Bypass password and key input in webrepl

C programming, build, interpreter/VM.
Target audience: MicroPython Developers.
Post Reply
ajie_dirgantara
Posts: 81
Joined: Fri Sep 02, 2016 9:26 am

Bypass password and key input in webrepl

Post by ajie_dirgantara » Sat Nov 23, 2019 10:05 am

Hi,

I would like to bypass webrepl password input.

By disabling password checking in webrepl.py

Code: Select all

def start(port=8266, password=None):
    stop()
    if password is None:
        try:
            import webrepl_cfg
            #_webrepl.password(webrepl_cfg.PASS)
            setup_conn(port, accept_conn)
            print("Started webrepl in normal mode")
        except:
            print("WebREPL is not configured, run 'import webrepl_setup'")
    else:
        #_webrepl.password(password)
        setup_conn(port, accept_conn)
        print("Started webrepl in manual override mode")
It works just fine, but it still needs to press enter.
What I am after is connected automatically after clicking the "connect" button in the browser.

What I've been looking for is likely to modify the extmod/modwebrepl.c, and recompile the firmware. But I am pretty noobs in C programming, so it would be great if someone pointed which line to modify. From what I've seen it should be enough by modifying somewhere along this line :

https://github.com/micropython/micropyt ... epl.c#L106

Code: Select all

STATIC mp_obj_t webrepl_make_new(const mp_obj_type_t *type, size_t n_args, size_t n_kw, const mp_obj_t *args) {
    mp_arg_check_num(n_args, n_kw, 1, 2, false);
    mp_get_stream_raise(args[0], MP_STREAM_OP_READ | MP_STREAM_OP_WRITE | MP_STREAM_OP_IOCTL);
    DEBUG_printf("sizeof(struct webrepl_file) = %lu\n", sizeof(struct webrepl_file));
    mp_obj_webrepl_t *o = m_new_obj(mp_obj_webrepl_t);
    o->base.type = type;
    o->sock = args[0];
    o->hdr_to_recv = sizeof(struct webrepl_file);
    o->data_to_recv = 0;
    o->state = STATE_PASSWD;
    write_webrepl_str(args[0], SSTR(passwd_prompt));
    return o;
}


User avatar
jimmo
Posts: 2754
Joined: Tue Aug 08, 2017 1:57 am
Location: Sydney, Australia
Contact:

Re: Bypass password and key input in webrepl

Post by jimmo » Sat Nov 23, 2019 11:37 am

I haven't tested this, but took a quick look at the code.

As you can see in the bit that your highlighted, the relevant two lines are at the end. Webrepl has a current state (which is how it decides how to handle any incoming input). So it starts in STATE_PASSWD, and then transmits hte password prompt.

If you look at _webrepl_read, it then checks the incoming password and moves to STATE_NORMAL.

So my guess would be if you modify webrepl_make_new to instead set o->state = STATE_PASSWD and change the line that sends the password prompt to instead send the connected prompt, then hopefully you'll have what you need.

i.e.

Code: Select all

STATIC mp_obj_t webrepl_make_new(const mp_obj_type_t *type, size_t n_args, size_t n_kw, const mp_obj_t *args) {
  ....
    o->data_to_recv = 0;
    o->state = STATE_NORMAL
    write_webrepl_str(args[0], SSTR(connected_prompt));
    return o;
}

ajie_dirgantara
Posts: 81
Joined: Fri Sep 02, 2016 9:26 am

[SOLVED] Re: Bypass password and key input in webrepl

Post by ajie_dirgantara » Mon Nov 25, 2019 1:56 pm

Yes, I've been successfully bypass password by change STATE_PASSWD to STATE_NORMAL like below.

Code: Select all


STATIC mp_obj_t webrepl_make_new(const mp_obj_type_t *type, size_t n_args, size_t n_kw, const mp_obj_t *args) {
    mp_arg_check_num(n_args, n_kw, 1, 2, false);
    mp_get_stream_raise(args[0], MP_STREAM_OP_READ | MP_STREAM_OP_WRITE | MP_STREAM_OP_IOCTL);
    DEBUG_printf("sizeof(struct webrepl_file) = %lu\n", sizeof(struct webrepl_file));
    mp_obj_webrepl_t *o = m_new_obj(mp_obj_webrepl_t);
    o->base.type = type;
    o->sock = args[0];
    o->hdr_to_recv = sizeof(struct webrepl_file);
    o->data_to_recv = 0;
    o->state = STATE_NORMAL;
    //write_webrepl_str(args[0], SSTR(passwd_prompt));
    return o;
}


Post Reply