diff --git a/module.prop b/module.prop index f7043f3..d7171c6 100644 --- a/module.prop +++ b/module.prop @@ -1,7 +1,7 @@ id=vigil name=Vigil — Anti-Surveillance Shield -version=v0.2.0 -versionCode=2 +version=v0.3.0 +versionCode=3 author=Setec Labs description=Anti-surveillance, anti-stalkerware, and anti-forensic protection for journalists, activists, and at-risk users. Detects Pegasus, stalkerware, IMSI catchers, silent SMS, forensic extraction tools, and more. updateJson= diff --git a/vigil/bin/vigil b/vigil/bin/vigil index ca51403..9f90faa 100755 --- a/vigil/bin/vigil +++ b/vigil/bin/vigil @@ -3,7 +3,7 @@ # Command-line interface for managing Vigil protection # (c) Setec Labs -VERSION="0.1.0" +VERSION="0.3.0" MODDIR="" VIGIL_DATA="/data/adb/vigil" @@ -227,11 +227,7 @@ cmd_deep_scan() { "$VIGIL_LIB/deep_scan.sh" deep } -cmd_webui() { - check_module - echo "Starting Vigil WebUI on http://localhost:${WEBUI_PORT:-8088}" - "$VIGIL_LIB/webui.sh" serve -} + cmd_harden() { check_module @@ -304,9 +300,6 @@ cmd_help() { echo " duress [setup|status]" echo " Duress/panic trigger configuration" echo "" - echo "${BOLD}Dashboard${NC}" - echo " webui Start WebUI dashboard (localhost:8088)" - echo "" echo "${BOLD}Maintenance${NC}" echo " update-ioc Update threat indicator database" echo " version Show version" @@ -337,7 +330,6 @@ case "$1" in app) shift; cmd_app_honeypot "$@" ;; network) shift; cmd_network "$@" ;; duress) shift; cmd_duress "$@" ;; - webui) cmd_webui ;; log) shift; cmd_log "$@" ;; version) echo "Vigil v${VERSION}" ;; help|--help|-h|"") cmd_help ;; diff --git a/vigil/bin/vigild b/vigil/bin/vigild index 486c755..175916b 100755 --- a/vigil/bin/vigild +++ b/vigil/bin/vigild @@ -3,22 +3,31 @@ # Main daemon that orchestrates all protection modules # (c) Setec Labs -MODDIR=$(dirname $(dirname $(dirname $(readlink -f "$0")))) +# Find module directory reliably +MODDIR="" +for d in /data/adb/modules/vigil /data/adb/modules_update/vigil; do + [ -d "$d/vigil/lib" ] && MODDIR="$d" && break +done +if [ -z "$MODDIR" ]; then + echo "ERROR: Vigil module directory not found" + exit 1 +fi + VIGIL_DATA="/data/adb/vigil" VIGIL_LIB="$MODDIR/vigil/lib" VIGIL_LOG="$VIGIL_DATA/vigil.log" VIGIL_PID="$VIGIL_DATA/vigild.pid" # Ensure dirs exist -mkdir -p "$VIGIL_DATA/alerts" "$VIGIL_DATA/baseline" +mkdir -p "$VIGIL_DATA/alerts" "$VIGIL_DATA/baseline" "$VIGIL_DATA/reports" "$VIGIL_DATA/quarantine" # Load config [ -f "$VIGIL_DATA/vigil.conf" ] && . "$VIGIL_DATA/vigil.conf" log() { - local level="$1" - local msg="$2" - local min_level="${VIGIL_LOG_LEVEL:-2}" + level="$1" + msg="$2" + min_level="${VIGIL_LOG_LEVEL:-3}" case "$level" in ERROR) lvl=1 ;; @@ -33,10 +42,10 @@ log() { } rotate_log() { - local max_size="${VIGIL_LOG_MAX_SIZE:-1048576}" + max_size="${VIGIL_LOG_MAX_SIZE:-1048576}" if [ -f "$VIGIL_LOG" ]; then - local