Example #1
0
<?php

/**
 * Export the configurations by MAC address and file type
 */
$access_role = "reader";
require_once "access.php";
require_once "lib/validate.php";
Header("Content-Type: text/plain; charset=UTF-8");
if ($_GET["type"] == "sig") {
    echo "voipconf\n";
    exit(0);
}
if (($mac = valid_mac($_GET["mac"])) === false) {
    exit(1);
}
require_once "lib/ini.php";
$chan = new Ini();
$chan->load($g_chan_sync);
foreach ($chan->sections() as $user) {
    if ($chan->get($user, "mac") == $mac) {
        $username = $user;
        break;
    }
}
if (!isset($username)) {
    exit(1);
}
switch ($_GET["type"]) {
    case "sbo":
        ?>
Example #2
0
<h1>Search networks</h1>
<?php 
if (strlen($_GET['search']) >= 3) {
    require_once 'db.php';
    require_once 'common.php';
    $k = '';
    if (isset($_COOKIE['key'])) {
        if (valid_key($_COOKIE['key'])) {
            $k = $_COOKIE['key'];
        }
    }
    if (valid_mac($_GET['search'])) {
        $bssid = mac2long($_GET['search']);
        if ($k == $bosskey) {
            $sql = 'SELECT hex(nets.mic) as mic, nets.bssid AS bssid, nets.ssid AS ssid, nets.pass AS pass, nets.hits, nets.ts
FROM nets
WHERE bssid = ?
ORDER BY net_id DESC';
        } else {
            $sql = 'SELECT hex(nets.mic) as mic, nets.bssid AS bssid, nets.ssid AS ssid, IF(n.u_id IS NULL, IF(nets.pass IS NULL,NULL, \'Found\'), nets.pass) AS pass, nets.hits, nets.ts
FROM (SELECT * FROM nets WHERE bssid = ? ORDER BY nets.net_id DESC) AS nets
LEFT JOIN (SELECT n2u.net_id AS net_id, users.u_id AS u_id FROM n2u, users WHERE n2u.u_id=users.u_id AND users.userkey=UNHEX(?)) AS n ON n.net_id=nets.net_id';
        }
        $stmt = $mysql->stmt_init();
        $stmt->prepare($sql);
        if ($k == $bosskey) {
            $stmt->bind_param('i', $bssid);
        } else {
            $stmt->bind_param('is', $bssid, $k);
        }
    } else {
Example #3
0
function put_work($mysql)
{
    if (empty($_POST)) {
        return false;
    }
    //get nets by bssid
    $sql = 'SELECT net_id, hccap FROM nets WHERE bssid = ? AND n_state=0';
    $stmt = $mysql->stmt_init();
    $stmt->prepare($sql);
    $data = array();
    stmt_bind_assoc($stmt, $data);
    //get net by nhash
    $nsql = 'SELECT net_id, hccap FROM nets WHERE mic = unhex(?) AND n_state=0';
    $nstmt = $mysql->stmt_init();
    $nstmt->prepare($nsql);
    $ndata = array();
    stmt_bind_assoc($nstmt, $ndata);
    //Update key stmt
    $usql = 'UPDATE nets SET pass=?, sip=?, n_state=1, sts=NOW() WHERE net_id=?';
    $ustmt = $mysql->stmt_init();
    $ustmt->prepare($usql);
    $mcount = 0;
    foreach ($_POST as $bssid_or_mic => $key) {
        if (strlen($key) < 8) {
            continue;
        }
        if (valid_mac($bssid_or_mic)) {
            //old style submission with bssid
            $ibssid = mac2long($bssid_or_mic);
            $stmt->bind_param('i', $ibssid);
            $stmt->execute();
            while ($stmt->fetch()) {
                $hccap = gzinflate(substr($data['hccap'], 10));
                if ($key == check_key($hccap, array($key))) {
                    //put result in nets
                    $stmt->free_result();
                    $iip = ip2long($_SERVER['REMOTE_ADDR']);
                    $net_id = $data['net_id'];
                    $ustmt->bind_param('sii', $key, $iip, $net_id);
                    $ustmt->execute();
                    //delete from n2d
                    $mysql->query("DELETE FROM n2d WHERE net_id={$net_id}");
                }
            }
        } elseif (valid_key($bssid_or_mic)) {
            //hash submission
            $mic = strtolower($bssid_or_mic);
            $nstmt->bind_param('s', $mic);
            $nstmt->execute();
            if ($nstmt->fetch()) {
                $hccap = gzinflate(substr($ndata['hccap'], 10));
                if ($key == check_key($hccap, array($key))) {
                    //put result in nets
                    $nstmt->free_result();
                    $iip = ip2long($_SERVER['REMOTE_ADDR']);
                    $net_id = $ndata['net_id'];
                    $ustmt->bind_param('sii', $key, $iip, $net_id);
                    $ustmt->execute();
                    //delete from n2d
                    $mysql->query("DELETE FROM n2d WHERE net_id={$net_id}");
                }
            }
        }
        if ($mcount++ > 20) {
            break;
        }
    }
    $stmt->close();
    $ustmt->close();
    $nstmt->close();
    //Update cracked net stats
    $mysql->query("UPDATE stats SET pvalue = (SELECT count(net_id) FROM nets WHERE n_state=1) WHERE pname='cracked'");
    //Create new cracked.txt.gz and update wcount
    $sql = 'SELECT pass FROM (SELECT pass, count(pass) AS c FROM nets WHERE n_state=1 GROUP BY pass) i ORDER BY i.c DESC';
    $stmt = $mysql->stmt_init();
    $stmt->prepare($sql);
    $data = array();
    stmt_bind_assoc($stmt, $data);
    $stmt->execute();
    $wl = '';
    $i = 0;
    while ($stmt->fetch()) {
        $wl = "{$wl}{$data['pass']}\n";
        $i += 1;
    }
    $stmt->close();
    $gzdata = gzencode($wl, 9);
    $md5gzdata = md5($gzdata, True);
    $sem = sem_get(888);
    sem_acquire($sem);
    file_put_contents(CRACKED, $gzdata);
    sem_release($sem);
    //update wcount for cracked dict
    $cr = '%' . basename(CRACKED);
    $sql = 'UPDATE dicts SET wcount = ?, dhash = ? WHERE dpath LIKE ?';
    $stmt = $mysql->stmt_init();
    $stmt->prepare($sql);
    $stmt->bind_param('iss', $i, $md5gzdata, $cr);
    $stmt->execute();
    $stmt->close();
    return true;
}
Example #4
0
function invalid_entry($model, $focus)
{
    __invalid_entry($model, $focus, "Invalid Entry");
}
$model = $_POST;
if ($_GET["mac"] != "") {
    $model["mac"] = $_GET["mac"];
    $model["mode"] = "edit";
    $model["focus"] = "password";
} else {
    $model["mode"] = "add";
    $model["focus"] = "mac";
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
    /* validate all the entries */
    if (valid_mac($model["mac"]) === false) {
        invalid_entry($model, "mac");
    }
    if (valid_username($model["username"]) === false) {
        invalid_entry($model, "username");
    }
    if (valid_password($model["password"]) === false) {
        invalid_entry($model, "password");
    }
    $model["mac"] = strtoupper($model["mac"]);
    foreach ($model["switch"] as $i => $switch) {
        if (valid_ip($switch["host"]) === false) {
            invalid_entry($model, "switch[{$i}][host]");
        }
        if (valid_call_limit($switch["call-limit"]) === false) {
            invalid_entry($model, "switch[{$i}][call-limit]");
Example #5
0
}
$TBK_MONTO = $TBK_MONTO / 100;
$authorization_code = "";
$success = false;
$url = getenv("ORDER_URL") . $TBK_ORDEN_COMPRA;
$headers = array("Content-Type" => "application/json");
$response = Requests::get($url);
if ($response->success) {
    $order = json_decode($response->body, true);
    $status = 0;
    $qs = get_qs();
    $payment_type = null;
    $number_quotas = null;
    $TBK_CODIGO_AUTORIZACION = isset($TBK_CODIGO_AUTORIZACION) ? $TBK_CODIGO_AUTORIZACION : "";
    if ($TBK_RESPUESTA == "0") {
        if (valid_mac($qs, $TBK_ORDEN_COMPRA) && $order["status"] == 0 && !in_array($TBK_CODIGO_AUTORIZACION, array("000000", ""))) {
            $authorization_code = isset($order["authorization_code"]) ? $order["authorization_code"] : "";
            if ($order["amount"] == $TBK_MONTO && $authorization_code == "") {
                $authorization_code = $TBK_CODIGO_AUTORIZACION;
                $status = 1;
                $payment_type = $TBK_TIPO_PAGO;
                $number_quotas = (int) $TBK_NUMERO_CUOTAS;
                $success = true;
            } else {
                $status = 4;
            }
        } else {
            $status = 3;
        }
    } else {
        $success = true;
Example #6
0
             $ini->deleteSection($user);
         }
     }
     $ini->dump($g_chan_sync);
     $ini->load($g_sip);
     foreach ($ini->sections() as $host) {
         if ($host != "general") {
             $ini->deleteSection($host);
         }
     }
     $ini->dump($g_sip);
     file_put_contents($g_ext_ael, "");
     file_put_contents($g_ext_usr, "");
     reload_all($g_vpn);
 } else {
     $mac = valid_mac($_GET["del"]);
     if ($mac !== false) {
         $ini = new Ini();
         $ini->load($g_chan_sync);
         foreach ($ini->sections() as $user) {
             if ($ini->get($user, "mac") == $mac) {
                 $ini->deleteSection($user);
                 $ini->dump($g_chan_sync);
                 $target_user = $user;
                 break;
             }
         }
         if (isset($target_user)) {
             $ini->load($g_sip);
             foreach ($ini->sections() as $host) {
                 if ($ini->get($host, "context") == $target_user) {