WebSVN – ALCASAR – Diff – /web/intercept.php



<?php
# $Id: intercept.php 3088 2022-11-06 22:55:08Z rexy $
#
# intercept.php for ALCASAR captive portal
# By Mondru AB.
# Modify by Rexy & steweb57
# UI & css style by Stéphane ERARD & Alexandre VEZIN

if ($button === $l_boutonO) {
	//correction password length in coova-chilli
	//thanks to http://www.stochasticgeometry.ie/2009/09/09/maximum-password-length-in-coova-chilli/
	$hexchal = pack('H*', $challenge);
	$newchal = pack('H*', hash('sha256',$hexchal . $uamsecret));
 
	// If challenge isn't long enough, repeat it until it is
	while (strlen($newchal) < strlen($password)) {
		$newchal .= $newchal;
	}
 
	$newpwd   = pack('a*', $password);
	// Encode plain text password with challenge
	$pappassword = implode('', unpack('H*', ($newpwd ^ $newchal)));
 
	header("Location: $uamproto://$uamip:$uamport/logon?username=$username&password=$pappassword&userurl=$userurl");
	exit();
}
 
switch($res) {

Rev 3085	Rev 3088
Line 1...	Line 1...
1	`<?php`	1	`<?php`
2	`# $Id: intercept.php 3085 2022-11-02 17:02:32Z rexy $`	2	`# $Id: intercept.php 3088 2022-11-06 22:55:08Z rexy $`
3	`#`	3	`#`
4	`# intercept.php for ALCASAR captive portal`	4	`# intercept.php for ALCASAR captive portal`
5	`# By Mondru AB.`	5	`# By Mondru AB.`
6	`# Modify by Rexy & steweb57`	6	`# Modify by Rexy & steweb57`
7	`# UI & css style by Stéphane ERARD & Alexandre VEZIN`	7	`# UI & css style by Stéphane ERARD & Alexandre VEZIN`
Line 442...	Line 442...
442	`if ($button === $l_boutonO) {`	442	`if ($button === $l_boutonO) {`
443	`//correction password length in coova-chilli`	443	`//correction password length in coova-chilli`
444	`//thanks to http://www.stochasticgeometry.ie/2009/09/09/maximum-password-length-in-coova-chilli/`	444	`//thanks to http://www.stochasticgeometry.ie/2009/09/09/maximum-password-length-in-coova-chilli/`
445	`$hexchal = pack('H*', $challenge);`	445	`$hexchal = pack('H*', $challenge);`
446	`$newchal = pack('H*', hash('sha256',$hexchal . $uamsecret));`	446	`$newchal = pack('H*', hash('sha256',$hexchal . $uamsecret));`
447		-
448	`// If challenge isn't long enough, repeat it until it is`	447	`// If challenge isn't long enough, repeat it until it is`
449	`while (strlen($newchal) < strlen($password)) {`	448	`while (strlen($newchal) < strlen($password)) {`
450	`$newchal .= $newchal;`	449	`$newchal .= $newchal;`
451	`}`	450	`}`
452		-
453	`$newpwd = pack('a*', $password);`	451	`$newpwd = pack('a*', $password);`
454	`// Encode plain text password with challenge`	452	`// Encode plain text password with challenge`
455	`$pappassword = implode('', unpack('H*', ($newpwd ^ $newchal)));`	453	`$pappassword = implode('', unpack('H*', ($newpwd ^ $newchal)));`
456		-
457	`header("Location: $uamproto://$uamip:$uamport/logon?username=$username&password=$pappassword&userurl=$userurl");`	454	`header("Location: $uamproto://$uamip:$uamport/logon?username=$username&password=$pappassword&userurl=$userurl");`
458	`exit();`	455	`exit();`
459	`}`	456	`}`
460		457
461	`switch($res) {`	458	`switch($res) {`

Subversion Repositories ALCASAR

(root)/web/intercept.php – Rev 3085 → 3088