r0c the web

2023-10-10 03:17:33 +00:00 · 2023-10-10 03:17:33 +00:00 · 79d2d45867
parent 61e7b65bc1
commit 79d2d45867
5 changed files with 126 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -82,6 +82,12 @@ if you enable TLS with `-tpt 2424` (telnet) and/or `-tpn 1515` (netcat) you can

 the powershell client and bash client comes bundled with the server; see [protips](#protips)

+## connecting from a web browser
+
+![screenshot of chrome connecting to r0c through ttyd](docs/r0cc.png)
+
+oh you betcha! see the [webtty readme](webtty/)
+

 # installation

@ -105,7 +111,7 @@ skip this section if:
 if you're using firewalld, and just want to open up the high ports (not 23 and 531) then this is probably enough:

 ```bash
-firewall-cmd --permanent --add-port={23,531,2323,1531,2424,1515}/tcp
+firewall-cmd --permanent --add-port={23,531,2323,1531,2424,1515,8023}/tcp
 firewall-cmd --reload
 ```

@ -120,6 +126,7 @@ iptables -A INPUT -p tcp --dport 2323 -m state --state NEW -j ACCEPT
 iptables -A INPUT -p tcp --dport 1531 -m state --state NEW -j ACCEPT
 iptables -A INPUT -p tcp --dport 2424 -m state --state NEW -j ACCEPT  # tls telnet
 iptables -A INPUT -p tcp --dport 1515 -m state --state NEW -j ACCEPT  # tls netcat
+iptables -A INPUT -p tcp --dport 8023 -m state --state NEW -j ACCEPT  # http/ttyd
 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 23 -j REDIRECT --to-port 2323
 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 531 -j REDIRECT --to-port 1531
 ```
--- a/docs/r0cc.png
+++ b/docs/r0cc.png
--- a/webtty/README.md
+++ b/webtty/README.md
@ -0,0 +1,22 @@
+# accessing r0c from a web browser
+
+![screenshot of chrome connecting to r0c through ttyd](../docs/r0cc.png)
+
+an actual web-UI will probably happen eventually, but now is not the time
+
+instead let's do something way more fun:
+
+first download [ttyd v1.7.1](https://github.com/tsl0922/ttyd/releases/tag/1.7.1), you probably want [ttyd.x86_64](https://github.com/tsl0922/ttyd/releases/download/1.7.1/ttyd.x86_64)
+* latest version is probably fine too but that only works on very recent browsers
+
+then drop that binary into this folder, and add r0c.py as well
+
+and finally run this command: [`./webr0c.sh`](webr0c.sh)
+
+now you can r0c from your browser at http://127.0.0.1:8023/
+
+
+## notes
+
+the ttyd binary shrinks to 50% when compressed with `upx --lzma ttyd.x86_64`
+
--- a/webtty/internals.sh
+++ b/webtty/internals.sh
@ -0,0 +1 @@
+../clients/bash.sh
--- a/webtty/webr0c.sh
+++ b/webtty/webr0c.sh
@ -0,0 +1,95 @@
+#!/bin/bash
+set -e
+
+# fixed set of arguments to always give ttyd;
+# * don't reconnect if the user quits
+# * the bifrost color scheme :^)
+ttyd_fargs=(
+    -t disableReconnect=true
+    -t 'theme={"background":"#222","black":"#404040","red":"#f03669","green":"#b8e346","yellow":"#ffa402","blue":"#02a2ff","magenta":"#f65be3","cyan":"#3da698","white":"#d2d2d2","brightBlack":"#606060","brightRed":"#c75b79","brightGreen":"#c8e37e","brightYellow":"#ffbe4a","brightBlue":"#71cbff","brightMagenta":"#b67fe3","brightCyan":"#9cf0ed","brightWhite":"#fff"}'
+)
+
+# then the additional arguments to give ttyd by default;
+# * listen on port 8023, http://127.0.0.1:8023/
+# * window title = r0c
+# * disable some stuff we don't want
+ttyd_args=(
+    -p 8023
+    -t titleFixed=r0c
+    -t enableSixel=false
+    -t enableTrzsz=false
+    -t enableZmodem=false
+    -t disableResizeOverlay=true
+)
+
+# then the arguments to give r0c if nothing is given to the script;
+# --ara is recommended because otherwise everyone will be admin
+r0c_args=(
+    --ara
+)
+
+# now, if this script is executed with any arguments at all, then the
+# default r0c_args will be cleared and replaced with those, however
+# you can also specify ttyd_args by separating them with "--";
+# that way ttyd gets everything before that and r0c gets the rest:
+#  ./webr0c.sh -p 8023 -- --ara -tpt 2424 -tpn 1515
+
+if [ "$1" ]; then
+    r0c_args=()
+    while [ "$1" ]; do
+        [ "$1" = -- ] && {
+            ttyd_args=("${r0c_args[@]}")
+            r0c_args=()
+            shift
+            continue
+        }
+        r0c_args+=("$1")
+        shift
+    done
+fi
+
+ttyd_args+=("${ttyd_fargs[@]}")  # append the fixed set of args
+
+echo "will run ttyd with args [${ttyd_args[*]}]"
+echo "will run r0c with args [${r0c_args[*]}]"
+
+########################################################################
+
+# ensure we cleanup on exit
+pids=()
+trap 'kill ${pids[@]} 2>/dev/null;sleep 0.1' INT TERM EXIT
+
+# first check if ttyd is installed system-wide,
+# otherwise try ./ttyd.x86_64, and if that also fails
+# just assume exactly one other binary is present
+ttyd=$(command -v ttyd || echo ./ttyd.x86_64)
+[ -e $ttyd ] || ttyd=./ttyd.*
+
+if command -v telnet >/dev/null; then
+    # found telnet;
+    # connect to port 23 if root, 2323 otherwise
+    [ $(id -u) -eq 0 ] && p=23 || p=2323
+    $ttyd "${ttyd_args[@]}" telnet 127.0.0.1 $p &
+else
+    # telnet not found; using bash instead,
+    # connect to port 531 if root, 1531 otherwise
+    [ $(id -u) -eq 0 ] && p=531 || p=1531
+    $ttyd "${ttyd_args[@]}" ./internals.sh 127.0.0.1 $p &
+fi
+
+pids+=($!)
+
+# now it's time to start r0c,
+# first check if installed system-wide,
+# then try ./r0c.py, and panic if that also fails
+if python3 -c 'import r0c' 2>/dev/null; then
+    python3 -m r0c "${r0c_args[@]}" &
+else
+    python3 r0c.py "${r0c_args[@]}" &
+fi
+
+pids+=($!)
+
+# if either r0c or ttyd exits, kill the other
+wait -n
+kill ${pids[@]}