我用山猫来自远程 SSH 的网络浏览器(所以我有无图形用户界面)进入某些路由器和接入点的Web界面。
它在我测试过的一些 Ovislink 和 Buffalo 型号上运行良好,但当尝试导航到两个 D-Link 型号时,屏幕上没有显示任何信息。验证应该是这两种设备上的第一步,但 Lynx 并没有要求我这样做。 OvisLink 模型不要求输入密码,但 Buffalo 会要求输入密码,而 Lynx 则要求输入“OK”,因为它必须这样做。
案例D-Link DWL-2100AP:
DWL-2100AP
[Blank lines here]
Commands: Use arrow keys to move, '?' for help, 'q' to quit, '<-' to go back.
Arrow keys: Up and Down to move. Right to follow a link; Left to go back.
H)elp O)ptions P)rint G)o M)ain screen Q)uit /=search [delete]=history list
案例D-Link DAP-2310:
REFRESH(0 sec): http://192.168.1.231/index.php
[Blank lines here]
Commands: Use arrow keys to move, '?' for help, 'q' to quit, '<-' to go back.
Arrow keys: Up and Down to move. Right to follow a link; Left to go back.
H)elp O)ptions P)rint G)o M)ain screen Q)uit /=search [delete]=history list
这是GUI 第一个屏幕(浏览器弹出分离凭证窗口)DWL-2100AP(旧)型号:
这是 D-Link DAP-2310(网页内的凭据):
有没有方式让 Lynx 访问这些接口吗?
进一步测试:
- 添加
-auth=ID:PASSWD到命令中lynx IP,结果相同。
更远数据关于接口:
- 看来这两种设备都使用爪哇。
curl这是DWL-2100AP 似乎发送的起始 HTML,通过 获得:
<html><head>
<script src="jsMain.js"> </script>
<title>DWL-2100AP</title></head>
<script language='JavaScript'>
document.cookie = 'RpWebID=3c26d7c1';
</script>
<script language='JavaScript'>
function JumpToHmain(){location.replace('/html/HomeWizard.html');}window.setTimeout('JumpToHmain()',1);</script>
DWL-2100AP 的启动网页(输入凭据后):
http://IPAddress/html/HomeWizard.html
如果我尝试使用curl下载它(无论是否使用-u username:password):
<html>
<head>
<title>Object Not Found</title></head><body>
<h1>Object Not Found</h1>The requested URL '/html/HomeWizard.html' was not found on the RomPager server.<p>Return to <A HREF="">last page</A><p>
</body></html>
DAP-2310 的起始网页(请求凭据页面):
http://IPAddress/login.php
尝试通过 WGet(直接 URL)重新启动 DWL-2100AP:
luis@Fresoncio:~$ wget http://admin:[email protected]/Forms/RESET_Switch
converted 'http://admin:[email protected]/Forms/RESET_Switch?FlagForReboot=' (ANSI_X3.4-1968) -> 'http://admin:[email protected]/Forms/RESET_Switch?FlagForReboot=' (UTF-8)
--2016-06-07 00:46:42-- http://admin:*password*@192.168.1.232/Forms/RESET_Switch?FlagForReboot=
Connecting to 192.168.1.232:80... connected.
HTTP request sent, awaiting response... 303 See Other
Location: http://192.168.1.232/html/HomeWizard.html [following]
converted 'http://192.168.1.232/html/HomeWizard.html' (ANSI_X3.4-1968) -> 'http://192.168.1.232/html/HomeWizard.html' (UTF-8)
--2016-06-07 00:46:42-- http://192.168.1.232/html/HomeWizard.html
Reusing existing connection to 192.168.1.232:80.
HTTP request sent, awaiting response... 404 Not Found
2016-06-07 00:46:42 ERROR 404: Not Found.
Lynx 没有报告任何需要接受cookies浏览至 DWL-2100AP 时。
重新启动尝试的 WireShark/TCPDump 捕获显示了 GET以及下面的http://192.168.1.232/html/HomeWizard.html描述。我认为这可能是 Base64 编码。Authorization: Basic XXXXXXXXXXCredentials: admin:MyEditedPassword
...然后我尝试使用 WGet 和 --post-data forRpWebId=3c268b4c和FlagForReboot=&Submit=+Restart+:
~$ wget 192.168.1.232/Forms/RESET_Switch -post-data='RpWebId=3c268b4c' --post-data='FlagForReboot=&Submit=+Restart+'
converted 'http://192.168.1.232/Forms/RESET_Switch' (ANSI_X3.4-1968) -> 'http://192.168.1.232/Forms/RESET_Switch' (UTF-8)
--2016-06-07 10:29:25-- http://192.168.1.232/Forms/RESET_Switch
Connecting to 192.168.1.232:80... connected.
HTTP request sent, awaiting response... 303 See Other
Location: http://192.168.1.232/html/HomeWizard.html [following]
converted 'http://192.168.1.232/html/HomeWizard.html' (ANSI_X3.4-1968) -> 'http://192.168.1.232/html/HomeWizard.html' (UTF-8)
--2016-06-07 10:29:25-- http://192.168.1.232/html/HomeWizard.html
Reusing existing connection to 192.168.1.232:80.
HTTP request sent, awaiting response... 404 Not Found
2016-06-07 10:29:25 ERROR 404: Not Found.
这是登录时刻的捕获:
GET /html/HomeWizard.html HTTP/1.1
Host: 192.168.1.232
User-Agent: Mozilla/5.0 (X11; Linux armv7l; rv:38.0) Gecko/20100101 Firefox/38.0 Iceweasel/38.6.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://192.168.1.232/
Cookie: RpWebID=3c267896
Connection: keep-alive
Authorization: Basic YWRtaWAAAAAhQXBpYQ==
密码部分是最后部分,以(The is mine,为了掩盖真实密码)YWRta...结尾。如果我这样做,外壳会给我.Q==AAAAAecho YWRtaWAAAAAhQXBpYQ== | base64 --decodeadmin:MyPassword
这是重启设备页面:
这是我尝试(参见 JigglyNaga 答案)通过 CURL 访问重新启动设备页面而不发送数据FlagForReboot:
$ IP_ADDRESS=192.168.1.232
$ curl -b "$COOKIE" -u "admin:MySecretPassword" $IP_ADDRESS/html/MntRestartSystem.html
<html><head>... etc
这个发送FlagForReboot数据(我发誓它们是相同的):
$ IP_ADDRESS=192.168.1.232
$ curl -b "$COOKIE" -u "admin:MySecretPassword" --data "FlagForReboot=&Submit=+Restart+" $IP_ADDRESS/html/MntRestartSystem.html
<html><head>
<title>DWL-2100AP</title><meta HTTP-EQUIV="Content-Type" content="text/html; charset=iso-8859-1">
<LINK REL=stylesheet TYPE="text/css" HREF="web_style.css">
<script language="JavaScript" src="jsMain.js"></script>
<script language="JavaScript">
function ShowMessage(s){
// alert("Switch is rebooting and Web will be disconnected!");
var Msg='Device will reboot and web will be disconnected! Continue?';
if(confirm(Msg))
{
return true;
}
else
return false;
}
</script>
<style type="text/css">
font{
font-family:"Arial";
font-size:10pt;
}
</style>
</head><body BGCOLOR=#FFFFFF leftmargin="0" topmargin="0" onLoad="Change_Device_Name()">
<table width="75%" border="0" cellspacing="0" cellpadding="0" align=center>
<tr>
<td><div align=center><img id="img_logo" src="" width="765" height="95"></div></td></tr><tr>
<td><table width=765 border=0 cellpadding=0 cellspacing=0 align=center>
<tr>
<td rowspan=9 width="20" background="/Images/down_01.gif"> </td><td rowspan=2 width="133"> <img id="img_ap" src="" width=133 height=75></td><td rowspan=2 width="25" background="/Images/down_03.jpg"> </td><td width="21"> <img src="/Images/tools_04.jpg" width=21 height=49></td><td width="522"> <img src="/Images/tools_over_05.jpg" width=522 height=49 usemap="#MapMap" border="0"></td><td width="19"> <img src="/Images/tools_06.jpg" width=19 height=49></td><td width="25" background="/Images/down_11.gif"> </td></tr><tr>
<td width="21" background="/Images/down_14.gif"> </td><td rowspan=8 width="522" valign=top>
<FORM METHOD="POST" ACTION="/Forms/RESET_Switch"><INPUT TYPE="HIDDEN" NAME="FlagForReboot" VALUE="" id="FlagForReboot"> <table width="100%" border="0" height="100">
<tr >
<td colspan=2 align=left height="24" bordercolorlight="#FFFFFF" bordercolordark="#000000"><b><font face=Arial color=#8bacb1 size=2>
System Settings</font> </b></td></tr><tr>
<td align=left height="20" width=200>
<font face=Arial size=2> Apply Settings and Restart</font>
</td><td><INPUT TYPE="SUBMIT" NAME="Submit" VALUE=" Restart " onClick="return ShowMessage()"> </td></tr></table></form><FORM METHOD="POST" ACTION="/Forms/RESTORE_Switch"><INPUT TYPE="HIDDEN" NAME="FlagForReboot" VALUE="" id="FlagForReboot"> <table width="100%" border="0" height="110">
<tr>
<td align=left height="25" width=200>
<font face=Arial size=2> Restore factory settings </font>
</td><td><INPUT TYPE="SUBMIT" NAME="Submit" VALUE=" Restore " onClick="return ShowMessage()"> </td></tr><tr>
<td height=20 colspan=2>
<div align=right><a href=/html/help_tools.html#02 target=_blank><img src=/Images/help_p.jpg width=36 height=52 border=0></a></div></td></tr></table></form></td><td width="19"> <img src="/Images/down_10.jpg" width=19 height=26></td><td width="25" background="/Images/down_11.gif"> </td></tr><tr>
<td class="style1" width="133" height="57" align=center onClick="javascript:Link('MgtUserAccount.html')">Admin</td><td width="25" background="/Images/down_03.jpg" height="42"> </td><td width="21" background="/Images/down_14.gif" height="42"> </td><td width="19" background="/Images/down_40.gif" height="42"> </td><td width="25" background="/Images/down_11.gif" height="42"> </td></tr><tr>
<td class="style2" width="133" height="57" valign=middle align=center onClick="javascript:Link('MntRestartSystem.html')">System</td><td width="25" background="/Images/down_03.jpg"> </td><td width="21" background="/Images/down_14.gif"> </td><td width="19" background="/Images/down_40.gif"> </td><td width="25" background="/Images/down_11.gif"> </td></tr><tr>
<td class="style1" width="133" height="57" valign=middle align=center onClick="javascript:Link('MntUpdateFirmware.html?1')">Firmware</td><td width="25" background="/Images/down_03.jpg"> </td><td width="21" background="/Images/down_14.gif"> </td><td width="19" background="/Images/down_40.gif"> </td><td width="25" background="/Images/down_11.gif"> </td></tr><tr>
<td class="style1" width="133" height="57" valign=middle align=center onClick="javascript:Link('MntConfigurationFile.html?0,0,0,0,0,0,0,0,0')">Cfg File</td><td width="25" background="/Images/down_03.jpg" height="6"> </td><td width="21" background="/Images/down_14.gif" height="6"> </td><td width="19" background="/Images/down_40.gif" height="6"> </td><td width="25" background="/Images/down_11.gif" height="6"> </td></tr> <tr>
<td width="133" height="57" valign=middle align=center background="/Images/down_37.gif"> </td><td width="25" background="/Images/down_03.jpg"> </td><td width="21" background="/Images/down_14.gif"> </td><td width="19" background="/Images/down_40.gif"> </td><td width="25" background="/Images/down_11.gif"> </td></tr> <tr>
<td width="133" background="/Images/down_37.gif"> </td><td width="25" background="/Images/down_03.jpg"> </td><td width="21" background="/Images/down_14.gif"> </td><td width="19" background="/Images/down_40.gif"> </td><td width="25" background="/Images/down_11.gif"> </td></tr>
<tr>
<td width="133" background="/Images/down_37.gif"> </td><td width="25" background="/Images/down_03.jpg"> </td><td width="21" background="/Images/down_14.gif"> </td><td width="19" background="/Images/down_40.gif"> </td><td width="25" background="/Images/down_11.gif"> </td></tr><tr>
<td colspan=6 rowspan=2> <img src="/Images/down_43.jpg" width=740 height=44></td><td width="25"> <img src="/Images/down_45.gif" width="25" height="17"></td></tr><tr>
<td width="25"> <img src="/Images/down_44.gif" width=25 height=27></td></tr></table></td></tr></table><map id="MapMap" name="MapMap">
<area shape="rect" coords="17,17,82,45" href="/html/HomeWizard.html" target="_self"/>
<area shape="rect" coords="109,18,205,42" href="/html/CfgWLanParam.html?1" target="_self"/>
<area shape="rect" coords="232,19,289,46" href="/html/MgtUserAccount.html" target="_self"/>
<area shape="rect" coords="346,18,405,45" href="/html/DeviceInfo.html" target="_self"/>
<area shape="rect" coords="455,18,501,47" href="/html/help_men.html" target="_self"/>
</map>
</body></html>
而这就是它的TCP转储捕获那一刻(看起来相关的部分),如 WireShark 上所示:
Frame 4: 517 bytes on wire (4136 bits), 517 bytes captured (4136 bits)
Ethernet II, Src: 00:00:00_00:09:77 (00:00:00:00:09:77), Dst: D-LinkIn_24:f7:6d (c8:d3:a3:24:f7:6d)
Internet Protocol Version 4, Src: 192.168.1.99, Dst: 192.168.1.232
Transmission Control Protocol, Src Port: 44981 (44981), Dst Port: 80 (80), Seq: 1, Ack: 1, Len: 451
Hypertext Transfer Protocol
GET /html/MntRestartSystem.html HTTP/1.1\r\n
Host: 192.168.1.232\r\n
User-Agent: Mozilla/5.0 (X11; Linux armv7l; rv:38.0) Gecko/20100101 Firefox/38.0 Iceweasel/38.6.0\r\n
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n
Accept-Language: en-US,en;q=0.5\r\n
Accept-Encoding: gzip, deflate\r\n
Referer: http://192.168.1.232/html/MgtUserAccount.html\r\n
Cookie: RpWebID=3c26e560\r\n
Authorization: Basic YWRtaW46VmlhQXBpYQ==\r\n
Connection: keep-alive\r\n
\r\n
[Full request URI: http://192.168.1.232/html/MntRestartSystem.html]
[HTTP request 1/2]
[Response in frame: 15]
[Next request in frame: 17]
0000 47 45 54 20 2f 68 74 6d 6c 2f 4d 6e 74 52 65 73 GET /html/MntRes
0010 74 61 72 74 53 79 73 74 65 6d 2e 68 74 6d 6c 20 tartSystem.html
0020 48 54 54 50 2f 31 2e 31 0d 0a 48 6f 73 74 3a 20 HTTP/1.1..Host:
0030 31 39 32 2e 31 36 38 2e 31 2e 32 33 32 0d 0a 55 192.168.1.232..U
0040 73 65 72 2d 41 67 65 6e 74 3a 20 4d 6f 7a 69 6c ser-Agent: Mozil
0050 6c 61 2f 35 2e 30 20 28 58 31 31 3b 20 4c 69 6e la/5.0 (X11; Lin
0060 75 78 20 61 72 6d 76 37 6c 3b 20 72 76 3a 33 38 ux armv7l; rv:38
0070 2e 30 29 20 47 65 63 6b 6f 2f 32 30 31 30 30 31 .0) Gecko/201001
0080 30 31 20 46 69 72 65 66 6f 78 2f 33 38 2e 30 20 01 Firefox/38.0
0090 49 63 65 77 65 61 73 65 6c 2f 33 38 2e 36 2e 30 Iceweasel/38.6.0
00a0 0d 0a 41 63 63 65 70 74 3a 20 74 65 78 74 2f 68 ..Accept: text/h
00b0 74 6d 6c 2c 61 70 70 6c 69 63 61 74 69 6f 6e 2f tml,application/
00c0 78 68 74 6d 6c 2b 78 6d 6c 2c 61 70 70 6c 69 63 xhtml+xml,applic
00d0 61 74 69 6f 6e 2f 78 6d 6c 3b 71 3d 30 2e 39 2c ation/xml;q=0.9,
00e0 2a 2f 2a 3b 71 3d 30 2e 38 0d 0a 41 63 63 65 70 */*;q=0.8..Accep
00f0 74 2d 4c 61 6e 67 75 61 67 65 3a 20 65 6e 2d 55 t-Language: en-U
0100 53 2c 65 6e 3b 71 3d 30 2e 35 0d 0a 41 63 63 65 S,en;q=0.5..Acce
0110 70 74 2d 45 6e 63 6f 64 69 6e 67 3a 20 67 7a 69 pt-Encoding: gzi
0120 70 2c 20 64 65 66 6c 61 74 65 0d 0a 52 65 66 65 p, deflate..Refe
0130 72 65 72 3a 20 68 74 74 70 3a 2f 2f 31 39 32 2e rer: http://192.
0140 31 36 38 2e 31 2e 32 33 32 2f 68 74 6d 6c 2f 4d 168.1.232/html/M
0150 67 74 55 73 65 72 41 63 63 6f 75 6e 74 2e 68 74 gtUserAccount.ht
0160 6d 6c 0d 0a 43 6f 6f 6b 69 65 3a 20 52 70 57 65 ml..Cookie: RpWe
0170 62 49 44 3d 33 63 32 36 65 35 36 30 0d 0a 41 75 bID=3c26e560..Au
0180 74 68 6f 72 69 7a 61 74 69 6f 6e 3a 20 42 61 73 thorization: Bas
0190 69 63 20 59 57 52 74 61 57 34 36 56 6d 6c 68 51 ic YWRtaW46VmlhQ
01a0 58 42 70 59 51 3d 3d 0d 0a 43 6f 6e 6e 65 63 74 XBpYQ==..Connect
01b0 69 6f 6e 3a 20 6b 65 65 70 2d 61 6c 69 76 65 0d ion: keep-alive.
01c0 0a 0d 0a ...
现在尝试Reset通过 CURL“按下”该按钮(相同的结果:
$ curl -v -u "admin:MySecretPassword" -b "$COOKIE" --data "FlagForReboot=&Submit=+Restart+" $IP_ADDRESS/Forms/RESET_Switch
* Hostname was NOT found in DNS cache
* Trying 192.168.1.232...
* Connected to 192.168.1.232 (192.168.1.232) port 80 (#0)
* Server auth using Basic with user 'admin'
> POST /Forms/RESET_Switch HTTP/1.1
> Authorization: Basic YWRtaW46VmlhQXBpYQ==
> User-Agent: curl/7.38.0
> Host: 192.168.1.232
> Accept: */*
> Cookie: RpWebID=3c270622
> Content-Length: 31
> Content-Type: application/x-www-form-urlencoded
>
* upload completely sent off: 31 out of 31 bytes
< HTTP/1.1 303 See Other
< Location: http://192.168.1.232/html/HomeWizard.html
< Content-Length: 0
* Server Allegro-Software-RomPager/4.06 is not blacklisted
< Server: Allegro-Software-RomPager/4.06
<
* Connection #0 to host 192.168.1.232 left intact
-L使用CURL 选项会得到其他不同的结果:
$ curl -b "$COOKIE" --data "FlagForReboot=&Submit=+Restart+" $IP_ADDRESS/Forms/RESET_Switch -L
<html><head>
<title>DWL-2100AP</title><meta http-equiv="content-type" content="text/html; charset=iso-8859-1"/>
<link rel=stylesheet type="text/css" href="web_style.css">
<script type="text/javascript" src="jsMain.js"></script>
<script type="text/javascript" src="WizardScript.js"></script>
<style type="text/css">
font{
font-family:"Arial";
font-size:10pt;
}
td.h30{
height:30px;
}
td.h60{
height:60px;
}
td.h80{
height:80px;
}
</style>
</head><body bgcolor="#ffffff" topmargin="0" onLoad="InitialSettings()">
<table border="0" align=center cellpadding="0" cellspacing="0">
<tr>
<td><img id="img_logo" src="" alt=""></td></tr><tr>
<td><table border="0" align=center cellspacing="0" cellpadding="0">
<tr><!-- row 1 -->
<td width=20 rowspan=3 background="/Images/down_01.gif"></td><td width=133 rowspan=2><img id="img_ap" src="" border="0" alt=""/></td><td width=25 background="/Images/down_03.jpg"></td><td width=21 background="/Images/down_04.jpg"></td><td width=522><img src="/Images/down_05.jpg" border="0" usemap="#MapMap"/></td><td width=19 background="/Images/down_06.jpg"></td><td width=25 background="/Images/down_11.gif"></td></tr><tr><!-- row 2 -->
<td background="/Images/down_03.jpg"></td><td height="26" background="/Images/down_14.gif"></td><td rowspan=3 valign=top>
<FORM METHOD="POST" ACTION="/Forms/FormWizard"><table border="0" width="100%" align=center cellpadding="0" cellspacing="0">
<tr>
<td colspan=2>
<!-- Beginning of Contents -->
<table width=510 border="0">
<tr>
<td colspan=2>
<font color="#8bacb1"><b>Setup Wizard</b></font>
<INPUT TYPE="HIDDEN" NAME="Run_Wizard" VALUE="0" id="Run_Wizard"> </td></tr> <tr>
<td height="150">
<b><font>
The <span id="APName0"></span> is a <span id="Device_Type"></span>.
The setup wizard will guide you through the configuration of the
<span id="APName1"></span>. The <span id="APName2"></span>'s easy
setup will allow you to have wireless access within minutes.
Please follow the setup wizard step by step to configure
the <span id="APName3"></span>.
</font></b>
</td></tr><tr>
<td> </td></tr><tr>
<td align=center>
<INPUT TYPE="SUBMIT" NAME="Submit" VALUE=" Run Wizard " id="Run_Wizard" onClick="formSubmit(1)" align=right> </td></tr><tr>
<td align=right>
<a href="help_home.html#01" target=_blank>
<img src="/Images/help_p.jpg" width="36" height="52" border="0">
</a></td></tr>
</table><!-- End of Contents -->
</td></tr></table></form>
</td><td background="/Images/down_10.jpg"></td><td background="/Images/down_11.gif"></td></tr><tr><!-- row 3 -->
<td valign=top background="/Images/down_37.gif">
<table width="100%" border="0" cellspacing="0" cellpadding="0" align=center>
<tr>
<td class="style2" align=center valign=middle onClick="javascript:Link('HomeWizard.html')">Wizard</td></tr><tr>
<td class="style1" align=center valign=middle onClick="javascript:Link('Wireless.html?1')">Wireless</td></tr><tr>
<td class="style1" align=center valign=middle onClick="javascript:Link('CfgIpSetup.html')">LAN</td></tr></table></td><td background="/Images/down_03.jpg"></td><td background="/Images/down_14.gif"></td><td background="/Images/down_40.gif"></td><td background="/Images/down_11.gif"></td></tr><tr><!-- row 4 -->
<td height="150" background="/Images/down_37.gif"></td><td background="/Images/down_37.gif"></td><td background="/Images/down_03.jpg"></td><td background="/Images/down_14.gif"></td><td background="/Images/down_40.gif"></td><td background="/Images/down_11.gif"></td></tr><tr><!-- row 5 -->
<td colspan=6 rowspan=2><img src="/Images/down_43.jpg" border="0"></td><td><img src="/Images/down_45.gif" border="0"></td></tr><tr>
<td><img src="/Images/down_44.gif" border="0"></td></tr></table></td></tr></table><map id="MapMap" name="MapMap">
<area shape="rect" coords="17,17,82,45" href="/html/HomeWizard.html" target="_self"/>
<area shape="rect" coords="109,18,205,42" href="/html/CfgWLanParam.html?1" target="_self"/>
<area shape="rect" coords="232,19,289,46" href="/html/MgtUserAccount.html" target="_self"/>
<area shape="rect" coords="346,18,405,45" href="/html/DeviceInfo.html" target="_self"/>
<area shape="rect" coords="455,18,501,47" href="/html/help_men.html" target="_self"/>
</map>
<script type="text/javascript">
var Run_Wizard = document.getElementById("Run_Wizard");
var NewPwd = document.getElementById("NewPwd");
var CfmNewPwd = document.getElementById("CfmNewPwd");
var channel = document.getElementById("channel");
var WizardRootSsid = document.getElementById("WizardRootSsid");
var no = document.getElementById("No");
var wpa = document.getElementById("wpa");
var psk = document.getElementById("psk");
var keytype = document.getElementById("Wizard_KeyType");
var KeySize1 = document.getElementById("KeySize1");
var KeySize2 = document.getElementById("KeySize2");
var KeySize3 = document.getElementById("KeySize3");
var key = document.getElementById("Key");
var passphrase = document.getElementById("passphrase");
var cipher = document.getElementById("cipher");
var groupkey = document.getElementById("groupkey");
</script>
</body></html>
之后,将出现重新启动的确认屏幕:
我可以根据要求添加更多数据。
答案1
不幸的是,现在许多路由器都需要 javascript,而 lynx 不支持。
但作为替代方法,您应该能够在 ssh 上使用隧道,并使用真正的浏览器来访问它。例如,如果您将端口 8888 隧道连接到路由器 IP 上的端口 80(例如 192.168.1.1:80 )。建立 ssh 连接后,在本地计算机上,在“真实”浏览器(带有 js 的图形浏览器)上浏览以http://127.0.0.1:8888访问远程路由器的正常网页。这是使用您的远程 ssh 主机作为代理。
使用像这样的浏览器,firefox您实际上可以非常轻松地将其设置为使用SOCKS代理,并让 SSH 为您设置SOCKS代理,并透明地使用远程主机作为您的网络代理,包括从其本地网络到路由器的任何访问权限。了解如何使用特定的 SSH 客户端设置 SOCKS(通常称为动态端口转发),以及如何firefox在其连接对话框中设置代理连接。然后最终你应该能够告诉firefox使用 SOCKS 代理127.0.0.1:1080(例如)
(如果您尝试使用类似 的 url,Lynx 可能会更进一步,但我怀疑您很快仍然会遇到问题)http://admin:[email protected]js
答案2
许多路由器返回的页面lynx和其他基于终端的浏览器无法处理。
您可以编写一个网络抓取脚本来完成此操作。扩展于这个网络抓取方法,但没有详细说明cURL HTTP 脚本编写指南,我的做法如下:
1 - 记录(支持的)浏览器的行为
您可以使用数据包捕获工具,例如tcpdump(1)或者线鲨,或者浏览器中的类似内容Firefox 的开发者工具。 tcpdump/wireshark 以可移植但不可读的 pcap 格式捕获所有内容;浏览器内的数据可能更容易理解,尤其是在响应被压缩的情况下。还要保存所访问的各个页面的副本,步骤 3 可能需要它们。
2 - 从命令行发送相同的请求
对于步骤 1 中生成的每个 HTTP 请求,弄清楚如何使用curl或发送它wget,然后将其放入脚本中。
您可能需要在HTTP规范并浏览广泛的选项卷曲或者获取文档,但如果其他方法都失败,这两个工具都可以让您发送您想要的任何标头(curl -H "Name: Value"、wget --header "Name: Value")。使用curl -v/确认发送和接收的内容wget -d。如果请求没有得到与步骤 1 中相同的响应,则您可能错过了某些内容。
如果您已经处理较后的请求之一一段时间,则站点/设备可能已超时或使您的会话无效,您首先需要重复一些较早的请求(例如登录)。
如果在发送最终请求后,您获得了所需的结果 - 非常好,请继续执行步骤 4。
3 - 更新任何发生变化的内容
如果完全一样HTTP 请求没有给出相同的响应,则请求的某些部分不再有效,需要更改。重复步骤 1,再次记录相同的操作,并查看请求和响应中的任何差异。
请求中的所有内容均来自某处。你必须追踪每个变化部分的起源。查看所有 HTTP 响应(整个 HTML 页面、JavaScript、CSS、JSON 片段)以查找字符串的来源。页面名称和 GET/POST 参数大多来自 HTML,Cookie 来自 HTTP 标头,但 JavaScript 可以设置其中任何一个。
一旦你追踪到它,你需要在未来自动找到新的值:使用//你选择的文本处理语言从检索到的页面中提取不可预测的sed标记awk;使用 生成当前时间戳date +"format"。
4 - (可选)删除不必要的部分
浏览器可能会生成数十个请求,您不太可能需要发送所有请求才能获得相同的最终结果。例如,如果您不显示页面,则对图像和 CSS 不感兴趣。尝试删除所有看起来不重要的请求,并查看脚本是否仍然有效。凭借经验,您会感觉到哪些请求是可选的。
使用您迄今为止发布的信息,登录 DAP-2310 将需要一个 POST 请求,例如
wget $IP_ADDRESS/login.php --save-cookies cookies.txt --keep-session-cookies \
--post-data "ACTION_POST=login&f_date=MM/DD/YY&f_time=HH:MM:SS&LOGIN_USER=username&LOGIN_PASSWD=password&login=+Login+"
(使用当前日期和时间,格式为日期(1))但可能还涉及更多步骤。
DWL-2100AP 数据包捕获显示它正在使用HTTP 基本身份验证,与 JavaScript 设置的自定义 cookie 相结合。为此,您需要在登录之前从第一页中抓取 cookie:
# obtain the cookie
COOKIE=$(curl $IP_ADDRESS |grep "cookie = "|cut -d"'" -f2)
# log in
curl -b "$COOKIE" --anyauth -u "admin:$PASSWORD" $IP_ADDRESS/html/HomeWizard.html
# fetch the restart form; may not be necessary
curl -b "$COOKIE" $IP_ADDRESS/html/MntRestartSystem.html
# send the restart request
curl -b "$COOKIE" --data "FlagForReboot=&Submit=+Restart+" $IP_ADDRESS/Forms/RESET_Switch