+ debug mode; - potential RCE bug, problems with '!'
parent
12afb9b8ac
commit
fe02fa38a3
16
http.sh
16
http.sh
|
@ -66,6 +66,10 @@ LauraIsCute
|
|||
exit 0
|
||||
fi
|
||||
|
||||
if [[ $1 == "debug" ]]; then
|
||||
cfg[dbg]=true
|
||||
fi
|
||||
|
||||
source src/worker.sh
|
||||
|
||||
if [[ -f "${cfg[namespace]}/config.sh" ]]; then
|
||||
|
@ -75,7 +79,11 @@ fi
|
|||
if [[ ${cfg[http]} == true ]]; then
|
||||
# this is a workaround because ncat kept messing up large (<150KB) files over HTTP - but not over HTTPS!
|
||||
socket=$(mktemp -u /tmp/XXXX.socket)
|
||||
ncat -l -U "$socket" -c src/server.sh -k 2>> /dev/null &
|
||||
if [[ ${cfg[dbg]} == true ]]; then
|
||||
ncat -l -U "$socket" -c src/server.sh -k &
|
||||
else
|
||||
ncat -l -U "$socket" -c src/server.sh -k 2>> /dev/null &
|
||||
fi
|
||||
socat TCP-LISTEN:${cfg[port]},fork,bind=${cfg[ip]} UNIX-CLIENT:$socket &
|
||||
echo "[HTTP] listening on ${cfg[ip]}:${cfg[port]} through '$socket'"
|
||||
#ncat -v -l ${cfg[ip]} ${cfg[port]} -c ./src/server.sh -k 2>> /dev/null &
|
||||
|
@ -83,10 +91,10 @@ fi
|
|||
|
||||
if [[ ${cfg[ssl]} == true ]]; then
|
||||
echo "[SSL] listening on port ${cfg[ip]}:${cfg[ssl_port]}"
|
||||
if [[ ${cfg[ssl_key]} != '' && ${cfg[ssl_cert]} != '' ]]; then
|
||||
ncat -l ${cfg[ip]} ${cfg[ssl_port]} -c ./src/server.sh -k --ssl --ssl-cert ${cfg[ssl_cert]} --ssl-key ${cfg[ssl_key]} 2>> /dev/null &
|
||||
if [[ ${cfg[dbg]} == true ]]; then
|
||||
ncat -l ${cfg[ip]} ${cfg[ssl_port]} -c src/server.sh -k --ssl $([[ ${cfg[ssl_key]} != '' && ${cfg[ssl_cert]} != '' ]] && echo "--ssl-cert ${cfg[ssl_cert]} --ssl-key ${cfg[ssl_key]}") &
|
||||
else
|
||||
ncat -l ${cfg[ip]} ${cfg[ssl_port]} -c ./src/server.sh -k --ssl 2>> /dev/null &
|
||||
ncat -l ${cfg[ip]} ${cfg[ssl_port]} -c src/server.sh -k --ssl $([[ ${cfg[ssl_key]} != '' && ${cfg[ssl_cert]} != '' ]] && echo "--ssl-cert ${cfg[ssl_cert]} --ssl-key ${cfg[ssl_key]}") 2>> /dev/null &
|
||||
fi
|
||||
fi
|
||||
|
||||
|
|
|
@ -13,8 +13,8 @@
|
|||
# Python (.py) -> no content-type
|
||||
|
||||
function get_mime() {
|
||||
local file=$@
|
||||
local mime=$(file --mime-type -b $file)
|
||||
local file="$@"
|
||||
local mime="$(file --mime-type -b "$file")"
|
||||
if [[ $file == *".htm" || $file == *".html" ]]; then
|
||||
content_type="text/html"
|
||||
return 0
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
printf "HTTP/1.0 200 OK
|
||||
${cfg[extra_headers]}\r\n"
|
||||
get_mime ${r[uri]}
|
||||
get_mime "${r[uri]}"
|
||||
[[ $content_type != '' ]] && printf "content-type: $content_type\r\n"
|
||||
|
||||
if [[ ${cfg[php_enabled]} == true && ${r[uri]} =~ ".php" ]]; then
|
||||
|
@ -27,5 +27,5 @@ elif [[ ${r[uri]} =~ \.${cfg[extension]}$ ]]; then
|
|||
else
|
||||
printf "\r\n"
|
||||
cat "${r[uri]}"
|
||||
|
||||
fi
|
||||
|
||||
|
|
|
@ -106,7 +106,6 @@ fi
|
|||
|
||||
echo "$(date) - IP: ${r[ip]}, PROTO: ${r[proto]}, URL: ${r[url]}, GET_data: ${get_data[@]}, POST_data: ${post_data[@]}, POST_multipart: ${post_multipart[@]}" >> "${cfg[namespace]}/${cfg[log]}"
|
||||
|
||||
|
||||
if [[ ${r[status]} != 101 ]]; then
|
||||
if [[ -a ${r[uri]} && ! -r ${r[uri]} ]]; then
|
||||
r[status]=403
|
||||
|
|
Loading…
Reference in New Issue