web app: https://web-term.glitch.me
powered by a JavaScript program, this has been programmed to run bash commands and allows you to download things from NPM, PIP or git.
github: https://github.com/17lwinn/web-term
It would be nice if you could update the README.md on how to use this and provide instructions. I’ll try this later on my laptop as I’m on a mobile phone now. 
i see you on my project now, im updating the README.md as we speak
Thank you! This is very cool!
ive updated the README, it has info on changing options, the CLI and port numbers
is this ok?
I found the full documentation here: https://github.com/IonicaBizau/web-term
And is it an NPM package?
yep, it is an npm package
it is called web-term and that is the github repo i found it in
I have a general question:
Is the default Console in the Glitch project different from this? Like can I perform commands like ls in web-term?
Sorry for the questions, but I don’t know much about these!
its okay! the default console in glitch is a modified version of the BASH shell, commands like ls will work fine. you can use vim just fine too
@random, I don’t know if it works flawlessly on a non-mobile device, but on my mobile phone, when I type, it does not display what I’ve typed and when I typed ls and guessingly hit Enter, it just went on to a new line without doing anything. But then I had to wait a few seconds before the process took place. I’m attaching a screenshot below:
I have ran several tests on the project to see if this could be replicated.
I will try this service called ‘Stay Awake!’ so the terminal will stay online always
your problem must be that your browser does not support certain elements required by the app, i’ll see if there are any other problems in the code.
Thanks for the info. I’ll check it out later on my laptop and let you know.
I have this problem when using a virtual keyboard, are you using a virtual or physical keyboard?
it is broken as heck, the package.json is messed up :\
and, add a remote connection system
hmmm, I found that issue too
i’ll try to add a system and fix the issues
owch
this is what i found:
{
“//1”: “describes your app and its dependencies”,
“//2”: “https://docs.npmjs.com/files/package.json”,
“//3”: “updating this file will download and update your packages”,
“name”: “e”,
“version”: “989999.9999.9999”,
“description”: “A simple Node app built on Express, instantly up and running.”,
“main”: “start.sh”,
“scripts”: {
“start”: “pnpm uninstall web-term; exit”
},
“engines”: {
“node”: “10.x”
},
“repository”: {
“url”: “https://glitch.com/edit/#!/hello-express”
},
“license”: “UNLICENSED”,
“keywords”: [
“node”,
“glitch”,
“express”
],
“author”: “F”,
“dependencies”: {
“mocha”: “^7.0.0”,
“web-term”: “^5.2.0”
}
}
okayyy we have a problem
i have regenerated the package.json file, somebody must have ran a malicious command and messed up the server.
If this happens again, i’m setting it to private
no, it isn’t i checked it through, someone else is raiding the project
@J-Tech-Foundation Seem like the project was deleted.
yep… it was,
oooof
Your right, somebody must be raiding the project
I’ll restore it now
Its back! Same name and all helpers have been evicted.
Should work better, I’m gonna check the source code now
Hey, I’ve found a vulnerability with your project where you can gain full shell access. If you’d like to know the vulnerability then please send me a PM!
So make a copy of the same project. Now create a .env file. Make it so that the program will not start if there is a certain line in the .env file so people have to remix it to try it out.
@javaarchive do you mean with keys? random generated codes? please explain
major security vulnerbility, everything deleted.
ill try to rewind
Like tokens?
20chars
maybe, @J-Tech-Foundation are you sure the package isn’t mallicous? because nearly all the files are gone
well, all the files are there now i’ve rewritten them.
I have commanded the shell to reinstall the web-term package from NPM
PROJECT IS PRIVATE NOW- APP: https://web-term.glitch.me
no, it is not malicious, else it would be taken down
Nice! Even nano works on it. Does this support mobile devices?
It worked fine on my mobile phone.
Works great on my iPhone 7.
Yep works best on chrome
just got a message saying node modules and start.sh are exposed
Let me make this clear. Setting them to private will disable the auto-execution required on request
I will follow @javaarchive advice and will begin using keys to protect the shell
I HAVE BEEN HIT WITH AN IDEA- DISABLE THE EDITING AND EXECUTION OF COMMANDS
By writing the line enable -n clear we would be disabling the clear command*
*
don’t worry, I’m not mean and I won’t disable the command, it would make our lives harder
The site is here:
In the coming weeks, I will spend time on:
For security reasons, any requests to join will be rejected
A large scale, self-inflicted cyber attack has destroyed the project and has made it impossible to rewind
as a result, this thread is now obselete and i will not attempt to restore by a system image
sorry
@random
@random I believe support staff can manually rewind the project for you. If you would like to get it manually rewinded you will need to contact support staff and not edit the project any further. If so it will push the oldest backups off of the systems.
thank you, but we keep getting hacked because we exposed the terminal to the world
therefore, the project has now been deleted.
I see. What exactly was the issue?
@Techy the terminal that is integrated inside of every container we had exposed, this meant that anyone who had the link could modify secure files such as shrinkwrap.yaml
the initialisation scripts were also edited, the whole thing is full of exploits and now it was deleted, the possibility of a rewind was gone because everything we know and love is gone 
the project is deleted now, im not going to spend time on a project that has the lowest security on glitch
Alrighty, Thanks for your explanation!
no problem! Now i could recover and restart the project and give ownership to you… up to you of course
@random I would love for that to happen! Perhaps we can speak more about that in PM’s?
