403Webshell
Server IP : 103.119.228.120  /  Your IP : 3.145.33.244
Web Server : Apache
System : Linux v8.techscape8.com 3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 #1 SMP Mon Jul 15 12:09:18 UTC 2024 x86_64
User : nobody ( 99)
PHP Version : 5.6.40
Disable Function : shell_exec,symlink,system,exec,proc_get_status,proc_nice,proc_terminate,define_syslog_variables,syslog,openlog,closelog,escapeshellcmd,passthru,ocinum cols,ini_alter,leak,listen,chgrp,apache_note,apache_setenv,debugger_on,debugger_off,ftp_exec,dl,dll,myshellexec,proc_open,socket_bind,proc_close,escapeshellarg,parse_ini_filepopen,fpassthru,exec,passthru,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,popen,show_source,proc_nice,proc_terminate,proc_get_status,proc_close,pfsockopen,leak,apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,dl,symlink,shell_exec,system,dl,passthru,escapeshellarg,escapeshellcmd,myshellexec,c99_buff_prepare,c99_sess_put,fpassthru,getdisfunc,fx29exec,fx29exec2,is_windows,disp_freespace,fx29sh_getupdate,fx29_buff_prepare,fx29_sess_put,fx29shexit,fx29fsearch,fx29ftpbrutecheck,fx29sh_tools,fx29sh_about,milw0rm,imagez,sh_name,myshellexec,checkproxyhost,dosyayicek,c99_buff_prepare,c99_sess_put,c99getsource,c99sh_getupdate,c99fsearch,c99shexit,view_perms,posix_getpwuid,posix_getgrgid,posix_kill,parse_perms,parsesort,view_perms_color,set_encoder_input,ls_setcheckboxall,ls_reverse_all,rsg_read,rsg_glob,selfURL,dispsecinfo,unix2DosTime,addFile,system,get_users,view_size,DirFiles,DirFilesWide,DirPrintHTMLHeaders,GetFilesTotal,GetTitles,GetTimeTotal,GetMatchesCount,GetFileMatchesCount,GetResultFiles,fs_copy_dir,fs_copy_obj,fs_move_dir,fs_move_obj,fs_rmdir,SearchText,getmicrotime
MySQL : ON |  cURL : ON |  WGET : ON |  Perl : ON |  Python : ON |  Sudo : ON |  Pkexec : ON
Directory :  /usr/local/ssl/local/ssl/share/doc/ppp-2.4.5/scripts/chatchat/

Upload File :
current_dir [ Writeable] document_root [ Writeable]

 

Command :


[ Back ]     

Current File : /usr/local/ssl/local/ssl/share/doc/ppp-2.4.5/scripts/chatchat/README
v 0.1 gpk@onramp.net 3/27/99

I Intro

   This document covers the use of the modified "chat" program and its 
adjunct "chatchat" to login using the Security Dynamics SecurID card
on a linux system.

   This set of files comprises a modified version of the chat program
(the one distributed with ppp-2.3.5) and a new program called chatchat
that allows you to supply data from the keyboard to the chat program.

   The SecurID card generates passwords that have a lifetime of one
minute and are used as a first layer in dial up security. The only
software I know of for this card is for windows, so I wrote my own. 
This software allows you to type in the time-sensitive password right
when your chat script is asked to supply the passcode by the remote
system. 


II How It Works

   This version of chat his an additional command that can be put into
its options that says "Don't reply with this string. Open this pipe,
read the contents, and reply with that instead." Chatchat creates a
pipe and lets you type your passcode into it, then chat picks that up
and sends it out just as though the passcode was hardcoded into the
options. 


III Installation 

  I've provided intel binaries and source code the the modified chat 
program and the chatchat program. I'll recommend that you copy the 
chat.c program into your ppp-2.3.5/chat directory (save your original 
chat.c program first!) and re-make it using the Makefile that comes 
with chat. Copy the new chat somewhere into your path. (On my system
chat lives in /usr/sbin/chat, so I've copied the modified one into 
/usr/sbin/chat.new and changed my dial in script to call chat.new
instead of chat.

  Second, compile chatchat.c and install it somewhere in your path:

 gcc -g -o chatchat chatchat.c
 cp chatchat /usr/sbin

 Third, modify your chat script to use the chatchat program. Mine
looks something like this:


                       --------------------

#!/bin/sh
#
# This is part 2 of the ppp-on script. It will perform the connection
# protocol for the desired connection.
# use atm0 to turn down the speaker volume on my sportster x2 voice modem
# gpk 11/2/97

exec /usr/sbin/chat.new  -V -v                       \
         ABORT           "BUSY"                     \
     ABORT              "NO DIAL TONE"      \
         ABORT           "NO ANSWER"                \
         TIMEOUT         50                             \
         ""             "atm0"                  \
         OK              ATDT$TELEPHONE                  \
        CONNECT         ''       \
    name:           \\da0xxxxxx  \
    word:           @/var/tmp/p \
        compress.       ''


                     -----------------------

 This is a standard chat script:

* abort if the modem is busy, you don't get a dial tone, no one
  answers, or 50 seconds elapses.

* use atm0 to mute the modem

* dial the modem, when it connects, wait to be asked for account name

* when we see "name:" prompt, delay briefly then respond with your 
  account name (fill in your account name)

Now we get to the new stuff:

* when we see "word:" in the password prompt, instead of responding
  with "@/var/tmp/p", the modified chat program will open the pipe 
  /var/tmp/p, read the passcode out of there, and send it

* when we see "compress." (the last word before ppp starts), reply
  with nothing. The script ends and we start ppp.

Note:

* Make sure there is some whitespace between the filename and the \.


IV Usage

   To use this install the modified chat and chatchat programs, and
modify your chat script similar to the above. Before you dial in,
start that chatchat program giving it the same pipe as in your config
file. In the above case:

chatchat /var/tmp/p

   Wait until you have one or two tick marks left on your card's
current number, then start your dial up process that eventually calls
chat. When chat goes to open and read the pipe, chatchat will prompt:


type PIN into SecurID card and 
 enter resulting passcode:

   At that point, type your PIN number into your Securid card, press
the diamond, and type the resulting numbers in as your passcode. If
you've left the -V -v options on your chat command you'll see
everything so out, otherwise it works silently.

   If you type the number wrong or run out of time, the server will 
respond with an authentication failure. In that case you will have to 
hang up and start again. I don't know how to build a conditional script 
that says either expect "compress" next, but if you see "name:" again, 
do this instead. 


V Additional Information

  You can obtain additional information about chat and ppp from the
man pages for chat and pppd, as well as the PPP-HOWTO.


Youez - 2016 - github.com/yon3zu
LinuXploit