diff --git a/README.md b/README.md index aa8c345..d06e22e 100644 --- a/README.md +++ b/README.md @@ -82,6 +82,12 @@ if you enable TLS with `-tpt 2424` (telnet) and/or `-tpn 1515` (netcat) you can the powershell client and bash client comes bundled with the server; see [protips](#protips) +## connecting from a web browser + +![screenshot of chrome connecting to r0c through ttyd](docs/r0cc.png) + +oh you betcha! see the [webtty readme](webtty/) + # installation @@ -105,7 +111,7 @@ skip this section if: if you're using firewalld, and just want to open up the high ports (not 23 and 531) then this is probably enough: ```bash -firewall-cmd --permanent --add-port={23,531,2323,1531,2424,1515}/tcp +firewall-cmd --permanent --add-port={23,531,2323,1531,2424,1515,8023}/tcp firewall-cmd --reload ``` @@ -120,6 +126,7 @@ iptables -A INPUT -p tcp --dport 2323 -m state --state NEW -j ACCEPT iptables -A INPUT -p tcp --dport 1531 -m state --state NEW -j ACCEPT iptables -A INPUT -p tcp --dport 2424 -m state --state NEW -j ACCEPT # tls telnet iptables -A INPUT -p tcp --dport 1515 -m state --state NEW -j ACCEPT # tls netcat +iptables -A INPUT -p tcp --dport 8023 -m state --state NEW -j ACCEPT # http/ttyd iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 23 -j REDIRECT --to-port 2323 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 531 -j REDIRECT --to-port 1531 ``` diff --git a/docs/r0cc.png b/docs/r0cc.png new file mode 100644 index 0000000..83fe1b3 Binary files /dev/null and b/docs/r0cc.png differ diff --git a/webtty/README.md b/webtty/README.md new file mode 100644 index 0000000..38f0193 --- /dev/null +++ b/webtty/README.md @@ -0,0 +1,22 @@ +# accessing r0c from a web browser + +![screenshot of chrome connecting to r0c through ttyd](../docs/r0cc.png) + +an actual web-UI will probably happen eventually, but now is not the time + +instead let's do something way more fun: + +first download [ttyd v1.7.1](https://github.com/tsl0922/ttyd/releases/tag/1.7.1), you probably want [ttyd.x86_64](https://github.com/tsl0922/ttyd/releases/download/1.7.1/ttyd.x86_64) +* latest version is probably fine too but that only works on very recent browsers + +then drop that binary into this folder, and add r0c.py as well + +and finally run this command: [`./webr0c.sh`](webr0c.sh) + +now you can r0c from your browser at http://127.0.0.1:8023/ + + +## notes + +the ttyd binary shrinks to 50% when compressed with `upx --lzma ttyd.x86_64` + diff --git a/webtty/internals.sh b/webtty/internals.sh new file mode 120000 index 0000000..3ccc7dc --- /dev/null +++ b/webtty/internals.sh @@ -0,0 +1 @@ +../clients/bash.sh \ No newline at end of file diff --git a/webtty/webr0c.sh b/webtty/webr0c.sh new file mode 100755 index 0000000..bccf4b9 --- /dev/null +++ b/webtty/webr0c.sh @@ -0,0 +1,95 @@ +#!/bin/bash +set -e + +# fixed set of arguments to always give ttyd; +# * don't reconnect if the user quits +# * the bifrost color scheme :^) +ttyd_fargs=( + -t disableReconnect=true + -t 'theme={"background":"#222","black":"#404040","red":"#f03669","green":"#b8e346","yellow":"#ffa402","blue":"#02a2ff","magenta":"#f65be3","cyan":"#3da698","white":"#d2d2d2","brightBlack":"#606060","brightRed":"#c75b79","brightGreen":"#c8e37e","brightYellow":"#ffbe4a","brightBlue":"#71cbff","brightMagenta":"#b67fe3","brightCyan":"#9cf0ed","brightWhite":"#fff"}' +) + +# then the additional arguments to give ttyd by default; +# * listen on port 8023, http://127.0.0.1:8023/ +# * window title = r0c +# * disable some stuff we don't want +ttyd_args=( + -p 8023 + -t titleFixed=r0c + -t enableSixel=false + -t enableTrzsz=false + -t enableZmodem=false + -t disableResizeOverlay=true +) + +# then the arguments to give r0c if nothing is given to the script; +# --ara is recommended because otherwise everyone will be admin +r0c_args=( + --ara +) + +# now, if this script is executed with any arguments at all, then the +# default r0c_args will be cleared and replaced with those, however +# you can also specify ttyd_args by separating them with "--"; +# that way ttyd gets everything before that and r0c gets the rest: +# ./webr0c.sh -p 8023 -- --ara -tpt 2424 -tpn 1515 + +if [ "$1" ]; then + r0c_args=() + while [ "$1" ]; do + [ "$1" = -- ] && { + ttyd_args=("${r0c_args[@]}") + r0c_args=() + shift + continue + } + r0c_args+=("$1") + shift + done +fi + +ttyd_args+=("${ttyd_fargs[@]}") # append the fixed set of args + +echo "will run ttyd with args [${ttyd_args[*]}]" +echo "will run r0c with args [${r0c_args[*]}]" + +######################################################################## + +# ensure we cleanup on exit +pids=() +trap 'kill ${pids[@]} 2>/dev/null;sleep 0.1' INT TERM EXIT + +# first check if ttyd is installed system-wide, +# otherwise try ./ttyd.x86_64, and if that also fails +# just assume exactly one other binary is present +ttyd=$(command -v ttyd || echo ./ttyd.x86_64) +[ -e $ttyd ] || ttyd=./ttyd.* + +if command -v telnet >/dev/null; then + # found telnet; + # connect to port 23 if root, 2323 otherwise + [ $(id -u) -eq 0 ] && p=23 || p=2323 + $ttyd "${ttyd_args[@]}" telnet 127.0.0.1 $p & +else + # telnet not found; using bash instead, + # connect to port 531 if root, 1531 otherwise + [ $(id -u) -eq 0 ] && p=531 || p=1531 + $ttyd "${ttyd_args[@]}" ./internals.sh 127.0.0.1 $p & +fi + +pids+=($!) + +# now it's time to start r0c, +# first check if installed system-wide, +# then try ./r0c.py, and panic if that also fails +if python3 -c 'import r0c' 2>/dev/null; then + python3 -m r0c "${r0c_args[@]}" & +else + python3 r0c.py "${r0c_args[@]}" & +fi + +pids+=($!) + +# if either r0c or ttyd exits, kill the other +wait -n +kill ${pids[@]}