Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /* To run:
- Install node 10 or 12
- npm init
- (Follow prompts - you can just press enter all the way through it).
- npm install --save express
- npm install --save child_process
- node index.js (or what ever you called your file)
- In Chrome/Firefox navigate to:
- 127.0.0.1:3000/your/path/to/page
- You should see it return the contents of your home directory
- // */
- const { exec } = require('child_process');
- const express = require('express');
- const app = express();
- const port = process.env.PORT || 3000;
- const ip = process.env.IP || '0.0.0.0'; // You can just put a single interface here, such as 192.168.1.2, 0.0.0.0 listens to all
- const allowedIpAddresses = [
- "192.168.1.", // Does partial matching.
- "127.0.0.1"
- ];
- // Util functions
- const getRemoteIp = (req) => {
- return req.connection.remoteAddress || req.socket.remoteAddress || req.headers['x-forwarded-for'];
- };
- const ipAllowed = (remoteIp, ipList) => {
- for (let i = 0; i < ipList.length; i++) {
- if (ipList[i].indexOf(remoteIp) > -1) {
- return true;
- }
- }
- return false;
- };
- // Some logic
- const exampleFunction = (req, res) => {
- res.send('Example!');
- };
- // Route hooks
- app.get('/your/path/to/page', (req, res) => {
- // Execute system command.
- // Note that it has the same privledges as the user that ran Node. You cannot use sudo here unless you started node with sudo
- // And please do not start node with sudo. Very easy for hackers to take over your system.
- // Please PLEASE _PLEASE_ learn how to secure your system. Yuri commands it.
- exec('ls ~', (err, stdout, stderr) => {
- if (err) {
- res.status(500);
- res.send({
- error: 'Failed to execute command',
- reason: err,
- stdout,
- stderr
- });
- return;
- }
- res.status(200);
- res.send({
- error: 'Command executed',
- stdout,
- stderr
- });
- });
- });
- app.get('/another/path/to/page', (req, res) => {
- exampleFunction(req, res)
- });
- app.get('/ip/check', (req, res) => {
- const remoteIp = getRemoteIp(req);
- if (ipAllowed(remoteIp, allowedIpAddresses)) {
- res.status(200);
- res.send('Good boi');
- return;
- }
- res.status(401);
- res.send('Bad boi');
- return;
- });
- app.all('/', (req, res) => {
- res.send('Uhh, hi');
- });
- app.listen(port, ip, function () {
- console.log(`My command is your wish ${ip}:${port}!`);
- });
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement