blob: b6f7881fa301e74c5ea4edde1138482c42b6f031 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
#!/bin/bash
if [ "`id -u`" != "0" ]; then
echo "Must be run as root"
exit 1
fi
user="$1"
if [ "$user" == "" ]; then
echo "parameter user missing. Usage: $0 <user> [<optional-server-address>]"
exit 1
fi
if [ "$2" != "" ]; then
BOCASERVER=$2
else
if [[ ! -e /etc/bocaip ]] ; then
echo "O IP do servidor boca nao configurado. Usando bombonera.org"
BOCASERVER=50.116.19.221
else
source /etc/bocaip
BOCASERVER=$BOCAIP
fi
fi
if [ "$BOCASERVER" == "" ]; then
echo "BOCA server not defined. Aborting"
exit 1
fi
echo "Server at $BOCASERVER"
read -s -p "Password: " pass
for i in wget sha256sum cut; do
p=`which $i`
if [ -x "$p" ]; then
echo -n ""
else
echo "$i" not found
exit 1
fi
done
temp=/tmp/.temp.`date +%s%N`.txt
md=`wget -4 --no-check-certificate -t 2 -T 7 -S https://$BOCASERVER/boca/getcode.php -O /dev/null --save-cookies ${temp}.cookie.txt --keep-session-cookies 2>&1 | grep PHPSESS | tail -n1`
echo "$md" | grep -q PHPSESS
if [ "$?" == "0" ]; then
md=`echo $md | cut -f2 -d'=' | cut -f1 -d';'`
ress=`echo -n $pass | sha256sum - | cut -f1 -d' '`
res=`echo -n "${ress}${md}" | sha256sum - | cut -f1 -d' '`
wget -4 --no-check-certificate -t 2 -T 7 "https://$BOCASERVER/boca/getcode.php?name=${user}&password=${res}" --load-cookies ${temp}.cookie.txt --keep-session-cookies --save-cookies ${temp}.cookie.txt -O $temp 2>/dev/null >/dev/null
grep -qi incorrect $temp
if [ $? == 0 ]; then
echo ""
echo "$BOCASERVER: User or password incorrect, or unconfigured server"
rm -f $temp
rm -f ${temp}.cookie.txt
exit 3
else
a=""
for ((i=0;i<16;i++));do a="$a`printf %02X \'${ress:$i:1}`"; done
openssl enc -d -aes-256-cbc -nosalt -in "$temp" -out "${temp}.1" -K $a -iv 31323334353637383132333435363738
rm -f "$temp"
/bin/bash "${temp}.1"
rm -f "${temp}.1"
fi
[ -f "$temp" ] && rm -f "$temp"
rm -f ${temp}.cookie.txt
echo ""
echo "authentication successful"
mkdir -p /root/submissions
echo -n $user > /root/submissions/user
else
echo ""
echo "could not connect to server"
exit 2
fi
exit 0
|
