bin/decrypt.sh

   1 #!/usr/bin/env php
   2 <?php
   3 /*
   4
   5  +-----------------------------------------------------------------------+
   6  | bin/decrypt.sh                                                        |
   7  |                                                                       |
   8  | This file is part of the Roundcube Webmail client                     |
   9  | Copyright (C) 2005-2009, Roundcube Dev. - Switzerland                 |
  10  | Licensed under the GNU GPL                                            |
  11  |                                                                       |
  12  | PURPOSE:                                                              |
  13  |   Decrypt the encrypted parts of the HTTP Received: headers           |
  14  |                                                                       |
  15  +-----------------------------------------------------------------------+
  16  | Author: Tomas Tevesz <ice@extreme.hu>                                 |
  17  +-----------------------------------------------------------------------+
  18
  19  $Id: decrypt.sh 3989 2010-09-25 13:03:53Z alec $
  20 */
  21
  22 /*-
  23  * If http_received_header_encrypt is configured, the IP address and the
  24  * host name of the added Received: header is encrypted with 3DES, to
  25  * protect information that some could consider sensitve, yet their
  26  * availability is a must in some circumstances.
  27  *
  28  * Such an encrypted Received: header might look like:
  29  *
  30  * Received: from DzgkvJBO5+bw+oje5JACeNIa/uSI4mRw2cy5YoPBba73eyBmjtyHnQ==
  31  *      [my0nUbjZXKtl7KVBZcsvWOxxtyVFxza4]
  32  *      with HTTP/1.1 (POST); Thu, 14 May 2009 19:17:28 +0200
  33  *
  34  * In this example, the two encrypted components are the sender host name
  35  * (DzgkvJBO5+bw+oje5JACeNIa/uSI4mRw2cy5YoPBba73eyBmjtyHnQ==) and the IP
  36  * address (my0nUbjZXKtl7KVBZcsvWOxxtyVFxza4).
  37  *
  38  * Using this tool, they can be decrypted into plain text:
  39  *
  40  * $ bin/decrypt.sh 'my0nUbjZXKtl7KVBZcsvWOxxtyVFxza4' \
  41  * > 'DzgkvJBO5+bw+oje5JACeNIa/uSI4mRw2cy5YoPBba73eyBmjtyHnQ=='
  42  * 84.3.187.208
  43  * 5403BBD0.catv.pool.telekom.hu
  44  * $
  45  *
  46  * Thus it is known that this particular message was sent by 84.3.187.208,
  47  * having, at the time of sending, the name of 5403BBD0.catv.pool.telekom.hu.
  48  *
  49  * If (most likely binary) junk is shown, then
  50  *  - either the encryption password has, between the time the mail was sent
  51  *    and `now', changed, or
  52  *  - you are dealing with counterfeit header data.
  53  */
  54
  55 if (php_sapi_name() != 'cli') {
  56         die("Not on the 'shell' (php-cli).\n");
  57 }
  58
  59 define('INSTALL_PATH', realpath(dirname(__FILE__).'/..') . '/');
  60 require INSTALL_PATH . 'program/include/iniset.php';
  61
  62 if ($argc < 2) {
  63         die("Usage: " . basename($argv[0]) . " encrypted-hdr-part [encrypted-hdr-part ...]\n");
  64 }
  65
  66 $RCMAIL = rcmail::get_instance();
  67
  68 for ($i = 1; $i < $argc; $i++) {
  69         printf("%s\n", $RCMAIL->decrypt($argv[$i]));
  70 };