diff options
Diffstat (limited to '5.1/mail.rb')
| -rwxr-xr-x | 5.1/mail.rb | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/5.1/mail.rb b/5.1/mail.rb index f0be986..6adf021 100755 --- a/5.1/mail.rb +++ b/5.1/mail.rb @@ -9,6 +9,17 @@ set :port, 4568 Service = "Mail" ServicePassword = "{FvM<kgG}VpHxKJO;6Zo" +ReplayCache = [] + +def update_replaycache!(new_auth) + ReplayCache.push(new_auth) + now = Time.now.to_i + ReplayCache.delete_if { |auth| + _, _, als, ats = auth.split(?,) + now > als.to_i + ats.to_i + } +end + def decrypt(obj, key) ticket = [obj].pack("H*").unpack("C*").pack("c*") cipher = OpenSSL::Cipher::AES.new(256, :CBC).decrypt @@ -30,7 +41,10 @@ post '/login' do next "Ticket expired\n" unless Time.now.to_i < (ts + ls) begin - aun, aws, als, ats = decrypt(data["authenticator"], sk).split(?,) + auth = decrypt(data["authenticator"], sk) + next "Replayed authenticator\n" if ReplayCache.include?(auth) + update_replaycache!(auth) + aun, aws, als, ats = auth.split(?,) als = als.to_i ats = ats.to_i rescue OpenSSL::Cipher::CipherError |