Added display and API for SSH fingerprints

This commit is contained in:
Elizabeth Cray 2023-09-29 02:15:06 -04:00
parent 8649c75eac
commit 89928841bc
10 changed files with 257 additions and 148 deletions

2
.gitignore vendored
View File

@ -1,2 +1,4 @@
vendor/ vendor/
config.json config.json
composer.phar
DOMAIN_OVERRIDE

View File

@ -18,6 +18,7 @@ if (isset($_REQUEST["act"])){
$MastCode = $_REQUEST["code"]; $MastCode = $_REQUEST["code"];
} }
?> ?>
<!DOCTYPE html>
<HTML lang="en"> <HTML lang="en">
<Head> <Head>
<Title>HackersTown Server Access</Title> <Title>HackersTown Server Access</Title>
@ -29,7 +30,7 @@ if (isset($_REQUEST["act"])){
<script src="https://code.jquery.com/color/jquery.color.plus-names-2.1.2.min.js"></script> <script src="https://code.jquery.com/color/jquery.color.plus-names-2.1.2.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js" integrity="sha384-ka7Sk0Gln4gmtz2MlQnikT1wXgYsOg+OMhuP+IlRH9sENBO0LRn5q+8nbTov4+1p" crossorigin="anonymous"></script> <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js" integrity="sha384-ka7Sk0Gln4gmtz2MlQnikT1wXgYsOg+OMhuP+IlRH9sENBO0LRn5q+8nbTov4+1p" crossorigin="anonymous"></script>
<script src="https://cdn.jsdelivr.net/npm/jszip@3.9.1/dist/jszip.min.js" integrity="sha256-aSPPIlJfSHQ5T7wunbPcp7tM0rlq5dHoUGeN8O5odMg=" crossorigin="anonymous"></script> <script src="https://cdn.jsdelivr.net/npm/jszip@3.9.1/dist/jszip.min.js" integrity="sha256-aSPPIlJfSHQ5T7wunbPcp7tM0rlq5dHoUGeN8O5odMg=" crossorigin="anonymous"></script>
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11.4.10/dist/sweetalert2.all.min.js" integrity="sha256-YX0M+vWkN+Xjq3t0RBoP6rENNiYm4CN2k33WefMkn+E=" crossorigin="anonymous"></script> <script src="https://cdn.jsdelivr.net/npm/sweetalert2@11/dist/sweetalert2.all.min.js" crossorigin="anonymous"></script>
<script src="/base64url.js"></script> <script src="/base64url.js"></script>
<script src="/ssh-util.js"></script> <script src="/ssh-util.js"></script>
<script src="/keygen.js"></script> <script src="/keygen.js"></script>
@ -44,7 +45,11 @@ if (isset($_REQUEST["act"])){
<div class="desktopOnly col-4"></div> <div class="desktopOnly col-4"></div>
<div id="content" class="col-4 center"> <div id="content" class="col-4 center">
<div class="row"> <div class="row">
<a href="https://tty.hackers.town"> <?php if(file_exists("/var/www/usergen/DOMAIN_OVERRIDE")){
echo "<a href=\"".file_get_contents("/var/www/usergen/DOMAIN_OVERRIDE")."\">";
}else{
echo "<a href=\"https://tty.hackers.town\">";
}?>
<img src="/Assets/HTown.png" class="logo self-align-center mx-auto d-block" alt="Hacker Town logo in ASCII art. Rendered as image to force correct visualization."/> <img src="/Assets/HTown.png" class="logo self-align-center mx-auto d-block" alt="Hacker Town logo in ASCII art. Rendered as image to force correct visualization."/>
</a> </a>
</div> </div>
@ -58,8 +63,12 @@ if (isset($_REQUEST["act"])){
curl_setopt($request, CURLOPT_POST, 1); curl_setopt($request, CURLOPT_POST, 1);
curl_setopt($request, CURLOPT_URL, "https://hackers.town/oauth/token"); curl_setopt($request, CURLOPT_URL, "https://hackers.town/oauth/token");
curl_setopt($request, CURLOPT_RETURNTRANSFER, 1); curl_setopt($request, CURLOPT_RETURNTRANSFER, 1);
$reqirectUri = "https://tty.hackers.town/auth"; $origin = "https://tty.hackers.town";
$options = "grant_type=authorization_code&code=".$MastCode."&client_id=".$config->oauth->key."&client_secret=".$config->oauth->secret."&scope=read:accounts&redirect_uri=".$reqirectUri; if(file_exists("/var/www/usergen/DOMAIN_OVERRIDE")){
$origin = str_replace("\n", "", file_get_contents("/var/www/usergen/DOMAIN_OVERRIDE"));
}
$redirectUri = $origin."/auth";
$options = "grant_type=authorization_code&code=".$MastCode."&client_id=".$config->oauth->key."&client_secret=".$config->oauth->secret."&scope=read:accounts&redirect_uri=".$redirectUri;
curl_setopt($request, CURLOPT_POSTFIELDS, $options); curl_setopt($request, CURLOPT_POSTFIELDS, $options);
$response = curl_exec($request); $response = curl_exec($request);
curl_close($request); curl_close($request);
@ -163,6 +172,8 @@ if (isset($_REQUEST["act"])){
} }
?> ?>
<br> <br>
<button class="footerbutton" onclick="displayFingerprints()">SSH Fingerprints</button>
<br>
<a href="https://git.corrupt.link/liz/tilde-oauth">View Source on Git</a> <a href="https://git.corrupt.link/liz/tilde-oauth">View Source on Git</a>
</div> </div>
</div> </div>

156
composer.lock generated
View File

@ -8,22 +8,22 @@
"packages": [ "packages": [
{ {
"name": "guzzlehttp/guzzle", "name": "guzzlehttp/guzzle",
"version": "7.4.2", "version": "7.8.0",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/guzzle/guzzle.git", "url": "https://github.com/guzzle/guzzle.git",
"reference": "ac1ec1cd9b5624694c3a40be801d94137afb12b4" "reference": "1110f66a6530a40fe7aea0378fe608ee2b2248f9"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/guzzle/guzzle/zipball/ac1ec1cd9b5624694c3a40be801d94137afb12b4", "url": "https://api.github.com/repos/guzzle/guzzle/zipball/1110f66a6530a40fe7aea0378fe608ee2b2248f9",
"reference": "ac1ec1cd9b5624694c3a40be801d94137afb12b4", "reference": "1110f66a6530a40fe7aea0378fe608ee2b2248f9",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
"ext-json": "*", "ext-json": "*",
"guzzlehttp/promises": "^1.5", "guzzlehttp/promises": "^1.5.3 || ^2.0.1",
"guzzlehttp/psr7": "^1.8.3 || ^2.1", "guzzlehttp/psr7": "^1.9.1 || ^2.5.1",
"php": "^7.2.5 || ^8.0", "php": "^7.2.5 || ^8.0",
"psr/http-client": "^1.0", "psr/http-client": "^1.0",
"symfony/deprecation-contracts": "^2.2 || ^3.0" "symfony/deprecation-contracts": "^2.2 || ^3.0"
@ -32,10 +32,11 @@
"psr/http-client-implementation": "1.0" "psr/http-client-implementation": "1.0"
}, },
"require-dev": { "require-dev": {
"bamarni/composer-bin-plugin": "^1.4.1", "bamarni/composer-bin-plugin": "^1.8.1",
"ext-curl": "*", "ext-curl": "*",
"php-http/client-integration-tests": "^3.0", "php-http/client-integration-tests": "dev-master#2c025848417c1135031fdf9c728ee53d0a7ceaee as 3.0.999",
"phpunit/phpunit": "^8.5.5 || ^9.3.5", "php-http/message-factory": "^1.1",
"phpunit/phpunit": "^8.5.29 || ^9.5.23",
"psr/log": "^1.1 || ^2.0 || ^3.0" "psr/log": "^1.1 || ^2.0 || ^3.0"
}, },
"suggest": { "suggest": {
@ -45,8 +46,9 @@
}, },
"type": "library", "type": "library",
"extra": { "extra": {
"branch-alias": { "bamarni-bin": {
"dev-master": "7.4-dev" "bin-links": true,
"forward-command": false
} }
}, },
"autoload": { "autoload": {
@ -112,7 +114,7 @@
], ],
"support": { "support": {
"issues": "https://github.com/guzzle/guzzle/issues", "issues": "https://github.com/guzzle/guzzle/issues",
"source": "https://github.com/guzzle/guzzle/tree/7.4.2" "source": "https://github.com/guzzle/guzzle/tree/7.8.0"
}, },
"funding": [ "funding": [
{ {
@ -128,38 +130,37 @@
"type": "tidelift" "type": "tidelift"
} }
], ],
"time": "2022-03-20T14:16:28+00:00" "time": "2023-08-27T10:20:53+00:00"
}, },
{ {
"name": "guzzlehttp/promises", "name": "guzzlehttp/promises",
"version": "1.5.1", "version": "2.0.1",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/guzzle/promises.git", "url": "https://github.com/guzzle/promises.git",
"reference": "fe752aedc9fd8fcca3fe7ad05d419d32998a06da" "reference": "111166291a0f8130081195ac4556a5587d7f1b5d"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/guzzle/promises/zipball/fe752aedc9fd8fcca3fe7ad05d419d32998a06da", "url": "https://api.github.com/repos/guzzle/promises/zipball/111166291a0f8130081195ac4556a5587d7f1b5d",
"reference": "fe752aedc9fd8fcca3fe7ad05d419d32998a06da", "reference": "111166291a0f8130081195ac4556a5587d7f1b5d",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
"php": ">=5.5" "php": "^7.2.5 || ^8.0"
}, },
"require-dev": { "require-dev": {
"symfony/phpunit-bridge": "^4.4 || ^5.1" "bamarni/composer-bin-plugin": "^1.8.1",
"phpunit/phpunit": "^8.5.29 || ^9.5.23"
}, },
"type": "library", "type": "library",
"extra": { "extra": {
"branch-alias": { "bamarni-bin": {
"dev-master": "1.5-dev" "bin-links": true,
"forward-command": false
} }
}, },
"autoload": { "autoload": {
"files": [
"src/functions_include.php"
],
"psr-4": { "psr-4": {
"GuzzleHttp\\Promise\\": "src/" "GuzzleHttp\\Promise\\": "src/"
} }
@ -196,7 +197,7 @@
], ],
"support": { "support": {
"issues": "https://github.com/guzzle/promises/issues", "issues": "https://github.com/guzzle/promises/issues",
"source": "https://github.com/guzzle/promises/tree/1.5.1" "source": "https://github.com/guzzle/promises/tree/2.0.1"
}, },
"funding": [ "funding": [
{ {
@ -212,26 +213,26 @@
"type": "tidelift" "type": "tidelift"
} }
], ],
"time": "2021-10-22T20:56:57+00:00" "time": "2023-08-03T15:11:55+00:00"
}, },
{ {
"name": "guzzlehttp/psr7", "name": "guzzlehttp/psr7",
"version": "2.2.1", "version": "2.6.1",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/guzzle/psr7.git", "url": "https://github.com/guzzle/psr7.git",
"reference": "c94a94f120803a18554c1805ef2e539f8285f9a2" "reference": "be45764272e8873c72dbe3d2edcfdfcc3bc9f727"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/guzzle/psr7/zipball/c94a94f120803a18554c1805ef2e539f8285f9a2", "url": "https://api.github.com/repos/guzzle/psr7/zipball/be45764272e8873c72dbe3d2edcfdfcc3bc9f727",
"reference": "c94a94f120803a18554c1805ef2e539f8285f9a2", "reference": "be45764272e8873c72dbe3d2edcfdfcc3bc9f727",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
"php": "^7.2.5 || ^8.0", "php": "^7.2.5 || ^8.0",
"psr/http-factory": "^1.0", "psr/http-factory": "^1.0",
"psr/http-message": "^1.0", "psr/http-message": "^1.1 || ^2.0",
"ralouphie/getallheaders": "^3.0" "ralouphie/getallheaders": "^3.0"
}, },
"provide": { "provide": {
@ -239,17 +240,18 @@
"psr/http-message-implementation": "1.0" "psr/http-message-implementation": "1.0"
}, },
"require-dev": { "require-dev": {
"bamarni/composer-bin-plugin": "^1.4.1", "bamarni/composer-bin-plugin": "^1.8.1",
"http-interop/http-factory-tests": "^0.9", "http-interop/http-factory-tests": "^0.9",
"phpunit/phpunit": "^8.5.8 || ^9.3.10" "phpunit/phpunit": "^8.5.29 || ^9.5.23"
}, },
"suggest": { "suggest": {
"laminas/laminas-httphandlerrunner": "Emit PSR-7 responses" "laminas/laminas-httphandlerrunner": "Emit PSR-7 responses"
}, },
"type": "library", "type": "library",
"extra": { "extra": {
"branch-alias": { "bamarni-bin": {
"dev-master": "2.2-dev" "bin-links": true,
"forward-command": false
} }
}, },
"autoload": { "autoload": {
@ -311,7 +313,7 @@
], ],
"support": { "support": {
"issues": "https://github.com/guzzle/psr7/issues", "issues": "https://github.com/guzzle/psr7/issues",
"source": "https://github.com/guzzle/psr7/tree/2.2.1" "source": "https://github.com/guzzle/psr7/tree/2.6.1"
}, },
"funding": [ "funding": [
{ {
@ -327,20 +329,20 @@
"type": "tidelift" "type": "tidelift"
} }
], ],
"time": "2022-03-20T21:55:58+00:00" "time": "2023-08-27T10:13:57+00:00"
}, },
{ {
"name": "league/oauth2-client", "name": "league/oauth2-client",
"version": "2.6.1", "version": "2.7.0",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/thephpleague/oauth2-client.git", "url": "https://github.com/thephpleague/oauth2-client.git",
"reference": "2334c249907190c132364f5dae0287ab8666aa19" "reference": "160d6274b03562ebeb55ed18399281d8118b76c8"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/thephpleague/oauth2-client/zipball/2334c249907190c132364f5dae0287ab8666aa19", "url": "https://api.github.com/repos/thephpleague/oauth2-client/zipball/160d6274b03562ebeb55ed18399281d8118b76c8",
"reference": "2334c249907190c132364f5dae0287ab8666aa19", "reference": "160d6274b03562ebeb55ed18399281d8118b76c8",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
@ -395,9 +397,9 @@
], ],
"support": { "support": {
"issues": "https://github.com/thephpleague/oauth2-client/issues", "issues": "https://github.com/thephpleague/oauth2-client/issues",
"source": "https://github.com/thephpleague/oauth2-client/tree/2.6.1" "source": "https://github.com/thephpleague/oauth2-client/tree/2.7.0"
}, },
"time": "2021-12-22T16:42:49+00:00" "time": "2023-04-16T18:19:15+00:00"
}, },
{ {
"name": "lrf141/oauth2-mastodon", "name": "lrf141/oauth2-mastodon",
@ -512,21 +514,21 @@
}, },
{ {
"name": "psr/http-client", "name": "psr/http-client",
"version": "1.0.1", "version": "1.0.3",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/php-fig/http-client.git", "url": "https://github.com/php-fig/http-client.git",
"reference": "2dfb5f6c5eff0e91e20e913f8c5452ed95b86621" "reference": "bb5906edc1c324c9a05aa0873d40117941e5fa90"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/php-fig/http-client/zipball/2dfb5f6c5eff0e91e20e913f8c5452ed95b86621", "url": "https://api.github.com/repos/php-fig/http-client/zipball/bb5906edc1c324c9a05aa0873d40117941e5fa90",
"reference": "2dfb5f6c5eff0e91e20e913f8c5452ed95b86621", "reference": "bb5906edc1c324c9a05aa0873d40117941e5fa90",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
"php": "^7.0 || ^8.0", "php": "^7.0 || ^8.0",
"psr/http-message": "^1.0" "psr/http-message": "^1.0 || ^2.0"
}, },
"type": "library", "type": "library",
"extra": { "extra": {
@ -546,7 +548,7 @@
"authors": [ "authors": [
{ {
"name": "PHP-FIG", "name": "PHP-FIG",
"homepage": "http://www.php-fig.org/" "homepage": "https://www.php-fig.org/"
} }
], ],
"description": "Common interface for HTTP clients", "description": "Common interface for HTTP clients",
@ -558,27 +560,27 @@
"psr-18" "psr-18"
], ],
"support": { "support": {
"source": "https://github.com/php-fig/http-client/tree/master" "source": "https://github.com/php-fig/http-client"
}, },
"time": "2020-06-29T06:28:15+00:00" "time": "2023-09-23T14:17:50+00:00"
}, },
{ {
"name": "psr/http-factory", "name": "psr/http-factory",
"version": "1.0.1", "version": "1.0.2",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/php-fig/http-factory.git", "url": "https://github.com/php-fig/http-factory.git",
"reference": "12ac7fcd07e5b077433f5f2bee95b3a771bf61be" "reference": "e616d01114759c4c489f93b099585439f795fe35"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/php-fig/http-factory/zipball/12ac7fcd07e5b077433f5f2bee95b3a771bf61be", "url": "https://api.github.com/repos/php-fig/http-factory/zipball/e616d01114759c4c489f93b099585439f795fe35",
"reference": "12ac7fcd07e5b077433f5f2bee95b3a771bf61be", "reference": "e616d01114759c4c489f93b099585439f795fe35",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
"php": ">=7.0.0", "php": ">=7.0.0",
"psr/http-message": "^1.0" "psr/http-message": "^1.0 || ^2.0"
}, },
"type": "library", "type": "library",
"extra": { "extra": {
@ -598,7 +600,7 @@
"authors": [ "authors": [
{ {
"name": "PHP-FIG", "name": "PHP-FIG",
"homepage": "http://www.php-fig.org/" "homepage": "https://www.php-fig.org/"
} }
], ],
"description": "Common interfaces for PSR-7 HTTP message factories", "description": "Common interfaces for PSR-7 HTTP message factories",
@ -613,31 +615,31 @@
"response" "response"
], ],
"support": { "support": {
"source": "https://github.com/php-fig/http-factory/tree/master" "source": "https://github.com/php-fig/http-factory/tree/1.0.2"
}, },
"time": "2019-04-30T12:38:16+00:00" "time": "2023-04-10T20:10:41+00:00"
}, },
{ {
