For Development Phase : https://dev12310.github.io/crystal_soteria/
Index
- Introduction
- Motive
- Purpose(s)
- Security
- Data Storage Structure
- Adding new users(pre defined)
- Commands
- Test User Credentials
Introduction :
This project can be regarded as a simple "file management system" with which you interact through simple commands currently on a terminal like interface. This project is completely written in JavaScript. It uses HTML and jQuery.Terminal. Note: The HTML percentage might be seeming too much for the previous statement, but most of the HTML file is a JS Script.
Motive:
The main motive behind this project was "nothing on the server side", what it basically means is that everything, yes everything happens on the client side only.
Purpose(s):
This project can be used for many purposes. I intended it for first and foremost 2 :
-
Linux-on-the go : This project can be very useful in simulating the very basic commands (until now) of Linux and using it on-the-go (without the need of downloading anything). Thus it may help in tinkering the interest for the same.
-
For CTF's or Online Puzzles : It can certainly also be used as a unique interface for CTFs and web based riddles.
Security :
You might think that that might compromise the security of the files, but it uses SHA3 for logging in and AES for the encryption and decryption of the files. The files use LUKS like encryption. For example, if you login to "User1", it decrypts the content(using the input password) and stores all the data of that particular user in a separate variable(say "data"). When you switch to another user "User2", it decrypts the data of that user and stores the decrypted data in "data".
Data Storage Structure :
All the data is stored in form of a JSON string, AES encrypted with the password of that user(as explained in Security). Each key in the JSON string is a directory/subdirectory full paths(starting from home directory). The value of each key is a list containing its directories and files with full paths(starting from home directory). The last index of every value is a dictionary containing keys as names of files(in the directory if any) and values as the contents of the file as a string.
The AES ecrypted string is decrypted then parsed and then stored in the variable that is used to access the contents.
The AES encrypted string is stored in a variable name in the format Host_Username. Example: localhost_test_user1 = "AES Encrypted Data"
--> Data in decrypted form for two test users(in separate hosts) has been added in files.json
NOTE : One may change the structure to suit their uses BUT all scripts are written to suit this particular format of storage.
Adding new users(Pre defined) :
To add new users, you may use the provided hash_generator.html to generate the required hash and store it in hashed variable(defined in index.html) with the key as the username and the hash as the value to that key.
Commands :
Now that you have the knowledge of its working, let us look at some of the commands availible:
-
su [username] : This command is used to login to a user. After entering, say "su User1", it prompts you for the password of that user, if the password is successfully authenticated it decrypts the data of that user and stores it in a variable.
-
ls [al, td] : This command is used to list all the directories, sub directories and all the files of that user with respect to that directory and on the basis of argument provided. "al" lists all of the directories, subdirectories and files till no more sub directories remain(considering the current working directory as the top level directory. "td" enlists only the contents of the current working directory, without expanding into the subdirectory of the current working directory.
-
cd [dir] : This command is used to change the current working directory. If ".." is used, it goes the parent directory. If no value is provided, it goes the home directory of the user. Otherwise, it goes to the subdirectory provided its present in the current working directory.
-
getcwd : Returns the current working directory.
-
cat [file_name] : Catenates the content of the given file provided its present in the current working directory.
-
mkdir [directory_name] : Creates a directory in the current working directory. Note : None of the new directories made with this command will be retained when the window/tab is refreshed, other than the ones pre-made.
-
touch [file_name] : Creates a (txt only yet) file in the current working directory. This command automatically adds
.txtextension to the file name if not in the input. Note : None of the new files made with this command will be retained when the window/tab is refreshed, other than the ones pre-made. -
ssh [address] : Logs in to a user at a different host with the address in the form Username@Host. Default landing directory is the home directory for the user. Note : None of the new users made with this command will be retained when the window/tab is refreshed, other than the ones pre-made.
Test User(s) credentials : Host, Username, Password
- localhost, test_user1, testpassone
- host1, test_user2, testpasstwo