external/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-02-12 11:01:52 +00:00
Code Issues Releases Wiki Activity

Improved SSH/FTP/RDP event logs, #3679

Browse source
This commit is contained in:
Ylian Saint-Hilaire 2022-02-22 10:56:45 -08:00
parent 00ac01f6f4
commit 4b4419f581
2 changed files with 54 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

54
apprelays.js
View file

@ -61,11 +61,12 @@ module.exports.CreateMstscRelay = function (parent, db, ws, req, args, domain) {
var inTraffc = obj.ws._socket.bytesRead, outTraffc = obj.ws._socket.bytesWritten; var inTraffc = obj.ws._socket.bytesRead, outTraffc = obj.ws._socket.bytesWritten;
if (obj.wsClient != null) { inTraffc += obj.wsClient._socket.bytesRead; outTraffc += obj.wsClient._socket.bytesWritten; } if (obj.wsClient != null) { inTraffc += obj.wsClient._socket.bytesRead; outTraffc += obj.wsClient._socket.bytesWritten; }
const sessionSeconds = Math.round((Date.now() - obj.startTime) / 1000); const sessionSeconds = Math.round((Date.now() - obj.startTime) / 1000);
var user = parent.users[obj.cookie.userid]; const user = parent.users[obj.cookie.userid];
var username = (user != null) ? user.name : null; const username = (user != null) ? user.name : null;e
var event = { etype: 'relay', action: 'relaylog', domain: domain.id, nodeid: obj.nodeid, userid: obj.cookie.userid, username: username, msgid: 125, msgArgs: [sessionSeconds], msg: "Left Web-RDP session after " + sessionSeconds + " second(s).", protocol: PROTOCOL_WEBRDP, bytesin: inTraffc, bytesout: outTraffc }; const event = { etype: 'relay', action: 'relaylog', domain: domain.id, nodeid: obj.nodeid, userid: obj.cookie.userid, username: username, sessionid: obj.sessionid, msgid: 125, msgArgs: [sessionSeconds, obj.sessionid], msg: "Left Web-RDP session \"" + obj.sessionid + "\" after " + sessionSeconds + " second(s).", protocol: PROTOCOL_WEBRDP, bytesin: inTraffc, bytesout: outTraffc };
parent.parent.DispatchEvent(['*', obj.nodeid, obj.cookie.userid, obj.meshid], obj, event); parent.parent.DispatchEvent(['*', obj.nodeid, obj.cookie.userid, obj.meshid], obj, event);
delete obj.startTime; delete obj.startTime;
delete obj.sessionid;
} }
if (obj.wsClient) { obj.wsClient.close(); delete obj.wsClient; } if (obj.wsClient) { obj.wsClient.close(); delete obj.wsClient; }
@ -140,7 +141,16 @@ module.exports.CreateMstscRelay = function (parent, db, ws, req, args, domain) {
}).on('connect', function () { }).on('connect', function () {
send(['rdp-connect']); send(['rdp-connect']);
if ((typeof obj.infos.options == 'object') && (obj.infos.options.savepass == true)) { saveRdpCredentials(); } // Save the credentials if needed if ((typeof obj.infos.options == 'object') && (obj.infos.options.savepass == true)) { saveRdpCredentials(); } // Save the credentials if needed
obj.sessionid = Buffer.from(parent.crypto.randomBytes(9), 'binary').toString('base64');
obj.startTime = Date.now(); obj.startTime = Date.now();
// Event session start
try {
const user = parent.users[obj.cookie.userid];
const username = (user != null) ? user.name : null;
const event = { etype: 'relay', action: 'relaylog', domain: domain.id, nodeid: obj.nodeid, userid: obj.cookie.userid, username: username, sessionid: obj.sessionid, msgid: 150, msgArgs: [obj.sessionid], msg: "Started Web-RDP session \"" + obj.sessionid + "\".", protocol: PROTOCOL_WEBRDP };
parent.parent.DispatchEvent(['*', obj.nodeid, obj.cookie.userid, obj.meshid], obj, event);
} catch (ex) { console.log(ex); }
}).on('bitmap', function (bitmap) { }).on('bitmap', function (bitmap) {
try { ws.send(bitmap.data); } catch (ex) { } // Send the bitmap data as binary try { ws.send(bitmap.data); } catch (ex) { } // Send the bitmap data as binary
delete bitmap.data; delete bitmap.data;
@ -287,11 +297,12 @@ module.exports.CreateSshRelay = function (parent, db, ws, req, args, domain) {
var inTraffc = obj.ws._socket.bytesRead, outTraffc = obj.ws._socket.bytesWritten; var inTraffc = obj.ws._socket.bytesRead, outTraffc = obj.ws._socket.bytesWritten;
if (obj.wsClient != null) { inTraffc += obj.wsClient._socket.bytesRead; outTraffc += obj.wsClient._socket.bytesWritten; } if (obj.wsClient != null) { inTraffc += obj.wsClient._socket.bytesRead; outTraffc += obj.wsClient._socket.bytesWritten; }
const sessionSeconds = Math.round((Date.now() - obj.startTime) / 1000); const sessionSeconds = Math.round((Date.now() - obj.startTime) / 1000);
var user = parent.users[obj.cookie.userid]; const user = parent.users[obj.cookie.userid];
var username = (user != null) ? user.name : null; const username = (user != null) ? user.name : null;
var event = { etype: 'relay', action: 'relaylog', domain: domain.id, nodeid: obj.nodeid, userid: obj.cookie.userid, username: username, msgid: 123, msgArgs: [sessionSeconds], msg: "Left Web-SSH session after " + sessionSeconds + " second(s).", protocol: PROTOCOL_WEBSSH, bytesin: inTraffc, bytesout: outTraffc }; const event = { etype: 'relay', action: 'relaylog', domain: domain.id, nodeid: obj.nodeid, userid: obj.cookie.userid, username: username, sessionid: obj.sessionid, msgid: 123, msgArgs: [sessionSeconds, obj.sessionid], msg: "Left Web-SSH session \"" + obj.sessionid + "\" after " + sessionSeconds + " second(s).", protocol: PROTOCOL_WEBSSH, bytesin: inTraffc, bytesout: outTraffc };
parent.parent.DispatchEvent(['*', obj.nodeid, obj.cookie.userid, obj.meshid], obj, event); parent.parent.DispatchEvent(['*', obj.nodeid, obj.cookie.userid, obj.meshid], obj, event);
delete obj.startTime; delete obj.startTime;
delete obj.sessionid;
} }
if (obj.sshShell) { if (obj.sshShell) {
@ -384,8 +395,17 @@ module.exports.CreateSshRelay = function (parent, db, ws, req, args, domain) {
obj.sshClient.on('ready', function () { // Authentication was successful. obj.sshClient.on('ready', function () { // Authentication was successful.
// If requested, save the credentials // If requested, save the credentials
if (obj.keep === true) saveSshCredentials(); if (obj.keep === true) saveSshCredentials();
obj.sessionid = Buffer.from(parent.crypto.randomBytes(9), 'binary').toString('base64');
obj.startTime = Date.now(); obj.startTime = Date.now();
// Event start of session
try {
const user = parent.users[obj.cookie.userid];
const username = (user != null) ? user.name : null;
const event = { etype: 'relay', action: 'relaylog', domain: domain.id, nodeid: obj.nodeid, userid: user._id, username: user.name, msgid: 148, msgArgs: [obj.sessionid], msg: "Started Web-SSH session \"" + obj.sessionid + "\".", protocol: PROTOCOL_WEBSSH };
parent.parent.DispatchEvent(['*', obj.nodeid, user._id, obj.meshid], obj, event);
} catch (ex) { console.log(ex); }
obj.sshClient.shell(function (err, stream) { // Start a remote shell obj.sshClient.shell(function (err, stream) { // Start a remote shell
if (err) { obj.close(); return; } if (err) { obj.close(); return; }
obj.sshShell = stream; obj.sshShell = stream;
@ -550,9 +570,10 @@ module.exports.CreateSshTerminalRelay = function (parent, db, ws, req, domain, u
var inTraffc = obj.ws._socket.bytesRead, outTraffc = obj.ws._socket.bytesWritten; var inTraffc = obj.ws._socket.bytesRead, outTraffc = obj.ws._socket.bytesWritten;
if (obj.wsClient != null) { inTraffc += obj.wsClient._socket.bytesRead; outTraffc += obj.wsClient._socket.bytesWritten; } if (obj.wsClient != null) { inTraffc += obj.wsClient._socket.bytesRead; outTraffc += obj.wsClient._socket.bytesWritten; }
const sessionSeconds = Math.round((Date.now() - obj.startTime) / 1000); const sessionSeconds = Math.round((Date.now() - obj.startTime) / 1000);
