Skip to content

Instantly share code, notes, and snippets.

@samhk222

samhk222/gist:f4e5ff09df8e8f4d2e0f860604f07d82

Created May 18, 2018 16:31
Show Gist options
  • Save samhk222/f4e5ff09df8e8f4d2e0f860604f07d82 to your computer and use it in GitHub Desktop.
Save samhk222/f4e5ff09df8e8f4d2e0f860604f07d82 to your computer and use it in GitHub Desktop.
Download ZIP
Holoair Login Problem
Raw
gistfile1.txt
<?PHP
set_time_limit(0);
include('Crypt/RSA.php');
$password = '123456';
/**
/$$$$$$$ /$$ /$$ /$$$$$$$ /$$ /$$ /$$$$$$$$ /$$ /$$
| $$__ $$| $$ | $$| $$__ $$ | $$ /$$/| $$_____/| $$ /$$/
| $$ \ $$| $$ | $$| $$ \ $$ | $$ /$$/ | $$ \ $$ /$$/
| $$$$$$$/| $$ | $$| $$$$$$$ | $$$$$/ | $$$$$ \ $$$$/
| $$____/ | $$ | $$| $$__ $$ | $$ $$ | $$__/ \ $$/
| $$ | $$ | $$| $$ \ $$ | $$\ $$ | $$ | $$
| $$ | $$$$$$/| $$$$$$$/ | $$ \ $$| $$$$$$$$ | $$
|__/ \______/ |_______/ |__/ \__/|________/ |__/
* */
$url = "http://www.wiikk.cn:8088/admin/AdminLoginR";
$ch = curl_init();
$cookie = $dir2 = tempnam ("/tmp", "CURLCOOKIE");
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Connection: Keep-Alive", "Accept-Charset: ISO-8859-1, UTF-8", "User-Agent: Apache-HttpClient/4.5.5 (Java/1.8.0_171)", "Accept-Encoding: gzip,deflate"));
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_COOKIEJAR, $dir);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
$buffer = curl_exec($ch);
$headerSent = curl_getinfo($ch, CURLINFO_HEADER_OUT ); // request headers
$header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
$body = json_decode(substr($buffer, $header_size));
echo "\n<pre>";
print_r($body);
echo "\n</pre>";
/**
This Prints
stdClass Object
(
[pubexponent] => 10001
[pubmodules] => aa06fd8fbff4e0410a700c1820b521aa9f5ae2844218b2462573962b210540cf41d9d9e2cefc5c7d55746a98e498e57392a254e886b1aee0bac437bc9ab86f20460c27055f0df7dd3f88d28128e34c983d4e161bafbfdf9e92593cf97323bcf29743938c05ed6bde238ebc05f711d7819083450f393c0d93357d82e0167a072d
[pubmodules_base64] => MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqBv2Pv/TgQQpwDBggtSGqn1rihEIYskYlc5Yr
IQVAz0HZ2eLO/Fx9VXRqmOSY5XOSolTohrGu4LrEN7yauG8gRgwnBV8N990/iNKBKONMmD1OFhuv
v9+eklk8+XMjvPKXQ5OMBe1r3iOOvAX3EdeBkINFDzk8DZM1fYLgFnoHLQIDAQAB
)
**/
/**
/$$$$$$$$ /$$ /$$ /$$$$$$ /$$$$$$$ /$$ /$$ /$$$$$$$ /$$$$$$$$ /$$$$$$$ /$$$$$$ /$$$$$$ /$$$$$$
| $$_____/| $$$ | $$ /$$__ $$| $$__ $$| $$ /$$/| $$__ $$|__ $$__/ | $$__ $$ /$$__ $$ /$$__ $$ /$$__ $$
| $$ | $$$$| $$| $$ \__/| $$ \ $$ \ $$ /$$/ | $$ \ $$ | $$ | $$ \ $$| $$ \ $$| $$ \__/| $$ \__/
| $$$$$ | $$ $$ $$| $$ | $$$$$$$/ \ $$$$/ | $$$$$$$/ | $$ | $$$$$$$/| $$$$$$$$| $$$$$$ | $$$$$$
| $$__/ | $$ $$$$| $$ | $$__ $$ \ $$/ | $$____/ | $$ | $$____/ | $$__ $$ \____ $$ \____ $$
| $$ | $$\ $$$| $$ $$| $$ \ $$ | $$ | $$ | $$ | $$ | $$ | $$ /$$ \ $$ /$$ \ $$
| $$$$$$$$| $$ \ $$| $$$$$$/| $$ | $$ | $$ | $$ | $$ | $$ | $$ | $$| $$$$$$/| $$$$$$/
|________/|__/ \__/ \______/ |__/ |__/ |__/ |__/ |__/ |__/ |__/ |__/ \______/ \______/
