就知道光猫背后的登录密码,对这个猫能干的事也就只能看看了,其他什么设置的也不敢动。
不动就不动吧,时间长了,网络偶尔会出问题,能干的就是登录光猫手动重启一下,挺麻烦的。

于是抓包,用脚本模拟了手动重启的过程,每天自动执行重启一下。

Username="user"
pwd="CDK5b%k6"

curl "http://192.168.1.1" -i > 1.txt
Frm_Logintoken=`grep "getObj(\"Frm_Logintoken\").value =" 1.txt | grep -Po "\d+"`
#Frm_Logintoken="10"
Frm_Loginchecktoken=`grep "getObj(\"Frm_Loginchecktoken\").value =" 1.txt | grep -Po "\d+"`
#Frm_Loginchecktoken="583739175106678977568726"
Right=""
UserRandomNum="25177565"
Password=`echo -n "$pwd$UserRandomNum" | sha256sum | grep -Po "\w+"`
action="login"

loginParam="Frm_Logintoken=$Frm_Logintoken&Frm_Loginchecktoken=$Frm_Loginchecktoken&Right=$Right&Username=$Username&UserRandomNum=$UserRandomNum&Password=$Password&action=$action"

echo "login param: $loginParam"

curl \
-H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:103.0) Gecko/20100101 Firefox/103.0' \
-H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8' \
-H 'Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2' \
-H 'Accept-Encoding: gzip, deflate' \
-H 'Origin: http://192.168.1.1' \
-H 'Connection: keep-alive' \
-H 'Referer: http://192.168.1.1/' \
-H 'Cookie: _TESTCOOKIEHTTP=1' \
-H 'Upgrade-Insecure-Requests: 1' \
http://192.168.1.1 \
-d "$loginParam" -i >  2.txt

SID=`grep Set-Cookie: 2.txt | grep -Po "SID=\w+;"`
_Tokens=`grep Set-Cookie: 2.txt | grep -Po "_Tokens=\w+;"`
Cookie="_TESTCOOKIEHTTP=1; $SID $_Tokens"

curl \
-H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:103.0) Gecko/20100101 Firefox/103.0' \
-H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8' \
-H 'Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2' \
-H 'Accept-Encoding: gzip, deflate' \
-H 'Origin: http://192.168.1.1' \
-H 'Connection: keep-alive' \
-H 'Referer: http://192.168.1.1/getpage.gch?pid=1002&nextpage=manager_dev_restart_t.gch' \
-H "Cookie: $Cookie" \
-H 'Upgrade-Insecure-Requests: 1' \
"http://192.168.1.1/getpage.gch?pid=1002&nextpage=manager_dev_restart_t.gch" -i > 3.txt

_Tokens=`grep Set-Cookie: 3.txt | grep -Po "_Tokens=\w+;"`
Cookie="_TESTCOOKIEHTTP=1; $SID $_Tokens"

session_token=`grep "var session_token = " 3.txt | grep -Po "\d{10,}"`
restartParam="IF_ACTION=devrestart&IF_ERRORSTR=SUCC&IF_ERRORPARAM=SUCC&IF_ERRORTYPE=-1&flag=1&_SESSION_TOKEN=$session_token"

echo "restart param: $restartParam"

curl \
-H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:103.0) Gecko/20100101 Firefox/103.0' \
-H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8' \
-H 'Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2' \
-H 'Accept-Encoding: gzip, deflate' \
-H 'Origin: http://192.168.1.1' \
-H 'Connection: keep-alive' \
-H 'Referer: http://192.168.1.1/getpage.gch?pid=1002&nextpage=manager_dev_restart_t.gch' \
-H "Cookie: $Cookie" \
-H 'Upgrade-Insecure-Requests: 1' \
-H 'Pragma: no-cache' \
-H 'Cache-Control: no-cache' \
"http://192.168.1.1/getpage.gch?pid=1002&nextpage=manager_dev_restart_t.gch" \
-d "$restartParam" -i > 4.txt
最后修改:2022 年 08 月 07 日
© 允许规范转载
如果觉得我的文章对你有用,请随意赞赏