Giter Site home page Giter Site logo

fickport's Introduction

Fickport

Introduction

The Speedport Entry 2 is an entry level modem/router produced by "Deutsche Telekom".
This device is quite bad and its performances tend to degrade over time.

The most common solution to this problem is made of several steps:

  • Stand up
  • Reach the Speedport Entry 2
  • Pull the plug
  • Wait few seconds
  • Plug it back again
  • Get back to what we were doing

Although this solution proved to be quite effective, it turned out to be also quite annoying.
For this reason, the "Fickport" project was born :)

How to use

There are different ways to use the Fickport tools.
The next paragraphs describe the possible uses.

Manual reboot

The simplest way to use the Fickport tools is to manually run the fickport.sh bash script, everytime we start noticing the first signs of slowness in the network. It's important to specify the correct device password for our Speedport router in the script, so that it will be able to succesfully login and reboot our beloved router.

Unfortunately, this solution can be used only before the network becomes so slow to be actually unusable. In this case, only 2 possibilities are left:

  • Stand up and follow the "most common solution" steps written above
  • Ask someone to perform the "most common solution" steps above

The real (dirty) solution would be preventing the performance degradation by daily rebooting the router.

Auto daily reboot

If in your network there's an always alive and connected linux device, you could use it to periodically run the fickport.sh script and automatically reboot the router.

In my real scenario, a "Fritz!WLAN Repeater" is always connected to the local network, so I decided to use it to run the "fickport.sh" rebooting script.

Have a look at the fritz-image sub-folder files to learn more about it

Technical details

Wanna know more about techy stuff behind this project?
Read further!

Speedport Entry 2

Have I already said that the Speedport Entry 2 is a shitty router?
Let's talk about how it is working under the hood.

Login process

In this paragraph we describe the login logic behind the Speedport Entry 2 web interface.

The following Javascript code is a slightly simplified version of the real one used on the speedport:

function hash(devpwd, challenge){
 var hash_pwd = devpwd+challenge;
 var password = sjcl.codec.hex.fromBits(sjcl.hash.sha256.hash(hash_pwd));
 return password;
}

so the typed in device password is:

  • concatenated with a challenge value generated by the server (obtained through a XmlHttpRequest)
  • this combination is then hashed (sha256)
  • sent to the server as HTTP POST request.

The POST request is similar to this one:

wget --save-cookies cookies.txt \
     --keep-session-cookies \
     --post-data "password=${hashpwd}&showpw=0&csrf_token=sercomm_csrf_token" \
     --delete-after \
     "http://${speedport}/data/Login.json?lang=en"

CSRF Token

To perform any further operation, the speedport requires a "CSRF token" to be passed together with the HTTP request to prove that the request actually came from the Speedport Web interface.
This token is stored directly in the "index.html" page source served by the speedport and is generated everytime the "index.html" is requested by a client.

Badly enough, only the last generated CSRF token is considered valid by the server.

It means that if we continuosly request the "index.html" to the server, we would easily cause a Denial of Service, making any login attempted by any user fail, even with the proper password.

The CSRF token is programmatically extractable in this way:

csrftoken=$(wget --load-cookies cookies.txt -q -O - "http://${speedport}/html/content/overview/index.html?lang=en" | grep "var csrf_token " | cut -d "'" -f 2)

With this token we are now able to programmatically reproduce any action available on the web UI, otherwise only manually triggerable.

Reboot

In our specific use case, we need to request a "reboot" action.
The HTTP call to perform a reboot is the following one:

wget --load-cookies cookies.txt \
     --post-data "reboot_device=true&csrf_token=${csrftoken}" \
     --delete-after \
     "http://${speedport}/data/Reboot.json?_time=1511727315027&_rand=666&csrf_token=${csrftoken}&lang=en"

More info

Read the content of fickport.sh to know more about the HTTP calls used to execute commands on the Speedport device.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.