Multiuser support, useradd command

This commit is contained in:
BlackLight 2010-12-25 13:27:38 +01:00
parent d6d63b9431
commit 51121bd09b
12 changed files with 537 additions and 65 deletions

View file

@ -17,6 +17,16 @@ input.promptInput
width : 500px;
}
input.password
{
background-color : black;
border : 0;
color : #888;
font-family : Terminus, courier, monospace, fixed;
font-size : 13px;
width : 500px;
}
div#blashWindow
{
width : 800px;

View file

@ -48,6 +48,12 @@ function blash ()
/** Check if this is the first command given in this session (for fixing <br/> stuff) */
this.__first_cmd = true;
/** Variable set if the prompt is re-generated automatically after a command was given */
this.auto_prompt_refresh = true;
/** Variable set if the focus should be automatically set to the prompt line after a command */
this.auto_prompt_focus = true;
/**************************************/
this.loadCommand = function ( cmd )
@ -139,6 +145,8 @@ function blash ()
}
}
if ( this.auto_prompt_refresh )
{
var value = this.prompt.value;
var out = this.cmdOut.innerHTML;
@ -180,7 +188,12 @@ function blash ()
this.window.appendChild ( this.prompt );
this.window.appendChild ( this.cmdOut );
if ( this.auto_prompt_focus )
{
this.prompt.focus();
}
}
} else if ( key == 38 || key == 40 ) {
if ( key == 38 )
{
@ -332,6 +345,8 @@ function blash ()
}
}
if ( this.auto_prompt_focus )
{
this.prompt.focus();
setTimeout ( function() { shell.prompt.focus(); }, 1 );
@ -339,12 +354,16 @@ function blash ()
{
this.prompt.setSelectionRange ( this.prompt.value.length, this.prompt.value.length );
}
}
return false;
}
if ( this.auto_prompt_focus )
{
this.prompt.focus();
}
}
this.unescapePrompt = function ( prompt, sequences )
{
@ -374,6 +393,54 @@ function blash ()
return prompt;
}
/**
* \brief Refresh the shell prompt
* \param clearTerm Set this variable as true if you want also to clear the terminal screen
* \param clearOut Set this variable as true if you want to clear the latest output command
*/
this.refreshPrompt = function ( clearTerm, clearOut )
{
var value = this.prompt.value;
var out = this.cmdOut.innerHTML;
var text = ( this.json.promptText ) ? this.json.promptText : "[%n@%m %W] $ ";
text = this.unescapePrompt ( text, this.json.promptSequences );
this.window.removeChild ( this.prompt );
this.window.removeChild ( this.cmdOut );
if ( clearTerm )
{
this.window.innerHTML = '';
}
if ( !clearOut )
{
if ( out.length > 0 )
{
var outDiv = document.createElement ( 'span' );
outDiv.innerHTML = '<br/>' + out + '<br/>' + text;
this.window.appendChild ( outDiv );
}
}
this.prompt = document.createElement ( 'input' );
this.prompt.setAttribute ( 'name', 'blashPrompt' );
this.prompt.setAttribute ( 'type', 'text' );
this.prompt.setAttribute ( 'class', 'promptInput' );
this.prompt.setAttribute ( 'autocomplete', 'off' );
this.prompt.setAttribute ( 'onkeydown', 'shell.getKey ( event )' );
this.prompt.setAttribute ( 'onkeyup', 'this.focus()' );
this.prompt.setAttribute ( 'onblur', 'return false' );
this.cmdOut = document.createElement ( 'div' );
this.cmdOut.setAttribute ( 'id', 'blashCmdOut' );
this.cmdOut.setAttribute ( 'class', 'blashCmdOut' );
this.window.appendChild ( this.prompt );
this.window.appendChild ( this.cmdOut );
this.prompt.focus();
}
this.unescapePromptSequence = function ( prompt, sequence, text, default_text )
{
var re = new RegExp ( "([^\]?)" + sequence, "g" );

View file

@ -189,11 +189,13 @@
"cat",
"cd",
"clear",
"echo",
"eval",
"find",
"ls",
"man",
"pwd",
"useradd",
"whoami",
],
}

View file

@ -9,30 +9,7 @@
"action" : function ( arg )
{
var out = '';
var text = ( shell.json.promptText ) ? shell.json.promptText : "[%n@%m %W] $ ";
text = shell.unescapePrompt ( text, shell.json.promptSequences );
shell.window.removeChild ( shell.prompt );
shell.window.removeChild ( shell.cmdOut );
shell.window.innerHTML = '';
shell.prompt = document.createElement ( 'input' );
shell.prompt.setAttribute ( 'name', 'blashPrompt' );
shell.prompt.setAttribute ( 'type', 'text' );
shell.prompt.setAttribute ( 'class', 'promptInput' );
shell.prompt.setAttribute ( 'autocomplete', 'off' );
shell.prompt.setAttribute ( 'onkeydown', 'shell.getKey ( event )' );
shell.prompt.setAttribute ( 'onkeyup', 'this.focus()' );
shell.prompt.setAttribute ( 'onblur', 'return false' );
shell.cmdOut = document.createElement ( 'div' );
shell.cmdOut.setAttribute ( 'id', 'blashCmdOut' );
shell.cmdOut.setAttribute ( 'class', 'blashCmdOut' );
shell.window.appendChild ( shell.prompt );
shell.window.appendChild ( shell.cmdOut );
shell.prompt.focus();
shell.refreshPrompt ( true );
return out;
},
}

15
commands/echo.json Normal file
View file

@ -0,0 +1,15 @@
{
"name" : "echo",
"info" : {
"syntax" : "echo [text]",
"brief" : "Display a line of text",
},
"action" : function ( arg )
{
var out = arg + "<br/>\n";
return out;
},
}

113
commands/useradd.json Normal file
View file

@ -0,0 +1,113 @@
{
"name" : "useradd",
"info" : {
"syntax" : "useradd &lt;username&gt;",
"brief" : "Create a new user on the system",
},
"password" : '',
"repeatPassword" : '',
"keyPassword" : function ( e )
{
var evt = ( window.event ) ? window.event : e;
var key = ( evt.charCode ) ? evt.charCode : evt.keyCode;
var password = document.getElementsByName ( "password" )[0];
var repeatPassword = document.getElementsByName ( "repeatPassword" )[0];
var repeatPasswordText = document.getElementById ( "repeatPasswordText" );
if ( key == 13 && password.value.length > 0 )
{
repeatPassword.style.visibility = 'visible';
repeatPasswordText.style.visibility = 'visible';
repeatPassword.focus();
}
},
"keyRepeatPassword" : function ( e )
{
var evt = ( window.event ) ? window.event : e;
var key = ( evt.charCode ) ? evt.charCode : evt.keyCode;
var password = document.getElementsByName ( "password" )[0];
var repeatPassword = document.getElementsByName ( "repeatPassword" )[0];
var repeatPasswordText = document.getElementById ( "repeatPasswordText" );
if ( key == 13 && password.value.length > 0 )
{
if ( password.value != repeatPassword.value )
{
shell.cmdOut.innerHTML = 'The passwords do not match';
} else {
var users_php = window.location.href;
users_php = users_php.replace ( /\/([a-zA-Z\.]+)$/, '/modules/users/users.php' );
params = 'action=add&user=' + escape ( shell.newuser ) + '&pass=' + md5 ( password.value );
var http = new XMLHttpRequest();
http.open ( "POST", users_php, true );
http.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
http.setRequestHeader("Content-length", params.length);
http.setRequestHeader("Connection", "close");
http.onreadystatechange = function ()
{
if ( http.readyState == 4 && http.status == 200 )
{
if ( http.responseText.length > 0 )
{
shell.cmdOut.innerHTML = http.responseText;
} else {
shell.cmdOut.innerHTML = '';
}
shell.refreshPrompt ( false, false );
}
}
http.send ( params );
shell.cmdOut.innerHTML = '';
}
shell.auto_prompt_focus = true;
shell.auto_prompt_refresh = true;
shell.refreshPrompt ( false, false );
}
},
"action" : function ( arg )
{
var out = '';
if ( !arg || arg.length == 0 )
{
return "Usage: " + this.name + " &lt;username&gt;<br/>\n";
}
shell.keyPassword = this.keyPassword;
shell.keyRepeatPassword = this.keyRepeatPassword;
shell.newuser = arg;
if ( shell.__first_cmd )
{
shell.cmdOut.innerHTML = '<br/>';
shell.__first_cmd = false;
}
shell.cmdOut.innerHTML += 'Password: <input type="password" ' +
'name="password" class="password" ' +
'onkeyup="shell.keyPassword ( event )">' +
'<br/><span id="repeatPasswordText" style="visibility: hidden">' +
'Repeat password: </span>' +
'<input type="password" name="repeatPassword" class="password" ' +
'style="visibility: hidden" onkeyup="shell.keyRepeatPassword ( event )"><br/>';
shell.auto_prompt_focus = false;
shell.auto_prompt_refresh = false;
this.password = document.getElementsByName ( "password" )[0];
this.password.focus();
return out;
},
}

View file

@ -2,6 +2,7 @@
<head>
<title>Blash - An AJAX interactive shell emulator for web browsing</title>
<script type="text/javascript" language="javascript" src="blash.js"></script>
<script type="text/javascript" language="javascript" src="md5.js"></script>
<link rel="stylesheet" href="blash.css" type="text/css">
</head>

209
md5.js Normal file
View file

@ -0,0 +1,209 @@
/**
*
* MD5 (Message-Digest Algorithm)
* http://www.webtoolkit.info/
*
**/
function md5 (string)
{
function RotateLeft(lValue, iShiftBits) {
return (lValue<<iShiftBits) | (lValue>>>(32-iShiftBits));
}
function AddUnsigned(lX,lY) {
var lX4,lY4,lX8,lY8,lResult;
lX8 = (lX & 0x80000000);
lY8 = (lY & 0x80000000);
lX4 = (lX & 0x40000000);
lY4 = (lY & 0x40000000);
lResult = (lX & 0x3FFFFFFF)+(lY & 0x3FFFFFFF);
if (lX4 & lY4) {
return (lResult ^ 0x80000000 ^ lX8 ^ lY8);
}
if (lX4 | lY4) {
if (lResult & 0x40000000) {
return (lResult ^ 0xC0000000 ^ lX8 ^ lY8);
} else {
return (lResult ^ 0x40000000 ^ lX8 ^ lY8);
}
} else {
return (lResult ^ lX8 ^ lY8);
}
}
function F(x,y,z) { return (x & y) | ((~x) & z); }
function G(x,y,z) { return (x & z) | (y & (~z)); }
function H(x,y,z) { return (x ^ y ^ z); }
function I(x,y,z) { return (y ^ (x | (~z))); }
function FF(a,b,c,d,x,s,ac) {
a = AddUnsigned(a, AddUnsigned(AddUnsigned(F(b, c, d), x), ac));
return AddUnsigned(RotateLeft(a, s), b);
};
function GG(a,b,c,d,x,s,ac) {
a = AddUnsigned(a, AddUnsigned(AddUnsigned(G(b, c, d), x), ac));
return AddUnsigned(RotateLeft(a, s), b);
};
function HH(a,b,c,d,x,s,ac) {
a = AddUnsigned(a, AddUnsigned(AddUnsigned(H(b, c, d), x), ac));
return AddUnsigned(RotateLeft(a, s), b);
};
function II(a,b,c,d,x,s,ac) {
a = AddUnsigned(a, AddUnsigned(AddUnsigned(I(b, c, d), x), ac));
return AddUnsigned(RotateLeft(a, s), b);
};
function ConvertToWordArray(string) {
var lWordCount;
var lMessageLength = string.length;
var lNumberOfWords_temp1=lMessageLength + 8;
var lNumberOfWords_temp2=(lNumberOfWords_temp1-(lNumberOfWords_temp1 % 64))/64;
var lNumberOfWords = (lNumberOfWords_temp2+1)*16;
var lWordArray=Array(lNumberOfWords-1);
var lBytePosition = 0;
var lByteCount = 0;
while ( lByteCount < lMessageLength ) {
lWordCount = (lByteCount-(lByteCount % 4))/4;
lBytePosition = (lByteCount % 4)*8;
lWordArray[lWordCount] = (lWordArray[lWordCount] | (string.charCodeAt(lByteCount)<<lBytePosition));
lByteCount++;
}
lWordCount = (lByteCount-(lByteCount % 4))/4;
lBytePosition = (lByteCount % 4)*8;
lWordArray[lWordCount] = lWordArray[lWordCount] | (0x80<<lBytePosition);
lWordArray[lNumberOfWords-2] = lMessageLength<<3;
lWordArray[lNumberOfWords-1] = lMessageLength>>>29;
return lWordArray;
};
function WordToHex(lValue) {
var WordToHexValue="",WordToHexValue_temp="",lByte,lCount;
for (lCount = 0;lCount<=3;lCount++) {
lByte = (lValue>>>(lCount*8)) & 255;
WordToHexValue_temp = "0" + lByte.toString(16);
WordToHexValue = WordToHexValue + WordToHexValue_temp.substr(WordToHexValue_temp.length-2,2);
}
return WordToHexValue;
};
function Utf8Encode(string) {
string = string.replace(/\r\n/g,"\n");
var utftext = "";
for (var n = 0; n < string.length; n++) {
var c = string.charCodeAt(n);
if (c < 128) {
utftext += String.fromCharCode(c);
}
else if((c > 127) && (c < 2048)) {
