Overview of gvr_apps_auth_func.inc

Public Function Summary

Public functions are intended to be called by the code that imports this library.

Name Summary
get_typo3_login_cookie
get_typo3_logout

Public Function Details

Named Parameters

chost
cinstall
tport

Code

function get_typo3_login_cookie(cinstall, tport, chost)
{
  url = cinstall + "/typo3/index.php";
  treq = http_get(item:string(url), port:tport);
  tres = http_send_recv(port:tport, data:treq, bodyonly:FALSE);

  username = urlencode(str:get_kb_item("http/login"));
  password = urlencode(str:get_kb_item("http/password"));

  challenge = eregmatch(pattern:'name="challenge" value="([a-z0-9]+)"' , string:tres);

  if(challenge)
  {
    password = hexstr(MD5(password));
    userident = hexstr(MD5(username + ":" + password + ":" + challenge[1]));
    payload = "login_status=login&username=" + username + "&p_field=&commandLI=Log+In&" +
              "userident=" + userident + "&challenge=" + challenge[1] + "&redirect_url=" +
              "alt_main.php&loginRefresh=&interface=backend";

    tcookie = eregmatch(pattern:"(be_typo_user=[a-z0-9]+\;)" , string:tres);
    PHPSESSID = eregmatch(pattern:"(PHPSESSID=[a-z0-9]+\;?)" , string:tres);

    if(!PHPSESSID[1])
      PHPSESSID[1] = "PHPSESSID=37dh7b4vkprsui40hmg3hf4716";

    if (tcookie[1] && PHPSESSID[1])
    {
      cCookie = tcookie[1] + ' showRefMsg=false; ' + PHPSESSID[1] + " typo3-login-cookiecheck=true";

      req = string("POST ",url," HTTP/1.0\r\n",
                   "Host: " + chost + "\r\n",
                   "User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:14.0) Gecko/20100101 Firefox/14.0.1\r\n",
                   "Referer: http://" + chost + "/typo3/alt_menu.php \r\n",
                   "Connection: keep-alive\r\n",
                   "Cookie: ",cCookie,"\r\n",
                   "Content-Type: application/x-www-form-urlencoded\r\n",
                   "Content-Length: ",strlen(payload), "\r\n\r\n",
                   payload);

      buf = http_keepalive_send_recv(port:tport, data:req);

      rcookie = eregmatch(pattern:"(be_typo_user=[a-z0-9]+\;)" , string:buf);

      if(!rcookie[1]) {
        cookie = tcookie[1] + " " + PHPSESSID[1];
      }
      else {
        cookie = rcookie[1] + ' showRefMsg=false; ' + PHPSESSID[1] + " typo3-login-cookiecheck=true";
      }

      return cookie;

    }
  }
}


#To logout from TYPO3 session

		
top

get_typo3_logout

Named Parameters

lcookie
lhost
loc
lport

Code

function get_typo3_logout(loc, lport, lhost, lcookie)
{
  lurl = install + "/typo3/logout.php";
  lreq = string("GET ",lurl," HTTP/1.0\r\n",
                "Host: " + lhost + "\r\n",
                "User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:14.0) Gecko/20100101 Firefox/14.0.1\r\n",
                "Referer: http://" + lhost + "/typo3/alt_menu.php \r\n",
                "Connection: keep-alive\r\n",
                "Cookie: ",lcookie,"\r\n",
                "Content-Type: application/x-www-form-urlencoded\r\n\r\n");
  lres = http_send_recv(port:lport, data:lreq, bodyonly:FALSE);
}


		
top