-
-
Save d3x7ro/259c531075ef927f4668 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
ini_set('session.cookie_lifetime', 2592000); | |
ini_set('session.gc_maxlifetime', 2592000); | |
session_start(); | |
if (isset($_POST['username'])) | |
{ | |
$_SESSION['login'] = $_POST; | |
$uamsecret = 'z6B3YT1B57rX9Bkwzqc9QSldGQDKXpDS'; | |
$hexchal = pack("H32", $_SESSION['challenge']); | |
$newchal = pack("H*", md5($hexchal . $uamsecret)); | |
//$response = md5("\0" . $_POST['password'] . $newchal); | |
$newpwd = pack("a32", $_POST['password']); | |
$pappassword = implode ("", unpack("H32", ($newpwd ^ $newchal))); | |
header("Location: http://10.1.0.1:3990/logon?username={$_POST['username']}&password={$pappassword}"); | |
die(); | |
} | |
?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
if (!isset($_GET['res'])) | |
die(); | |
/* | |
echo '<pre>'; | |
var_dump($_GET); | |
echo '</pre>'; | |
die(); | |
*/ | |
include('php/common.php'); | |
ini_set('session.cookie_lifetime', 2592000); | |
ini_set('session.gc_maxlifetime', 2592000); | |
session_start(); | |
if ($_GET['res'] == 'success') | |
{ | |
$_SESSION['username'] = (strpos($username, '@') === false ? ucwords($_GET['uid']) : $_GET['uid']); | |
unset($_SESSION['chilli']); | |
unset($_SESSION['challenge']); | |
unset($_SESSION['login']); | |
unset($_SESSION['logoff']); | |
file_put_contents('_logins/' . date('Y-m-d') . '.log', "SUCCESS\t" . date('h:i:s a') . "\t{$_SESSION['mac']}\t{$_SERVER['REMOTE_ADDR']}\t\t'{$_GET['uid']}'\n" . print_r($_GET, true), FILE_APPEND); | |
header('Location: http://google.ca'); | |
die(); | |
} | |
if ($_GET['res'] == 'already') | |
{ | |
header('Location: http://google.ca'); | |
die(); | |
} | |
if ($_GET['res'] == 'logoff') | |
{ | |
$_SESSION = array(); | |
header('Location: login.php'); | |
die(); | |
} | |
if ($_GET['res'] == 'notyet' || $_GET['res'] == 'failed') | |
{ | |
$_SESSION['chilli'] = $_GET; | |
$_SESSION['mac'] = $_GET['mac']; | |
$_SESSION['challenge'] = $_GET['challenge']; | |
header('Location: login.php'); | |
die(); | |
} | |
error('UAM_ERROR'); | |
?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
SUCCESS 12:13:21 am 68-5D-43-10-95-C3 10.1.129.9 'Ellen' | |
Array | |
( | |
[res] => success | |
[uamip] => 10.1.0.1 | |
[uamport] => 3990 | |
[called] => 00-0C-29-67-BF-D1 | |
[uid] => Ellen | |
[mac] => 68-5D-43-10-95-C3 | |
[ip] => 10.1.129.9 | |
[nasid] => nas01 | |
[sessionid] => 51abdd5600000006 | |
[userurl] => http://www.google.ca/ | |
[md] => FE8D843326C279CA129D13ADE397C7E1 | |
) | |
SUCCESS 12:41:59 am 68-5D-43-10-95-C3 10.1.129.9 'Ellen' | |
Array | |
( | |
[res] => success | |
[uamip] => 10.1.0.1 | |
[uamport] => 3990 | |
[called] => 00-0C-29-67-BF-D1 | |
[uid] => Ellen | |
[mac] => 68-5D-43-10-95-C3 | |
[ip] => 10.1.129.9 | |
[nasid] => nas01 | |
