Script to reboot the ever-so-stable TalkTalk-branded Huawei HG633 router

fuck_talktalk.sh

#!/bin/bash -e

router_ip="192.168.1.1"
user="admin"
password="<check_your_password_in_the_sticker_behind_your_router>"


cookie_jar="$(mktemp)"
cleanup() { rm -f "$cookie_jar"; }
trap cleanup QUIT


extract_csrf_json_from_html() { tr '\n' ' ' | sed -e 's|.*name="csrf_param" content="\([^"]*\)".*name="csrf_token" content="\([^"]*\)".*|"csrf":{"csrf_param":"\1","csrf_token":"\2"}|'; }
die() { echo "$@"; exit 1; }

# Get a valid CSRF, otherwise the login cookie will be incomplete
csrf_json="$(curl -s "http://${router_ip}/" --cookie-jar "$cookie_jar" | extract_csrf_json_from_html || die "Can't connect http://${router_ip}")"

# Encode user+password
#auth_token="$(echo -n "$password" | sha256sum | cut -d" " -f1 | base64 -w0)" # FIXME: The result of base64 ends with ZQo= instead of ZQ==, because fuck you that's why?
auth_token="YTI0Mjk0YmY1ZTAxZTZmM2M4M2JmNDRkNTEwNDA3OWUwNzBmMDc3ZmU3NGEzZjFkNDNhM2I1ZDMzMGRlNDhmZQ=="
csrf_param="$(echo $csrf_json | sed -e 's/.*"csrf_param":"\([^"]*\)".*/\1/')"
csrf_token="$(echo $csrf_json | sed -e 's/.*"csrf_token":"\([^"]*\)".*/\1/')"
auth_token_hash="$(echo -n "${user}${auth_token}${csrf_param}${csrf_token}" | sha256sum | cut -d" " -f1)"

# Login
curl -s -w'\n' -XPOST "http://${router_ip}/api/system/user_login" \
	--cookie "$cookie_jar" --cookie-jar "$cookie_jar" \
	--data-binary "{$csrf_json,\"data\":{\"UserName\":\"$user\",\"Password\":\"$auth_token_hash\"}}" >/dev/null

# Get some router info
html=$(curl -s -w'\n' "http://${router_ip}/api/system/deviceinfo" --cookie "$cookie_jar" | tr '\n' ' 'i)
uptime=$(echo "$html" | sed -e 's/.*"UpTime":\([0-9]*\).*/\1/')
if which python3 &>/dev/null; then
	# Make uptime human readable
	uptime=$(python3 -c "import datetime; print(datetime.timedelta(seconds=${uptime}))")
fi

html=$(curl -s -w'\n' "http://${router_ip}/api/ntwk/dslinfo" --cookie "$cookie_jar" | tr '\n' ' ')
dsl_status=$(echo "$html" | sed -e 's/.*"Status":"\([^"]*\)".*/\1/') # TODO: We could be using jq, not sure if it's extended enough
dsl_bw_down=$(echo "$html" | sed -e 's/.*"DownCurrRate":\([0-9]*\).*/\1/')
dsl_bw_up=$(echo "$html" | sed -e 's/.*"UpCurrRate":\([0-9]*\).*/\1/')
dsl_bw_max_down=$(echo "$html" | sed -e 's/.*"DownstreamMaxBitRate":\([0-9]*\).*/\1/')
dsl_bw_max_up=$(echo "$html" | sed -e 's/.*"UpstreamMaxBitRate":\([0-9]*\).*/\1/')

# Convert kbit/s to Mbps
dsl_bw_down=$(bc <<< "scale=2; $dsl_bw_down/1024")
dsl_bw_up=$(bc <<< "scale=2; $dsl_bw_up/1024")
dsl_bw_max_down=$(bc <<< "scale=2; $dsl_bw_max_down/1024")
dsl_bw_max_up=$(bc <<< "scale=2; $dsl_bw_max_up/1024")

{
	echo -e "Router uptime:\t${uptime}"
	echo -e "DSL Status:\t${dsl_status}"
	echo -e "-\tCurrent\tMax"
	echo -e "DSL Downstream rate:\t$dsl_bw_down Mbps\t$dsl_bw_max_down Mbps"
	echo -e "DSL Upstream rate:\t$dsl_bw_up Mbps\t$dsl_bw_max_up Mbps"
} | column -s$'\t' -t

# Update CSRF shenanigans (reboot won't work otherwise)
csrf_json=$(curl -s -w'\n' "http://${router_ip}/html/advance.html#device_mngt" --cookie "$cookie_jar" --cookie-jar "$cookie_jar" | extract_csrf_json_from_html)

# Go for the kill
if curl -s -w'\n' -XPOST "http://${router_ip}/api/service/reboot.cgi" --data "{$csrf_json}" --cookie "$cookie_jar" >/dev/null; then
	echo "Router rebooting..."
else
	die "Failed to reboot router"
fi

echo -n removes the new line at the end. but either sha256sum or cut command appends it again

Replace the below line :

auth_token="$(echo -n "$password" | sha256sum | cut -d" " -f1 | base64 -w0)"

with this

auth_hash="$(echo -n "$password" | sha256sum | cut -d" " -f1)"
auth_token="$(echo -n "$auth_hash" | base64 -w0)"