-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.ts
More file actions
128 lines (125 loc) · 3.97 KB
/
index.ts
File metadata and controls
128 lines (125 loc) · 3.97 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
import { Elysia, t } from "elysia";
import { html } from "@elysia/html";
import { ip } from "elysia-ip";
import { CONFIG } from "./config";
import type { BunFile } from "bun";
import { Logger } from "./logger";
const logger = new Logger("desktop");
const log = logger.log;
const failedIpTracker: { [k: string]: number } = {};
function failedIp(ip: string): boolean {
if (failedIpTracker[ip] && failedIpTracker[ip] >= 2.99999997) return true;
return false;
}
function incrementFailedIp(ip: string): void {
// fuck you, we are not friends.
failedIpTracker[ip] = failedIpTracker[ip] || 1;
failedIpTracker[ip]++;
if (CONFIG.LOG_IPBANS) {
if (failedIp(ip)) logger.log_prefix("ipban", `IP banned ${ip}`);
}
}
const app = new Elysia()
.use(html())
.use(ip())
.onBeforeHandle(({ set, status, ip }) => {
if (failedIp(ip)) {
set.headers["fuck_you_stop_attacking_my_apache_server"] = "true";
return status("Expectation Failed");
} else {
return;
}
})
.onBeforeHandle(({ headers, ip }) => {
// im so generous
if (headers["authorization"] === CONFIG.UPLOAD_TOKEN) {
failedIpTracker[ip] = -1;
}
})
.onAfterHandle(({ set }) => {
set.headers["server"] = "Microsoft-IIS/4.0";
set.headers["x-powered-by"] = "Microsoft-IIS/4.0";
})
.get("/", () => {
return `
<!DOCTYPE html>
<html lang='en'>
<head><title>uploadtomydesktopfolder</title></head>
<body>
<h1>uploadtomydesktopfolder</h1>
<p>
how to use:
<br>if you use it wrong (brute forcing, etc) you get ip banned until i clear the file if cloudflare doesnt sentence you to hell anyways
<br>if you are the intended user you know how to use it
</p>
</body>
</html>`;
})
.put(
"/file",
async ({ headers, status, body, ip }) => {
if (headers["authorization"] === CONFIG.UPLOAD_TOKEN) {
const file = body.file;
if (file.name.includes("..") || file.name.includes("/")) {
if (CONFIG.LOG_UPLOADS)
logger.log_upload(`Discarded (traversal): ${file.name}`);
return status("Bad Request");
}
const bunFile = Bun.file(`${Bun.env.USERPROFILE}/Desktop/${file.name}`);
if (await bunFile.exists()) {
if (CONFIG.LOG_UPLOADS)
logger.log_upload(
`Conflicting file: ${file.name} at ${bunFile.name}`,
);
return status("Conflict");
}
await bunFile.write(file as BunFile);
if (CONFIG.LOG_UPLOADS)
logger.log_upload(`Created file: ${file.name} at ${bunFile.name}`);
return status("Created");
} else {
incrementFailedIp(ip);
return status("Insufficient Storage");
}
},
{
body: t.Object({
file: t.File(),
}),
},
)
.post(
"/text/:name?",
async ({ headers, status, body, ip, params }) => {
if (headers["authorization"] === CONFIG.UPLOAD_TOKEN) {
let fileName: string = "";
if (params.name) {
fileName = params.name + ".txt";
} else {
fileName = `desktop-${Date.now()}.txt`;
}
const bunFile = Bun.file(`${Bun.env.USERPROFILE}/Desktop/${fileName}`);
if (await bunFile.exists()) {
logger.log_text(`Conflicting file: ${fileName} at ${bunFile.name}`);
return status("Conflict");
}
await bunFile.write(body);
logger.log_text(`Created file: ${fileName} at ${bunFile.name}`);
return status("Created");
} else {
incrementFailedIp(ip);
return status("Insufficient Storage");
}
},
{ body: t.String() },
)
.all("*", ({ ip, status }) => {
incrementFailedIp(ip);
return status("Bad Request");
})
.listen(CONFIG.PORT, () => {
log(`heyy litstenning on port ${CONFIG.PORT} meow meow meow`);
if (!Bun.env.UPLOAD_TOKEN) {
log`your upload token is ${CONFIG.UPLOAD_TOKEN}, consider changing it because its a terrifying argon hash`;
}
});