wget post form to reboot router - wget

I want to restart my Fritz!Box 7390 using wget.
The webinterface has got a reboot form which looks like this:
<form action="/system/reboot.lua" method="POST">
<div id="btn_form_foot">
<input type="hidden" name="sid" value="beb5683181c2ab9f">
<button type="submit" name="reboot">Neu starten</button>
</div>
</form>
I want to submit this form. So far i tried it like this, but it does not seem to work:
wget --post-data "sid=beb5683181c2ab9f" "http://fritz.box/system/reboot.lua"
The sid seems to change everytime i load the page.
But im not sure if thats the issue, cause i can fix the sid by adding ?sid=example to the url


You can't just POST to that url alone. You first need to get a valid session id. This can be done by doing a GET request on http://fritz.box/checklogin.lua and grabbing it from the LOCATION header value. Then you can use this to post to the http://fritz.box/system/reboot.lua including the session id.
Here are the minimal steps to automate it:
SID=$(curl -s -I "http://fritz.box/logincheck.lua" | grep -Fi Location | awk -F'[=]' '{print $2}')
SID=$(curl -s -i -H "Content-Type: application/x-www-form-urlencoded" -H "Origin: http://fritz.box" -H "Referer: http://fritz.box/system/reboot.lua\?sid\=$SID" --data "reboot=&sid=$SID" -L http://fritz.box/system/reboot.lua | grep -Fi Location | awk -F'[=]' '{print $2}')
curl -s http://fritz.box/reboot.lua?ajax=1&sid=$REBOOT_SID
I've created a little script with some extra checks that you can find hereYou can find the complete script including check here at: http://git.io/v3zQs


Suggestions what the steps are for the current software (v7.20+)?
Preferably for router that is password protected.
I tried to update it to use the recent path using the Chrome dev tools info.
It gives a statuscode 200 and response: {"reboot_state":"extern"}.
But no restart.
Chrome Developer Tools says the url when pressing the Restart button in the UI is:
curl 'http://fritz.box/reboot.lua' \
-H 'Connection: keep-alive' \
-H 'Pragma: no-cache' \
-H 'Cache-Control: no-cache' \
-H 'User-Agent: Mozilla/5.0 (...) Chrome/86.0.4240.111 Safari/537.36' \
-H 'DNT: 1' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'Accept: */*' \
-H 'Origin: http://fritz.box' \
-H 'Referer: http://fritz.box/' \
-H 'Accept-Language: en,en-US;q=0.9,nl;q=0.8,de;q=0.7,la;q=0.6' \
--data-raw 'ajax=1&sid=1fd4370b50b14b07&no_sidrenew=1&xhr=1&useajax=1' \
--compressed \
--insecure
(sid obviously changes after each login)

Related

Datadog keeps creating monitors when dynamic source id changes

I have a Datadog monitor generated by terraform.
The main query is as follows:
sum(last_1m):avg:app.application.health{application.health:healthy,cluster_name:${local.eks_cluster_name},!source:api-service-full} by {source}.as_count() < 60"
The issue is that after a system restart the {source} container changes it's name.
For example from app-tier-1-1abc-agent
to app-tier-1-def2-agent
The Datadog instead of updating, or removing the old monitors just creates new ones and leaves the old monitors in Alarm and N/A.
Is there anyway to improve this? All ideas appreciated, thanks!

Solved this by sending API calls to edit each monitor query on shutdown and startup.
I made a very clunky bash script, because I couldn't find a way to store -data for the curl in a variable in bash, but if using other scripting languages this could have been done in much less code, example is for 2 monitors
monitor_id=$(curl -L -X GET "https://api.datadoghq.com/api/v1/monitor" \
-H "Content-Type: application/json" \
-H "DD-API-KEY: ${DATADOG_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DATADOG_APP_KEY}" \
--data-raw '{"tags":["application_id:'$APP_ID_LOWERCASE'"]}'| jq -r ' .[] | select((.name |endswith("XXXXXXX Heartbeats") or endswith("XXXXX HeartBeat monitoring")) and (.tags[]=="application_id:'$APP_ID_LOWERCASE'")) | .id')
# curl gets cluster name used in queries
CLUSTER_NAME=$(curl -L -X GET "https://api.datadoghq.com/api/v1/monitor" \
-H "Content-Type: application/json" \
-H "DD-API-KEY: ${DATADOG_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DATADOG_APP_KEY}" \
--data-raw '{"tags":["application_id:'$APP_ID_LOWERCASE'"]}'| jq -r ' .[] | select((.name |endswith("XXXX HeartBeat monitoring")) and (.tags[]=="application_id:'$APP_ID_LOWERCASE'")) | .query' | awk -F',cluster_name:|,' '{print $2}')
# For each monitor id edit monitor query
while IFS= read -r monitors
do
# curl gets monitor name
monitor_name=$(curl -L -X GET "https://api.datadoghq.com/api/v1/monitor/"$monitors"" \
-H "Content-Type: application/json" \
-H "Accept: application/json" \
-H "DD-API-KEY: ${DATADOG_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DATADOG_APP_KEY}" | jq -r .name)
# checking which monitor query to send based on name, the queries are hardcoded because I couldn't find a way to set the query as a variable in bash
if [[ $monitor_name == *"XXXXXX HeartBeat monitoring"* ]]; then
shutdown_query=$(curl -L -X PUT "https://api.datadoghq.com/api/v1/monitor/"$monitors"" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "DD-API-KEY: ${DATADOG_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DATADOG_APP_KEY}" \
--data-raw '{"query":"sum(last_1m):avg:health{application.health:healthy,cluster_name:'${CLUSTER_NAME}',!source:XXXXXX-full-1,source:DUMMY-VALUE-TO-RESEt-QUERY} by {source}.as_count() < 60"}')
elif
[[ $monitor_name == *"XXXXXX Instance Heartbeats"* ]]; then
shutdown_query=$(curl -L -X PUT "https://api.datadoghq.com/api/v1/monitor/"$monitors"" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "DD-API-KEY: ${DATADOG_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DATADOG_APP_KEY}" \
--data-raw '{"query":"sum(last_1m):avg:heartbeat{cluster_name:'${CLUSTER_NAME}',source:DUMMY-VALUE-TO-RESEt-QUERY} by {source}.as_count() < 3"}')
fi
done <<< "$monitor_id"
Then just remove the dummy query value on startup and it will pick up your new monitors while forgetting the non existing ones

How to upload local file to GitHub using cURL?

I try to use cURL to upload a local file (e.g. docx, jpeg...) to GitHub repository? How can I specify the local file location and upload it to GitHub?
curl -X "PUT" \
-H "Accept: application/vnd.github+json" \
-H "Authorization: token <token>" \
https://api.github.com/repos/BT23/demo-repo/contents/hello.txt \
-d '{
"message":"Upload this file to Git",
"committer":{"name":"Bon", "email":"bon#bon.com"},
"content":{"$(openssl base64 -A in $/temp/hello.txt)"}
}'
Thanks

As an alternative, you can separate the content encoding from the curl call.
See this gist
content=$(cat /temp/hello.txt | base64)
curl -X "PUT" \
-H "Accept: application/vnd.github+json" \
-H "Authorization: token <token>" \
https://api.github.com/repos/BT23/demo-repo/contents/hello.txt \
-d '{
"message":"Upload this file to Git",
"committer":{"name":"Bon", "email":"bon#bon.com"},
"content":"${content}"}
}'

