... and i forgot about su

This commit is contained in:
overflowerror 2014-08-16 21:07:37 +02:00
parent af5fbb9f4e
commit 7c86890c6c
2 changed files with 139 additions and 0 deletions

42
backend/su.php Normal file
View file

@ -0,0 +1,42 @@
<?php
require_once("fileManager.php");
require_once("sessionManager.php");
require_once("actionLogger.php");
require_once("config.php");
require_once("userManager.php");
$result = array();
$user = $_GET['user'];
$tmp;
try {
$tmp = userManager::getUserById(userManager::getIdByUsername($user));
} catch (Exception $e) {
$tmp = array();
$tmp['error'] = $e->getMessage();
echo json_encode($tmp);
exit();
}
if (!$tmp->needLogin) {
$result['loggedIn'] = true;
$_SESSION['uid'] = $tmp->ID;
$result['username'] = $tmp->name;
$result['uid'] = $tmp->ID;
$result['home'] = fileManager::getPathById($tmp->homeFK);
}
$result['okay'] = true;
if (isset($_GET['password'])) {
if ($tmp->password != hash("sha256", $_GET['password'])) {
$result['error'] = "Authentication failure";
actionLogger::login($tmp->ID, $_SESSION, 0);
} else {
$result['loggedIn'] = true;
$_SESSION['uid'] = $tmp->ID;
$result['username'] = $tmp->name;
$result['uid'] = $tmp->ID;
$result['home'] = fileManager::getPathById($tmp->homeFK);
actionLogger::login($tmp->ID, $_SESSION, 1);
}
}
echo json_encode($result);
?>

View file

@ -0,0 +1,97 @@
var Su = function() {
}
Su.prototype = new Program();
Su.prototype.inputPosition = 0;
Su.prototype.input = "";
Su.prototype.user = "";
Su.prototype.main = function(args) {
if (args.length != 2)
args[1] = "root";
this.user = args[1];
var result = new Request("backend/su.php");
result.setData([["check", true], ["user", args[1]]]);
result = result.send(true, ret);
result = JSON.parse(result);
if (result.error) {
this.output("\033[31m" + args[0] + ": " + result.error + "\033[0m\n");
this.exit(1);
return;
}
if (!result.okay) {
this.output("\033[31m" + args[0] + ": Unknown error\033[0m\n");
this.exit(2);
return;
}
if (result.loggedIn) {
shell.username = result.username;
shell.uid = result.uid;
shell.home = result.home;
this.exit(0);
return;
}
this.output("Password: ");
}
Su.prototype.handleKey = function(keyEvent) {
if (keyEvent.isSpecialKey) {
var ke = KeyEvent.SpecialKeys;
switch(keyEvent.key) {
case ke.enter:
this.output("\n");
this.exec();
break;
case ke.backspace:
if (this.inputPosition == 0)
break;
var tmp = this.input.split("");
tmp.splice(--this.inputPosition, 1);
this.input = tmp.join("");
break;
case ke.left:
if (this.inputPosition == 0)
break;
this.inputPosition--;
break;
case ke.right:
if (this.inputPosition == this.input.length)
break;
this.inputPosition++;
break;
default:
break;
}
} else {
var tmp = this.input.split("");
tmp.splice(this.inputPosition++, 0, keyEvent.key);
this.input = tmp.join("");
}
}
Su.prototype.exec = function() {
var result = new Request("backend/su.php");
result.setData([["password", Sha256.hash(this.input)], ["user", this.user]]);
this.input = "";
result = result.send(true, ret);
result = JSON.parse(result);
if (result.error) {
this.output("\033[31msu: " + result.error + "\033[0m\n");
this.exit(1);
return;
}
if (!result.okay) {
this.output("\033[31msu: Unknown error\033[0m\n");
this.exit(2);
return;
}
shell.username = result.username;
shell.uid = result.uid;
shell.home = result.home;
this.exit(0);
return;
}
ProgramManager.programs.push({
command: "su",
code: Su
})