tribela/404

## 404
#!/bin/sh

cat << EOF
Status: 302 Temporary Redirect
Location: /cgi-bin/auth
Cache-Control: no-cache

<!doctype html>
<html>
<head>
<meta http-equiv="refresh" content="0; /cgi-bin/auth" />
</head>
<body></body>
</html>

EOF

## auth
#!/bin/sh

accept_client() {
    ip_striped=${REMOTE_ADDR//./\\.}
    mac=`cat /proc/net/arp | awk -e "/^$ip_striped / {print \\$4}"`
    iptables -t mangle -I internet -m mac --mac-source $mac -j RETURN
}

urldecode() {
    local url_encoded="${1//+/ }"
    printf '%b' "${url_encoded//\%/\\x}"
}


if [ "$REQUEST_METHOD" == "POST" ]; then
    read -n $CONTENT_LENGTH post_data
    while [ ! -z "$post_data" ]; do
        part=${post_data%%&*}
        key=${part%%=*}
        value=${part#$key=}
        post_data=${post_data#$part}
        post_data=${post_data#&}

        if [ "$key" == "answer" ] && [ "$value" == "sudo" ]; then
            accept_client
            accepted="true"
        fi

        if [ "$key" == "referer" ]; then
            referer="$(urldecode $value)"
        fi

    done

    if [ "$accepted" == "true" ]; then
        magic="document.querySelector('input').disabled = true;setTimeout(function() { location.href=\"${referer}\"; }, 3000);"
    fi
fi

referer=$(echo ${HTTP_REFERER} | sed -e 's/\\/\\\\/g' -e 's/"/\\"/g')

cat << EOF
Content-Type: text/html

<!DOCTYPE html>
<html>
  <head>
    <meta http-equiv="content-type" content="text/html; charset=utf-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1"/>
    <meta http-equiv="cache-control" content="no-cache" />
    <meta http-equiv="expires" content="0" />
    <meta http-equiv="pragma" content="no-cache" />

    <style type="text/css">
      html {
        background: black;
        color: white;
        text-align: center;
        font-size: 20pt;
      }
    </style>

    <title>Form</title>
  </head>
  <body>
    <img src="/q.png">
    <form method="post">
      <p>
        <input name="answer" /> make me a sandwich.
      </p>
      <input name="referer" type="hidden" value="${referer}" />
      <button type="submit">Authenticate</button>
    </form>
    <script>$magic</script>
  </body>
</html>
EOF

## index.html
<!doctype html>
<html>
<head>
<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate" />
</head>
<body style="background-color: white">
<a style="color: black; font-family: arial, helvetica, sans-serif;" href="/cgi-bin/luci">LuCI - Lua Configuration Interface</a>
<script>
if (location.host !== 'openwrt.lan') {
    location.href='//openwrt.lan/cgi-bin/auth';
} else {
    location.href='/cgi-bin/luci';
}
</script>
</body>
</html>

## iptables
iptables -N internet -t mangle
iptables -t mangle -A PREROUTING -j internet
iptables -t mangle -A internet -i br-guest -j MARK --set-mark 99
iptables -t nat -A prerouting_rule -m mark --mark 99 -p tcp --dport 80 -j DNAT --to 192.168.2.1
iptables -t filter -A forwarding_rule -m mark --mark 99 -j DROP

## q.png

      
    Raw
  

              q.png
	#!/bin/sh

	cat << EOF
	Status: 302 Temporary Redirect
	Location: /cgi-bin/auth
	Cache-Control: no-cache

	<!doctype html>
	<html>
	<head>
	<meta http-equiv="refresh" content="0; /cgi-bin/auth" />
	</head>
	<body></body>
	</html>

	EOF
	#!/bin/sh

	accept_client() {
	ip_striped=${REMOTE_ADDR//./\\.}
	mac=`cat /proc/net/arp \| awk -e "/^$ip_striped / {print \\$4}"`
	iptables -t mangle -I internet -m mac --mac-source $mac -j RETURN
	}

	urldecode() {
	local url_encoded="${1//+/ }"
	printf '%b' "${url_encoded//\%/\\x}"
	}


	if [ "$REQUEST_METHOD" == "POST" ]; then
	read -n $CONTENT_LENGTH post_data
	while [ ! -z "$post_data" ]; do
	part=${post_data%%&*}
	key=${part%%=*}
	value=${part#$key=}
	post_data=${post_data#$part}
	post_data=${post_data#&}

	if [ "$key" == "answer" ] && [ "$value" == "sudo" ]; then
	accept_client
	accepted="true"
	fi

	if [ "$key" == "referer" ]; then
	referer="$(urldecode $value)"
	fi

	done

	if [ "$accepted" == "true" ]; then
	magic="document.querySelector('input').disabled = true;setTimeout(function() { location.href=\"${referer}\"; }, 3000);"
	fi
	fi

	referer=$(echo ${HTTP_REFERER} \| sed -e 's/\\/\\\\/g' -e 's/"/\\"/g')

	cat << EOF
	Content-Type: text/html

	<!DOCTYPE html>
	<html>
	<head>
	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
	<meta name="viewport" content="width=device-width, initial-scale=1"/>
	<meta http-equiv="cache-control" content="no-cache" />
	<meta http-equiv="expires" content="0" />
	<meta http-equiv="pragma" content="no-cache" />

	<style type="text/css">
	html {
	background: black;
	color: white;
	text-align: center;
	font-size: 20pt;
	}
	</style>

	<title>Form</title>
	</head>
	<body>
	<img src="/q.png">
	<form method="post">
	<p>
	<input name="answer" /> make me a sandwich.
	</p>
	<input name="referer" type="hidden" value="${referer}" />
	<button type="submit">Authenticate</button>
	</form>
	<script>$magic</script>
	</body>
	</html>
	EOF
	iptables -N internet -t mangle
	iptables -t mangle -A PREROUTING -j internet
	iptables -t mangle -A internet -i br-guest -j MARK --set-mark 99
	iptables -t nat -A prerouting_rule -m mark --mark 99 -p tcp --dport 80 -j DNAT --to 192.168.2.1
	iptables -t filter -A forwarding_rule -m mark --mark 99 -j DROP