Merge 042fa8c92d into 9b731d3a58

get_sid.sh

@@ -0,0 +1,2 @@
+wget --keep-session-cookies --save-cookies=./cookie.txt --post-data "name=root&pwd=XXXXXX" -O ./save.txt http://10.110.34.133/cgi/login.cgi
+

include/rfb.js

@@ -25,13 +25,15 @@ var that           = {},  // Public API methods
     init_msg, normal_msg, framebufferUpdate, print_stats,
 
     pixelFormat, clientEncodings, fbUpdateRequest, fbUpdateRequests,
-    keyEvent, pointerEvent, clientCutText,
+    keyEvent, pointerEvent, clientCutText, send_auth_packet,
 
     getTightCLength, extract_data_uri,
     keyPress, mouseButton, mouseMove,
 
     checkEvents,  // Overridable for testing
 
+    first_auth = 0,
+
 
     //
     // Private RFB namespace variables
@@ -777,7 +779,7 @@ init_msg = function() {
             case 16: // TightVNC Security Type
                 if (ws.rQwait("num tunnels", 4)) { return false; }
                 var numTunnels = ws.rQshift32();
-                //console.log("Number of tunnels: "+numTunnels);
+                console.log("Number of tunnels: "+numTunnels);
 
                 rfb_tightvnc = true;
 
@@ -796,19 +798,19 @@ init_msg = function() {
 
                 if (ws.rQwait("sub auth count", 4)) { return false; }
                 var subAuthCount = ws.rQshift32();
-                //console.log("Sub auth count: "+subAuthCount);
+                console.log("Sub auth count: "+subAuthCount);
                 for (var i=0;i<subAuthCount;i++)
                 {
 
                     if (ws.rQwait("sub auth capabilities "+i, 16)) { return false; }
                     var capNum = ws.rQshift32();
                     var capabilities = ws.rQshiftStr(12);
-                    //console.log("queue: "+ws.rQlen());
-                    //console.log("auth type: "+capNum+": "+capabilities);
+                    console.log("queue: "+ws.rQlen());
+                    console.log("auth type: "+capNum+": "+capabilities);
 
                     serverSupportedTypes.push(capabilities);
                 }
-
+/*
                 for (var authType in clientSupportedTypes)
                 {
                     if (serverSupportedTypes.indexOf(authType) != -1)
@@ -833,8 +835,9 @@ init_msg = function() {
                         }
                     }
                 }
-
-
+*/
+		// ws.send(["phsrhiysnamruhqy","phsrhiysnamruhqy"]);
+		send_auth_packet()
                 return;
             default:
                 fail("Unsupported auth scheme: " + rfb_auth_scheme);
@@ -871,13 +874,15 @@ init_msg = function() {
 
     // Triggered by fallthough, not by server message
     case 'ClientInitialisation' :
-        ws.send([conf.shared ? 1 : 0]); // ClientInitialisation
+        // ws.send([0]); // ClientInitialisation
         updateState('ServerInitialisation', "Authentication OK");
         break;
 
     case 'ServerInitialisation' :
         if (ws.rQwait("server initialization", 24)) { return false; }
 
+	var padding1 = ws.rQshift32();
+	var padding2 = ws.rQshift32();
         /* Screen size */
         fb_width  = ws.rQshift16();
         fb_height = ws.rQshift16();
@@ -918,8 +923,12 @@ init_msg = function() {
         }
 
         /* Connection name/title */
-        name_length   = ws.rQshift32();
-        fb_name = Util.decodeUTF8(ws.rQshiftStr(name_length));
+	// this code bug!
+        // name_length   = ws.rQshift32();
+        // fb_name = Util.decodeUTF8(ws.rQshiftStr(name_length));
+        // conf.onDesktopName(that, fb_name);
+	name_length = 6;
+	fb_name = "sample";
 	conf.onDesktopName(that, fb_name);
         
         if (conf.true_color && fb_name === "Intel(r) AMT KVM")
@@ -1870,6 +1879,26 @@ clientCutText = function(text) {
     return arr;
 };
 
+//
+// Add Tempolary Patches
+//
+
+send_auth_packet = function() {
+  var auth_id = "iadzhsspacxvdldb";
+  var auth_pass = "iadzhsspacxvdldb";
+  if( first_auth == 0 ){
+    ws.send_auth(auth_id, auth_pass);
+    first_auth ++;
+  }
+  else{
+    var auth_ok = new Uint8Array(1);
+    auth_ok[0] = 0;
+    ws.send_binary(auth_ok);
+    rfb_auth_scheme = 1;
+    init_msg();
+  }
+};
+
 
 
 //

include/util.js

@@ -110,7 +110,7 @@ window.requestAnimFrame = (function(){
  * Logging/debug routines
  */
 
-Util._log_level = 'warn';
+Util._log_level = 'debug';
 Util.init_logging = function (level) {
     if (typeof level === 'undefined') {
         level = Util._log_level;

include/websock.js

@@ -193,8 +193,8 @@ function flush() {
         Util.Debug("bufferedAmount: " + websocket.bufferedAmount);
     }
     if (websocket.bufferedAmount < api.maxBufferedAmount) {
-        //Util.Debug("arr: " + arr);
-        //Util.Debug("sQ: " + sQ);
+        // Util.Debug("arr: " + arr);
+        Util.Debug("sQ: " + sQ);
         if (sQ.length > 0) {
             websocket.send(encode_message(sQ));
             sQ = [];
@@ -209,17 +209,36 @@ function flush() {
 
 // overridable for testing
 function send(arr) {
-    //Util.Debug(">> send_array: " + arr);
+    Util.Debug(">> send_array: " + arr);
     sQ = sQ.concat(arr);
     return flush();
 }
 
+function send_binary(data) {
+    websocket.send(data);
+    sQ = [];
+}
+
 function send_string(str) {
     //Util.Debug(">> send_string: " + str);
     api.send(str.split('').map(
         function (chr) { return chr.charCodeAt(0); } ) );
 }
 
+function send_auth(str1, str2) {
+    var authdata = new Uint8Array(48);
+    for( var i = 0; i < str1.length; i++ ){
+	authdata[i] = str1.charCodeAt(i);
+    }
+    authdata[str1.length] = 0;
+
+    for( var i = 0; i < str2.length; i++ ){
+        authdata[i + 24] = str2.charCodeAt(i);
+    }
+    authdata[str2.length + 24] = 0;
+    send_binary(authdata);
+}
+
 //
 // Other public functions
 
@@ -407,6 +426,8 @@ function constructor() {
     api.flush        = flush;
     api.send         = send;
     api.send_string  = send_string;
+    api.send_binary  = send_binary;
+    api.send_auth    = send_auth;
 
     api.on           = on;
     api.init         = init;