Hello -

This may not be the right forum for this particular issue, but I'll give it a shot -

I have an EFG80 from linksys. It's an NAS (http://www.linksys.com/products/product.asp?grid=35&scid=43&prid=447) box for a home network. Every night I shut this thing down along with three other 2000 systems. I would like to be able to remotely kill all 4 devices with one click.

The windows boxes are easy (http://www.sysinternals.com/files/Pstools.zip)


psshutdown -u admin -p passwd -k -f -t 15 -m "System is going down" \\sys2
psshutdown -u admin -p passwd -k -f -t 15 -m "System is going down" \\sys1
psshutdown -k -f -t 15 "System is going down"


(psshutdown (http://www.sysinternals.com/ntw2k/freeware/psshutdown.shtml))

The EFG80 can only be shut down from within the web based administration pages installed within the unit. Anyone with a linksys or probably any number of other manufacturers router WAP etc. know what I'm talking about.

I can get to the page with the button directly:

http://192.168.1.xx/Management/setup.cgi?next_file=status.htm

The button is javascript based, <a href="javascript:action(1);">"button image"</a>

Here is the action() function:

<script language="JavaScript" type="text/javascript">
<!-- Start Script

// other functions

function action(no)
{
var cf = document.status;
if (no == 1)
cf.todo.value = "shutdown_now";
if (no == 2)
cf.todo.value = "restart_now";
cf.submit();
}

// other functions

</script>
</head>

The problem is that I must authenticate via a '.htpasswd' before running the cgi script which serves the page with my configuration.

http://192.168.1.xx/Management/setup.cgi?next_file=status.htm

I can see the '.htpasswd' file by:

http://192.168.1.xx/Management/

Which gives a listing of all the files which make up the admin web pages, I don't think they want their users poking around that folder, but there is nothing there any way.

The box runs an embedded linux dist and thttpd/2.20c. Linksys claims a shell is not available.

Can I script the submiting of my admin credentials along with the execution of the shutdown function?

What is a document.status object, and what does the submit(); function do?

Would it be possible to create a perl, or other lang. script which would supply the admin user and pass, and execute the java function ultimately shutting down the system?

Thanks in advance

~Dave

Wow...If I knew the answer to this...I'd work with YeOldStoneCat...as it is..I'm only qualified to be his boss. LOL

Moving to networking where the real guru's hang out. :)

I'm going to take a shot at this.

The problem as I see it with what you are trying to do is that the Linksys box uses a different language than the other boxes. For instance, the code you posted for the Linux box is JavaScript, which somehow interfaces with the machine itself.

The program you are successfully using with your Win2000 boxes will only work on Windows based machines.

So, in conclusion, you are dealing with two entirely different operating systems here so I am not sure that what you are trying to do will work.

Forgive me if this isn't helpful. I am able to diagnose problems the best when I am involved directly with the problem or am able to physically see it.

BTW- You might be able to trigger the JavaScript through PHP, but I don't know how exactly. I think that Perl will prove fruitless. Give PHP a shot- it won't be easy, but you might find something if you are serious enough about it.

Good luck.

I've worked with the EFG 80 before (sold and installed 2 of them)....but how to script commands to work through a web browser...I haven't the slightest idea.

I appreciate the input, thank you. The EFG80 isn't a linux box in the usual sense. It's running an embedded linux kernel with a basic set of services, FTP, http, cups etc.

To turn the device off, I have to access the http based admin pages. I must authenticate via a standard htpasswd file. Once I've arrived at the admin page, there is a button 'shutdown' which once pressed, begins to shutdown the box.

What I need is the ability to automatically access the admin page with a script that will submit my admin user and pass. This script will then need to call the java function listed above which will ultimately shutdown the box.

I could code this in C, but I don't know how to send user/pass info in an effort to authenticate past an htpasswd file, and I further don't know what data string to send a server which would indicate the clicking on the 'shutdown' button.

Thanks -

The security measures of the device are working against you. If you could do this anyone could...if someone found your script. The fact that it is so easy with the MS boxes furthers my point :)


When you get to the admin screen via your broswer, where does the cursor default? In other words, do you simply start typing login info or do you have to place the cursor in the password/user field?

You could probably use HTTP POST... - hook up a sniffer if you have one and watch what's sent from your browser to the device. HTTP is plain, ASCII text.

Might could also use JavaScript to control cursor location then post the ** user, <tab>, pass ** combo - same as if you were doing it in your browser.

Edit: any form of unix should respond to #shutdown now The shutdown button probably sends something similar.

I was actually thinking in that direction, thanks for the reply.

I can use:

http://user:pass@192.168.1.**/Management/setup.cgi?next_file=status.htm

Which bypasses the user pass dialog box.

I've yet to have time to setup a good sniffer for these purposes, which one might you recommend?

I could make a little C app that would connect to the box, and issue the sequence of commands, but I don't know what they are:

[TELNET] CONNECT (NAS-DEVICE/192.168.1.**)
GET /Management/

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>
<BODY BGCOLOR="#cc9999"><H2>401 Unauthorized</H2>

Authorization required for the URL '/Management/'.

<HR>

<ADDRESS><A HREF="http://www.acme.com/software/thttpd/">thttpd/2.20c 21nov01</A></ADDRESS>

</BODY></HTML>

[TELNET] INFO: DISCONNECTED

If I could simulate the session using telnet, I know I could make this work.

the thttpd daemon is using http/1.0. I've read the RFC, GET HEAD and POST are the only commands. (Did I miss something?) How then would I send in my authentication?

Something like:

GET user:pass /Management/setup.cgi?next_file=status.htm

As for security, these are my personal boxes, so it's not as much of a concern. (Famous last words)

~Dave

POST - to submit. I might recommend reading up on mod_auth - apache.org - it's the apache module that reads htpasswd - since this is a custom, embedded kernel, the apache implementation may be aged as well.

What you want is what is referred to as a 'password hurler' Can probably find a script on the net.

Cheers,

Skye

I got it! Using Sniffer Pro, I watched each packet as sent from this box to the NAS.

The sequence of strings which need to be sent to the NAS is the following:

[TELNET] CONNECT (NAS-DEVICE/192.168.1.88)

GET /Management/setup.cgi?next_file=status.htm HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.0.3705)
Host: 192.168.1.88
Connection: Keep-Alive



The NAS replies with:

HTTP/1.1 401 Unauthorized
Server: thttpd/2.20c 21nov01
Content-type: text/html
Date: Wed, 01 Oct 2003 00:34:05 GMT
Last-modified: Wed, 01 Oct 2003 00:34:05 GMT
Accept-Ranges: bytes
Connection: close
WWW-Authenticate: Basic realm="Administration"

<HTML><HEAD><TITLE>401 Unauthorized</TITLE></HEAD>
<BODY BGCOLOR="#cc9999"><H2>401 Unauthorized</H2>
Authorization required for the URL '/Management/setup.cgi?next_file=status.htm'.
<!--
Padding so that MSIE deigns to show this error instead of its own canned one.
Padding so that MSIE
deigns to show this error instead of its own canned one.
Padding so that MSIE deigns to show this error instead of its own canned one.
Padding so that MSIE deigns to show this error instead of its own canned one.
Padding so that MSIE deigns to show this error instead of its own canned one.
Padding so that MSIE deigns to show this error instead of its own canned one.
-->
<HR>
<ADDRESS><A HREF="http://www.acme.com/software/thttpd/">thttpd/2.20c 21nov01</A></ADDRESS>
</BODY></HTML>

[TELNET] INFO: DISCONNECTED

From that response, a browser would ask for authentication, and try again:

[TELNET] CONNECT (NAS-DEVICE/192.168.1.88)

GET /Management/setup.cgi?next_file=status.htm HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.0.3705)
Host: 192.168.1.88
Connection: Keep-Alive
Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=

This being the second request in a row, the server accepts the authentication, and serves the page.

Next comes the request which simulates the shutdown button:

[TELNET] CONNECT (NAS-DEVICE/192.168.1.88)

POST /Management/setup.cgi HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
Referer: http://192.168.1.88/Management/setup.cgi
Accept-Language: en-us
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.0.3705)
Host: 192.168.1.88
Content-Length: 222
Connection: Keep-Alive
Cache-Control: no-cache
Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ

email_enable=&email_1=david@zegelin.com&email_2=&email_subject=GigaDrive+report&h_email_enable=checked&message=&this_file=status.htm&todo=shutdown_now&h_email_1=david@zegelin.com&h_email_2=&h_email_subject=GigaDrive+report

Now I just need to create a program which will connect to the box, and feed these strings in on by one...

~Dave