Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- $ntlmserver = "smtpserver.local";
- function left($string, $count){
- return substr($string, 0, $count);
- }
- $headers = apache_request_headers();
- if (!isset($headers['Authorization'])){
- header('HTTP/1.1 401 Unauthorized');
- header('WWW-Authenticate: NTLM');
- exit;
- }
- $auth = $headers['Authorization'];
- if (substr($auth,0,5) == 'NTLM ') {
- $msg = base64_decode(substr($auth, 5));
- if (substr($msg, 0, 8) != "NTLMSSP\x00")
- die('error header not recognised');
- if ($msg[8] == "\x01") {
- $holder = apache_request_headers();
- $_SESSION['TYPE1MSG'] = $holder['Authorization'];
- if(!$_SESSION['AUTH']){
- $smtp_server = pfsockopen($ntlmserver, 25, $errno, $errstr, 30);
- if(!$smtp_server)
- {
- exit;
- }
- fwrite($smtp_server, "EHLO\r\n");
- $stop=0;
- while (!$stop)
- {
- $data = fgets($smtp_server, 512);
- if(left($data,6)=="250 OK")
- {
- fwrite($smtp_server, "AUTH $_SESSION[TYPE1MSG]\r\n");
- }
- else if(left($data,3)=="334")
- {
- $_SESSION['TYPE2MSG']=substr($data,4);
- $stop=1;
- }
- }
- $_SESSION['AUTH']=1;
- }
- $msg2 = $_SESSION['TYPE2MSG'];
- header('HTTP/1.1 401 Unauthorized');
- header('WWW-Authenticate: NTLM '.trim($msg2));
- exit;
- }
- else if ($msg[8] == "\x03") {
- $holder = apache_request_headers();
- $_SESSION['TYPE3MSG'] = substr($holder['Authorization'],5);
- if(!$_SESSION['AUTH2']){
- $smtp_server = pfsockopen($ntlmserver, 25, $errno, $errstr, 30);
- if(!$smtp_server)
- {
- exit;
- }
- $stop=0;
- fwrite($smtp_server, "$_SESSION[TYPE3MSG]\r\n");
- while (!$stop)
- {
- $data = fgets($smtp_server, 512);
- //print_r($data);
- if(left($data,3)=="235")
- {
- $_SESSION['AUTH']="235";
- $stop=1;
- }
- else if(left($data,3)=="535")
- {
- $_SESSION['AUTH']="535";
- $stop=1;
- exit;
- }
- }
- fwrite($smtp_server, "QUIT\r\n");
- fclose($smtp_server);
- $_SESSION['AUTH2']=1;
- }
- function get_msg_str($msg, $start, $unicode = true) {
- $len = (ord($msg[$start+1]) * 256) + ord($msg[$start]);
- $off = (ord($msg[$start+5]) * 256) + ord($msg[$start+4]);
- if ($unicode)
- return str_replace("\0", '', substr($msg, $off, $len));
- else
- return substr($msg, $off, $len);
- }
- $_SESSION['USER'] = get_msg_str($msg, 36);
- $_SESSION['DOMAIN'] = get_msg_str($msg, 28);
- $_SESSION['WORKSTATION'] = get_msg_str($msg, 44);
- //print_r($auth);
- }
- }
- print_r($_SESSION);
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement