模拟登录
通过调试进行分析ikuai登录流程,并进行模拟登录
- ikuai_ip 该参数为ikuai路由器的ip
- username 登录的用户
- password 登录密码
#!/bin/bash
#
#
ikuai_ip='10.66.0.1'
username='admin'
password='adminpwd..'
cookie_name='ikuai_cookie.txt'
useragent="User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.60"
contenttype="Content-Type: application/json;charset=UTF-8"
# 1密码加密,并模拟登录,获取cookie
ikuai_passwd=`echo -n "${password}" | md5sum |awk -F " " '{print $1}'`
ikuai_pass=`echo 'salt_11'${password} | base64`
curl -k \
-H '$useragent' \
-H '$contenttype' \
-d '{"username":"'"$username"'","passwd":"'"$ikuai_passwd"'","pass":"'"$ikuai_pass"'","remember_password":null}' \
-c "$cookie_name" \
https://$ikuai_ip/Action/login
登录成功之后,会拿到返回信息,如下
{"Result":10000,"ErrMsg":"Success"}设置修改dns解析
通过浏览器调试,拿到数据
发送具体的数据,可以通过右键,获取到bash的命令
内容大概如下:
curl 'http://10.66.0.1/Action/call' \
-H 'Accept: application/json, text/plain, */*' \
-H 'Accept-Language: zh-CN,zh;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6' \
-H 'Cache-Control: no-cache' \
-H 'Connection: keep-alive' \
-H 'Content-Type: application/json;charset=UTF-8' \
-H 'Cookie: sess_key=fd3afac89381760bef94e60fcf3118cc; username=gmik.admin; login=1' \
-H 'Origin: http://10.66.0.1' \
-H 'Pragma: no-cache' \
-H 'Referer: http://10.66.0.1/' \
-H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.60' \
--data-raw '{"func_name":"dns","action":"edit","param":{"domain":"hello.nineven.com","dns_addr":"10.66.8.111","is_ipv6":0,"enabled":"yes","src_addr":"","comment":"","id":4}}' \
--compressed \
--insecure把要拼接的数据准备好,也就是 --data-raw 对应的数据
curl -k \
-H '$useragent' \
-H '$contenttype' \
-d '{"domain":"hello.nineven.com","dns_addr":"10.66.8.111","is_ipv6":0,"enabled":"yes","src_addr":"","comment":"","id":4}}' \
-b "$cookie_name" \
http://$ikuai_ip/Action/call
通过拼接,就可以正常发送配置请求,返回结果如下:
{"Result":30000,"ErrMsg":"Success"}比对
通过登录ikuai管理后台,查看刚才的dns已经成功修改,说明脚本已经成功执行
