Plovie/universsh
Plovie/universsh
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Securely manage your server through a third-party web proxy.
1 commit 1 branch 0 tags 32 KiB
  • Python 100%
Find a file
Exact
Plovie 605e069bde Initial commit
2026-02-04 23:16:45 +08:00
client.py Initial commit 2026-02-04 23:16:45 +08:00
README.md Initial commit 2026-02-04 23:16:45 +08:00
server.py Initial commit 2026-02-04 23:16:45 +08:00
UNLICENSE Initial commit 2026-02-04 23:16:45 +08:00
utils.py Initial commit 2026-02-04 23:16:45 +08:00

README.md

Universsh

Securely manage your server through a third-party web proxy! (Because why not?)

Introduction

In succinct terms, Universsh is an intentionally designed backdoor protocol that utilizes HTTP to facilitate server management via query string parameters within GET requests. It incorporates end-to-end encryption (E2EE) and an anti-replay mechanism to safeguard the security and integrity of data transmission.

From time to time, you may want to manage your server without directly accessing it, and you want an approach as universal as possible. Maybe the connection to your server has become unstable, or you're often behind a school or corporate firewall, or perhaps you just want to be sneaky.

Even if all you have is a totally random, untrusted web proxy found on the Internet (which probably doesn't even support JavaScript), all hope is not lost, because that is enough for you to securely communicate with your server!

Requirements

  • Python (the cryptography package is required).

Configuration

Two Files: secret.key and prefix

As you can see, Universsh needs a secret.key in the project root to function correctly. Simply generate one with Fernet. The details are left as an exercise to the reader.

Another thing you need, also in the project root, is the prefix file, and this is what its content looks like:

https://somerandomproxy.com/proxy/index.php?http://yourserver.com:8080?

In this example, yourserver.com runs the Universsh service on port 8080, and the transparent proxy (provided by somerandomproxy.com) can be invoked like this: https://somerandomproxy.com/proxy/index.php?http://example.net/.

Usage

Keep server.py running on your server, and use client.py to run your commands. Examples below:

# Server-side (use `nohup` or whatever works to keep it running)
python3 server.py -p8080

# Client-side
python3 client.py 'echo hello, world'

How It Works

Let's quickly go through an example of how this works. Assuming it's Mon, 30 Jul 2035 15:04:54 GMT, and we want to get the current date from the server.

Client Sending Request

The client first concatenates the current Unix epoch and the command together:

2069420694date

Then it is encrypted using Fernet (with secret.key), resulting in, for example, ENCRYPTEDEPOCHANDCMD for simplicity. The content of prefix is then prepended, forming the URL:

https://somerandomproxy.com/proxy/index.php?http://yourserver.com?ENCRYPTEDEPOCHANDCMD

The request is then sent to somerandomproxy.com.

The Rest

You know what? I'm not going to explain the rest of the process because it's pretty straightforward, and the code already documents itself well. Plus, I don't think anyone even reads this documentation stupide et inutile.

Caveats

It's a convenient service to have; it functions, and it's supposedly safe and secure (yes, I've been using it myself). However, it's not thoroughly tested, and if anything bad happens, please don't ask me.

Also, you might have to restart the server from time to time since it can freeze for inexplicable reasons.

And make sure you don't run interactive programs that wait for input, for obvious reasons.