Skip to content

Instantly share code, notes, and snippets.

@ClaireSoftware
Last active March 30, 2019 15:50
Show Gist options
  • Save ClaireSoftware/ecbb96fafbe6058e445852e68b1ccc70 to your computer and use it in GitHub Desktop.
Save ClaireSoftware/ecbb96fafbe6058e445852e68b1ccc70 to your computer and use it in GitHub Desktop.
WNDR3400v3 Authentication

The Netgear WNDR3400v3 uses a somewhat simple HTTPS basic authentication protocol for remote login requests (should be the same for local, but with HTTP), but checks for a session cookie (if the current session cookie is not still valid). To authenticate to the router, first send a request to the root of the router, save the cookies (this will 401), and then use said cookie to get whatever page you would like.

wget --keep-session-cookies --save-cookies cookies.txt -O cookies.html https:///ROUTER_IP:ROUTER_PORT --no-check-certificate \

(if that command doesn't give you a cookie, try using these headers, replacing YOUR_AUTH with a base64 ascii encoded string containing "YOUR_USERNAME:YOUR_PASSWORD")

{
    "Host": "YOUR_IP:YOUR_PORT",
    "User-Agent": "FIREFOX_USER_AGENT",
    "Accept":"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
    "Accept-Language": "en-US,en;q=0.5",
    "Accept-Encoding": "gzip, deflate, br",
    "Authorization": "Basic YWRtaW46dG9vdGhwYXN0ZWd1bWJhdHRlcnk=",
    "Connection": "keep-alive",
    "Referer": "https://YOUR_IP:YOUR_PORT/",
    "Upgrade-Insecure-Requests": "1",
    "Pragma": "no-cache",
    "Cache-Control": "no-cache" }

After this, HTTP should work as normal, provided you use the headers and cookies shown above (for python, I used headers['cookies']=cookie to append the given cookie to the headers).

Feel free to send along any comments, suggestions, or improvements (my contact details are on clairesoftware.github.io)!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment