ncat-client-server: add wg-quick variant

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-15 02:26:55 +02:00 · 2018-05-15 02:26:55 +02:00 · 2f34f3efe7
commit 2f34f3efe7
parent a5412d1056
2 changed files with 37 additions and 4 deletions
--- a/contrib/ncat-client-server/client-quick.sh
+++ b/contrib/ncat-client-server/client-quick.sh
@ -0,0 +1,34 @@
+#!/bin/bash
+# SPDX-License-Identifier: GPL-2.0
+#
+# Copyright (C) 2015-2018 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+
+set -e
+
+echo "[!] Warning: This server is for testing purposes only. You may not use this server for abusive or illegal purposes."
+
+echo "[+] Generating private key."
+privatekey="$(wg genkey)"
+
+echo "[+] Sending public key to server."
+exec 7<>/dev/tcp/demo.wireguard.com/42912
+wg pubkey <<<"$privatekey" >&7
+
+echo "[+] Parsing server response."
+IFS=: read -r status server_pubkey server_port internal_ip <&7
+[[ $status == OK ]] || exit 1
+
+echo "[+] Writing config file."
+sudo sh -c 'umask 077; mkdir -p /etc/wireguard; cat > /etc/wireguard/demo.conf' <<_EOF
+[Interface]
+PrivateKey = $privatekey
+Address = $internal_ip/24
+DNS = 8.8.8.8, 8.8.4.4, 1.1.1.1, 1.0.0.1
+
+[Peer]
+PublicKey = $server_pubkey
+Endpoint = demo.wireguard.com:$server_port
+AllowedIPs = 0.0.0.0/0
+_EOF
+
+echo "[+] Success. Run \`wg-quick up demo\` to turn on the tunnel to the demo server and \`wg-quick down demo\` to turn it off."
--- a/contrib/ncat-client-server/client.sh
+++ b/contrib/ncat-client-server/client.sh
@ -5,15 +5,14 @@

 set -e
 [[ $UID == 0 ]] || { echo "You must be root to run this."; exit 1; }
-umask 077
-trap 'rm -f /tmp/wg_private_key' EXIT INT TERM
 exec 3<>/dev/tcp/demo.wireguard.com/42912
-wg genkey | tee /tmp/wg_private_key | wg pubkey >&3
+privatekey="$(wg genkey)"
+wg pubkey <<<"$privatekey" >&3
 IFS=: read -r status server_pubkey server_port internal_ip <&3
 [[ $status == OK ]]
 ip link del dev wg0 2>/dev/null || true
 ip link add dev wg0 type wireguard
-wg set wg0 private-key /tmp/wg_private_key peer "$server_pubkey" allowed-ips 0.0.0.0/0 endpoint "demo.wireguard.com:$server_port" persistent-keepalive 25
+wg set wg0 private-key <(echo "$privatekey") peer "$server_pubkey" allowed-ips 0.0.0.0/0 endpoint "demo.wireguard.com:$server_port" persistent-keepalive 25
 ip address add "$internal_ip"/24 dev wg0
 ip link set up dev wg0
 if [ "$1" == "default-route" ]; then