Aleksander Machniak
2016-05-20 9e64dc2debfa1c7410f82bf71f4d10856751e258
commit | author | age
2471d3 1 #!/usr/bin/env php
A 2 <?php
3 /*
4  +-----------------------------------------------------------------------+
30aa4c 5  | bin/decrypt.sh                                                        |
2471d3 6  |                                                                       |
e019f2 7  | This file is part of the Roundcube Webmail client                     |
f5e7b3 8  | Copyright (C) 2005-2009, The Roundcube Dev Team                       |
7fe381 9  |                                                                       |
T 10  | Licensed under the GNU General Public License version 3 or            |
11  | any later version with exceptions for skins & plugins.                |
12  | See the README file for a full license statement.                     |
2471d3 13  |                                                                       |
A 14  | PURPOSE:                                                              |
15  |   Decrypt the encrypted parts of the HTTP Received: headers           |
16  |                                                                       |
17  +-----------------------------------------------------------------------+
18  | Author: Tomas Tevesz <ice@extreme.hu>                                 |
19  +-----------------------------------------------------------------------+
20 */
21
f23ef1 22 /**
2471d3 23  * If http_received_header_encrypt is configured, the IP address and the
A 24  * host name of the added Received: header is encrypted with 3DES, to
25  * protect information that some could consider sensitve, yet their
26  * availability is a must in some circumstances.
27  *
28  * Such an encrypted Received: header might look like:
29  *
30  * Received: from DzgkvJBO5+bw+oje5JACeNIa/uSI4mRw2cy5YoPBba73eyBmjtyHnQ==
f23ef1 31  *  [my0nUbjZXKtl7KVBZcsvWOxxtyVFxza4]
AM 32  *  with HTTP/1.1 (POST); Thu, 14 May 2009 19:17:28 +0200
2471d3 33  *
A 34  * In this example, the two encrypted components are the sender host name
35  * (DzgkvJBO5+bw+oje5JACeNIa/uSI4mRw2cy5YoPBba73eyBmjtyHnQ==) and the IP
36  * address (my0nUbjZXKtl7KVBZcsvWOxxtyVFxza4).
37  *
38  * Using this tool, they can be decrypted into plain text:
39  *
30aa4c 40  * $ bin/decrypt.sh 'my0nUbjZXKtl7KVBZcsvWOxxtyVFxza4' \
2471d3 41  * > 'DzgkvJBO5+bw+oje5JACeNIa/uSI4mRw2cy5YoPBba73eyBmjtyHnQ=='
A 42  * 84.3.187.208
43  * 5403BBD0.catv.pool.telekom.hu
44  * $
45  *
46  * Thus it is known that this particular message was sent by 84.3.187.208,
47  * having, at the time of sending, the name of 5403BBD0.catv.pool.telekom.hu.
48  *
49  * If (most likely binary) junk is shown, then
50  *  - either the encryption password has, between the time the mail was sent
f23ef1 51  *    and 'now', changed, or
2471d3 52  *  - you are dealing with counterfeit header data.
A 53  */
54
0ea079 55 define('INSTALL_PATH', realpath(__DIR__ .'/..') . '/');
6cc3f5 56
A 57 require INSTALL_PATH . 'program/include/clisetup.php';
2471d3 58
A 59 if ($argc < 2) {
60     die("Usage: " . basename($argv[0]) . " encrypted-hdr-part [encrypted-hdr-part ...]\n");
61 }
62
dcc446 63 $RCMAIL = rcube::get_instance();
2471d3 64
A 65 for ($i = 1; $i < $argc; $i++) {
66     printf("%s\n", $RCMAIL->decrypt($argv[$i]));
67 };