четверг, 13 февраля 2014 г.

Your own skype notification bot, part two


So, it's time to add some kind of interface to push messages to skype-daemon. I'll use small but powerful enough cgi-supporting mini-httpd. Mini-httpd used in many soho routers in embedded environments since early 2000-s i think. So it's proofed itself to be stable and secure.
I would use this server as cgi-server for my dirty-written bash scripts :)

Install mini-httpd:

root@skype:/# aptitude install mini-httpd

Modify config file: /etc/mini-httpd.conf
port=8880
user=skype
chroot
dir=/home/skype/
data_dir=/cgi
cgipat=*.cgi
logfile=/home/skype/mini-httpd.log
pidfile=/home/skype/mini-httpd.pid
charset=utf-8
Runit-script: /etc/sv/mini-httpd/run
#!/bin/bash

TIME="Finished. Process took %E. %P CPU was eaten. %MK memory was used." # time stuff

name=`basename $(dirname $(pwd)/fake)` # ugly hack
workingdir="/home/skype/"
command="/usr/sbin/mini-httpd -C /etc/mini-httpd.conf -D"
exec 2>&1

echo starting $name...
export TIME
set -x
cd $workingdir
exec chpst -v time $command
Don't forget to enable runit-job for mini-httpd.

Create needed directories:
root@skype:/# su - skype

skype@skype:~$ mkdir -p /home/skype/cgi/

skype@skype:~$ cd /home/skype/cgi/
Create web cgi scripts(and don't forget to set executable bit on them) sendim.cgi
#!/bin/bash
printf "Content-type: text/html\n\n"
set -- $QUERY_STRING


../addcontact.sh "$1"
index.cgi
#!/bin/bash
printf "Content-type: text/html\n\n"
echo "Go away"
sendim.cgi
#!/bin/bash
if [ "$REQUEST_METHOD" = "POST" ]; then
    if [ "$CONTENT_LENGTH" -gt 0 ]; then
        read -n $CONTENT_LENGTH POST_DATA <&0
    fi
else
  printf "Content-type: text/html\n\n"
  echo "use POST"
  exit 0
fi

printf "Content-type: text/html\n\n"

set -- $QUERY_STRING

../sendim.sh "$1" "$POST_DATA"
Test it! Run from your main computer's console:
~ $ curl -d "Hello from curl" 'http://ipaddress:8880/sendim.cgi?skypename'
Test auth request script:
~ $ curl 'http://ipaddress:8880/addcontact.cgi?skypename'
That's it. Skype server is ready to serve you! PS These scripts could contain some vulnerables, because i didn't validate input at all, so allow access to web-server on your firewall(iptables) only for trusted networks. If you found vulns and know how to fix them, feel free to contact me in comments.

Комментариев нет:

Отправить комментарий