Skip to content

Commit 7e20293

Browse files
Eric-WassonEric-Wasson
committed
Added backend handling of importing pre-cracked hashes by upload file and url
1 parent af3f945 commit 7e20293

File tree

2 files changed

+33
-5
lines changed

2 files changed

+33
-5
lines changed

src/inc/apiv2/helper/importCrackedHashes.routes.php

Lines changed: 28 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,7 @@ public function getRequiredPermissions(string $method): array {
2626
public function getFormFields(): array {
2727
return [
2828
Hashlist::HASHLIST_ID => ["type" => "int"],
29+
"sourceType" => ['type' => 'str'],
2930
"sourceData" => ['type' => 'str'],
3031
"separator" => ['type' => 'str'],
3132
"overwrite" => ['type' => 'int'],
@@ -47,13 +48,38 @@ public static function getResponse(): array {
4748
/**
4849
* Endpoint to import cracked hashes into a hashlist.
4950
* @throws HTException
51+
* @throws HttpError
5052
*/
5153
public function actionPost($data): object|array|null {
5254
$hashlist = self::getHashlist($data[Hashlist::HASHLIST_ID]);
5355

54-
$importData = base64_decode($data["sourceData"]);
56+
// Cast to processZap compatible upload format
57+
$dummyPost = [];
58+
switch ($data["sourceType"]) {
59+
case "paste":
60+
$dummyPost["hashfield"] = base64_decode($data["sourceData"]);
61+
break;
62+
case "import":
63+
$dummyPost["importfile"] = $data["sourceData"];
64+
break;
65+
case "url":
66+
$dummyPost["url"] = $data["sourceData"];
67+
break;
68+
default:
69+
// TODO: Choice validation are model based checks
70+
throw new HttpErrorException("sourceType value '" . $data["sourceType"] . "' is not supported (choices paste, import, url");
71+
}
72+
73+
if ($data["sourceType"] == "paste") {
74+
if (strlen($data["sourceData"]) == 0) {
75+
throw new HttpError("sourceType=paste, requires sourceData to be non-empty");
76+
}
77+
else if ($dummyPost["hashfield"] === false) {
78+
throw new HttpError("sourceData not valid base64 encoding");
79+
}
80+
}
5581

56-
$result = HashlistUtils::processZap($hashlist->getId(), $data["separator"], "paste", ["hashfield" => $importData], [], $this->getCurrentUser(), (isset($data["overwrite"]) && intval($data["overwrite"]) == 1) ? true : false);
82+
$result = HashlistUtils::processZap($hashlist->getId(), $data["separator"], $data["sourceType"], $dummyPost, [], $this->getCurrentUser(), (isset($data["overwrite"]) && intval($data["overwrite"]) == 1) ? true : false);
5783

5884
return [
5985
"totalLines" => $result[0],

src/inc/apiv2/model/hashlists.routes.php

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -102,6 +102,7 @@ public function getFormFields(): array {
102102

103103
/**
104104
* @throws HttpErrorException
105+
* @throws HttpError
105106
* @throws HTException
106107
*/
107108
protected function createObject(array $data): int {
@@ -122,11 +123,12 @@ protected function createObject(array $data): int {
122123
throw new HttpErrorException("sourceType value '" . $data["sourceType"] . "' is not supported (choices paste, import, url");
123124
}
124125

125-
// TODO: validate input is valid base64 encoded
126126
if ($data["sourceType"] == "paste") {
127127
if (strlen($data["sourceData"]) == 0) {
128-
// TODO: Should be 400 instead
129-
throw new HttpErrorException("sourceType=paste, requires sourceData to be non-empty");
128+
throw new HttpError("sourceType=paste, requires sourceData to be non-empty");
129+
}
130+
else if ($dummyPost["hashfield"] === false) {
131+
throw new HttpError("sourceData not valid base64 encoding");
130132
}
131133
}
132134

0 commit comments

Comments
 (0)