Last active
December 7, 2019 14:07
-
-
Save diginfo/cf3ee586781b9adc0f348b5dac0b0d10 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| from BaseHTTPServer import BaseHTTPRequestHandler,HTTPServer | |
| import SimpleHTTPServer | |
| import SocketServer | |
| from os import curdir, sep | |
| import urllib | |
| import subprocess | |
| PORT = 8000 | |
| PASSKEY = "abcd1234" | |
| FILEPATH = '/etc/dovecot/passwd' | |
| INDEX="""<html> | |
| <head> | |
| <title>Email Password</title> | |
| <style> | |
| .row { | |
| display: block; | |
| margin-bottom: 0.5em; | |
| } | |
| label { | |
| display: inline-block; | |
| width: 8em; | |
| } | |
| </style> | |
| </head> | |
| <body> | |
| <form> | |
| <h1>Change Password</h1> | |
| <div class="row"> | |
| <label>Email Address:</label> | |
| <input type="email" name="email" > | |
| </div> | |
| <div class="row"> | |
| <label>New Password:</label> | |
| <input type="password" name="passwd"> | |
| </div> | |
| <div class="row"> | |
| <label>Pass Key:</label> | |
| <input type="password" name="passkey"> | |
| </div> | |
| <div class="row"> | |
| <input type="submit"> | |
| </div> | |
| </form> | |
| </body> | |
| </html>""" | |
| ## Read existing & parse new password | |
| def dofile(email,passwd): | |
| FDATA=[] | |
| with open(FILEPATH) as fp: | |
| line = fp.readline() | |
| while line: | |
| if len(line) > 20: | |
| _email,_pwd = line.strip().split(':') | |
| if _email != email: | |
| FDATA.append(line.strip()) | |
| else: | |
| FDATA.append('{}:{}'.format(email,passwd)) | |
| line = fp.readline() | |
| return ("\n".join(FDATA)) | |
| def wrfile(data): | |
| f = open(FILEPATH, "w") | |
| f.write(data) | |
| f.close() | |
| return | |
| def bash(cmd): | |
| process = subprocess.Popen(cmd.split(), stdout=subprocess.PIPE) | |
| res, err = process.communicate() | |
| if err: return err | |
| else: return res | |
| #Handler for the GET requests | |
| class myHandler(BaseHTTPRequestHandler): | |
| ## html page | |
| def page(self,path='index.html'): | |
| mimetype = 'text/html' | |
| f = open(curdir + sep + path) | |
| self.send_response(200) | |
| self.send_header('Content-type','text/html') | |
| self.end_headers() | |
| self.wfile.write(f.read()) | |
| f.close() | |
| def do_GET(self): | |
| self.path = urllib.unquote(self.path) | |
| print('path:',self.path) | |
| if self.path == '/': | |
| self.send_response(200) | |
| self.send_header('Content-type','text/html') | |
| self.end_headers() | |
| self.wfile.write(INDEX); | |
| else: | |
| bits = self.path.split('?') | |
| if len(bits) == 2: | |
| params = bits[1].split('&') | |
| data = { | |
| 'email' : None, | |
| 'passwd' : None, | |
| 'passkey' : None | |
| } | |
| for i in params: | |
| key,val = i.split('=') | |
| if key in data: data[key] = val | |
| ## Dont Proceed if Wrong | |
| if data['passkey'] != PASSKEY: | |
| self.send_response(500) | |
| return self.end_headers() | |
| else: | |
| cram = bash('/usr/bin/doveadm pw -s cram-md5 -u {} -p {}'.format(data['email'],data['passwd'])) | |
| res = dofile(data['email'],cram) | |
| wrfile(res); | |
| bash("service dovecot reload") | |
| self.send_response(200) | |
| self.send_header('Content-type','text/html') | |
| self.end_headers() | |
| self.wfile.write('<h1>Password for {} Updated. </h1>'.format(data['email'])) | |
| return | |
| httpd = SocketServer.TCPServer(("", PORT), myHandler) | |
| print "Serving at port", PORT | |
| httpd.serve_forever() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment