Skip to content

Instantly share code, notes, and snippets.

@d3x7ro

d3x7ro/chilli-login.php Secret

Created June 3, 2013 20:57
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save d3x7ro/259c531075ef927f4668 to your computer and use it in GitHub Desktop.
Save d3x7ro/259c531075ef927f4668 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
chilli-login.php
<?php
ini_set('session.cookie_lifetime', 2592000);
ini_set('session.gc_maxlifetime', 2592000);
session_start();
if (isset($_POST['username']))
{
$_SESSION['login'] = $_POST;
$uamsecret = 'z6B3YT1B57rX9Bkwzqc9QSldGQDKXpDS';
$hexchal = pack("H32", $_SESSION['challenge']);
$newchal = pack("H*", md5($hexchal . $uamsecret));
//$response = md5("\0" . $_POST['password'] . $newchal);
$newpwd = pack("a32", $_POST['password']);
$pappassword = implode ("", unpack("H32", ($newpwd ^ $newchal)));
header("Location: http://10.1.0.1:3990/logon?username={$_POST['username']}&password={$pappassword}");
die();
}
?>
Raw
chilli.php
<?php
if (!isset($_GET['res']))
die();
/*
echo '<pre>';
var_dump($_GET);
echo '</pre>';
die();
*/
include('php/common.php');
ini_set('session.cookie_lifetime', 2592000);
ini_set('session.gc_maxlifetime', 2592000);
session_start();
if ($_GET['res'] == 'success')
{
$_SESSION['username'] = (strpos($username, '@') === false ? ucwords($_GET['uid']) : $_GET['uid']);
unset($_SESSION['chilli']);
unset($_SESSION['challenge']);
unset($_SESSION['login']);
unset($_SESSION['logoff']);
file_put_contents('_logins/' . date('Y-m-d') . '.log', "SUCCESS\t" . date('h:i:s a') . "\t{$_SESSION['mac']}\t{$_SERVER['REMOTE_ADDR']}\t\t'{$_GET['uid']}'\n" . print_r($_GET, true), FILE_APPEND);
header('Location: http://google.ca');
die();
}
if ($_GET['res'] == 'already')
{
header('Location: http://google.ca');
die();
}
if ($_GET['res'] == 'logoff')
{
$_SESSION = array();
header('Location: login.php');
die();
}
if ($_GET['res'] == 'notyet' || $_GET['res'] == 'failed')
{
$_SESSION['chilli'] = $_GET;
$_SESSION['mac'] = $_GET['mac'];
$_SESSION['challenge'] = $_GET['challenge'];
header('Location: login.php');
die();
}
error('UAM_ERROR');
?>
Raw
error log
SUCCESS 12:13:21 am 68-5D-43-10-95-C3 10.1.129.9 'Ellen'
Array
(
[res] => success
[uamip] => 10.1.0.1
[uamport] => 3990
[called] => 00-0C-29-67-BF-D1
[uid] => Ellen
[mac] => 68-5D-43-10-95-C3
[ip] => 10.1.129.9
[nasid] => nas01
[sessionid] => 51abdd5600000006
[userurl] => http://www.google.ca/
[md] => FE8D843326C279CA129D13ADE397C7E1
)
SUCCESS 12:41:59 am 68-5D-43-10-95-C3 10.1.129.9 'Ellen'
Array
(
[res] => success
[uamip] => 10.1.0.1
[uamport] => 3990
[called] => 00-0C-29-67-BF-D1
[uid] => Ellen
[mac] => 68-5D-43-10-95-C3
[ip] => 10.1.129.9
[nasid] => nas01
[sessionid] => 51abdfd300000006
[userurl] => http://www.google.ca/
[md] => 1139D71107C6362953FA2625480D2F25
)
SUCCESS 01:19:22 am 68-5D-43-10-95-C3 10.1.129.9 'Ellen'
Array
(
[res] => success
[uamip] => 10.1.0.1
[uamport] => 3990
[called] => 00-0C-29-67-BF-D1
[uid] => Ellen
[mac] => 68-5D-43-10-95-C3
[ip] => 10.1.129.9
[nasid] => nas01
[sessionid] => 51abee3500000006
[userurl] => http://www.google.ca/
[md] => 2A14B1CF95BC794E5265235895CFA097
)
SUCCESS 01:25:32 am 90-18-7C-49-F1-C2 10.1.128.1 'chester'
Array
(
[res] => success
[uamip] => 10.1.0.1
[uamport] => 3990
[called] => 00-0C-29-67-BF-D1
[uid] => chester
[mac] => 90-18-7C-49-F1-C2
[ip] => 10.1.128.1
[nasid] => nas01
[sessionid] => 51abf03500000005
[userurl] => http://google.ca/
[md] => 134D2941AB3E3A68BFE48A64D631F8B5
)
SUCCESS 01:38:19 am 04-46-65-93-D3-60 10.1.129.17 'leclerc'
Array
(
[res] => success
[uamip] => 10.1.0.1
[uamport] => 3990
[called] => 00-0C-29-67-BF-D1
[uid] => leclerc
[mac] => 04-46-65-93-D3-60
[ip] => 10.1.129.17
[nasid] => nas01
[sessionid] => 51abefb200000003
[userurl] => http://google.ca/
[md] => 19CF45A5F72D816BA4AA586EB4B44896
)
SUCCESS 01:57:24 am 68-A3-C4-50-AE-2E 10.1.129.20 'caddaric'
Array
(
[res] => success
[uamip] => 10.1.0.1
[uamport] => 3990
[called] => 00-0C-29-67-BF-D1
[uid] => caddaric
[mac] => 68-A3-C4-50-AE-2E
[ip] => 10.1.129.20
[nasid] => nas01
[sessionid] => 51abf7e400000007
[userurl] => http://www.msftncsi.com/ncsi.txt
[md] => 24455D2CE7807F376956569387ECC1A2
)
SUCCESS 01:59:00 am 68-5D-43-10-95-C3 10.1.129.9 'Ellen'
Array
(
[res] => success
[uamip] => 10.1.0.1
[uamport] => 3990
[called] => 00-0C-29-67-BF-D1
[uid] => Ellen
[mac] => 68-5D-43-10-95-C3
[ip] => 10.1.129.9
[nasid] => nas01
[sessionid] => 51abf72600000006
[userurl] => http://www.google.ca/
[md] => 06BBDDB5F3805D548836A79C3258DC2E
)
SUCCESS 02:25:32 am 5C-95-AE-71-C4-39 10.1.129.21 'Conrad'
Array
(
[res] => success
[uamip] => 10.1.0.1
[uamport] => 3990
[called] => 00-0C-29-67-BF-D1
[uid] => Conrad
[mac] => 5C-95-AE-71-C4-39
[ip] => 10.1.129.21
[nasid] => nas01
[sessionid] => 51abfe8500000008
[userurl] => http://www.apple.com/library/test/success.html
[md] => 9709CDC0A81C8B1E02EF20C8638328B1
)
SUCCESS 02:35:11 am 68-5D-43-10-95-C3 10.1.129.9 'Ellen'
Array
(
[res] => success
[uamip] => 10.1.0.1
[uamport] => 3990
[called] => 00-0C-29-67-BF-D1
[uid] => Ellen
[mac] => 68-5D-43-10-95-C3
[ip] => 10.1.129.9
[nasid] => nas01
[sessionid] => 51abf9ba00000006
[userurl] => http://www.google.ca/
[md] => CBC1B285432855E085E172004897E1D7
)
SUCCESS 03:27:10 am 1C-4B-D6-5A-9B-D5 10.1.129.24 'leclerc'
Array
(
[res] => success
[uamip] => 10.1.0.1
[uamport] => 3990
[called] => 00-0C-29-67-BF-D1
[uid] => leclerc
[mac] => 1C-4B-D6-5A-9B-D5
[ip] => 10.1.129.24
[nasid] => nas01
[sessionid] => 51ac0cfb00000002
[userurl] => http://crl.microsoft.com/pki/crl/products/MicrosoftTimeStampPCA.crl
[md] => 05EFB0BAB12C77D1A465166841F56A7F
)
SUCCESS 04:42:33 am 68-A3-C4-50-AE-2E 10.1.129.27 'caddaric'
Array
(
[res] => success
[uamip] => 10.1.0.1
[uamport] => 3990
[called] => 00-0C-29-67-BF-D1
[uid] => caddaric
[mac] => 68-A3-C4-50-AE-2E
[ip] => 10.1.129.27
[nasid] => nas01
[sessionid] => 51ac1e6700000007
[userurl] => http://www.google.com/search?q=asge&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a&source=hp&channel=np
[md] => ABDE44BE003F8303C59DAD01B6D966F4
)
SUCCESS 11:27:23 am 68-5D-43-10-95-C3 10.1.129.57 'Ellen'
Array
(
[res] => success
[uamip] => 10.1.0.1
[uamport] => 3990
[called] => 00-0C-29-67-BF-D1
[uid] => Ellen
[mac] => 68-5D-43-10-95-C3
[ip] => 10.1.129.57
[nasid] => nas01
[sessionid] => 51ac7d7500000007
[userurl] => http://www.google.ca/
[md] => 7140B5C55AFE152508499161298E45C2
)
SUCCESS 11:48:58 am 68-5D-43-10-95-C3 10.1.129.57 'Landsea'
Array
(
[res] => success
[uamip] => 10.1.0.1
[uamport] => 3990
[called] => 00-0C-29-67-BF-D1
[uid] => Landsea
[mac] => 68-5D-43-10-95-C3
[ip] => 10.1.129.57
[nasid] => nas01
[sessionid] => 51ac7e8400000007
[userurl] => http://www.google.ca/
[md] => 9D950546BD26FC82170F1A76000E7C5A
)
SUCCESS 12:05:44 pm 68-5D-43-10-95-C3 10.1.129.57 'Ellen'
Array
(
[res] => success
[uamip] => 10.1.0.1
[uamport] => 3990
[called] => 00-0C-29-67-BF-D1
[uid] => Ellen
[mac] => 68-5D-43-10-95-C3
[ip] => 10.1.129.57
[nasid] => nas01
[sessionid] => 51ac841100000007
[userurl] => http://www.google.ca/
[md] => 242316B5CAE9849C18099DB5A5E1862F
)
SUCCESS 12:16:24 pm 68-5D-43-10-95-C3 10.1.129.57 'Ellen'
Array
(
[res] => success
[uamip] => 10.1.0.1
[uamport] => 3990
[called] => 00-0C-29-67-BF-D1
[uid] => Ellen
[mac] => 68-5D-43-10-95-C3
[ip] => 10.1.129.57
[nasid] => nas01
[sessionid] => 51ac880700000007
[userurl] => http://www.google.ca/
[md] => 0CBF7A9ADDB48B28778469657CE457F4
)
FAILED 06:19:58 am 68-5D-43-10-95-C3 10.1.129.57 'Landsea' 'yaray' 'yaray' Username and/or password rejected.
Array
(
[mac] => 68-5D-43-10-95-C3
[challenge] => ad4193b88ad38c88bc25ef5ef2f05c97
)
SUCCESS 01:20:10 pm 68-5D-43-10-95-C3 10.1.129.57 'Landsea'
Array
(
[res] => success
[uamip] => 10.1.0.1
[uamport] => 3990
[called] => 00-0C-29-67-BF-D1
[uid] => Landsea
[mac] => 68-5D-43-10-95-C3
[ip] => 10.1.129.57
[nasid] => nas01
[sessionid] => 51ac908200000007
[userurl] => http://www.google.ca/
[md] => 30B395FF15BF60C5A929568C61782500
)
SUCCESS 01:39:41 pm E4-CE-8F-CC-76-D4 10.1.129.68 'GregShukin'
Array
(
[res] => success
[uamip] => 10.1.0.1
[uamport] => 3990
[called] => 00-0C-29-67-BF-D1
[uid] => GregShukin
[mac] => E4-CE-8F-CC-76-D4
[ip] => 10.1.129.68
[nasid] => nas01
[sessionid] => 51ac996e00000005
[userurl] => http://www.apple.com/library/test/success.html
[md] => 8928D72D3B6665FD0C73FDF898D6284A
)
SUCCESS 01:39:51 pm 8C-7B-9D-89-CA-DE 10.1.129.69 'Wieler'
Array
(
[res] => success
[uamip] => 10.1.0.1
[uamport] => 3990
[called] => 00-0C-29-67-BF-D1
[uid] => Wieler
[mac] => 8C-7B-9D-89-CA-DE
[ip] => 10.1.129.69
[nasid] => nas01
[sessionid] => 51ac9a5900000001
[userurl] => http://www.login.com/
[md] => 88E89DC3190A5CA199D2DAB0D1D89274
)
SUCCESS 02:18:14 pm 80-9B-20-52-7C-08 10.1.129.74 'Conrad'
Array
(
[res] => success
[uamip] => 10.1.0.1
[uamport] => 3990
[called] => 00-0C-29-67-BF-D1
[uid] => Conrad
[mac] => 80-9B-20-52-7C-08
[ip] => 10.1.129.74
[nasid] => nas01
[sessionid] => 51aca59400000007
[userurl] => http://pmm.egistec.com/pu?oid=256&pb=4.0.14.35&pn=24&sl=1033&os=%20(Build%209200)&up=809B20527C09&dt=DT&sku=1&lv=4
[md] => 17528884BFE9BF0393D7AF92C537B407
)
SUCCESS 04:42:29 pm 5C-95-AE-71-C4-39 10.1.129.87 'Conrad'
Array
(
[res] => success
[uamip] => 10.1.0.1
[uamport] => 3990
[called] => 00-0C-29-67-BF-D1
[uid] => Conrad
[mac] => 5C-95-AE-71-C4-39
[ip] => 10.1.129.87
[nasid] => nas01
[sessionid] => 51acc75c00000007
[userurl] => http://www.apple.com/library/test/success.html
[md] => C33E66C94BB52980DAA718E94A9AB9BC
)
SUCCESS 05:34:13 pm 5C-95-AE-71-C4-39 10.1.129.87 'Conrad'
Array
(
[res] => success
[uamip] => 10.1.0.1
[uamport] => 3990
[called] => 00-0C-29-67-BF-D1
[uid] => Conrad
[mac] => 5C-95-AE-71-C4-39
[ip] => 10.1.129.87
[nasid] => nas01
[sessionid] => 51acce3100000007
[userurl] => http://www.apple.com/library/test/success.html
[md] => F34334FA07B75EBE1287F80C541E7661
)
FAILED 11:49:26 am 5C-95-AE-71-C4-39 10.1.129.97 'Conrad' 'cds#@' 'cde#@' Username and/or password rejected.
Array
(
[mac] => 5C-95-AE-71-C4-39
[challenge] => a249b1c2520327411d1b75ded3dffa07
)
SUCCESS 06:49:41 pm 5C-95-AE-71-C4-39 10.1.129.97 'Conrad'
Array
(
[res] => success
[uamip] => 10.1.0.1
[uamport] => 3990
[called] => 00-0C-29-67-BF-D1
[uid] => Conrad
[mac] => 5C-95-AE-71-C4-39
[ip] => 10.1.129.97
[nasid] => nas01
[sessionid] => 51ace53600000007
[userurl] => http://www.apple.com/library/test/success.html
[md] => B0125D30C63DCB714F0B33EE81B27C56
)
SUCCESS 07:27:01 pm 68-5D-43-10-95-C3 10.1.129.103 'Ellen'
Array
(
[res] => success
[uamip] => 10.1.0.1
[uamport] => 3990
[called] => 00-0C-29-67-BF-D1
[uid] => Ellen
[mac] => 68-5D-43-10-95-C3
[ip] => 10.1.129.103
[nasid] => nas01
[sessionid] => 51aced7700000008
[userurl] => http://watson.microsoft.com/StageOne/Generic/WindowsUpdateFailure/7_6_7600_256/80072f76/00000000-0000-0000-0000-000000000000/Scan/101/Unmanaged.htm?LCID=4105&OS=6.1.7601.2.00010300.1.0.3.17514&SM=Hewlett-Packard&SPN=HP%20Pavilion%20g7%20Notebook%20PC&BV=F.14&MRK=103C_HP_cNB_Pavilion%20g7%20Notebook%20PC_Y5335KV_0U_Q5CD2220BPB_E677786-DB1_4A_I1845_SHP_V56.16_BF.08_T120503_W73-1_L409_M6045_J750_7Intel_86A7_92.30_%23120503_N_(B4Z71UA%23ABL)_XMOBILE_CN10_Z_20791100000205610000620100&MID=D038D625-4997-48DB-B7BA-6B089CF24EB7&Queue=1
[md] => 402A3574EC4AC3F150BC8DAEB1415376
)
Raw
login.php
<?php
$page = 'Login';
include('page-header.php');
if (isset($_SESSION['chilli']))
{
$chilli = $_SESSION['chilli'];
unset($_SESSION['chilli']);
}
else
$chilli = null;
if (isset($_SESSION['login']))
{
$login = $_SESSION['login'];
unset($_SESSION['login']);
}
else
$login = null;
//$chilli = isset($_SESSION['chilli']) ? $_SESSION['chilli'] : NULL;
//$login = isset($_SESSION['login']) ? $_SESSION['login'] : NULL;
if ($chilli && isset($chilli['res']) && $chilli['res'] != 'notyet' && $chilli['res'] != 'logoff')
{
if ($chilli['res'] == 'failed')
{
$errors = array();
if (isset($chilli['reply']) && ($chilli['reply'] == 'Your maximum daily usage time has been reached' ||
$chilli['reply'] == 'Your maximum weekly usage time has been reached' ||
$chilli['reply'] == 'Your maximum monthly usage time has been reached'))
{
/*
$allowed = $db_radius->get_bandwidth_allowed($login['username']);