"name": "psr/http-message", "name": "psr/http-message",
"version": "1.0.1", "version": "2.0",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/php-fig/http-message.git", "url": "https://github.com/php-fig/http-message.git",
"reference": "f6561bf28d520154e4b0ec72be95418abe6d9363" "reference": "402d35bcb92c70c026d1a6a9883f06b2ead23d71"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/php-fig/http-message/zipball/f6561bf28d520154e4b0ec72be95418abe6d9363", "url": "https://api.github.com/repos/php-fig/http-message/zipball/402d35bcb92c70c026d1a6a9883f06b2ead23d71",
"reference": "f6561bf28d520154e4b0ec72be95418abe6d9363", "reference": "402d35bcb92c70c026d1a6a9883f06b2ead23d71",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
"php": ">=5.3.0" "php": "^7.2 || ^8.0"
}, },
"type": "library", "type": "library",
"extra": { "extra": {
"branch-alias": { "branch-alias": {
"dev-master": "1.0.x-dev" "dev-master": "2.0.x-dev"
} }
}, },
"autoload": { "autoload": {
@ -652,7 +654,7 @@
"authors": [ "authors": [
{ {
"name": "PHP-FIG", "name": "PHP-FIG",
"homepage": "http://www.php-fig.org/" "homepage": "https://www.php-fig.org/"
} }
], ],
"description": "Common interface for HTTP messages", "description": "Common interface for HTTP messages",
@ -666,9 +668,9 @@
"response" "response"
], ],
"support": { "support": {
"source": "https://github.com/php-fig/http-message/tree/master" "source": "https://github.com/php-fig/http-message/tree/2.0"
}, },
"time": "2016-08-06T14:39:51+00:00" "time": "2023-04-04T09:54:51+00:00"
}, },
{ {
"name": "ralouphie/getallheaders", "name": "ralouphie/getallheaders",
@ -716,25 +718,25 @@
}, },
{ {
"name": "symfony/deprecation-contracts", "name": "symfony/deprecation-contracts",
"version": "v3.0.1", "version": "v3.3.0",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/symfony/deprecation-contracts.git", "url": "https://github.com/symfony/deprecation-contracts.git",
"reference": "26954b3d62a6c5fd0ea8a2a00c0353a14978d05c" "reference": "7c3aff79d10325257a001fcf92d991f24fc967cf"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/symfony/deprecation-contracts/zipball/26954b3d62a6c5fd0ea8a2a00c0353a14978d05c", "url": "https://api.github.com/repos/symfony/deprecation-contracts/zipball/7c3aff79d10325257a001fcf92d991f24fc967cf",
"reference": "26954b3d62a6c5fd0ea8a2a00c0353a14978d05c", "reference": "7c3aff79d10325257a001fcf92d991f24fc967cf",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
"php": ">=8.0.2" "php": ">=8.1"
}, },
"type": "library", "type": "library",
"extra": { "extra": {
"branch-alias": { "branch-alias": {
"dev-main": "3.0-dev" "dev-main": "3.4-dev"
}, },
"thanks": { "thanks": {
"name": "symfony/contracts", "name": "symfony/contracts",
@ -763,7 +765,7 @@
"description": "A generic function and convention to trigger deprecation notices", "description": "A generic function and convention to trigger deprecation notices",
"homepage": "https://symfony.com", "homepage": "https://symfony.com",
"support": { "support": {
"source": "https://github.com/symfony/deprecation-contracts/tree/v3.0.1" "source": "https://github.com/symfony/deprecation-contracts/tree/v3.3.0"
}, },
"funding": [ "funding": [
{ {
@ -779,7 +781,7 @@
"type": "tidelift" "type": "tidelift"
} }
], ],
"time": "2022-01-02T09:55:41+00:00" "time": "2023-05-23T14:45:45+00:00"
} }
], ],
"packages-dev": [], "packages-dev": [],
@ -790,5 +792,5 @@
"prefer-lowest": false, "prefer-lowest": false,
"platform": [], "platform": [],
"platform-dev": [], "platform-dev": [],
"plugin-api-version": "2.3.0" "plugin-api-version": "2.6.0"
} }

3
fingerprint.php Normal file
View File

@ -0,0 +1,3 @@
<?php
echo shell_exec('/usr/bin/ssh-keyscan localhost 2>/dev/null | /usr/bin/ssh-keygen -lf -');
?>

121
index.js
View File

@ -1,5 +1,7 @@
var DEBUG = false; var DEBUG = false;
var isMobile = false; var isMobile = false;
var USE_ORIGIN = "";
// TODO: Add check for DOMAIN_OVERRIDE
const dbp = (msg) => { const dbp = (msg) => {
if(DEBUG){ if(DEBUG){
@ -35,7 +37,7 @@ const setCookie = (cname, cvalue, exdays) => {
const d = new Date(); const d = new Date();
d.setTime(d.getTime() + (exdays*24*60*60*1000)); d.setTime(d.getTime() + (exdays*24*60*60*1000));
let expires = "expires="+ d.toUTCString(); let expires = "expires="+ d.toUTCString();
document.cookie = cname + "=" + cvalue + ";" + expires + ";path=/auth"; document.cookie = cname + "=" + cvalue + ";" + expires + ";SameSite=Strict;path=/auth";
} }
const resizeText = ({ element, elements, minSize = 10, maxSize = 512, step = 1, unit = 'px' }) => { const resizeText = ({ element, elements, minSize = 10, maxSize = 512, step = 1, unit = 'px' }) => {
@ -107,7 +109,7 @@ const sendSSH = (key, id, token) => {
userId: id, userId: id,
authToken: token authToken: token
}; };
$.post("https://tty.hackers.town/auth/setKey.php", payload, (response) => { $.post(USE_ORIGIN+"/auth/setKey.php", payload, (response) => {
dbp(response); dbp(response);
if(response.status){ if(response.status){
Swal.fire({ Swal.fire({
@ -141,6 +143,14 @@ const sendSSH = (key, id, token) => {
const generateSSH = async (name, id, token) => { const generateSSH = async (name, id, token) => {
dbp("Generate Key"); dbp("Generate Key");
if (window.location.protocol === "http:") {
Swal.fire({
...SwalConfig,
title: "Error!",
text: "You must use HTTPS to generate keys."
});
return;
}
generateKeyPair("RSASSA-PKCS1-v1_5", 4096, "namehere") generateKeyPair("RSASSA-PKCS1-v1_5", 4096, "namehere")
.then((keys) => { .then((keys) => {
var KeyExport = new JSZip(); var KeyExport = new JSZip();
@ -198,13 +208,13 @@ const uploadSSH = (id, token) => {
const beginOauth = () => { const beginOauth = () => {
dbp("Auth"); dbp("Auth");
$.ajax({ $.ajax({
url: "https://tty.hackers.town/auth?act=id" url: USE_ORIGIN+"/auth?act=id"
}).then((data) => { }).then((data) => {
dbd(data); dbd(data);
if(data.id){ if(data.id){
var redirect = "https://hackers.town/oauth/authorize?"+ var redirect = "https://hackers.town/oauth/authorize?"+
"response_type=code&client_id="+data.id+"&redirect_uri="+ "response_type=code&client_id="+data.id+"&redirect_uri="+
"https://tty.hackers.town/auth&scope=read:accounts"; USE_ORIGIN+"/auth&scope=read:accounts";
dbp(redirect); dbp(redirect);
dbp(window.location.pathname); dbp(window.location.pathname);
if(window.location.pathname.includes("auth")){ if(window.location.pathname.includes("auth")){
@ -218,40 +228,79 @@ const beginOauth = () => {
}); });
} }
const displayFingerprints = () => {
// Get SSH Fingerprints and display them
$.get(USE_ORIGIN+"/fingerprint.php", (response) => {
dbp(response);
if (response) {
var html = "<div><table class=\"fingerprintTable\"><tr><th>Bits</th><th>Fingerprint</th><th class=\"text-start\">Algorithm</th></tr>";
response.split("\n").forEach((line) => {
var parts = line.split(" ");
if(parts.length === 4){
html += "<tr><td class=\"fingerprintBit\">"+parts[0]+"</td><td class=\"fingerprintData\">"+parts[1]+"</td><td class=\"fingerprintAlgo\">"+parts[3].replace("(", "").replace(")", "")+"</td></tr>";
}
});
html += "</table></div>";
Swal.fire({
...SwalConfig,
title: "SSH Fingerprints",
html: html
});
} else {
Swal.fire({
...SwalConfig,
title: "Unable to Lookup SSH Fingerprints",
text: response.error
});
}
});
}
// On Page Load... // On Page Load...
$(() => { $(() => {
dbp("Begin Init Content"); dbp("Begin Init Content");
// Device Detection
if (/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|ipad|iris|kindle|Android|Silk|lge |maemo|midp|mmp|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows (ce|phone)|xda|xiino/i.test(navigator.userAgent) ||
/1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-/i.test(navigator.userAgent.substr(0, 4))) {
isMobile = true;
}
// Adjust for Mobile
if(isMobile){
dbp("Is Mobile 👍🏻");
disableNonDesktopElements();
}
// Auto Retry
var isRetry = false;
if(window.location.pathname.includes("auth")){
var ErrorMsg = document.getElementById("ErrorResult");
dbp(typeof ErrorMsg);
if(typeof ErrorMsg !== 'undefined' && ErrorMsg.innerText.includes("Retry")){
dbp("attempt retry");
isRetry = true;
beginOauth();
}
}
// Console Welcome
if(!isRetry){
console.log("%cWelcome Hacker!", "color: #ff0000; font-size: 7em; font-style: italic; font-family: 'Times New Roman', Times, serif;");
}
// Enable Extra Debug Stuff // Override domain
if(DEBUG){ $.get("/DOMAIN_OVERRIDE", function (data) {
dbp("Debug Mode Enabled"); if(data){
$('.debug').each((i,e)=>{ USE_ORIGIN = data.replaceAll("\n", "");
e.style.display = "unset"; DEBUG = true;
}); }else{
} USE_ORIGIN = "https://tty.hackers.town";
}
// Device Detection
if (/(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|ipad|iris|kindle|Android|Silk|lge |maemo|midp|mmp|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows (ce|phone)|xda|xiino/i.test(navigator.userAgent) ||
/1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-/i.test(navigator.userAgent.substr(0, 4))) {
isMobile = true;
}
// Adjust for Mobile
if(isMobile){
dbp("Is Mobile 👍🏻");
disableNonDesktopElements();
}
// Auto Retry
var isRetry = false;
if(window.location.pathname.includes("auth")){
var ErrorMsg = document.getElementById("ErrorResult");
dbp(typeof ErrorMsg);
if(typeof ErrorMsg !== 'undefined' && ErrorMsg.innerText.includes("Retry")){
dbp("attempt retry");
isRetry = true;
// beginOauth();
}
}
// Console Welcome
if(!isRetry){
console.log("%cWelcome Hacker!", "color: #ff0000; font-size: 7em; font-style: italic; font-family: 'Times New Roman', Times, serif;");
}
// Enable Extra Debug Stuff
if(DEBUG){
dbp("Debug Mode Enabled");
$('.debug').each((i,e)=>{
e.style.display = "unset";
});
}
})
}); });

10
index.php Normal file → Executable file
View File

@ -1,3 +1,4 @@
<!DOCTYPE html>
<HTML lang="en"> <HTML lang="en">
<Head> <Head>
<Title>HackersTown Server Access</Title> <Title>HackersTown Server Access</Title>
@ -8,6 +9,7 @@
<script src="https://code.jquery.com/jquery-3.6.0.min.js" integrity="sha256-/xUj+3OJU5yExlq6GSYGSHk7tPXikynS7ogEvDej/m4=" crossorigin="anonymous"></script> <script src="https://code.jquery.com/jquery-3.6.0.min.js" integrity="sha256-/xUj+3OJU5yExlq6GSYGSHk7tPXikynS7ogEvDej/m4=" crossorigin="anonymous"></script>
<script src="https://code.jquery.com/color/jquery.color.plus-names-2.1.2.min.js"></script> <script src="https://code.jquery.com/color/jquery.color.plus-names-2.1.2.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js" integrity="sha384-ka7Sk0Gln4gmtz2MlQnikT1wXgYsOg+OMhuP+IlRH9sENBO0LRn5q+8nbTov4+1p" crossorigin="anonymous"></script> <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js" integrity="sha384-ka7Sk0Gln4gmtz2MlQnikT1wXgYsOg+OMhuP+IlRH9sENBO0LRn5q+8nbTov4+1p" crossorigin="anonymous"></script>
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11/dist/sweetalert2.all.min.js" crossorigin="anonymous"></script>
<script src="/fittext.js"></script> <script src="/fittext.js"></script>
<script src="/index.js"></script> <script src="/index.js"></script>
<!-- Stylesheets --> <!-- Stylesheets -->
@ -19,7 +21,11 @@
<div class="desktopOnly col-4"></div> <div class="desktopOnly col-4"></div>
<div id="content" class="col-4 center"> <div id="content" class="col-4 center">
<div class="row"> <div class="row">
<a href="https://hackers.town"> <?php if(file_exists("/var/www/usergen/DOMAIN_OVERRIDE")){
echo "<a href=\"".str_replace("\n", "", file_get_contents("/var/www/usergen/DOMAIN_OVERRIDE"))."\">";
}else{
echo "<a href=\"https://hackers.town\">";
}?>
<img src="/Assets/HTown.png" class="logo self-align-center mx-auto d-block" alt="Hacker Town logo in ASCII art. Rendered as image to force correct visualization."/> <img src="/Assets/HTown.png" class="logo self-align-center mx-auto d-block" alt="Hacker Town logo in ASCII art. Rendered as image to force correct visualization."/>
</a> </a>
</div> </div>
@ -38,6 +44,8 @@
} }
?> ?>
<br> <br>
<button class="footerbutton" onclick="displayFingerprints()">SSH Fingerprints</button>
<br>
<a href="https://git.corrupt.link/liz/tilde-oauth">View Source on Git</a> <a href="https://git.corrupt.link/liz/tilde-oauth">View Source on Git</a>
</div> </div>
</div> </div>