Using a captured request from Chrome does not work properly in Insomnia or CURL

I have an issue Im hoping to get help with. I am trying to interact directly with a website by making requests directly to an endpoint instead of using the site itself. I started by capturing three basic requests, Login, Logout, and submitting some data. I did the standard process of going into the Chrome inspect panel and copying the logged request as a CURL statement. It looks like this for the following commands....
Login
curl 'https://thewebsite.org/login' \
-H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' \
-H 'Accept-Language: en-US;q=0.7' \
-H 'Cache-Control: max-age=0' \
-H 'Connection: keep-alive' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'Cookie: symfony=0d5784ap6ogee0r1nba4446krftdqug9kq6jotmqecp9lmip7b10' \
-H 'Origin: https://thewebsite.org' \
-H 'Referer: https://thewebsite.org/index.php/en' \
-H 'Sec-Fetch-Dest: document' \
-H 'Sec-Fetch-Mode: navigate' \
-H 'Sec-Fetch-Site: same-origin' \
-H 'Sec-Fetch-User: ?1' \
-H 'Sec-GPC: 1' \
-H 'Upgrade-Insecure-Requests: 1' \
-H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36' \
--data-raw 'login=the_user&password=the_password' \
--compressed
This seems to work both in Insomnia and via command line using CURL.
However, the Logout and the submission of the edited data do not work at all. I will get a success response back on both but the edited data is not actually saved the next time I view it and in regards to the logout functionality it is not ultimately successful either because I have to let the login timeout to login via a browser again (this happens because the user was not properly logged out on this site).
Logout
curl 'https://thewebsite.org/logout' \
-H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' \
-H 'Accept-Language: en-US;q=0.7' \
-H 'Connection: keep-alive' \
-H 'Cookie: symfony=6hpsjifjnem8v0r7pfb5rr22fkdr9th115t01c05p8cfss9mrle1' \
-H 'Referer: https://thewebsite.org/thelink' \
-H 'Sec-Fetch-Dest: document' \
-H 'Sec-Fetch-Mode: navigate' \
-H 'Sec-Fetch-Site: same-origin' \
-H 'Sec-Fetch-User: ?1' \
-H 'Sec-GPC: 1' \
-H 'Upgrade-Insecure-Requests: 1' \
-H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36' \
--compressed
I'd also add that in Chrome dev tools that the response code appears as 302. I tried disabling redirects and get a 302 back when I do that as opposed to a 200 but it makes no difference in terms of it behaving as it does in the browser.
Im really not sure what else to try, if anyone has any comments or suggestions I would be grateful. This is my first question, so if I left out some needed data I will gladly post it. Thank you!

Cloudflare DDNS repeat sh script using API v4, with multiple A record in a single sh script, but fail

I am trying to use Cloudflare API v4 to setup DDNS on my server. But I am new in scripting .sh file. I hope to update multiple DNS records in a single .sh file.
I got a script from the internet (script1.sh):
NEW_IP=`curl -s http://ipv4.icanhazip.com`
CURRENT_IP=`cat /Users/foo/Desktop/cloudflare/current_ip.txt`
if [ "$NEW_IP" = "$CURRENT_IP" ]
then
echo "No Change in IP Adddress"
else
curl -X PUT "https://api.cloudflare.com/client/v4/zones/{zone_id}/dns_records/{dns_record_id}" \
-H "X-Auth-Email: {my_email}" \
-H "X-Auth-Key: {global_api_key}" \
-H "Content-Type: application/json" \
--data '{"type":"A","name":"{domain_name}","content":"'$NEW_IP'","ttl":1,"proxied":true}'
echo $NEW_IP > /Users/foo/Desktop/cloudflare/current_ip.txt
fi
The above script is work fine for single DNS record update instead of multiple record update like below (script2.sh):
NEW_IP=`curl -s http://ipv4.icanhazip.com`
CURRENT_IP=`cat /Users/foo/Desktop/cloudflare/current_ip.txt`
if [ "$NEW_IP" = "$CURRENT_IP" ]
then
echo "No Change in IP Adddress"
else
#domain-one
curl -X PUT "https://api.cloudflare.com/client/v4/zones/{zone_id_for_domain_one}/dns_records/{dns_record_id_for_domain_one_record_one}" \
-H "X-Auth-Email: {my_email}" \
-H "X-Auth-Key: {global_api_key}" \
-H "Content-Type: application/json" \
--data '{"type":"A","name":"domain-one.com","content":"'$NEW_IP'","ttl":1,"proxied":true}'
curl -X PUT "https://api.cloudflare.com/client/v4/zones/{zone_id_for_domain_one}/dns_records/{dns_record_id_for_domain_one_record_two}" \
-H "X-Auth-Email: {my_email}" \
-H "X-Auth-Key: {global_api_key}" \
-H "Content-Type: application/json" \
--data '{"type":"A","name":"subdomain.domain-one.com","content":"'$NEW_IP'","ttl":1,"proxied":true}'
#domain-two
curl -X PUT "https://api.cloudflare.com/client/v4/zones/{zone_id_for_domain_two}/dns_records/{dns_record_id_for_domain_two_record}" \
-H "X-Auth-Email: {my_email}" \
-H "X-Auth-Key: {global_api_key}" \
-H "Content-Type: application/json" \
--data '{"type":"A","name":"domain-two.com","content":"'$NEW_IP'","ttl":1,"proxied":true}'
echo $NEW_IP > /Users/foo/Desktop/cloudflare/current_ip.txt
fi
Can you please help to explain and solve the problem? Please tell me what's wrong in the script. Thanks!
[edit] I run it once by sh /Users/foo/Desktop/script-name.sh, for the first example (script1.sh), it is ok; for second example (script2.sh), return -bash: fork: Resource temporarily unavailable. As I use automatic run script like cron, it is same result.

Every curl request done, needed to add & or && to continue the following function.
More explanation here.
NEW_IP=`curl -s http://ipv4.icanhazip.com`
CURRENT_IP=`cat /Users/foo/Desktop/cloudflare/current_ip.txt`
if [ "$NEW_IP" = "$CURRENT_IP" ]
then
echo "No Change in IP Adddress"
else
#domain-one
curl -X PUT "https://api.cloudflare.com/client/v4/zones/{zone_id_for_domain_one}/dns_records/{dns_record_id_for_domain_one_record_one}" \
-H "X-Auth-Email: {my_email}" \
-H "X-Auth-Key: {global_api_key}" \
-H "Content-Type: application/json" \
--data '{"type":"A","name":"domain-one.com","content":"'$NEW_IP'","ttl":1,"proxied":true}' &
curl -X PUT "https://api.cloudflare.com/client/v4/zones/{zone_id_for_domain_one}/dns_records/{dns_record_id_for_domain_one_record_two}" \
-H "X-Auth-Email: {my_email}" \
-H "X-Auth-Key: {global_api_key}" \
-H "Content-Type: application/json" \
--data '{"type":"A","name":"subdomain.domain-one.com","content":"'$NEW_IP'","ttl":1,"proxied":true}' &
#domain-two
curl -X PUT "https://api.cloudflare.com/client/v4/zones/{zone_id_for_domain_two}/dns_records/{dns_record_id_for_domain_two_record}" \
-H "X-Auth-Email: {my_email}" \
-H "X-Auth-Key: {global_api_key}" \
-H "Content-Type: application/json" \
--data '{"type":"A","name":"domain-two.com","content":"'$NEW_IP'","ttl":1,"proxied":true}'
echo $NEW_IP > /Users/foo/Desktop/cloudflare/current_ip.txt
fi

After going through many posts on this topic I've ended up taking parts from a number posts and settled for the below.
The below will loop through the entries in the array "dnsrecords" and update each with the machines current external address.
Have had a little more time to look into this, I wanted it to run it on my NGINX server as a cronjob and update multiple records, some to be proxied and others not.
Still want to make some of the below into functions, but for now it is working as I need it to.
And it also logs onto a "log.log" file on every run.
#!/usr/bin/bash
## Cloudflare authentication details
## Keep these private
cloudflare_auth_email=Your_Email
cloudflare_auth_key="Your_API_Key"
zoneid="Your_Zone_ID"
## Cloudflare Proxied DNS Records as Array
dnsrecords_proxied=(
"domain.com"
"www.domain.com"
"sub1.domain.com"
"sub2.domain.com"
"sub3.domain.com"
"sub3.domain.com"
)
## Cloudflare Non-Proxied DNS Records as Array
dnsrecords_not_proxied=(
"vpn01.domain.com"
"vpn02.domain.com"
)
## Files to log to (replace "path/to/" with script path)
log=path/to/log.log
log_ip=path/to/previous_ip
## Getting Date/Time
dt=$(date '+%d/%m/%Y %H:%M:%S')
## Get old IP from file
old_ip=$(cat $log_ip)
## Get the current external IP address
ip=$(curl -s -X GET https://api.ipify.org)
#echo "Current IP is $ip"
## Checking if IP changed since last update
if [ $ip = $old_ip ]; then
echo -en "$dt - Previous IP:$old_ip\n$dt - Current IP:$ip\n$dt - No Changes Required....\n" >> $log
echo "$(tail -n 1000 $log)" > $log
exit
## Exit if IP has not changed
else
## If the IP changed, not match the one on file "previous_ip"
echo -en "$dt - Previous IP:$old_ip\n$dt - Current IP:$ip\n$dt - Starting Updates....\n" >> $log
## Processing Proxied DNS Records
for dnsrecord in "${dnsrecords_proxied[#]}"
do
## For each DNS Record in Array "dnsrecords"
# Getting the DNS Record ID
dnsrecordid=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones/$zoneid/dns_records?type=A&name=$dnsrecord" \
-H "X-Auth-Email: $cloudflare_auth_email" \
-H "Authorization: Bearer $cloudflare_auth_key" \
-H "Content-Type: application/json" | jq -r '{"result"}[] | .[0] | .id') &&
# Updating the DNS Record
curl -s -X PUT "https://api.cloudflare.com/client/v4/zones/$zoneid/dns_records/$dnsrecordid" \
-H "X-Auth-Email: $cloudflare_auth_email" \
-H "Authorization: Bearer $cloudflare_auth_key" \
-H "Content-Type: application/json" \
--data "{\"type\":\"A\",\"name\":\"$dnsrecord\",\"content\":\"$ip\",\"ttl\":1,\"proxied\":true}" | jq
echo -en "$dt - Updated - $dnsrecord \n" >> $log
done
## Processing Non Proxied DNS Records
for dnsrecord in "${dnsrecords_not_proxied[#]}"
do
## For each DNS Record in Array "dnsrecords"
# Getting the DNS Record ID
dnsrecordid=$(curl -s -X GET "https://api.cloudflare.com/client/v4/zones/$zoneid/dns_records?type=A&name=$dnsrecord" \
-H "X-Auth-Email: $cloudflare_auth_email" \
-H "Authorization: Bearer $cloudflare_auth_key" \
-H "Content-Type: application/json" | jq -r '{"result"}[] | .[0] | .id') &&
# Updating the DNS Record
curl -s -X PUT "https://api.cloudflare.com/client/v4/zones/$zoneid/dns_records/$dnsrecordid" \
-H "X-Auth-Email: $cloudflare_auth_email" \
-H "Authorization: Bearer $cloudflare_auth_key" \
-H "Content-Type: application/json" \
--data "{\"type\":\"A\",\"name\":\"$dnsrecord\",\"content\":\"$ip\",\"ttl\":1,\"proxied\":false}" | jq
echo -en "$dt - Updated - $dnsrecord \n" >> $log
done
echo $ip > $log_ip
echo -en "$dt - Updates Completed.... \n" >> $log
echo "$(tail -n 1000 $log)" > $log
fi

Paypal Preapproval invalid request

I'm trying to play with the PreApproval from Adaptive Payments. Specifically, to go through the four steps from the documentation on Preapproval.
I'm stuck at the Step 1: Set Up the Preapproval with a curl command:
$ curl -s --insecure \
-H "X-PAYPAL-SECURITY-USERID: myuserid.gmail.com" \
-H "X-PAYPAL-SECURITY-PASSWORD: mypass" \
-H "X-PAYPAL-SECURITY-SIGNATURE: mysignaturestring" \
-H "X-PAYPAL-REQUEST-DATA-FORMAT: NV" \
-H "X-PAYPAL-RESPONSE-DATA-FORMAT: NV" \
-H "X-PAYPAL-APPLICATION-ID: APP-80W284485P519543T" \
https://svcs.sandbox.paypal.com/AdaptivePayments/Preapproval -d \
"cancelUrl=http://www.yourdomain.com/cancel.html
&currencyCode=USD
&endingDate=2014-09-10T22:00:00Z
&maxAmountPerPayment=200.00
&maxNumberOfPayments=30
&maxTotalAmountOfAllPayments=1500.00
&pinType=NOT_REQUIRED
&requestEnvelope.errorLanguage=en_US
&returnUrl=http://www.yourdomain.com/success.html
&startingDate=2014-08-10T22:00:00Z"
Instead of a preapprovalKey, I receive an error. I know it's something wrong with the data I send, but I can't figure out what:
esponseEnvelope.timestamp=2014-08-05T01:24:55.289-07:00
&responseEnvelope.ack=Failure
&responseEnvelope.correlationId=7c6db7beda57a
&responseEnvelope.build=11853342
&error(0).errorId=580001
&error(0).domain=PLATFORM
&error(0).subdomain=Application
&error(0).severity=Error
&error(0).category=Application
&error(0).message=Invalid request: Data validation warning(line -1, col 0): 2014-09-10T22:00:00Z
&error(0).parameter(0)=Data validation warning(line -1, col 0): 2014-09-10T22:00:00Z
Please note that:
my API credentials are OK, I've successfully tested them on Express Checkout from the documentation
some fields are according to documentation while others are exactly like in the docs copy pasted:
startingDate is in the future, the docs say to not be today's date (the date of the post) or after end date.
endingDate - startingDate is one month, less than a year as they say in the docs.
I also tried using https://apigee.com/console/paypal in case I was doing sth wrong with curl

Damn, I figured it out due to my indentation on SO to have it look pretty for you guys. It's because of the whitespace enters (\n's) in the -d \ "cancelUrl=... &currencyCode=USD & ...".
Thanks, so the correct one for reference here is:
$ curl -s --insecure \
-H "X-PAYPAL-SECURITY-USERID: myuserid.gmail.com" \
-H "X-PAYPAL-SECURITY-PASSWORD: mypass" \
-H "X-PAYPAL-SECURITY-SIGNATURE: mysignaturestring" \
-H "X-PAYPAL-REQUEST-DATA-FORMAT: NV" \
-H "X-PAYPAL-RESPONSE-DATA-FORMAT: NV" \
-H "X-PAYPAL-APPLICATION-ID: APP-80W284485P519543T" \
https://svcs.sandbox.paypal.com/AdaptivePayments/Preapproval -d \
"cancelUrl=http://www.yourdomain.com/cancel.html&currencyCode=USD&endingDate=2014-09-10T22:00:00Z&maxAmountPerPayment=200.00&maxNumberOfPayments=30&maxTotalAmountOfAllPayments=1500.00&pinType=NOT_REQUIRED&requestEnvelope.errorLanguage=en_US&returnUrl=http://www.yourdomain.com/success.html&startingDate=2014-08-10T22:00:00Z"