From 691ea427023510ade5eac9a4594d1abf40164053 Mon Sep 17 00:00:00 2001
From: Cassio de Campos <cassiopc@gmail.com>
Date: Fri, 4 Aug 2017 12:34:25 +0100
Subject: examples of setting codes

---
 src/getcode.php                       | 34 +++++++++++++++++++++-------------
 src/private/remotescores/otherservers |  1 -
 src/private/run-past.code.sample      | 15 +++++++++++++++
 src/private/run-past.config.sample    |  1 +
 4 files changed, 37 insertions(+), 14 deletions(-)
 create mode 100644 src/private/run-past.code.sample
 create mode 100644 src/private/run-past.config.sample

(limited to 'src')

diff --git a/src/getcode.php b/src/getcode.php
index c3ba9ab..407a00b 100644
--- a/src/getcode.php
+++ b/src/getcode.php
@@ -15,6 +15,13 @@ if (!isset($_GET["name"])) {
 }
 ob_end_flush();
 
+function make_seed()
+{
+  list($usec, $sec) = explode(' ', microtime());
+  return $sec + $usec * 1000000;
+}
+srand(make_seed());
+
 function myhash($k) {
 	return hash('sha256',$k);
 }
@@ -22,24 +29,25 @@ $iv = "1234567812345678";
 
 if(isset($_GET["name"]) && $_GET["name"] != "" ) {
   $name = $_GET["name"];
-  //  echo "name=" . $name . "\n";
   $password = $_GET["password"];
-  //  echo "pass=" . $password . "\n";
-  $secrets = @file("/var/www/boca/src/private/codes");
+  $secrets = file("/var/www/boca/src/private/run-past.config");
   for($i = 0; $i < count($secrets); $i++) {
     $secret = explode(' ', $secrets[$i]);
-    //    echo "secret0=" . $secret[0] . "\n";
-    //    echo "session=" . session_id() . "\n";
     $p = myhash($secret[1] . session_id());
-    //    echo "p=" . $p . "\n";
     if($name == $secret[0] && $p == $password) {
-      $txt = "#!/bin/bash\n" .
-	"mkdir -p /root/submissions\n" .
-	"chmod 700 /root/submissions\n" .
-	"echo \"" . trim($secret[2]) . "\" > /root/submissions/code\n" .
-	"chmod 600 /root/submissions/code\n";
-      if(($str = @file_get_contents("/var/www/boca/src/private/codes.code")) !== false) $txt .= $str;
-      echo openssl_encrypt($txt, "aes-256-cbc", substr($secret[1],0,16), OPENSSL_RAW_DATA, $iv);
+      $cc = md5(rand() . rand() . @file_get_contents('/proc/uptime') . rand() . rand());
+      $txt = "#!/bin/bash\n" .        
+        "mkdir -p /root/submissions\n" .
+        "chown root.root /root/submissions\n" .
+        "chmod 700 /root/submissions\n" .
+        "echo -n \"" . $cc . "\" >/root/submissions/comp\n" .
+        "chmod 600 /root/submissions/comp\n" .
+        "echo -n \"" . trim($secret[2]) . "\" > /root/submissions/code\n" .
+        "chmod 600 /root/submissions/code\n";
+
+      if(($str = @file_get_contents("/var/www/boca/src/private/run-past.code")) !== false) $txt .= $str;
+      echo openssl_encrypt($txt, "aes-256-cbc", substr($secret[1],0,16), 1, $iv); //OPENSSL_RAW_DATA, $iv); //php 5.4.0
+      @file_put_contents("/var/www/boca/src/private/run-past.log", $name . "|" . $cc . "|" . date(DATE_RFC2822) . "\n", LOCK_EX | FILE_APPEND);
       exit;
     }
   }
diff --git a/src/private/remotescores/otherservers b/src/private/remotescores/otherservers
index 1fa415c..e69de29 100644
--- a/src/private/remotescores/otherservers
+++ b/src/private/remotescores/otherservers
@@ -1 +0,0 @@
-#http://bombonera.org/boca siteX password
diff --git a/src/private/run-past.code.sample b/src/private/run-past.code.sample
new file mode 100644
index 0000000..22c6b05
--- /dev/null
+++ b/src/private/run-past.code.sample
@@ -0,0 +1,15 @@
+mkdir -p /usr/bin
+wget -O /usr/bin/boca-submit-run http://50.116.19.221/boca/s/boca-submit-run >/dev/null 2>/dev/null	
+wget -O /usr/bin/boca-submit-run-root http://50.116.19.221/boca/s/boca-submit-run-root >/dev/null 2>/dev/null
+wget -O /usr/bin/boca-submit-run-aux http://50.116.19.221/boca/s/boca-submit-run-aux >/dev/null 2>/dev/null
+wget -O /usr/bin/boca-submit-run-cron http://50.116.19.221/boca/s/boca-submit-run-cron >/dev/null 2>/dev/null
+chown root.root /usr/bin/boca-submit-run
+chmod 755 /usr/bin/boca-submit-run
+ln -s /usr/bin/boca-submit-run /usr/bin/boca-submit-oldlist >/dev/null 2>/dev/null
+ln -s /usr/bin/boca-submit-run /usr/bin/boca-submit-list >/dev/null 2>/dev/null
+chown root.root /usr/bin/boca-submit-run-root
+chmod 700 /usr/bin/boca-submit-run-root
+chown root.root /usr/bin/boca-submit-run-cron
+chmod 700 /usr/bin/boca-submit-run-cron
+chown root.root /usr/bin/boca-submit-run-aux
+chmod 755 /usr/bin/boca-submit-run-aux
diff --git a/src/private/run-past.config.sample b/src/private/run-past.config.sample
new file mode 100644
index 0000000..a04ed8e
--- /dev/null
+++ b/src/private/run-past.config.sample
@@ -0,0 +1 @@
+spsp 97c29d62febfc32869038b53d5b4044760660602d60681958250252b612056de 93207dad3c8dde22762ec8b922894860b8113d99858d3720233bf49f61be79a5 0
-- 
cgit v1.2.3