View File

@ -26,8 +26,7 @@ function arrayBufferToBase64(buffer) {
} }
function generateKeyPair(alg, size, name) { function generateKeyPair(alg, size, name) {
return window.crypto.subtle return window.crypto.subtle.generateKey(
.generateKey(
{ {
name: "RSASSA-PKCS1-v1_5", name: "RSASSA-PKCS1-v1_5",
modulusLength: 2048, // can be 1024, 2048, or 4096 modulusLength: 2048, // can be 1024, 2048, or 4096
@ -36,14 +35,8 @@ function generateKeyPair(alg, size, name) {
}, },
extractable, extractable,
["sign", "verify"] ["sign", "verify"]
) ).then(key => {
.then(key => { const privateKey = window.crypto.subtle.exportKey("jwk", key.privateKey).then(encodePrivateKey).then(wrap).then(rsaPrivateKey);
const privateKey = window.crypto.subtle
.exportKey("jwk", key.privateKey)
.then(encodePrivateKey)
.then(wrap)
.then(rsaPrivateKey);
const publicKey = window.crypto.subtle.exportKey("jwk", key.publicKey).then(jwk => encodePublicKey(jwk, name)); const publicKey = window.crypto.subtle.exportKey("jwk", key.publicKey).then(jwk => encodePublicKey(jwk, name));
return Promise.all([privateKey, publicKey]); return Promise.all([privateKey, publicKey]);
}); });

7
send.php Normal file → Executable file
View File

@ -8,10 +8,15 @@ $config = json_decode(file_get_contents("config.json", true));
session_start(); session_start();
$origin = "https://tty.hackers.town";
if(file_exists("/var/www/usergen/DOMAIN_OVERRIDE")){
$origin = str_replace("\n", "", file_get_contents("/var/www/usergen/DOMAIN_OVERRIDE"));
}
$provider = new Mastodon([ $provider = new Mastodon([
'clientId' => $config.oauth.key, 'clientId' => $config.oauth.key,
'clientSecret' => $config.oauth.secret, 'clientSecret' => $config.oauth.secret,
'redirectUri' => 'https://tty.hackers.town/auth', 'redirectUri' => $origin.'/auth',
'instance' => 'https://hackers.town', 'instance' => 'https://hackers.town',
'scope' => 'read:accounts', 'scope' => 'read:accounts',
]); ]);

View File

@ -93,3 +93,38 @@ span {
padding: 8px; padding: 8px;
min-width: 100px; min-width: 100px;
} }
.swal2-html-container .swal2-popup .swal2-modal .swal2-show {
background-color: #022601;
}
.footerbutton {
background: none;
border: none;
color: inherit;
}
td {
border: 1px solid #3a4c35;
}
td:first-child {
border-left: 2px solid #3a4c35;
}
.fingerprintTable {
width: 100%;
border-collapse: collapse;
}
.fingerprintData {
font-size: x-small;
color: lightblue;
font-family: monospace;
}
.fingerprintAlgo {
text-align: left;
}
.fingerprintBit {
text-align: right;
}

View File

@ -27,6 +27,7 @@ if [[ "$1" =~ ^[a-zA-Z0-9][a-zA-Z0-9-]+$ ]]; then
# User Exists # User Exists
echo "\"$1\" Exists" >> $LOGFILE echo "\"$1\" Exists" >> $LOGFILE
else else
mkdir -p /htusers
useradd -G webadd -m -b /htusers -s /usr/bin/bash --gid 1004 "$1" useradd -G webadd -m -b /htusers -s /usr/bin/bash --gid 1004 "$1"
ln -s "/htusers/$1/public_gemini /var/gemini/$1" ln -s "/htusers/$1/public_gemini /var/gemini/$1"
echo "Added \"$1\" to the system" >> $LOGFILE echo "Added \"$1\" to the system" >> $LOGFILE