From 2a7d8140f37d4d6a50970dfc250bd39c60f38a60 Mon Sep 17 00:00:00 2001 From: Petro1990 Date: Fri, 13 Mar 2026 20:20:43 +0100 Subject: [PATCH] 1 --- rci_auth.ps1 | 82 ---------------------------------------------------- 1 file changed, 82 deletions(-) delete mode 100644 rci_auth.ps1 diff --git a/rci_auth.ps1 b/rci_auth.ps1 deleted file mode 100644 index ed200d4..0000000 --- a/rci_auth.ps1 +++ /dev/null @@ -1,82 +0,0 @@ -$USER = "admin" -$PASS = "12985654" -$IP = "192.168.60.1" - -Write-Host "=== Тест авторизации Keenetic RCI ($IP) ===" - -# 1. Получение challenge и cookies -Write-Host "Step 1: Get challenge and session (cookies)..." -$cookie_file = "cookies.txt" -if (Test-Path $cookie_file) { Remove-Item $cookie_file } - -$resp = curl.exe -s -i -c $cookie_file "http://$IP/auth" -$realm = ($resp | Select-String "X-NDM-Realm: (.*)" | ForEach-Object { $_.Matches.Groups[1].Value.Trim() }) -$challenge = ($resp | Select-String "X-NDM-Challenge: (.*)" | ForEach-Object { $_.Matches.Groups[1].Value.Trim() }) - -if (-not $challenge) { - Write-Host "Error: Challenge not found in headers." -ForegroundColor Red - exit 1 -} - -Write-Host " Realm: $realm" -Write-Host " Challenge: $challenge" - -# 2. Вычисление MD5 -$md5 = [System.Security.Cryptography.MD5]::Create() -$h1_str = "${USER}:${realm}:${PASS}" -$h1_bytes = [System.Text.Encoding]::UTF8.GetBytes($h1_str) -$h1 = [System.BitConverter]::ToString($md5.ComputeHash($h1_bytes)).Replace("-", "").ToLower() - -# 5. Перебор вариантов хеширования -Write-Host "Step 2: Brute-forcing Hash variants..." -$sha256 = [System.Security.Cryptography.SHA256]::Create() -$sha512 = [System.Security.Cryptography.SHA512]::Create() - -$variants = @{ - "SHA256(challenge + MD5)" = [System.BitConverter]::ToString($sha256.ComputeHash([System.Text.Encoding]::UTF8.GetBytes("${challenge}${h1}"))).Replace("-", "").ToLower() - "SHA256(MD5 + challenge)" = [System.BitConverter]::ToString($sha256.ComputeHash([System.Text.Encoding]::UTF8.GetBytes("${h1}${challenge}"))).Replace("-", "").ToLower() - "SHA512(challenge + MD5)" = [System.BitConverter]::ToString($sha512.ComputeHash([System.Text.Encoding]::UTF8.GetBytes("${challenge}${h1}"))).Replace("-", "").ToLower() - "SHA512(MD5 + challenge)" = [System.BitConverter]::ToString($sha512.ComputeHash([System.Text.Encoding]::UTF8.GetBytes("${h1}${challenge}"))).Replace("-", "").ToLower() -} - -$rci_success = $false - -foreach ($v_name in $variants.Keys) { - $v_hash = $variants[$v_name] - Write-Host "`n--- Testing Variant: $v_name ($v_hash) ---" - - $json_payload = @{ - login = $USER - password = $v_hash - } | ConvertTo-Json -Compress - - $payload_file = "payload.json" - $json_payload | Out-File -FilePath $payload_file -Encoding utf8 - - Write-Host " Sending JSON POST to /auth..." - # Используем -b и -c для работы с куками, -d @file для JSON - $auth_resp = curl.exe -s -i -b $cookie_file -c $cookie_file -X POST -H "Content-Type: application/json" -d "@$payload_file" "http://$IP/auth" - $status = ($auth_resp | Select-String "HTTP/") - Write-Host " Status: $status" - - if ($status -match "200 OK") { - Write-Host " SUCCESS! Auth accepted via JSON POST." -ForegroundColor Green - Write-Host " Testing RCI access..." - $rci = curl.exe -s -b $cookie_file "http://$IP/rci/system/hostname" - Write-Host " RCI Response: $rci" - if ($rci -match "hostname") { - $rci_success = $true - break - } - } else { - Write-Host " Failed with status: $status" -ForegroundColor Yellow - $auth_resp | Select-String "{" | ForEach-Object { Write-Host " Server response: $_" } - } -} - -if ($rci_success) { - Write-Host "`nFINAL SUCCESS!" -ForegroundColor Green -} else { - Write-Host "`nFINAL FAILURE." -ForegroundColor Red - exit 1 -}