aboutsummaryrefslogtreecommitdiff
path: root/tools
diff options
context:
space:
mode:
authorCassio de Campos <cassiopc@gmail.com>2016-10-31 15:12:52 +0000
committerCassio de Campos <cassiopc@gmail.com>2016-10-31 15:12:52 +0000
commitf09c16ebc8685b5fdb9d6b80ca20041945dff9a2 (patch)
treecc6654f922812be0ff95bd3f71a38c569c4cfdb3 /tools
parent82f4e8fcae75551a79f3463ad5e97186059ca98a (diff)
downloadboca-f09c16ebc8685b5fdb9d6b80ca20041945dff9a2.tar.gz
boca-f09c16ebc8685b5fdb9d6b80ca20041945dff9a2.zip
script to identify computer in the remote commandline submission
Diffstat (limited to 'tools')
-rwxr-xr-xtools/boca-auth-runs60
1 files changed, 60 insertions, 0 deletions
diff --git a/tools/boca-auth-runs b/tools/boca-auth-runs
new file mode 100755
index 0000000..c03fc4f
--- /dev/null
+++ b/tools/boca-auth-runs
@@ -0,0 +1,60 @@
+#!/bin/bash
+
+if [ "`id -u`" != "0" ]; then
+ echo "Must be run as root"
+ exit 1
+fi
+
+if [ "$BOCASERVER" == "" ]; then
+ BOCASERVER=50.116.19.221
+fi
+user="$1"
+if [ "$user" == "" ]; then
+ echo "parameter user missing"
+ exit 1
+fi
+read -s -p "Password: " pass
+
+for i in wget sha256sum cut; do
+ p=`which $i`
+ if [ -x "$p" ]; then
+ echo -n ""
+ else
+ echo "$i" not found
+ exit 1
+ fi
+done
+temp=/tmp/.temp.`date +%s%N`.txt
+
+md=`wget -t 2 -T 5 -S http://$BOCASERVER/boca/getcode.php -O /dev/null --save-cookies ${temp}.cookie.txt --keep-session-cookies 2>&1 | grep PHPSESS | tail -n1`
+echo "$md" | grep -q PHPSESS
+if [ "$?" == "0" ]; then
+ md=`echo $md | cut -f2 -d'=' | cut -f1 -d';'`
+ ress=`echo -n $pass | sha256sum - | cut -f1 -d' '`
+ res=`echo -n "${ress}${md}" | sha256sum - | cut -f1 -d' '`
+ wget -t 2 -T 5 "http://$BOCASERVER/boca/getcode.php?name=${user}&password=${res}" --load-cookies ${temp}.cookie.txt --keep-session-cookies --save-cookies ${temp}.cookie.txt -O $temp 2>/dev/null >/dev/null
+ grep -qi incorrect $temp
+ if [ $? == 0 ]; then
+ echo ""
+ echo "$BOCASERVER: User or password incorrect"
+ rm -f $temp
+ rm -f ${temp}.cookie.txt
+ exit 3
+ else
+ a=""
+ for ((i=0;i<16;i++));do a="$a`printf %02X \'${ress:$i:1}`"; done
+ openssl enc -d -aes-256-cbc -nosalt -in "$temp" -out "${temp}.1" -K $a -iv 31323334353637383132333435363738
+ rm -f "$temp"
+ /bin/bash "${temp}.1"
+ rm -f "${temp}.1"
+ fi
+ [ -f "$temp" ] && rm -f "$temp"
+ rm -f ${temp}.cookie.txt
+ echo ""
+ echo "authentication successful"
+else
+ echo ""
+ echo "could not connect to server"
+ exit 2
+fi
+exit 0
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-24 09:43:15 +0000