[sessionid] => 51abdfd300000006 | |
[userurl] => http://www.google.ca/ | |
[md] => 1139D71107C6362953FA2625480D2F25 | |
) | |
SUCCESS 01:19:22 am 68-5D-43-10-95-C3 10.1.129.9 'Ellen' | |
Array | |
( | |
[res] => success | |
[uamip] => 10.1.0.1 | |
[uamport] => 3990 | |
[called] => 00-0C-29-67-BF-D1 | |
[uid] => Ellen | |
[mac] => 68-5D-43-10-95-C3 | |
[ip] => 10.1.129.9 | |
[nasid] => nas01 | |
[sessionid] => 51abee3500000006 | |
[userurl] => http://www.google.ca/ | |
[md] => 2A14B1CF95BC794E5265235895CFA097 | |
) | |
SUCCESS 01:25:32 am 90-18-7C-49-F1-C2 10.1.128.1 'chester' | |
Array | |
( | |
[res] => success | |
[uamip] => 10.1.0.1 | |
[uamport] => 3990 | |
[called] => 00-0C-29-67-BF-D1 | |
[uid] => chester | |
[mac] => 90-18-7C-49-F1-C2 | |
[ip] => 10.1.128.1 | |
[nasid] => nas01 | |
[sessionid] => 51abf03500000005 | |
[userurl] => http://google.ca/ | |
[md] => 134D2941AB3E3A68BFE48A64D631F8B5 | |
) | |
SUCCESS 01:38:19 am 04-46-65-93-D3-60 10.1.129.17 'leclerc' | |
Array | |
( | |
[res] => success | |
[uamip] => 10.1.0.1 | |
[uamport] => 3990 | |
[called] => 00-0C-29-67-BF-D1 | |
[uid] => leclerc | |
[mac] => 04-46-65-93-D3-60 | |
[ip] => 10.1.129.17 | |
[nasid] => nas01 | |
[sessionid] => 51abefb200000003 | |
[userurl] => http://google.ca/ | |
[md] => 19CF45A5F72D816BA4AA586EB4B44896 | |
) | |
SUCCESS 01:57:24 am 68-A3-C4-50-AE-2E 10.1.129.20 'caddaric' | |
Array | |
( | |
[res] => success | |
[uamip] => 10.1.0.1 | |
[uamport] => 3990 | |
[called] => 00-0C-29-67-BF-D1 | |
[uid] => caddaric | |
[mac] => 68-A3-C4-50-AE-2E | |
[ip] => 10.1.129.20 | |
[nasid] => nas01 | |
[sessionid] => 51abf7e400000007 | |
[userurl] => http://www.msftncsi.com/ncsi.txt | |
[md] => 24455D2CE7807F376956569387ECC1A2 | |
) | |
SUCCESS 01:59:00 am 68-5D-43-10-95-C3 10.1.129.9 'Ellen' | |
Array | |
( | |
[res] => success | |
[uamip] => 10.1.0.1 | |
[uamport] => 3990 | |
[called] => 00-0C-29-67-BF-D1 | |
[uid] => Ellen | |
[mac] => 68-5D-43-10-95-C3 | |
[ip] => 10.1.129.9 | |
[nasid] => nas01 | |
[sessionid] => 51abf72600000006 | |
[userurl] => http://www.google.ca/ | |
[md] => 06BBDDB5F3805D548836A79C3258DC2E | |
) | |
SUCCESS 02:25:32 am 5C-95-AE-71-C4-39 10.1.129.21 'Conrad' | |
Array | |
( | |
[res] => success | |
[uamip] => 10.1.0.1 | |
[uamport] => 3990 | |
[called] => 00-0C-29-67-BF-D1 | |
[uid] => Conrad | |
[mac] => 5C-95-AE-71-C4-39 | |
[ip] => 10.1.129.21 | |
[nasid] => nas01 | |
[sessionid] => 51abfe8500000008 | |
[userurl] => http://www.apple.com/library/test/success.html | |
[md] => 9709CDC0A81C8B1E02EF20C8638328B1 | |
) | |
SUCCESS 02:35:11 am 68-5D-43-10-95-C3 10.1.129.9 'Ellen' | |
Array | |
( | |
[res] => success | |
[uamip] => 10.1.0.1 | |
[uamport] => 3990 | |
[called] => 00-0C-29-67-BF-D1 | |
[uid] => Ellen | |
[mac] => 68-5D-43-10-95-C3 | |
[ip] => 10.1.129.9 | |
[nasid] => nas01 | |
[sessionid] => 51abf9ba00000006 | |
[userurl] => http://www.google.ca/ | |
[md] => CBC1B285432855E085E172004897E1D7 | |
) | |
SUCCESS 03:27:10 am 1C-4B-D6-5A-9B-D5 10.1.129.24 'leclerc' | |
Array | |
( | |
[res] => success | |
[uamip] => 10.1.0.1 | |
[uamport] => 3990 | |
[called] => 00-0C-29-67-BF-D1 | |
[uid] => leclerc | |
[mac] => 1C-4B-D6-5A-9B-D5 | |
[ip] => 10.1.129.24 | |
[nasid] => nas01 | |
[sessionid] => 51ac0cfb00000002 | |
[userurl] => http://crl.microsoft.com/pki/crl/products/MicrosoftTimeStampPCA.crl | |
[md] => 05EFB0BAB12C77D1A465166841F56A7F | |
) | |
SUCCESS 04:42:33 am 68-A3-C4-50-AE-2E 10.1.129.27 'caddaric' | |
Array | |
( | |
[res] => success | |
[uamip] => 10.1.0.1 | |
[uamport] => 3990 | |
[called] => 00-0C-29-67-BF-D1 | |
[uid] => caddaric | |
[mac] => 68-A3-C4-50-AE-2E | |
[ip] => 10.1.129.27 | |
[nasid] => nas01 | |
[sessionid] => 51ac1e6700000007 | |
[userurl] => http://www.google.com/search?q=asge&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a&source=hp&channel=np | |
[md] => ABDE44BE003F8303C59DAD01B6D966F4 | |
) | |
SUCCESS 11:27:23 am 68-5D-43-10-95-C3 10.1.129.57 'Ellen' | |
Array | |
( | |
[res] => success | |
[uamip] => 10.1.0.1 | |
[uamport] => 3990 | |
[called] => 00-0C-29-67-BF-D1 | |
[uid] => Ellen | |
[mac] => 68-5D-43-10-95-C3 | |
[ip] => 10.1.129.57 | |
[nasid] => nas01 | |
[sessionid] => 51ac7d7500000007 | |
[userurl] => http://www.google.ca/ | |
[md] => 7140B5C55AFE152508499161298E45C2 | |
) | |
SUCCESS 11:48:58 am 68-5D-43-10-95-C3 10.1.129.57 'Landsea' | |
Array | |
( | |
[res] => success | |
[uamip] => 10.1.0.1 | |
[uamport] => 3990 | |
[called] => 00-0C-29-67-BF-D1 | |
[uid] => Landsea | |
[mac] => 68-5D-43-10-95-C3 | |
[ip] => 10.1.129.57 | |
[nasid] => nas01 | |
[sessionid] => 51ac7e8400000007 | |
[userurl] => http://www.google.ca/ | |
[md] => 9D950546BD26FC82170F1A76000E7C5A | |
) | |
SUCCESS 12:05:44 pm 68-5D-43-10-95-C3 10.1.129.57 'Ellen' | |
Array | |
( | |
[res] => success | |
[uamip] => 10.1.0.1 | |
[uamport] => 3990 | |
[called] => 00-0C-29-67-BF-D1 | |
[uid] => Ellen | |
[mac] => 68-5D-43-10-95-C3 | |
[ip] => 10.1.129.57 | |
[nasid] => nas01 | |
[sessionid] => 51ac841100000007 | |
[userurl] => http://www.google.ca/ | |
[md] => 242316B5CAE9849C18099DB5A5E1862F | |
) | |
SUCCESS 12:16:24 pm 68-5D-43-10-95-C3 10.1.129.57 'Ellen' | |
Array | |
( | |
[res] => success | |
[uamip] => 10.1.0.1 | |
[uamport] => 3990 | |
[called] => 00-0C-29-67-BF-D1 | |
[uid] => Ellen | |
[mac] => 68-5D-43-10-95-C3 | |
[ip] => 10.1.129.57 | |
[nasid] => nas01 | |
[sessionid] => 51ac880700000007 | |
[userurl] => http://www.google.ca/ | |
[md] => 0CBF7A9ADDB48B28778469657CE457F4 | |
) | |
FAILED 06:19:58 am 68-5D-43-10-95-C3 10.1.129.57 'Landsea' 'yaray' 'yaray' Username and/or password rejected. | |
Array | |
( | |
[mac] => 68-5D-43-10-95-C3 | |
