Markus21 Posted September 13, 2008 Share Posted September 13, 2008 Hi,right now I'm doing a script, which should automate some steps (disable/enable switch port) in a web interface of a Network Switch.The things I have done so far by using WININET: 1. login/logout 2. enable/disable portWhat's missing: Read out the port state (enabled/disabled).The Problem:The Webinterface is programmed very crappy. The portstatus page, which shows the state of each port consists of javascript. So when I "download" the page's sourcecode I only see some javascript. Now I have to get the values, that are produced by the javascript, any suggestions?The page:<html><head><title></title></head><script>var css_type = top.fIw.css_type ;function window_onload(){ for(i=1; i<=top.fIw.phy_port_cnt; i++) document.getElementById("pstt").rows[i].onclick=toclick;}var vender_id ;</script><script language="Javascript" src="css.html"></script><script language="Javascript" src="fake_server.html?vender_id=1"></script><body onload="window_onload()"><div id="realpage" align="center" style="display:none;"><p class='page_title' align="center">Port Current Status</p><table border='0' cellspacing="1" id="pstt"><tr align="center"><td class="table_title" nowrap>Port No</td><td class="table_title" nowrap>Media</td><td class="table_title" nowrap>Link</td><td class="table_title" nowrap>State</td><td class="table_title" nowrap>Auto Nego.</td><td class="table_title" nowrap>Speed/Duplex</td><td class="table_title" nowrap>Rx Pause</td><td class="table_title" nowrap>Tx Pause</td><script language="Javascript">switch(vender_id){ case 0: case 1: case 8: case 9: document.write( '<td class="table_title" nowrap>Port Description</td>' ) ; break ; default: break ;}</script></tr><script language="Javascript">var i, j ;var d = document ;for( i=0; i<top.fIw.phy_port_cnt; i++ ){ d.write( '<tr style="cursor:pointer" class="table_body" align="center"><td>'+(i+1)+'</td>'); switch(vender_id){ case 0: case 1: case 8: case 9: for( j=0; j<8; j++ ) d.write( '<td></td>' ); break ; default: for( j=0; j<7; j++ ) d.write( '<td></td>' ); break ; } d.write( '</tr>' );}</script></table></div><input type="hidden" name="hiderowidx" id="hiderowidx" value=-1></body></html><script>var tb=document.getElementById("pstt");var hideidx = document.getElementById("hiderowidx");var bg_color, fg_color, dk_color ;var si, sj;switch(vender_id){ case 0: case 1: case 8: case 9: var colu = 9; break ; default: var colu = 8; break ;}top.fIw.dt.get_flag = top.fIw.dt.pst.fl_in = 1 ;si = setInterval( "polling()", 50);function polling(){ switch( css_type ){ case 7: bg_color = "#EEEEEE" ; fg_color = "#060606" ; dk_color = "#AAAAAA" ; break ; default: bg_color = "#d5ebfe" ; fg_color = "#1D3956" ; dk_color = "#7Db1c2" ; break ; } if( top.fIw.dt.pst.fl_in==0 ) { clearInterval(si); for(i=0; i<2; i++) { if(top.fIw.dt.pst.sfp[i].sfpmodule==1) tb.rows[i+top.fIw.phy_port_cnt-1].cells[0].innerHTML = '<a href="java script:tofiber('+(i+(top.fIw.phy_port_cnt-2))+')">'+(i+top.fIw.phy_port_cnt-1)+'</a>'; else tb.rows[i+top.fIw.phy_port_cnt-1].cells[0].innerHTML = (i+top.fIw.phy_port_cnt-1); } for(i=0;i<top.fIw.phy_port_cnt;i++) { tb.rows[i+1].cells[1].innerHTML = " "+changeStatus( 0, top.fIw.dt.pst.p[i].media_type )+" "; tb.rows[i+1].cells[2].innerHTML = " "+changeStatus( 1, top.fIw.dt.pst.p[i].linked )+" "; tb.rows[i+1].cells[3].innerHTML = " "+changeStatus( 2, top.fIw.dt.pst.p[i].enabled )+" "; tb.rows[i+1].cells[4].innerHTML = " "+changeStatus( 3, top.fIw.dt.pst.p[i].auto_nego )+" "; tb.rows[i+1].cells[5].innerHTML = " "+changeStatus( 4, (top.fIw.dt.pst.p[i].speed<<8)|top.fIw.dt.pst.p[i].duplex )+" "; tb.rows[i+1].cells[6].innerHTML = " "+changeStatus( 5, top.fIw.dt.pst.p[i].rxp )+" "; tb.rows[i+1].cells[7].innerHTML = " "+changeStatus( 6, top.fIw.dt.pst.p[i].txp )+" "; switch( vender_id ){ case 0: case 1: case 8: case 9: tb.rows[i+1].cells[8].innerHTML = " "+top.fIw.dt.pst.p[i].desc+" "; break ; defualt: break ; } } document.getElementById("realpage").style.display = "" ; top.fIw.dt.get_flag = top.fIw.dt.pst.fl_in = 1 ; si = setTimeout( "polling()", 5000) ; }}function toclick(evt){ var intRowIndex=0; intRowIndex=this.rowIndex; if(intRowIndex==undefined) return; for(j=0; j<colu; j++) tb.rows[intRowIndex].cells[j].style.backgroundColor=dk_color; if(hideidx.value != -1 && hideidx.value!=(intRowIndex)) for(j=0; j<colu; j++) tb.rows[hideidx.value].cells[j].style.backgroundColor=bg_color; hideidx.value = intRowIndex;}function changeStatus(type,arg){ var str=""; switch(type) { case 0: { if(arg==1) str="TP"; else if(arg==0) str="Fiber"; }break; case 1: { if(arg==1) str="Up"; else str="Down"; }break; case 2: { if(arg==1) str="Enabled"; else if (arg==0) str="Disabled"; else str="------"; }break; case 3: { if(arg==1) str="Enabled"; else if (arg==0) str="Disabled"; else str="------"; }break; case 4: { var sp = (arg>>8)&255; var du = arg&255 ; if(sp==0) str="10M/"; else if(sp==1) str="100M/"; else if (sp==2) str="1G/"; else if (sp==255) str="---/"; if(du==0) str+="Half"; else if (du==1) str+="Full"; else if (du==255) str+="----"; }break; case 5: { if(arg==0) str="Off"; else if(arg==1) str="On"; else str="------"; }break; case 6: { if(arg==0) str="Off"; else if(arg==1) str="On"; else str="------"; }break; } return str;}var click_flag=1 ;function tofiber(pno){ if(click_flag==0)return; click_flag = 0 ; top.fIw.dt.getarg = pno; top.fIw.dt.pfiber.port_no = pno; top.fIw.dt.get_flag=top.fIw.dt.pfiber.fl_in=1; sj = setInterval( "showfiber()", 50);}function showfiber(){ if(top.fIw.dt.pfiber.fl_in==0) { clearInterval(sj);window.open("portfiber.html", "Fiber", "toolbar=0,location=0,directories=0,status=0,menubar=0,scrollbars=0,resizable=0,width=550,height=500"); }}</script>The code not even is formated (fuck the manufactor).The page (its more than you can see on the picture, strange thing is, that you can only see the output in explorer, when you see the full page (portstatus is iframed)Im very thankfull for every hint!Bye,Markus Link to comment Share on other sites More sharing options...
Richard Robertson Posted September 13, 2008 Share Posted September 13, 2008 You may also want to look at "fake_server.html?vender_id=1" because this is imported as a javascript source. I really have no idea why a page would be designed like this. Link to comment Share on other sites More sharing options...
SIone Posted September 13, 2008 Share Posted September 13, 2008 (edited) In general network switches generate such webpages from a small chip,in real time, and that explains the formatting. I'd advise you to examine what the page sends back to the switch in the address bar. I attempted to visit the address you've provided but (as one would hope) no page downloaded! Who makes the netswitch? What hints are in the user manual? EDIT:removed the massive quote. Edited September 13, 2008 by SIone Perilous to all of us are the devices of an art deeper than we ourselves possess. Link to comment Share on other sites More sharing options...
Markus21 Posted September 13, 2008 Author Share Posted September 13, 2008 I already examined the http header in wireshark (thats how I found out the login thing and the accept/disable of ports). The webserver the switch runs is tinyhttpd but thats not really helpfull . Best would be to hack the webserver or take a different switch >_<. Anybody know any security issues: thttpd/2.04 10aug98 ? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now