68 lines
2.9 KiB
Python
68 lines
2.9 KiB
Python
from ._common import BaseFxcker
|
|
from ..utils import regex_search_string, dump_qs
|
|
import re
|
|
from urllib.parse import unquote
|
|
|
|
|
|
class NetiaWifiFxcker(BaseFxcker):
|
|
def unfxck(self, location=None):
|
|
start = self.request("GET", location)
|
|
initial_redir_url = regex_search_string(
|
|
r'<form [^>]*action="([^"]+)"', start.text)
|
|
start_form = {}
|
|
for param in ["mac", "ip", "apname", "essid", "url", "switch_url"]:
|
|
start_form[param] = regex_search_string(
|
|
r'<input [^>]*name="%s" value="([^"]+)"' % (re.escape(param)),
|
|
start.text)
|
|
initial_redir = self.request(
|
|
"POST", initial_redir_url, data=dump_qs(start_form), headers={
|
|
"Content-Type": "application/x-www-form-urlencoded",
|
|
})
|
|
splash_url = regex_search_string(
|
|
r'<form [^>]*action="([^"]+)"', initial_redir.text)
|
|
splash = self.request("POST", splash_url, data=dump_qs({
|
|
"initialRedirect": True,
|
|
}))
|
|
accept_url = regex_search_string(
|
|
r"form\.setAttribute\('action', '([^']+)'\)", splash.text)
|
|
accept_page = self.request("POST", accept_url, data=dump_qs({
|
|
"ie11postFix": "sendPost",
|
|
}), headers={
|
|
"Content-Type": "application/x-www-form-urlencoded",
|
|
})
|
|
|
|
# what the fuck is that, Netia?
|
|
for match in regex_search_string(
|
|
# flake8: noqa: E501
|
|
r"document\.cookie\s*=\s*'([^']+)'\s*\+\s*decodeURIComponent\('([^']+)'\)\s*\+\s*'([^']+)';",
|
|
accept_page.text, multiple=True, whole_match=True):
|
|
self.cookie_jar.set_cookie(match.group(
|
|
1) + unquote(match.group(2)) + match.group(3))
|
|
for match in regex_search_string(
|
|
# flake8: noqa: E501
|
|
r"document\.cookie\s*=\s*'([^']+)'\s*\+\s*'([^']+)'\s*\+\s*'([^']+)';",
|
|
accept_page.text, multiple=True, whole_match=True):
|
|
self.cookie_jar.set_cookie(match.group(
|
|
1) + match.group(2) + match.group(3))
|
|
for match in regex_search_string(
|
|
# flake8: noqa: E501
|
|
r"document\.cookie\s*=\s*'([^']+)';",
|
|
accept_page.text, multiple=True, whole_match=True):
|
|
self.cookie_jar.set_cookie(match.group(1))
|
|
|
|
login_url = regex_search_string(
|
|
r'<form [^>]*action="([^"]+)"', accept_page.text)
|
|
login_form = {}
|
|
for match in regex_search_string(
|
|
r'<input [^>]*name="([^"]+)" value="([^"]*)"',
|
|
accept_page.text, multiple=True, whole_match=True):
|
|
login_form[match.group(1)] = match.group(2)
|
|
login_page = self.request("GET", login_url + "?" + dump_qs(login_form))
|
|
|
|
welcome_url = unquote(regex_search_string(
|
|
r'<meta http-equiv="refresh" content="\d+; url=([^"]+)"',
|
|
login_page.text))
|
|
welcome_page = self.request("GET", welcome_url)
|
|
|
|
return True
|