Googled alot, Still can't find an answer, Need some help..

O

Orsenfelt

n00b
Joined
Apr 26, 2006
Messages
25
Well, Basically.. I run several game servers. They are not always up and I am not always here to put them up. However I do have good friends who are around.

What I want to do is this:
Create a simple webpage that people can log into. From that webpage they can launch the game servers on the server PC. How possible is this without giving them complete access via the likes of VNC?

Is there some kind of RUN code for HTML? Lol. So I can have a link, when that link is clicked it will launch a .exe file on the server PC.

How would I go about doing this? I have googled and googled and I have no real idea what I should be searching for. ANY help is much appreciated :D

Regards,
Orsen.
 
So you want to create a web page that will run a .exe file?
 
Many languages (php for instance) have a function often called "system" which will create and execute a new process. This is likely what you will want to use.

However, if you have terminal access, then it's probably simpler just to log in remotely and launch the process.
 
It's nearly impossible to do so without opening up vulnerabilities.
What os is your servers running? linux?

Easiest way is to maybe run them via shell commands.
Or you can execute it via Java RMI

There is no way to perform such task in plain HTML.
You will need to utilize such languages as Java.
 
Vulnerabilities I can live with, I should think.

Very few people are going to know this page exists, Let alone have the details to access it.

I'd like to avoid any kind of remote desktop, I know it would be the easiest to set up but the people using it are not the most tech savvy people around. It would be much easier just to have a big button that they click and that is it.

The Server runs 2003 Enterprise right now. I am willing to change to Linux however if it's easier. The server is for a fairly large gaming clan, It doesn't have to be up all the time right now, I have a bit of time to mess around and figure out what works best kind of thing.
 
I wouldn't worry about vulnerabilities myself. It's pretty easy to password protect the site, and run it through SSL.

As far as I understand Windows server offers terminal services as well as Linux, so the OS probably isn't an issue if you decide to go that route.
 
Writing such application to perform a task of that sort will not be so easy.
Are you familiar with programming?

If you have specific questions you'd like to ask, try expertsexchange.
I've always gotten most of my questions answered there.
 
security by obscurity is anything but.

i would be VERY hesitant to do what you want to do. you stand to lose a lot more than your server's files if you aren't careful. it would be very inconvenient to be sued for hosting an illegal service or performing illegal actions from a server that you didn't even know had security problems -or worse, knew it had security problems but didn't care.
 
nameless_centurian said:
security by obscurity is anything but.

i would be VERY hesitant to do what you want to do. you stand to lose a lot more than your server's files if you aren't careful. it would be very inconvenient to be sued for hosting an illegal service or performing illegal actions from a server that you didn't even know had security problems -or worse, knew it had security problems but didn't care.
Click to expand...

Awesome rig dude.
 
enyceexdanny said:
Writing such application to perform a task of that sort will not be so easy.
Are you familiar with programming?

If you have specific questions you'd like to ask, try expertsexchange.
I've always gotten most of my questions answered there.
Click to expand...
Not overly, Not to the extent I'd feel comfortable writing such a thing. I was hoping there would be an easy solution, Maybe an application I could run..

I mean, I'm willing to mess around with a small amount of web based code. I don't really care if it doesn't look good etc. However if it is going to take quite a bit of coding work to get this going then I am going to have to look at alternatives I think.

nameless_centurian said:
security by obscurity is anything but.

i would be VERY hesitant to do what you want to do. you stand to lose a lot more than your server's files if you aren't careful. it would be very inconvenient to be sued for hosting an illegal service or performing illegal actions from a server that you didn't even know had security problems -or worse, knew it had security problems but didn't care.
Click to expand...

I see your point, However I don't see how possible it would be to upload any kind of file if their only interaction with the files on the server is through a link?
 
Just by having a server connected to the web on a 24/7 basis alone opens up vulnerabilities, as you probably know already. I doubt you'll be able to have an executable file run just by clicking a link. It'll be more in the means of such environment as Java Virtual Machine. Even so, it's pretty iffy..
 
I personnaly would use erminal services and RDP if it was server 03. just setup the user accounts and make .RDP shortcuts with the settings in them and give them to the users that way they just click it and it will work on any windows computer. (except vista basic) you could even limit the access of these users so if the accounts got leaked to someone malicious you wouldn't have any problems, where as VNC would be a pretty big risk.

then again at my work we have some customers with always running un passworded VNC servers, and they never have any problems. either way, GL.
 
what about Remote Desktop?

It's already installed in windows, just need to enable it.
 
Can you have some sort of a cron job that will check if the server is running, and if not, run a command to start it, and have it do this every 5 minutes or so?
 
Orsenfelt said:
I see your point, However I don't see how possible it would be to upload any kind of file if their only interaction with the files on the server is through a link?
Click to expand...

i only know enough about web programming to do some simple things.... but i do know that if someone wants to use your box bad enough, it's pretty easy to get a stack overflow going on, and direct access to the system underneath is a bad idea. at least make sure you sandbox it.
 
This would actually be a pretty simple webpage. With some craftyness you could even get it to check to see if the server/s is/are already running.
 
if you don't want to give them gui access, freesshd is a great secure way to give them command line access. I use it on all my machines.
 
I agree with the remote desktop


check out microsofts remote web workspace that comes with small business server 2003.
 
I got bored and wrote up some code. This is very simple php script that could be put in place. The script doesn't have the execute code in it because I don't know what kind of server you are running.

Code: 
<html>
<head>
<title>Server Starter</title>
</head>
<body>
<?php
if(isset($_GET['action']))
{
	$action = $_GET['action'];
		switch ($action)
		{
			case starta:
				//check to see if server a is running
				
				//if it doesn't exist start the server
				//exec();
				echo "<font color=red>started server A</font>";
				break;
				
			case stopa:
				//check to see if server a is running
				
				//if it is running stop it
				//exec();
				echo "<font color=red>stopped server A</font>";
				//else echo server not running
				
				break;
			
			case startb:
				//same as before but a different server
				//exec();
				echo "<font color=red>started server B</font>";
				break;
			
			case stopb:
				//same as stop a but server b
				//exec();
				echo "<font color=red>stopped server B</font>";
				break;

			default:
				//someone is trying some funny business
				// do nothing and echo an error message
				echo "<h1 color=red>Bite me hacker wannabe!";
				break;
		}
}
?>
<a href="index.php?action=starta">start server A</a>
<a href="index.php?action=stopa">stop server A</a>
<a href="index.php?action=startb">start server B</a>
<a href="index.php?action=stopb">stop server B</a>
</body>
</html>
 
You must log in or register to reply here.
Back
Top