예제 #1
0
파일: typo3.go 프로젝트: dullgiulio/bruto
func (t *T) callRsaAjax(conn *backend.HTTP) error {
	req, err := conn.Get(t.urls.ajax())
	if err != nil {
		return err
	}
	req.Header.Add("X-Requested-With", "XMLHttpRequest")
	resp, err := conn.Do(req)
	if err != nil {
		return err
	}
	if resp.StatusCode != 200 {
		return errors.New(fmt.Sprintf("Invalid status code for AJAX call: %s", resp.Status))
	}
	// Don't care about body, just get the header
	io.Copy(ioutil.Discard, resp.Body)
	resp.Body.Close()
	xjson := resp.Header.Get("X-JSON")
	if xjson == "" {
		return errors.New("Response to AJAX call contained no JSON")
	}
	if err := json.Unmarshal([]byte(xjson), &t.enc); err != nil {
		return err
	}
	return nil
}
예제 #2
0
파일: typo3.go 프로젝트: dullgiulio/bruto
func (t *T) Try(conn *backend.HTTP, l gen.Login) (success bool, err error) {
	conn.Client.Timeout = backend.Config.Timeout
	req, err := conn.Get(t.urls.login())
	if err != nil {
		return false, err
	}
	resp, err := conn.Do(req)
	if err != nil {
		return false, err
	}
	if resp.StatusCode != 200 {
		return false, errors.New(fmt.Sprintf("Invalid status code for login page: %s", resp.Status))
	}
	var rsaAjax bool
	err = t.enc.pkFromHTML(resp.Body)
	resp.Body.Close()
	if err != nil {
		switch err {
		case errRsaNotFound:
			rsaAjax = true
		default:
			return
		}
	}
	if rsaAjax {
		if err = t.callRsaAjax(conn); err != nil {
			return
		}
	}
	if err = t.enc.seed(); err != nil {
		return
	}
	// Encrypt password
	pass, err := t.enc.encrypt(l.Pass)
	if err != nil {
		return
	}
	// Set request specific POST values
	conn.PostVals.Set("userident", pass)
	conn.PostVals.Set("username", l.User)
	// Post login form
	req, err = conn.Post(t.urls.login(), &conn.PostVals)
	if err != nil {
		return
	}
	conn.Header.Set("Referer", t.urls.referer())
	resp, err = conn.Do(req)
	if err != nil {
		return
	}
	// Don't care about body
	io.Copy(ioutil.Discard, resp.Body)
	resp.Body.Close()
	if resp.StatusCode != 200 {
		return false, errors.New(fmt.Sprintf("Invalid status code for login POST: %s", resp.Status))
	}
	// If the current location is "backend.php", we are in
	if strings.Index(resp.Request.URL.Path, "backend.php") >= 0 {
		success = true
	}
	return
}