here you all go

Author: BoLaMN

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2019 Nathan Bolam
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,10 @@
+Technicolor OpenWRT Shell Unlocker By BoLaMN
+
+* Connect network cable from your computer to the WAN (red) port of the modem
+* Change your computers network card to be a static ip address
+
+  IPv4 Address: 58.162.0.1
+  Subnet Mask: 255.255.255.0
+  Default Gateway\\Router: 58.162.0.1
+
+License: MIT

dist/cwmp/index.js

@@ -0,0 +1,149 @@
+'use strict';
+var createSoapEnv, device, env, files, methods, parse, ref, request, response, set, stage;
+
+ref = require('./xml'), parse = ref.parse, methods = ref.methods, createSoapEnv = ref.createSoapEnv;
+
+files = require('../files');
+
+stage = null;
+
+device = {};
+
+env = [];
+
+set = function(obj, key, value) {
+  var attr, attrs, i, j, len;
+  attrs = key.split('.');
+  for (i = j = 0, len = attrs.length; j < len; i = ++j) {
+    attr = attrs[i];
+    if (i === attrs.length - 1) {
+      obj[attr] = value;
+    } else {
+      obj = obj[attr] != null ? obj[attr] : obj[attr] = {};
+    }
+  }
+  return obj;
+};
+
+request = function(ip, req, res) {
+  var DeviceInfo, SoftwareVersion, body, cwmp, cwmpVersion, element, file, header, idElement, input, k, key, params, ref1, ref2, ref3, ref4, ref5, software, str, v, value, version, xml;
+  if (req.body.length > 0) {
+    console.log('>>> REQUEST');
+    console.dir([req.headers, req.body]);
+    xml = parse(req.body);
+    element = xml['soapenv:Envelope'];
+    body = element['soapenv:Body'];
+    header = element['soapenv:Header'];
+    ref1 = element.attributes;
+    for (k in ref1) {
+      v = ref1[k];
+      if (!((k != null) && (v != null))) {
+        return;
+      }
+      str = k.replace('soapenv', 'soap-env') + '=\'' + v + '\'';
+      if (env.indexOf(str) === -1) {
+        env.push(str);
+      }
+    }
+    res.name = stage = Object.keys(body)[0];
+    cwmp = (ref2 = element.attributes) != null ? ref2['xmlns:cwmp'] : void 0;
+    ref3 = /urn:dslforum-org:cwmp-(\d+-\d+)/.exec(cwmp) || [cwmp, '1-2'], input = ref3[0], cwmpVersion = ref3[1];
+    res.cwmpVersion = cwmpVersion.replace(/-/g, '.');
+    idElement = header['cwmp:ID'];
+    if (idElement) {
+      res.id = req.id = idElement;
+    }
+    ref4 = body[stage];
+    for (key in ref4) {
+      value = ref4[key];
+      res[key] = value;
+    }
+    if (((ref5 = res.ParameterList) != null ? ref5.ParameterValueStruct : void 0) != null) {
+      params = res.ParameterList.ParameterValueStruct;
+      res.params = Object.keys(params).reduce(function(obj, k) {
+        if (typeof params[k] === 'string') {
+          set(obj, k, params[k]);
+        }
+        return obj;
+      }, {});
+      device = res.params.Device || res.params.InternetGatewayDevice || {};
+    }
+    res.name += 'Response';
+  } else if (stage === 'cwmp:Inform') {
+    console.log('>>> EMPTY REQUEST');
+    console.dir([req.headers, req.body]);
+    DeviceInfo = (device || {}).DeviceInfo;
+    SoftwareVersion = (DeviceInfo || {}).SoftwareVersion;
+    version = 17;
+    software = parseInt(SoftwareVersion.substring(0, 2));
+    if (software < 17) {
+      version = 16;
+    }
+    file = files[version];
+    res.name = 'cwmp:Download';
+    res.fileType = '3 Vendor Configuration File';
+    res.fileSize = file.length;
+    res.url = "http://" + ip + "/" + version + ".sts";
+  }
+  res.env = env.join(' ');
+  return response(req, res);
+};
+
+response = function(req, res) {
+  var body, code, data, headers;
+  headers = {
+    'Content-Type': 'text/xml; charset="utf-8"',
+    'Server': 'ACSServer',
+    'SOAPServer': 'ACSServer'
+  };
+  if (res.name && (methods[res.name] != null)) {
+    if (res.name === 'cwmp:InformResponse') {
+      headers['Set-Cookie'] = "session=7b0fa33078153e5c";
+    }
+    if (res.id == null) {
+      res.id = req.id != null ? req.id : req.id = '1690d26c77f0000';
+    }
+    if (methods[res.name] != null) {
+      body = methods[res.name](res);
+    }
+    data = createSoapEnv(res.env, res.id, body);
+    code = 200;
+    headers['Content-Length'] = data.length;
+    console.log('<<< RESPONSE');
+    console.dir([headers, data]);
+  } else {
+    code = 204;
+    data = null;
+    headers['Connection'] = "close";
+    headers['Content-Length'] = 0;
+    console.log('<<< EMPTY RESPONSE');
+    console.dir([headers, data]);
+  }
+  res.writeHead(code, headers);
+  res.end(data);
+  if (res.name === 'cwmp:TransferCompleteResponse') {
+    console.log("Please try a ssh connection now to " + req.connection.remoteAddress + " with username root and password root (change password immediately with passwd!)");
+    return setTimeout(function() {
+      return process.exit(1);
+    }, 20000);
+  }
+};
+
+module.exports = function(ip) {
+  return function(req, res) {
+    var COOKIE_REGEX, match;
+    COOKIE_REGEX = /\s*([a-zA-Z0-9\-_]+?)\s*=\s*"?([a-zA-Z0-9\-_]*?)"?\s*(,|;|$)/g;
+    while (match = COOKIE_REGEX.exec(req.headers.cookie)) {
+      if (match[1] === 'session') {
+        req.id = res.id = match[2];
+      }
+    }
+    req.body = '';
+    req.on('data', function(chunk) {
+      return req.body += chunk;
+    });
+    req.on('end', function() {
+      return request(ip, req, res);
+    });
+  };
+};

