SSH command to get the list of clients
HI all,
we have a eap245 (ac1750) at work, i've enabled the ssh, is there a manual with the list of all commands?
what i would like to do is get the list of connected client in the wifi?
what i want to do i to have a script to crawl every X minutes the mac address connected, is that possible? or is there another way to do it?
PS: is that possible to block certain url/ips in the access point?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Meanwhile, I've found a solution to mimic user behavior and get the data via HTTP. It works, a bit hacky.
PS: the device stores the password as MD5 value (you can see that the js script to send the form computes the value before sending it to a page to be validated). If you don't get it why I've pointed out this, Google will help you.
the line i'm refering to is this one
$("input#login-password").textbox("setValue", md5($("input#login-password").textbox("getValue")).toUpperCase());
so, this piece of python code does what is needed to get the JSON object with the list of clients (install requests - $ pip install requests).
import requests, time s = requests.Session() # get the cookie from the login page, it's the session_id r = s.get('http://tplinkeap.net') c=r.cookies['COOKIE'] cookies = dict(COOKIE=c) headers = {'Content-Type': 'application/x-www-form-urlencoded','Referer': 'http://tplinkeap.net/'} time.sleep(1) # do the login, it validates the session s.post('http://tplinkeap.net',data={'username':'admin', 'password':'THE_MD5_OF_YOUR_PASSWORD'},cookies=cookies, headers=headers) time.sleep(1) #call the json rdata=s.get('http://tplinkeap.net/data/monitor.client.client.json?operation=load',cookies=cookies,headers=headers) rdata.json()
a bit of explanation. It took me an hour to get to know how the system handles the auth of a user, to my understanding it generates a sessionId that is sent to the page in a cookie with the name COOKIE. when you do the login it basically validates the session, so if password/user matches, the COOKIE (the session then) is valid to perform any actions on the website. It seems that there can be just 1 session at a time on the web app. The rest of the calls just need to be executed with the cookie and a header Referer that the backend checks.
- Copy Link
- Report Inappropriate Content
@Stefano Thanks for sharing!
For my EAP225-Outdoor running firmware 5.0.5, the rdata GET needs to be replaced by:
rdata=s.get('http://tplinkeap.net/data/status.client.user.json?operation=load',cookies=cookies,headers=headers)
This resource will vary by firmware and model.
One more hint for those curious about MD5. It can be generated with this shell command:
md5 -s PASSWORD|tr '[:lower:]' '[:upper:]'
Or do it in python directly:
import hashlib password_md5 = hashlib.md5(b'PASSWORD').hexdigest().upper()
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 5557
Replies: 2
Voters 0
No one has voted for it yet.