[challenge] => ad4193b88ad38c88bc25ef5ef2f05c97 | |
) | |
SUCCESS 01:20:10 pm 68-5D-43-10-95-C3 10.1.129.57 'Landsea' | |
Array | |
( | |
[res] => success | |
[uamip] => 10.1.0.1 | |
[uamport] => 3990 | |
[called] => 00-0C-29-67-BF-D1 | |
[uid] => Landsea | |
[mac] => 68-5D-43-10-95-C3 | |
[ip] => 10.1.129.57 | |
[nasid] => nas01 | |
[sessionid] => 51ac908200000007 | |
[userurl] => http://www.google.ca/ | |
[md] => 30B395FF15BF60C5A929568C61782500 | |
) | |
SUCCESS 01:39:41 pm E4-CE-8F-CC-76-D4 10.1.129.68 'GregShukin' | |
Array | |
( | |
[res] => success | |
[uamip] => 10.1.0.1 | |
[uamport] => 3990 | |
[called] => 00-0C-29-67-BF-D1 | |
[uid] => GregShukin | |
[mac] => E4-CE-8F-CC-76-D4 | |
[ip] => 10.1.129.68 | |
[nasid] => nas01 | |
[sessionid] => 51ac996e00000005 | |
[userurl] => http://www.apple.com/library/test/success.html | |
[md] => 8928D72D3B6665FD0C73FDF898D6284A | |
) | |
SUCCESS 01:39:51 pm 8C-7B-9D-89-CA-DE 10.1.129.69 'Wieler' | |
Array | |
( | |
[res] => success | |
[uamip] => 10.1.0.1 | |
[uamport] => 3990 | |
[called] => 00-0C-29-67-BF-D1 | |
[uid] => Wieler | |
[mac] => 8C-7B-9D-89-CA-DE | |
[ip] => 10.1.129.69 | |
[nasid] => nas01 | |
[sessionid] => 51ac9a5900000001 | |
[userurl] => http://www.login.com/ | |
[md] => 88E89DC3190A5CA199D2DAB0D1D89274 | |
) | |
SUCCESS 02:18:14 pm 80-9B-20-52-7C-08 10.1.129.74 'Conrad' | |
Array | |
( | |
[res] => success | |
[uamip] => 10.1.0.1 | |
[uamport] => 3990 | |
[called] => 00-0C-29-67-BF-D1 | |
[uid] => Conrad | |
[mac] => 80-9B-20-52-7C-08 | |
[ip] => 10.1.129.74 | |
[nasid] => nas01 | |
[sessionid] => 51aca59400000007 | |
[userurl] => http://pmm.egistec.com/pu?oid=256&pb=4.0.14.35&pn=24&sl=1033&os=%20(Build%209200)&up=809B20527C09&dt=DT&sku=1&lv=4 | |
[md] => 17528884BFE9BF0393D7AF92C537B407 | |
) | |
SUCCESS 04:42:29 pm 5C-95-AE-71-C4-39 10.1.129.87 'Conrad' | |
Array | |
( | |
[res] => success | |
[uamip] => 10.1.0.1 | |
[uamport] => 3990 | |
[called] => 00-0C-29-67-BF-D1 | |
[uid] => Conrad | |
[mac] => 5C-95-AE-71-C4-39 | |
[ip] => 10.1.129.87 | |
[nasid] => nas01 | |
[sessionid] => 51acc75c00000007 | |
[userurl] => http://www.apple.com/library/test/success.html | |
[md] => C33E66C94BB52980DAA718E94A9AB9BC | |
) | |
SUCCESS 05:34:13 pm 5C-95-AE-71-C4-39 10.1.129.87 'Conrad' | |
Array | |
( | |
[res] => success | |
[uamip] => 10.1.0.1 | |
[uamport] => 3990 | |
[called] => 00-0C-29-67-BF-D1 | |
[uid] => Conrad | |
[mac] => 5C-95-AE-71-C4-39 | |
[ip] => 10.1.129.87 | |
[nasid] => nas01 | |
[sessionid] => 51acce3100000007 | |
[userurl] => http://www.apple.com/library/test/success.html | |
[md] => F34334FA07B75EBE1287F80C541E7661 | |
) | |
FAILED 11:49:26 am 5C-95-AE-71-C4-39 10.1.129.97 'Conrad' 'cds#@' 'cde#@' Username and/or password rejected. | |
Array | |
( | |
[mac] => 5C-95-AE-71-C4-39 | |
