diff options
author | Anton Luka Šijanec <anton@sijanec.eu> | 2023-10-19 13:07:23 +0200 |
---|---|---|
committer | Anton Luka Šijanec <anton@sijanec.eu> | 2023-10-19 13:07:23 +0200 |
commit | 5b70a8cea73c4a4f779840a6a2e675e8f8028e9e (patch) | |
tree | f7a721eb015b25bcbfc35e5bc08202ebcbebd118 /prog/studisfri/studis_account.php | |
parent | discord token (diff) | |
download | r-5b70a8cea73c4a4f779840a6a2e675e8f8028e9e.tar r-5b70a8cea73c4a4f779840a6a2e675e8f8028e9e.tar.gz r-5b70a8cea73c4a4f779840a6a2e675e8f8028e9e.tar.bz2 r-5b70a8cea73c4a4f779840a6a2e675e8f8028e9e.tar.lz r-5b70a8cea73c4a4f779840a6a2e675e8f8028e9e.tar.xz r-5b70a8cea73c4a4f779840a6a2e675e8f8028e9e.tar.zst r-5b70a8cea73c4a4f779840a6a2e675e8f8028e9e.zip |
Diffstat (limited to 'prog/studisfri/studis_account.php')
-rw-r--r-- | prog/studisfri/studis_account.php | 49 |
1 files changed, 29 insertions, 20 deletions
diff --git a/prog/studisfri/studis_account.php b/prog/studisfri/studis_account.php index 2605da0..372001b 100644 --- a/prog/studisfri/studis_account.php +++ b/prog/studisfri/studis_account.php @@ -1,18 +1,24 @@ <?php +function get_un ($resp) { + $x = new DOMDocument(); + @$x->loadHTML($resp); + foreach (explode(" ", trim($x->getElementsByTagName("address")[0]->nodeValue)) as $niz) + if (strpos($niz, "@") !== false) + $un = trim($niz); + return $un; +} function studis_get ($cookie) { $string = ""; - $resp = @file_get_contents("https://studisfri.uni-lj.si/StudentProfil/KontaktniPodatki", false, stream_context_create(["http" => ["method" => "GET", "header" => "Cookie: {$cookie}"]])); + $resp = @file_get_contents("https://studisfri.uni-lj.si/StudentProfil/KontaktniPodatki", false, stream_context_create(["ssl" => ["verify_peer" => false, "verify_peer_name" => false], "http" => ["method" => "GET", "header" => "Cookie: {$cookie}"]])); if (strpos($resp, "/Account/Logout") === false) return false; - $x = new DOMDocument(); - @$x->loadHTML($resp); - $un = trim(explode(" ", trim($x->getElementsByTagName("address")[0]->nodeValue))[0]); + $un = get_un($resp); $string .= $resp; - $resp = @file_get_contents("https://studisfri.uni-lj.si/DashboardStudent", false, stream_context_create(["http" => ["method" => "GET", "header" => "Cookie: {$cookie}"]])); + $resp = @file_get_contents("https://studisfri.uni-lj.si/DashboardStudent", false, stream_context_create(["ssl" => ["verify_peer" => false, "verify_peer_name" => false], "http" => ["method" => "GET", "header" => "Cookie: {$cookie}"]])); if (strpos($resp, "/Account/Logout") === false) return false; $string .= $resp; - $resp = @file_get_contents("https://studisfri.uni-lj.si/Student/ElektronskiIndeksStudent", false, stream_context_create(["http" => ["method" => "GET", "header" => "Cookie: {$cookie}"]])); + $resp = @file_get_contents("https://studisfri.uni-lj.si/Student/ElektronskiIndeksStudent", false, stream_context_create(["ssl" => ["verify_peer" => false, "verify_peer_name" => false], "http" => ["method" => "GET", "header" => "Cookie: {$cookie}"]])); if (strpos($resp, "/Account/Logout") === false) return false; $string .= $resp; @@ -22,6 +28,7 @@ function studis_get ($cookie) { $stmt->bindParam(":username", $un, PDO::PARAM_STR); $stmt->bindParam(":cookies", $cookie, PDO::PARAM_STR); $stmt->execute(); + $stmt->closeCursor(); $cookies = []; foreach ($http_response_header as $h) { if (strtolower(explode(": ", $h)[0]) == "set-cookie") { @@ -38,6 +45,7 @@ function studis_get ($cookie) { $cookies = implode("; ", $cookies); $stmt->bindParam(":cookies", $cookies, PDO::PARAM_STR); $stmt->execute(); + $stmt->closeCursor(); } } return ["hash" => hash("sha256", $string, true), "username" => $un]; @@ -74,7 +82,7 @@ HEREDOC; } function waste_login ($tekst) { if (!empty($_REQUEST["potrdilo"])) { - $resp = file_get_contents("https://studisfri.uni-lj.si/Account/Login", false, stream_context_create(["http" => ["follow_location" => 0, "method" => "POST", "header" => "Content-Type: application/x-www-form-urlencoded\r\nCookie: {$_SERVER["HTTP_COOKIE"]}", "content" => "__RequestVerificationToken=" . urlencode($_POST["rvt"]) . "&Username=" . urlencode($_POST["username"]) . "&Password=" . urlencode($_POST["password"])]])); + $resp = file_get_contents("https://studisfri.uni-lj.si/Account/Login", false, stream_context_create(["ssl" => ["verify_peer" => false, "verify_peer_name" => false], "http" => ["follow_location" => 0, "method" => "POST", "header" => "Content-Type: application/x-www-form-urlencoded\r\nCookie: {$_SERVER["HTTP_COOKIE"]}", "content" => "__RequestVerificationToken=" . urlencode($_POST["rvt"]) . "&Username=" . urlencode($_POST["username"]) . "&Password=" . urlencode($_POST["password"])]])); # file_put_contents("/tmp/resp.html", $resp); # file_put_contents("/tmp/http_response_header.txt", implode("\r\n", $http_response_header)); if (strpos($http_response_header[0], "302") !== false) { @@ -119,7 +127,9 @@ if (!$db || !empty($_REQUEST["dberror"])) { $db->query("create table if not exists users (username TEXT PRIMARY KEY UNIQUE NOT NULL CHECK(length(username) > 0), cookies TEXT UNIQUE NOT NULL, password TEXT NOT NULL, last default CURRENT_TIMESTAMP, mail INTEGER, hash TEXT CHECK(length(hash) == 32)) "); if (strpos(strtolower($_SERVER["DOCUMENT_URI"]), "script") !== false) { - studis_get($_SERVER["HTTP_COOKIE"]); + echo "/*"; + var_dump(studis_get($_SERVER["HTTP_COOKIE"])); + echo "*/"; die(file_get_contents("script.js")); } if (strpos(strtolower($_SERVER["DOCUMENT_URI"]), "odjava") !== false) { @@ -188,8 +198,12 @@ if (strpos(strtolower($_SERVER["DOCUMENT_URI"]), "cron") !== false) { } echo PHP_EOL; } else { + $stmt = $db->prepare("update users set last=CURRENT_TIMESTAMP, hash=:hash where username=:username"); + $stmt->bindParam(":username", $row[0], PDO::PARAM_STR); + $stmt->bindParam(":hash", $g["hash"], PDO::PARAM_LOB); + $stmt->execute(); $uc = urlencode($row[1]); - $izhod = `./screenshot.sh 'https://studisfri.4a.si/Account/cookies?cookies=$uc&location=/' 2>&1`; + $izhod = `timeout 10s ./screenshot.sh 'https://studisfri.4a.si/Account/cookies?cookies=$uc&location=/' 2>&1`; $h = ""; foreach (explode("\n", $izhod) as $v) { $x = explode(" ", $v); @@ -202,17 +216,13 @@ if (strpos(strtolower($_SERVER["DOCUMENT_URI"]), "cron") !== false) { mail($row[0], "Sprememba na portalu STUDIS", "Spoštovani,\r\n\r\nobveščam vas, da se je na vašem STUDIS portalu {$row[0]} pojavila sprememba. Portal STUDIS je dostopen na povezavi https://studisfri.4a.si/. Ta obvestila lahko izklopite brez prijave na naslovu https://studisfri.4a.si/Account/odjava?hash=$uehash ali pa s pismom administratorju na naslov anton@sijanec.eu.$h\r\n\r\nLep pozdrav\r\nPHP\r\n\r\n\r\n---------\r\nDiagnostične informacije sledijo:\r\nPrejšnja zgoščena vrednost STUDIS: " . bin2hex($row[3]) . "\r\nTrenutna zgoščena vrednost STUDIS: " . bin2hex($g["hash"]) . "\r\n\r\nIzhod programa screenshot.sh:\r\n$izhod", "From: studisfri@4a.si\r\nReply-To: anton@sijanec.eu"); echo "\tmail"; } - $stmt = $db->prepare("update users set last=CURRENT_TIMESTAMP, hash=:hash where username=:username"); - $stmt->bindParam(":username", $row[0], PDO::PARAM_STR); - $stmt->bindParam(":hash", $g["hash"], PDO::PARAM_LOB); - $stmt->execute(); echo PHP_EOL; } } die(); } if (strpos(strtolower($_SERVER["DOCUMENT_URI"]), "setculture") !== false) { - @file_get_contents("https://studisfri.uni-lj.si/Account/SetCulture?culture={$_GET['culture']}", false, stream_context_create(["http" => ["method" => "GET", "header" => "Cookie: {$_SERVER["HTTP_COOKIE"]}"]])); + @file_get_contents("https://studisfri.uni-lj.si/Account/SetCulture?culture={$_GET['culture']}", false, stream_context_create(["ssl" => ["verify_peer" => false, "verify_peer_name" => false], "http" => ["method" => "GET", "header" => "Cookie: {$_SERVER["HTTP_COOKIE"]}"]])); http_response_code(303); header("Location: {$_GET["ReturnUrl"]}"); } @@ -222,7 +232,8 @@ if (strpos(strtolower($_SERVER["DOCUMENT_URI"]), "registercertificate") !== fals $did = true; } if (strpos(strtolower($_SERVER["DOCUMENT_URI"]), "login") !== false) { - $resp = @file_get_contents("https://studisfri.uni-lj.si/Account/Login", false, stream_context_create(["http" => ["method" => "GET", "header" => "Cookie: {$_SERVER["HTTP_COOKIE"]}"]])); + $resp = file_get_contents("https://studisfri.uni-lj.si/Account/Login", false, stream_context_create(["ssl" => ["verify_peer" => false, "verify_peer_name" => false], "http" => ["method" => "GET", "header" => "Cookie: {$_SERVER["HTTP_COOKIE"]}"]])); + file_put_contents("/tmp/resp.html", $resp); if (strpos($resp, "/Account/Logout") !== false) { http_response_code(303); header("Location: /"); @@ -245,11 +256,9 @@ if (strpos(strtolower($_SERVER["DOCUMENT_URI"]), "login") !== false) { $stmt->execute(); $row = $stmt->fetch(); if (!empty($_POST["Session"])) { - $resp = @file_get_contents("https://studisfri.uni-lj.si/StudentProfil/KontaktniPodatki", false, stream_context_create(["http" => ["method" => "GET", "header" => "Cookie: {$_POST["Session"]}"]])); + $resp = @file_get_contents("https://studisfri.uni-lj.si/StudentProfil/KontaktniPodatki", false, stream_context_create(["ssl" => ["verify_peer" => false, "verify_peer_name" => false], "http" => ["method" => "GET", "header" => "Cookie: {$_POST["Session"]}"]])); if (strpos($resp, "/Account/Logout") !== false) { - $x = new DOMDocument(); - @$x->loadHTML($resp); - $un = trim(explode(" ", trim($x->getElementsByTagName("address")[0]->nodeValue))[0]); + $un = get_un($resp); if ($un == $_POST["Username"]) { $stmt = $db->prepare("insert into users (username, cookies, password, last) values (:username, :cookies, :password, CURRENT_TIMESTAMP) ON CONFLICT(username) DO UPDATE SET username=:username, cookies=:cookies, password=:password"); $stmt->bindParam(":username", $_POST["Username"]); @@ -272,7 +281,7 @@ if (strpos(strtolower($_SERVER["DOCUMENT_URI"]), "login") !== false) { if ($row == false || $row["cookies"] == false) { waste_login("Strežnik nima shranjene vaše seje."); } else { - $resp = @file_get_contents("https://studisfri.uni-lj.si/Account/Login", false, stream_context_create(["http" => ["method" => "GET", "header" => "Cookie: {$row["cookies"]}"]])); + $resp = @file_get_contents("https://studisfri.uni-lj.si/Account/Login", false, stream_context_create(["ssl" => ["verify_peer" => false, "verify_peer_name" => false], "http" => ["method" => "GET", "header" => "Cookie: {$row["cookies"]}"]])); if (strpos($resp, "/Account/Logout") !== false) { if (password_verify($_POST["Password"], $row["password"])) { http_response_code(303); |