size=$(stat -c '%s' "$VIGIL_LOG" 2>/dev/null || echo 0) - if [ "$size" -gt "$max_size" ]; then + size=$(stat -c '%s' "$VIGIL_LOG" 2>/dev/null || wc -c < "$VIGIL_LOG" 2>/dev/null || echo 0) + if [ "$size" -gt "$max_size" ] 2>/dev/null; then mv "$VIGIL_LOG" "$VIGIL_LOG.1" log INFO "Log rotated" fi @@ -44,37 +53,17 @@ rotate_log() { } process_alerts() { - local alert_file="$VIGIL_DATA/alerts/pending" + alert_file="$VIGIL_DATA/alerts/pending" if [ -f "$alert_file" ] && [ -s "$alert_file" ]; then - local count=$(wc -l < "$alert_file") + count=$(wc -l < "$alert_file") log WARN "Processing $count pending alerts" - - # Archive alerts cat "$alert_file" >> "$VIGIL_DATA/alerts/history" - - # If backend configured, report alerts - if [ -n "$VIGIL_BACKEND_URL" ]; then - # POST alerts to backend server - local payload=$(cat "$alert_file" | while IFS='|' read -r sev ts mod msg; do - echo "{\"severity\":\"$sev\",\"timestamp\":$ts,\"module\":\"$mod\",\"message\":\"$msg\"}" - done | paste -sd',' -) - - curl -s -X POST \ - -H "Content-Type: application/json" \ - -H "X-Vigil-Device: ${VIGIL_DEVICE_ID:-unknown}" \ - -d "{\"alerts\":[$payload]}" \ - "$VIGIL_BACKEND_URL/api/alerts" \ - >> "$VIGIL_LOG" 2>&1 & - fi - - # Clear pending > "$alert_file" fi } generate_device_id() { if [ -z "$VIGIL_DEVICE_ID" ] || [ "$VIGIL_DEVICE_ID" = "" ]; then - # Generate a pseudorandom device ID (not fingerprinting — just for backend comms) VIGIL_DEVICE_ID=$(cat /proc/sys/kernel/random/uuid 2>/dev/null | cut -d'-' -f1-2) if [ -n "$VIGIL_DEVICE_ID" ]; then sed -i "s/^VIGIL_DEVICE_ID=.*/VIGIL_DEVICE_ID=\"$VIGIL_DEVICE_ID\"/" "$VIGIL_DATA/vigil.conf" 2>/dev/null @@ -82,10 +71,8 @@ generate_device_id() { fi } -# ── SIGNAL HANDLERS ── cleanup() { log INFO "vigild shutting down (PID: $$)" - # Stop background monitors kill $(jobs -p) 2>/dev/null rm -f "$VIGIL_PID" exit 0 @@ -94,144 +81,125 @@ cleanup() { trap cleanup TERM INT QUIT # ── MAIN ── -main() { - echo $$ > "$VIGIL_PID" - log INFO "════════════════════════════════════════" - log INFO "vigild starting (PID: $$)" - log INFO "Module: $MODDIR" - log INFO "Data: $VIGIL_DATA" - log INFO "════════════════════════════════════════" +echo $$ > "$VIGIL_PID" +log INFO "════════════════════════════════════════" +log INFO "vigild starting (PID: $$)" +log INFO "Module: $MODDIR" +log INFO "Data: $VIGIL_DATA" +log INFO "Lib: $VIGIL_LIB" +log INFO "════════════════════════════════════════" - generate_device_id +generate_device_id - # ── Start background monitors ── +# ── Start background monitors ── - # 1. Forensic Shield (continuous USB/process monitoring) - if [ "${FORENSIC_SHIELD_ENABLED:-1}" = "1" ]; then - log INFO "Starting Forensic Shield monitor..." - "$VIGIL_LIB/forensic_shield.sh" monitor >> "$VIGIL_LOG" 2>&1 & - log INFO "Forensic Shield PID: $!" +# 1. Forensic Shield +if [ "${FORENSIC_SHIELD_ENABLED:-1}" = "1" ]; then + log INFO "Starting Forensic Shield monitor..." + "$VIGIL_LIB/forensic_shield.sh" monitor >> "$VIGIL_LOG" 2>&1 & + log INFO "Forensic Shield PID: $!" +fi + +# 2. SMS Shield +if [ "${SMS_SHIELD_ENABLED:-1}" = "1" ] && [ "${SMS_SILENT_DETECT:-1}" = "1" ]; then + log INFO "Starting SMS Shield monitor..." + "$VIGIL_LIB/sms_shield.sh" monitor >> "$VIGIL_LOG" 2>&1 & + log INFO "SMS Shield PID: $!" +fi + +# 3. Silent install blocker +if [ "${SMS_BLOCK_SILENT_INSTALL:-1}" = "1" ]; then + log INFO "Starting silent install blocker..." + "$VIGIL_LIB/sms_shield.sh" monitor-installs >> "$VIGIL_LOG" 2>&1 & + log INFO "Install Blocker PID: $!" +fi + +# 4. Network Monitor +if [ "${NETWORK_MONITOR_ENABLED:-1}" = "1" ] && [ "${NETWORK_LOG_SUSPICIOUS:-1}" = "1" ]; then + log INFO "Starting Network monitor..." + "$VIGIL_LIB/network_monitor.sh" monitor >> "$VIGIL_LOG" 2>&1 & + log INFO "Network Monitor PID: $!" +fi + +# 5. Install network blocklists +if [ "${NETWORK_BLOCK_C2:-1}" = "1" ] || [ "${NETWORK_BLOCK_TRACKERS:-1}" = "1" ]; then + log INFO "Installing network blocklists..." + "$VIGIL_LIB/network_monitor.sh" install >> "$VIGIL_LOG" 2>&1 +fi + +# 6. Deep scan background +if [ "${DEEP_SCAN_BACKGROUND:-1}" = "1" ]; then + log INFO "Starting deep scan background monitor..." + "$VIGIL_LIB/deep_scan.sh" background >> "$VIGIL_LOG" 2>&1 & + log INFO "Deep Scan PID: $!" +fi + +# 7. SMS Honeypot +if [ "${SMS_FAKE_RESPONSE:-0}" = "1" ]; then + log INFO "Starting SMS Honeypot monitor..." + "$VIGIL_LIB/sms_honeypot.sh" monitor >> "$VIGIL_LOG" 2>&1 & + log INFO "SMS Honeypot PID: $!" +fi + +# 8. Duress triggers +if [ "${DURESS_ENABLED:-0}" = "1" ]; then + log INFO "Starting Duress monitors..." + "$VIGIL_LIB/duress.sh" monitor >> "$VIGIL_LOG" 2>&1 & + log INFO "Duress Monitor PID: $!" +fi + +# 9. Anti-forensics hardening +if [ "${ANTIFORENSICS_ENABLED:-1}" = "1" ]; then + log INFO "Applying anti-forensics hardening..." + "$VIGIL_LIB/antiforensics.sh" harden >> "$VIGIL_LOG" 2>&1 +fi + +# 10. Initial quick scan +log INFO "Running initial quick scan..." +"$VIGIL_LIB/scanner.sh" quick >> "$VIGIL_LOG" 2>&1 + +# ── Main loop ── +last_scan=$(date +%s) +last_integrity=$(date +%s) +last_ioc_update=$(date +%s) +scan_interval="${SCANNER_INTERVAL:-3600}" +integrity_interval="${FROSTGUARD_INTERVAL:-1800}" +ioc_update_interval="${IOC_UPDATE_INTERVAL:-86400}" + +log INFO "Main loop started (scan:${scan_interval}s integrity:${integrity_interval}s ioc:${ioc_update_interval}s)" + +while true; do + now=$(date +%s) + + # Periodic threat scan + if [ $((now - last_scan)) -ge "$scan_interval" ]; then + log INFO "Scheduled threat scan..." + "$VIGIL_LIB/scanner.sh" quick >> "$VIGIL_LOG" 2>&1 + last_scan=$now fi - # 2. SMS Shield (continuous logcat monitoring + silent install blocking) - if [ "${SMS_SHIELD_ENABLED:-1}" = "1" ] && [ "${SMS_SILENT_DETECT:-1}" = "1" ]; then - log INFO "Starting SMS Shield monitor..." - "$VIGIL_LIB/sms_shield.sh" monitor >> "$VIGIL_LOG" 2>&1 & - log INFO "SMS Shield PID: $!" + # Periodic integrity check + if [ "${FROSTGUARD_ENABLED:-1}" = "1" ] && [ $((now - last_integrity)) -ge "$integrity_interval" ]; then + log INFO "Scheduled integrity check..." + "$VIGIL_LIB/integrity.sh" verify >> "$VIGIL_LOG" 2>&1 + last_integrity=$now fi - # 2b. Silent install blocker (global package install monitor) - if [ "${SMS_BLOCK_SILENT_INSTALL:-1}" = "1" ]; then - log INFO "Starting silent install blocker..." - "$VIGIL_LIB/sms_shield.sh" monitor-installs >> "$VIGIL_LOG" 2>&1 & - log INFO "Install Blocker PID: $!" + # Periodic IOC update + if [ $((now - last_ioc_update)) -ge "$ioc_update_interval" ]; then + log INFO "Checking IOC updates..." + "$VIGIL_LIB/ioc_updater.sh" auto >> "$VIGIL_LOG" 2>&1 + last_ioc_update=$now fi - # 3. Network Monitor (continuous connection watching) - if [ "${NETWORK_MONITOR_ENABLED:-1}" = "1" ] && [ "${NETWORK_LOG_SUSPICIOUS:-1}" = "1" ]; then - log INFO "Starting Network monitor..." - "$VIGIL_LIB/network_monitor.sh" monitor >> "$VIGIL_LOG" 2>&1 & - log INFO "Network Monitor PID: $!" + process_alerts + rotate_log + + # Check we're still the running instance + if [ ! -f "$VIGIL_PID" ] || [ "$(cat "$VIGIL_PID" 2>/dev/null)" != "$$" ]; then + log WARN "PID mismatch — exiting" + cleanup fi - # 4. Install network blocklists - if [ "${NETWORK_BLOCK_C2:-1}" = "1" ] || [ "${NETWORK_BLOCK_TRACKERS:-1}" = "1" ]; then - log INFO "Installing network blocklists..." - "$VIGIL_LIB/network_monitor.sh" install >> "$VIGIL_LOG" 2>&1 - fi - - # 5. Deep scan background monitor (low-priority forensic analysis) - if [ "${DEEP_SCAN_BACKGROUND:-1}" = "1" ]; then - log INFO "Starting deep scan background monitor..." - "$VIGIL_LIB/deep_scan.sh" background >> "$VIGIL_LOG" 2>&1 & - log INFO "Deep Scan Background PID: $!" - fi - - # 6. SMS Honeypot (fake location on silent SMS) - if [ "${SMS_FAKE_RESPONSE:-0}" = "1" ]; then - log INFO "Starting SMS Honeypot monitor..." - "$VIGIL_LIB/sms_honeypot.sh" monitor >> "$VIGIL_LOG" 2>&1 & - log INFO "SMS Honeypot PID: $!" - fi - - # 7. Duress trigger monitors (power button + PIN) - if [ "${DURESS_ENABLED:-0}" = "1" ]; then - log INFO "Starting Duress monitors..." - "$VIGIL_LIB/duress.sh" monitor >> "$VIGIL_LOG" 2>&1 & - log INFO "Duress Monitor PID: $!" - fi - - # 8. Apply anti-forensics hardening on boot - if [ "${ANTIFORENSICS_ENABLED:-1}" = "1" ]; then - log INFO "Applying anti-forensics hardening..." - "$VIGIL_LIB/antiforensics.sh" harden >> "$VIGIL_LOG" 2>&1 - fi - - # 9. WebUI dashboard - if [ "${WEBUI_ENABLED:-1}" = "1" ]; then - log INFO "Starting WebUI on port ${WEBUI_PORT:-8088}..." - "$VIGIL_LIB/webui.sh" serve >> "$VIGIL_LOG" 2>&1 & - log INFO "WebUI PID: $!" - fi - - # 10. Install network blocklists - if [ "${NETWORK_BLOCK_C2:-1}" = "1" ] || [ "${NETWORK_BLOCK_TRACKERS:-1}" = "1" ]; then - log INFO "Installing network blocklists..." - "$VIGIL_LIB/network_monitor.sh" install >> "$VIGIL_LOG" 2>&1 - fi - - # 10. Run initial quick scan - log INFO "Running initial quick scan..." - "$VIGIL_LIB/scanner.sh" quick >> "$VIGIL_LOG" 2>&1 - - # ── Main loop ── - local last_scan=$(date +%s) - local last_integrity=$(date +%s) - local last_ioc_update=$(date +%s) - local scan_interval="${SCANNER_INTERVAL:-3600}" - local integrity_interval="${FROSTGUARD_INTERVAL:-1800}" - local ioc_update_interval="${IOC_UPDATE_INTERVAL:-86400}" - - log INFO "Entering main loop (scan: ${scan_interval}s, integrity: ${integrity_interval}s, ioc: ${ioc_update_interval}s)" - - while true; do - local now=$(date +%s) - - # Periodic threat scan - if [ $((now - last_scan)) -ge "$scan_interval" ]; then - log INFO "Running scheduled threat scan..." - "$VIGIL_LIB/scanner.sh" quick >> "$VIGIL_LOG" 2>&1 - last_scan=$now - fi - - # Periodic integrity check - if [ "${FROSTGUARD_ENABLED:-1}" = "1" ] && [ $((now - last_integrity)) -ge "$integrity_interval" ]; then - log INFO "Running scheduled integrity check..." - "$VIGIL_LIB/integrity.sh" verify >> "$VIGIL_LOG" 2>&1 - last_integrity=$now - fi - - # Periodic IOC auto-update - if [ $((now - last_ioc_update)) -ge "$ioc_update_interval" ]; then - log INFO "Checking for IOC updates..." - "$VIGIL_LIB/ioc_updater.sh" auto >> "$VIGIL_LOG" 2>&1 - last_ioc_update=$now - fi - - # Process any pending alerts - process_alerts - - # Rotate log if needed - rotate_log - - # Check if we're still supposed to be running - if [ ! -f "$VIGIL_PID" ] || [ "$(cat "$VIGIL_PID" 2>/dev/null)" != "$$" ]; then - log WARN "PID file mismatch — another instance may be running. Exiting." - cleanup - fi - - sleep 60 - done -} - -main + sleep 60 +done diff --git a/vigil/config/vigil.conf b/vigil/config/vigil.conf index 8e601bd..aec37bf 100644 --- a/vigil/config/vigil.conf +++ b/vigil/config/vigil.conf @@ -86,7 +86,3 @@ APP_HONEYPOT_AUTO=0 # Auto-honeypot detected threats (0=manual) IOC_UPDATE_INTERVAL=86400 # Seconds between auto-updates (86400=24hr) VIGIL_API_KEY="" # Autarch API key for backend updates VIGIL_BACKEND_URL="" # Autarch backend URL - -# ── WebUI Dashboard ───────────────────────────────── -WEBUI_ENABLED=1 # Start WebUI on boot -WEBUI_PORT=8088 # Port for local dashboard diff --git a/vigil/lib/webui.sh b/vigil/lib/webui.sh deleted file mode 100755 index 19728ce..0000000 --- a/vigil/lib/webui.sh +++ /dev/null @@ -1,284 +0,0 @@ -#!