|
Server : Apache/2.4.62 System : FreeBSD fbsdweb2.web.rcn.net 14.1-RELEASE FreeBSD 14.1-RELEASE releng/14.1-n267679-10e31f0946d8 GENERIC amd64 User : www ( 80) PHP Version : 8.3.8 Disable Function : NONE Directory : /domains/softechgrp/login/ |
Upload File : |
#!/usr/local/bin/perl
#you may need to adjust the above line (#!/usr/bin/perl is common)
#-----------------------------------------------------------------------------
# EZPass v1.0 (c) 2000 Croesus Design and Promotion
# Developed by Jason C. Fleming
# This program is distributed as open source WITHOUT ANY WARRANTY; without even
# the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
# IN NO EVENT WILL CROESUS DESIGN, THE AUTHOR OF THIS PRODUCT OR ANY
# REPRESENTATIVE OF CROESUS DESIGN BE LIABLE FOR LOSS OF DATA OR FOR
# DIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL (INCLUDING LOST PROFIT),
# OR OTHER DAMAGE, WHETHER BASED IN CONTRACT, TORT, OR OTHERWISE.
#-----------------------------------------------------------------------------
$| = 1; #flush output
read (STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); #get form input
@namevalues = split(/&/, $buffer);
foreach $namevalue (@namevalues) {
($name, $value) = split(/=/, $namevalue);
$name =~ tr/+/ /;
$value =~ tr/+/ /;
$name =~ s/%(..)/pack("C", hex($1))/eg;
$value =~ s/%(..)/pack("C", hex($1))/eg;
$value =~ s/<!--(.|\n)*-->//g; #deletes SSI's in case html is returned
$value =~ s/([:;<>\*\|`&\$!#\(\)\[\]\{\}'"])//g; # bleeps out html and shell commands (additional untaints done by programs)
$form{$name} = $value;
}
if ($form{path}) {
if (substr($form{path},0,1) eq '/') {$form{path} = substr($form{path},1)}
if (substr($form{path},-1) ne '/') {$form{path} .= '/'}
}
$program = $ENV{SCRIPT_NAME};
$root = $ENV{DOCUMENT_ROOT};
if ($form{directory}) {
$form{access}="AuthUserFile $root/$form{path}.htpasswd\nAuthGroupFile /dev/null\nAuthName \"$form{directory}\"\nAuthType Basic\n\n<Limit GET POST>\nrequire valid-user\n</Limit>";
$form{passwd}="$form{'login'}:" . &Crypt($form{'password'});
}
&OutputPage;
sub OutputPage {
print "Content-type: text/html\n\n";
print "<html><head><title>.htaccess Generator</title></head><body>\n";
print "<form method=post action=\"$program\">\n";
print "<table><tr><td colspan=2><font face=\"Verdana, Arial, Helvetica, sans-serif\" size=5><b>EZ Pass<br>File Generator for .htaccess<br><font size=3><i>by Croesus Design</b></font><hr></td><tr>\n";
print "<tr><td><font face=\"Verdana, Arial, Helvetica, sans-serif\">Auth Name (Anything you want)</td><td><input name=directory value=$form{directory}></td></tr>\n";
print "<tr><td><font face=\"Verdana, Arial, Helvetica, sans-serif\">Secret Directory (Path to passwords)</td><td><input name=path value=$form{path}></td></tr>\n";
print "<tr><td><font face=\"Verdana, Arial, Helvetica, sans-serif\">Username</td><td><input name=login value=$form{login}></td></tr>\n";
print "<tr><td><font face=\"Verdana, Arial, Helvetica, sans-serif\">Password</td><td><input type=password name=password value=$form{password}></td></tr>\n";
print "<tr><td></td><td><input type=submit name=submit value=\"Generate Files\"></td></tr>\n";
print "<tr><td><font face=\"Verdana, Arial, Helvetica, sans-serif\">.htaccess File Code</td><td><textarea name=access cols=60 rows=10>$form{access}</textarea></td></tr>\n";
print "<tr><td><font face=\"Verdana, Arial, Helvetica, sans-serif\">.htpasswd File Code</td><td><textarea name=passwd cols=60 rows=1>$form{passwd}</textarea></td></tr>\n";
print "</table></form></body></html>\n";
}
sub Crypt {
my $pass_code = shift(@_);
my @chr = ('a'..'z');
my $s1= @chr[int(rand($#chr + 1))];
my $s2= @chr[int(rand($#chr + 1))];
my $salt = "$s1$s2";
my $crypt=crypt($pass_code,$salt);
return $crypt;
}