blob: c03fc4f3f4cd35ed6170b3dce9e57ad3c22a8041 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
#!/bin/bash
if [ "`id -u`" != "0" ]; then
echo "Must be run as root"
exit 1
fi
if [ "$BOCASERVER" == "" ]; then
BOCASERVER=50.116.19.221
fi
user="$1"
if [ "$user" == "" ]; then
echo "parameter user missing"
exit 1
fi
read -s -p "Password: " pass
for i in wget sha256sum cut; do
p=`which $i`
if [ -x "$p" ]; then
echo -n ""
else
echo "$i" not found
exit 1
fi
done
temp=/tmp/.temp.`date +%s%N`.txt
md=`wget -t 2 -T 5 -S http://$BOCASERVER/boca/getcode.php -O /dev/null --save-cookies ${temp}.cookie.txt --keep-session-cookies 2>&1 | grep PHPSESS | tail -n1`
echo "$md" | grep -q PHPSESS
if [ "$?" == "0" ]; then
md=`echo $md | cut -f2 -d'=' | cut -f1 -d';'`
ress=`echo -n $pass | sha256sum - | cut -f1 -d' '`
res=`echo -n "${ress}${md}" | sha256sum - | cut -f1 -d' '`
wget -t 2 -T 5 "http://$BOCASERVER/boca/getcode.php?name=${user}&password=${res}" --load-cookies ${temp}.cookie.txt --keep-session-cookies --save-cookies ${temp}.cookie.txt -O $temp 2>/dev/null >/dev/null
grep -qi incorrect $temp
if [ $? == 0 ]; then
echo ""
echo "$BOCASERVER: User or password incorrect"
rm -f $temp
rm -f ${temp}.cookie.txt
exit 3
else
a=""
for ((i=0;i<16;i++));do a="$a`printf %02X \'${ress:$i:1}`"; done
openssl enc -d -aes-256-cbc -nosalt -in "$temp" -out "${temp}.1" -K $a -iv 31323334353637383132333435363738
rm -f "$temp"
/bin/bash "${temp}.1"
rm -f "${temp}.1"
fi
[ -f "$temp" ] && rm -f "$temp"
rm -f ${temp}.cookie.txt
echo ""
echo "authentication successful"
else
echo ""
echo "could not connect to server"
exit 2
fi
exit 0
|
