View Single Post
  #57  
Old 03.02.2013, 17:55
bunda
Guest
 
Posts: n/a
Default

Quote:
Originally Posted by Axel1492 View Post
Well, I did not found any reconnect script for the FrritzBox 7390 which does NOT utilize uPnP. So I wrote one by myself.

For everyone out there who does not understand why I did this: It is a fact that uPnP could be a security risk. If you use uPnP to configre yor router/nat/firewall it usually is a security risk.

This script is a Powershell script. (Well, Powershell is a command prompt written by Microsoft. On Windows 7 it is installed by default.)

Installation instructions coud be found in the script.

The file extension for powershell scripts is "ps1". So you may put the following script into a file called "reconnect.ps1".

Spoiler:

Code:
# -------------------------------------------------------------------------- #
# PS reconnect Script for FritzBox 7390                                      #
#                                            by Axel1492                     #
#                                                                            #
# This Script is for everyone who does not want to enable UPnP on his        #
# FritzBox. This Script reproduces the Javascript based challenge-response   #
# protocol of the web interface.                                             #
#                                                                            #
# PREPARATION: You need to allow the excecution of Powershell scripts on     #
#              your PC. You could easily do this by running the folloowing   #
#              command in an admin priviledged Powershell promt:             #
#              Set-ExecutionPolicy RemoteSigned                              #
#              If you want some information about what you are doing run:    #
#              Get-Help About_Signing                                        #
#                                                                            #
# Call from JD: Use the 'External' configuration. Enter as 'Command':        #
#               %windir%\System32\WindowsPowerShell\v1.0\powershell.exe      #
#               As 'Parameter' enter the path to this script.                #
# -------------------------------------------------------------------------- #

# -------------------------------------------------------------------------- #
# Just Enter your Password below and enjoy ;-)                               #
# -------------------------------------------------------------------------- #
[string]$_host_ = "**External links are only visible to Support Staff**
[string]$_pass_ = "******"

# -------------------------------------------------------------------------- #
# internal stuff                                                             #
# -------------------------------------------------------------------------- #
# these values are queried from the server or they are computed
[string]$challenge = [string].Empty
[string]$challenge_response = [string].Empty
[string]$sid = "0000000000000000"

# send a Post-message to the server and get the response
Function Post ( [string]$path, [string]$req )
{
    [System.Text.Encoding]$encASCII = New-Object System.Text.ASCIIEncoding
    $webRequest = [System.Net.WebRequest]::Create($_host_+$path)
    $reqBytes = $encASCII.GetBytes($req)
    $webRequest.Method = "Post"
    $webRequest.ContentLength = $reqBytes.Length
    $webRequest.ContentType = "application/x-www-form-urlencoded"
    $stream = $webRequest.GetRequestStream()
    $stream.Write($reqBytes,0,$reqBytes.Length)
    $stream.close()
    
    [System.Net.HttpWebResponse]$resp = $webRequest.GetResponse()
    $rs = $resp.GetResponseStream()
    $sr = New-Object System.IO.StreamReader -argumentList $rs
    $results = $sr.ReadToEnd()
    $sr.Close()
    $resp.close()
    
    return $results
}

# compute the challenge-response
Function Chall-Resp ( $challenge )
{
    [System.Text.Encoding]$encUnicode = New-Object System.Text.UnicodeEncoding
    [System.Security.Cryptography.MD5]$hasher = [System.Security.Cryptography.MD5]::Create()
    $_pass_ = [System.Text.RegularExpressions.Regex]::Replace($_pass_, "[^\u0000-\u007F]", ".");
    $bytes = $hasher.ComputeHash($encUnicode.GetBytes($challenge+"-"+$_pass_))
    [string]$hex = [String].Empty
    foreach ($b in $bytes) {
        $hex += "{0:x2}" -f $b
    }
    return $challenge+"-"+$hex
}

# -------------------------------------------------------------------------- #
# the interesting part                                                       #
# -------------------------------------------------------------------------- #

# query challenge
$challenge = ([xml] (Post "cgi-bin/webcm" "getpage=../html/login_sid.xml")).SessionInfo.Challenge

# compute challenge-response
$challenge_response = Chall-Resp $challenge

# login
$sid = ([xml] (Post "cgi-bin/webcm" "login:command/response=$($challenge_response)&getpage=../html/login_sid.xml")).SessionInfo.SID
if ( $sid.equals("0000000000000000") )
{
    "`n`t+++ Login Failed! +++`n"
    Exit
}

# disconnect FritzBox from internet (reconnects automatically)
Post "cgi-bin/webcm" "sid=$($sid)&connection0:settings/cmd_disconnect=" | Out-Null
"`n`tSuccessfully initiated reconnect!`n"

# logout
Post "cgi-bin/webcm" "sid=$($sid)&security:command/logout=" | Out-Null
Hey Axel1492,

Canīt allow the excecution of Powershell scripts by "Set-ExecutionPolicy RemoteSigned". --> Zugriff verweigert. Bei Zeile 1 Zeichen 20 - Not Specified: Set-ExecutionPolicy, UnauthoriziedAccessException

Can you pls help?
Thanks!
Reply With Quote