#!/usr/bin/env python3 import os import sys import subprocess import tempfile import shutil import time import socket import json import re # load le config file (edit this to your needs) CONFIG_FILE = "/home/crt/helper-emailproxy/config/config.env" def load_config(): """Load configuration from the environment file.""" config = {} with open(CONFIG_FILE, "r") as f: for line in f: # dont read comments or empty lines perhaps if line.strip().startswith("#") or "=" not in line: continue key, value = line.strip().split("=", 1) config[key.strip()] = value.strip() return config def create_temp_config(auth_base_config, imap_port, smtp_port): """Create a temporary configuration file for the session.""" temp_dir = tempfile.mkdtemp() temp_config_path = os.path.join(temp_dir, "emailproxy-auth-temp.config") with open(auth_base_config, "r") as base_config, open(temp_config_path, "w") as temp_config: for line in base_config: temp_config.write( line.replace("IMAP-2993", f"IMAP-{imap_port}") .replace("SMTP-2465", f"SMTP-{smtp_port}") ) return temp_config_path, temp_dir def launch_emailproxy(temp_config_path, emailproxy_exec): """Launch the emailproxy with the temporary configuration.""" # launch a temporary emailproxy process for getting 2fa piss token config = load_config() log_file = config.get("EMAILPROXY_LOG_FILE", "/tmp/emailproxy.log") print(f"[+] Starting temporary emailproxy, writing output to {log_file}") working_dir = os.path.dirname(emailproxy_exec) if "/" in emailproxy_exec else os.getcwd() cmd = f"stdbuf -oL {emailproxy_exec} --config-file '{temp_config_path}' --no-gui --external-auth" # this is a security risk, but we need to write the piss token to one file for php to read it because i am dumb with open(log_file, "a") as lf: proc = subprocess.Popen( cmd, shell=True, cwd=working_dir, stdin=subprocess.PIPE, stdout=lf, # thanks ai for fixing my crap stderr=lf, # same here text=True ) # return the process return proc def validate_new_user(temp_config_path, email): """Check if a new user was successfully added to the temporary config.""" if not os.path.exists(temp_config_path): return False with open(temp_config_path, "r") as temp_config: return f"[{email}]" in temp_config.read() def merge_configs(main_config_path, temp_config_path): """Merge the new user configuration into the main config.""" with open(main_config_path, "r") as main_config: main_config_content = main_config.read() # ocd newline check ensure_newline = "" if main_config_content.endswith("\n") else "\n" with open(temp_config_path, "r") as temp_config: temp_config_content = temp_config.read() # get new successful users from temp config user_sections = [] current_section = [] in_user_section = False for line in temp_config_content.splitlines(): if line.startswith("[") and "@" in line: if current_section: # i am bad at python user_sections.append("\n".join(current_section)) current_section = [] in_user_section = True current_section.append(line) elif line.startswith("["): in_user_section = False current_section = [] elif in_user_section: current_section.append(line) # add the last user section because thats 99% of the time what we want if current_section and in_user_section: user_sections.append("\n".join(current_section)) # maybe dont create conflicts yk (send help) merged_any = False for user_section in user_sections: user_email = user_section.split("[", 1)[1].split("]", 1)[0] if f"[{user_email}]" in main_config_content: print(f"[!] User {user_email} already exists in the main config. Skipping merge.") continue # append new user and ENSURE NEW LINE I HATE GRUSSIGI CONFIG !!! with open(main_config_path, "a") as main_config: main_config.write(f"{ensure_newline}\n{user_section}\n") # mmm emailproxy deletes config and replaces with its cached one when stopped so uhm yeah this is here for that main_config.flush() os.fsync(main_config.fileno()) print(f"[+] Successfully added {user_email} to the main config.") merged_any = True return merged_any def restart_main_proxy(emailproxy_exec, emailproxy_config, working_dir, log_file, debug): """Restart the main emailproxy process.""" print("[+] Stopping the current emailproxy process...") # kill it with fire kill_cmd = f"pkill -f '{emailproxy_exec} --config-file {emailproxy_config}'" subprocess.run(kill_cmd, shell=True) # make sure the process burnt alive and died time.sleep(2) # return before starting the new one return working_dir, log_file, debug # thenks ai for fixing ! def handle_new_user(email, imap_port, smtp_port, emailproxy_exec, auth_base_config): """Handle a new user authentication request.""" temp_config_path, temp_dir = create_temp_config(auth_base_config, imap_port, smtp_port) try: # launch temp emailproxy print(f"[+] Launching temporary emailproxy for {email} on ports IMAP:{imap_port}, SMTP:{smtp_port}") temp_proxy_proc = launch_emailproxy(temp_config_path, emailproxy_exec) # gibs returned values for php return temp_config_path, temp_dir, temp_proxy_proc