Login check.agi

Aus metasec wiki
Wechseln zu: Navigation, Suche

login_check.php

#!/usr/bin/php4 -q
<?php
/*
 *      AGI Script for checking dialout permissions
 *      (c) Lukas Ziaja <lz@metasec.de>
 */


$in = fopen("php://stdin", "r" );
/*
 *      clean up the overgiven parameterstrings
 */
foreach ( $argv as $key => $val )
    $argv[$key] = trim($val);

if ( empty($argv[1]) ) {

    /*
    *      just do some debug output
    */
    echo "noop LEERE EINGABE!!!\n";
    echo "set priority 100\n";

    fclose($in);
    return true;

}

$f1 = fopen("/var/www/webtapi/log.txt", "a+");
fputs($f1, $argv[1]."\n");
fclose($f1);

foreach ( file("/var/www/webtapi/nums.txt") as $line ) {
    $line = trim($line);
    if ( $line == $argv[1] ) {
        fclose($in);
        return 0;
    }
}

echo "hangup\n";

fclose($in);
return 0;

?>

extensions.conf

exten => 123, 1, Agi(login_check.php,${CALLERID(num)})
exten => 123, 2, Answer
exten => 123, 3, NoOp( Hier gehts weiter )
exten => 123, 4, Hangup

support_login.php


<?php
    if ( $_POST["nums"] ) {
        $f1 = fopen("/var/www/webtapi/nums.txt", "w+");
        fputs($f1, str_replace("/", "",str_replace(" ", "",$_POST["nums"])));
        fclose($f1);
    }
?>
<html>
    <head>
        <title>BAP SIPgate Admin</title>
    </head>

    <body>
        <form name="" action="" method="post">
            <table width="600" align="center" border="1">
                <tr>
                    <td valign="top">Zugelassene Nummern</td>
                    <td><textarea cols="40" rows="15" name="nums"><?php
print(file_get_contents("nums.txt"));


                    ?></textarea></td>
                </tr>
                <tr>
                    <td></td>
                    <td align="right"><input type="submit" value="Speichern">
                </tr>

                <tr>
                    <td valign="top">Lastlog:</td>
                    <td style="font-family:Courier;"><?php
                    $F = file("log.txt");
                    $F = array_reverse($F);
                    $i=0;

                    foreach ( $F  as $line ) {
                        print(str_replace(" ", "\t", $line)."<br>\n");
                        if ( $i++ == 10 )
                            break;
                    }

                    ?>
                </tr>

            </table>

        <form>
    </body>
</html>