[go: up one dir, main page]

Skip to content
/ Fickport Public

Tools to automatically restart "Speedport Entry 2" shitty routers

License

Notifications You must be signed in to change notification settings

Gia90/Fickport

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

49 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Fickport

Introduction

The Speedport Entry 2 is an entry level modem/router produced by "Deutsche Telekom".
This device is quite bad and its performances tend to degrade over time.

The most common solution to this problem is made of several steps:

  • Stand up
  • Reach the Speedport Entry 2
  • Pull the plug
  • Wait few seconds
  • Plug it back again
  • Get back to what we were doing

Although this solution proved to be quite effective, it turned out to be also quite annoying.
For this reason, the "Fickport" project was born :)

How to use

There are different ways to use the Fickport tools.
The next paragraphs describe the possible uses.

Manual reboot

The simplest way to use the Fickport tools is to manually run the fickport.sh bash script, everytime we start noticing the first signs of slowness in the network. It's important to specify the correct device password for our Speedport router in the script, so that it will be able to succesfully login and reboot our beloved router.

Unfortunately, this solution can be used only before the network becomes so slow to be actually unusable. In this case, only 2 possibilities are left:

  • Stand up and follow the "most common solution" steps written above
  • Ask someone to perform the "most common solution" steps above

The real (dirty) solution would be preventing the performance degradation by daily rebooting the router.

Auto daily reboot

If in your network there's an always alive and connected linux device, you could use it to periodically run the fickport.sh script and automatically reboot the router.

In my real scenario, a "Fritz!WLAN Repeater" is always connected to the local network, so I decided to use it to run the "fickport.sh" rebooting script.

Have a look at the fritz-image sub-folder files to learn more about it

Technical details

Wanna know more about techy stuff behind this project?
Read further!

Speedport Entry 2

Have I already said that the Speedport Entry 2 is a shitty router?
Let's talk about how it is working under the hood.

Login process

In this paragraph we describe the login logic behind the Speedport Entry 2 web interface.

The following Javascript code is a slightly simplified version of the real one used on the speedport:

function hash(devpwd, challenge){
 var hash_pwd = devpwd+challenge;
 var password = sjcl.codec.hex.fromBits(sjcl.hash.sha256.hash(hash_pwd));
 return password;
}

so the typed in device password is:

  • concatenated with a challenge value generated by the server (obtained through a XmlHttpRequest)
  • this combination is then hashed (sha256)
  • sent to the server as HTTP POST request.

The POST request is similar to this one:

wget --save-cookies cookies.txt \
     --keep-session-cookies \
     --post-data "password=${hashpwd}&showpw=0&csrf_token=sercomm_csrf_token" \
     --delete-after \
     "http://${speedport}/data/Login.json?lang=en"

CSRF Token

To perform any further operation, the speedport requires a "CSRF token" to be passed together with the HTTP request to prove that the request actually came from the Speedport Web interface.
This token is stored directly in the "index.html" page source served by the speedport and is generated everytime the "index.html" is requested by a client.

Badly enough, only the last generated CSRF token is considered valid by the server.

It means that if we continuosly request the "index.html" to the server, we would easily cause a Denial of Service, making any login attempted by any user fail, even with the proper password.

The CSRF token is programmatically extractable in this way:

csrftoken=$(wget --load-cookies cookies.txt -q -O - "http://${speedport}/html/content/overview/index.html?lang=en" | grep "var csrf_token " | cut -d "'" -f 2)

With this token we are now able to programmatically reproduce any action available on the web UI, otherwise only manually triggerable.

Reboot

In our specific use case, we need to request a "reboot" action.
The HTTP call to perform a reboot is the following one:

wget --load-cookies cookies.txt \
     --post-data "reboot_device=true&csrf_token=${csrftoken}" \
     --delete-after \
     "http://${speedport}/data/Reboot.json?_time=1511727315027&_rand=666&csrf_token=${csrftoken}&lang=en"

More info

Read the content of fickport.sh to know more about the HTTP calls used to execute commands on the Speedport device.

About

Tools to automatically restart "Speedport Entry 2" shitty routers

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages