#!/usr/bin/perl -w
use strict;
use Expect;
|++;

print "Content-type: text/html\n\n<html>";

my $username="testuser";
my $password="password";
my $host="localhost";
my $timeout=7;

my $exp = new Expect; # create our important expet object
    
telnet_login($username,$password,$host,\$exp);
    
$exp->expect($timeout,
             ['ncorrect', sub { print "<center>ERROR:<br>Login Incorrect, check username or password</center>\n"; &html_stop; die;   }  ],
             [timeout =>
              sub {
                $exp->log_file("/dev/null");
                $exp->send("/bin/sh\n");

                $exp->send("/usr/bin/last -10 $username\n");

                $exp->log_file(\&formatoutput);

                $exp->send("/bin/cat /etc/passwd\n");
              }
             ],
            );
$exp->soft_close(); #gentially close this object, it has been nice to us we hope


sub formatoutput {
  my $input = shift;

  chomp($input);
  $input =~ tr/\r//;
  $input =~ s/\n/<br>/g;

  unless( 
      ($input eq "\$ ") ||
      ($input eq "\/") ||      
      ($input eq "bin/sh") ||
      ($input eq "bin\/sh") ||
      ($input eq "/bin/sh") ||
      ($input eq "/bin/sh ") 
    )   # things not to print go in this ^ statement
   {
     print"<b>${input}</b><p>\n";
   }
}

sub telnet_login
{
    my ($username, $password, $host, $exp) = @_;
    my $TELNET = "/usr/bin/telnet";
    my $timeout = 7;

    $$exp->raw_pty(1);    #treat this terminal as a raw file
    $$exp->log_stdout(0); #do not show terminal output to STD Out
    $$exp->spawn("$TELNET $host") || die "Cannot open telnet\n"; # try to startup $TELNET
    $$exp->expect($timeout,
                 ['ogin:', sub { $$exp->send("$username\n"); exp_continue; } ],
                 ['assword:', sub { $$exp->send("$password\n"); } ],
                 [timeout => sub { die "<center>ERROR: <BR>A timeout hast occured at login</center>\n"; }  ],
                );
}

</html>