname.includes("auth")){ @@ -218,40 +228,79 @@ const beginOauth = () => { }); } +const displayFingerprints = () => { + // Get SSH Fingerprints and display them + $.get(USE_ORIGIN+"/fingerprint.php", (response) => { + dbp(response); + if (response) { + var html = "
"; + response.split("\n").forEach((line) => { + var parts = line.split(" "); + if(parts.length === 4){ + html += ""; + } + }); + html += "
BitsFingerprintAlgorithm
"+parts[0]+""+parts[1]+""+parts[3].replace("(", "").replace(")", "")+"
"; + Swal.fire({ + ...SwalConfig, + title: "SSH Fingerprints", + html: html + }); + } else { + Swal.fire({ + ...SwalConfig, + title: "Unable to Lookup SSH Fingerprints", + text: response.error + }); + } + }); +} + // On Page Load... $(() => { dbp("Begin Init Content"); - // Device Detection - if (/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|ipad|iris|kindle|Android|Silk|lge |maemo|midp|mmp|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows (ce|phone)|xda|xiino/i.test(navigator.userAgent) || - /1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-/i.test(navigator.userAgent.substr(0, 4))) { - isMobile = true; - } - // Adjust for Mobile - if(isMobile){ - dbp("Is Mobile 👍🏻"); - disableNonDesktopElements(); - } - // Auto Retry - var isRetry = false; - if(window.location.pathname.includes("auth")){ - var ErrorMsg = document.getElementById("ErrorResult"); - dbp(typeof ErrorMsg); - if(typeof ErrorMsg !== 'undefined' && ErrorMsg.innerText.includes("Retry")){ - dbp("attempt retry"); - isRetry = true; - beginOauth(); - } - } - // Console Welcome - if(!isRetry){ - console.log("%cWelcome Hacker!", "color: #ff0000; font-size: 7em; font-style: italic; font-family: 'Times New Roman', Times, serif;"); - } - // Enable Extra Debug Stuff - if(DEBUG){ - dbp("Debug Mode Enabled"); - $('.debug').each((i,e)=>{ - e.style.display = "unset"; - }); - } -}); \ No newline at end of file + // Override domain + $.get("/DOMAIN_OVERRIDE", function (data) { + if(data){ + USE_ORIGIN = data.replaceAll("\n", ""); + DEBUG = true; + }else{ + USE_ORIGIN = "https://tty.hackers.town"; + } + + // Device Detection + if (/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|ipad|iris|kindle|Android|Silk|lge |maemo|midp|mmp|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows (ce|phone)|xda|xiino/i.test(navigator.userAgent) || + /1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-/i.test(navigator.userAgent.substr(0, 4))) { + isMobile = true; + } + // Adjust for Mobile + if(isMobile){ + dbp("Is Mobile 👍🏻"); + disableNonDesktopElements(); + } + // Auto Retry + var isRetry = false; + if(window.location.pathname.includes("auth")){ + var ErrorMsg = document.getElementById("ErrorResult"); + dbp(typeof ErrorMsg); + if(typeof ErrorMsg !== 'undefined' && ErrorMsg.innerText.includes("Retry")){ + dbp("attempt retry"); + isRetry = true; + // beginOauth(); + } + } + // Console Welcome + if(!isRetry){ + console.log("%cWelcome Hacker!", "color: #ff0000; font-size: 7em; font-style: italic; font-family: 'Times New Roman', Times, serif;"); + } + + // Enable Extra Debug Stuff + if(DEBUG){ + dbp("Debug Mode Enabled"); + $('.debug').each((i,e)=>{ + e.style.display = "unset"; + }); + } + }) +}); diff --git a/index.php b/index.php old mode 100644 new mode 100755 index 41af70d..b4ac47d --- a/index.php +++ b/index.php @@ -1,3 +1,4 @@ + HackersTown Server Access @@ -8,6 +9,7 @@ + @@ -19,7 +21,11 @@
- + "; + }else{ + echo ""; + }?>
@@ -32,16 +38,18 @@
-
+ +
View Source on Git
- \ No newline at end of file + diff --git a/keygen.js b/keygen.js index bb927f4..249b25b 100644 --- a/keygen.js +++ b/keygen.js @@ -26,8 +26,7 @@ function arrayBufferToBase64(buffer) { } function generateKeyPair(alg, size, name) { - return window.crypto.subtle - .generateKey( + return window.crypto.subtle.generateKey( { name: "RSASSA-PKCS1-v1_5", modulusLength: 2048, // can be 1024, 2048, or 4096 @@ -36,17 +35,11 @@ function generateKeyPair(alg, size, name) { }, extractable, ["sign", "verify"] - ) - .then(key => { - const privateKey = window.crypto.subtle - .exportKey("jwk", key.privateKey) - .then(encodePrivateKey) - .then(wrap) - .then(rsaPrivateKey); - + ).then(key => { + const privateKey = window.crypto.subtle.exportKey("jwk", key.privateKey).then(encodePrivateKey).then(wrap).then(rsaPrivateKey); const publicKey = window.crypto.subtle.exportKey("jwk", key.publicKey).then(jwk => encodePublicKey(jwk, name)); return Promise.all([privateKey, publicKey]); }); } -// module.exports = { arrayBufferToBase64, generateKeyPair }; \ No newline at end of file +// module.exports = { arrayBufferToBase64, generateKeyPair }; diff --git a/send.php b/send.php old mode 100644 new mode 100755 index 28bca81..0dfac45 --- a/send.php +++ b/send.php @@ -8,10 +8,15 @@ $config = json_decode(file_get_contents("config.json", true)); session_start(); +$origin = "https://tty.hackers.town"; +if(file_exists("/var/www/usergen/DOMAIN_OVERRIDE")){ + $origin = str_replace("\n", "", file_get_contents("/var/www/usergen/DOMAIN_OVERRIDE")); +} + $provider = new Mastodon([ 'clientId' => $config.oauth.key, 'clientSecret' => $config.oauth.secret, - 'redirectUri' => 'https://tty.hackers.town/auth', + 'redirectUri' => $origin.'/auth', 'instance' => 'https://hackers.town', 'scope' => 'read:accounts', ]); @@ -37,17 +42,17 @@ if (!isset($_GET['code'])) { $token = $provider->getAccessToken('authorization_code', [ 'code' => $_GET['code'] ]); - + // Optional: Now you have a token you can look up a users profile data try { - + $user = $provider->getResourceOwner($token); - + echo $user->getName(); - + } catch(Exception $e) { - - + + exit('Oh dear...'); } @@ -55,4 +60,4 @@ if (!isset($_GET['code'])) { echo $token->getToken(); } -?> \ No newline at end of file +?> diff --git a/style.css b/style.css index a199815..04030ed 100644 --- a/style.css +++ b/style.css @@ -92,4 +92,39 @@ span { border-radius: 3px; padding: 8px; min-width: 100px; -} \ No newline at end of file +} + +.swal2-html-container .swal2-popup .swal2-modal .swal2-show { + background-color: #022601; +} + +.footerbutton { + background: none; + border: none; + color: inherit; +} + +td { + border: 1px solid #3a4c35; +} +td:first-child { + border-left: 2px solid #3a4c35; +} +.fingerprintTable { + width: 100%; + border-collapse: collapse; +} + +.fingerprintData { + font-size: x-small; + color: lightblue; + font-family: monospace; +} + +.fingerprintAlgo { + text-align: left; +} + +.fingerprintBit { + text-align: right; +} diff --git a/tools/mkuser b/tools/mkuser index acc74f4..ed56bf5 100755 --- a/tools/mkuser +++ b/tools/mkuser @@ -17,7 +17,7 @@ if [ "$EUID" -ne 0 ];then fi #echo $1 >> $LOGFILE -# If not exists, create new user with +# If not exists, create new user with if [[ "$1" =~ ^[a-zA-Z0-9][a-zA-Z0-9-]+$ ]]; then echo "Valid username: \"$1\"" >> $LOGFILE @@ -27,6 +27,7 @@ if [[ "$1" =~ ^[a-zA-Z0-9][a-zA-Z0-9-]+$ ]]; then # User Exists echo "\"$1\" Exists" >> $LOGFILE else + mkdir -p /htusers useradd -G webadd -m -b /htusers -s /usr/bin/bash --gid 1004 "$1" ln -s "/htusers/$1/public_gemini /var/gemini/$1" echo "Added \"$1\" to the system" >> $LOGFILE