| commit | author | age | ||
| 2471d3 | 1 | #!/usr/bin/env php |
| A | 2 | <?php |
| 3 | /* | |
| 4 | +-----------------------------------------------------------------------+ | |
| 30aa4c | 5 | | bin/decrypt.sh | |
| 2471d3 | 6 | | | |
| e019f2 | 7 | | This file is part of the Roundcube Webmail client | |
| f5e7b3 | 8 | | Copyright (C) 2005-2009, The Roundcube Dev Team | |
| 7fe381 | 9 | | | |
| T | 10 | | Licensed under the GNU General Public License version 3 or | |
| 11 | | any later version with exceptions for skins & plugins. | | |
| 12 | | See the README file for a full license statement. | | |
| 2471d3 | 13 | | | |
| A | 14 | | PURPOSE: | |
| 15 | | Decrypt the encrypted parts of the HTTP Received: headers | | |
| 16 | | | | |
| 17 | +-----------------------------------------------------------------------+ | |
| 18 | | Author: Tomas Tevesz <ice@extreme.hu> | | |
| 19 | +-----------------------------------------------------------------------+ | |
| 20 | */ | |
| 21 | ||
| f23ef1 | 22 | /** |
| 2471d3 | 23 | * If http_received_header_encrypt is configured, the IP address and the |
| A | 24 | * host name of the added Received: header is encrypted with 3DES, to |
| 25 | * protect information that some could consider sensitve, yet their | |
| 26 | * availability is a must in some circumstances. | |
| 27 | * | |
| 28 | * Such an encrypted Received: header might look like: | |
| 29 | * | |
| 30 | * Received: from DzgkvJBO5+bw+oje5JACeNIa/uSI4mRw2cy5YoPBba73eyBmjtyHnQ== | |
| f23ef1 | 31 | * [my0nUbjZXKtl7KVBZcsvWOxxtyVFxza4] |
| AM | 32 | * with HTTP/1.1 (POST); Thu, 14 May 2009 19:17:28 +0200 |
| 2471d3 | 33 | * |
| A | 34 | * In this example, the two encrypted components are the sender host name |
| 35 | * (DzgkvJBO5+bw+oje5JACeNIa/uSI4mRw2cy5YoPBba73eyBmjtyHnQ==) and the IP | |
| 36 | * address (my0nUbjZXKtl7KVBZcsvWOxxtyVFxza4). | |
| 37 | * | |
| 38 | * Using this tool, they can be decrypted into plain text: | |
| 39 | * | |
| 30aa4c | 40 | * $ bin/decrypt.sh 'my0nUbjZXKtl7KVBZcsvWOxxtyVFxza4' \ |
| 2471d3 | 41 | * > 'DzgkvJBO5+bw+oje5JACeNIa/uSI4mRw2cy5YoPBba73eyBmjtyHnQ==' |
| A | 42 | * 84.3.187.208 |
| 43 | * 5403BBD0.catv.pool.telekom.hu | |
| 44 | * $ | |
| 45 | * | |
| 46 | * Thus it is known that this particular message was sent by 84.3.187.208, | |
| 47 | * having, at the time of sending, the name of 5403BBD0.catv.pool.telekom.hu. | |
| 48 | * | |
| 49 | * If (most likely binary) junk is shown, then | |
| 50 | * - either the encryption password has, between the time the mail was sent | |
| f23ef1 | 51 | * and 'now', changed, or |
| 2471d3 | 52 | * - you are dealing with counterfeit header data. |
| A | 53 | */ |
| 54 | ||
| 0ea079 | 55 | define('INSTALL_PATH', realpath(__DIR__ .'/..') . '/'); |
| 6cc3f5 | 56 | |
| A | 57 | require INSTALL_PATH . 'program/include/clisetup.php'; |
| 2471d3 | 58 | |
| A | 59 | if ($argc < 2) { |
| 60 | die("Usage: " . basename($argv[0]) . " encrypted-hdr-part [encrypted-hdr-part ...]\n"); | |
| 61 | } | |
| 62 | ||
| dcc446 | 63 | $RCMAIL = rcube::get_instance(); |
| 2471d3 | 64 | |
| A | 65 | for ($i = 1; $i < $argc; $i++) { |
| 66 | printf("%s\n", $RCMAIL->decrypt($argv[$i])); | |
| 67 | }; | |