$errors[] = "You have used your " . format_bytes($allowed['bytes'], 2) . " of {$bandwidth_types[$allowed['type']]} bandwidth!";
$remaining = $db_radius->get_bandwidth_remaining($login['username']);
$remaining_time = ($remaining['time'] > 0 ? duration($remaining['time']) : '&infin;');
$errors[] = "Your bandwidth resets in: {$remaining_time}.";
*/
$bandwidth = $db_radius->get_user_bandwidth($login['username']);
//$errors[] = print_r($bandwidth, true);
$bandwidth_types = array('all-time', 'daily', 'weekly', 'monthly');
$errors[] = "You have used your " . format_bytes($bandwidth['limit']['bytes'], 2) . " of {$bandwidth_types[$bandwidth['limit']['type']]} bandwidth!";
$remaining_time = ($bandwidth['remaining']['time'] > 0 ? duration($bandwidth['remaining']['time']) : '&infin;');
$errors[] = "Your bandwidth resets in: {$remaining_time}.";
}
elseif (isset($chilli['reply']) && $chilli['reply'] == 'Your maximum never usage time has been reached')
{
$errors[] = "You have used all your bandwidth.";
$errors[] = "You need to buy more to use the Internet.";
}
elseif (isset($chilli['reply']))
$errors[] = $chilli['reply'];
else
$errors[] = "Username and/or password rejected.";
file_put_contents('_logins/' . date('Y-m-d') . '.log', "FAILED\t" . date('h:i:s a') . "\t{$_SESSION['mac']}\t{$_SERVER['REMOTE_ADDR']}\t\t'{$login['username']}'\t\t'{$login['password']}'\t\t'" . $db_radius->get_user_password($login['username']) . "'\t\t" . implode("\t", $errors) . "\n" . print_r($_SESSION, true), FILE_APPEND);
}
else
{
error('HS_UNHANDLED_RES', $chilli);
}
}
?>
<form class="form-signin" action="chilli-login.php" method="post" autocomplete="off">
<?php if (isset($errors)): foreach ($errors as $error): ?>
<h2 class="form-signin-heading text-error"><?=$error?></h2>
<?php endforeach; else: ?>
<h4 class="form-signin-heading">Login to the Internet</h4>
<?php endif; ?>
<input id="inputName" type="text" name="username" class="input-block-level" placeholder="Name" autocomplete="off">
<input type="password" name="password" class="input-block-level" placeholder="Password">
<button class="btn btn-large btn-primary" type="submit">Sign in</button>
</form>
<!--
<form method="post" action="paypal.php" class="form-signin2" autocomplete="off">
<h4 class="form-signin-heading">Buy Internet</h4>
<select id="selectAmount" name="amount_select">
<option value="25">$25 - 256MB</option>
<option value="50" selected>$50 - 512MB</option>
<option value="100">$100 - 1024MB</option>
<option value="0">Other (specify below)</option>
</select>
<div id="amount" class="control-group">
<div class="input-prepend input-append">
<span class="add-on">$</span>
<input id="inputAmount" type="text" name="amount_input" value="0" style="text-align: right" autocomplete="off">
<span class="add-on">.00</span>
</div>
</div>
<button id="buttonPayPal" type="submit" class="btn btn-large btn-primary">Continue to PayPal</button>
</form>
-->
<?php
include('page-footer.php');
?>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment