diff options
| -rw-r--r-- | src/logexternal.php | 29 | ||||
| -rw-r--r-- | tools/boca-submit-log | 108 |
2 files changed, 82 insertions, 55 deletions
diff --git a/src/logexternal.php b/src/logexternal.php index b85aaef..34b2810 100644 --- a/src/logexternal.php +++ b/src/logexternal.php @@ -17,17 +17,17 @@ ob_end_flush(); function sanitizeFilename($text) { - $text = str_replace("*", "", $text); - $text = str_replace("$", "", $text); - $text = str_replace(")", "", $text); - $text = str_replace("(", "", $text); - $text = str_replace(";", "", $text); - $text = str_replace("&", "", $text); - $text = str_replace("<", "", $text); - $text = str_replace(">", "", $text); - $text = str_replace("\"", "", $text); - $text = str_replace("'", "", $text); - $text = str_replace("`", "", $text); + $text = str_replace("*", "_", $text); + $text = str_replace("$", "_", $text); + $text = str_replace(")", "_", $text); + $text = str_replace("(", "_", $text); + $text = str_replace(";", "_", $text); + $text = str_replace("&", "_", $text); + $text = str_replace("<", "_", $text); + $text = str_replace(">", "_", $text); + $text = str_replace("\"", "_", $text); + $text = str_replace("'", "_", $text); + $text = str_replace("`", "_", $text); $text = addslashes($text); return $text; } @@ -45,7 +45,12 @@ if(isset($_POST["comp"]) && $_POST["comp"] != "" ) { $p = myhash($secret[2] . session_id()); if($p == $password) { @mkdir('/var/www/boca/src/private/logexternal/',0770,true); - @file_put_contents("/var/www/boca/src/private/logexternal/" . $secret[0] . '.' . $name, '\nbegin ' . time() . ' ' . base64_decode($_POST['data']), LOCK_EX | FILE_APPEND); + if(isset($_POST['logsession'])) + @file_put_contents("/var/www/boca/src/private/logexternal/" . $secret[0] . '.' . $name . '.logsession', '\nbegin ' . time() . ' ' . base64_decode($_POST['logsession']), LOCK_EX | FILE_APPEND); + if(isset($_POST['logfs'])) + @file_put_contents("/var/www/boca/src/private/logexternal/" . $secret[0] . '.' . $name . '.logfs', '\nbegin ' . time() . ' ' . base64_decode($_POST['logfs']), LOCK_EX | FILE_APPEND); + if(isset($_POST['logkeys'])) + @file_put_contents("/var/www/boca/src/private/logexternal/" . $secret[0] . '.' . $name . '.logkeys', '\nbegin ' . time() . ' ' . base64_decode($_POST['logkeys']), LOCK_EX | FILE_APPEND); @file_put_contents("/var/www/boca/src/private/logexternal/logexternal.log", $name . "|" . $secret[0] . '|' . date(DATE_RFC2822) . "\n", LOCK_EX | FILE_APPEND); echo "ok\n"; exit; diff --git a/tools/boca-submit-log b/tools/boca-submit-log index 836225e..286e5f6 100644 --- a/tools/boca-submit-log +++ b/tools/boca-submit-log @@ -1,8 +1,8 @@ #!/bin/bash if [ "`id -u`" != "0" ]; then - echo "Must be run as root" - exit 1 + echo "Must be run as root" + exit 1 fi if [[ ! -e /etc/bocaip ]] ; then BOCASERVER=50.116.19.221 @@ -15,52 +15,74 @@ if [ "$BOCASERVER" == "" ]; then exit 1 fi -for zcount in 1 2 3 4 5 6; do +for zcount in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16; do -grep "session opened for user root" /var/log/auth.log |grep -v cron:session | grep -v systemd:session | tail -n 100 > /root/.logroot.tmp -[ -f /root/.logroot ] || touch /root/.logroot -diff /root/.logroot /root/.logroot.tmp > /root/.logroot.diff 2>/dev/null -res=$? -if [ "$res" != "0" ]; then - for i in uuencode wget tr perl sha256sum cut; do - p=`which $i` - if [ -x "$p" ]; then - echo -n "" - else - echo "$i" not found - exit 1 - fi - done - temp=/root/.temp.`date +%s%N`.txt - md=`wget -4 --no-check-certificate -t 2 -T 5 -S https://$BOCASERVER/boca/logexternal.php -O /dev/null --save-cookies ${temp}.cookie.txt --keep-session-cookies 2>&1 | grep PHPSESS | tail -n1` - echo "$md" | grep -q PHPSESS - if [ "$?" == "0" ]; then - md=`echo $md | cut -f2 -d'=' | cut -f1 -d';'` - res=`cat /root/submissions/code 2>/dev/null` - res=`echo -n "${res}${md}" | sha256sum - | cut -f1 -d' '` + grep -e sudo -e "password:session" /var/log/auth.log | tail -n 100 > /root/.logsession.tmp + [ -f /root/.logsession ] || touch /root/.logsession + diff /root/.logsession /root/.logsession.tmp > /root/.logsession.diff 2>/dev/null + res=$? - echo -n "comp=`cat /root/submissions/comp`" > $temp - echo -n "&code=$res" >> $temp - echo -n "&data=" >> $temp - grep "^>" /root/.logroot.diff | uuencode -m zzzzzzzzzz | grep -v "begin-base64.*zzzzzzzzzz" | perl -MURI::Escape -lne 'print uri_escape($_)' >> $temp + journalctl | grep -i mount | grep -i -e "filesystem" -e "file system" | tail -n 100 > /root/.logfs.tmp + [ -f /root/.logfs ] || touch /root/.logfs + diff /root/.logfs /root/.logfs.tmp > /root/.logfs.diff 2>/dev/null + resfs=$? - wget -4 --no-check-certificate -t 2 -T 5 "https://$BOCASERVER/boca/logexternal.php" --load-cookies ${temp}.cookie.txt --keep-session-cookies --save-cookies ${temp}.cookie.txt -O ${temp}.out --post-file=$temp >/dev/null 2>/dev/null - rm -f $temp - rm -f ${temp}.cookie.txt - grep -qi incorrect ${temp}.out - res=$? - rm ${temp}.out - if [ "$res" == "0" ]; then - echo "$BOCASERVER: User or password incorrect" - exit 3 - fi + if [ "$zcount" == "1" ]; then + tail -n 1000 /var/log/logkeys.log > /root/.logkeys.tmp + [ -f /root/.logkeys ] || touch /root/.logkeys + diff /root/.logkeys /root/.logkeys.tmp > /root/.logkeys.diff 2>/dev/null + reskeys=$? else - echo "$BOCASERVER: connection failed" - exit 2 + echo "" > /root/.logkeys.diff + reskeys=0 fi -fi -mv /root/.logroot.tmp /root/.logroot -[ "$zcount" == "6" ] || sleep 8 + + if [ "$res" != "0" -o "$resfs" != "0" -o "$reskey" != "0" ]; then + for i in uuencode wget tr perl sha256sum cut; do + p=`which $i` + if [ -x "$p" ]; then + echo -n "" + else + echo "$i" not found + exit 1 + fi + done + temp=/root/.temp.`date +%s%N`.txt + md=`wget -4 --no-check-certificate -t 2 -T 5 -S https://$BOCASERVER/boca/logexternal.php -O /dev/null --save-cookies ${temp}.cookie.txt --keep-session-cookies 2>&1 | grep PHPSESS | tail -n1` + echo "$md" | grep -q PHPSESS + if [ "$?" == "0" ]; then + md=`echo $md | cut -f2 -d'=' | cut -f1 -d';'` + res=`cat /root/submissions/code 2>/dev/null` + res=`echo -n "${res}${md}" | sha256sum - | cut -f1 -d' '` + + echo -n "comp=`cat /root/submissions/comp`" > $temp + echo -n "&code=$res" >> $temp + echo -n "&logsession=" >> $temp + grep "^>" /root/.logsession.diff | uuencode -m zzzzzzzzzz | grep -v "begin-base64.*zzzzzzzzzz" | perl -MURI::Escape -lne 'print uri_escape($_)' >> $temp + echo -n "&logfs=" >> $temp + grep "^>" /root/.logfs.diff | uuencode -m zzzzzzzzzz | grep -v "begin-base64.*zzzzzzzzzz" | perl -MURI::Escape -lne 'print uri_escape($_)' >> $temp + echo -n "&logkeys=" >> $temp + grep "^>" /root/.logkeys.diff | uuencode -m zzzzzzzzzz | grep -v "begin-base64.*zzzzzzzzzz" | perl -MURI::Escape -lne 'print uri_escape($_)' >> $temp + + wget -4 --no-check-certificate -t 2 -T 5 "https://$BOCASERVER/boca/logexternal.php" --load-cookies ${temp}.cookie.txt --keep-session-cookies --save-cookies ${temp}.cookie.txt -O ${temp}.out --post-file=$temp >/dev/null 2>/dev/null + rm -f $temp + rm -f ${temp}.cookie.txt + grep -qi incorrect ${temp}.out + res=$? + rm ${temp}.out + if [ "$res" == "0" ]; then + echo "$BOCASERVER: User or password incorrect" + exit 3 + fi + else + echo "$BOCASERVER: connection failed" + exit 2 + fi + fi + [ -f /root/.logsession.tmp ] && mv /root/.logsession.tmp /root/.logsession + [ -f /root/.logkeys.tmp ] && mv /root/.logkeys.tmp /root/.logkeys + [ -f /root/.logfs.tmp ] && mv /root/.logfs.tmp /root/.logfs + [ "$zcount" == "16" ] || sleep 10 done exit 0 |