utftext += String.fromCharCode((c >> 6) | 192);
utftext += String.fromCharCode((c & 63) | 128);
}
else {
utftext += String.fromCharCode((c >> 12) | 224);
utftext += String.fromCharCode(((c >> 6) & 63) | 128);
utftext += String.fromCharCode((c & 63) | 128);
}
}
return utftext;
};
var x=Array();
var k,AA,BB,CC,DD,a,b,c,d;
var S11=7, S12=12, S13=17, S14=22;
var S21=5, S22=9 , S23=14, S24=20;
var S31=4, S32=11, S33=16, S34=23;
var S41=6, S42=10, S43=15, S44=21;
string = Utf8Encode(string);
x = ConvertToWordArray(string);
a = 0x67452301; b = 0xEFCDAB89; c = 0x98BADCFE; d = 0x10325476;
for (k=0;k<x.length;k+=16) {
AA=a; BB=b; CC=c; DD=d;
a=FF(a,b,c,d,x[k+0], S11,0xD76AA478);
d=FF(d,a,b,c,x[k+1], S12,0xE8C7B756);
c=FF(c,d,a,b,x[k+2], S13,0x242070DB);
b=FF(b,c,d,a,x[k+3], S14,0xC1BDCEEE);
a=FF(a,b,c,d,x[k+4], S11,0xF57C0FAF);
d=FF(d,a,b,c,x[k+5], S12,0x4787C62A);
c=FF(c,d,a,b,x[k+6], S13,0xA8304613);
b=FF(b,c,d,a,x[k+7], S14,0xFD469501);
a=FF(a,b,c,d,x[k+8], S11,0x698098D8);
d=FF(d,a,b,c,x[k+9], S12,0x8B44F7AF);
c=FF(c,d,a,b,x[k+10],S13,0xFFFF5BB1);
b=FF(b,c,d,a,x[k+11],S14,0x895CD7BE);
a=FF(a,b,c,d,x[k+12],S11,0x6B901122);
d=FF(d,a,b,c,x[k+13],S12,0xFD987193);
c=FF(c,d,a,b,x[k+14],S13,0xA679438E);
b=FF(b,c,d,a,x[k+15],S14,0x49B40821);
a=GG(a,b,c,d,x[k+1], S21,0xF61E2562);
d=GG(d,a,b,c,x[k+6], S22,0xC040B340);
c=GG(c,d,a,b,x[k+11],S23,0x265E5A51);
b=GG(b,c,d,a,x[k+0], S24,0xE9B6C7AA);
a=GG(a,b,c,d,x[k+5], S21,0xD62F105D);
d=GG(d,a,b,c,x[k+10],S22,0x2441453);
c=GG(c,d,a,b,x[k+15],S23,0xD8A1E681);
b=GG(b,c,d,a,x[k+4], S24,0xE7D3FBC8);
a=GG(a,b,c,d,x[k+9], S21,0x21E1CDE6);
d=GG(d,a,b,c,x[k+14],S22,0xC33707D6);
c=GG(c,d,a,b,x[k+3], S23,0xF4D50D87);
b=GG(b,c,d,a,x[k+8], S24,0x455A14ED);
a=GG(a,b,c,d,x[k+13],S21,0xA9E3E905);
d=GG(d,a,b,c,x[k+2], S22,0xFCEFA3F8);
c=GG(c,d,a,b,x[k+7], S23,0x676F02D9);
b=GG(b,c,d,a,x[k+12],S24,0x8D2A4C8A);
a=HH(a,b,c,d,x[k+5], S31,0xFFFA3942);
d=HH(d,a,b,c,x[k+8], S32,0x8771F681);
c=HH(c,d,a,b,x[k+11],S33,0x6D9D6122);
b=HH(b,c,d,a,x[k+14],S34,0xFDE5380C);
a=HH(a,b,c,d,x[k+1], S31,0xA4BEEA44);
d=HH(d,a,b,c,x[k+4], S32,0x4BDECFA9);
c=HH(c,d,a,b,x[k+7], S33,0xF6BB4B60);
b=HH(b,c,d,a,x[k+10],S34,0xBEBFBC70);
a=HH(a,b,c,d,x[k+13],S31,0x289B7EC6);
d=HH(d,a,b,c,x[k+0], S32,0xEAA127FA);
c=HH(c,d,a,b,x[k+3], S33,0xD4EF3085);
b=HH(b,c,d,a,x[k+6], S34,0x4881D05);
a=HH(a,b,c,d,x[k+9], S31,0xD9D4D039);
d=HH(d,a,b,c,x[k+12],S32,0xE6DB99E5);
c=HH(c,d,a,b,x[k+15],S33,0x1FA27CF8);
b=HH(b,c,d,a,x[k+2], S34,0xC4AC5665);
a=II(a,b,c,d,x[k+0], S41,0xF4292244);
d=II(d,a,b,c,x[k+7], S42,0x432AFF97);
c=II(c,d,a,b,x[k+14],S43,0xAB9423A7);
b=II(b,c,d,a,x[k+5], S44,0xFC93A039);
a=II(a,b,c,d,x[k+12],S41,0x655B59C3);
d=II(d,a,b,c,x[k+3], S42,0x8F0CCC92);
c=II(c,d,a,b,x[k+10],S43,0xFFEFF47D);
b=II(b,c,d,a,x[k+1], S44,0x85845DD1);
a=II(a,b,c,d,x[k+8], S41,0x6FA87E4F);
d=II(d,a,b,c,x[k+15],S42,0xFE2CE6E0);
c=II(c,d,a,b,x[k+6], S43,0xA3014314);
b=II(b,c,d,a,x[k+13],S44,0x4E0811A1);
a=II(a,b,c,d,x[k+4], S41,0xF7537E82);
d=II(d,a,b,c,x[k+11],S42,0xBD3AF235);
c=II(c,d,a,b,x[k+2], S43,0x2AD7D2BB);
b=II(b,c,d,a,x[k+9], S44,0xEB86D391);
a=AddUnsigned(a,AA);
b=AddUnsigned(b,BB);
c=AddUnsigned(c,CC);
d=AddUnsigned(d,DD);
}
var temp = WordToHex(a)+WordToHex(b)+WordToHex(c)+WordToHex(d);
return temp.toLowerCase();
}

Binary file not shown.

Binary file not shown.

View file

@ -0,0 +1,10 @@
<?php
$xmlcontent = <<<XML
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<users>
</users>
XML;
?>

68
modules/users/users.php Normal file
View file

@ -0,0 +1,68 @@
<?php
include 'userlist.php';
$action = $_REQUEST['action'];
if ( $action == null )
{
die ("");
}
switch ( $action )
{
case 'add':
$username = $_REQUEST['user'];
$password = $_REQUEST['pass'];
if ( !( $username != null && $password != null ))
{
die ("");
}
if ( preg_match ( '/[^a-zA-Z0-9_]/', $username ))
{
print "The username can only contain characters in the charset '[a-zA-Z0-9_]'\n";
return 1;
}
if ( preg_match ( '/[^a-zA-Z0-9]/', $password ) || strlen ( $password ) != 32 )
{
print "The provided password '$password' is not a valid hash\n";
return 1;
}
if ( !( $xml = new SimpleXMLElement ( $xmlcontent )))
{
print "Unable to open the users XML file\n";
return 1;
}
for ( $i = 0; $i < count ( $xml->user ); $i++ )
{
if ( !strcasecmp ( $xml->user[$i]['name'], $username ))
{
print "The specified user already exists\n";
return 1;
}
}
$newuser = $xml->addChild ( 'user' );
$newuser->addAttribute ( 'name', $username );
$newuser->addAttribute ( 'pass', $password );
$newuser->addAttribute ( 'home', '/home/' . $username );
if ( !( $fp = fopen ( 'userlist.php', 'w' )))
{
print "Unable to add the specified user, unknown error\n";
return 1;
}
fwrite ( $fp, "<?php\n\n\$xmlcontent = <<<XML\n" . $xml->asXML() . "\nXML;\n\n?>\n" );
fclose ( $fp );
print 'User "'.$username.' successfully added, home directory set to "/home/'.$username."\"\n";
break;
}
?>