用于登录的 curl 命令
curl "http://192.168.1.1/" -H "Connection: keep-alive" -H "Cache-Control: max-age=0" -H "Origin: http://192.168.1.1" -H "Upgrade-Insecure-Requests: 1" -H "DNT: 1" -H "Content-Type: application/x-www-form-urlencoded" -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36" -H "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3" -H "Referer: http://192.168.1.1/" -H "Accept-Encoding: gzip, deflate" -H "Accept-Language: en-US,en;q=0.9,ar;q=0.8" --data "frashnum=^&action=login^&Frm_Logintoken=9^&Username=admin^&Password=admin" --compressed
顺便说一句 --compressed 不起作用所以我在输入命令之前将其删除
登录前的 curl 命令
curl "http://192.168.1.1/" -H "Connection: keep-alive" -H "Cache-Control: max-age=0" -H "Upgrade-Insecure-Requests: 1" -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36" -H "DNT: 1" -H "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3" -H "Accept-Encoding: gzip, deflate" -H "Accept-Language: en-US,en;q=0.9,ar;q=0.8" --compressed
curl "http://192.168.1.1/css/login.css" -H "DNT: 1" -H "Accept-Encoding: gzip, deflate" -H "Accept-Language: en-US,en;q=0.9,ar;q=0.8" -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36" -H "Accept: text/css,*/*;q=0.1" -H "Referer: http://192.168.1.1/" -H "Connection: keep-alive" --compressed
curl "http://192.168.1.1/css/styleen.css" -H "DNT: 1" -H "Accept-Encoding: gzip, deflate" -H "Accept-Language: en-US,en;q=0.9,ar;q=0.8" -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36" -H "Accept: text/css,*/*;q=0.1" -H "Referer: http://192.168.1.1/" -H "Connection: keep-alive" --compressed
登录后
curl "http://192.168.1.1/" -H "Connection: keep-alive" -H "Cache-Control: max-age=0" -H "Origin: http://192.168.1.1" -H "Upgrade-Insecure-Requests: 1" -H "DNT: 1" -H "Content-Type: application/x-www-form-urlencoded" -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36" -H "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3" -H "Referer: http://192.168.1.1/" -H "Accept-Encoding: gzip, deflate" -H "Accept-Language: en-US,en;q=0.9,ar;q=0.8" --data "frashnum=^&action=login^&Frm_Logintoken=9^&Username=admin^&Password=admin" --compressed
curl "http://192.168.1.1/start.ghtml" -H "Connection: keep-alive" -H "Cache-Control: max-age=0" -H "Upgrade-Insecure-Requests: 1" -H "DNT: 1" -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36" -H "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3" -H "Referer: http://192.168.1.1/" -H "Accept-Encoding: gzip, deflate" -H "Accept-Language: en-US,en;q=0.9,ar;q=0.8" --compressed
curl "http://192.168.1.1/top.gch" -H "Connection: keep-alive" -H "Upgrade-Insecure-Requests: 1" -H "DNT: 1" -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36" -H "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3" -H "Referer: http://192.168.1.1/start.ghtml" -H "Accept-Encoding: gzip, deflate" -H "Accept-Language: en-US,en;q=0.9,ar;q=0.8" --compressed
curl "http://192.168.1.1/template.gch" -H "Connection: keep-alive" -H "Upgrade-Insecure-Requests: 1" -H "DNT: 1" -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36" -H "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3" -H "Referer: http://192.168.1.1/start.ghtml" -H "Accept-Encoding: gzip, deflate" -H "Accept-Language: en-US,en;q=0.9,ar;q=0.8" --compressed
重要的提示
Frm_Logintiken 是由路由器生成的令牌,每次成功登录时它基本上加一!
尽管我将其更改为路由器页面,但该命令仍然无效!
每次响应都是一样的,就像它只处理命令的第一部分一样curl "http://192.168.1.1/"
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
<head>
<META HTTP-EQUIV="pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Cache-Control" CONTENT="no-cache, must-revalidate">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>ZXHN H108N V2.5</title>
<LINK REL="stylesheet" HREF="css/login.css" TYPE="text/css" />
<LINK REL="stylesheet" HREF="css/styleen.css" TYPE="text/css" />
<script>
function getObj(id)
{
return(document.getElementById(id));
}
var SetTFlag = 0;
var maxtime;
var interval;
function setTime()
{
if(window.name>=60 || window.name<0 || window.name=="")
{
maxtime = Math.min(60, 0 + 60 - 800881);
}
else
{
maxtime = window.name;
}
if(maxtime>=0)
{
seconds = maxtime;
getObj("time").innerHTML=seconds+" secs";
if (maxtime == 0)
{
setDisable();
SetTFlag =0;
window.name="";
if(interval)
{
clearInterval(interval);
interval = 0;
}
}
else
{
--maxtime;
SetTFlag = 1;
window.name = maxtime;
}
}
}
function setinner(type)
{
if (SetTFlag ==0)
{
getObj("myLayer").style.visibility = type ;
}
}
function Transfer_meaning(id,value)
{
getObj(id).value=value;
}
function ChangeLang()
{
var lang = "English";
getObj("_lang").disabled = false;
getObj("Frm_Username").disabled = true;
getObj("Frm_Password").disabled = true;
if(true != getObj("TestLang01").disabled)
{
if ("English" == lang)
{
getObj("_lang").value = "Chinese";
}
else if ("Chinese" == lang)
{
getObj("_lang").value = "English";
}
getObj("action").value = "setlang";
getObj("Frm_Username").disabled = true;
getObj("Frm_Password").disabled = true;
getObj("LoginId").disabled = true;
document.fLogin.submit();
}
}
</script>
</head>
<body>
<div id="container">
<div id="myLayer" onmousedown="setinner('hidden')" style="position:absolute; width:185px; height:91px; z-index:9; right: 50px; top: 140px; background: url(img/pop_up.gif) no-repeat; border: 1px none #000000; visibility: hidden;">
<div id="Layer1" style="position:absolute; width:180px; height:45px; z-index:10; left: 2px; top: 28px;">
<table width="183" border="0">
<tr>
<td width="183"> <font id="errmsg" class="notecontent" ></font><span id="time" style="color:red;display:none;"></span></td>
</tr>
</table>
</div>
<div id="Layer3" style="position:absolute; width:140px; height:10px; z-index:11; left: 34px; top: 9px; font-size: 8pt;">
<font class="note" id="errnote"> Error</font>
</div>
</div>
<!--head▓┐╖╓┐¬╩╝-->
<div id="head">
<div class="type"><font id="">ZXHN H108N V2.5</font></div>
<div id="banner" style="background-image:url(img/banner.gif); background-repeat:no-repeat"></div>
</div>
<!--head▓┐╖╓╜ß╩°-->
<!--content▓┐╖╓┐¬╩╝-->
<div id="loginArea">
<form name="fLogin" id="fLogin" method="post" onsubmit="return false;" action="">
<input type="hidden" name="_lang" id="_lang" value="" disabled>
<input type="hidden" name="frashnum" id="frashnum" value="">
<input type="hidden" name="action" id="action" value="login">
<input type="hidden" name="Frm_Logintoken" id="Frm_Logintoken" value="">
<!--─┌╚▌┐¬╩╝-->
<div class="login_frame">
<ul class="login_title">
<li class="login_title_left"></li>
<li class="login_title_center">Please login to continue...</li>
<li class="login_title_right"></li>
</ul>
<div class="content login_content">
<ul class="login_blank"></ul>
<ul class="login_ul_1">
<li class="login_li_1"><span>Username</span></li>
<li class="login_li_2">
<input type="text" class="username" name="Username" id="Frm_Username">
</li>
</ul>
<ul class="login_blank"></ul>
<ul class="login_ul_1">
<li class="login_li_1"><span>Password</span></li>
<li class="login_li_2">
<input type="password" class="password" name="Password" id="Frm_Password">
</li>
<li class="login_li_3">
<input class="login" type="submit" id="LoginId" value="Login" onclick="dosubmit()">
</li>
</ul>
</div>
</div>
<!--─┌╚▌╜ß╩°-->
</form>
</div>
<!--bottom▓┐╖╓┐¬╩╝-->
<div style="font-family: Arial;font-size: 12px;text-align:center;"> © 2008-2015 ZTE Corporation. All rights reserved </div>
<div class="bottom_line"></div>
<div id="bottomx"></div>
<!--bottom▓┐╖╓╜ß╩°-->
</div>
</body>
</html>
<script>
window.name="";
function SetDisabled()
{
getObj("errmsg").innerHTML = "You have input the wrong username or password for three times. Please try again a minute later.";
getObj("Frm_Username").disabled = true;
getObj("Frm_Password").disabled = true;
getObj("LoginId").disabled = true;
getObj("myLayer").style.visibility = "visible" ;
getObj("time").style.display = "" ;
interval = setInterval("setTime()",1000);
}
function setDisable()
{
if (SetTFlag == 1)
{
getObj("Frm_Username").disabled = false;
getObj("Frm_Password").disabled = false;
getObj("LoginId").disabled = false;
getObj("time").style.display = "none";
getObj("myLayer").style.visibility = "hidden";
}
}
function dosubmit()
{
if (getObj("Frm_Username").value == "")
{
getObj("errmsg").innerHTML = "Username cannot be empty.";
getObj("myLayer").style.visibility = "visible" ;
return;
}
else
{
getObj("LoginId").disabled = true;
getObj("Frm_Logintoken").value = "16";
document.fLogin.submit();
}
}
</script>
从浏览器开发人员工具网络点击请求标头
POST / HTTP/1.1
Host: 192.168.1.1
Connection: keep-alive
Content-Length: 77
Cache-Control: max-age=0
Origin: http://192.168.1.1
Upgrade-Insecure-Requests: 1
DNT: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://192.168.1.1/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,ar;q=0.8
来自浏览器开发者工具网络水龙头的回应
HTTP/1.1 302 Moved Temporarily
Server: Mini web server 1.0 ZTE corp 2005.
Content-Type: text/html; charset=iso-8859-1
Accept-Ranges: bytes
Connection: close
Cache-Control: no-cache,no-store
Content-Length: 0
Location: /start.ghtml
只需从命令中删除向上插入符号 ^
像这样
并且不要忘记更新 Frm_Logintoken
你从路由器页面的 html 或在结果的末尾得到这个命令