-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbetterpulse.sh
executable file
·161 lines (131 loc) · 4.5 KB
/
betterpulse.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
#!/bin/bash
set -euo pipefail
# Constants
CONFIG_FILE="$HOME/.config/vpn_config.ini"
COOKIE_FILE="/tmp/cookievpn"
VPNC_SCRIPT="$PWD/vpnc-script"
PREFIX_FILE="$HOME/.mobilepassprefix"
# Function to read INI file
get_ini_value() {
local section=$1
local key=$2
sed -n "/^\[$section\]/,/^\[/p" "$CONFIG_FILE" | grep "^$key = " | head -n 1 | cut -d'=' -f2- | sed 's/^[ ]*//'
}
# Check if config file exists
if [ ! -f "$CONFIG_FILE" ]; then
echo "Configuration file not found at $CONFIG_FILE"
exit 1
fi
# Load configuration
VPN_HOST=$(get_ini_value "vpn" "host")
VPN_URL=$(get_ini_value "vpn" "url")
VPN_REALM=$(get_ini_value "vpn" "realm")
VPN_USER_AGENT=$(get_ini_value "vpn" "user_agent")
SSH_HOST=$(get_ini_value "ssh_tunnel" "host")
SSH_NS=$(get_ini_value "ssh_tunnel" "nameserver")
# Load routes from config
IFS=',' read -ra ROUTES_TO_REPLACE <<< "$(get_ini_value "routes" "routes_to_replace")"
export ROUTES_TO_REPLACE
# Save routes to temp file
echo "${ROUTES_TO_REPLACE[*]}" | tr ' ' '\n' > /tmp/vpn_routes
chmod 600 /tmp/vpn_routes
spinner() {
local pid=$1
local delay=0.1
local spinstr='|/-\'
while ps a | awk '{print $1}' | grep -q "$pid"; do
local temp=${spinstr#?}
printf " [%c] " "$spinstr"
local spinstr=$temp${spinstr%"$temp"}
sleep $delay
printf "\b\b\b\b\b\b"
done
printf " \b\b\b\b"
}
log() {
echo -e "\n🔔 [$(date '+%Y-%m-%d %H:%M:%S')] $1"
}
separator() {
echo -e "\n━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\n"
}
cleanup() {
separator
log "🧹 Cleaning up..."
if [[ -n "${PIDTOKILL:-}" ]]; then
sudo kill -SIGTERM "$PIDTOKILL" 2>/dev/null || true
fi
rm -f "$COOKIE_FILE"
rm -f /tmp/vpn_routes # Ajout de cette ligne
}
trap cleanup EXIT
echo -e "\n🚀 Starting VPN Connection Script"
separator
log "🌐 VPN URL = $VPN_URL"
if [ -f "$COOKIE_FILE" ]; then
log "🍪 Cookie file already exists. Using it to retrieve the DSID cookie"
else
# Get CUID from username
CUID=$(echo $USERNAME | tr '[:lower:]' '[:upper:]')
echo -e "\n🔑 Please enter your credentials:"
echo -n "Mobile pass token : "
# Get prefix from file
MOBILEPASSTOKEN_PREFIX=""
if [ -f "$PREFIX_FILE" ]; then
read -s MOBILEPASSTOKEN_PREFIX < "$PREFIX_FILE"
fi
read -s MOBILEPASSTOKEN
echo
separator
log "🔄 Getting DSID cookie..."
curl -L -v -k --cookie-jar "$COOKIE_FILE" "$VPN_URL" -X POST \
-H "User-Agent: $VPN_USER_AGENT" \
-H "Accept: $(get_ini_value "vpn" "accept")" \
-H "Accept-Language: $(get_ini_value "vpn" "accept_language")" \
-H "Accept-Encoding: $(get_ini_value "vpn" "accept_encoding")" \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H "Origin: $(get_ini_value "vpn" "origin")" \
-H 'Connection: keep-alive' \
-H "Referer: $VPN_URL" \
-H 'Upgrade-Insecure-Requests: 1' \
-H 'Sec-Fetch-Dest: document' \
-H 'Sec-Fetch-Mode: navigate' \
-H 'Sec-Fetch-Site: same-origin' \
-H 'Sec-Fetch-User: ?1' \
--data-raw "tz_offset=60&clientMAC=&username=$CUID&password=$MOBILEPASSTOKEN_PREFIX$MOBILEPASSTOKEN&realm=$VPN_REALM&btnSubmit=Se+connecter"
fi
separator
# Extract DSID from cookie file
DSID=$(grep DSID "$COOKIE_FILE" | awk -F' ' '{print $7}')
separator
log "🔌 Starting openconnect in background"
sudo openconnect -b --no-dtls --protocol=nc "$VPN_HOST" \
--force-dpd 5 --disable-ipv6 --timestamp \
--cookie="DSID=$DSID" \
--script="$VPNC_SCRIPT"
log "⏳ Waiting for connection..."
sleep 5 & spinner $!
log "✅ Connection established"
PIDTOKILL=$(pgrep openconnect)
log "📍 OpenConnect PID: $PIDTOKILL"
separator
if [ "${1:-}" == "noshuttle" ]; then
log "⏸️ Shuttle disabled, press Ctrl+C to exit"
read -r -d '' _ </dev/tty
else
log "🚇 Starting sshuttle"
# Build network arguments
network_args=()
# Include networks
IFS=',' read -ra NETWORKS <<< "$(get_ini_value "ssh_tunnel" "networks_include")"
for network in "${NETWORKS[@]}"; do
network_args+=("$(echo "$network" | tr -d ' ')")
done
# Exclude networks
IFS=',' read -ra EXCLUDED <<< "$(get_ini_value "ssh_tunnel" "networks_exclude")"
for network in "${EXCLUDED[@]}"; do
network_args+=("-x" "$(echo "$network" | tr -d ' ')")
done
sshuttle -v -N --ns-hosts="$SSH_NS" \
-r "$USER@$SSH_HOST" \
"${network_args[@]}"
fi