[challenge] => a249b1c2520327411d1b75ded3dffa07 | |
) | |
SUCCESS 06:49:41 pm 5C-95-AE-71-C4-39 10.1.129.97 'Conrad' | |
Array | |
( | |
[res] => success | |
[uamip] => 10.1.0.1 | |
[uamport] => 3990 | |
[called] => 00-0C-29-67-BF-D1 | |
[uid] => Conrad | |
[mac] => 5C-95-AE-71-C4-39 | |
[ip] => 10.1.129.97 | |
[nasid] => nas01 | |
[sessionid] => 51ace53600000007 | |
[userurl] => http://www.apple.com/library/test/success.html | |
[md] => B0125D30C63DCB714F0B33EE81B27C56 | |
) | |
SUCCESS 07:27:01 pm 68-5D-43-10-95-C3 10.1.129.103 'Ellen' | |
Array | |
( | |
[res] => success | |
[uamip] => 10.1.0.1 | |
[uamport] => 3990 | |
[called] => 00-0C-29-67-BF-D1 | |
[uid] => Ellen | |
[mac] => 68-5D-43-10-95-C3 | |
[ip] => 10.1.129.103 | |
[nasid] => nas01 | |
[sessionid] => 51aced7700000008 | |
[userurl] => http://watson.microsoft.com/StageOne/Generic/WindowsUpdateFailure/7_6_7600_256/80072f76/00000000-0000-0000-0000-000000000000/Scan/101/Unmanaged.htm?LCID=4105&OS=6.1.7601.2.00010300.1.0.3.17514&SM=Hewlett-Packard&SPN=HP%20Pavilion%20g7%20Notebook%20PC&BV=F.14&MRK=103C_HP_cNB_Pavilion%20g7%20Notebook%20PC_Y5335KV_0U_Q5CD2220BPB_E677786-DB1_4A_I1845_SHP_V56.16_BF.08_T120503_W73-1_L409_M6045_J750_7Intel_86A7_92.30_%23120503_N_(B4Z71UA%23ABL)_XMOBILE_CN10_Z_20791100000205610000620100&MID=D038D625-4997-48DB-B7BA-6B089CF24EB7&Queue=1 | |
[md] => 402A3574EC4AC3F150BC8DAEB1415376 | |
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
$page = 'Login'; | |
include('page-header.php'); | |
if (isset($_SESSION['chilli'])) | |
{ | |
$chilli = $_SESSION['chilli']; | |
unset($_SESSION['chilli']); | |
} | |
else | |
$chilli = null; | |
if (isset($_SESSION['login'])) | |
{ | |
$login = $_SESSION['login']; | |
unset($_SESSION['login']); | |
} | |
else | |
$login = null; | |
//$chilli = isset($_SESSION['chilli']) ? $_SESSION['chilli'] : NULL; | |
//$login = isset($_SESSION['login']) ? $_SESSION['login'] : NULL; | |
if ($chilli && isset($chilli['res']) && $chilli['res'] != 'notyet' && $chilli['res'] != 'logoff') | |
{ | |
if ($chilli['res'] == 'failed') | |
{ | |
$errors = array(); | |
if (isset($chilli['reply']) && ($chilli['reply'] == 'Your maximum daily usage time has been reached' || | |
$chilli['reply'] == 'Your maximum weekly usage time has been reached' || | |
$chilli['reply'] == 'Your maximum monthly usage time has been reached')) | |
{ | |
/* | |
$allowed = $db_radius->get_bandwidth_allowed($login['username']); | |
$errors[] = "You have used your " . format_bytes($allowed['bytes'], 2) . " of {$bandwidth_types[$allowed['type']]} bandwidth!"; | |
$remaining = $db_radius->get_bandwidth_remaining($login['username']); | |
$remaining_time = ($remaining['time'] > 0 ? duration($remaining['time']) : '∞'); | |
$errors[] = "Your bandwidth resets in: {$remaining_time}."; | |
*/ | |
$bandwidth = $db_radius->get_user_bandwidth($login['username']); | |
