diff options
| author | Nat Lasseter <user@4574.co.uk> | 2025-02-20 09:30:02 +0000 |
|---|---|---|
| committer | Nat Lasseter <user@4574.co.uk> | 2025-02-20 09:30:02 +0000 |
| commit | 7fb46692a2e7ea49b9ff0e6690fbdeefb7fbdbb8 (patch) | |
| tree | d30acd4ed3b70a519d3dc10eb37fc5733d5a2b83 /5.1/mail.rb | |
| parent | 1becf51a5673acf0eab38c2abe568ca23b3da680 (diff) | |
Diffstat (limited to '5.1/mail.rb')
| -rwxr-xr-x | 5.1/mail.rb | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/5.1/mail.rb b/5.1/mail.rb index f0be986..6adf021 100755 --- a/5.1/mail.rb +++ b/5.1/mail.rb @@ -9,6 +9,17 @@ set :port, 4568 Service = "Mail" ServicePassword = "{FvM<kgG}VpHxKJO;6Zo" +ReplayCache = [] + +def update_replaycache!(new_auth) + ReplayCache.push(new_auth) + now = Time.now.to_i + ReplayCache.delete_if { |auth| + _, _, als, ats = auth.split(?,) + now > als.to_i + ats.to_i + } +end + def decrypt(obj, key) ticket = [obj].pack("H*").unpack("C*").pack("c*") cipher = OpenSSL::Cipher::AES.new(256, :CBC).decrypt @@ -30,7 +41,10 @@ post '/login' do next "Ticket expired\n" unless Time.now.to_i < (ts + ls) begin - aun, aws, als, ats = decrypt(data["authenticator"], sk).split(?,) + auth = decrypt(data["authenticator"], sk) + next "Replayed authenticator\n" if ReplayCache.include?(auth) + update_replaycache!(auth) + aun, aws, als, ats = auth.split(?,) als = als.to_i ats = ats.to_i rescue OpenSSL::Cipher::CipherError |