2 require_once('RebootException.class.php');
3 require_once('RouterException.class.php');
6 * @author Jan Altensen (Stricted)
7 * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
8 * @copyright 2015 Jan Altensen (Stricted)
10 class SpeedportHybrid
{
15 const VERSION
= '1.0.3';
21 private $challenge = '';
51 private $derivedk = '';
53 public function __construct ($url = 'http://speedport.ip/') {
58 * Requests the password-challenge from the router.
60 private function getChallenge () {
61 $path = 'data/Login.json';
62 $fields = array('csrf_token' => 'nulltoken', 'showpw' => 0, 'challengev' => 'null');
63 $data = $this->sentRequest($path, $fields);
64 $data = $this->getValues($data['body']);
66 if (isset($data['challengev']) && !empty($data['challengev'])) {
67 return $data['challengev'];
70 throw new RouterException('unable to get the challenge from the router');
75 * login into the router with the given password
77 * @param string $password
80 public function login ($password) {
81 $this->challenge
= $this->getChallenge();
83 $path = 'data/Login.json';
84 $this->hash
= hash('sha256', $this->challenge
.':'.$password);
85 $fields = array('csrf_token' => 'nulltoken', 'showpw' => 0, 'password' => $this->hash
);
86 $data = $this->sentRequest($path, $fields);
87 $json = $this->getValues($data['body']);
89 if (isset($json['login']) && $json['login'] == 'success') {
90 $this->cookie
= $this->getCookie($data);
92 $this->derivedk
= $this->getDerviedk($password);
95 $this->token
= $this->getToken();
97 if ($this->checkLogin(false) === true) {
106 * check if we are logged in
108 * @param boolean $exception
111 public function checkLogin ($exception = true) {
112 // check if challenge or session is empty
113 if (empty($this->challenge
) ||
empty($this->cookie
)) {
114 if ($exception === true) {
115 throw new RouterException('you musst be logged in to use this method');
121 $path = 'data/SecureStatus.json';
123 $data = $this->sentRequest($path, $fields, true);
124 $data = $this->getValues($data['body']);
126 if ($data['loginstate'] != 1) {
127 if ($exception === true) {
128 throw new RouterException('you musst be logged in to use this method');
142 public function logout () {
145 $path = 'data/Login.json';
146 $fields = array('csrf_token' => $this->token
, 'logout' => 'byby');
147 $data = $this->sentRequest($path, $fields, true);
148 $data = $this->getValues($data['body']);
149 if ((isset($data['status']) && $data['status'] == 'ok') && $this->checkLogin(false) === false) {
150 // reset challenge and session
151 $this->challenge
= '';
154 $this->derivedk
= '';
167 public function reboot () {
170 $path = 'data/Reboot.json';
171 $fields = array('csrf_token' => $this->token
, 'reboot_device' => 'true');
172 $data = $this->sentEncryptedRequest($path, $fields, true);
173 $data = $this->getValues($data['body']);
175 if ($data['status'] == 'ok') {
176 // throw an exception because router is unavailable for other tasks
177 // like $this->logout() or $this->checkLogin
178 throw new RebootException('Router Reboot');
185 * change dsl connection status
187 * @param string $status
190 public function changeConnectionStatus ($status) {
193 $path = 'data/Connect.json';
195 if ($status == 'online' ||
$status == 'offline') {
196 $fields = array('csrf_token' => 'nulltoken', 'showpw' => 0, 'password' => $this->hash
, 'req_connect' => $status);
197 $data = $this->sentRequest($path, $fields, true);
198 $data = $this->getValues($data['body']);
200 if ($data['status'] == 'ok') {
208 throw new RouterException();
213 * get uptime based on online (connection) time
217 public function getUptime () {
218 // TODO: search for a better solution, calling Connect.json need some time
219 $data = $this->getData('Connect');
220 $data = $this->getValues($data);
222 return $data['days_online'];
226 * return the given json as array
228 * @param string $file
231 public function getData ($file) {
232 if ($file != 'Status') $this->checkLogin();
234 $path = 'data/'.$file.'.json';
236 $data = $this->sentRequest($path, $fields, true);
238 return $data['body'];
242 * get the router syslog
246 public function getSyslog() {
247 return $this->exportData('0');
251 * get the Missed Calls from router
255 public function getMissedCalls() {
256 return $this->exportData('1');
260 * get the Taken Calls from router
264 public function getTakenCalls() {
265 return $this->exportData('2');
269 * get the Dialed Calls from router
273 public function getDialedCalls() {
274 return $this->exportData('3');
278 * export data from router
282 private function exportData ($type) {
285 $path = 'data/Syslog.json';
286 $fields = array('exporttype' => $type);
287 $data = $this->sentRequest($path, $fields, true);
289 return explode("\n", $data['body']);
297 public function reconnectLte () {
300 $path = 'data/modules.json';
301 $fields = array('csrf_token' => $this->token
, 'lte_reconn' => '1');
302 $data = $this->sentEncryptedRequest($path, $fields, true);
304 return $data['body'];
308 * reset the router to Factory Default
313 public function resetToFactoryDefault () {
316 $path = 'data/resetAllSetting.json';
317 $fields = array('csrf_token' => 'nulltoken', 'showpw' => 0, 'password' => $this->hash
, 'reset_all' => 'true');
318 $data = $this->sentRequest($path, $fields, true);
320 return $data['body'];
325 * check if firmware is actual
329 public function checkFirmware () {
332 $path = 'data/checkfirmware.json';
333 $fields = array('checkfirmware' => 'true');
334 $data = $this->sentRequest($path, $fields, true);
336 return $data['body'];
340 * decrypt data from router
342 * @param string $data
345 private function decrypt ($data) {
346 require_once 'CryptLib/CryptLib.php';
347 $factory = new CryptLib\Cipher\
Factory();
348 $aes = $factory->getBlockCipher('rijndael-128');
350 $iv = hex2bin(substr($this->challenge
, 16, 16));
351 $adata = hex2bin(substr($this->challenge
, 32, 16));
352 $dkey = hex2bin($this->derivedk
);
353 $enc = hex2bin($data);
356 $mode = $factory->getMode('ccm', $aes, $iv, [ 'adata' => $adata, 'lSize' => 7]);
358 $mode->decrypt($enc);
360 return $mode->finish();
364 * decrypt data for the router
369 private function encrypt ($data) {
370 require_once 'CryptLib/CryptLib.php';
371 $factory = new CryptLib\Cipher\
Factory();
372 $aes = $factory->getBlockCipher('rijndael-128');
374 $iv = hex2bin(substr($this->challenge
, 16, 16));
375 $adata = hex2bin(substr($this->challenge
, 32, 16));
376 $dkey = hex2bin($this->derivedk
);
379 $mode = $factory->getMode('ccm', $aes, $iv, [ 'adata' => $adata, 'lSize' => 7]);
380 $mode->encrypt(http_build_query($data));
382 return bin2hex($mode->finish());
386 * get the values from array
388 * @param array $array
391 private function getValues($array) {
393 foreach ($array as $item) {
394 // thank you telekom for this piece of bullshit
395 if ($item['vartype'] == 'template') {
396 $data[$item['varid']] = $this->getValues($item['varvalue']);
399 if (is_array($item['varvalue'])) {
400 $data[$item['varid']] = $this->getValues($item['varvalue']);
403 $data[$item['varid']] = $item['varvalue'];
412 * sends the encrypted request to router
414 * @param string $path
415 * @param mixed $fields
416 * @param string $cookie
419 private function sentEncryptedRequest ($path, $fields, $cookie = false) {
420 $count = count($fields);
421 $fields = $this->encrypt($fields);
422 return $this->sentRequest($path, $fields, $cookie, $count);
426 * sends the request to router
428 * @param string $path
429 * @param mixed $fields
430 * @param string $cookie
431 * @param integer $count
434 private function sentRequest ($path, $fields, $cookie = false, $count = 0) {
435 $url = $this->url
.$path.'?lang=en';
437 curl_setopt($ch, CURLOPT_URL
, $url);
439 if (!empty($fields)) {
440 if (is_array($fields)) {
441 curl_setopt($ch, CURLOPT_POST
, count($fields));
442 curl_setopt($ch, CURLOPT_POSTFIELDS
, http_build_query($fields));
445 curl_setopt($ch, CURLOPT_POST
, $count);
446 curl_setopt($ch, CURLOPT_POSTFIELDS
, $fields);
450 if ($cookie === true) {
451 curl_setopt($ch, CURLOPT_COOKIE
, 'lang=en; challengev='.$this->challenge
.'; '.$this->cookie
);
454 curl_setopt($ch, CURLOPT_RETURNTRANSFER
, true);
455 curl_setopt($ch, CURLOPT_HEADER
, true);
461 $result = curl_exec($ch);
463 $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE
);
464 $header = substr($result, 0, $header_size);
465 $body = substr($result, $header_size);
468 // check if response is empty
470 throw new RouterException('empty response');
473 // check if body is encrypted (hex instead of json)
474 if (ctype_xdigit($body)) {
475 $body = $this->decrypt($body);
479 $body = preg_replace("/(\r\n)|(\r)/", "\n", $body);
480 $body = preg_replace('/\'/i', '"', $body);
481 $body = preg_replace("/\[\s+\]/i", '[ {} ]', $body);
482 $body = preg_replace("/},\s+]/", "}\n]", $body);
485 if (strpos($url, '.json') !== false && strpos($url, 'Syslog.json') === false) {
486 $body = json_decode($body, true);
489 return array('header' => $this->parse_headers($header), 'body' => $body);
497 private function getToken () {
500 $path = 'html/content/overview/index.html';
502 $data = $this->sentRequest($path, $fields, true);
504 $a = explode('csrf_token = "', $data['body']);
505 $a = explode('";', $a[1]);
507 if (isset($a[0]) && !empty($a[0])) {
511 throw new RouterException('unable to get csrf_token');
516 * calculate the derivedk
518 * @param string $password
521 private function getDerviedk ($password) {
524 // calculate derivedk
525 if (!function_exists('hash_pbkdf2')) {
526 require_once 'CryptLib/CryptLib.php';
527 $pbkdf2 = new CryptLib\Key\Derivation\PBKDF\
PBKDF2(array('hash' => 'sha1'));
528 $derivedk = bin2hex($pbkdf2->derive(hash('sha256', $password), substr($this->challenge
, 0, 16), 1000, 32));
529 $derivedk = substr($derivedk, 0, 32);
532 $derivedk = hash_pbkdf2('sha1', hash('sha256', $password), substr($this->challenge
, 0, 16), 1000, 32);
535 if (empty($derivedk)) {
536 throw new RouterException('unable to calculate derivedk');
543 * get cookie from header data
548 private function getCookie ($data) {
550 if (isset($data['header']['Set-Cookie']) && !empty($data['header']['Set-Cookie'])) {
551 preg_match('/^.*(SessionID_R3=[a-z0-9]*).*/i', $data['header']['Set-Cookie'], $match);
552 if (isset($match[1]) && !empty($match[1])) {
557 if (empty($cookie)) {
558 throw new RouterException('unable to get the session cookie from the router');
565 * parse the curl return header into an array
567 * @param string $response
570 private function parse_headers($response) {
572 $header_text = substr($response, 0, strpos($response, "\r\n\r\n"));
574 $header_text = explode("\r\n", $header_text);
575 foreach ($header_text as $i => $line) {
577 $headers['http_code'] = $line;
580 list ($key, $value) = explode(': ', $line);
581 $headers[$key] = $value;