search

tiagorlampert / CHAOS

:fire: CHAOS is a free and open-source Remote Administration Tool that allow generate binaries to control remote operating systems.
MIT License
2.35k stars 522 forks source link

BUG #96

Closed djhons closed 1 year ago

djhons commented 2 years ago

After closing the browser and then opening chaos for a period of time, all clients will be disconnected.But I saw the request of the client on the server. image image

tiagorlampert commented 2 years ago

Hello @djhons,

I understand your doubt, in fact the client is trying to hit the server frequently to say that it is available and check if there is any pending command to execute. I will consider it as an improvement perhaps to implement this connection with a websocket to always keep an open connection between the two.

Let me know if that's what I understand.

Thanks for your feedback, as soon as I implement it I'll let you know.

djhons commented 2 years ago

Thank you for your project. I still have many ideas. I will also try to modify the code and open source, such as exiting the client, modifying the management path to improve security, and saving the results of executing commands to the database.

djhons commented 2 years ago

When browsing the directory, if there are utf8 characters, an error will occur, which can be solved by URLEncode。

tiagorlampert commented 2 years ago

Thank you for your project. I still have many ideas. I will also try to modify the code and open source, such as exiting the client, modifying the management path to improve security, and saving the results of executing commands to the database.

Seems like a good idea to persist command history.

tiagorlampert commented 2 years ago

When browsing the directory, if there are utf8 characters, an error will occur, which can be solved by URLEncode。

Could you provide an example or POC of how to reproduce the issue?

djhons commented 2 years ago

image This error is caused by btoa not supporting utf8. You can use URLEncode in JS and then use golang to decode。At the same time, I just found that domain names cannot be used as service addresses when generating cli

djhons commented 2 years ago

Thank you for your project. I still have many ideas. I will also try to modify the code and open source, such as exiting the client, modifying the management path to improve security, and saving the results of executing commands to the database.

Seems like a good idea to persist command history.

Looking forward to your update

tiagorlampert commented 2 years ago

When browsing the directory, if there are utf8 characters, an error will occur, which can be solved by URLEncode。

Hi @djhons

This bug has been fixed on the latest version. I appreciate if you could test.

Thanks for reporting it!