aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFlorian Bruhin <me@the-compiler.org>2018-09-05 21:24:17 +0200
committerFlorian Bruhin <me@the-compiler.org>2018-09-05 21:28:57 +0200
commita91c9920788af7b4fd283b0ebc345b25750748d2 (patch)
treec73c2b88e33e5ed52579e6071726d7d5a0cca40c
parent0df200dfc77a242805a11ad0543cea740e2c5e47 (diff)
downloadhsrvpn-a91c9920788af7b4fd283b0ebc345b25750748d2.tar.gz
hsrvpn-a91c9920788af7b4fd283b0ebc345b25750748d2.zip
Add hsrvpn-getsecret
-rwxr-xr-xhsrvpn-getsecret45
1 files changed, 45 insertions, 0 deletions
diff --git a/hsrvpn-getsecret b/hsrvpn-getsecret
new file mode 100755
index 0000000..95339de
--- /dev/null
+++ b/hsrvpn-getsecret
@@ -0,0 +1,45 @@
+#!/usr/bin/python
+
+from xml.etree import ElementTree
+
+import sys
+import requests
+import keyring
+import urllib.parse
+import argparse
+
+parser = argparse.ArgumentParser()
+parser.add_argument('url', help="URL like https://smc.swivelsecure.net/smc/complete/...")
+parser.add_argument('--debug')
+args = parser.parse_args()
+
+parsed_url = urllib.parse.urlparse(args.url)
+parts = parsed_url.path.split('/')
+assert parts[1] == 'smc'
+assert parts[2] == 'complete'
+user = parts[4]
+code = parts[5]
+
+# Yes, they really throw XML in as form-encoded because it just happens to have a = in it...
+data = {"<?xml version": "'1.0' ?><SASRequest><Version>3.1</Version><Action>Provision</Action><Username>{}</Username><ProvisionCode>{}</ProvisionCode></SASRequest>".format(user, code)}
+user_agent = 'Mozilla/5.0 (Linux; Android 8.1.0; TA-1004 Build/OPR1.170623.026; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/68.0.3440.91 Mobile Safari/537.36'
+headers = {
+ 'User-Agent': user_agent,
+ 'Origin': 'file://', # yes, really
+ # let's invent our own header which is an user agent because we put bullshit in the user agent data
+ 'X-Requested-With': 'com.authcontrolmobile',
+}
+proxies = {'https': 'http://localhost:8080'} if args.debug else {}
+verify = not args.debug
+
+response = requests.post('https://sidv3611virt.hsr.ch/proxy/AgentXML', data=data, headers=headers, proxies=proxies, verify=verify)
+response.raise_for_status()
+
+print(response.text)
+
+tree = ElementTree.fromstring(response.text)
+assert tree.find('Version').text == '3.6'
+assert tree.find('Result').text == 'PASS'
+
+secret = tree.find('Id')
+keyring.set_password('hsrvpn-gettokens', user, secret)