SMS exec script
exec
feature of sms with a non numerical identifier by setting the following
multiotp -config sms-provider=exec
multiotp -config sms-api-id='/opt/multiotp/sms.sh %from %to %msg'
multiotp -fastcreate username
multiotp -set username sms='nonNumericalIdentifier'
#!/bin/bash
echo $1 >> /etc/multiotp/smstext.log
echo $2 >> /etc/multiotp/smstext.log
echo $3 >> /etc/multiotp/smstext.log
multiotp.php -debug -display-log -requiresms username
it throws an error:
PHP Notice: Undefined variable: real_user in /opt/multiotp/multiotp.php on line 16209
PHP Notice: Undefined variable: real_user in /opt/multiotp/multiotp.php on line 16209
LOG 2020-02-10 11:08:15 warning SMS Error: no information on where to send SMS code for
60 *ERROR: No information on where to send SMS code
LOG 2020-02-10 11:08:15 debug Debug Debug: *Attributes sent to the RADIUS server: Reply-Message := "ERROR: No information on where to send SMS code"
Reply-Message := "ERROR: No information on where to send SMS code"
CleanPhoneNumber()
function in a few places. My question is how the "special all-in-one-file multiotp.exe executable created using Enigma Virtual Box" is configured?
Since my ultimate goal is to use the Credential Provider with my currently modified multiphp.php to send the OTP via the exec function with a non numerical SMS "number".
Comments
multiotp.windows.php
is used by the Credential Provider, so there seems to be no need for me to package my own multiotp.exe vith EVB. Currently working great on a local install with CP, will soon test with a CP connected to another multiOTP server.This endeavor was for being able to send the OTP via mail with a script. In the end I learned enough to just replace the line
$sms_number = $this->CleanPhoneNumber($this->GetUserSms());
with$sms_number = $this->GetUserEmail();
in theGenerateSmsToken
function and also to change the$sms_number = $this->CleanPhoneNumber($sms_recipient);
in theSendSms
function so the line is then$sms_number = $sms_recipient;
I should probably clean up the log also, but this is the bare minimum to get it to use email from the user instead of sms number.param ( [string]$from, [string]$to, [string]$msg ) $username = "<my smtp username>" $password = get-content C:\cred.txt | convertto-securestring $cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $username, $password $body = "This is your OTP<p\><h2>$msg</h2></p>Best regards<br/>The support team" Send-MailMessage -To $to -from "$from <my otp mail address>" -Subject 'Your OTP' -Body $body -BodyAsHtml -Encoding UTF8 -smtpserver <my smtp server> -usessl -Credential $cred -Port 587
Password credential file is generated once by running the following in powershell:
read-host -assecurestring | convertfrom-securestring | out-file C:\cred.txt
The mail script is called with the following command from multiOTP:
powershell -executionpolicy bypass -File C:\mail.ps1 -from %from -to %to -msg %msg