从路由器解析数据时出现授权错误
Authorization error when parsing data from router
我想从我的路由器中删除数据以实现一些家庭自动化,但我遇到了一些麻烦我不能solve/crack。
我已成功登录路由器,但是当使用 python 脚本访问数据时(在路由器 Web 界面中打开链接)我收到一条错误消息:您无权访问此路由器!
如果我手动将 url 正在访问的 python 脚本复制并粘贴到浏览器(设置了 cookie)中,响应是相同的。但是,如果我单击路由器 Web 界面中的按钮,我不会收到 "authority" 抱怨。有什么解决办法吗?
这是脚本:
import re
import mechanize
import cookielib
br = mechanize.Browser()
cookies = cookielib.LWPCookieJar()
br.set_cookiejar(cookies)
#they "encrypt" the username and password and store it into the cookie. I stole this value from javascript in runtime.
br.addheaders = [('Cookie','Authorization=Basic YWRtaW46MjEyMzJmMjk3YTU3YTVhNzQzODk0YTBlNGE4MDFmYzM=;')]
#open connection to the router address
br.open('http://192.168.1.1/')
#the only form is "login" form (which we dont have to fill up, because we already have the cookie)
br.select_form(nr=0)
br.form.enctype = "application/x-www-form-urlencoded"
br.submit()
#then the router returns redirect script, so we have to parse it (get the url).
redirect_url = re.search('(http:\/\/[^"]+)',br.response().read()).group(1)
token = re.search("1\/([A-Z]+)\/",redirect_url).group(1) #url always has a random token inside (some kind of security?)
#So with this url I should be able to navigate to page containing list of DHCP clients
br.open("http://192.168.1.1/"+token+"/userRpm/AssignedIpAddrListRpm.htm")
print(br.response().read()) #But response contains html saying "You have no authority to access this router!".
我已经通过添加以下内容解决了这个问题:
br.addheaders.append(
('Referer', "http://192.168.1.1/userRpm/LoginRpm.htm?Save=Save")
)
原因:
在网络上搜索消息后,我导航到一个论坛,使用 firefox 版本(旧)的用户抱怨同样的警告。修复是为了能够发送推荐人,所以我在脚本中做了同样的事情并且成功了。
我想从我的路由器中删除数据以实现一些家庭自动化,但我遇到了一些麻烦我不能solve/crack。
我已成功登录路由器,但是当使用 python 脚本访问数据时(在路由器 Web 界面中打开链接)我收到一条错误消息:您无权访问此路由器!
如果我手动将 url 正在访问的 python 脚本复制并粘贴到浏览器(设置了 cookie)中,响应是相同的。但是,如果我单击路由器 Web 界面中的按钮,我不会收到 "authority" 抱怨。有什么解决办法吗?
这是脚本:
import re
import mechanize
import cookielib
br = mechanize.Browser()
cookies = cookielib.LWPCookieJar()
br.set_cookiejar(cookies)
#they "encrypt" the username and password and store it into the cookie. I stole this value from javascript in runtime.
br.addheaders = [('Cookie','Authorization=Basic YWRtaW46MjEyMzJmMjk3YTU3YTVhNzQzODk0YTBlNGE4MDFmYzM=;')]
#open connection to the router address
br.open('http://192.168.1.1/')
#the only form is "login" form (which we dont have to fill up, because we already have the cookie)
br.select_form(nr=0)
br.form.enctype = "application/x-www-form-urlencoded"
br.submit()
#then the router returns redirect script, so we have to parse it (get the url).
redirect_url = re.search('(http:\/\/[^"]+)',br.response().read()).group(1)
token = re.search("1\/([A-Z]+)\/",redirect_url).group(1) #url always has a random token inside (some kind of security?)
#So with this url I should be able to navigate to page containing list of DHCP clients
br.open("http://192.168.1.1/"+token+"/userRpm/AssignedIpAddrListRpm.htm")
print(br.response().read()) #But response contains html saying "You have no authority to access this router!".
我已经通过添加以下内容解决了这个问题:
br.addheaders.append(
('Referer', "http://192.168.1.1/userRpm/LoginRpm.htm?Save=Save")
)
原因:
在网络上搜索消息后,我导航到一个论坛,使用 firefox 版本(旧)的用户抱怨同样的警告。修复是为了能够发送推荐人,所以我在脚本中做了同样的事情并且成功了。