meshcentral/agents/modules_meshcmd_min/amt-redir-duk.min.js

Web based remote computer management server

function ToIntStr(t){return String.fromCharCode(255&t,t>>8&255,t>>16&255,t>>24&255)}function ToShortStr(t){return String.fromCharCode(255&t,t>>8&255)}function ShortToStr(t){return String.fromCharCode(t>>8&255,255&t)}function ShortToStrX(t){return String.fromCharCode(255&t,t>>8&255)}function IntToStr(t){return String.fromCharCode(t>>24&255,t>>16&255,t>>8&255,255&t)}function IntToStrX(t){return String.fromCharCode(255&t,t>>8&255,t>>16&255,t>>24&255)}module.exports=function(t){var x={};((x.m=t).parent=x).State=0,x.net=require("net"),x.tls=require("tls"),x.socket=null,x.host=null,x.port=0,x.user=null,x.pass=null,x.connectstate=0,x.protocol=t.protocol,x.xtlsoptions=null,x.amtaccumulator=Buffer.alloc(0),x.amtsequence=1,x.amtkeepalivetimer=null,x.authuri="/RedirectionService",x.digestRealmMatch=null,x.onStateChanged=null,x.Debug=function(t){console.log(t)};return x.Start=function(t,e,r,n,o,a,c){x.host=t,x.port=e,x.user=r,x.pass=n,x.xtls=o,x.xtlsoptions=c,x.xtlsFingerprint=a,x.connectstate=0,x.socket=1==o?x.tls.connect({host:t,port:e,rejectUnauthorized:!1,checkServerIdentity:x.onCheckServerIdentity},x.xxOnSocketConnected):x.net.createConnection({host:t,port:e},x.xxOnSocketConnected),x.socket.on("data",x.xxOnSocketData),x.socket.on("close",x.xxOnSocketClosed),x.socket.on("error",x.xxOnSocketClosed),x.xxStateChange(1)},x.onCheckServerIdentity=function(t){t=t[0].fingerprint.split(":").join("").toLowerCase();null!=x.xtlsFingerprint&&x.xtlsFingerprint!=t?(console.log("Invalid TLS Cert, SHA384: "+t),process.exit(2)):null==x.xtlsFingerprint&&(x.xtlsFingerprint=t,console.log("TLS Cert SHA384: "+t))},x.xxOnSocketConnected=function(){null!=x.socket&&(x.xxStateChange(2),1==x.protocol?x.xxSend(x.RedirectStartSol):2==x.protocol?x.xxSend(x.RedirectStartKvm):3==x.protocol&&x.xxSend(x.RedirectStartIder))},x.xxOnSocketData=function(t){if(t&&-1!=x.connectstate){if((2==x.protocol||3==x.protocol)&&1==x.connectstate)return x.m.ProcessData(t);for(x.amtaccumulator=Buffer.concat([x.amtaccumulator,t]);0<x.amtaccumulator.length;){var e=0;switch(x.amtaccumulator[0]){case 17:if(x.amtaccumulator.length<4)return;var r=x.amtaccumulator[1];if(0===r){if(x.amtaccumulator.length<13)return;r=x.amtaccumulator[12];if(x.amtaccumulator.length<13+r)return;x.xxSend(String.fromCharCode(19,0,0,0,0,0,0,0,0)),e=13+r}else x.Stop();break;case 20:if(x.amtaccumulator.length<9)return;var n=x.amtaccumulator.readInt32LE(5);if(x.amtaccumulator.length<9+n)return;var r=x.amtaccumulator[1],o=x.amtaccumulator[4],a=[];for(i=0;i<n;i++)a.push(x.amtaccumulator[9+i]);var c=x.amtaccumulator.slice(9,9+n),e=9+n;if(0==o)0<=a.indexOf(4)?x.xxSend(String.fromCharCode(19,0,0,0,4)+IntToStrX(x.user.length+x.authuri.length+8)+String.fromCharCode(x.user.length)+x.user+String.fromCharCode(0,0)+String.fromCharCode(x.authuri.length)+x.authuri+String.fromCharCode(0,0,0,0)):x.Stop();else if(3!=o&&4!=o||1!=r)0==r?(1==x.protocol&&x.xxSend(String.fromCharCode(32,0,0,0)+ToIntStr(x.amtsequence++)+ToShortStr(1e4)+ToShortStr(100)+ToShortStr(0)+ToShortStr(1e4)+ToShortStr(100)+ToShortStr(0)+ToIntStr(0)),2==x.protocol&&x.xxSend(new Buffer([64,0,0,0,0,0,0,0])),3==x.protocol&&(x.connectstate=1,x.xxStateChange(3))):x.Stop();else{var u=0,l=c[0],m=c.slice(1,1+l).toString();if(u+=l+1,x.digestRealmMatch&&x.digestRealmMatch!=m)return void x.Stop();var l=c[u],f=c.slice(u+1,u+1+l).toString(),l=(u+=l+1,null),S=x.xxRandomValueHex(32),s="00000002",h="",c=(4==o&&(g=c[u],l=c.slice(u+1,u+1+g).toString(),h=s+":"+S+":"+l+":"),hex_md5(hex_md5(x.user+":"+m+":"+x.pass)+":"+f+":"+h+hex_md5("POST:"+x.authuri))),u=x.user.length+m.length+f.length+x.authuri.length+S.length+s.length+c.length+7,g=(4==o&&(u+=l.length+1),Buffer.concat([new Buffer([19,0,0,0,o]),new Buffer([255&u,u>>8&255,0,0]),new Buffer([x.user.length]),new Buffer(x.user),new Buffer([m.length]),new Buffer(m),new Buffer([f.length]),new Buffer(f),new Buffer([x.authuri.length]),new Buffer(x.authuri),new Buffer([S.length]),new Buffer(S),new Buffer([s.length]),new Buffer(s),new Buffer([c.length]),new Buffer(c)]));4==o&&(g=Buffer.concat([g,new Buffer([l.length]),new Buffer(l)])),x.xxSend(g)}break;case 33:x.amtaccumulator.length<23||(e=23,x.xxSend(String.fromCharCode(39,0,0,0)+ToIntStr(x.amtsequence++)+String.fromCharCode(0,0,27,0,0,0)),1==x.protocol&&(x.amtkeepalivetimer=setInterval(x.xxSendAmtKeepAlive,2e3)),x.connectstate=1,x.xxStateChange(3));break;case 41:x.amtaccumulator.length<10||(e=10);break;case 42:x.amtaccumulator.length<10||(h=10+((255&x.amtaccumulator[9])<<8)+(255&x.amtaccumulator[8]),x.amtaccumulator.length<h)||(x.m.ProcessData(x.amtaccumulator.slice(10,h)),e=h);break;case 43:x.amtaccumulator.length<8||(e=8);break;case 65:x.amtaccumulator.length<8||(x.connectstate=1,x.m.Start(),8<x.amtaccumulator.length&&x.m.ProcessData(x.amtaccumulator.substring(8)),e=x.amtaccumulator.length);break;default:return console.log("Unknown Intel AMT command: "+x.amtaccumulator[0]+" acclen="+x.amtaccumulator.length),void x.Stop()}if(0==e)return;x.amtaccumulator=x.amtaccumulator.slice(e)}}},x.xxSend=function(t){"string"==typeof t?x.socket.write(Buffer.from(t,"binary")):x.socket.write(t)},x.Send=function(t){null!=x.socket&&1==x.connectstate&&x.xxSend(1==x.protocol?String.fromCharCode(40,0,0,0)+ToIntStr(x.amtsequence++)+ToShortStr(t.length)+t:t)},x.xxSendAmtKeepAlive=function(){null!=x.socket&&x.xxSend(String.fromCharCode(43,0,0,0)+ToIntStr(x.amtsequence++))},x.xxRandomValueHex=function(t){for(var e=[],r=Math.floor(t/2),n=0;n<r;n++)e.push(x.tls.generateRandomInteger("0","255"));return new Buffer(e).toString("hex")},x.xxOnSocketClosed=function(){x.socket=null,x.Stop()},x.xxStateChange=function(t){x.State!=t&&(x.State=t,x.m.xxStateChange(x.State),null!=x.onStateChanged)&&x.onStateChanged(x,x.State)},x.Stop=function(){x.xxStateChange(0),x.connectstate=-1,x.amtaccumulator=Buffer.alloc(0),null!=x.socket&&(x.socket.destroy(),x.socket=null),null!=x.amtkeepalivetimer&&(clearInterval(x.amtkeepalivetimer),x.amtkeepalivetimer=null)},x.RedirectStartSol=new Buffer([16,0,0,0,83,79,76,32]),x.RedirectStartKvm=new Buffer([16,1,0,0,75,86,77,82]),x.RedirectStartIder=new Buffer([16,0,0,0,73,68,69,82]),x};var md5hasher=require("MD5Stream").create();function hex_md5(t){return md5hasher.syncHash(t).toString("hex").toLowerCase()}