require "lib.php"; /* * Make sure necessary parameters are present */ if (!isset($_POST["u"]) || !isset($_POST["p"]) || !isset($_POST["ciphers"]) || !isset($_POST["cpuinfo"])) { tjohn_error(TJOHN_ERROR_MISC, "Invalid parameters"); } /* * Authenticate the supplied username/password * */ $user = tjohn_auth_user($_POST["u"], $_POST["p"]); /* * The user is authenticated. * Create an authcookie and register the node * */ $authcookie = md5(md5($_POST["u"]) . date("YmdHiS") . md5($_POST["p"]) . (string) mt_rand()); $q = "INSERT INTO nodes SET "; $q .= "user_id={$user->id}, "; $q .= "ciphers='" . $m->escape_string($_POST["ciphers"]) . "', "; $q .= "cpuinfo='" . $m->escape_string($_POST["cpuinfo"]) . "', "; $q .= "authcookie='" . $m->escape_string($authcookie) . "'"; if (@$m->query($q) === FALSE) { tjohn_error(TJOHN_ERROR_DB, $m->error); } // Keep track of the node's software version tjohn_node_set_useragent($m->insert_id); log_event("Node {$m->insert_id} registered by user {$user->id} ({$user->username})"); setcookie("node", $authcookie); echo TJOHN_SUCCESS . " {$authcookie}";
<?php /* * Login a node with an auth cookie (the "a" parameter) * Sends a Set-Cookie header if successful * */ require "../config.php"; require "../init.php"; require "lib.php"; if (!isset($_POST["a"])) { tjohn_error(TJOHN_ERROR_MISC, "Invalid parameters"); } $node = tjohn_auth_node($_POST["a"]); // Keep track of the node's software version tjohn_node_set_useragent($node->id); setcookie("node", $node->authcookie); echo TJOHN_SUCCESS . " Logged in as node {$node->id}"; log_event("Node {$node->id} ({$node->nodename}) logged in");
function tjohn_group_get_memberships($user_id) { global $m; $ret = array(); $q = "SELECT group_id FROM group_members WHERE user_id='" . $m->escape_string($user_id) . "'"; if (($r = $m->query($q)) === FALSE) { tjohn_error(TJOHN_ERROR_DB, $m->error); } while ($row = $r->fetch_object()) { $ret[] = $row->group_id; } $r->close(); return $ret; }
* Fetch current state! * */ require "../config.php"; require "../init.php"; require "lib.php"; // Authenticate node if (!isset($_COOKIE["node"])) { tjohn_error(TJOHN_ERROR_AUTH, "Authentication cookie not set"); } $node = tjohn_auth_node($_COOKIE["node"]); if (!isset($_GET["j"]) || !isset($_GET["p"])) { tjohn_error(TJOHN_ERROR_MISC, "Missing parameters"); } if ($node->current_job_id != $_GET["j"]) { tjohn_error(TJOHN_SUCCESS, "Registered request for hashes doesn't match submitted job. Two nodes sharing the same auth cookie, maybe?"); } $q = "SELECT * FROM packets WHERE id='" . $m->escape_string($_GET["p"]) . "' AND job_id='" . $m->escape_string($_GET["j"]) . "'"; if (($r = @$m->query($q)) === FALSE) { tjohn_error(TJOHN_ERROR_DB, "Failed to identify submitted packet: " . $m->error); } if (($row = $r->fetch_object()) === NULL) { tjohn_error(TJOHN_SUCCESS, "Packet doesn't belong to you."); } $r->close(); $q = "UPDATE packets SET done=1, completed=NOW() WHERE id='" . $m->escape_string($row->id) . "'"; if (@$m->query($q) === FALSE) { tjohn_error(TJOHN_ERROR_DB, "Failed to finish packet: {$m->error}"); } // See ../config.php for a list of attack modes (i.e: "incremental all" or "wordlist quick") echo TJOHN_SUCCESS;
/* * Adds cracked hashes to a queue for later verification * */ require "../config.php"; require "../init.php"; require "lib.php"; if (!isset($_COOKIE["node"])) { tjohn_error(TJOHN_ERROR_AUTH, "Authentication cookie not set"); } $node = tjohn_auth_node($_COOKIE["node"]); if (!isset($_POST["pot"]) || !isset($_POST["j"])) { tjohn_error(TJOHN_ERROR_MISC, "Parameters pot[] or j not set!"); } $errors = array(); foreach ($_POST["pot"] as $potline) { $temp = explode(":", $potline, 2); $hash = $temp[0]; $plaintext = $temp[1]; $m->set_charset("latin1"); $q = "INSERT INTO cracked_hashes SET node_id={$node->id}, job_id='" . $m->escape_string($_POST["j"]) . "', hash='" . $m->escape_string($hash) . "', plaintext='" . $m->escape_string($plaintext) . "'"; if (@$m->query($q) === FALSE) { $errors[] = "Failed to add hash {$hash} with plaintext {$plaintext}: " . $m->error; } } if (count($errors)) { tjohn_error(TJOHN_ERROR_DB, count($errors) . " errors encountered:\n" . implode("\n", $errors)); } tjohn_error(TJOHN_SUCCESS, "");