forked from NebulaServices/Nebula
-
Notifications
You must be signed in to change notification settings - Fork 1
/
server.ts
189 lines (161 loc) · 5.54 KB
/
server.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
import { createBareServer } from "@nebula-services/bare-server-node";
import chalk from "chalk";
import express from "express";
import { createServer } from "node:http";
import { fileURLToPath } from "url";
import compression from "compression";
import createRammerhead from "rammerhead/src/server/index.js";
import path from "path";
import fs from "fs";
import cookieParser from "cookie-parser";
import wisp from "wisp-server-node";
import { Socket } from "net";
const __filename = fileURLToPath(import.meta.url);
const __dirname = path.dirname(__filename);
const LICENSE_SERVER_URL = "https://license.mercurywork.shop/validate?license=";
const whiteListedDomains = ["nebulaproxy.io"]; // Add any public domains you have here
const failureFile = fs.readFileSync("Checkfailed.html", "utf8");
const rh = createRammerhead();
const rammerheadScopes = [
"/rammerhead.js",
"/hammerhead.js",
"/transport-worker.js",
"/task.js",
"/iframe-task.js",
"/worker-hammerhead.js",
"/messaging",
"/sessionexists",
"/deletesession",
"/newsession",
"/editsession",
"/needpassword",
"/syncLocalStorage",
"/api/shuffleDict"
];
const rammerheadSession = /^\/[a-z0-9]{32}/;
console.log(`${chalk.magentaBright("Starting Nebula...")}\n`);
const app = express();
app.use(
compression({
threshold: 0,
filter: () => true
})
);
app.use(cookieParser());
// Congratulations! Masqr failed to validate, this is either your first visit or you're a FRAUD
async function MasqFail(req, res) {
if (!req.headers.host) {
// no bitch still using HTTP/1.0 go away
return;
}
const unsafeSuffix = req.headers.host + ".html";
let safeSuffix = path
.normalize(unsafeSuffix)
.replace(/^(\.\.(\/|\\|$))+/, "");
let safeJoin = path.join(process.cwd() + "/Masqrd", safeSuffix);
try {
await fs.promises.access(safeJoin); // man do I wish this was an if-then instead of a "exception on fail"
const failureFileLocal = await fs.promises.readFile(safeJoin, "utf8");
res.setHeader("Content-Type", "text/html");
res.send(failureFileLocal);
return;
} catch (e) {
res.setHeader("Content-Type", "text/html");
res.send(failureFile);
return;
}
}
// Woooooo masqr yayyyy (said no one)
// uncomment for masqr
/* app.use(async (req, res, next) => {
if (req.headers.host && whiteListedDomains.includes(req.headers.host)) {
next();
return;
}
if (req.url.includes("/bare/")) { // replace this with your bare endpoint
next();
return;
// Bypass for UV and other bares
}
const authheader = req.headers.authorization;
if (req.cookies["authcheck"]) {
next();
return;
}
if (req.cookies['refreshcheck'] != "true") {
res.cookie("refreshcheck", "true", {maxAge: 10000}) // 10s refresh check
MasqFail(req, res)
return;
}
if (!authheader) {
res.setHeader('WWW-Authenticate', 'Basic'); // Yeah so we need to do this to get the auth params, kinda annoying and just showing a login prompt gives it away so its behind a 10s refresh check
res.status(401);
MasqFail(req, res)
return;
}
const auth = Buffer.from(authheader.split(' ')[1],
'base64').toString().split(':');
const user = auth[0];
const pass = auth[1];
const licenseCheck = ((await (await fetch(LICENSE_SERVER_URL + pass + "&host=" + req.headers.host)).json()))["status"]
console.log(LICENSE_SERVER_URL + pass + "&host=" + req.headers.host +" returned " +licenseCheck)
if (licenseCheck == "License valid") {
res.cookie("authcheck", "true", {expires: new Date((Date.now()) + (365*24*60*60 * 1000))}) // authorize session, for like a year, by then the link will be expired lol
res.send(`<script> window.location.href = window.location.href </script>`) // fun hack to make the browser refresh and remove the auth params from the URL
return;
}
MasqFail(req, res)
return;
}) */
app.use(express.static("dist"));
app.get("/search=:query", async (req, res) => {
const { query } = req.params;
const response = await fetch(
`http://api.duckduckgo.com/ac?q=${query}&format=json`
).then((apiRes) => apiRes.json());
res.send(response);
});
app.get("*", (req, res) => {
res.sendFile(path.join(__dirname, "dist", "index.html"));
});
const server = createServer();
const bare = createBareServer("/bare/");
server.on("request", (req, res) => {
if (bare.shouldRoute(req)) {
bare.routeRequest(req, res);
} else if (shouldRouteRh(req)) {
routeRhRequest(req, res);
} else {
app(req, res);
}
});
server.on("upgrade", (req, socket, head) => {
if (bare.shouldRoute(req)) {
bare.routeUpgrade(req, socket, head);
} else if (shouldRouteRh(req)) {
routeRhUpgrade(req, socket, head);
} else {
wisp.routeRequest(req, socket as Socket, head);
}
});
function shouldRouteRh(req) {
const url = new URL(req.url, "http://0.0.0.0");
return (
rammerheadScopes.includes(url.pathname) ||
rammerheadSession.test(url.pathname)
);
}
function routeRhRequest(req, res) {
rh.emit("request", req, res);
}
function routeRhUpgrade(req, socket, head) {
rh.emit("upgrade", req, socket, head);
}
const port = parseInt(process.env.PORT || "8080");
server.listen(port, () => {
console.log(
`${
chalk.magentaBright("You can now use Nebula on port ") + chalk.bold(port)
}\n`
);
});