Closed blunderedbishop closed 2 years ago
plewin
commented
3 years ago @blunderedbishop I'm sorry somehow I missed the notification.
Hope you managed to do what you wanted. Are you still working on it ?
I implemented the whole thing in javascript to reuse the same library as the router to be cheaper to implement. It was quite complicated to make it work.
blunderedbishop
commented
3 years ago Hey, don't worry about it, thanks for the answer.
I eventually gave up because I couldn't really figure out how the password was being encoded, but it was my first time trying to reverse engineer something like that, so no worries. It was nothing important.
Cheers!
On Thu, Jan 7, 2021, 22:25 Philippe Lewin notifications@github.com wrote:
@blunderedbishop https://github.com/blunderedbishop I'm sorry somehow I missed the notification.
Hope you managed to do what you wanted. Are you still working on it ?
I implemented the whole thing in javascript to reuse the same library as the router to be cheaper to implement. It was quite complicated to make it work.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/plewin/tp-link-modem-router/issues/1#issuecomment-756394390, or unsubscribe https://github.com/notifications/unsubscribe-auth/ANMWDQEL7QHRD52VK65KO2DSYYRDHANCNFSM4RKV4RXA .
mt-ks
commented
2 years ago @blunderedbishop you can check; https://github.com/mehmetbeyHZ/tp-link-m7200-api
modem api gives you an rsa Mod and rsa PubKey for rsa encryption. data : encrypted aes data sign : encrypted rsa data
example sign for login (without encrypt);
key=RAND_AES_KEY&iv=**RAND_AES_IV**&h=MD("admin"+ADMIN_PASSWORD)&s=(SEQ_NUM + DATA LENGTH)KEY and IV : The key and iv parameters are the keys that you generate randomly and that you only use to obtain tokens in the login process.
h : It is the version of admin and modem passwords written side by side and encrypted with md5. s : The sum of the seqnum value you received from the modem IP and the lengths of the encrypted AES data.
steps for login; 1) create random key and iv parameters. 2) receive auth detail from modem; (seqNum, rsaMod, rsaPubKey etc..) 3) encrypt ( with AES) post data with your random key & iv (DATA) 4) get AES data size and build SIGN
plewin
commented
2 years ago I'm closing this thread as it is basically solved A note from what I recall, this particular line of modem routers have a low level non standard difference in some data padding and encoding that makes most rsa implementations incompatibles. Seems someone managed to implement it correctly in python directly from the browser js implementation https://github.com/hercule115/TPLink-Archer so that should be worth a try if someone needs a python implementation
Muhammadyusuf96
commented
6 months ago @mehmetbeyHZ how did you figured out? What was your hardware and software version?
Hello! I have the same router as you, the TP-Link Archer MR600. I'm trying to build a python API to interact with it but I'm having trouble with how the
dataandsignparameters are encrypted when sending the POST request to/cgi/loginto authenticate. I've tried to take a look atrouterEncryption.mjsbut since I have no experience with JS or encryption (sorry) I can't really figure out what's happening. I was wondering if you were willing to give me a quick explanation, if it is even possible. Thanks a lot!