hu55a1n1/grandstream-configurator.php

## grandstream-configurator.php
<?php

function to_str($obj) {
	ob_start();
	var_dump($obj);
	return ob_get_clean();
}

function str_btw($string, $start, $end){
    $string = ' ' . $string;
    $ini = strpos($string, $start);
    if ($ini == 0) return '';
    $ini += strlen($start);
    $len = strpos($string, $end, $ini) - $ini;
    return substr($string, $ini, $len);
}

function logtofile($string) {
	global $logfile;
	fwrite($logfile, $string);
}

function http_get($context, $url) {
	curl_setopt($context, CURLOPT_CUSTOMREQUEST, 'GET');
	curl_setopt($context, CURLOPT_URL, $url);
	logtofile("GET: \n" . $url . "\n");
	return curl_exec($context);
}

function http_post($context, $url, $data) {
	curl_setopt($context, CURLOPT_CUSTOMREQUEST, 'POST');
	curl_setopt($context, CURLOPT_URL, $url);
	curl_setopt($context, CURLOPT_POSTFIELDS, http_build_query($data));
	logtofile("POST: \n" . $url . "?" . http_build_query($data) . "\n");
	return curl_exec($context);
}

function milliseconds() {
	$mt = explode(' ', microtime());
	return ((int)$mt[1]) * 1000 + ((int)round($mt[0] * 1000));
}

function ping($domain, $timeout=2){
	$starttime = microtime(true);
	$file      = @fsockopen ($domain, 80, $errno, $errstr, $timeout);
	$stoptime  = microtime(true);
	$status    = 0;

    if (!$file) $status = -1;  // Site is down
    else {
    	fclose($file);
    	$status = ($stoptime - $starttime) * 1000;
    	$status = floor($status);
    }
    return ($status !== -1);
}

function ip_range($start, $end) {
	$start = ip2long($start);
	$end = ip2long($end);
	return array_map('long2ip', range($start, $end) );
}

function config_gs_3240($context, $ip, $pwd, $npwd) {
	curl_setopt($context, CURLOPT_COOKIEJAR, '/tmp/cookies.txt');
	curl_setopt($context, CURLOPT_COOKIEFILE, '/tmp/cookies.txt');
	curl_setopt($context, CURLOPT_COOKIE, 'phonecookie="4e5d67ce"; type=admin; Version="1"; Max-Age=900; needchange=1; ver=1.0.3.154; iconized_tooltipdiv=true');

	$content = http_get($context, 'http://' . $ip . '/manager?action=loginrealm&time=' . milliseconds());
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	$realm = $body;
	logtofile(to_str($realm));

	$content = http_get($context, 'http://' . $ip . '/manager?action=login&Username=admin&Secret=' . md5('admin:' . $realm . ':' . $pwd) . '&time=' . milliseconds());
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	logtofile(to_str($content));
	if (strpos($body, 'Response=Success') === false) {
		echo "Error: Failed to login!\n";
	    return;
	}
	usleep(2000);
	echo ".";

	$content = http_get($context, 'http://' . $ip . '/manager?action=status&time=' . milliseconds());
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	$sip = str_btw($body, "Account_0_NO=", "\r\n");
	logtofile($sip);
	if ($sip === false) {
		echo "Error: Failed to get sip extension!\n";
	    return;
	}
	usleep(2000);
	echo ".";

	logtofile("\n########################\n[" . $sip . "]\n########################\n");
	echo "\nInfo: Extension: " . $sip . "\n";

	$content = http_get($context, 'http://' . $ip . '/manager?action=put&flag=1&var-0000=271&val-0000=1&var-0001=270&val-0001=' . $sip . '&var-0002=47&val-0002=' . '192.168.1.200' /* sip server */ . '&var-0003=2312&val-0003=&var-0004=35&val-0004=' . $sip . '&var-0005=36&val-0005=' . $sip . '&var-0006=33&val-0006=&var-0007=3&val-0007=' . $sip . '&var-0008=2380&val-0008=0&var-0009=63&val-0009=0&var-0010=34&val-0010=' . $sip /* password */ . '&time=' . milliseconds());
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_get($context, 'http://' . $ip . '/manager?action=needapply&time=' . milliseconds());
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_get($context, 'http://' . $ip . '/manager?action=put&flag=2&var-0000=30&val-0000=us.pool.ntp.org&var-0001=144&val-0001=1&var-0002=143&val-0002=1&var-0003=246&val-0003=MTZ%2B6MDT%2B5%2CM4.1.0%2CM11.1.0&var-0004=122&val-0004=1&var-0005=102&val-0005=1&time=' . milliseconds());
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_get($context, 'http://' . $ip . '/manager?action=savetimeset&timezone=Asia/Dubai&time=' . milliseconds());
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_get($context, 'http://' . $ip . '/manager?action=needapply&time=' . milliseconds());
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_get($context, 'http://' . $ip . '/manager?action=put&flag=0&var-0000=238&val-0000=0&var-0001=6767&val-0001=1&var-0002=212&val-0002=2&var-0003=192&val-0003=fm.grandstream.com%2Fgs&var-0004=237&val-0004=fm.grandstream.com%2Fgs&var-0005=232&val-0005=&var-0006=233&val-0006=&var-0007=234&val-0007=&var-0008=235&val-0008=&var-0009=20713&val-0009=0&var-0010=6774&val-0010=fm.grandstream.com%2Fgs&var-0011=6775&val-0011=1&var-0012=6776&val-0012=&var-0013=6777&val-0013=&var-0014=6778&val-0014=0&var-0015=22030&val-0015=0&var-0016=1407&val-0016=1&var-0017=145&val-0017=1&var-0018=1411&val-0018=1&var-0019=22053&val-0019=1&var-0020=4428&val-0020=0&var-0021=1549&val-0021=1&var-0022=22032&val-0022=0&var-0023=22033&val-0023=&var-0024=1414&val-0024=1&var-0025=194&val-0025=0&var-0026=1357&val-0026=2&var-0027=240&val-0027=0&var-0028=285&val-0028=1&var-0029=286&val-0029=1&var-0030=193&val-0030=10080&var-0031=1359&val-0031=&var-0032=6768&val-0032=&var-0033=6769&val-0033=&var-0034=1360&val-0034=&var-0035=1361&val-0035=&var-0036=40&val-0036=5060&var-0037=413&val-0037=5062&var-0038=513&val-0038=5064&var-0039=613&val-0039=5066&var-0040=1713&val-0040=5068&var-0041=1813&val-0041=5070&time=' . milliseconds());
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_get($context, 'http://' . $ip . '/manager?action=setprop&type=3&value=1&time=' . milliseconds());
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_get($context, 'http://' . $ip . '/manager?action=needapply&time=' . milliseconds());
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_get($context, 'http://' . $ip . '/manager?action=applypvalue&time=' . milliseconds());
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_get($context, 'http://' . $ip . '/manager?action=put&flag=0&var-0000=900&val-0000=0&var-0001=29605&val-0001=0&var-0002=901&val-0002=80&var-0003=2&val-0003=' . $npwd . '&var-0004=196&val-0004=123&var-0005=276&val-0005=0&var-0006=20702&val-0006=&var-0007=20701&val-0007=&time=' . milliseconds());
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_get($context, 'http://' . $ip . '/manager?action=checkpwd&Username=admin&time=' . milliseconds());
	logtofile(to_str($content));
	usleep(2000);
	echo ".";
}

function config_gs_1628($context, $ip, $pwd, $npwd) {
	curl_setopt($context, CURLOPT_COOKIEJAR, '/tmp/cookies.txt');
	curl_setopt($context, CURLOPT_COOKIEFILE, '/tmp/cookies.txt');

	$content = http_post($context, 'http://' . $ip . '/cgi-bin/dologin', array('username' => 'admin', 'password' => $pwd));
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	$body_json = json_decode($body, true);
	if (!array_key_exists('body', $body_json)
		|| !isset($body_json['body']['sid'])) {
		echo "Error: Failed to login!\n";
		return;
	}
	$sid = $body_json['body']['sid'];
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	curl_setopt($context, CURLOPT_COOKIE, 'session-role=admin; session-identity=' . $sid);

	$content = http_post($context, 'http://' . $ip . '/cgi-bin/api.values.get', array('sid' => $sid, 'request' => 'vendor_fullname:Pphone_model:P271:P270:P47:P2312:P48:P2333:P2375:P35:P36:P3:P33:P2380'));
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	$response = json_decode($body, true);
	logtofile(to_str($content));
	if (!is_array($response)
		|| !array_key_exists('body', $response)
		|| !isset($response['body']['P35'])) {
		echo "Error: Failed to get sip extension!\n";
		return;
	}
	$sip = $response['body']['P35'];

	logtofile("\n########################\n[" . $sip . "]\n########################\n");
	echo "\nInfo: Extension: " . $sip . "\n";

	$content = http_post($context, 'http://' . $ip . '/cgi-bin/api.values.post', array('sid' => $sid, 'P270' => $sip, 'P64' => 'TZR-4', 'P143' => '0', 'P1357' => '2'));
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_post($context, 'http://' . $ip . '/cgi-bin/api-phone_operation', array('passcode' => $pwd, 'cmd' => 'extend'));
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_post($context, 'http://' . $ip . '/cgi-bin/api-change_password', array('sid' => $sid, 'olduser' => '', 'P196' => '', ':confirmUserPwd' => '', 'oldadmin' => $pwd, 'P2' => $npwd, ':confirmAdminPwd' => $npwd));
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_post($context, 'http://' . $ip . '/cgi-bin/api-phone_operation', array('cmd' => 'extend', 'arg' => '', 'sid' => $sid));
	logtofile(to_str($content));
	usleep(2000);
	echo ".";
}

function is_gs_3240($context, $ip) {
	curl_setopt($context, CURLOPT_COOKIEJAR, '/tmp/cookies.txt');
	curl_setopt($context, CURLOPT_COOKIEFILE, '/tmp/cookies.txt');
	curl_setopt($context, CURLOPT_COOKIE, 'phonecookie="4e5d67ce"; type=admin; Version="1"; Max-Age=900; needchange=1; ver=1.0.3.154; iconized_tooltipdiv=true');

	$content = http_get($context, 'http://' . $ip . '/manager?action=loginrealm&time=' . milliseconds());
	logtofile(to_str($content));
	if (curl_getinfo($context, CURLINFO_HTTP_CODE) == 200) {
		return true;
	}
	return false;
}

function is_gs_1628($context, $ip, $pwd) {
	$content = http_post($context, 'http://' . $ip . '/cgi-bin/dologin', array('username' => 'admin', 'password' => $pwd));
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	$response = json_decode($body, true);
	logtofile(to_str($content));
	if (array_key_exists('body', $response)
		&& isset($response['body']['sid'])) {
		$sid = $response['body']['sid'];
		logtofile(to_str($content));
		usleep(2000);
		echo ".";

		curl_setopt($context, CURLOPT_COOKIE, 'session-role=admin; session-identity=' . $sid);

		$content = http_post($context, 'http://' . $ip . '/cgi-bin/api.values.get', array('sid' => $sid, 'request' => 'vendor_fullname:Pphone_model:P271:P270:P47:P2312:P48:P2333:P2375:P35:P36:P3:P33:P2380'));
		$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
		$header = substr($content, 0, $header_size);
		$body = substr($content, $header_size);
		$response = json_decode($body, true);
		logtofile(to_str($content));
		if (is_array($response)
			&& array_key_exists('body', $response)
			&& isset($response['body']['Pphone_model'])
			&& ($response['body']['Pphone_model'] === 'GXP1628')) {
			return true;
		}
	}
	return false;
}

function is_programmed_1628($context, $ip, $npwd) {
	$content = http_post($context, 'http://' . $ip . '/cgi-bin/dologin', array('username' => 'admin', 'password' => $npwd));
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	$response = json_decode($body, true);
	logtofile(to_str($content));
	if (is_array($response)
		&& array_key_exists('response', $response)
		&& $response['response'] === 'success') {
		return true;
	}
	return false;
}


function is_gs_2170($context, $ip, $pwd) {
	$content = http_post($context, 'http://' . $ip . '/cgi-bin/dologin', array('username' => 'admin', 'password' => $pwd));
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	$response = json_decode($body, true);
	logtofile(to_str($content));
	if (array_key_exists('body', $response)
		&& isset($response['body']['sid'])) {
		$sid = $response['body']['sid'];
		logtofile(to_str($content));
		usleep(2000);
		echo ".";

		curl_setopt($context, CURLOPT_COOKIE, 'session-role=admin; session-identity=' . $sid);

		$content = http_post($context, 'http://' . $ip . '/cgi-bin/api.values.get', array('sid' => $sid, 'request' => 'vendor_fullname:Pphone_model:P271:P270:P47:P2312:P48:P2333:P2375:P35:P36:P3:P33:P2380'));
		$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
		$header = substr($content, 0, $header_size);
		$body = substr($content, $header_size);
		$response = json_decode($body, true);
		logtofile(to_str($content));
		if (is_array($response)
			&& array_key_exists('body', $response)
			&& isset($response['body']['Pphone_model'])
			&& ($response['body']['Pphone_model'] === 'GXP2170')) {
			return true;
		}
	}
	return false;
}

function is_programmed_2170($context, $ip, $npwd) {
	$content = http_post($context, 'http://' . $ip . '/cgi-bin/dologin', array('username' => 'admin', 'password' => $npwd));
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	$response = json_decode($body, true);
	logtofile(to_str($content));
	if (is_array($response)
		&& array_key_exists('response', $response)
		&& $response['response'] === 'success') {
		return true;
	}
	return false;
}

function is_programmed_3240($context, $ip, $npwd) {
	$content = http_get($context, 'http://' . $ip . '/manager?action=loginrealm&time=' . milliseconds());
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	$realm = $body;
	$content = http_get($context, 'http://' . $ip . '/manager?action=login&Username=admin&Secret=' . md5('admin:' . $realm . ':' . $npwd) . '&time=' . milliseconds());
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	logtofile(to_str($content));
	if (strpos($body, 'Response=Success') !== false) {
	    return true;
	}
	return false;
}

// ======================================================
// ======================================================
// ======================================================
// ======================================================

// $ip_start = '192.168.1.2';
// $ip_end = '192.168.1.100';
$pwd = 'admin';
$npwd = 'admin1234';
$logfile = fopen("logs", "w");

$ips = ip_range($ip_start, $ip_end);
if (!is_array($ips)) {
	echo "Error: Invalid range!\n";
	exit();
}

// ---- OR ----
// Supply range manually
// $ips = array();


foreach ($ips as $ip) {
	$context = curl_init();
	curl_setopt($context, CURLOPT_RETURNTRANSFER, 1);
	curl_setopt($context, CURLOPT_TIMEOUT, 3);
	curl_setopt($context, CURLOPT_HEADER, 1);

	echo "Info: [" . $ip . "] --- ";
	logtofile("\n------------------------\n[" . $ip . "]\n------------------------\n");

	if (ping($ip) === true) {
		echo "[ Online ]\n";
		if (is_gs_1628($context, $ip, $pwd) === true) {
			echo "Info: Model 1628\n";
			if (is_programmed_1628($context, $ip, $npwd) === true) {
				echo "Warning: Device already programmed \n";
				goto END;
			} else {
				echo "Info: Configuring.";
				config_gs_1628($context, $ip, $pwd, $npwd);
				echo (is_programmed_1628($context, $ip, $npwd) === true) ? " Result: [ Success ]" : " Result: [ Failed ]";
				echo "\n";
			}
		} else if (is_gs_3240($context, $ip) === true) {
			echo "Info: Model 3240\n";
			if (is_programmed_3240($context, $ip, $npwd) === true) {
				echo "Warning: Device already programmed \n";
				goto END;
			} else {
				echo "Info: Configuring.";
				config_gs_3240($context, $ip, $pwd, $npwd);
				echo (is_programmed_3240($context, $ip, $npwd) === true) ? " Result: [ Success ]" : " Result: [ Failed ]";
				echo "\n";
			}
		} else if (is_gs_2170($context, $ip, $pwd) === true) {
			echo "Info: Model 2170\n";
			if (is_programmed_2170($context, $ip, $npwd) === true) {
				echo "Warning: Device already programmed \n";
				goto END;
			} else {
				echo "Info: Configuring.";
				config_gs_1628($context, $ip, $pwd, $npwd);
				echo (is_programmed_2170($context, $ip, $npwd) === true) ? " Result: [ Success ]" : " Result: [ Failed ]";
				echo "\n";
			}
		} else if (is_programmed_1628($context, $ip, $npwd) === true) {
			echo "Info: Model 1628\n";
			echo "Warning: Device already programmed \n";
		} else if (is_programmed_2170($context, $ip, $npwd) === true) {
			echo "Info: Model 2170\n";
			echo "Warning: Device already programmed \n";
		}
		else {
			echo "Info: Model Unknown!\n";
		}
	} else {
		echo "[ Offline ]\n";
	}

	END:
	echo "\n";
	curl_close($context);
}
	<?php

	function to_str($obj) {
	ob_start();
	var_dump($obj);
	return ob_get_clean();
	}

	function str_btw($string, $start, $end){
	$string = ' ' . $string;
	$ini = strpos($string, $start);
	if ($ini == 0) return '';
	$ini += strlen($start);
	$len = strpos($string, $end, $ini) - $ini;
	return substr($string, $ini, $len);
	}

	function logtofile($string) {
	global $logfile;
	fwrite($logfile, $string);
	}

	function http_get($context, $url) {
	curl_setopt($context, CURLOPT_CUSTOMREQUEST, 'GET');
	curl_setopt($context, CURLOPT_URL, $url);
	logtofile("GET: \n" . $url . "\n");
	return curl_exec($context);
	}

	function http_post($context, $url, $data) {
	curl_setopt($context, CURLOPT_CUSTOMREQUEST, 'POST');
	curl_setopt($context, CURLOPT_URL, $url);
	curl_setopt($context, CURLOPT_POSTFIELDS, http_build_query($data));
	logtofile("POST: \n" . $url . "?" . http_build_query($data) . "\n");
	return curl_exec($context);
	}

	function milliseconds() {
	$mt = explode(' ', microtime());
	return ((int)$mt[1]) * 1000 + ((int)round($mt[0] * 1000));
	}

	function ping($domain, $timeout=2){
	$starttime = microtime(true);
	$file = @fsockopen ($domain, 80, $errno, $errstr, $timeout);
	$stoptime = microtime(true);
	$status = 0;

	if (!$file) $status = -1; // Site is down
	else {
	fclose($file);
	$status = ($stoptime - $starttime) * 1000;
	$status = floor($status);
	}
	return ($status !== -1);
	}

	function ip_range($start, $end) {
	$start = ip2long($start);
	$end = ip2long($end);
	return array_map('long2ip', range($start, $end) );
	}

	function config_gs_3240($context, $ip, $pwd, $npwd) {
	curl_setopt($context, CURLOPT_COOKIEJAR, '/tmp/cookies.txt');
	curl_setopt($context, CURLOPT_COOKIEFILE, '/tmp/cookies.txt');
	curl_setopt($context, CURLOPT_COOKIE, 'phonecookie="4e5d67ce"; type=admin; Version="1"; Max-Age=900; needchange=1; ver=1.0.3.154; iconized_tooltipdiv=true');

	$content = http_get($context, 'http://' . $ip . '/manager?action=loginrealm&time=' . milliseconds());
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	$realm = $body;
	logtofile(to_str($realm));

	$content = http_get($context, 'http://' . $ip . '/manager?action=login&Username=admin&Secret=' . md5('admin:' . $realm . ':' . $pwd) . '&time=' . milliseconds());
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	logtofile(to_str($content));
	if (strpos($body, 'Response=Success') === false) {
	echo "Error: Failed to login!\n";
	return;
	}
	usleep(2000);
	echo ".";

	$content = http_get($context, 'http://' . $ip . '/manager?action=status&time=' . milliseconds());
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	$sip = str_btw($body, "Account_0_NO=", "\r\n");
	logtofile($sip);
	if ($sip === false) {
	echo "Error: Failed to get sip extension!\n";
	return;
	}
	usleep(2000);
	echo ".";

	logtofile("\n########################\n[" . $sip . "]\n########################\n");
	echo "\nInfo: Extension: " . $sip . "\n";

	$content = http_get($context, 'http://' . $ip . '/manager?action=put&flag=1&var-0000=271&val-0000=1&var-0001=270&val-0001=' . $sip . '&var-0002=47&val-0002=' . '192.168.1.200' /* sip server / . '&var-0003=2312&val-0003=&var-0004=35&val-0004=' . $sip . '&var-0005=36&val-0005=' . $sip . '&var-0006=33&val-0006=&var-0007=3&val-0007=' . $sip . '&var-0008=2380&val-0008=0&var-0009=63&val-0009=0&var-0010=34&val-0010=' . $sip / password */ . '&time=' . milliseconds());
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_get($context, 'http://' . $ip . '/manager?action=needapply&time=' . milliseconds());
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_get($context, 'http://' . $ip . '/manager?action=put&flag=2&var-0000=30&val-0000=us.pool.ntp.org&var-0001=144&val-0001=1&var-0002=143&val-0002=1&var-0003=246&val-0003=MTZ%2B6MDT%2B5%2CM4.1.0%2CM11.1.0&var-0004=122&val-0004=1&var-0005=102&val-0005=1&time=' . milliseconds());
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_get($context, 'http://' . $ip . '/manager?action=savetimeset&timezone=Asia/Dubai&time=' . milliseconds());
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_get($context, 'http://' . $ip . '/manager?action=needapply&time=' . milliseconds());
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_get($context, 'http://' . $ip . '/manager?action=put&flag=0&var-0000=238&val-0000=0&var-0001=6767&val-0001=1&var-0002=212&val-0002=2&var-0003=192&val-0003=fm.grandstream.com%2Fgs&var-0004=237&val-0004=fm.grandstream.com%2Fgs&var-0005=232&val-0005=&var-0006=233&val-0006=&var-0007=234&val-0007=&var-0008=235&val-0008=&var-0009=20713&val-0009=0&var-0010=6774&val-0010=fm.grandstream.com%2Fgs&var-0011=6775&val-0011=1&var-0012=6776&val-0012=&var-0013=6777&val-0013=&var-0014=6778&val-0014=0&var-0015=22030&val-0015=0&var-0016=1407&val-0016=1&var-0017=145&val-0017=1&var-0018=1411&val-0018=1&var-0019=22053&val-0019=1&var-0020=4428&val-0020=0&var-0021=1549&val-0021=1&var-0022=22032&val-0022=0&var-0023=22033&val-0023=&var-0024=1414&val-0024=1&var-0025=194&val-0025=0&var-0026=1357&val-0026=2&var-0027=240&val-0027=0&var-0028=285&val-0028=1&var-0029=286&val-0029=1&var-0030=193&val-0030=10080&var-0031=1359&val-0031=&var-0032=6768&val-0032=&var-0033=6769&val-0033=&var-0034=1360&val-0034=&var-0035=1361&val-0035=&var-0036=40&val-0036=5060&var-0037=413&val-0037=5062&var-0038=513&val-0038=5064&var-0039=613&val-0039=5066&var-0040=1713&val-0040=5068&var-0041=1813&val-0041=5070&time=' . milliseconds());
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_get($context, 'http://' . $ip . '/manager?action=setprop&type=3&value=1&time=' . milliseconds());
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_get($context, 'http://' . $ip . '/manager?action=needapply&time=' . milliseconds());
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_get($context, 'http://' . $ip . '/manager?action=applypvalue&time=' . milliseconds());
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_get($context, 'http://' . $ip . '/manager?action=put&flag=0&var-0000=900&val-0000=0&var-0001=29605&val-0001=0&var-0002=901&val-0002=80&var-0003=2&val-0003=' . $npwd . '&var-0004=196&val-0004=123&var-0005=276&val-0005=0&var-0006=20702&val-0006=&var-0007=20701&val-0007=&time=' . milliseconds());
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_get($context, 'http://' . $ip . '/manager?action=checkpwd&Username=admin&time=' . milliseconds());
	logtofile(to_str($content));
	usleep(2000);
	echo ".";
	}

	function config_gs_1628($context, $ip, $pwd, $npwd) {
	curl_setopt($context, CURLOPT_COOKIEJAR, '/tmp/cookies.txt');
	curl_setopt($context, CURLOPT_COOKIEFILE, '/tmp/cookies.txt');

	$content = http_post($context, 'http://' . $ip . '/cgi-bin/dologin', array('username' => 'admin', 'password' => $pwd));
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	$body_json = json_decode($body, true);
	if (!array_key_exists('body', $body_json)
	\|\| !isset($body_json['body']['sid'])) {
	echo "Error: Failed to login!\n";
	return;
	}
	$sid = $body_json['body']['sid'];
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	curl_setopt($context, CURLOPT_COOKIE, 'session-role=admin; session-identity=' . $sid);

	$content = http_post($context, 'http://' . $ip . '/cgi-bin/api.values.get', array('sid' => $sid, 'request' => 'vendor_fullname:Pphone_model:P271:P270:P47:P2312:P48:P2333:P2375:P35:P36:P3:P33:P2380'));
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	$response = json_decode($body, true);
	logtofile(to_str($content));
	if (!is_array($response)
	\|\| !array_key_exists('body', $response)
	\|\| !isset($response['body']['P35'])) {
	echo "Error: Failed to get sip extension!\n";
	return;
	}
	$sip = $response['body']['P35'];

	logtofile("\n########################\n[" . $sip . "]\n########################\n");
	echo "\nInfo: Extension: " . $sip . "\n";

	$content = http_post($context, 'http://' . $ip . '/cgi-bin/api.values.post', array('sid' => $sid, 'P270' => $sip, 'P64' => 'TZR-4', 'P143' => '0', 'P1357' => '2'));
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_post($context, 'http://' . $ip . '/cgi-bin/api-phone_operation', array('passcode' => $pwd, 'cmd' => 'extend'));
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_post($context, 'http://' . $ip . '/cgi-bin/api-change_password', array('sid' => $sid, 'olduser' => '', 'P196' => '', ':confirmUserPwd' => '', 'oldadmin' => $pwd, 'P2' => $npwd, ':confirmAdminPwd' => $npwd));
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	$content = http_post($context, 'http://' . $ip . '/cgi-bin/api-phone_operation', array('cmd' => 'extend', 'arg' => '', 'sid' => $sid));
	logtofile(to_str($content));
	usleep(2000);
	echo ".";
	}

	function is_gs_3240($context, $ip) {
	curl_setopt($context, CURLOPT_COOKIEJAR, '/tmp/cookies.txt');
	curl_setopt($context, CURLOPT_COOKIEFILE, '/tmp/cookies.txt');
	curl_setopt($context, CURLOPT_COOKIE, 'phonecookie="4e5d67ce"; type=admin; Version="1"; Max-Age=900; needchange=1; ver=1.0.3.154; iconized_tooltipdiv=true');

	$content = http_get($context, 'http://' . $ip . '/manager?action=loginrealm&time=' . milliseconds());
	logtofile(to_str($content));
	if (curl_getinfo($context, CURLINFO_HTTP_CODE) == 200) {
	return true;
	}
	return false;
	}

	function is_gs_1628($context, $ip, $pwd) {
	$content = http_post($context, 'http://' . $ip . '/cgi-bin/dologin', array('username' => 'admin', 'password' => $pwd));
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	$response = json_decode($body, true);
	logtofile(to_str($content));
	if (array_key_exists('body', $response)
	&& isset($response['body']['sid'])) {
	$sid = $response['body']['sid'];
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	curl_setopt($context, CURLOPT_COOKIE, 'session-role=admin; session-identity=' . $sid);

	$content = http_post($context, 'http://' . $ip . '/cgi-bin/api.values.get', array('sid' => $sid, 'request' => 'vendor_fullname:Pphone_model:P271:P270:P47:P2312:P48:P2333:P2375:P35:P36:P3:P33:P2380'));
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	$response = json_decode($body, true);
	logtofile(to_str($content));
	if (is_array($response)
	&& array_key_exists('body', $response)
	&& isset($response['body']['Pphone_model'])
	&& ($response['body']['Pphone_model'] === 'GXP1628')) {
	return true;
	}
	}
	return false;
	}

	function is_programmed_1628($context, $ip, $npwd) {
	$content = http_post($context, 'http://' . $ip . '/cgi-bin/dologin', array('username' => 'admin', 'password' => $npwd));
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	$response = json_decode($body, true);
	logtofile(to_str($content));
	if (is_array($response)
	&& array_key_exists('response', $response)
	&& $response['response'] === 'success') {
	return true;
	}
	return false;
	}



	function is_gs_2170($context, $ip, $pwd) {
	$content = http_post($context, 'http://' . $ip . '/cgi-bin/dologin', array('username' => 'admin', 'password' => $pwd));
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	$response = json_decode($body, true);
	logtofile(to_str($content));
	if (array_key_exists('body', $response)
	&& isset($response['body']['sid'])) {
	$sid = $response['body']['sid'];
	logtofile(to_str($content));
	usleep(2000);
	echo ".";

	curl_setopt($context, CURLOPT_COOKIE, 'session-role=admin; session-identity=' . $sid);

	$content = http_post($context, 'http://' . $ip . '/cgi-bin/api.values.get', array('sid' => $sid, 'request' => 'vendor_fullname:Pphone_model:P271:P270:P47:P2312:P48:P2333:P2375:P35:P36:P3:P33:P2380'));
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	$response = json_decode($body, true);
	logtofile(to_str($content));
	if (is_array($response)
	&& array_key_exists('body', $response)
	&& isset($response['body']['Pphone_model'])
	&& ($response['body']['Pphone_model'] === 'GXP2170')) {
	return true;
	}
	}
	return false;
	}

	function is_programmed_2170($context, $ip, $npwd) {
	$content = http_post($context, 'http://' . $ip . '/cgi-bin/dologin', array('username' => 'admin', 'password' => $npwd));
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	$response = json_decode($body, true);
	logtofile(to_str($content));
	if (is_array($response)
	&& array_key_exists('response', $response)
	&& $response['response'] === 'success') {
	return true;
	}
	return false;
	}

	function is_programmed_3240($context, $ip, $npwd) {
	$content = http_get($context, 'http://' . $ip . '/manager?action=loginrealm&time=' . milliseconds());
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	$realm = $body;
	$content = http_get($context, 'http://' . $ip . '/manager?action=login&Username=admin&Secret=' . md5('admin:' . $realm . ':' . $npwd) . '&time=' . milliseconds());
	$header_size = curl_getinfo($context, CURLINFO_HEADER_SIZE);
	$header = substr($content, 0, $header_size);
	$body = substr($content, $header_size);
	logtofile(to_str($content));
	if (strpos($body, 'Response=Success') !== false) {
	return true;
	}
	return false;
	}

	// ======================================================
	// ======================================================
	// ======================================================
	// ======================================================

	// $ip_start = '192.168.1.2';
	// $ip_end = '192.168.1.100';
	$pwd = 'admin';
	$npwd = 'admin1234';
	$logfile = fopen("logs", "w");

	$ips = ip_range($ip_start, $ip_end);
	if (!is_array($ips)) {
	echo "Error: Invalid range!\n";
	exit();
	}

	// ---- OR ----
	// Supply range manually
	// $ips = array();


	foreach ($ips as $ip) {
	$context = curl_init();
	curl_setopt($context, CURLOPT_RETURNTRANSFER, 1);
	curl_setopt($context, CURLOPT_TIMEOUT, 3);
	curl_setopt($context, CURLOPT_HEADER, 1);

	echo "Info: [" . $ip . "] --- ";
	logtofile("\n------------------------\n[" . $ip . "]\n------------------------\n");

	if (ping($ip) === true) {
	echo "[ Online ]\n";
	if (is_gs_1628($context, $ip, $pwd) === true) {
	echo "Info: Model 1628\n";
	if (is_programmed_1628($context, $ip, $npwd) === true) {
	echo "Warning: Device already programmed \n";
	goto END;
	} else {
	echo "Info: Configuring.";
	config_gs_1628($context, $ip, $pwd, $npwd);
	echo (is_programmed_1628($context, $ip, $npwd) === true) ? " Result: [ Success ]" : " Result: [ Failed ]";
	echo "\n";
	}
	} else if (is_gs_3240($context, $ip) === true) {
	echo "Info: Model 3240\n";
	if (is_programmed_3240($context, $ip, $npwd) === true) {
	echo "Warning: Device already programmed \n";
	goto END;
	} else {
	echo "Info: Configuring.";
	config_gs_3240($context, $ip, $pwd, $npwd);
	echo (is_programmed_3240($context, $ip, $npwd) === true) ? " Result: [ Success ]" : " Result: [ Failed ]";
	echo "\n";
	}
	} else if (is_gs_2170($context, $ip, $pwd) === true) {
	echo "Info: Model 2170\n";
	if (is_programmed_2170($context, $ip, $npwd) === true) {
	echo "Warning: Device already programmed \n";
	goto END;
	} else {
	echo "Info: Configuring.";
	config_gs_1628($context, $ip, $pwd, $npwd);
	echo (is_programmed_2170($context, $ip, $npwd) === true) ? " Result: [ Success ]" : " Result: [ Failed ]";
	echo "\n";
	}
	} else if (is_programmed_1628($context, $ip, $npwd) === true) {
	echo "Info: Model 1628\n";
	echo "Warning: Device already programmed \n";
	} else if (is_programmed_2170($context, $ip, $npwd) === true) {
	echo "Info: Model 2170\n";
	echo "Warning: Device already programmed \n";
	}
	else {
	echo "Info: Model Unknown!\n";
	}
	} else {
	echo "[ Offline ]\n";
	}

	END:
	echo "\n";
	curl_close($context);
	}