var event = { etype: 'relay', action: 'relaylog', domain: domain.id, nodeid: obj.nodeid, userid: user._id, username: user.name, msgid: 123, msgArgs: [sessionSeconds], msg: "Left Web-SSH session after " + sessionSeconds + " second(s).", protocol: PROTOCOL_WEBSSH, bytesin: inTraffc, bytesout: outTraffc }; const event = { etype: 'relay', action: 'relaylog', domain: domain.id, nodeid: obj.nodeid, userid: user._id, username: user.name, msgid: 123, msgArgs: [sessionSeconds, obj.sessionid], msg: "Left Web-SSH session \"" + obj.sessionid + "\" after " + sessionSeconds + " second(s).", protocol: PROTOCOL_WEBSSH, bytesin: inTraffc, bytesout: outTraffc };
parent.parent.DispatchEvent(['*', obj.nodeid, user._id, obj.meshid], obj, event); parent.parent.DispatchEvent(['*', obj.nodeid, user._id, obj.meshid], obj, event);
delete obj.startTime; delete obj.startTime;
delete obj.sessionid;
} }
if (obj.sshShell) { if (obj.sshShell) {
@ -641,8 +662,17 @@ module.exports.CreateSshTerminalRelay = function (parent, db, ws, req, domain, u
obj.sshClient.on('ready', function () { // Authentication was successful. obj.sshClient.on('ready', function () { // Authentication was successful.
// If requested, save the credentials // If requested, save the credentials
if (obj.keep === true) saveSshCredentials(); if (obj.keep === true) saveSshCredentials();
obj.sessionid = Buffer.from(parent.crypto.randomBytes(9), 'binary').toString('base64');
obj.startTime = Date.now(); obj.startTime = Date.now();
try {
// Event start of session
const event = { etype: 'relay', action: 'relaylog', domain: domain.id, nodeid: obj.nodeid, userid: user._id, username: user.name, msgid: 148, msgArgs: [obj.sessionid], msg: "Started Web-SSH session \"" + obj.sessionid + "\".", protocol: PROTOCOL_WEBSSH };
parent.parent.DispatchEvent(['*', obj.nodeid, user._id, obj.meshid], obj, event);
} catch (ex) {
console.log(ex);
}
obj.sshClient.shell(function (err, stream) { // Start a remote shell obj.sshClient.shell(function (err, stream) { // Start a remote shell
if (err) { obj.close(); return; } if (err) { obj.close(); return; }
obj.sshShell = stream; obj.sshShell = stream;
@ -839,9 +869,10 @@ module.exports.CreateSshFilesRelay = function (parent, db, ws, req, domain, user
var inTraffc = obj.ws._socket.bytesRead, outTraffc = obj.ws._socket.bytesWritten; var inTraffc = obj.ws._socket.bytesRead, outTraffc = obj.ws._socket.bytesWritten;
if (obj.wsClient != null) { inTraffc += obj.wsClient._socket.bytesRead; outTraffc += obj.wsClient._socket.bytesWritten; } if (obj.wsClient != null) { inTraffc += obj.wsClient._socket.bytesRead; outTraffc += obj.wsClient._socket.bytesWritten; }
const sessionSeconds = Math.round((Date.now() - obj.startTime) / 1000); const sessionSeconds = Math.round((Date.now() - obj.startTime) / 1000);
var event = { etype: 'relay', action: 'relaylog', domain: domain.id, nodeid: obj.nodeid, userid: user._id, username: user.name, msgid: 124, msgArgs: [sessionSeconds], msg: "Left Web-SFTP session after " + sessionSeconds + " second(s).", protocol: PROTOCOL_WEBSFTP, bytesin: inTraffc, bytesout: outTraffc }; const event = { etype: 'relay', action: 'relaylog', domain: domain.id, nodeid: obj.nodeid, userid: user._id, username: user.name, sessionid: obj.sessionid, msgid: 124, msgArgs: [sessionSeconds, obj.sessionid], msg: "Left Web-SFTP session \"" + obj.sessionid + "\" after " + sessionSeconds + " second(s).", protocol: PROTOCOL_WEBSFTP, bytesin: inTraffc, bytesout: outTraffc };
parent.parent.DispatchEvent(['*', obj.nodeid, user._id, obj.meshid], obj, event); parent.parent.DispatchEvent(['*', obj.nodeid, user._id, obj.meshid], obj, event);
delete obj.startTime; delete obj.startTime;
delete obj.sessionid;
} }
if (obj.sshClient) { if (obj.sshClient) {
@ -923,8 +954,15 @@ module.exports.CreateSshFilesRelay = function (parent, db, ws, req, domain, user
obj.sshClient.on('ready', function () { // Authentication was successful. obj.sshClient.on('ready', function () { // Authentication was successful.
// If requested, save the credentials // If requested, save the credentials
if (obj.keep === true) saveSshCredentials(); if (obj.keep === true) saveSshCredentials();
obj.sessionid = Buffer.from(parent.crypto.randomBytes(9), 'binary').toString('base64');
obj.startTime = Date.now(); obj.startTime = Date.now();
// Event start of session
try {
const event = { etype: 'relay', action: 'relaylog', domain: domain.id, nodeid: obj.nodeid, userid: user._id, username: user.name, msgid: 149, msgArgs: [obj.sessionid], msg: "Started Web-SFTP session \"" + obj.sessionid + "\".", protocol: PROTOCOL_WEBSFTP };
parent.parent.DispatchEvent(['*', obj.nodeid, user._id, obj.meshid], obj, event);
} catch (ex) { console.log(ex); }
obj.sshClient.sftp(function(err, sftp) { obj.sshClient.sftp(function(err, sftp) {
if (err) { obj.close(); return; } if (err) { obj.close(); return; }
obj.connected = true; obj.connected = true;

12
views/default.handlebars
View file

@ -13465,9 +13465,9 @@
120: "Started local relay session \"{0}\", protocol {1} to {2}", 120: "Started local relay session \"{0}\", protocol {1} to {2}",
121: "Ended local relay session \"{0}\", protocol {1} to {2}, {3} second(s)", 121: "Ended local relay session \"{0}\", protocol {1} to {2}, {3} second(s)",
122: "Left the desktop multiplex session after {0} second(s).", // No longer in use, replaced with 144 122: "Left the desktop multiplex session after {0} second(s).", // No longer in use, replaced with 144
123: "Left Web-SSH session after {0} second(s).", 123: "Left Web-SSH session \"{1}\" after {0} second(s).",
124: "Left Web-SFTP session after {0} second(s).", 124: "Left Web-SFTP session \"{1}\" after {0} second(s).",
125: "Left Web-RDP session after {0} second(s).", 125: "Left Web-RDP session \"{1}\" after {0} second(s).",
126: "Left Web-VNC session after {0} second(s).", 126: "Left Web-VNC session after {0} second(s).",
127: "Changed account display name to {0}.", 127: "Changed account display name to {0}.",
128: "Account created, name is {0}.", 128: "Account created, name is {0}.",
@ -13489,7 +13489,11 @@
144: "Left the desktop multiplex session \"{0}\" after {1} second(s).", 144: "Left the desktop multiplex session \"{0}\" after {1} second(s).",
145: "Started desktop multiplex session \"{0}\"", 145: "Started desktop multiplex session \"{0}\"",
146: "Finished recording session \"{0}\", {1} second(s)", 146: "Finished recording session \"{0}\", {1} second(s)",
147: "Closed desktop multiplex session \"{0}\", {1} second(s)" 147: "Closed desktop multiplex session \"{0}\", {1} second(s)",
148: "Started Web-SSH session \"{0}\".",
149: "Started Web-SFTP session \"{0}\".",
150: "Started Web-RDP session \"{0}\".",
151: "Started Web-VNC session \"{0}\"." // Not in use yet
}; };
var eventsShortMessageId = { var eventsShortMessageId = {