SSH command to get the list of clients
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
HI all,
we have a eap245 (ac1750) at work, i've enabled the ssh, is there a manual with the list of all commands?
what i would like to do is get the list of connected client in the wifi?
what i want to do i to have a script to crawl every X minutes the mac address connected, is that possible? or is there another way to do it?
PS: is that possible to block certain url/ips in the access point?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Meanwhile, I've found a solution to mimic user behavior and get the data via HTTP. It works, a bit hacky.
PS: the device stores the password as MD5 value (you can see that the js script to send the form computes the value before sending it to a page to be validated). If you don't get it why I've pointed out this, Google will help you.
the line i'm refering to is this one
$("input#login-password").textbox("setValue", md5($("input#login-password").textbox("getValue")).toUpperCase());
so, this piece of python code does what is needed to get the JSON object with the list of clients (install requests - $ pip install requests).
import requests, time
s = requests.Session()
# get the cookie from the login page, it's the session_id
r = s.get('http://tplinkeap.net')
c=r.cookies['COOKIE']
cookies = dict(COOKIE=c)
headers = {'Content-Type': 'application/x-www-form-urlencoded','Referer': 'http://tplinkeap.net/'}
time.sleep(1)
# do the login, it validates the session
s.post('http://tplinkeap.net',data={'username':'admin', 'password':'THE_MD5_OF_YOUR_PASSWORD'},cookies=cookies, headers=headers)
time.sleep(1)
#call the json
rdata=s.get('http://tplinkeap.net/data/monitor.client.client.json?operation=load',cookies=cookies,headers=headers)
rdata.json()
a bit of explanation. It took me an hour to get to know how the system handles the auth of a user, to my understanding it generates a sessionId that is sent to the page in a cookie with the name COOKIE. when you do the login it basically validates the session, so if password/user matches, the COOKIE (the session then) is valid to perform any actions on the website. It seems that there can be just 1 session at a time on the web app. The rest of the calls just need to be executed with the cookie and a header Referer that the backend checks.
- Copy Link
- Report Inappropriate Content
@Stefano Thanks for sharing!
For my EAP225-Outdoor running firmware 5.0.5, the rdata GET needs to be replaced by:
rdata=s.get('http://tplinkeap.net/data/status.client.user.json?operation=load',cookies=cookies,headers=headers)
This resource will vary by firmware and model.
One more hint for those curious about MD5. It can be generated with this shell command:
md5 -s PASSWORD|tr '[:lower:]' '[:upper:]'
Or do it in python directly:
import hashlib password_md5 = hashlib.md5(b'PASSWORD').hexdigest().upper()
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 5493
Replies: 2
Voters 0
No one has voted for it yet.