Torsten talks about this tool ttp://www.openwall.com/john/
Le 30/08/2010 14:19, Codatel Lists a écrit :
what do you mean by parse it through john?
On 30/08/2010, at 10:12 PM, Torsten Brumm wrote:
Damn, you are right, for users with a password this will not work.
Hmmm, possibly other guys have better ideas....parse it through john
and then you have it plain text :-(
2010/8/30 Codatel Lists <[email protected]
<mailto:[email protected]>>
This is what the RT replied back to me in the email
http://rt.mydomain.com/ticket/SelfService/Display.html?id=139&[email protected]&pass=
<http://rt.mydomain.com/ticket/SelfService/Display.html?id=139&[email protected]&pass=>
there was no password
FYI the Auto generation script has no effect here as the
requestor is an existing email address
so the
{$RT::WebURL}SelfService/Display.html?id={$Ticket->id()}&user={$Transaction->CreatorObj->Name}&pass={$pass}
line is outside the password auto genrating script.
I believe the $pass parameter has something to do with the script
but it is not being understood as the line I used is not within
that part of the script.
On 30/08/2010, at 7:48 PM, Torsten Brumm wrote:
OK, the mail sent out, does it have the password posted?
Is this the correct link you created?
http://rt.mydomain.com/ticket/SelfService/Display.html?id=139&[email protected]&pass=
<http://rt.mydomain.com/ticket/SelfService/Display.html?id=139&[email protected]&pass=>
Or like this?
http://rt.mydomain.com/ticket/SelfService/Display.html?id=139&[email protected]&pass=
<http://rt.mydomain.com/ticket/SelfService/Display.html?id=139&[email protected]&pass=>$pass
??
2010/8/30 Codatel Lists <[email protected]
<mailto:[email protected]>>
I have tried that and I get the following result.
The password is blank
http://rt.mydomain.com/ticket/SelfService/Display.html?id=139&[email protected]&pass=
<http://rt.mydomain.com/ticket/SelfService/Display.html?id=139&[email protected]&pass=>
On 30/08/2010, at 7:38 PM, Torsten Brumm wrote:
Hi,
looks like we didn't talked about the same...
You like to do this:
{$RT::WebURL}SelfService/Display.html?id={$Ticket->id()}&user={$Transaction->CreatorObj->Name}&pass={$Transaction->CreatorObj->__Value('Password')}
No idea what is stored
here: $Transaction->CreatorObj->__Value('Password' but from
the output you sent, it looks like the md5 of the password:
You should try this:
{$RT::WebURL}SelfService/Display.html?id={$Ticket->id()}&user={$Transaction->CreatorObj->Name}&pass={$pass}
inside $pass you sent out the plain text password and i
think, the login method with the link will also have the
plaintext pass.
Torsten
2010/8/29 Codatel Lists <[email protected]
<mailto:[email protected]>>
I am trying to setup my autoreply so that it has a
direct link for the requestor to click and he can be
logged straight into the RT.
I am new to the eco system and have been playing around
with it over the past few days.
Ive hit a roadblock and am hoping someone can help me out.
I have inserted the following into the autoreply template
{$RT::WebURL}SelfService/Display.html?id={$Ticket->id()}&user={$Transaction->CreatorObj->Name}&pass={$Transaction->CreatorObj->__Value('Password')}
It almost works perfectly except for the fact that the
password actually goes out encrypted and is pretty useless.
this is the link that the requestor gets back
http://rt.mydomain.com.au/ticket/SelfService/Display.html?id=138&[email protected]&pass=091128365216c001205810ed3po175fb
<http://rt.mydoman.com/ticket/SelfService/Display.html?id=138&[email protected]&pass=091128365216c001205810ed3po175fb>
Below is my entire template.
Can someone please let me know how I am able to send a
clickable link with every autoreply that will take the
requestor straight to the ticket on the web.
Subject: AutoReply: {$Ticket->Subject}
Greetings,
This message has been automatically generated in
response to the
creation of a helpdesk call:
"{$Ticket->Subject()}",
a summary of which appears below.
There is no need to reply to this message right now.
Your ticket has been
assigned an ID of [{$rtname} #{$Ticket->id()}]. Please
include this string
in the subject line of all future correspondence about
this issue.
{
*RT::User::GenerateRandomNextChar =
\&RT::User::_GenerateRandomNextChar;
if (($Transaction->CreatorObj->id != $RT::Nobody->id) &&
(!$Transaction->CreatorObj->Privileged) &&
($Transaction->CreatorObj->__Value('Password') eq
'*NO-PASSWORD*')
) {
my $user = RT::User->new($RT::SystemUser);
$user->Load($Transaction->CreatorObj->Id);
my ($stat, $pass) = $user->SetRandomPassword();
if (!$stat) {
$OUT .=
"An internal error has occurred. RT was not able to set
a password for you.
Please contact your local RT administrator for
assistance.";
}
$OUT .= "
You can check the current status and history of your
requests at:
".$RT::WebURL."
When prompted, enter the following username and password:
Username: ".$user->Name."
Password: ".$pass."
";
}
}
{$RT::WebURL}SelfService/Display.html?id={$Ticket->id()}&user={$Transaction->CreatorObj->Name}&pass={$Transaction->CreatorObj->__Value('Password')}
Thank you.
{$Ticket->QueueObj->CorrespondAddress()}
-------------------------------------------------------------------------
{$Transaction->Content()}
RT Training in Washington DC, USA on Oct 25 & 26 2010
Last one this year -- Learn how to get the most out of RT!
--
MFG
Torsten Brumm
http://www.brumm.me <http://www.brumm.me/>
http://www.elektrofeld.de <http://www.elektrofeld.de/>
--
MFG
Torsten Brumm
http://www.brumm.me <http://www.brumm.me/>
http://www.elektrofeld.de <http://www.elektrofeld.de/>
--
MFG
Torsten Brumm
http://www.brumm.me <http://www.brumm.me/>
http://www.elektrofeld.de <http://www.elektrofeld.de/>
RT Training in Washington DC, USA on Oct 25& 26 2010
Last one this year -- Learn how to get the most out of RT!
RT Training in Washington DC, USA on Oct 25 & 26 2010
Last one this year -- Learn how to get the most out of RT!
