mkg20001 · September 28, 2024 23:41
diff --git a/fritzdump.sh b/fritzdump.sh
 #!/bin/bash

 # This is the address of the router
 FRITZIP=http://192.168.178.1

 # This is the WAN interface
 IFACE="2-0" # view from inside
 #IFACE="2-1" # view from outside

 # Lan Interface
 #IFACE="1-lan"

 # If you have no username, login and check under System > Fritzbox Users. It will be named fritzXXXX.
 FRITZUSER=$1
 FRITZPWD=$2

 SIDFILE="/tmp/fritz.sid"

 if [ -z "$FRITZPWD" ] || [ -z "$FRITZUSER" ]  ; then echo "Username/Password empty. Usage: $0 <username> <password>" ; exit 1; fi

 echo "Trying to login into $FRITZIP as user $FRITZUSER" >&2

 if [ ! -f $SIDFILE ]; then
  touch $SIDFILE
 fi

 SID=$(cat $SIDFILE)

 # Request challenge token from Fritz!Box
 CHALLENGE=$(curl -k -s $FRITZIP/login_sid.lua |  grep -o "<Challenge>[a-z0-9]\{8\}" | cut -d'>' -f 2)

 # Very proprieatry way of AVM: Create a authentication token by hashing challenge token with password
 HASH=$(perl -MPOSIX -e '
    use Digest::MD5 "md5_hex";
    my $ch_Pw = "$ARGV[0]-$ARGV[1]";
    $ch_Pw =~ s/(.)/$1 . chr(0)/eg;
    my $md5 = lc(md5_hex($ch_Pw));
    print $md5;
  ' -- "$CHALLENGE" "$FRITZPWD")
  curl -k -s "$FRITZIP/login_sid.lua" -d "response=$CHALLENGE-$HASH" -d 'username='${FRITZUSER} | grep -o "<SID>[a-z0-9]\{16\}" | cut -d'>' -f 2 > $SIDFILE

 SID=$(cat $SIDFILE)

 # Check for successfull authentification
 if [[ $SID =~ ^0+$ ]] ; then echo "Login failed. Did you create & use explicit Fritz!Box users?" ; exit 1 ; fi

 echo "Capturing traffic on Fritz!Box interface $IFACE ..." 1>&2

 # In case you want to use tshark instead of ntopng
 #wget --no-check-certificate -qO- $FRITZIP/cgi-bin/capture_notimeout?ifaceorminor=$IFACE\&snaplen=\&capture=Start\&sid=$SID | /usr/bin/tshark -r -

 TMP="$(mktemp)."
 mkfifo $TMP
 LC_ALL=C wireshark -k -S -i $TMP &

 wget --no-check-certificate -qO- $FRITZIP/cgi-bin/capture_notimeout?ifaceorminor=$IFACE\&snaplen=\&capture=Start\&sid=$SID > $TMP #| tshark -r - # ntopng -i -
	#!/bin/bash

	# This is the address of the router
	FRITZIP=http://192.168.178.1

	# This is the WAN interface
	IFACE="2-0" # view from inside
	#IFACE="2-1" # view from outside

	# Lan Interface
	#IFACE="1-lan"

	# If you have no username, login and check under System > Fritzbox Users. It will be named fritzXXXX.
	FRITZUSER=$1
	FRITZPWD=$2

	SIDFILE="/tmp/fritz.sid"

	if [ -z "$FRITZPWD" ] \|\| [ -z "$FRITZUSER" ] ; then echo "Username/Password empty. Usage: $0 <username> <password>" ; exit 1; fi

	echo "Trying to login into $FRITZIP as user $FRITZUSER" >&2

	if [ ! -f $SIDFILE ]; then
	touch $SIDFILE
	fi

	SID=$(cat $SIDFILE)

	# Request challenge token from Fritz!Box
	CHALLENGE=$(curl -k -s $FRITZIP/login_sid.lua \| grep -o "<Challenge>[a-z0-9]\{8\}" \| cut -d'>' -f 2)

	# Very proprieatry way of AVM: Create a authentication token by hashing challenge token with password
	HASH=$(perl -MPOSIX -e '
	use Digest::MD5 "md5_hex";
	my $ch_Pw = "$ARGV[0]-$ARGV[1]";
	$ch_Pw =~ s/(.)/$1 . chr(0)/eg;
	my $md5 = lc(md5_hex($ch_Pw));
	print $md5;
	' -- "$CHALLENGE" "$FRITZPWD")
	curl -k -s "$FRITZIP/login_sid.lua" -d "response=$CHALLENGE-$HASH" -d 'username='${FRITZUSER} \| grep -o "<SID>[a-z0-9]\{16\}" \| cut -d'>' -f 2 > $SIDFILE

	SID=$(cat $SIDFILE)

	# Check for successfull authentification
	if [[ $SID =~ ^0+$ ]] ; then echo "Login failed. Did you create & use explicit Fritz!Box users?" ; exit 1 ; fi

	echo "Capturing traffic on Fritz!Box interface $IFACE ..." 1>&2

	# In case you want to use tshark instead of ntopng
	#wget --no-check-certificate -qO- $FRITZIP/cgi-bin/capture_notimeout?ifaceorminor=$IFACE\&snaplen=\&capture=Start\&sid=$SID \| /usr/bin/tshark -r -

	TMP="$(mktemp)."
	mkfifo $TMP
	LC_ALL=C wireshark -k -S -i $TMP &

	wget --no-check-certificate -qO- $FRITZIP/cgi-bin/capture_notimeout?ifaceorminor=$IFACE\&snaplen=\&capture=Start\&sid=$SID > $TMP #\| tshark -r - # ntopng -i -