Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
X
X
xahovit2019-05-03 10:12:58
PHP
xahovit, 2019-05-03 10:12:58

How to parse a password and feed it to Mikrotik?

I found a post on Habré https://habr.com/en/post/420373 The script for Mikrotik refuses to work normally, instead of a file with a password, a file of the following content is obtained

/file> print detail where name=index.php                       
 0 name="index.php" type=".php file" size=841 creation-time=may/03/2019 12:46:55 
   contents=<html><body><script type="text/javascript" src="/aes.js" ></script><script>function toNumbers(d){var e=[];d.replace(/(..)/g,
         function(d){e.push(parseInt(d,16))});return e}function toHex(){for(var d=[],d=1==arguments.length&&arguments[0].constructor==Array?arguments[0]:arguments
         ,e="",f=0;f<d.length;f++)e+=(16>d[f]?"0":"")+d[f].toString(16);return e.toLowerCase()}var a=toNumbers("f655ba9d09a112d4968c63579db590b4"),      b=toNumbers("98344c2eee86c3994890592585b49f80"),c=toNumbers("a37dcb8d65f1b5d98d196ec3731b3e74");document.cookie="__test="+toHex(slowAES.decrypt(c,2,a,
         b))+"; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/"; location.href="http://fenipizoju.qlihost.ru/index.php?i=1";</script><noscript>This site requires 
         Javascript to work, please enable Javascript in your browser or use a browser with Javascript support</noscript></body></html>

If you open fenipizoju.qlihost.ru/index.php in a browser, then the password is normally displayed. How to parse a password and feed it to Mikrotik?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
P
poisons, 2019-05-03
@poisons

Get familiar with hosting.
It really gives the password to the browser, it gives the tick that you indicated above, check for yourself that it will spit out in curl or wget)
I can assume that the hoster is trying to mix its content because it is free.
Alternatively, you can play around with the http-header-field of the fetch command and slip the user-agent of the browser.

Report
R
Rsa97, 2019-05-03
@Rsa97

You need to repeat this code in PHP. The slowAES function is in a separate aes.js file.

function toNumbers(d) {
  var e=[];
  d.replace(
    /(..)/g,
    function(d) {
      e.push(parseInt(d,16))
    }
  );
  return e
}

function toHex() {
  for(var d=[], d = 1 == arguments.length && arguments[0].constructor == Array ? arguments[0] : arguments, e = "", f = 0; f < d.length; f++)
    e += (16 > d[f] ? "0" : "") + d[f].toString(16);
  return e.toLowerCase()
}

var a = toNumbers("f655ba9d09a112d4968c63579db590b4"),
    b = toNumbers("98344c2eee86c3994890592585b49f80"),
    c = toNumbers("a37dcb8d65f1b5d98d196ec3731b3e74");

document.cookie = "__test=" + toHex(slowAES.decrypt(c, 2, a, b)) + "; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/";
location.href = "http://fenipizoju.qlihost.ru/index.php?i=1";

Similar questions
S
sinout2017-04-05 02:08:24
Does it make sense to use Immutable along with React? 4Reply
Y
Yuri Kulaxyz2019-09-21 23:05:53
Why doesn't Laravel sort() work? 3Reply
M
MarEeeeeee2021-04-07 17:49:27
Do I get an error when using useState? 3Reply
Y
Yaroslav2019-10-03 12:49:21
Where and how to find free labor for the for fun project and where to discuss ideas? 7Reply
P
Pashchuk Ilya2017-05-09 21:42:00
How to resize a block when dragging in css3 and html5? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question