summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAnton Luka Šijanec <sijanecantonluka@gmail.com>2020-01-03 00:35:44 +0100
committerAnton Luka Šijanec <sijanecantonluka@gmail.com>2020-01-03 00:35:44 +0100
commit3ae517757c61daa5e1a6700925af095b1ee4c5b5 (patch)
tree9143075340219a4a388f65ed20093b2dd7d73ef2
parentfirst commit (diff)
downloaditisclient-3ae517757c61daa5e1a6700925af095b1ee4c5b5.tar
itisclient-3ae517757c61daa5e1a6700925af095b1ee4c5b5.tar.gz
itisclient-3ae517757c61daa5e1a6700925af095b1ee4c5b5.tar.bz2
itisclient-3ae517757c61daa5e1a6700925af095b1ee4c5b5.tar.lz
itisclient-3ae517757c61daa5e1a6700925af095b1ee4c5b5.tar.xz
itisclient-3ae517757c61daa5e1a6700925af095b1ee4c5b5.tar.zst
itisclient-3ae517757c61daa5e1a6700925af095b1ee4c5b5.zip
-rw-r--r--README.md16
-rwxr-xr-xfetcheveryone.php18
-rwxr-xr-xjsontohtml.php8
-rw-r--r--main.php231
4 files changed, 273 insertions, 0 deletions
diff --git a/README.md b/README.md
index 3f22bbf..be3b956 100644
--- a/README.md
+++ b/README.md
@@ -1 +1,17 @@
# itisclient
+
+to get everyone in iTIS directory as a json file:
+
+```
+./fetcheveryone.php
+```
+
+and let it run for a couple of minutes (?)
+
+registration not added yet, no captcha=>should be simple, but a SMTP listener client will have to be implemented
+
+# exploits!!!
+
+yes, exploits indeed. Every. Single. Aspx. Site. Exploits. I mean what do they think (ASP.NET devs in general)?
+
+/exploits coming soon!/
diff --git a/fetcheveryone.php b/fetcheveryone.php
new file mode 100755
index 0000000..7222729
--- /dev/null
+++ b/fetcheveryone.php
@@ -0,0 +1,18 @@
+#!/usr/bin/env php
+<?php
+require_once "main.php";
+$i = new itisClient();
+$i->setusername("subidubi");
+$i->setpassword("T2J7QCZWCF");
+$slovenija = array();
+foreach($i->fetchregije() as $regija) {
+ $slovenija[$regija] = array();
+ foreach($i->fetchkontakti(0, $regija) as $kontakt) {
+ $slovenija[$regija][] = $i->fetchoseba($kontakt);
+ }
+}
+file_put_contents(date("d.m.Y-H.i.s").".json", json_encode($slovenija));
+
+
+
+
diff --git a/jsontohtml.php b/jsontohtml.php
new file mode 100755
index 0000000..6412c75
--- /dev/null
+++ b/jsontohtml.php
@@ -0,0 +1,8 @@
+#!/usr/bin/env php
+<?php
+class jsonHtml {
+public function jsonToDebug($jsonText = ''){ $arr = json_decode($jsonText, true); $html = ""; if ($arr && is_array($arr)) { $html .= self::_arrayToHtmlTableRecursive($arr); } return $html;}
+public function _arrayToHtmlTableRecursive($arr) { $str = "<style>table,td,tr,th{border:1px solid black;}</style><table><tbody>"; foreach ($arr as $key => $val) { $str .= "<tr>"; $str .= "<td>$key</td>"; $str .= "<td>"; if (is_array($val)) { if (!empty($val)) { $str .= self::_arrayToHtmlTableRecursive($val); } } else { $str .= "<strong>$val</strong>"; } $str .= "</td></tr>"; } $str .= "</tbody></table>"; return $str;}
+}
+file_put_contents($argv[2], jsonHtml::jsonToDebug(file_get_contents($argv[1])));
+?>
diff --git a/main.php b/main.php
new file mode 100644
index 0000000..37fcbfa
--- /dev/null
+++ b/main.php
@@ -0,0 +1,231 @@
+<?php
+function strip_tags_content($text, $tags = '', $invert = FALSE) {
+ preg_match_all('/<(.+?)[\s]*\/?[\s]*>/si', trim($tags), $tags);
+ $tags = array_unique($tags[1]);
+ if(is_array($tags) AND count($tags) > 0) {
+ if($invert == FALSE) {
+ return preg_replace('@<(?!(?:'. implode('|', $tags) .')\b)(\w+)\b.*?>.*?</\1>@si', '', $text);
+ }
+ else {
