function gdo_db() { global $SINGLE_GDO_DB; if ($SINGLE_GDO_DB === null) { if (false !== ($SINGLE_GDO_DB = gdo_db_instance(GWF_DB_HOST, GWF_DB_USER, GWF_DB_PASSWORD, GWF_DB_DATABASE, GWF_DB_TYPE))) { GDO::setCurrentDB($SINGLE_GDO_DB); } } return $SINGLE_GDO_DB; }
private static function fixPIDs(GDO_Database $db_from, GDO_Database $db_to, array &$db_offsets, $prefix, $prevar) { $classname = 'GWF_ForumBoard'; GDO::setCurrentDB($db_to); $boards = GDO::table($classname); if (false === ($result = $boards->select('board_bid, board_pid', 'board_pid > 0x40000000'))) { echo GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); return false; } while (false !== ($row = $boards->fetch($result, GDO::ARRAY_N))) { list($bid, $pid) = $row; $pid = $db_offsets[$classname][(string) ($pid - 0x40000000)]; $boards->update("board_pid={$pid}", "board_bid={$bid}"); } $boards->free($result); }
<?php # WeChall DB global $db1, $db2; $db1 = GDO::getCurrentDB(); # Challenge DB $db2 = gdo_db_instance(DLDC_DB_HOST, DLDC_DB_USER, DLDC_DB_PASS, DLDC_DB_NAME); # Set to challenge db GDO::setCurrentDB($db2);
private static function fix_missing_site_threads(GDO_Database $db_from, GDO_Database $db_to, array &$db_offsets) { GDO::setCurrentDB($db_to); $table = GDO::table('WC_Site'); $module = GWF_Module::getModule('WeChall'); // Boards // if (false === ($result = $table->select('*'))) // { // echo GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); // return false; // } // while (false !== ($site = $table->fetch($result, GDO::ARRAY_O))) // { // $site instanceof WC_Site; // if (false === GDO::table('GWF_ForumBoard')->select('1', "board_id={$site->getBoardID()}")) // { // GWF_Cronjob::notice(sprintf('Site %s has no board!', $site->getClassName())); // $site->onCreateBoard(); // } // } // $table->free($result); // Threads if (false === ($result = $table->select('*'))) { echo GWF_HTML::err('ERR_DATABASE', array(__FILE__, __LINE__)); return false; } while (false !== ($site = $table->fetch($result, GDO::ARRAY_O))) { $site instanceof WC_Site; if (false === $site->getThread()) { GWF_Cronjob::notice(sprintf('Site %s has no thread!', $site->getClassName())); $site->onCreateThread($module); } } $table->free($result); }
#!/usr/bin/php <?php if (PHP_SAPI !== 'cli') { die('CLI Please'); } # GWF_PATH chdir('../../../www'); require_once '../core/inc/GDO/GDO.php'; define('GWF_CORE_PATH', '../core/'); define('GWF_USER_STACKTRACE', true); define('GWF_DB_TYPE', 'mysqli'); $oldfix = 'hes2013_'; $newfix = 'wc4_'; $db = gdo_db_instance('localhost', 'nsc2013', 'nsc2013', 'nsc2013'); GDO::setCurrentDB($db); if (false === ($result = $db->queryRead("SHOW TABLES"))) { die('ERROR 1'); } while (false !== ($row = $db->fetchRow($result))) { $tablename = $row[0]; $new_tablename = preg_replace("/^{$oldfix}/", $newfix, $tablename); echo "{$tablename} => {$new_tablename}\n"; $db->renameTable($tablename, $new_tablename); }
function merge_users(GDO_Database $db_from, GDO_Database $db_to, array &$db_offsets, $prefix, $prevar) { $db_offsets['user_name'] = array(); GDO::setCurrentDB($db_from); $users = GDO::table('GWF_User'); if (false === ($result = $users->select('*', '', 'user_id ASC'))) { echo GWF_Error::err('ERR_DATABASE', array(__FILE__, __LINE__)); return false; } GDO::setCurrentDB($db_to); $to_users = GDO::table('GWF_User'); $off = $db_offsets['GWF_User']; while (false !== ($user = $users->fetch($result, GDO::ARRAY_A))) { $oldname = $user['user_name']; $newname = merge_user_name($user['user_name'], $to_users, $prefix, $prevar); $user['user_name'] = $newname; if ($oldname !== $newname) { $db_offsets['user_name'][$oldname] = $newname; } $user['user_id'] += $off; $to_users->insertAssoc($user); GWF_Cronjob::log('Added user ' . $user['user_name'] . ' with id ' . $user['user_id']); } $users->free($result); return true; }
function dldc_restore_db() { global $db1; GDO::setCurrentDB($db1); }
$secret_user = (require 'secrets.php'); chdir("../../../"); require_once "challenge/html_head.php"; $title = 'Disclosures'; html_head("Install: {$title}"); if (!GWF_User::isAdminS()) { return htmlSendToLogin("Better be admin !"); } ### Create challenge table and stuff require 'www/user.php'; require 'www/db.php'; $users = array('aaaaaron' => array('Aaronson', 'Aaron A.', '*****@*****.**', 'Sonnenblume2014'), 'administrator' => $secret_user, 'dloser' => array('Winner', 'BigRichardDick', '*****@*****.**', 'pwnedgizagain'), 'benja' => array('Barneby-Smith', 'Benjamin', '*****@*****.**', 'Wizard1234'), 'casi' => array('Casi', 'Casi', '*****@*****.**', 'casiisaccasiisac'), 'jannn' => array('L', 'Jan', '*****@*****.**', 'essenlol123'), 'ulla' => array('Kalele', 'Ulla', '*****@*****.**', 'Hannover!!'), 'test' => array('test', 'test', '*****@*****.**', '11111111'), 'admin' => array('test', 'test', '*****@*****.**', '11111111'), 'desiree' => array('Reelity', 'Daisy', '*****@*****.**', '.SOLAME.'), 'strider' => array('', '', '*****@*****.**', 'hahackah'), 'wildgoat' => array('', '', '*****@*****.**', 'iliketrains'), 'synergy' => array('', '', '*****@*****.**', 'syn.synack.ack'), 'fastfloats' => array('', '', '*****@*****.**', 'GMPDEV111'), 'teeest' => array('', '', '*****@*****.**', 'test'), 'lostchall' => array('', '', '*****@*****.**', 'PassWordPass!"§'), 'Weezer' => array('', '', '*****@*****.**', 'Weeeeeeeee'), 'olga' => array('Olga', 'Olga', '*****@*****.**', 'Pass123')); $i = 0; GDO::table('DLDC_User')->createTable(true); foreach ($users as $username => $data) { list($lastname, $firstname, $email, $password) = $data; $user = DLDC_User::instance($username, $password, $email, $firstname, $lastname); $minscore = $username === 'dloser' ? 90 : 0; $user->setVar('wechall_userid', --$i); $user->setVar('level', rand($minscore, 100)); $user->insert(); } ### WC continues GDO::setCurrentDB($db1); $score = 5; $url = "challenge/dloser/disclosures/index.php"; $creators = "gizmore,dloser"; $tags = 'Exploit'; WC_Challenge::installChallenge($title, DLDC_SOLUTION, $score, $url, $creators, $tags, true, WC_Challenge::CHALL_CASE_S); require_once "challenge/html_foot.php";