Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Login Encryption #1

Closed
blunderedbishop opened this issue Sep 13, 2020 · 5 comments
Closed

Login Encryption #1

blunderedbishop opened this issue Sep 13, 2020 · 5 comments
Labels
question Further information is requested

Comments

@blunderedbishop
Copy link

Hello! I have the same router as you, the TP-Link Archer MR600. I'm trying to build a python API to interact with it but I'm having trouble with how the data and sign parameters are encrypted when sending the POST request to /cgi/login to authenticate. I've tried to take a look at routerEncryption.mjs but since I have no experience with JS or encryption (sorry) I can't really figure out what's happening. I was wondering if you were willing to give me a quick explanation, if it is even possible. Thanks a lot!
@plewin
Copy link
Owner

plewin commented Jan 7, 2021

@blunderedbishop I'm sorry somehow I missed the notification.

Hope you managed to do what you wanted. Are you still working on it ?

I implemented the whole thing in javascript to reuse the same library as the router to be cheaper to implement. It was quite complicated to make it work.

@blunderedbishop
Copy link
Author

blunderedbishop commented Jan 7, 2021 via email
edited

@plewin plewin added the question Further information is requested label Feb 21, 2021
@mehmetbeyHZ
Copy link

@blunderedbishop you can check; https://github.com/mehmetbeyHZ/tp-link-m7200-api

modem api gives you an rsa Mod and rsa PubKey for rsa encryption.
data : encrypted aes data
sign : encrypted rsa data

example sign for login (without encrypt);

key=RAND_AES_KEY&iv=**RAND_AES_IV**&h=MD("admin"+ADMIN_PASSWORD)&s=(SEQ_NUM + DATA LENGTH)

KEY and IV : The key and iv parameters are the keys that you generate randomly and that you only use to obtain tokens in the login process.

h : It is the version of admin and modem passwords written side by side and encrypted with md5.
s : The sum of the seqnum value you received from the modem IP and the lengths of the encrypted AES data.

steps for login;

  1. create random key and iv parameters.
  2. receive auth detail from modem; (seqNum, rsaMod, rsaPubKey etc..)
  3. encrypt ( with AES) post data with your random key & iv (DATA)
  4. get AES data size and build SIGN

@plewin
Copy link
Owner

plewin commented Nov 27, 2021

I'm closing this thread as it is basically solved
A note from what I recall, this particular line of modem routers have a low level non standard difference in some data padding and encoding that makes most rsa implementations incompatibles.
Seems someone managed to implement it correctly in python directly from the browser js implementation https://github.com/hercule115/TPLink-Archer so that should be worth a try if someone needs a python implementation

@plewin plewin closed this as completed Nov 27, 2021
@Muhammadyusuf96
Copy link

@mehmetbeyHZ how did you figured out? What was your hardware and software version?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@plewin @mehmetbeyHZ @Muhammadyusuf96 @blunderedbishop