external/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-03-09 15:40:18 +00:00
Code Issues Releases Wiki Activity

Improved APF security using session cookies.

Browse source
This commit is contained in:
Ylian Saint-Hilaire 2020-10-22 15:10:39 -07:00
parent 5a3e68a935
commit c351923961
3 changed files with 36 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

8
agents/meshcore.js
View file

@ -1075,15 +1075,15 @@ function createMeshCore(agent) {
}
case 'amtconfig': {
// Perform Intel AMT activation and/or configuration
if ((apftunnel != null) || (amt == null)) break;
if ((apftunnel != null) || (amt == null) || (typeof data.user != 'string') || (typeof data.pass != 'string')) break;
getMeiState(15, function (state) {
if ((apftunnel != null) || (amt == null)) return;
if ((state == null) || (state.ProvisioningState == null)) return;
if ((state.UUID == null) || (state.UUID.length != 36)) return; // Bad UUID
var apfarg = {
mpsurl: mesh.ServerUrl.replace('agent.ashx', 'apf.ashx'),
mpsuser: Buffer.from(mesh.ServerInfo.MeshID, 'hex').toString('base64').substring(0, 16), // TODO: User a server provided encrypted cookie for CIRA-LMS login
mpspass: Buffer.from(mesh.ServerInfo.MeshID, 'hex').toString('base64').substring(0, 16),
mpsurl: mesh.ServerUrl.replace('/agent.ashx', '/apf.ashx'),
mpsuser: data.user, // Agent user name
mpspass: data.pass, // Encrypted login cookie
mpskeepalive: 60000,
clientname: state.OsHostname,
clientaddress: '127.0.0.1',