* */
$rsa = new \Crypt_RSA();
$rsa->loadKey($body->pubmodules_base64);
$messa1 = $rsa->encrypt($plaintext);
$messaX = pack('H*', '0xFF');
$messa2 = String2Hex($messa1);
/**
/$$ /$$ /$$$$$$ /$$$$$$$$ /$$ /$$ /$$$$$$ /$$$$$$$ /$$ /$$ /$$$$$$ /$$ /$$ /$$$$$$
| $$$ | $$ /$$__ $$|__ $$__/ | $$ /$ | $$ /$$__ $$| $$__ $$| $$ /$$/|_ $$_/| $$$ | $$ /$$__ $$
| $$$$| $$| $$ \ $$ | $$ | $$ /$$$| $$| $$ \ $$| $$ \ $$| $$ /$$/ | $$ | $$$$| $$| $$ \__/
| $$ $$ $$| $$ | $$ | $$ | $$/$$ $$ $$| $$ | $$| $$$$$$$/| $$$$$/ | $$ | $$ $$ $$| $$ /$$$$
| $$ $$$$| $$ | $$ | $$ | $$$$_ $$$$| $$ | $$| $$__ $$| $$ $$ | $$ | $$ $$$$| $$|_ $$
| $$\ $$$| $$ | $$ | $$ | $$$/ \ $$$| $$ | $$| $$ \ $$| $$\ $$ | $$ | $$\ $$$| $$ \ $$
| $$ \ $$| $$$$$$/ | $$ | $$/ \ $$| $$$$$$/| $$ | $$| $$ \ $$ /$$$$$$| $$ \ $$| $$$$$$/
|__/ \__/ \______/ |__/ |__/ \__/ \______/ |__/ |__/|__/ \__/|______/|__/ \__/ \______/
* */
$return = DoLoginWithCredentials($ch, $messaX);
/**
/$$$$$$ /$$ /$$ /$$$$$$$$ /$$$$$$$$ /$$$$$$$ /$$$$$$$$ /$$ /$$ /$$$$$$ /$$$$$$
|_ $$_/ | $$$ | $$| $$_____/| $$_____/| $$__ $$ |__ $$__/| $$ | $$|_ $$_/ /$$__ $$
| $$ | $$$$| $$| $$ | $$ | $$ \ $$ | $$ | $$ | $$ | $$ | $$ \__/
| $$ | $$ $$ $$| $$$$$ | $$$$$ | $$ | $$ | $$ | $$$$$$$$ | $$ | $$$$$$
| $$ | $$ $$$$| $$__/ | $$__/ | $$ | $$ | $$ | $$__ $$ | $$ \____ $$
| $$ | $$\ $$$| $$ | $$ | $$ | $$ | $$ | $$ | $$ | $$ /$$ \ $$
/$$$$$$ | $$ \ $$| $$$$$$$$| $$$$$$$$| $$$$$$$/ | $$ | $$ | $$ /$$$$$$| $$$$$$/
|______/ |__/ \__/|________/|________/|_______/ |__/ |__/ |__/|______/ \______/
* * */
print_r($return);
exit();
function DoLoginWithCredentials($ch, $str){
global $cookie;
$urlLogin = "http://www.wiikk.cn:8088/User/loginR?userName=victorwatanabe9&password={$str}";
echo sprintf("\nURLLogin:%s", $urlLogin);
$fields = array('' => null);
curl_setopt($ch, CURLOPT_URL, $urlLogin);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Connection: Keep-Alive","Accept-Charset: ISO-8859-1, UTF-8", "User-Agent: Apache-HttpClient/4.5.5 (Java/1.8.0_171)","Accept-Encoding: gzip,deflate"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie);
//curl_setopt($ch, CURLOPT_POSTFIELDS,$params);
$buffer = curl_exec($ch);
$header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
$retorno_webservice = json_decode( substr($buffer, $header_size) );
echo "\n<pre>";
print_r($retorno_webservice);
echo "\n</pre>";
return $retorno_webservice;
}
function strToHex($string){
$hex = '';
for ($i=0; $i<strlen($string); $i++){
$ord = ord($string[$i]);
$hexCode = dechex($ord);
$hex .= substr('0'.$hexCode, -2);
}
return strToUpper($hex);
}
function String2Hex($string){
$hex='';
for ($i=0; $i < strlen($string); $i++){
$hex .= dechex(ord($string[$i]));
}
return strToUpper($hex);
}
@gianlucamolinaro
Copy link

Hi, do you resolve this issue?
I'm interested too in this.
Regards
Gianluca Molinaro
[email protected]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment