Get RackTables working with php-cgi or fastcgi

If you’ve tried to google “racktables authentication not working after install” you won’t find much, but there is a couple of articles about fastcgi and the PHP_AUTH_PW and PHP_AUTH_USER not being passed correctly. But no real solution to the problem.

I was able to get RackTables working using the following work around posted on http://www.rosmir.org/Index/Docs/archive/LabsFolder/FastCGI which has nothing to do with RackTables.

  1. You will need to add the following to your .htaccess file.
    RewriteEngine on
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
  2. Next you will need to modify the inc/auth.php file and add the following before the function authenticate.
    if(preg_match('/Basic+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches)) {
    list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':' , base64_decode(substr($_SERVER['REDIRECT_HTTP_AUTHORIZATION'], 6)));
    }
  3. It should look like following below when completed.
    function authenticate ()
    {
    if(preg_match('/Basic+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches)) {
    list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':' , base64_decode(substr($_SERVER['REDIRECT_HTTP_AUTHORIZATION'], 6)));
    }
    global
    $remote_username,
    $remote_displayname,
    $auto_tags,
    $user_given_tags,
    $user_auth_src,
    $script_mode,
    $require_local_account;
    if (!isset ($user_auth_src) or !isset ($require_local_account))
    throw new RackTablesError ('secret.php: either user_auth_src or require_local_account are missing', RackTablesError::MISCONFIGURED);
    if (isset ($_REQUEST['logout']))
0 Shares:
You May Also Like

Official Jailbreak for iPhone 2.1 Firmware Released OSX Only

There is now an official iphone-dev.org version of QuickPwn that supports the 2.1 firmware released by Apple on friday.
Some of the popular press and blogs have been backing the opposition. :-) While criticism and competition is fine it should be reported correctly, with all the facts. and certainly minus the FUD. Do you guys think we are “less and less relevant with each passing day” ? We don’t think so, and we certainly prefer our hacks to theirs. ;-) Though even if the world deems us irrelevant, the iPhone family of devices is still fun to hack!