A proof of concept on how Discord can be used as a middleman to transfer (encrypyted) data from one device to another.
- send command (e.g. take a screenshot)
- command gets encrypted with AES-256-GCM
- the encrypted command gets sent to discord
- the bot running on the other receives the message
- it decrypts it and runs the command (e.g. take a screenshot)
- it sends back the data (e.g. the bytes of the screenshot) encrypted with AES-256-GCM
- the bot running on your device receives the message
- it decrypts the data and displays it on the control web page
- both bots send their "calling" message
- when the writer bot sees the reader bots "calling" message it will stop and generate a ECDH key pair and send the public key
- when the reader bot sees a message prefixed with pk! it will stop and generate its own ECDH key pair and send the public key
Basically, if someone gets into the server, they will not be able to read anything that is sent by the bots.
- the bots send their "calling" message
- they both acknowledge each other and exchange thier public keys
- the reader bot sends a command
- the writer bot executes it and sends back the data
- the data is then displayed on the control web panel
This is an extremely simple example to demonstrate the concept.
The "screenshot" button on the web panel does not work. (yet)
You can configure the bots in /shared/constants.go