Comments (4)
IDM350 added a commit to IDM350/socket.io-computer that referenced this issue on Aug 5, 2015
Control mouse and keyboard access on server side (#8)
Not working with last updated files > delegated.js | emu.js | io.js | turn.js
node io.js
(getting error)
/var/www/html/socket.io-computer/delegated.js:27
module.exports = delegatedListeners;
^^^^^^
SyntaxError: Unexpected identifier
at Module._compile (module.js:439:25)
at Object.Module._extensions..js (module.js:474:10)
at Module.load (module.js:356:32)
at Function.Module._load (module.js:312:12)
at Module.require (module.js:364:17)
at require (module.js:380:17)
at Object. (/var/www/html/socket.io-computer/io.js:19:26)
at Module._compile (module.js:456:26)
at Object.Module._extensions..js (module.js:474:10)
at Module.load (module.js:356:32)
can you help me out to works? and how?
from socket.io-computer.
You can also send QEMU commands using a line less that's less then 17 characters. This can be very abusive, especially if one constantly sends a reset command to the system... I found this from looking at the code for 5 minutes. Cool application, but get some security on this.
from socket.io-computer.
As an example, when the client sends
io.emit("keydown", "\nreset_system");
the VM will reset. I think the QEMU keycode conversion should be done on
the server, or at least scrubbed to contain only valid sendkey stuff.
@yoshiandmario1 's and this issue are different vulnerabilities, but
they're closely related in that the clients are making more decisions than
they should.
On Wed, Mar 25, 2015 at 2:30 AM, yoshiandmario1 [email protected]
wrote:
You can also send QEMU commands using a line less that's less then 17
characters. This can be very abusive, especially if one constantly sends a
reset command to the system... I found this from looking at the code for 5
minutes. Cool application, but get some security on this.—
Reply to this email directly or view it on GitHub
#8 (comment)
.
from socket.io-computer.
Not to mention there are QEMU monitor commands to dump a portion of the VM's memory to a file. You can write an arbitrary file to the server this way if you load its contents to a known memory location in the guest operating system.
from socket.io-computer.
Related Issues (10)
- socket.computer isn't working HOT 1
- Failed install on win7 HOT 2
- Which version of nodejs should I use in Ubuntu? HOT 6
- Will it ever come back?
- "THE EMULATOR DIED" HOT 8
- Cannot find module 'browserify-middleware' on my mac air HOT 1
- Issue: abuse HOT 1
- socket.computer doesn't restore snapshots anymore. HOT 2
- Wrong JPEG library version: library is 80, caller expects 90
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from socket.io-computer.