远程模拟登录,怎么通过token认证
想用PHP方式远程登录一台华为路由器,但是它使用了 token ,按照抓的HEADER和代码片段
从/asp/GetRandCount.asp取得一个Token,密码用base64encode编码后一并同用户名发送给/login.cgi
按照这种用 PHP 的 CURL 尝试远端登录路由器,结果返回提示用户名和密码,本人新手敬请老师们指点
----------------------------------------------------------
$.ajax({
type : "POST",
async : false,
cache : false,
url : '/asp/GetRandCount.asp',
success : function(data) {
cnt = data;
}
});
var Form = new webSubmitForm();
var cookie2 = "Cookie=body:" + "Language:" + Language + ":" + "id=-1;path=/";
Form.addParameter('UserName', Username.value);
Form.addParameter('PassWord', base64encode(Password.value));
document.cookie = cookie2;
Username.disabled = true;
Password.disabled = true;
Form.addParameter('x.X_HW_Token', cnt);
Form.setAction('/login.cgi');
Form.submit();
return true;
}
----------------------------------------------------------
http/192.168.100.1/asp/GetRandCount.asp
POST /asp/GetRandCount.asp HTTP/1.1
Host: 192.168.100.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:49.0) Gecko/20100101 Firefox/49.0HTTcryPt/Add-on
Accept: */*
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Referer: http/192.168.100.1/
Connection: keep-alive
Content-Length: 0
----------------------------------------------------------
http/192.168.100.1/login.cgi
POST /login.cgi HTTP/1.1
Host: 192.168.100.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:49.0) Gecko/20100101 Firefox/49.0HTTcryPt/Add-on
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: http/192.168.100.1/
Cookie: Cookie=body:Language:chinese:id=-1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
Content-Length: 83
UserName=root&PassWord=xxxxxxxxxxx&x.X_HW_Token=da2bd6366375c189b85e88f12ca72e14
版权声明:本文内容由阿里云实名注册用户自发贡献,版权归原作者所有,阿里云开发者社区不拥有其著作权,亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容,填写侵权投诉表单进行举报,一经查实,本社区将立刻删除涉嫌侵权内容。