except Exception as e: print(f"[!] Error launching temporary emailproxy: {e}") shutil.rmtree(temp_dir) return None, None, None def start_command_server(): """Start a socket server to receive commands from PHP.""" server_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) server_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) server_socket.bind(('localhost', COMMAND_PORT)) server_socket.listen(5) return server_socket # security risk most likely <3 i love it def remove_user_from_config(config_file, email): """Remove a user section from the config file.""" if not os.path.exists(config_file): return False with open(config_file, "r") as f: content = f.read() # thanks ai for the regex pattern = r'\[' + re.escape(email) + r'\].*?(?=\n\[|\Z)' new_content = re.sub(pattern, '', content, flags=re.DOTALL) # ICH HASSE GRUSSIGI CONFIG new_content = re.sub(r'\n\n\n+', '\n\n', new_content) # updaten das filet with open(config_file, "w") as f: f.write(new_content) f.flush() os.fsync(f.fileno()) print(f"[+] Successfully removed user {email} from the config.") return True def main(): """Main function to handle the authentication process.""" config = load_config() # load em vars yehea boi emailproxy_exec = config.get("EMAILPROXY_EXECUTABLE", "emailproxy") main_config = config.get("EMAILPROXY_CONFIG_FILE", "/home/crt/helper-emailproxy/config/emailproxy.config") auth_base_config = config.get("EMAILPROXY_AUTH_CONFIG", "/home/crt/helper-emailproxy/config/emailproxy-auth.config") log_file = config.get("EMAILPROXY_LOG_FILE", "/tmp/emailproxy.log") command_port = int(config.get("COMMAND_PORT", "8765")) # get da working dir working_dir = os.path.dirname(emailproxy_exec) if "/" in emailproxy_exec else os.getcwd() # launch main proxii print("[+] Launching the main emailproxy process...") cmd = f"stdbuf -oL {emailproxy_exec} --config-file '{main_config}' --no-gui" # commadn line debug (sorry for the mess below emailproxy was acting weird) debug = "--debug" in sys.argv if debug: main_proxy_proc = subprocess.Popen( cmd, shell=True, cwd=working_dir, stdin=subprocess.PIPE, stdout=sys.stdout, stderr=sys.stderr, text=True ) else: with open(log_file, "a") as lf: main_proxy_proc = subprocess.Popen( cmd, shell=True, cwd=working_dir, stdin=subprocess.PIPE, stdout=lf, stderr=lf, text=True ) print(f"[+] emailproxy started with PID {main_proxy_proc.pid}") # maybe benutzi machi das richtigi porti server_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) server_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) server_socket.bind(('localhost', command_port)) server_socket.listen(5) print(f"[+] Command server started on port {command_port}, waiting for commands...") active_sessions = {} # store active sessions for cleanup so no mess and stinky try: while True: # accept le connections from PHP <3 client_socket, address = server_socket.accept() data = client_socket.recv(4096).decode('utf-8') try: command = json.loads(data) cmd_type = command.get("type") if cmd_type == "new_user": # thanks ai for fixing my crap email = command.get("email", "") imap_port = int(command.get("imap_port", 2993)) smtp_port = int(command.get("smtp_port", 2465)) session_id = command.get("session_id") temp_config_path, temp_dir, temp_proc = handle_new_user( email, imap_port, smtp_port, emailproxy_exec, auth_base_config ) if temp_config_path: active_sessions[session_id] = (temp_config_path, temp_dir, temp_proc) client_socket.send(json.dumps({"success": True}).encode('utf-8')) else: client_socket.send(json.dumps({"success": False, "error": "Failed to start temporary proxy"}).encode('utf-8')) elif cmd_type == "check_auth": # check if the user was successfully added to the temporary config session_id = command.get("session_id") email = command.get("email") if session_id in active_sessions: temp_config_path, _, _ = active_sessions[session_id] success = validate_new_user(temp_config_path, email) client_socket.send(json.dumps({"success": success}).encode('utf-8')) else: client_socket.send(json.dumps({"success": False, "error": "Invalid session"}).encode('utf-8')) elif cmd_type == "merge_config": # merge the config and brutally restart the proxy (bad bad bad but works so so yeah uhm idk) session_id = command.get("session_id") if session_id in active_sessions: temp_config_path, temp_dir, temp_proc = active_sessions[session_id] # murder temp if temp_proc and temp_proc.poll() is None: temp_proc.terminate() temp_proc.wait(timeout=5) # stop main proxy working_dir, log_file, debug = restart_main_proxy(emailproxy_exec, main_config, working_dir, log_file, debug) # merge while stopped print("[+] Merging configuration files...") merge_success = merge_configs(main_config, temp_config_path) # revive again print("[+] Starting a new emailproxy process...") cmd = f"stdbuf -oL {emailproxy_exec} --config-file '{main_config}' --no-gui" if debug: main_proxy_proc = subprocess.Popen( cmd, shell=True, cwd=working_dir, stdin=subprocess.PIPE, stdout=sys.stdout, stderr=sys.stderr, text=True ) else: with open(log_file, "a") as lf: main_proxy_proc = subprocess.Popen( cmd, shell=True, cwd=working_dir, stdin=subprocess.PIPE, stdout=lf, stderr=lf, text=True ) print(f"[+] New emailproxy process started with PID {main_proxy_proc.pid}") # no more temp shutil.rmtree(temp_dir) del active_sessions[session_id] client_socket.send(json.dumps({"success": merge_success}).encode('utf-8')) else: client_socket.send(json.dumps({"success": False, "error": "Invalid session"}).encode('utf-8')) elif cmd_type == "cleanup": # clean up abandoned fatherless session (sad violin) session_id = command.get("session_id") if session_id in active_sessions: _, temp_dir, temp_proc = active_sessions[session_id] # more murdering of the orphans if temp_proc and temp_proc.poll() is None: temp_proc.terminate() temp_proc.wait(timeout=5) # hide the bodies shutil.rmtree(temp_dir) del active_sessions[session_id] client_socket.send(json.dumps({"success": True}).encode('utf-8')) else: client_socket.send(json.dumps({"success": False, "error": "Invalid session"}).encode('utf-8')) elif cmd_type == "redirect_url": # process the actual redirect url session_id = command.get("session_id") email = command.get("email") redirect_url = command.get("redirect_url") if session_id in active_sessions: temp_config_path, temp_dir, temp_proc = active_sessions[session_id] print(f"[+] Received redirect URL for {email}") if temp_proc and temp_proc.poll() is None: try: # canz we haz writez? if temp_proc.stdin: temp_proc.stdin.write(redirect_url + "\n") temp_proc.stdin.flush() time.sleep(5) # oop wait a bit for the process # ignoring the problems just like irl and trying again success = False for _ in range(3): if validate_new_user(temp_config_path, email): success = True break time.sleep(2) client_socket.send(json.dumps({"success": success}).encode('utf-8')) else: client_socket.send(json.dumps({"success": False, "error": "Process stdin not available"}).encode('utf-8')) except Exception as e: print(f"[!] Error sending redirect URL: {e}") client_socket.send(json.dumps({"success": False, "error": str(e)}).encode('utf-8')) else: client_socket.send(json.dumps({"success": False, "error": "Temporary process not running"}).encode('utf-8')) else: client_socket.send(json.dumps({"success": False, "error": "Invalid session"}).encode('utf-8')) elif cmd_type == "remove_user": # remove a user from the main config email = command.get("email") if not email: client_socket.send(json.dumps({"success": False, "error": "Email address required"}).encode('utf-8')) continue # stop the main proxy before removing the user working_dir, log_file, debug = restart_main_proxy(emailproxy_exec, main_config, working_dir, log_file, debug) # tschau tschau user print(f"[+] Removing user {email} from configuration...") remove_success = remove_user_from_config(main_config, email) # prxi is back print("[+] Starting a new emailproxy process...") cmd = f"stdbuf -oL {emailproxy_exec} --config-file '{main_config}' --no-gui" if debug: main_proxy_proc = subprocess.Popen( cmd, shell=True, cwd=working_dir, stdin=subprocess.PIPE, stdout=sys.stdout, stderr=sys.stderr, text=True ) else: with open(log_file, "a") as lf: main_proxy_proc = subprocess.Popen( cmd, shell=True, cwd=working_dir, stdin=subprocess.PIPE, stdout=lf, stderr=lf, text=True ) print(f"[+] New emailproxy process started with PID {main_proxy_proc.pid}") client_socket.send(json.dumps({"success": remove_success}).encode('utf-8')) else: client_socket.send(json.dumps({"success": False, "error": "Unknown command"}).encode('utf-8')) except json.JSONDecodeError: client_socket.send(json.dumps({"success": False, "error": "Invalid JSON"}).encode('utf-8')) except Exception as e: client_socket.send(json.dumps({"success": False, "error": str(e)}).encode('utf-8')) finally: client_socket.close() # apparently we need to clean up the mess (thanks ai) current_time = time.time() timed_out_sessions = [] for session_id, (_, temp_dir, temp_proc) in active_sessions.items(): session_time = int(session_id.split('_')[0]) if current_time - session_time > 300: # 5 mins if temp_proc and temp_proc.poll() is None: temp_proc.terminate() temp_proc.wait(timeout=5) shutil.rmtree(temp_dir) timed_out_sessions.append(session_id) for session_id in timed_out_sessions: del active_sessions[session_id] print(f"[!] Session {session_id} timed out and was cleaned up.") except KeyboardInterrupt: print("[!] Shutting down...") finally: # bye bye sessions for session_id, (_, temp_dir, temp_proc) in active_sessions.items(): if temp_proc and temp_proc.poll() is None: temp_proc.terminate() temp_proc.wait(timeout=5) shutil.rmtree(temp_dir) # bye bye main proxy if main_proxy_proc.poll() is None: main_proxy_proc.terminate() main_proxy_proc.wait(timeout=5) print("[+] All processes terminated and temporary files probably cleaned up.") if __name__ == "__main__": main()