Press a button

[pod]

Hello,

I want to make a perl script that presses the Disconnect button of the
below html code. I found some code but still I am not able to press the
button. Can someone help me please with some code?

thx

<form name='PPPConn0' action='/cgi/b/is/' method='post'>
<input type='hidden' name='0' value=''>
<input type='hidden' name='1' value=''>
<input type='hidden' name='2' value='279867884'>
<hr>
<div class='contentitem'>
<table cellspacing='0' cellpadding='0'>
<tr><td class='icon' valign='top' width='100px'><img
src='/images/cintgrxl.gif' alt='Internet Connection OK'></td>
<td class='data' valign='top'><table cellspacing='0'
cellpadding='0'><tr><td align='left'><span
class='itemtitle'>INTERNET</span></td><td align='right'><input
type='button' name='13' value='Disconnect'
onClick='submitForm(document.PPPConn0,13,0,"INTERNET","",0,"")' >
</td></tr>
<tr><td colspan='2'><input type='hidden' name='5' value="2">
<br><table cellspacing='0' cellpadding='0' width='100%'><tr><td
width='40' valign='top'><img src='/images/bull__md.gif' alt=''></td><td
valign='top'>
<span class='blocktitle'><a
href="javascript:GoAndRemember('/cgi/b/is/_pppoa_/ov/',
'name=INTERNET')">View more...</a></span><br>
</form>

 

[Tim Greer]

Hello,

I want to make a perl script that presses the Disconnect button of the
below html code. I found some code but still I am not able to press
the button. Can someone help me please with some code?

thx

<form name='PPPConn0' action='/cgi/b/is/' method='post'>
<input type='hidden' name='0' value=''>
<input type='hidden' name='1' value=''>
<input type='hidden' name='2' value='279867884'>
<hr>

What sort of script would the user be connecting to/using? In what way
are you attempting to "disconnect" them? Just ending their active
session, preventing them from continuing with said session, or? Sorry,
I didn't bother reading through the HTML source you had posted, as it
doesn't really offer the information needed to give you the best
answer. Is this a Perl script in CGI, or some specific service?

 

[Mirco Wahab]

I want to make a perl script that presses the Disconnect button of the
below html code. I found some code but still I am not able to press the
button. Can someone help me please with some code?

...
<input type='button' name='13' value='Disconnect' onClick='submitForm(document.PPPConn0,13,0,"INTERNET","",0,"")' />

What's the source code of this submitForm(...) part?

Regards

M.

 

[Tad J McClellan]

I want to make a perl script that presses the Disconnect button of the
below html code.

You misunderstand how this web stuff works.

The button is in the browser.

Perl programs do not run in a browser.

You cannot "press the button" in the browser from a Perl program.

What you _can_ do is to figure out what HTTP request the browser
sends when you click that button, then write a Perl program that
sends that same HTTP request.

If it were me, I'd set up the Web Scraping Proxy, click the
button in the browser, and then go see what wsp.pl has logged
for me.

I found some code

Let's see it. We cannot debug code that we cannot see.

<input
type='button' name='13' value='Disconnect'
onClick='submitForm(document.PPPConn0,13,0,"INTERNET","",0,"")' >

Another way to figure out what request is being made is to figure
out what submitForm() does.

 

[pod]

Hello

My aim is to make a script that pushes 2 buttons on my routers
webinterface so that the router can get a new ip. The html shows the
code of the button. I just have to press somehow the button is the html
code not enough information to make a little script that pushes the
Disconnect button?


I found something on the web but i dont know if its useful an example
that searches for someting and also presses a button?

use LWP::UserAgent;
$ua = LWP::UserAgent->new;
$ua->agent("MyApp/0.1 ");

# Create a request
my $req = HTTP::Request->new(POST => 'http://search.cpan.org/search');
$req->content_type('application/x-www-form-urlencoded');
$req->content('query=libwww-perl&mode=dist');

# Pass request to the user agent and get a response back
my $res = $ua->request($req);

# Check the outcome of the response
if ($res->is_success) {
print $res->content;
}
else {
print $res->status_line, "\n";
}

 

[Tad J McClellan]

[ Please do not top-post! ]

My aim is to make a script that pushes 2 buttons on my routers
webinterface so that the router can get a new ip. The html shows the
code of the button. I just have to press somehow the button is the html
code not enough information to make a little script that pushes the
Disconnect button?

Yes, the html code is not enough (because there is some JavaScript
in the middle).

You need to discover what HTTP request is being sent.

I found something on the web but i dont know if its useful an example
that searches for someting and also presses a button?

use LWP::UserAgent;

This module (or WWW::Mechanize which subclasses it) will almost
surely be part of the solution.

How to make it into the solution depends on ...

.... what HTTP request is being sent.


[ snip upside-down quote ]

 

[pod]

Hi

I used wireshark to have a look whats going on I hope its enough what i
have found?

This is the button that should be pressed:
<input type='button' name='13' value='Disconnect'
onClick='submitForm(document.PPPConn,13,0,"INTERNET","",0,"")' >

The javascript code should be:

GET /util.js HTTP/1.1
Host: 10.0.0.138
User-Agent: Mozilla/5.0 (X11; U; Linux i686; de; rv:1.9.0.5)
Gecko/2008120121 Firefox/3.0.5
Accept: */*
Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://10.0.0.138/cgi/b/is/_pppoa_/ov/?be=0&l0=1&l1=2&name=INTERNET

HTTP/1.0 200 OK
Cache-Control: no-cache
Expires: -1
Content-Type: application/x-javascript

This should be the method

// Function submit a form
function submitForm(theForm, actionNo, flags, primkey, confirmMsg,
anchor, eval_code)
{
var VALIDATE = 0x01;
var CONFIRM = 0x02;
var EVAL = 0x04;

if (flags && (flags & CONFIRM))
if (!confirm(confirmMsg)) return;
if (flags && (flags & VALIDATE))
if (!validate(theForm, actionNo)) return;
if (flags && (flags & EVAL) && eval_code)
eval(eval_code);
if (actionNo > 0)
theForm.elements[0].value = actionNo;
if (primkey)
theForm.elements[1].value = primkey;
var customArgs = new String("");
if (g_state[TYPE].length > 0)
{
customArgs += "name="+escape(g_state[NAME]);
if (g_state[KEY].length > 0)
customArgs += "&" + g_urlArgs[KEY] + "=" + g_state[KEY];
}
if (g_state[TID].length > 0)
{
if (customArgs != "")
customArgs += "&";
customArgs += g_urlArgs[TID] + "=" + g_state[TID];
}
theForm.action += constructArgString(customArgs);
if (anchor)
theForm.action += "#" + anchor;
theForm.submit();
disable_fields(theForm);
}


This is from 10.0.0.1 -> 10.0.0.138

POST /cgi/b/is/_pppoa_/ov/?be=0&l0=1&l1=2&name=INTERNET HTTP/1.1
Host: 10.0.0.138
User-Agent: Mozilla/5.0 (X11; U; Linux i686; de; rv:1.9.0.5)
Gecko/2008120121 Firefox/3.0.5
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://10.0.0.138/cgi/b/is/_pppoa_/ov/?be=0&l0=1&l1=2&name=INTERNET
Content-Type: application/x-www-form-urlencoded
Content-Length: 32

0=13&1=INTERNET&2=3342349270&5=2



The answer from 10.0.0.138 -> 10.0.0.1
is html code a few lines:

HTTP/1.0 200 OK
Cache-Control: no-cache
Expires: -1
Content-Type: text/html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Thomson Gateway - INTERNET</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<script type="text/javascript">var g_navitem = -1;</script>
<script type="text/javascript"> var g_focus = -1;</script>
<script type='text/javascript' src='/util.js'></script>
<link rel="stylesheet" type="text/css" href="/styles.css">
</head>
<body onload="setFocus();" height="100%
.........................................................................

thx

[ Please do not top-post! ]

My aim is to make a script that pushes 2 buttons on my routers
webinterface so that the router can get a new ip. The html shows the
code of the button. I just have to press somehow the button is the html
code not enough information to make a little script that pushes the
Disconnect button?

Yes, the html code is not enough (because there is some JavaScript
in the middle).

You need to discover what HTTP request is being sent.

I found something on the web but i dont know if its useful an example
that searches for someting and also presses a button?

use LWP::UserAgent;

This module (or WWW::Mechanize which subclasses it) will almost
surely be part of the solution.

How to make it into the solution depends on ...

... what HTTP request is being sent.


[ snip upside-down quote ]

 

[Tad J McClellan]

[ You will enter the killfile the next time you top-post.
Please do not top-post!
]

I used wireshark to have a look whats going on I hope its enough

This is the button that should be pressed:

Don't need "the button".

The javascript code should be:

Don't need the javascript.

POST /cgi/b/is/_pppoa_/ov/?be=0&l0=1&l1=2&name=INTERNET HTTP/1.1
Host: 10.0.0.138
User-Agent: Mozilla/5.0 (X11; U; Linux i686; de; rv:1.9.0.5)
Gecko/2008120121 Firefox/3.0.5
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://10.0.0.138/cgi/b/is/_pppoa_/ov/?be=0&l0=1&l1=2&name=INTERNET
Content-Type: application/x-www-form-urlencoded
Content-Length: 32

0=13&1=INTERNET&2=3342349270&5=2

There is the post request that is needed.

Now use LWP::UserAgent to send that same request.

There are 4 values to set, named "0", "1", "2" and "5".

[ Please do not top-post! ]

I asked nicely already.

[ snip upside-down quote ]

[ snip yet more upside-down foolishness ]

 

[pod]

Hello

Thx for your answer - I use use the below code but I get a HTTP/1.0 403
Forbidden. Any idea?


use HTTP::Headers;
use HTTP::Request;
use LWP::UserAgent;
use LWP::ConnCache;
use strict;

my $url =
'http://10.0.0.138/cgi/b/is/_pppoa_/ov/?be=0&l0=1&l1=2&name=INTERNET';
my $content = '0=13&1=INTERNET&2=3342349270&5=2';
my $method = 'POST';
my
$referer='http://10.0.0.138/cgi/b/is/_pppoa_/ov/?be=0&l0=1&l1=2&name=INTERNET';



my $header = HTTP::Headers->new (
'ACCEPT'=>'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
'ACCEPT_LANGUAGE'=>'de-de,de;q=0.8,en-us;q=0.5,en;q=0.3',
'REFERER'=>"$referer",
'USER_AGENT'=>'Mozilla/4.0 (compatible; MSIE 5.0; Windows 98; DigExt)');


my $ua = LWP::UserAgent->new;
$ua->conn_cache(LWP::ConnCache->new());
my $request = HTTP::Request->new ($method, $url, $header, $content);
$request->content_type('application/x-www-form-urlencoded');

my $response = $ua->request($request);
print $response->content;



POST /cgi/b/is/_pppoa_/ov/?be=0&l0=1&l1=2&name=INTERNET HTTP/1.1
TE: deflate,gzip;q=0.3
Keep-Alive: 300
Connection: Keep-Alive, TE
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3
Host: 10.0.0.138
Referer: http://10.0.0.138/cgi/b/is/_pppoa_/ov/?be=0&l0=1&l1=2&name=INTERNET
User-Agent: Mozilla/4.0 (compatible; MSIE 5.0; Windows 98; DigExt)
Content-Type: application/x-www-form-urlencoded
Content-Length: 32

0=13&1=INTERNET&2=3342349270&5=2HTTP/1.0 403 Forbidden
Server: Speed Touch WebServer/1.0
Content-Type: text/html
Content-Length: 24

HTTP/1.0 403 Forbidden



thx

 

[Tim Greer]

Hello

Thx for your answer - I use use the below code but I get a HTTP/1.0
403 Forbidden. Any idea?

Does that web interface require a login/active session to run the
commands you pass to it (posting to that URL)?

 

[pod]

Does that web interface require a login/active session to run the
commands you pass to it (posting to that URL)?

NO - I have direct acess to the router http://10.0.0.138/

 

[Tim Greer]

NO - I have direct acess to the router http://10.0.0.138/

Is it possible the direct access is due to your browser having an active
session, or does access simply not require a login at all?

Does the exact same URL, arguments and request method from your browser
itself result in a 403 error, or does it work then? In other words,
have you ruled out factors other than the script?

Do you need to pass the header, referer, etc.? Did you try this by
simply having the script post to the URL in question.

 

[pod]

Is it possible the direct access is due to your browser having an active
session, or does access simply not require a login at all?

No login is required and i never had to login myself - I can also acess
the router with telnet and I have to press for username and password
just ENTER then I am logged in.

Does the exact same URL, arguments and request method from your browser
itself result in a 403 error, or does it work then? In other words,
have you ruled out factors other than the script?

In my browser I never had a 403 error

Do you need to pass the header, referer, etc.?

I dont know?? This is my first experience with perl? You may have some
other code to test?

Did you try this by

simply having the script post to the URL in question.

?? I dont know what you mean with that

 

[Tim Greer]

pod wrote:

Did you try this by

?? I dont know what you mean with that

Partly, the question was to see if this issue is related to your Perl
code (doesn't matter the language or method if that method or URL
doesn't work). The question was about using the same method (POST) to
send the arguments (URL with the fields and values) straight to the URL
from a mockup HTML page with that same URL, same arguments, etc. and
use a normal submit button (using a form tag in the HTML) and see if
that has the same result as trying to use the post method in the Perl
script. For that matter, if just the URL with the GET method works
with your browser that you have the script using. Just a suggestion to
ensure it works before you try and troubleshoot a script that's
resulting in a 403 error.

 

[Todd Wade]

Hello

Thx for your answer - I use use the below code but I get a HTTP/1.0 403
Forbidden. Any idea?

...
$referer='http://10.0.0.138/cgi/b/is/_pppoa_/ov/?be=0&l0=1&l1=2&name=INTERNET';

my $header = HTTP::Headers->new (
'ACCEPT'=>'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
'ACCEPT_LANGUAGE'=>'de-de,de;q=0.8,en-us;q=0.5,en;q=0.3',
'REFERER'=>"$referer",
'USER_AGENT'=>'Mozilla/4.0 (compatible; MSIE 5.0; Windows 98; DigExt)');

I was going to say that maybe the referer needed set, but it looks
like you're setting it here.

Do either 1 or 2 or both:

1. Open a raw socket to the web server in the router and send a copy
of the raw request and see if that works.

2. Look at the network traffic for the LWP request and modify the code
until it matches the sniffed successful request.

Todd W.

 

[pod]

Hi

I just tried http://jdownloader.org/news?&lng=en which also has a
reboot sript for the THOMSON TG585 v7 and it also fails with a 403 error
- So i think it must be an authentication/authorization problem?

for that code which is the login form for the router I get an OK:

use LWP 5.64;
my $browser = LWP::UserAgent->new;

my $url =
'http://10.0.0.138/?switchuser=1&id=12&target=/cgi/b/toolbox/?be=0';
$browser->credentials(
'10.0.0.138:80',
'Thomson Gateway',
'wer' => 'wer'
);


my $response = $browser->get($url);
die "Error: ", $response->header('WWW-Authenticate') ||
'Error accessing',
"\n ", $response->status_line, "\n at $url\n Aborting"
unless $response->is_success;

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
GET /?switchuser=1&id=12&target=/cgi/b/toolbox/%3fbe%3d0 HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Authorization: Digest username="wer", realm="Thomson Gateway",
qop="auth", algorithm="MD5",
uri="/?switchuser=1&id=12&target=/cgi/b/toolbox/%3fbe%3d0",
nonce="0805SF9K8:00-1D-68-0D-CC-E8:262536:733390", nc="00000001",
cnonce="495503cf", response="c533ede05cca68d054716578f57b31a7"
Host: 10.0.0.138
User-Agent: libwww-perl/5.805

HTTP/1.0 200 OK
Cache-Control: no-cache
Expires: -1
Content-Type: text/html
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------


but then I try a Post


my $req = HTTP::Request->new(POST =>
'http://10.0.0.138/cgi/b/bb/?be=0&l0=1&l1=-1');
$req->content_type('application/x-www-form-urlencoded');
$req->content('0=13&1=INTERNET&2=2801929167&5=2');


my $res = $browser->request($req);

# Check the outcome of the response
if ($res->is_success) {
print $res->content;
}
else {
print $res->status_line, "\n";
}

and I get a 403 error. So how do I make a POST with the Authorization I
used for the login? Is the $browser not always authorized and uses
Authorization when I am logged in (for further POSTS)?


POST /cgi/b/bb/?be=0&l0=1&l1=-1 HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Host: 10.0.0.138
User-Agent: libwww-perl/5.805
Content-Type: application/x-www-form-urlencoded
Content-Length: 32

0=13&1=INTERNET&2=2801929167&5=2HTTP/1.0 403 Forbidden
Server: Speed Touch WebServer/1.0
Content-Type: text/html
Content-Length: 24

HTTP/1.0 403 Forbidden

 

[Tim Greer]

Hi

I just tried http://jdownloader.org/news?&lng=en which also has a
reboot sript for the THOMSON TG585 v7 and it also fails with a 403
error - So i think it must be an authentication/authorization problem?

for that code which is the login form for the router I get an OK:

use LWP 5.64;
my $browser = LWP::UserAgent->new;

my $url =
'http://10.0.0.138/?switchuser=1&id=12&target=/cgi/b/toolbox/?be=0';
$browser->credentials(
'10.0.0.138:80',
'Thomson Gateway',
'wer' => 'wer'
);


my $response = $browser->get($url);
die "Error: ", $response->header('WWW-Authenticate') ||
'Error accessing',
"\n ", $response->status_line, "\n at $url\n Aborting"
unless $response->is_success;

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
GET /?switchuser=1&id=12&target=/cgi/b/toolbox/%3fbe%3d0 HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Authorization: Digest username="wer", realm="Thomson Gateway",
qop="auth", algorithm="MD5",
uri="/?switchuser=1&id=12&target=/cgi/b/toolbox/%3fbe%3d0",
nonce="0805SF9K8:00-1D-68-0D-CC-E8:262536:733390", nc="00000001",
cnonce="495503cf", response="c533ede05cca68d054716578f57b31a7"
Host: 10.0.0.138
User-Agent: libwww-perl/5.805

HTTP/1.0 200 OK
Cache-Control: no-cache
Expires: -1
Content-Type: text/html
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------


but then I try a Post


my $req = HTTP::Request->new(POST =>
'http://10.0.0.138/cgi/b/bb/?be=0&l0=1&l1=-1');
$req->content_type('application/x-www-form-urlencoded');
$req->content('0=13&1=INTERNET&2=2801929167&5=2');


my $res = $browser->request($req);

# Check the outcome of the response
if ($res->is_success) {
print $res->content;
}
else {
print $res->status_line, "\n";
}

and I get a 403 error. So how do I make a POST with the Authorization
I used for the login? Is the $browser not always authorized and uses
Authorization when I am logged in (for further POSTS)?


POST /cgi/b/bb/?be=0&l0=1&l1=-1 HTTP/1.1
TE: deflate,gzip;q=0.3
Connection: TE, close
Host: 10.0.0.138
User-Agent: libwww-perl/5.805
Content-Type: application/x-www-form-urlencoded
Content-Length: 32

0=13&1=INTERNET&2=2801929167&5=2HTTP/1.0 403 Forbidden
Server: Speed Touch WebServer/1.0
Content-Type: text/html
Content-Length: 24

HTTP/1.0 403 Forbidden

You've said above that it doesn't require a login (which I'd imagine you
were possibly mistaken about, as that would be unusual -- though
certainly possible). Your first example logged in and authenticated
you, but the second example was a stateless request, so the first login
wouldn't have affected it/authenticated the POST call. You need to do
both in a single step, unless you can somhoe capture and re-use an
authenticated session (possibly in the URL, or otherwise the header --
depending on how the router you are using works).

 

[Tim Greer]

stateless request

Pardon, that wasn't the best term to use (before anyone catches that and
takes this thread off topic), but you get the point.