102 lines
5.6 KiB
YAML
102 lines
5.6 KiB
YAML
---
|
|
- name: Log in to OPNsense and obtain PHPSESSID and CSRF token
|
|
hosts: localhost
|
|
gather_facts: no
|
|
vars:
|
|
api_username: "your_username"
|
|
api_password: "your_password"
|
|
|
|
tasks:
|
|
- name: Perform GET request to initiate session and retrieve PHPSESSID
|
|
uri:
|
|
url: "https://192.168.1.1/"
|
|
method: GET
|
|
user: "{{ WEBUI_USERNAME }}"
|
|
password: "{{ WEBUI_PASSWORD }}"
|
|
headers:
|
|
Accept: 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7'
|
|
validate_certs: no
|
|
return_content: yes
|
|
register: login_page
|
|
|
|
- name: Extract PHPSESSID from response cookies
|
|
set_fact:
|
|
phpsessid: "{{ login_page.cookies.PHPSESSID }}"
|
|
|
|
- name: Extract CSRF token name and value from the page content
|
|
set_fact:
|
|
csrf_tokens: "{{ login_page.content | regex_findall('<input[^>]*type=\"hidden\"[^>]*name=\"([^\"]+)\"[^>]*value=\"([^\"]+)\"') }}"
|
|
|
|
- name: Set CSRF token name and value
|
|
set_fact:
|
|
csrf_token_name: "{{ csrf_tokens[0][0] if csrf_tokens | length > 0 else 'Not found' }}"
|
|
csrf_token_value: "{{ csrf_tokens[0][1] if csrf_tokens | length > 0 else 'Not found' }}"
|
|
|
|
- name: Display the PHPSESSID and CSRF token details
|
|
debug:
|
|
msg: "PHPSESSID is {{ phpsessid }}, CSRF token name is {{ csrf_token_name }}, CSRF token value is {{ csrf_token_value }}"
|
|
|
|
- name: Construct body
|
|
set_fact:
|
|
request_body: |
|
|
{{ csrf_token_name}}={{ csrf_token_value }}&range_from=192.168.1.10&range_to=192.168.1.245&wins1=&wins2=&dns1=&dns2=&gateway=&domain=&domainsearchlist=&defaultleasetime=&maxleasetime=&minsecs=&interface_mtu=&failover_peerip=&failover_split=&ddnsdomain=&ddnsdomainprimary=&ddnsdomainkeyname=&ddnsdomainkey=&ddnsdomainalgorithm=hmac-md5&mac_allow=&mac_deny=&ntp1=&ntp2=&tftp=&bootfilename=&ldap=&nextserver=192.168.1.1&filename=&filename32=&filename64=bootx64.efi&filename32arm=&filename64arm=&filenameipxe=&rootpath=&omapiport=&omapialgorithm=&omapikey=&numberoptions_number%5B%5D=&numberoptions_type%5B%5D=text&numberoptions_value%5B%5D=&if=lan&submit=Save'
|
|
|
|
- name: Post data to services_dhcp.php
|
|
uri:
|
|
url: "https://192.168.1.1/services_dhcp.php?if=lan"
|
|
method: POST
|
|
headers:
|
|
Accept: "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"
|
|
Accept-Language: "en,fr;q=0.9,en-GB;q=0.8,en-US;q=0.7"
|
|
Cache-Control: "no-cache"
|
|
Content-Type: "application/x-www-form-urlencoded"
|
|
Cookie: "PHPSESSID={{ phpsessid }}"
|
|
Origin: "https://192.168.1.1"
|
|
Pragma: "no-cache"
|
|
Priority: "u=0, i"
|
|
Referer: "https://192.168.1.1/services_dhcp.php?if=lan"
|
|
Sec-Ch-Ua: '"Google Chrome";v="125", "Chromium";v="125", "Not.A/Brand";v="24"'
|
|
Sec-Ch-Ua-Mobile: "?0"
|
|
Sec-Ch-Ua-Platform: '"Linux"'
|
|
Sec-Fetch-Dest: "document"
|
|
Sec-Fetch-Mode: "navigate"
|
|
Sec-Fetch-Site: "same-origin"
|
|
Sec-Fetch-User: "?1"
|
|
Upgrade-Insecure-Requests: "1"
|
|
User-Agent: "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36"
|
|
body: |
|
|
{{ csrf_token_name }}={{ csrf_token_value }}&range_from=192.168.1.10&range_to=192.168.1.245&wins1=&wins2=&dns1=&dns2=&gateway=&domain=&domainsearchlist=&defaultleasetime=&maxleasetime=&minsecs=&interface_mtu=&failover_peerip=&failover_split=&ddnsdomain=&ddnsdomainprimary=&ddnsdomainkeyname=&ddnsdomainkey=&ddnsdomainalgorithm=hmac-md5&mac_allow=&mac_deny=&ntp1=&ntp2=&tftp=&bootfilename=&ldap=&nextserver=192.168.1.1&filename=&filename32=&filename64=bootx64.efi&filename32arm=&filename64arm=&filenameipxe=&rootpath=&omapiport=&omapialgorithm=&omapikey=&numberoptions_number%5B%5D=&numberoptions_type%5B%5D=text&numberoptions_value%5B%5D=&if=lan&submit=Save
|
|
body_format: raw
|
|
validate_certs: no
|
|
register: response
|
|
|
|
# - name: Send POST request to update DHCP settings
|
|
# uri:
|
|
# url: "https://192.168.1.1/services_dhcp.php?if=lan"
|
|
# method: POST
|
|
# headers:
|
|
# Accept: 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7'
|
|
# Content-Type: 'application/x-www-form-urlencoded'
|
|
# Cookie: "PHPSESSID={{ phpsessid }}"
|
|
# Origin: "https://192.168.1.1"
|
|
# Referer: "https://192.168.1.1/services_dhcp.php?if=lan"
|
|
# X-CSRFToken: "{{ csrf_token_value }}"
|
|
# body_format: form-urlencoded
|
|
# body: "{{ request_body }}"
|
|
# validate_certs: no
|
|
# return_content: yes
|
|
# register: response
|
|
|
|
- name: Display the response from the DHCP update request
|
|
debug:
|
|
#msg: "{{ response.content }}"
|
|
msg: "{{ response }}"
|
|
|
|
|
|
|
|
|
|
|
|
# request_body: |
|
|
# {{ csrf_token_name }}={{ csrf_token_value }}&range_from=192.168.1.10&range_to=192.168.1.245&wins1=&wins2=&dns1=&dns2=&gateway=&domain=&domainsearchlist=&defaultleasetime=&maxleasetime=&minsecs=&interface_mtu=&failover_peerip=&failover_split=&ddnsdomain=&ddnsdomainprimary=&ddnsdomainkeyname=&ddnsdomainkey=&ddnsdomainalgorithm=hmac-md5&mac_allow=&mac_deny=&ntp1=&ntp2=&tftp=&bootfilename=&ldap=&nextserver=192.168.1.1&filename=&filename32=&filename64=bootx64.efi&filename32arm=&filename64arm=&filenameipxe=&rootpath=&omapiport=&omapialgorithm=&omapikey=&numberoptions_number%5B%5D=&numberoptions_type%5B%5D=text&numberoptions_value%5B%5D=&if=lan&submit=Save
|
|
|