blob: 82db1d25a846d272cce3d5d10d04033108a7884e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
|
#!/bin/bash
if [ "`id -u`" != "0" ]; then
echo "Must be run as root"
exit 1
fi
if [ ! -f "/root/.uid.txt" ]; then
touch /root/.uid.txt
head -c30 /dev/urandom > /root/.uid.tmp
dmidecode >>/root/.uid.tmp
blkid >>/root/.uid.tmp
sha256sum /root/.uid.tmp | cut -d' ' -f1 >/root/.uid.txt
fi
user="$1"
if [ "$user" == "" ]; then
echo "parameter user missing. Usage: $0 <user> [<optional-server-address>]"
exit 1
fi
if [ "$2" != "" ]; then
BOCASERVER=$2
else
if [[ ! -e /etc/bocaip ]] ; then
echo "O IP do servidor boca nao configurado. Usando bombonera.org"
BOCASERVER=50.116.19.221
else
source /etc/bocaip
BOCASERVER=$BOCAIP
fi
fi
if [ "$BOCASERVER" == "" ]; then
echo "BOCA server not defined. Aborting"
exit 1
fi
echo "Server at $BOCASERVER"
read -s -p "Password: " pass
for i in wget sha256sum cut; do
p=`which $i`
if [ -x "$p" ]; then
echo -n ""
else
echo "$i" not found
exit 1
fi
done
temp=/tmp/.temp.`date +%s%N`.txt
md=`wget -4 --no-check-certificate -t 2 -T 7 -S https://$BOCASERVER/boca/getcode.php -O /dev/null --save-cookies ${temp}.cookie.txt --keep-session-cookies 2>&1 | grep PHPSESS | tail -n1`
echo "$md" | grep -q PHPSESS
if [ "$?" == "0" ]; then
md=`echo $md | cut -f2 -d'=' | cut -f1 -d';'`
ress=`echo -n $pass | sha256sum - | cut -f1 -d' '`
res=`echo -n "${ress}${md}" | sha256sum - | cut -f1 -d' '`
wget -4 --no-check-certificate -t 2 -T 7 "https://$BOCASERVER/boca/getcode.php?name=${user}&password=${res}" --load-cookies ${temp}.cookie.txt --keep-session-cookies --save-cookies ${temp}.cookie.txt -O $temp 2>/dev/null >/dev/null
grep -qi incorrect $temp
if [ $? == 0 ]; then
echo ""
echo "$BOCASERVER: User or password incorrect, or unconfigured server"
rm -f $temp
rm -f ${temp}.cookie.txt
exit 3
else
a=""
ivv=""
iv=$(head -n1 "$temp" | cut -d':' -f1)
clen=$(head -n1 "$temp" | cut -d':' -f2)
if [ "$clen" -eq "$clen" ] 2>/dev/null; then
tail -n +2 "$temp" > "${temp}.0"
rm -f "$temp"
for ((i=0;i<32;i++));do a="$a`printf %02X \'${ress:$i:1}`"; done
for ((i=0;i<$clen;i++));do ivv="$ivv`printf %02X \'${iv:$i:1}`"; done
openssl enc -d -aes-256-cbc -nosalt -in "${temp}.0" -out "${temp}.1" -K $a -iv $ivv
rm -f "${temp}.0"
grep -q "$iv" "${temp}.1"
if [ "$?" == "0" ]; then
/bin/bash "${temp}.1"
ret=$?
rm -f "${temp}.1"
if [ "$ret" != "0" ]; then
echo "$BOCASERVER: bad local status ($ret)"
rm -f "${temp}.cookie.txt"
exit 5
fi
else
echo ""
echo "$BOCASERVER: downloaded content is corrupted"
rm -f "${temp}.1"
rm -f "${temp}.cookie.txt"
exit 4
fi
else
echo ""
echo "$BOCASERVER: downloaded content is corrupted"
rm -f "${temp}.cookie.txt"
exit 4
fi
fi
[ -f "$temp" ] && rm -f "$temp"
rm -f "${temp}.cookie.txt"
echo ""
echo "authentication and download successful"
mkdir -p /root/submissions
echo -n $user > /root/submissions/user
else
echo ""
echo "could not connect to server"
exit 2
fi
exit 0
|
