2 require_once('RebootException.class.php');
3 require_once('RouterException.class.php');
6 * @author Jan Altensen (Stricted)
7 * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
8 * @copyright 2015 Jan Altensen (Stricted)
10 class SpeedportHybrid
{
15 const VERSION
= '1.0.2';
21 private $challenge = '';
39 private $session = '';
51 private $derivedk = '';
53 public function __construct ($url = 'http://speedport.ip/') {
58 * Requests the password-challenge from the router.
60 private function getChallenge () {
61 $path = 'data/Login.json';
62 $fields = array('csrf_token' => 'nulltoken', 'showpw' => 0, 'challengev' => 'null');
63 $data = $this->sentRequest($path, $fields);
64 $data = json_decode($data['body'], true);
65 $data = $this->getValues($data);
67 if (isset($data['challengev']) && !empty($data['challengev'])) {
68 $this->challenge
= $data['challengev'];
73 * login into the router with the given password
75 * @param string $password
78 public function login ($password) {
79 $this->getChallenge();
81 if (empty($this->challenge
)) {
82 throw new RouterExeption('unable to get the challenge from the router');
85 $path = 'data/Login.json';
86 $this->hash
= hash('sha256', $this->challenge
.':'.$password);
87 $fields = array('csrf_token' => 'nulltoken', 'showpw' => 0, 'password' => $this->hash
);
88 $data = $this->sentRequest($path, $fields);
89 $json = json_decode($data['body'], true);
90 $json = $this->getValues($json);
91 if (isset($json['login']) && $json['login'] == 'success') {
92 if (isset($data['header']['Set-Cookie']) && !empty($data['header']['Set-Cookie'])) {
93 preg_match('/^.*(SessionID_R3=[a-z0-9]*).*/i', $data['header']['Set-Cookie'], $match);
94 if (isset($match[1]) && !empty($match[1])) {
95 $this->session
= $match[1];
98 throw new RouterExeption('unable to get the session cookie from the router');
101 // calculate derivedk
102 if (!function_exists("hash_pbkdf2")) {
103 require_once 'CryptLib/CryptLib.php';
104 $pbkdf2 = new CryptLib\Key\Derivation\PBKDF\
PBKDF2(array('hash' => 'sha1'));
105 $this->derivedk
= bin2hex($pbkdf2->derive(hash('sha256', $password), substr($this->challenge
, 0, 16), 1000, 32));
106 $this->derivedk
= substr($this->derivedk
, 0, 32);
109 $this->derivedk
= hash_pbkdf2('sha1', hash('sha256', $password), substr($this->challenge
, 0, 16), 1000, 32);
112 // get the csrf_token
113 $this->token
= $this->getToken();
115 if ($this->checkLogin(false) === true) {
125 * check if we are logged in
127 * @param boolean $exception
130 public function checkLogin ($exception = true) {
131 if (empty($this->challenge
) && empty($this->session
)) {
132 if ($exception === true) {
133 throw new RouterExeption('you musst be logged in to use this method');
139 $path = 'data/SecureStatus.json';
141 $data = $this->sentRequest($path, $fields, true);
143 if (empty($data['body'])) {
144 throw new RouterExeption('unable to get SecureStatus data');
147 $json = json_decode($data['body'], true);
148 $json = $this->getValues($json);
150 if ($json['loginstate'] != 1) {
151 if ($exception === true) {
152 throw new RouterExeption('you musst be logged in to use this method');
166 public function logout () {
169 $path = 'data/Login.json';
170 $fields = array('csrf_token' => $this->token
, 'logout' => 'byby');
171 $data = $this->sentRequest($path, $fields, true);
172 if ($this->checkLogin(false) === false) {
173 // reset challenge and session
174 $this->challenge
= '';
178 $json = json_decode($data['body'], true);
183 throw new RouterExeption('logout failed');
192 public function reboot () {
195 $path = 'data/Reboot.json';
196 $fields = array('csrf_token' => $this->token
, 'reboot_device' => 'true');
197 $data = $this->sentEncryptedRequest($path, $fields, true);
199 $json = json_decode($data['body'], true);
200 $json = $this->getValues($json);
202 if ($json['status'] == 'ok') {
203 // throw an exception because router is unavailable for other tasks
204 // like $this->logout() or $this->checkLogin
205 throw new RebootException('Router Reboot');
208 throw new RouterException('unable to reboot');
213 * change dsl connection status
215 * @param string $status
217 public function changeConnectionStatus ($status) {
220 $path = 'data/Connect.json';
222 if ($status == 'online' ||
$status == 'offline') {
223 $fields = array('csrf_token' => 'nulltoken', 'showpw' => 0, 'password' => $this->hash
, 'req_connect' => $status);
224 $data = $this->sentRequest($path, $fields, true);
226 $json = json_decode($data['body'], true);
231 throw new RouterExeption();
236 * return the given json as array
238 * @param string $file
241 public function getData ($file) {
242 if ($file != "Status") $this->checkLogin();
244 $path = 'data/'.$file.'.json';
246 $data = $this->sentRequest($path, $fields, true);
248 if (empty($data['body'])) {
249 throw new RouterExeption('unable to get '.$file.' data');
252 $json = json_decode($data['body'], true);
258 * get the router syslog
262 public function getSyslog() {
263 return $this->exportData('0');
267 * get the Missed Calls from router
271 public function getMissedCalls() {
272 return $this->exportData('1');
276 * get the Taken Calls from router
280 public function getTakenCalls() {
281 return $this->exportData('2');
285 * get the Dialed Calls from router
289 public function getDialedCalls() {
290 return $this->exportData('3');
294 * export data from router
298 private function exportData ($type) {
301 $path = 'data/Syslog.json';
302 $fields = array('exporttype' => $type);
303 $data = $this->sentRequest($path, $fields, true);
305 if (empty($data['body'])) {
306 throw new RouterExeption('unable to get export data');
309 return explode("\n", $data['body']);
317 public function reconnectLte () {
320 $path = 'data/modules.json';
321 $fields = array('csrf_token' => $this->token
, 'lte_reconn' => '1');
322 $data = $this->sentEncryptedRequest($path, $fields, true);
323 $json = json_decode($data['body'], true);
329 * reset the router to Factory Default
334 public function resetToFactoryDefault () {
337 $path = 'data/resetAllSetting.json';
338 $fields = array('csrf_token' => 'nulltoken', 'showpw' => 0, 'password' => $this->hash
, 'reset_all' => 'true');
339 $data = $this->sentRequest($path, $fields, true);
340 $json = json_decode($data['body'], true);
347 * check if firmware is actual
351 public function checkFirmware () {
354 $path = 'data/checkfirmware.json';
355 $fields = array('checkfirmware' => 'true');
356 $data = $this->sentRequest($path, $fields, true);
358 if (empty($data['body'])) {
359 throw new RouterExeption('unable to get checkfirmware data');
362 $json = json_decode($data['body'], true);
368 * decrypt data from router
370 * @param string $data
373 private function decrypt ($data) {
374 require_once 'CryptLib/CryptLib.php';
375 $factory = new CryptLib\Cipher\
Factory();
376 $aes = $factory->getBlockCipher('rijndael-128');
378 $iv = hex2bin(substr($this->challenge
, 16, 16));
379 $adata = hex2bin(substr($this->challenge
, 32, 16));
380 $dkey = hex2bin($this->derivedk
);
381 $enc = hex2bin($data);
384 $mode = $factory->getMode('ccm', $aes, $iv, [ 'adata' => $adata, 'lSize' => 7]);
386 $mode->decrypt($enc);
388 return $mode->finish();
392 * decrypt data for the router
397 private function encrypt ($data) {
398 require_once 'CryptLib/CryptLib.php';
399 $factory = new CryptLib\Cipher\
Factory();
400 $aes = $factory->getBlockCipher('rijndael-128');
402 $iv = hex2bin(substr($this->challenge
, 16, 16));
403 $adata = hex2bin(substr($this->challenge
, 32, 16));
404 $dkey = hex2bin($this->derivedk
);
407 $mode = $factory->getMode('ccm', $aes, $iv, [ 'adata' => $adata, 'lSize' => 7]);
408 $mode->encrypt(http_build_query($data));
410 return bin2hex($mode->finish());
414 * get the values from array
416 * @param array $array
419 private function getValues($array) {
421 foreach ($array as $item) {
422 $data[$item['varid']] = $item['varvalue'];
429 * sends the encrypted request to router
431 * @param string $path
432 * @param mixed $fields
433 * @param string $cookie
436 private function sentEncryptedRequest ($path, $fields, $cookie = false) {
437 $count = count($fields);
438 $fields = $this->encrypt($fields);
439 return $this->sentRequest($path, $fields, $cookie, $count);
443 * sends the request to router
445 * @param string $path
446 * @param mixed $fields
447 * @param string $cookie
448 * @param integer $count
451 private function sentRequest ($path, $fields, $cookie = false, $count = 0) {
452 $url = $this->url
.$path.'?lang=en';
454 curl_setopt($ch, CURLOPT_URL
, $url);
456 if (!empty($fields)) {
457 if (is_array($fields)) {
458 curl_setopt($ch, CURLOPT_POST
, count($fields));
459 curl_setopt($ch, CURLOPT_POSTFIELDS
, http_build_query($fields));
462 curl_setopt($ch, CURLOPT_POST
, $count);
463 curl_setopt($ch, CURLOPT_POSTFIELDS
, $fields);
467 if ($cookie === true) {
468 curl_setopt($ch, CURLOPT_COOKIE
, 'challengev='.$this->challenge
.'; '.$this->session
);
471 curl_setopt($ch, CURLOPT_RETURNTRANSFER
, true);
472 curl_setopt($ch, CURLOPT_HEADER
, true);
478 $result = curl_exec($ch);
480 $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE
);
481 $header = substr($result, 0, $header_size);
482 $body = substr($result, $header_size);
485 // check if body is encrypted (hex instead of json)
486 if (ctype_xdigit($body)) {
487 $body = $this->decrypt($body);
491 $body = preg_replace("/(\r\n)|(\r)/", "\n", $body);
492 $body = preg_replace('/\'/i', '"', $body);
493 $body = preg_replace("/\[\s+\]/i", '[ {} ]', $body);
494 $body = preg_replace("/},\s+]/", "}\n]", $body);
496 return array('header' => $this->parse_headers($header), 'body' => $body);
504 private function getToken () {
507 $path = 'html/content/overview/index.html';
509 $data = $this->sentRequest($path, $fields, true);
511 if (empty($data['body'])) {
512 throw new RouterExeption('unable to get csrf_token');
515 $a = explode('csrf_token = "', $data['body']);
516 $a = explode('";', $a[1]);
518 if (isset($a[0]) && !empty($a[0])) {
522 throw new RouterExeption('unable to get csrf_token');
527 * parse the curl return header into an array
529 * @param string $response
532 private function parse_headers($response) {
534 $header_text = substr($response, 0, strpos($response, "\r\n\r\n"));
536 $header_text = explode("\r\n", $header_text);
537 foreach ($header_text as $i => $line) {
539 $headers['http_code'] = $line;
542 list ($key, $value) = explode(': ', $line);
543 $headers[$key] = $value;