| 1 | #!/usr/bin/env php |
|---|
| 2 | <?php |
|---|
| 3 | /* |
|---|
| 4 | +-----------------------------------------------------------------------+ |
|---|
| 5 | | bin/decrypt.sh | |
|---|
| 6 | | | |
|---|
| 7 | | This file is part of the Roundcube Webmail client | |
|---|
| 8 | | Copyright (C) 2005-2009, The Roundcube Dev Team | |
|---|
| 9 | | | |
|---|
| 10 | | Licensed under the GNU General Public License version 3 or | |
|---|
| 11 | | any later version with exceptions for skins & plugins. | |
|---|
| 12 | | See the README file for a full license statement. | |
|---|
| 13 | | | |
|---|
| 14 | | PURPOSE: | |
|---|
| 15 | | Decrypt the encrypted parts of the HTTP Received: headers | |
|---|
| 16 | | | |
|---|
| 17 | +-----------------------------------------------------------------------+ |
|---|
| 18 | | Author: Tomas Tevesz <ice@extreme.hu> | |
|---|
| 19 | +-----------------------------------------------------------------------+ |
|---|
| 20 | */ |
|---|
| 21 | |
|---|
| 22 | /*- |
|---|
| 23 | * If http_received_header_encrypt is configured, the IP address and the |
|---|
| 24 | * host name of the added Received: header is encrypted with 3DES, to |
|---|
| 25 | * protect information that some could consider sensitve, yet their |
|---|
| 26 | * availability is a must in some circumstances. |
|---|
| 27 | * |
|---|
| 28 | * Such an encrypted Received: header might look like: |
|---|
| 29 | * |
|---|
| 30 | * Received: from DzgkvJBO5+bw+oje5JACeNIa/uSI4mRw2cy5YoPBba73eyBmjtyHnQ== |
|---|
| 31 | * [my0nUbjZXKtl7KVBZcsvWOxxtyVFxza4] |
|---|
| 32 | * with HTTP/1.1 (POST); Thu, 14 May 2009 19:17:28 +0200 |
|---|
| 33 | * |
|---|
| 34 | * In this example, the two encrypted components are the sender host name |
|---|
| 35 | * (DzgkvJBO5+bw+oje5JACeNIa/uSI4mRw2cy5YoPBba73eyBmjtyHnQ==) and the IP |
|---|
| 36 | * address (my0nUbjZXKtl7KVBZcsvWOxxtyVFxza4). |
|---|
| 37 | * |
|---|
| 38 | * Using this tool, they can be decrypted into plain text: |
|---|
| 39 | * |
|---|
| 40 | * $ bin/decrypt.sh 'my0nUbjZXKtl7KVBZcsvWOxxtyVFxza4' \ |
|---|
| 41 | * > 'DzgkvJBO5+bw+oje5JACeNIa/uSI4mRw2cy5YoPBba73eyBmjtyHnQ==' |
|---|
| 42 | * 84.3.187.208 |
|---|
| 43 | * 5403BBD0.catv.pool.telekom.hu |
|---|
| 44 | * $ |
|---|
| 45 | * |
|---|
| 46 | * Thus it is known that this particular message was sent by 84.3.187.208, |
|---|
| 47 | * having, at the time of sending, the name of 5403BBD0.catv.pool.telekom.hu. |
|---|
| 48 | * |
|---|
| 49 | * If (most likely binary) junk is shown, then |
|---|
| 50 | * - either the encryption password has, between the time the mail was sent |
|---|
| 51 | * and `now', changed, or |
|---|
| 52 | * - you are dealing with counterfeit header data. |
|---|
| 53 | */ |
|---|
| 54 | |
|---|
| 55 | define('INSTALL_PATH', realpath(dirname(__FILE__).'/..') . '/'); |
|---|
| 56 | |
|---|
| 57 | require INSTALL_PATH . 'program/include/clisetup.php'; |
|---|
| 58 | |
|---|
| 59 | if ($argc < 2) { |
|---|
| 60 | die("Usage: " . basename($argv[0]) . " encrypted-hdr-part [encrypted-hdr-part ...]\n"); |
|---|
| 61 | } |
|---|
| 62 | |
|---|
| 63 | $RCMAIL = rcmail::get_instance(); |
|---|
| 64 | |
|---|
| 65 | for ($i = 1; $i < $argc; $i++) { |
|---|
| 66 | printf("%s\n", $RCMAIL->decrypt($argv[$i])); |
|---|
| 67 | }; |
|---|
