Answer the question
In order to leave comments, you need to log in
How to parse a password and feed it to Mikrotik?
I found a post on Habré https://habr.com/en/post/420373 The script for Mikrotik refuses to work normally, instead of a file with a password, a file of the following content is obtained
/file> print detail where name=index.php
0 name="index.php" type=".php file" size=841 creation-time=may/03/2019 12:46:55
contents=<html><body><script type="text/javascript" src="/aes.js" ></script><script>function toNumbers(d){var e=[];d.replace(/(..)/g,
function(d){e.push(parseInt(d,16))});return e}function toHex(){for(var d=[],d=1==arguments.length&&arguments[0].constructor==Array?arguments[0]:arguments
,e="",f=0;f<d.length;f++)e+=(16>d[f]?"0":"")+d[f].toString(16);return e.toLowerCase()}var a=toNumbers("f655ba9d09a112d4968c63579db590b4"), b=toNumbers("98344c2eee86c3994890592585b49f80"),c=toNumbers("a37dcb8d65f1b5d98d196ec3731b3e74");document.cookie="__test="+toHex(slowAES.decrypt(c,2,a,
b))+"; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/"; location.href="http://fenipizoju.qlihost.ru/index.php?i=1";</script><noscript>This site requires
Javascript to work, please enable Javascript in your browser or use a browser with Javascript support</noscript></body></html>
Answer the question
In order to leave comments, you need to log in
Get familiar with hosting.
It really gives the password to the browser, it gives the tick that you indicated above, check for yourself that it will spit out in curl or wget)
I can assume that the hoster is trying to mix its content because it is free.
Alternatively, you can play around with the http-header-field of the fetch command and slip the user-agent of the browser.
You need to repeat this code in PHP. The slowAES function is in a separate aes.js file.
function toNumbers(d) {
var e=[];
d.replace(
/(..)/g,
function(d) {
e.push(parseInt(d,16))
}
);
return e
}
function toHex() {
for(var d=[], d = 1 == arguments.length && arguments[0].constructor == Array ? arguments[0] : arguments, e = "", f = 0; f < d.length; f++)
e += (16 > d[f] ? "0" : "") + d[f].toString(16);
return e.toLowerCase()
}
var a = toNumbers("f655ba9d09a112d4968c63579db590b4"),
b = toNumbers("98344c2eee86c3994890592585b49f80"),
c = toNumbers("a37dcb8d65f1b5d98d196ec3731b3e74");
document.cookie = "__test=" + toHex(slowAES.decrypt(c, 2, a, b)) + "; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/";
location.href = "http://fenipizoju.qlihost.ru/index.php?i=1";
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question