- 01
- 02
- 03
- 04
- 05
- 06
- 07
- 08
- 09
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
class traffic {
function traffic() {
global $mosConfig_live_site;
$remhost = @$_SERVER['REMOTE_HOST'];
if (strpos($remhost,".") != false) { $remhost = strtok($remhost,"."); }
$remhost = strtoupper($remhost);
$mb = @$_COOKIE['mb'];
//if ($mb == -1 || $mb == 0) { return; }
if (isset($mb)) {
if ($mb < 300) { $colormb = "green"; }
else { $colormb = "red"; }
$t =<<<TXT
<center><b>
<font size="4" style="line-height: 40px"><font color="$colormb"><p>eto prosto tak</p> $mb </font> </font>
<br><font size="2" color="blue" style="line-height: 20px">$remhost</font></br></b></center>
<font color="brown" size="1" style="line-height: 8px">* -01:00</font>
TXT;
echo $t ;
echo @$_SERVER['HTTP_USER_AGENT'];
return;
}
$headers = apache_request_headers(); //
if (!isset($headers['Authorization'])) { //
header('HTTP/1.0 401 Unauthorized'); //
header('WWW-Authenticate: NTLM'); // - NTLM
return; } //
//
if (substr($headers['Authorization'],0,5) == 'NTLM ') { // , NTLM-
$chain = base64_decode(substr($headers['Authorization'],5)); //
switch (ord($chain{8})) { //
case 3: // 5 - type-3
foreach (array('LM_resp','NT_resp','domain','user','host') as $k=>$v) {
extract(unpack('vlength/voffset',substr($chain,$k*8+14,4)));
$val = substr($chain,$offset,$length);
//echo "$v: ".($k<2 ? hex_dump($val) : iconv('UTF-16LE','CP1251',$val))."<br>\r\n";
switch ($k) {
case 2:
$domain = iconv('UTF-16LE','CP1251',$val);
case 3:
$username = iconv('UTF-16LE','CP1251',$val);
//case 4:
// $hostname = iconv('UTF-16LE','CP1251',$val);
}
}
$sdlt = fopen("http://sdlt/sdlt.php?username=".$username."&domainname=".$domain."&key=4125896370","r");
$str = fscanf($sdlt,"%s");
fclose($sdlt);
list($mb) = $str;
if ($mb == -1) { return; }
setcookie("mb",$mb,time()+64800);
if ($mb < 300) { $colormb = "green"; }
else { $colormb = "red"; }
$t =<<<TXT
<center><b> -<br> :<br>
<font size="4" style="line-height: 40px"><font color="$colormb"><p>privet ilya!!!!!!!!!!!!!!!!!!!!!! </p> $mb </font><font color="brown">*</font></font><br>
<font style="line-height: 24px"> :</font><br>
<font size="1" color="blue" style="line-height: 20px">$remhost ($domain - $username)</font><br></b></center>
<font color="brown" size="1" style="line-height: 8px">* - 01:00</font>
TXT;
echo $t;
return;
case 1: // 3
//if (ord($chain{13}) == 0xB2 || ord($chain{13}) == 0x8201) { // NTLM 0xb2 13 type-1:
$chain = "NTLMSSP\x00".//
"\x02" /* */ ."\x00\x00\x00\x00\x00\x00\x00".
"\x28\x00" /* */ ."\x00\x00".
"\x01\xB2" /* */ ."\x00\x00".
"\x00\x02\x02\x02\x00\x00\x00\x00". // nonce
"\x00\x00\x00\x00\x00\x00\x00\x00";
header('HTTP/1.0 401 Unauthorized');
header('WWW-Authenticate: NTLM '.base64_encode($chain)); // type-2
return;// }
}
}
}
}
}
$traffic=new traffic();