+ return preg_replace('@<('. implode('|', $tags) .')\b.*?>.*?</\1>@si', '', $text);
+ }
+ }
+ elseif($invert == FALSE) {
+ return preg_replace('@<(\w+)\b.*?>.*?</\1>@si', '', $text);
+ }
+ return $text;
+}
+function DOMinnerHTML(DOMNode $element) {
+ $innerHTML = "";
+ $children = $element->childNodes;
+ foreach ($children as $child) {
+ $innerHTML .= $element->ownerDocument->saveHTML($child);
+ }
+ return $innerHTML;
+}
+function endsWith($haystack, $needle) {
+ $length = strlen($needle);
+ if ($length == 0) {
+ return true;
+ }
+ return (substr($haystack, -$length) === $needle);
+}
+function startsWith ($string, $startString) {
+ $len = strlen($startString);
+ return (substr($string, 0, $len) === $startString);
+}
+function get_string_between($string, $start, $end){
+ $string = ' ' . $string;
+ $ini = strpos($string, $start);
+ if ($ini == 0) return '';
+ $ini += strlen($start);
+ $len = strpos($string, $end, $ini) - $ini;
+ return substr($string, $ini, $len);
+}
+/*
+Errors:
+ -1 username or password not specified (aj blin dis a mast sou dej hev jor informejšon)
+ -2 you are not logged in (aj blin trms of srvis bi neseseri)
+ -3 bad username and/or password (diplomatski odgovor ;-)
+ -4 not written yet (suka bljet)
+ -5 session exists in another system (sucky)
+ -6
+*/
+ class itisClient {
+ private $username;
+ private $password;
+ public $version = array(0, 0, 1);
+ private $programname = "itisclient";
+ private $programdomain = 'itisclient.sijanec.tk';
+ private $cookiedir; // set at runtime, ker je get_curerent_user, v login()
+ private $mainpage = "https://www.itis.si/";
+ private $mainpageaction = "https://www.itis.si/?rw=1";
+ private $iskanjestran = "https://www.itis.si/iskanje/stran-";
+ public function setusername($value) {
+ $this->username = $value;
+ }
+ public function setpassword($value) {
+ $this->password = $value;
+ }
+ private function get($property) {
+ return $this->$property;
+ }
+ public function getversion() {
+ return $this->version;
+ }
+ private function login() {
+ if (empty($this->username) || empty($this->password)) {
+ return -1;
+ }
+ $this->cookiedir = '/tmp/'.posix_getuid().'/'.$this->programdomain.'/cookiedir/';
+ if (!is_dir($this->cookiedir.$this->username)) {
+ if (!mkdir($this->cookiedir.$this->username, 0700, true)) { // x permišn mora bit', da lahko dela poddirektorije, hence true, hence 0700; group in others pa je 0, da ne morejo brati piškotkov!!! zeloo pomembno!
+ return -5;
+ }
+ }
+ $ch = curl_init();
+ // curl_setopt($ch, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_0);
+ curl_setopt($ch, CURLOPT_COOKIESESSION, true );
+ curl_setopt($ch, CURLOPT_COOKIEJAR, $this->cookiedir.$this->username."/cookie.txt" ); // cookiejar
+ curl_setopt($ch, CURLOPT_COOKIEFILE, $this->cookiedir.$this->username."/cookie.txt" ); // coolie file // this scuks
+ // curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
+ // curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
+ // curl_setopt($ch, CURLOPT_HEADER, 1); // return headers?
+ curl_setopt($ch, CURLOPT_VERBOSE, TRUE);
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // return transfer?
+ curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); // follow 3xx redirects?
+ curl_setopt($ch, CURLOPT_MAXREDIRS, 10); // max 3xx redirectas?
+ curl_setopt($ch, CURLOPT_USERAGENT, $this->programdomain."/".implode(".", $this->version));
+ curl_setopt($ch, CURLOPT_AUTOREFERER, 1); // auto send refereres?
+ curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10); // timeout for tcp connection
+ curl_setopt($ch, CURLOPT_TIMEOUT, 10); // timeout for http response
+ curl_setopt($ch, CURLOPT_URL, $this->mainpage);
+ curl_setopt($ch, CURLOPT_POST, 0);
+ $login_page = curl_exec($ch);
+ $xmlDoc = new DOMDocument();
+ $xmlDoc->loadHTML( $login_page );
+ $formNode = $xmlDoc->getElementsByTagName( "form" )[0]; // only one form
+ $searchNode = $formNode->getElementsByTagName("input");
+ foreach( $searchNode as $sn ) {
+ if($sn->getAttribute('name') != 'ctl00$navigationLogin$tbUsername' && $sn->getAttribute('name') != 'ctl00$navigationLogin$tbPassword' &&
+ $sn->getAttribute("type") != "submit")
+ $postvars .= urlencode($sn->getAttribute('name'))."=".urlencode($sn->getAttribute('value'))."&";
+ }
+ curl_setopt($ch, CURLOPT_URL, $this->mainpageaction);
+ curl_setopt($ch, CURLOPT_POST, 1);
+ $postbody = $postvars.urlencode('ctl00$navigationLogin$tbUsername')."=".urlencode($this->username)."&".
+ urlencode('ctl00$navigationLogin$tbPassword')."=".urlencode($this->password)."&".urlencode('ctl00$navigationLogin$btnLogin')."=".
+ urlencode("PRIJAVA");
+ curl_setopt($ch, CURLOPT_POSTFIELDS, $postbody);
+ $login_output = curl_exec($ch);
+ $xmlDoc = new DOMDocument();
+ $xmlDoc->loadHTML( $login_output );
+ $searchNode = $xmlDoc->getElementsByTagName( "div" );
+ foreach( $searchNode as $sn ) {
+ if($sn->getAttribute('id') == 'navigationLogin_divNapaka') {
+ if (DOMinnerHTML($sn) == 'Napačno uporabniško ime in/ali geslo.') {
+ return -3;
+ } else if(DOMinnerHTML($sn) ==
+ 'To uporabniško ime je v že v uporabi na drugem računalniku. Odjavite se iz drugega računalnika ali počakajte, da vam poteče seja.') {
+ return -5; // holy shit u fukkin kill.d her, TSMedia!
+ }
+ }
+ }
+ return $ch;
+ }
+ public function fetchregije() {
+ $ch = $this->login();
+ if(!curl_getinfo($ch)) {
+ if(!empty($ch)){return $ch;}else{return -2;}
+ }
+ curl_setopt($ch, CURLOPT_URL, $this->mainpage);
+ curl_setopt($ch, CURLOPT_POST, 0);
+ $request_output = curl_exec($ch);
+ $xmlDoc = new DOMDocument();
+ $xmlDoc->loadHTML( $request_output );
+ $searchNode = $xmlDoc->getElementById( "search_ddlRegion" )->getElementsByTagName("option");
+ $regije=array();
+ foreach( $searchNode as $sn ) {
+ if(!empty($sn->getAttribute("value"))) $regije[] = $sn->getAttribute("value");
+ }
+ return $regije;
+ }
+ public function fetchkontakti($kajsplohiscemo = 0, $regija = "GORENJSKA") { // kajsplohiscemo-bool=[0-osebe]/1-podjetja regija-string=[GORENJSKA]/...
+ $ch = $this->login();
+ if(!curl_getinfo($ch)) {
+ if(!empty($ch)){return $ch;}else{return -2;}
+ }
+ if($kajsplohiscemo) {
+ $barva = "yellow"; // wtf, Adacta
+ return -4;
+ } else {$barva = "white";}
+ curl_setopt($ch, CURLOPT_POST, 0);
+ curl_setopt($ch, CURLOPT_URL, $this->mainpage);
+ $request_init_output = curl_exec($ch);
+ $xmlDoc = new DOMDocument($request_init_output);
+ $xmlDoc->loadHTML( $request_init_output );
+ $searchNode = $xmlDoc->getElementsByTagName("form")[0]->getElementsByTagName( "input" );
+ foreach( $searchNode as $sn ) {
+ if($sn->getAttribute("name") != 'ctl00$search$hfSearchMode' && $sn->getAttribute("name") != 'ctl00$search$ddlRegion') {
+ $postvars .= urlencode($sn->getAttribute('name'))."=".urlencode($sn->getAttribute('value')).'&';
+ }
+ }
+ curl_setopt($ch, CURLOPT_POST, 1);
+ // curl_setopt($ch, CURLOPT_HEADER, array('array("Content-Type: multipart/form-data")'));
+ curl_setopt($ch, CURLOPT_URL, $this->mainpageaction);
+ $postbody=$postvars.urlencode('ctl00$search$hfSearchMode').'='.urlencode($barva).'&'.urlencode('ctl00$search$ddlRegion').'='.
+ urlencode($regija).'&__EVENTTARGET=&__EVENTARGUMENT=&ctl00%24search%24hfSearchFormMode=2&ctl00%24search%24ddlAreaCode=&ctl00%24search%24ddlWorkingHoursDay=&ctl00%24search%24ddlWorkingHoursFrom=&ctl00%24search%24ddlWorkingHoursTo=&ctl00%24search%24ddlAdditionalOptions=&hiddenInputToUpdateATBuffer_CommonToolkitScripts=1'; // (-;
+ if($kajsplohiscemo){ $postbody .= '&'.urlencode('ctl00$search$btnSearchAlt').'='.urlencode('NAJDI');} // THIS FINNALY WORKS BUT ONLY FOR
+ else {$postbody .= '&'.urlencode('ctl00$search$btnSearch').'='.urlencode('IŠČI');} // LOGGED IN USERS! DON'T TOUCH
+ curl_setopt($ch, CURLOPT_POSTFIELDS, $postbody); // THE ANCIENT CODE!
+ $request_output = curl_exec($ch); // https://www.reddit.com/r/ProgrammerHumor/comments/9xat04/the_ancient_code/
+ curl_setopt($ch, CURLOPT_POST, 0);
+ curl_setopt($ch, CURLOPT_URL, $this->iskanjestran."064176345"); // just a big intager
+ $request_after_output = curl_exec($ch);
+ $xmlDoc = new DOMDocument($request_after_output);
+ $xmlDoc->loadHTML($request_after_output);
+ $zadnjastran = explode("-", $xmlDoc->getElementById("CPH_bodyMain_SearchResultsStatic1_ResultsPagerStatic1_aLastPage")->getAttribute("href"))[1];
+ $kontakti = array();
+ for($i = 1; $i <= $zadnjastran; $i++) {
+ curl_setopt($ch, CURLOPT_POST, 0);
+ curl_setopt($ch, CURLOPT_URL, $this->iskanjestran.$i); // just a bing intager
+ $request_loop_output = curl_exec($ch);
+ $xmlDoc = new DOMDocument($request_loop_output);
+ $xmlDoc->loadHTML($request_loop_output);
+ $searchNode = $xmlDoc->getElementById('CPH_bodyMain_SearchResultsStatic1_UpdatePanelSearchResults')->getElementsByTagName("a");
+ foreach($searchNode as $sn) {
+ if(startsWith($sn->getAttribute("href"), "/oseba/")) $kontakti[] = filter_var("https://www.itis.si".$sn->getAttribute("href"), FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_HIGH); // just don't change your domain
+ }
+ }
+ return $kontakti;
+ }
+ public function fetchoseba($personlink) { // personlink, začenjši z https://www.itis.si/oseba/
+ $ch = $this->login();
+ if(!curl_getinfo($ch)) {
+ if(!empty($ch)){return $ch;}else{return -2;}
+ }
+ curl_setopt($ch, CURLOPT_URL, $personlink);
+ curl_setopt($ch, CURLOPT_POST, 0);
+ $request_output = curl_exec($ch);
+ file_put_contents("/tmp/69.txt", $request_output);
+ $xmlDoc = new DOMDocument($request_output);
+ $xmlDoc->loadHTML($request_output);
+ $oseba = array();
+ $oseba['name'] = DOMinnerHTML($xmlDoc->getElementsByTagName("h1")[0]);
+ foreach ($xmlDoc->getElementsByTagName('a') as $ej) {
+ if (endsWith($ej->getAttribute("id"), "hlMapAddress")) {
+ $addresstext = $ej;
+ }
+ }
+ $oseba['address'] = explode('<br>', str_replace("\n", null, str_replace("\r", null, str_replace(" ", null, DOMinnerHTML($addresstext)))));
+ $oseba['nr'] = array();
+ foreach($xmlDoc->getElementsByTagName("div") as $sn) {
+ if($sn->getAttribute("class") == "nr") $oseba['nr'][] = str_replace(" ", null, strip_tags_content(DOMinnerHTML($sn)));
+ }
+ $oseba['nr'] = array_unique($oseba['nr']);
+ $oseba['gps'] = get_string_between($ej->getAttribute("href"), 'javascript:openMap(',
+ ",'".$oseba['name']);
+ return $oseba;
+ }
+ }
+?>