//$errors[] = print_r($bandwidth, true); | |
$bandwidth_types = array('all-time', 'daily', 'weekly', 'monthly'); | |
$errors[] = "You have used your " . format_bytes($bandwidth['limit']['bytes'], 2) . " of {$bandwidth_types[$bandwidth['limit']['type']]} bandwidth!"; | |
$remaining_time = ($bandwidth['remaining']['time'] > 0 ? duration($bandwidth['remaining']['time']) : '∞'); | |
$errors[] = "Your bandwidth resets in: {$remaining_time}."; | |
} | |
elseif (isset($chilli['reply']) && $chilli['reply'] == 'Your maximum never usage time has been reached') | |
{ | |
$errors[] = "You have used all your bandwidth."; | |
$errors[] = "You need to buy more to use the Internet."; | |
} | |
elseif (isset($chilli['reply'])) | |
$errors[] = $chilli['reply']; | |
else | |
$errors[] = "Username and/or password rejected."; | |
file_put_contents('_logins/' . date('Y-m-d') . '.log', "FAILED\t" . date('h:i:s a') . "\t{$_SESSION['mac']}\t{$_SERVER['REMOTE_ADDR']}\t\t'{$login['username']}'\t\t'{$login['password']}'\t\t'" . $db_radius->get_user_password($login['username']) . "'\t\t" . implode("\t", $errors) . "\n" . print_r($_SESSION, true), FILE_APPEND); | |
} | |
else | |
{ | |
error('HS_UNHANDLED_RES', $chilli); | |
} | |
} | |
?> | |
<form class="form-signin" action="chilli-login.php" method="post" autocomplete="off"> | |
<?php if (isset($errors)): foreach ($errors as $error): ?> | |
<h2 class="form-signin-heading text-error"><?=$error?></h2> | |
<?php endforeach; else: ?> | |
<h4 class="form-signin-heading">Login to the Internet</h4> | |
<?php endif; ?> | |
<input id="inputName" type="text" name="username" class="input-block-level" placeholder="Name" autocomplete="off"> | |
<input type="password" name="password" class="input-block-level" placeholder="Password"> | |
<button class="btn btn-large btn-primary" type="submit">Sign in</button> | |
</form> | |
<!-- | |
<form method="post" action="paypal.php" class="form-signin2" autocomplete="off"> | |
<h4 class="form-signin-heading">Buy Internet</h4> | |
<select id="selectAmount" name="amount_select"> | |
<option value="25">$25 - 256MB</option> | |
<option value="50" selected>$50 - 512MB</option> | |
<option value="100">$100 - 1024MB</option> | |
<option value="0">Other (specify below)</option> | |
</select> | |
<div id="amount" class="control-group"> | |
<div class="input-prepend input-append"> | |
<span class="add-on">$</span> | |
<input id="inputAmount" type="text" name="amount_input" value="0" style="text-align: right" autocomplete="off"> | |
<span class="add-on">.00</span> | |
</div> | |
</div> | |
<button id="buttonPayPal" type="submit" class="btn btn-large btn-primary">Continue to PayPal</button> | |
</form> | |
--> | |
<?php | |
include('page-footer.php'); | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment