JDownloader Community - Appwork GmbH
 

Reply
 
Thread Tools Display Modes
  #1  
Old 13.09.2017, 16:39
dante35 dante35 is offline
Modem User
 
Join Date: Sep 2017
Location: Turkey
Posts: 1
Angry Huawei HG552e

Hi
I use Huawei HG552e,
i dont know why but Upnp only works for port forwarding.
I've recorded LiveHeader in raw mode(nomal mode didnt recorded) but didnt work.
I have edited code like this.
Spoiler:
Code:
[[[HSRC]]]
    [[[STEP]]]
        [[[REQUEST raw="true"]]]
        GET /html/index.asp HTTP/1.1
        Host: %%%routerip%%%
        user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0
        accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
        accept-language: tr
        accept-encoding: gzip, deflate
        cookie: Language=tk; FirstMenu=User_0; SecondMenu=User_0_0; ThirdMenu=User_0_0_0; SessionID_R3=8a3x2QwTfd0Me6ecIZ19rTkMyWLqB79BdnzCn6LWl7rGsLVUWE9tGBjsqph5G8mhtvf8q8ap7hK5VAJ4gwyCd8rX9lI9Fh4lyM5GrnRZG4iRHCX00vR1HaUIRhL1D7Yw; FirstLogin=Second
        dnt: 1
        connection: keep-alive
        upgrade-ınsecure-requests: 1
        [[[/REQUEST]]]
    [[[/STEP]]]

    [[[STEP]]]
        [[[REQUEST raw="true"]]]
        GET /html/ajaxref/updatachallangeajax.asp HTTP/1.1
        Host: %%%routerip%%%
        user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0
        accept: */*
        accept-language: tr
        accept-encoding: gzip, deflate
        cookie: Language=tk; FirstMenu=User_0; SecondMenu=User_0_0; ThirdMenu=User_0_0_0; SessionID_R3=8a3x2QwTfd0Me6ecIZ19rTkMyWLqB79BdnzCn6LWl7rGsLVUWE9tGBjsqph5G8mhtvf8q8ap7hK5VAJ4gwyCd8rX9lI9Fh4lyM5GrnRZG4iRHCX00vR1HaUIRhL1D7Yw; FirstLogin=Second
        dnt: 1
        connection: keep-alive
        [[[/REQUEST]]]
        [[[RESPONSE keys="challange"]]]
	<html><head></head><body>"(.*?)"
        </body></html>
	[[[/RESPONSE]]]
    [[[/STEP]]]

    [[[STEP]]]
        [[[REQUEST raw="true"]]]
        POST /index/login.cgi HTTP/1.1
        Host: %%%routerip%%%
        user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0
        accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
        accept-language: tr
        accept-encoding: gzip, deflate
        content-type: application/x-www-form-urlencoded
        content-length: 119
        cookie: Language=tk; FirstMenu=User_4; SecondMenu=User_4_0; ThirdMenu=User_4_0_0; SessionID_R3=DrtRBJjzrYu6IkBI1dx4KD93A8e6wzdBalBYkA6EvuXvzIcook1yNIED1WCdiJ7hemNSocpV30MytwaGpVLMglbPQEAcsOU4I1Fimqb2bbM3b8Deaq5sUAnI4OQHXgBJ; FirstLogin=Second
        dnt: 1
        connection: keep-alive
        upgrade-ınsecure-requests: 1

Username=%%%user%%%&Password=Password=%%%BASE64::::pass%%%+%%%challange%%%&challange=%%%challange%%%
        [[[/REQUEST]]]
    [[[/STEP]]]

 
    [[[STEP]]]
        [[[REQUEST raw="true"]]]
        GET /html/management/reset.asp HTTP/1.1
        Host: %%%routerip%%%
        user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0
        accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
        accept-language: tr
        accept-encoding: gzip, deflate
        cookie: Language=tk; FirstMenu=User_0; SecondMenu=User_0_0; ThirdMenu=User_0_0_0; SessionID_R3=8a3x2QwTfd0Me6ecIZ19rTkMyWLqB79BdnzCn6LWl7rGsLVUWE9tGBjsqph5G8mhtvf8q8ap7hK5VAJ4gwyCd8rX9lI9Fh4lyM5GrnRZG4iRHCX00vR1HaUIRhL1D7Yw; FirstLogin=Second
        dnt: 1
        connection: keep-alive
        upgrade-ınsecure-requests: 1
        [[[/REQUEST]]]
    [[[/STEP]]]

    [[[STEP]]]
        [[[REQUEST raw="true"]]]
        GET /lang/reset.res HTTP/1.1
        Host: %%%routerip%%%
        user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0
        accept: */*
        accept-language: tr
        accept-encoding: gzip, deflate
        cookie: Language=tk; FirstMenu=User_0; SecondMenu=User_0_0; ThirdMenu=User_0_0_0; SessionID_R3=8a3x2QwTfd0Me6ecIZ19rTkMyWLqB79BdnzCn6LWl7rGsLVUWE9tGBjsqph5G8mhtvf8q8ap7hK5VAJ4gwyCd8rX9lI9Fh4lyM5GrnRZG4iRHCX00vR1HaUIRhL1D7Yw; FirstLogin=Second
        dnt: 1
        connection: keep-alive
        [[[/REQUEST]]]
    [[[/STEP]]]

    [[[STEP]]]
        [[[REQUEST raw="true"]]]
        POST /html/management/reboot.cgi?RequestFile=/html/management/reset.asp HTTP/1.1
        Host: %%%routerip%%%
        user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0
        accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
        accept-language: tr
        accept-encoding: gzip, deflate
        content-type: application/x-www-form-urlencoded
        content-length: 43
        cookie: Language=tk; FirstMenu=User_0; SecondMenu=User_0_0; ThirdMenu=User_0_0_0; SessionID_R3=8a3x2QwTfd0Me6ecIZ19rTkMyWLqB79BdnzCn6LWl7rGsLVUWE9tGBjsqph5G8mhtvf8q8ap7hK5VAJ4gwyCd8rX9lI9Fh4lyM5GrnRZG4iRHCX00vR1HaUIRhL1D7Yw; FirstLogin=Second
        dnt: 1
        connection: keep-alive
        upgrade-ınsecure-requests: 1

csrf_token=rrDhZLdRERqb7QQtRnIy3YdbCczVSYv0
        [[[/REQUEST]]]
    [[[/STEP]]]

    [[[STEP]]]
        [[[REQUEST raw="true"]]]
        GET /lang/pubinfo.res HTTP/1.1
        Host: %%%routerip%%%
        user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0
        accept: */*
        accept-language: tr
        accept-encoding: gzip, deflate
        cookie: Language=tk; FirstMenu=User_0; SecondMenu=User_0_0; ThirdMenu=User_0_0_0; SessionID_R3=8a3x2QwTfd0Me6ecIZ19rTkMyWLqB79BdnzCn6LWl7rGsLVUWE9tGBjsqph5G8mhtvf8q8ap7hK5VAJ4gwyCd8rX9lI9Fh4lyM5GrnRZG4iRHCX00vR1HaUIRhL1D7Yw; FirstLogin=Second
        dnt: 1
        connection: keep-alive
        [[[/REQUEST]]]
    [[[/STEP]]]

    [[[STEP]]]
        [[[REQUEST raw="true"]]]
        POST /index/getRebootRes.cgi HTTP/1.1
        Host: %%%routerip%%%
        user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0
        accept: */*
        accept-language: tr
        accept-encoding: gzip, deflate
        cookie: Language=tk; FirstMenu=User_0; SecondMenu=User_0_0; ThirdMenu=User_0_0_0; SessionID_R3=8a3x2QwTfd0Me6ecIZ19rTkMyWLqB79BdnzCn6LWl7rGsLVUWE9tGBjsqph5G8mhtvf8q8ap7hK5VAJ4gwyCd8rX9lI9Fh4lyM5GrnRZG4iRHCX00vR1HaUIRhL1D7Yw; FirstLogin=Second
        dnt: 1
        connection: keep-alive
        content-length: 0
        [[[/REQUEST]]]
    [[[/STEP]]]

[[[/HSRC]]]


I looked at index.asp and device uses complex encryption.
part of index.asp:
Spoiler:
Code:
var cookie = "FirstMenu=" + firmenu + "; path=/";
document.cookie = cookie;
var cookie = "SecondMenu=" + secmenu + "; path=/";
document.cookie = cookie;
var cookie = "ThirdMenu=" + thirdmenu + "; path=/";
document.cookie = cookie;
var date = new Date();
date.setTime(date.getTime()+(365*24*60*60*1000));
var expires = "; expires="+date.toGMTString();
var lantype = getSelectVal('Language');
if (0 == lantype)
{
var cookie = "Language=tk" + expires + "; path=/";
}
else
{
var cookie = "Language=en" + expires + "; path=/";
}
document.cookie = cookie;
var form = new webSubmitForm();
form.setAction('/index/login.cgi');
form.addParameter('Username', Username.value);
var dbpass = base64encode(SHA256(Password.value));
var realpass = dbpass + challange;
form.addParameter('Password', SHA256(realpass));
form.addParameter('challange', challange);
form.submit();
return true;
}
function SubmitFormWithChallange(type)
{
var xmlhttp = CreateXMLHttp();
xmlhttp.onreadystatechange = function()
{
if (xmlhttp.readyState == 4)
{
if (xmlhttp.status == 200)
{
challange = eval(xmlhttp.responseText);
SubmitForm(type);
}
}
}
xmlhttp.open("get",'/html/ajaxref/updatachallangeajax.asp',true);
xmlhttp.send(null);
}

updatachallangeajax.asp output:
Spoiler:
Code:
<html><head></head><body>"wL1IxPgYioaNOiWkrftX"
</body></html>

So i need help please
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT +2. The time now is 10:23.
Provided By AppWork GmbH | Privacy | Imprint
Parts of the Design are used from Kirsch designed by Andrew & Austin
Powered by vBulletin® Version 3.8.10 Beta 1
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.