phillipmcsa

<? $xtm = 'http://x.x.x.x:4106/wgcgi.cgi' ; $action = $_GET['action']; $ts = $_GET['ts']; $sn = $_GET['sn']; $mac = $_GET['mac']; $redirect = $_GET['redirect']; // create hash sh1 (timestamp + serial_no + mac + success + sess_timeout + idle_timeout + secret) $secret = 'thatsthekey'; $success = '1'; $sess_timeout = '60'; $idle_timeout = '30'; $hash_string = $ts . $sn . $mac . $sucess . $sess_timeout . $idle_timeout . $secret; $sig = sha1($hash_string); ?> <a href="http://x.x.x.x:4106/wgcgi.cgi?action=hotspot_auth&ts=<? echo $ts; ?>&success=1&sess_timeout=60&idle_timeout=30&sig=<? echo $sig; ?>&redirect=http://www.google.com/">click</a>

This is the PHP just to create a simple link without any decision making or real authentication <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> </head> <body> <br /> <? $xtm = 'http://10.0.7.1:4106/wgcgi.cgi' ; $action = $_GET['action']; $ts = $_GET['ts']; $sn = $_GET['sn']; $mac = $_GET['mac']; $redirect = $_GET['redirect']; // create hash sh1 (timestamp + serial_no + mac + success + sess_timeout + idle_timeout + secret) $secret = 'thatsthekey'; $success = '1'; $sess_timeout = '60'; $idle_timeout = '30'; $hash_string = $ts . $sn . $mac . $sucess . $sess_timeout . $idle_timeout . $secret; $sig = sha1($hash_string); ?> <a href="http://10.0.7.1:4106/wgcgi.cgi?action=hotspot_auth&ts=<? echo $ts; ?>&success=1&sess_timeout=60&idle_timeout=30&sig=<? echo $sig; ?>&redirect=http://www.google.com/">click</a> <br /> <br /> <br /> <br /> <br /> </body> </html>

#!/Python27/python import sys import os import hashlib import cgi import cgitb cgitb.enable() # The page #1, that receives the Access-Request-URL, for example # http://<ip>:<port>/welcome.py?xtm=[url=http://172.26.0.1:4106/wgcgi.cgi&action=hotspot_auth&ts=1344238620 ]http://172.26.0.1:4106/wgcgi.cgi&action=hotspot_auth&ts=1344238620 [/url] # &sn=70AB02716F745&mac=9C:4E:36:30:2D:28&redirect=[url=http://www.bing.com/]http://www.bing.com/[/url] def welcome(): # parse the parameters xtm = "" if "xtm" in form: xtm = form["xtm"].value action = "" if "action" in form: action = form["action"].value timestamp = "" if "ts" in form: timestamp = form["ts"].value serial_no = "" if "sn" in form: serial_no = form["sn"].value mac = "" if "mac" in form: mac = form["mac"].value redirect = "" if "redirect" in form: redirect = form["redirect"].value print "Content-type: text/html\n" print '<html>' print '<head>' print style print '</head>' print '<body>' print '<div class="background">' print '<div class="transbox">' print "<h1>Joe's Cafe</h1>" print "<h2>Welcome to free Wi-Fi</h2>" print "<p>This location provides free wireless services. Our customers may surf the Internet at no charge after registering with our service. Please enter your email address and the order number from your receipt below.</p>" print '<div id="register">' if xtm == "" or action == "" or timestamp == "" or serial_no == "" or mac == "" or redirect == "": print "<b> Invalid Request, missing some parameters </b>" else: # show the form print '<form name="register" id="register" method="POST" action="welcome.py">' print '<ul>' print '<li><label>Email:</label><input type="text" name="email_address"></li>' print '<li><label>Receipt:</label><input type="text" name="order_number"></li>' print '<li><label> </label><input type="submit" value="Register" class="submit"></li>' print '<input type="hidden" name="mac" value="'+mac+'">' print '<input type="hidden" name="ts" value="'+timestamp+'">' print '</ul>' print '</form>' print "</div>" print "</div>" print "</div>" # show the annotation print "<hr>" print '<div style="color:gray">' print "This page is envoked by the Access-Request-URL redirected from XTM. <br>" print "The interesting parameters from the URL are <br>" print "<b>xtm</b>="+xtm+"<br>" print "<b>action</b>="+action+"<br>" print "<b>timestamp</b>=" + timestamp+ "<br>" print "<b>serial_no</b>="+ serial_no+ "<br>" print "<b>mac</b>="+ mac+ "<br>" print "<b>redirect</b>="+ redirect+ "<br>" # save request information per mac address and timestamp if mac != "": x = mac.split(':') fn = '_'.join(x) f = open('C:/Apache24/1hotspot/'+timestamp+'_'+fn, 'w') f.write(xtm+' '+action+' '+serial_no+' '+redirect) f.close() print "We save xtm, action, serial_no, and redirect in a local file", 'C:/Apache24/1hotspot/'+timestamp+'_'+fn print "</div>" print '</body>' print '</html>' # The page #2, that can send out the Access-Decision-URL def register(): print "Content-type: text/html\n" print '<html>' print '<head>' print style print '</head>' print '<body>' print '<div class="background">' print '<div class="transbox">' if "order_number" not in form or "email_address" not in form: # user did not enter necessary info print "<h2>Please return to previous page, and enter order number and email address.</h2>" else: # get the request information saved in the file timestamp = form["ts"].value mac = form["mac"].value x = mac.split(':') fn = '_'.join(x) f = open('C:/Apache24/1hotspot/'+timestamp+'_'+fn) lines = f.readlines() f.close() w = lines[0].split() xtm = w[0] action = w[1] serial_no = w[2] redirect = w[3] # calculate hash #f = open('c:/www/hotspotdocs/secret') #lines = f.readlines() #f.close() #secret = lines[0] secret = 'thatsthekey' success = '1' sess_timeout = '60' idle_timeout = '30' m = hashlib.sha1() m.update(timestamp+serial_no+mac+success+sess_timeout+idle_timeout+secret) sig = m.hexdigest() # The main text print "<p>Value: ",timestamp+serial_no+mac+success+sess_timeout+idle_timeout+secret,"</p>" print "<h1>Joe's Cafe</h1>" print "<h2>Hello", form["email_address"].value, "</h2>" print "<h2>Your order number is", form["order_number"].value, "</h2>" # Create a link with the URL url = xtm+"?action="+action+"&ts="+timestamp+"&success=1&sess_timeout=60&idle_timeout=30&sig="+sig+"&redirect="+redirect print "<p>Thank you for visiting Joe's Cafe, press this "'<a href="', url, '">Connect</a>'" link or the button below to get access to the Internet.</p>" # Create a form with the URL print '<form name="register" id="register" action="'+ xtm +'" method="post">' print '<ul>' print '<li><label> </label><input type="submit" name="Connect" value="Connect" class="submit"></li>' print '<input type="hidden" name="action" value="'+action+'">' print '<input type="hidden" name="ts" value="'+timestamp+'">' print '<input type="hidden" name="success" value="1">' print '<input type="hidden" name="sess_timeout" value="60">' print '<input type="hidden" name="idle_timeout" value="30">' print '<input type="hidden" name="sig" value="'+sig+'">' print '<input type="hidden" name="redirect" value="'+redirect+'">' print '</ul>' print '</form>' print '</div>' print '</div>' # show the annotation print "<hr>" print '<div style="color:gray">' print "<b>URL</b> of the link is "+url print "<p>Note the URL is point to XTM. XTM will process it. It is constructed from data saved in ", 'C:/Apache24/1hotspot/'+timestamp+'_'+fn print "</div>" print '</body>' print '</html>' # The page #3, triggered by error in Access-Decision-URL. For example, # http://<ip>:<port>/welcome.py?error=510&sn=70AB02716F745&mac=9C:4E:36:30:2D:28 def error(): serial_no = "" if "sn" in form: serial_no = form["sn"].value mac = "" if "mac" in form: mac = form["mac"].value print '<html>' print '<head>' print style print '</head>' print '<body>' print '<div class="background">' print '<div class="transbox">' print "<h1>Joe's Cafe</h1>" print "<h2>We encountered a difficulty to grant you access to Internet.</h2>" print "<h2>Error code="+form["error"].value+"</h2>" print '</div>' print '</div>' # show the annotation print "<hr>" print '<div style="color:gray">' print "This indicates XTM (", serial_no, ") did not successfully grant access to the mac address", mac print "</div>" print '</body>' print '</html>' # read the css file css = open('C:/Apache24/1hotspot/style.css') style = css.read() # determine whether this is for page #1 or page #2 form = cgi.FieldStorage() # parse query if "order_number" in form: register() elif "error" in form: error() else: welcome() # close the css file css.close()

Hi Jacques1, The story is, there is a firewall device that enable hotspot authentication using external web Watchguard only provide example with python language without any support for PHP because this is 'additional' feature, not really related to firewalling thing As I read the script, it supposedly pass simple string back to Watchguard and off they go to browse the net If I can trouble anyone here whom expert in Python, explaining what and why the PHP did not work, will be greatly appreciated I will paste both Python and PHP separately to make it easier to read

Hi Jacques1, Mmmm.... you maybe right here... The code is not working for me, I get error telling me that the signature is incorrect ($nonsense_hash) And I directly under assumption that the PHP coding is incorrect So do you think this code $nonsense_hash = sha1($session_data); should do or replicated correctly with that Python script? I am also awaiting answer from the other end to confirm, but it will takes another 4 days before I get an answer....

Hi Jacques1, Thanks for your reply I understood what are you trying to help, but, I have to stuck with its rule this time The magic clue I had is this "A hex encoded string in lower case. It is a SHA1 checksum" and the sample of that Python script This is a supposedly a script to pass information back and forth into another system, so I have to follow exact requirement there... Appreciate your help and will be glad if you can guide me a bit more Cheers

Hi There, I run into trouble converting a code from Python into PHP It said I need to have sha1 hash, but I have no clue what will the code on PHP to replace this Big thanks in advance secret = 'se:cr:et:co:de' success = '1' sess_timeout = '60' idle_timeout = '30' m = hashlib.sha1() m.update(success+sess_timeout+idle_timeout+secret) sig = m.hexdigest() I did try with this but its not working or maybe its wrong anyway $string1 = $success+$sess_timeout+$idle_timeout+$secret; $string2 = $success.$sess_timeout.$idle_timeout.$secret; $sig = sha1($string1); or $sig = sha1($string2); or $sig = mhash('sha1',$string1); or $sig = mhash('sha1',$string2);