Wählhilfe / Dial software with new firmware

cybermaus

Neuer User
Mitglied seit
5 Mai 2008
Beiträge
104
Punkte für Reaktionen
2
Punkte
18
Hi all

on 7270/7240 after update x.4.76 several, probably all, auto-dial (Wählhilfe) programs fail. This is the case for the one I use (Voipdial) but I have seen other cases reported this last month.

I did some digging, and found out some technical details that I wanted to share to the various programmers and maintainers. End-users need not to read this, it will not bring any resolve to your failing autodial other than the advise to downgrade to x.4.70

I wrote this after careful debugging, and in true open-source spirit want to share the info. I do not have any autodial program under development, but am hoping it will help other programmers enabling theirs, even if they do not have a new FBF box to test against. I will probably not write my own, as a downgrade to x.4.70 suffices for me.

Alternatively, maybe someone can find a way to mod the FBF so it still accepts to old less secure login:command/password system. Some linux environment setting or so.

Good luck

[edit] Seems AVM has a nice official description of the same info.

====================================

Essentially, in x.4.76 firmware an "enhancement" was added that tightens security by adding a more secure challenge-response system to the web-gui login, as well as MD5 encryption of the password and a session ID with timeout on the session ID.

As a result, any software that relied on a simple POST login:command/password does not work anymore

Instead a POST login:command/response is needed
The login screen will provide a challenge, and the challenge together with an MD5 encryption of the password must be used to post the response. The next page will then provide a session-id. Any subsequent post must supply this session-id to be able to use the active signon. After 5 or 10 minutes the signon expires anyway, so the thing is repeated.

This means that any software that wants to do auto-dial needs to step up the interaction from a simple post to a full challenge-response:
- First the logon screen must be obtained.
- The challenge value of the login screen must be parsed, and used with the MD5 function to POST the response
- From the return screen, the session-id (sid) must be parsed
- If the sid is all zeros, the logon failed, repeat.
- Any auto-dial-attempt is done with reference to the sid
- Again the return screen should be parsed. If the return sid is all zeros, the logon failed or session timed out. Otherwise the return sid should be used for the next attempt, just in case AVM desides to alternate sid.

=========================

Reference info

=========================

The key java function from the login screen:

Code:
<script type="text/javascript" src="../html/de/js/jsl.js">
</script>
<script type="text/javascript" src="../html/de/js/md5.js">
</script>
<script type="text/javascript">
function setResponse(pw) {
  var challenge = "7781260f";
  var str = challenge + "-" + makeDots(pw);
  var response = challenge + "-" + hex_md5(str);
  var frm = document.forms["uiPostForm"].elements["login:command/response"];
  frm.value = response;
  frm.disabled = false;
}
</script>
We can assume the makeDots() and hex_md5() functions are in the external .js files
The actual post made to return the logon response:
Code:
<form method="POST" action="../cgi-bin/webcm" target="_self" id="uiPostForm" name="uiPostForm">
<input type="hidden" name="sid" value="0000000000000000" id="uiPostSid">
<input type="hidden" name="getpage" value="../html/de/menus/menu2.html" id="uiPostGetPage">
<input type="hidden" name="errorpage" value="../html/de/menus/menu2.html" id="uiPostErrPage">
<input type="hidden" name="var:pagename" value="home" id="uiPostPageName">
<input type="hidden" name="var:menu" value="home" id="uiPostMenu">
<input type="hidden" name="var:pagemaster" value="" id="uiPostPageMaster">
<!--<input type="hidden" id="uiPostVarName" name="">-->
<!-- END Refresh control -->
<!-- Submit data -->
<input type="hidden" name="login:command/response" value="" id="uiPostResponse">
<input type="hidden" name="box:settings/webui_cookie" value="" disabled>
</form>
I think only the login and maybe the sid are actually important, so probably the post can be shortended to this:
Code:
<form method="POST" action="../cgi-bin/webcm">
<input type="hidden" name="sid" value="0000000000000000">
<input type="hidden" name="login:command/response" value="xxxxx">
</form>

When parsing the return screen, we need to find either sid or challenge value. The challenge is hardcoded in the javascript, so we need to parse for a string like var challenge = " (as in var challenge = "7781260f")
The sid is hardcoded in either javascript or forms, so either parse for string &sid= (as in &sid=49acddfef23bc0cc) or its alternate &amp;sid= or when in forms, for name="sid" value=" (as in name="sid" value="49acddfef23bc0cc")

After all that, the following post will successfully dial with the new firmware (I tested this)

Code:
<form method="POST" action="http://fritz.box/cgi-bin/webcm" target="_self" id="uiPostForm" name="uiPostForm">
	<input type="text" name="sid" value="49acddfef23bc0cc" id="uiSid"><br>
	<input type="text" name="telcfg:settings/UseClickToDial" value="1" id="uiPostClickToDial"><br>
	<input type="text" name="telcfg:command/Dial" value="0123456789" id="uiPostDial"><br>
	<input type="text" name="telcfg:settings/DialPort" value="50" id="uiPostDialPort"><br>
	<input type="text" name="getpage" value="../html/de/menus/menu2.html" id="uiPostGetPage"><br>
	<input type="submit">
</form>







.
 
Zuletzt bearbeitet:
VoIPdial unterstützt das neue Fritz!Box Login Verfahren

Eine neue Version (1.20) von VoIPdial ist erschienen. Die neue Version unterstützt das neue Login Verfahren der AVM Fritz!Box Fon, das mit der Firmware-Version xx.04.74 eingeführt wurde.

Informationen und Download unter www.voipdial.de
 

Statistik des Forums

Themen
246,308
Beiträge
2,249,814
Mitglieder
373,915
Neuestes Mitglied
sunburstc
Holen Sie sich 3CX - völlig kostenlos!
Verbinden Sie Ihr Team und Ihre Kunden Telefonie Livechat Videokonferenzen

Gehostet oder selbst-verwaltet. Für bis zu 10 Nutzer dauerhaft kostenlos. Keine Kreditkartendetails erforderlich. Ohne Risiko testen.

3CX
Für diese E-Mail-Adresse besteht bereits ein 3CX-Konto. Sie werden zum Kundenportal weitergeleitet, wo Sie sich anmelden oder Ihr Passwort zurücksetzen können, falls Sie dieses vergessen haben.