/system/bin/sh -# Vigil — WebUI Server -# Serves a local web dashboard for settings, status, alerts, and scan control -# (c) Setec Labs -# -# Runs on localhost:8088 (configurable) -# Uses busybox httpd with CGI, or falls back to nc-based server - -VIGIL_DATA="/data/adb/vigil" -VIGIL_LOG="$VIGIL_DATA/vigil.log" -WEBUI_PORT="${WEBUI_PORT:-8088}" -WEBUI_DIR="" -VIGIL_LIB="$(dirname "$0")" - -# Find the webroot -for d in /data/adb/modules/vigil/vigil/webroot "$VIGIL_LIB/../webroot"; do - [ -d "$d" ] && WEBUI_DIR="$d" && break -done - -[ -f "$VIGIL_DATA/vigil.conf" ] && . "$VIGIL_DATA/vigil.conf" - -log() { - echo "[$(date '+%Y-%m-%d %H:%M:%S')] [webui] $1" >> "$VIGIL_LOG" -} - -# ── CGI API HANDLER ── -# Processes API requests and returns JSON -handle_api() { - local endpoint="$1" - local method="$2" - - echo "HTTP/1.1 200 OK" - echo "Content-Type: application/json" - echo "Access-Control-Allow-Origin: *" - echo "Connection: close" - echo "" - - case "$endpoint" in - /api/status) - local daemon_status="stopped" - local daemon_pid="" - if [ -f "$VIGIL_DATA/vigild.pid" ]; then - daemon_pid=$(cat "$VIGIL_DATA/vigild.pid") - kill -0 "$daemon_pid" 2>/dev/null && daemon_status="running" - fi - local lockdown=$([ -f "$VIGIL_DATA/.lockdown" ] && echo "true" || echo "false") - - cat </dev/null; then - sed -i "s|^${key}=.*|${key}=${val}|" "$VIGIL_DATA/vigil.conf" - fi - done - echo "{\"status\":\"ok\"}" - else - # Return current config as JSON - echo "{" - local first=1 - grep -v '^#' "$VIGIL_DATA/vigil.conf" 2>/dev/null | grep '=' | while IFS='=' read -r key val; do - key=$(echo "$key" | tr -d ' ') - val=$(echo "$val" | sed 's/^"//' | sed 's/"$//' | sed 's/#.*//' | tr -d ' ') - [ -z "$key" ] && continue - [ $first -eq 0 ] && echo "," - first=0 - echo " \"$key\": \"$val\"" - done - echo "}" - fi - ;; - - /api/scan) - echo "{\"status\":\"started\"}" - # Run scan in background - "$VIGIL_LIB/scanner.sh" quick >> "$VIGIL_LOG" 2>&1 & - ;; - - /api/deep-scan) - echo "{\"status\":\"started\"}" - "$VIGIL_LIB/deep_scan.sh" deep >> "$VIGIL_LOG" 2>&1 & - ;; - - /api/lockdown) - "$VIGIL_LIB/key_wiper.sh" lockdown >> "$VIGIL_LOG" 2>&1 & - echo "{\"status\":\"lockdown_initiated\"}" - ;; - - /api/harden) - "$VIGIL_LIB/antiforensics.sh" harden >> "$VIGIL_LOG" 2>&1 & - echo "{\"status\":\"hardening\"}" - ;; - - /api/sanitize) - "$VIGIL_LIB/antiforensics.sh" sanitize >> "$VIGIL_LOG" 2>&1 & - echo "{\"status\":\"sanitizing\"}" - ;; - - /api/update-ioc) - "$VIGIL_LIB/ioc_updater.sh" update >> "$VIGIL_LOG" 2>&1 & - echo "{\"status\":\"updating\"}" - ;; - - /api/log) - echo "[" - if [ -f "$VIGIL_LOG" ]; then - local first=1 - tail -100 "$VIGIL_LOG" | while read -r line; do - line=$(echo "$line" | sed 's/"/\\"/g') - [ $first -eq 0 ] && echo "," - first=0 - echo " \"$line\"" - done - fi - echo "]" - ;; - - /api/exec) - # Standalone mode: execute shell command (replaces ksu.exec) - echo "HTTP/1.1 200 OK" - echo "Content-Type: text/plain" - echo "Connection: close" - echo "" - if [ "$method" = "POST" ] && [ -n "$POST_BODY" ]; then - eval "$POST_BODY" 2>&1 - fi - return - ;; - - *) - echo "{\"error\":\"unknown endpoint\"}" - ;; - esac -} - -# ── NC-BASED HTTP SERVER ── -# Simple HTTP server using netcat — no dependencies -cmd_serve() { - log "WebUI starting on port $WEBUI_PORT..." - echo "Vigil WebUI: http://localhost:$WEBUI_PORT" - - while true; do - # Listen for a connection and handle it - { - # Read the HTTP request - local request="" - local method="" - local path="" - local content_length=0 - - while read -r line; do - line=$(echo "$line" | tr -d '\r') - [ -z "$line" ] && break - - if [ -z "$request" ]; then - request="$line" - method=$(echo "$line" | awk '{print $1}') - path=$(echo "$line" | awk '{print $2}') - fi - - if echo "$line" | grep -qi "Content-Length:"; then - content_length=$(echo "$line" | grep -oE '[0-9]+') - fi - done - - # Read POST body if present - local POST_BODY="" - if [ "$method" = "POST" ] && [ "$content_length" -gt 0 ] 2>/dev/null; then - POST_BODY=$(dd bs=1 count="$content_length" 2>/dev/null) - fi - export POST_BODY - - # Route the request - case "$path" in - /api/*) - handle_api "$path" "$method" - ;; - /|/index.html) - echo "HTTP/1.1 200 OK" - echo "Content-Type: text/html" - echo "Connection: close" - echo "" - cat "$WEBUI_DIR/index.html" 2>/dev/null || echo "

WebUI files not found

" - ;; - *) - local file="$WEBUI_DIR${path}" - if [ -f "$file" ]; then - local mime="text/plain" - case "$path" in - *.html) mime="text/html" ;; - *.css) mime="text/css" ;; - *.js) mime="application/javascript" ;; - *.json) mime="application/json" ;; - *.png) mime="image/png" ;; - *.svg) mime="image/svg+xml" ;; - esac - echo "HTTP/1.1 200 OK" - echo "Content-Type: $mime" - echo "Connection: close" - echo "" - cat "$file" - else - echo "HTTP/1.1 404 Not Found" - echo "Connection: close" - echo "" - echo "404" - fi - ;; - esac - } | busybox nc -l -p "$WEBUI_PORT" 2>/dev/null || { - # Fallback: use toybox nc or /system/bin/nc - log "busybox nc not available, trying alternatives..." - break - } - done -} - -# ── DISPATCH ── -case "$1" in - serve) cmd_serve ;; - status) echo "WebUI port: $WEBUI_PORT" ;; - *) - echo "Vigil WebUI Server" - echo "Usage: webui.sh serve" - echo " Starts web dashboard on http://localhost:$WEBUI_PORT" - ;; -esac diff --git a/vigil/webroot/index.html b/vigil/webroot/index.html index 50f9c4b..c14bab4 100644 --- a/vigil/webroot/index.html +++ b/vigil/webroot/index.html @@ -60,7 +60,7 @@ body{font-family:'SF Mono','Cascadia Code','Fira Code',monospace;background:var(

VIGIL

Anti-Surveillance Shield by Setec Labs
-
v0.2.0
+
v0.3.0
Checking...
diff --git a/webroot/index.html b/webroot/index.html index 50f9c4b..c14bab4 100644 --- a/webroot/index.html +++ b/webroot/index.html @@ -60,7 +60,7 @@ body{font-family:'SF Mono','Cascadia Code','Fira Code',monospace;background:var(

VIGIL

Anti-Surveillance Shield by Setec Labs
-
v0.2.0
+
v0.3.0
Checking...