new version for firmware 4.10.004 (hardware revision C1). I’m actually not sure since which version the old script was no longer working, I may have skipped some upgrades and 4.10.004 is also no longer current…

And there is a new version available which changes the login process just once more :-/

It really looks like an intern at dlink is learning how to “code” while trying to secure the login process… have a look at the code of the login page of V4.10.004 and have a laugh. This login page is also the cause why Version 4.10.004 sucks so much: Firefox always nags about updating the password, check the code, you’ll see why it nags you… and it’s for sure not the fault of Firefox. The intern also seems to learn about encryption and stuff. If you take a look at the different firmware versions, it went from not encryption at all (see the old script), to v4.10.004 where the passwords md5sum is calculated and then sent, to a more current version1 in which the public key is downloaded from the router and used to encrypt the password. At least Firefox no longer nags you in the latest version. The intern must have discovered the the “hidden” attribute :-)

But this script works for now with v 4.10.004, and i really don’t want to waste more time on updating it…

Rant complete, here is the actual script:

By the way, it’s a simple wrapper for wget to enable/disable PoE on all ports of DGS-1210-10P

#!/bin/bash
################################################################################
#
# Enable/disable PoE on all ports of DGS-1210-10P
#
# USAGE:
#   poe.sh host password [cmd]
#
# EXAMPLE:
#   ./poe.sh 10.1.1.99 SuperSecure! on
#
# if [cmd] is ommitted PoE is disabled for all ports
#
# NOTES
# - This is probably adaptable for the other PoE variants from the DGS-1210
#   series (see parameter port_f)
# - Instead of all or nothing uproach one could
#   toggle specific ports or port ranges (see parameter port_h & port_f)
#
# Author:
#   Tobias Sachs diespambox@gmx.net
#
################################################################################

host=$1
pw=$2
cmd=$3

pwmd5=`echo -n $pw|md5sum|cut -f 1 -d " "`
token=$(
    wget -q -O - \
    --post-data 'pelican=admin&pinkpanther='$pwmd5'&BrowsingPage=index_dlink.htm' \
    http://$host/homepage.htm \
    | grep "Gambit=.*\" " \
    | sed 's/.*\(Gambit=.*\)" .*/\1/'
    )

post_data=$token;
post_data=$token'&FormName=portset&port_f=00&port_t=07&TimeRangeID=0&Priority=2&PDDetect=1&legacyPD=1&post_url=cgi_port.'

if [ "${cmd}x" == "onx" ]; then
    post_data=$post_data'&PoE_Enable=1&PowerLimit=1'
else
    post_data=$post_data'&PoE_Enable=0'
fi

wget -q -O -  \
     --load-cookie=cookie.txt \
    --post-data $post_data \
    http://$host/iss/specific/PoEPortSetting.js &> /dev/null
  1. Yes I could not stop my self from flashing just another version to see how wrong it’s done now.