[ previous ] [ next ] [ threads ]
 
 From:  Manuel Kasper <mk at neon1 dot net>
 To:  Michael Sierchio <kudzu at tenebras dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] remote backup scripts failing with new firmware 1.8.1b525
 Date:  Tue, 13 Nov 2012 08:53:21 +0100
On 13.11.2012, at 00:16, Michael Sierchio <kudzu at tenebras dot com> wrote:

> Our automated backup scripts are failing with the latest firmware
> upgrade (the latest one we performed).  Presumably this is due to some
> cookie exchange which is now in place.
> 
> Any pointers on how to remedy this?  Thanks.

From exec_raw.php:

Note: for CSRF protection, this script cannot be called directly with a
GET parameter anymore. You must first call the script (GET) without any parameters
to obtain a current token, and then call it again (POST) while passing the token
value as the parameter __csrf_magic.

Minimal example in Perl:

#!/usr/bin/perl

use LWP::UserAgent;

my $m0n0wall_ip = "192.168.1.1";
my $m0n0wall_user = "admin";
my $m0n0wall_pass = "mono";
my $cmd = "dmesg";

my $ua = LWP::UserAgent->new;
$ua->credentials("$m0n0wall_ip:80", ".", $m0n0wall_user, $m0n0wall_pass);

# get new CSRF magic token
my $res = $ua->get("http://$m0n0wall_ip/exec_raw.php");
my $csrftoken = $res->content;

# make a request to exec_raw.php
$res = $ua->post("http://$m0n0wall_ip/exec_raw.php", {
	'__csrf_magic' => $csrftoken,
	'cmd' => $cmd
});
print $res->content;


- Manuel