dist/cwmp/xml.js

@@ -0,0 +1,116 @@
+exports.parse = function(xml) {
+  var attribute, content, declaration, eos, has, match, name, obj, obj1, ref, tag;
+  declaration = function() {
+    var attr, m, node;
+    m = match(/^<\?xml\s*/);
+    if (!m) {
+      return;
+    }
+    node = {};
+    while (!(eos() || has('?>'))) {
+      attr = attribute();
+      if (!attr) {
+        return node;
+      }
+      if (node.attributes == null) {
+        node.attributes = {};
+      }
+      node.attributes[attr.name] = attr.value;
+    }
+    match(/\?>\s*/);
+    return node;
+  };
+  tag = function() {
+    var attr, c, child, m, name1, node;
+    m = match(/^<([\w-:.]+)\s*/);
+    if (!m) {
+      return;
+    }
+    node = {};
+    while (!(eos() || has('>') || has('?>') || has('/>'))) {
+      attr = attribute();
+      if (!attr) {
+        return [m[1], node];
+      }
+      if (node.attributes == null) {
+        node.attributes = {};
+      }
+      node.attributes[attr.name] = attr.value;
+    }
+    if (match(/^\s*\/>\s*/)) {
+      return [m[1], node];
+    }
+    match(/\??>\s*/);
+    c = content();
+    if (c) {
+      node = c;
+    }
+    while (child = tag()) {
+      if (child[1].Name && child[1].Value) {
+        if (node[name1 = child[0]] == null) {
+          node[name1] = {};
+        }
+        node[child[0]][child[1].Name] = child[1].Value;
+      } else {
+        node[child[0]] = child[1];
+      }
+    }
+    match(/^<\/[\w-:.]+>\s*/);
+    return [m[1], node];
+  };
+  content = function() {
+    var m;
+    m = match(/^([^<]*)/);
+    return m != null ? m[1] : void 0;
+  };
+  attribute = function() {
+    var m;
+    m = match(/([\w:-]+)\s*=\s*("[^"]*"|'[^']*'|\w+)\s*/);
+    if (!m) {
+      return;
+    }
+    return {
+      name: m[1],
+      value: m[2].replace(/^['"]|['"]$/g, '')
+    };
+  };
+  match = function(re) {
+    var m;
+    m = xml.match(re);
+    if (!m) {
+      return;
+    }
+    xml = xml.slice(m[0].length);
+    return m;
+  };
+  eos = function() {
+    return !xml.length;
+  };
+  has = function(prefix) {
+    return 0 === xml.indexOf(prefix);
+  };
+  xml = xml.trim();
+  xml = xml.replace(/<!--[\s\S]*?-->/g, '');
+  ref = tag(), name = ref[0], obj = ref[1];
+  return (
+    obj1 = {},
+    obj1["" + name] = obj,
+    obj1
+  );
+};
+
+exports.methods = {
+  'cwmp:TransferCompleteResponse': function(res) {
+    return "<cwmp:TransferCompleteResponse/>";
+  },
+  'cwmp:Download': function(res) {
+    return "<cwmp:Download>\n  <CommandKey>" + (res.commandKey || res.id) + "</CommandKey>\n  <FileType>" + res.fileType + "</FileType>\n  <URL>" + res.url + "</URL>\n  <FileSize>" + (res.fileSize || 0) + "</FileSize>\n  <DelaySeconds>0</DelaySeconds>\n</cwmp:Download>";
+  },
+  'cwmp:InformResponse': function(res) {
+    return "<cwmp:InformResponse>\n  <MaxEnvelopes>1</MaxEnvelopes>\n</cwmp:InformResponse>";
+  }
+};
+
+exports.createSoapEnv = function(env, id, body) {
+  return "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<soap-env:Envelope " + (env || '') + ">\n  <soap-env:Header>\n    <cwmp:ID soap-env:mustUnderstand=\"1\">" + id + "</cwmp:ID>\n  </soap-env:Header>\n  <soap-env:Body>\n    " + body + "\n  </soap-env:Body>\n</soap-env:Envelope>";
+};

dist/dhcp/constants.js

@@ -0,0 +1,16 @@
+module.exports = {
+  DHCPDISCOVER: 1,
+  DHCPOFFER: 2,
+  DHCPREQUEST: 3,
+  DHCPDECLINE: 4,
+  DHCPACK: 5,
+  DHCPNAK: 6,
+  DHCPRELEASE: 7,
+  DHCPINFORM: 8,
+  SERVER_PORT: 67,
+  CLIENT_PORT: 68,
+  INADDR_ANY: '0.0.0.0',
+  INADDR_BROADCAST: '255.255.255.255',
+  BOOTREQUEST: 1,
+  BOOTREPLY: 2
+};