WebSVN – ALCASAR – Diff – /web/intercept.php



<?php
# $Id: intercept.php 1948 2016-06-16 09:04:30Z raphael.pion $
#
# intercept.php for ALCASAR captive portal
# Copyright (C) 2003, 2004 Mondru AB.
# Modify by REXY & steweb57
# UI & css style by stephane ERARD

  case 'Your maximum never usage time has been reached' : $reply = $l_reply_6 ; break;
  }}
 
# If attempt to login
if ("$button" == "$l_boutonO") {
  #correction password length in coova-chilli
  #thanks to http://www.stochasticgeometry.ie/2009/09/09/maximum-password-length-in-coova-chilli/
  $hexchal = pack ("H*", $challenge);
  $newchal = pack ("H*", md5($hexchal . $uamsecret));
 
  # If challenge isn't long enough, repeat it until it is
  while (strlen($newchal) < strlen($password)){
                       $newchal .= $newchal;
  }
 
  $response = md5("\0" . $password . $newchal);
  $newpwd = pack("a*", $password);
  # Encode plain text password with challenge
  $pappassword = implode ("", unpack("H*", ($newpwd ^ $newchal)));
  echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
<html>
<head>
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">

Rev 1947	Rev 1948
Line 1...	Line 1...
1	`<?php`	1	`<?php`
2	`# $Id: intercept.php 1947 2016-06-15 16:18:33Z raphael.pion $`	2	`# $Id: intercept.php 1948 2016-06-16 09:04:30Z raphael.pion $`
3	`#`	3	`#`
4	`# intercept.php for ALCASAR captive portal`	4	`# intercept.php for ALCASAR captive portal`
5	`# Copyright (C) 2003, 2004 Mondru AB.`	5	`# Copyright (C) 2003, 2004 Mondru AB.`
6	`# Modify by REXY & steweb57`	6	`# Modify by REXY & steweb57`
7	`# UI & css style by stephane ERARD`	7	`# UI & css style by stephane ERARD`
Line 330...	Line 330...
330	`case 'Your maximum never usage time has been reached' : $reply = $l_reply_6 ; break;`	330	`case 'Your maximum never usage time has been reached' : $reply = $l_reply_6 ; break;`
331	`}}`	331	`}}`
332		332
333	`# If attempt to login`	333	`# If attempt to login`
334	`if ("$button" == "$l_boutonO") {`	334	`if ("$button" == "$l_boutonO") {`
335	`#correction password length`	335	`#correction password length in coova-chilli`
336	`#http://www.stochasticgeometry.ie/2009/09/09/maximum-password-length-in-coova-chilli/`	336	`#thanks to http://www.stochasticgeometry.ie/2009/09/09/maximum-password-length-in-coova-chilli/`
337	`$hexchal = pack ("H*", $challenge);`	337	`$hexchal = pack ("H*", $challenge);`
338	`$newchal = pack ("H*", md5($hexchal . $uamsecret));`	338	`$newchal = pack ("H*", md5($hexchal . $uamsecret));`
339		339
-		340	`# If challenge isn't long enough, repeat it until it is`
340	`while (strlen($newchal) < strlen($password)){`	341	`while (strlen($newchal) < strlen($password)){`
341	`$newchal .= $newchal;`	342	`$newchal .= $newchal;`
342	`}`	343	`}`
343		344
344	`$response = md5("\0" . $password . $newchal);`	345	`$response = md5("\0" . $password . $newchal);`
345	`$newpwd = pack("a*", $password);`	346	`$newpwd = pack("a*", $password);`
-		347	`# Encode plain text password with challenge`
346	`$pappassword = implode ("", unpack("H*", ($newpwd ^ $newchal)));`	348	`$pappassword = implode ("", unpack("H*", ($newpwd ^ $newchal)));`
347	`echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">`	349	`echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">`
348	`<html>`	350	`<html>`
349	`<head>`	351	`<head>`
350	`<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">`	352	`<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\">`

Subversion Repositories ALCASAR

(root)/web/intercept.php – Rev 1947 → 1948