r00t2/optools
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

change to python3 instead of explicit 3.6

Browse Source
This commit is contained in:
brent s
2018-08-07 10:54:59 -04:00
parent e1cd54a7b2
commit 8c9a3cd14b
21 changed files with 1007 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
net/devices/actiontec/ActionTec/Cmd.py Executable file
View File

@@ -0,0 +1 @@
#!/usr/bin/env python3.6

66
net/devices/actiontec/ActionTec/Connector.py Executable file
View File

@@ -0,0 +1,66 @@
#!/usr/bin/env python3.6
# stdlib
import re
import socket
def CheckConnection(host, port):
# We favor socket over telnetlib's check because it has a little better
# handling of exceptions.
try:
port = int(port) # just in case we were passed a str()
except ValueError:
raise ValueError('"{0}" is not a port number'.format(port))
# In case they're catching the exception...
return(False)
s = socket.socket()
try:
s.connect((host, port))
except Exception as e:
raise RuntimeError(('We were unable to successfully connect to ' +
'"{0}:{1}": {2}').format(host, port, e))
return(False)
finally:
s.close()
return(True)
def Login(host, port, ssl, user, password):
user_prompt = [re.compile('^\s*user(name)?\s*:?\s*'.encode('utf-8'),
re.IGNORECASE)]
passwd_prompt = [re.compile('^\s*passw(or)d?\s*:?\s*'.encode('utf-8'),
re.IGNORECASE)]
# Are there any other valid chars? Will need to experiment.
# How is this even set? The default is "Wireless Broadband Router".
# I think it can't be changed, at least via the Web GUI.
cmd_prompt = [re.compile('[-_a-z0-9\s]*>'.encode('utf-8'),
re.IGNORECASE)]
ctx = None
ctxargs = {'host': host, 'port': port}
try:
if ssl:
try:
from ssltelnet import SslTelnet as telnet
ctxargs['force_ssl'] = True
except ImportError:
raise ImportError(('You have enabled SSL but do not have ' +
'the ssltelnet module installed. See ' +
'the README file, footnote [1].'))
else:
from telnetlib import Telnet as telnet
ctx = telnet(**ctxargs)
ctx.expect(user_prompt, timeout = 8)
ctx.write((user + '\n').encode('utf-8'))
ctx.expect(passwd_prompt, timeout = 8)
ctx.write((password + '\n').encode('utf-8'))
ctx.expect(cmd_prompt, timeout = 15)
except EOFError:
if ctx:
ctx.close()
ctx = None
except Exception as e:
raise RuntimeError(('We encountered an error when trying to connect:' +
' {0}').format(e))
if ctx:
ctx.close()
ctx = None
return(ctx)

33
net/devices/actiontec/ActionTec/__init__.py Executable file
View File

@@ -0,0 +1,33 @@
#!/usr/bin/env python3.6
import .Cmd as Cmd
import .Connector as Connector
class Router(object):
def __init__(self, host, port, user, password, ssl = False):
self.host = host
self.port = port
self.user = user
self.password = password
self.ssl = ssl
self.ctx = None
# Convenient shorthand. See "help.all.txt".
self.cmds = {'reboot': 'system reboot',
'wipe': 'conf factory restore',
# this will... require an interactive session
'shell': 'system shell'}
def connect(self):
# We don't need to define an except, really.
# The function handles that for us.
Connector.CheckConnection(self.host, self.port)
self.ctx = Connector.Login(self.host, self.port, self.ssl, self.user,
self.password)
return()
def execute(self):
pass
def close(self):
if self.ctx:
self.ctx.close()

177
net/devices/actiontec/ActionTec/help.all.txt Normal file
View File

@@ -0,0 +1,177 @@
Command Category wanmonitor - wanmonitor commands for rtd, do not use it directly
get notify wanmonitor to send wan type to rtd
exit Exit sub menu
help Show help for commands within this menu
Command Category conf - Read and write Wireless Broadband Router configuration data
factory Factory related commands
print Print Wireless Broadband Router configuration
set Set Wireless Broadband Router configuration path to value
set_obscure Set Wireless Broadband Router configuration path to an
obscured value
del Delete subtree from Wireless Broadband Router configuration
ram_set Set Wireless Broadband Router dynamic configuration
ram_print Print Wireless Broadband Router dynamic configuration
reconf Reconfigure the system according to the current Wireless
Broadband Router configuration
firmware_restore Restore to saved firmware and reboot.
exit Exit sub menu
help Show help for commands within this menu
Command Category upnp - UPnP commands
igd IGD commands
status Display UPnP status
exit Exit sub menu
help Show help for commands within this menu
Command Category qos - Control and display QoS data
utilization Connection utilization information
exit Exit sub menu
help Show help for commands within this menu
Command Category wmm - wmm configuration and control
get get the specified entry
set set the specified entry
del del the specified entry
get_dev get the entries of the specified device
exit Exit sub menu
help Show help for commands within this menu
Command Category cwmp - CWMP related commands
status Print CWMP status
session_start Start CWMP session to ACS
session_stop Stop CWMP session
indexes Print CWMP devices indexes
exit Exit sub menu
help Show help for commands within this menu
Command Category bridge - API for managing ethernet bridge
connection connect separate network interfaces to form one seamless LAN
config Configure bridge
info Print bridge information
exit Exit sub menu
help Show help for commands within this menu
Command Category firewall - Control and display Firewall and NAT data
restart Stop and start Firewall & NAT
start Start Firewall & NAT
stop Stop Firewall & NAT
filter Turn Firewall packet inspection on/off
mac_cache_dump Dump MAC cache data
dump Display Firewall data
variable Display variables of the firewall rules
trace Trace packet traversal via the Firewall ruleset
fastpath Turns firewall fastpath feature on/off (default is on)
exit Exit sub menu
help Show help for commands within this menu
Command Category connection - API for managing connections
pppoe Configure pppoe interface
vlan Configure vlan interface
exit Exit sub menu
help Show help for commands within this menu
Command Category inet_connection - API for managing internet connections
pppoe Configure pppoe internet connection
ether Configure ethernet internet connection
exit Exit sub menu
help Show help for commands within this menu
Command Category misc - API for Wireless Broadband Router miscellaneous tasks
print_ram print ram consumption for each process
vlan_add Add VLAN interface
top Profiling over event loop and estream
wbm_debug_set Stop and start WBM debug mode
wbm_border_set Stop and start WBM border mode
knet_hooks_dump Dump to console which knet_hooks run on each device
malloc_info Print memory information of malloc module
malloc_trim Free unused allocated memory in malloc module
exit Exit sub menu
help Show help for commands within this menu
Command Category firmware_update - Firmware update commands
start Remotely upgrade Wireless Broadband Router
cancel Kill running remote upgrade
exit Exit sub menu
help Show help for commands within this menu
Command Category log - Controls Wireless Broadband Router logging behavior
filter Controls the CLI session logging behavior
print Print the contents of a given syslog buffer to the console
clear Clear the contents of a given syslog buffer
exit Exit sub menu
help Show help for commands within this menu
Command Category dev - Device related commands
mv88e60xx Marvell MV88e60xx Ethernet Switch commands
moca MOCA commands
mii_reg_get Get Ethernet MII register value
mii_reg_set Set Ethernet MII register value
mii_phy_reg_get Get Ethernet MII register value
mii_phy_reg_set Set Ethernet MII register value
exit Exit sub menu
help Show help for commands within this menu
Command Category kernel - Kernel related commands
sys_ioctl issue openrg ioctl
meminfo Print memory information
top Print Wireless Broadband Router's processes memory usage
cpu_load_on Periodically shows cpu usage.
cpu_load_off Stop showing cpu usage (triggered by cpu_load_on).
cpu_load_avg Shows average cpu usage of last 1, 5 and 15 minutes.
exit Exit sub menu
help Show help for commands within this menu
Command Category system - Commands to control Wireless Broadband Router execution
http_intercept_status Display HTTP intercept status
diag_test run diagtest 0=all or select 1-9 for TBHR
..TLANIPSTB
diag_correction run corrections -- may reboot or reset BHR
die Exit from Wireless Broadband Router and return ret
ps Print Wireless Broadband Router's tasks
entity_close Close an entity
etask_list_dump Dump back trace of all etasks
restore_factory_settings Restore factory configuration
reboot Reboot the system
ver Display version information
print_config Print compilation configuration. Search for option
if specified
exec Execute program
cat Print file contents to console
shell Spawn busybox shell in foreground
date Print the current UTC and local time
print_page Print page id and name
exit Exit sub menu
help Show help for commands within this menu
Command Category flash - Flash and loader related commands
commit Save Wireless Broadband Router configuration to flash
erase Erase a given section in the flash
load Load and burn image
boot Boot the system
bset Configure bootloader
layout Print the flash layout and content
dump Dump the flash content
lock Lock mtd region
unlock Unlock mtd region
exit Exit sub menu
help Show help for commands within this menu
Command Category net - Network related commands
dns_route Dyncamic Routing according to DNS replies
igmp IGMP Proxy related commands
host Resolve host by name
protected_setup Network related commands
wsc wps related commands
ifconfig Configure network interface
ping Test network connectivity
rg_ifconfig List Wireless Broadband Router Network Devices
route Print route table
main_wan Print the name of the current main wan device
intercept_state Print interception state
exit Exit sub menu
help Show help for commands within this menu
Command Category cmd - Commands related to the Command module
exit Exit from the current CLI session
help Show help for commands within this menu

122
net/devices/actiontec/README Normal file
View File

@@ -0,0 +1,122 @@
This has been confirmed to work for, at the very least, my own Verizon Fi-OS
Actiontec MI424WR-GEN3I on firmware 40.21.24. It might work on other models as
well, but this hasn't been tested.
No non-stdlib modules are required.
Place your routers credentials in ~/.config/optools/actiontec_mgmt.json
in the following format:
(pay close attention to the quoting)
(minified json is OK/whitespace-insensitive):
_______________________________________________________________________________
{
"ip_addr": "192.168.1.1",
"user": "admin",
"password": "admin",
"ssl": false,
"port": 23
}
_______________________________________________________________________________
IF:
- That file isn't found:
-- A default (blank) one will be created (with secure permissions). All values
will be null (see below).
- "ip_addr" is null:
-- You will be prompted for the IP address interactively. (If you don't know
the IP address of it, it's probably the default -- "192.168.1.1".)
- "user" is null:
-- You will be prompted for the username to log in interactively. (If you don't
know the username, it's probably the default -- "admin".)
- "password" is null:
-- You will be prompted for the password. When being prompted, it will NOT echo
back (like a sudo prompt).
- "ssl" is null:
-- The default (false) will be used.
- "port" is null:
-- The default port (23) will be used.
TIPS:
- You need to ensure that you have the management interface enabled. Log into
your Actiontec's web interface, and:
1.) "Advanced" button (at the top)
2.) "Yes" button
3.) a.) Choose "Local administration" if you'll be managing the device within
the network it provides.[0]
b.) Choose "Remote administration" if you'll be managing the device
outside the network it provides (i.e. over the Internet).[0]
3.5) The "Telnet" options are what you want, ignore the "Web" settings.
4.) Select the protocols/ports you'll be using. SEE FOOTNOTE 0 ([0])!
5.) Click the "Apply" button.
- "ip_addr" can also be a host/DNS name -- just make sure it resolves on your
local machine to your Actiontec IP address! The default, at least on mine,
was "wireless_broadband_router" (can be changed via Advanced > Yes > System
Settings > Wireless Broadband Router's Hostname):
[bts@cylon ~]$ nslookup wireless_broadband_router 192.168.1.1
Server: 192.168.1.1
Address: 192.168.1.1#53
Name: wireless_broadband_router
Address: 192.168.1.1
Name: wireless_broadband_router
Address: <YOUR_PUBLIC_IP_ADDRESS>
- Unfortunately it's a necessity to store the password in plaintext currently.
Future versions may give the option of encrypting it via GPG and using an
existing GPG agent session to unlock (if there's demand for such a feature).
Make sure your machine's files are safe (I recommend full-disk encryption).
[0] NOTE: ENABLING MANAGEMENT CAN BE HIGHLY INSECURE, *ESPECIALLY* IF ENABLING
"REMOTE ADMINISTRATION"! *ONLY* DO THIS IF YOU UNDERSTAND THE RISKS
AND HAVE ACCOUNTED FOR THEM. TELNET PASSES CREDENTIALS IN PLAINTEXT
BY DEFAULT, AND IF SOMEONE NASTY GETS THEIR HANDS ON YOUR DEVICE'S
CREDENTIALS THEY CAN DO *VERY* NASTY THINGS. I REFUSE ANY AND ALL
LIABILITY YOU OPEN YOURSELF UP TO BY ENABLING THIS. AT *LEAST* USE
THE "USING SECURE TELNET OVER SSL PORT"[1] OPTION.
YOU HAVE BEEN WARNED.
[1] NOTE: Even if using SSL, it's HIGHLY insecure and not to be trusted. The
key has been leaked (as of 2018-04-12):
https://code.google.com/archive/p/littleblackbox/
and it uses VERY weak ciphers, at that:
_____________________________________________________________________
| ssl-cert: Subject: commonName=ORname_Jungo: OpenRG Products Group/|
| countryName=US |
| Not valid before: 2004-06-03T11:11:43 |
|_Not valid after: 2024-05-29T11:11:43 |
|_ssl-date: 2018-04-12T09:42:22+00:00; -1s from scanner time. |
|_ssl-known-key: Found in Little Black Box 0.1 - |
| http://code.google.com/p/littleblackbox/ |
| (SHA-1: 4388 33c0 94f6 afc8 64c6 0e4a 6f57 e9f4 d128 1411)|
| sslv2: |
| SSLv2 supported |
| ciphers: |
| SSL2_RC4_128_WITH_MD5 |
| SSL2_RC4_64_WITH_MD5 |
| SSL2_RC2_128_CBC_EXPORT40_WITH_MD5 |
| SSL2_RC4_128_EXPORT40_WITH_MD5 |
| SSL2_DES_192_EDE3_CBC_WITH_MD5 |
| SSL2_RC2_128_CBC_WITH_MD5 |
|_ SSL2_DES_64_CBC_WITH_MD5 |
|___________________________________________________________________|
It's generally probably not even worth it, to be honest. You'll get
more security mileage out of firewalling off to select hosts/nets.
But, if you insist on having it and using it, you will ALSO need to
install the following module:
ssltelnet
https://pypi.python.org/pypi/ssltelnet

1
net/devices/actiontec/actiontec_mgmt.py Executable file
View File

@@ -0,0 +1 @@
#!/usr/bin/env python3.6