i try to get my Routers (fritzbox) index site in C#. Problem is he exits the code where he tries to reqeust the Homepage with the given SID. He doesnt go in any Breakpoint or exception it just exits the code. In code it looks like this:
private static async Task<string> GetSessionId()
{
using (var client = new HttpClient() { BaseAddress = new Uri(FritzBoxUrl)})
{
var response = await client.GetStringAsync("/login_sid.lua");
var xml = XDocument.Parse(response);
var sid = xml.Root.Element("SID").Value;
if (sid != "0000000000000000")
{
return sid;
}
var challenge = xml.Root.Element("Challenge").Value;
fritzUserName = xml.Root.Element("Users")?.Element("User").Value;
var responseHash = CalculateMD5(challenge + "-" + Password);
var content = new StringContent($"response={challenge}-{responseHash}&username={fritzUserName}", Encoding.UTF8, "application/x-www-form-urlencoded");
var loginResponse = await client.PostAsync("/login_sid.lua", content);
var loginResponseContent = await loginResponse.Content.ReadAsStringAsync();
var loginXml = XDocument.Parse(loginResponseContent);
var loginSid = loginXml.Root.Element("SID").Value;
if (loginSid == "0000000000000000")
{
throw new Exception();
}
return loginSid;
}
}
private static async Task<string> GetOverViewPageHtml(string sid)
{
try
{
HttpClient client = new HttpClient() { BaseAddress = new Uri(FritzBoxUrl) };
var firstDataContent = new StringContent(
$"xhr=1&sid={sid}&lang=de&page=overview&xhrId=all&useajax=1&no_sidrenew=",
Encoding.UTF8,
"application/x-www-form-urlencoded");
var firstDataResponse = await client.PostAsync($"{FritzBoxUrl}/data.lua", firstDataContent);
var firstDataResponseContent = await firstDataResponse.Content.ReadAsStringAsync();
Console.WriteLine("First data response:");
Console.WriteLine(firstDataResponseContent);
var postData = $"xhr=1&sid={sid}&lang=de&page=overview&xhrId=all&useajax=1&no_sidrenew=";
var content = new StringContent(postData, Encoding.UTF8, "application/x-www-form-urlencoded");
Console.WriteLine(content);
var response = await client.PostAsync("/data.lua", content);
if (response.IsSuccessStatusCode)
return await response.Content.ReadAsStringAsync();
throw new Exception("");
}
catch (Exception ex)
{ //<-- this dont get executed!
Console.WriteLine(ex);
//return null;
return string.Empty;
}
}
When attempting to retrieve the firstDataResponse, the program abruptly terminates. When i intercept the single request per BurpSuite, this is how the Reqeust looks like(after entering password):
POST /index.lua HTTP/1.1
Host: fritz.box
Content-Length: 148
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
Origin: http://fritz.box
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.112 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Referer: http://fritz.box/
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7
Connection: keep-alive
response=someSecret&lp=&loginView=simple&username=fritz6305
--->
POST /data.lua HTTP/1.1
Host: fritz.box
Content-Length: 72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.112 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Origin: http://fritz.box
Referer: http://fritz.box/
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7
Connection: keep-alive
xhr=1&sid=ed6ed8a316e0c8be&lang=de&page=overview&xhrId=first&noMenuRef=1
-->
POST /data.lua HTTP/1.1
Host: fritz.box
Content-Length: 81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.112 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Origin: http://fritz.box
Referer: http://fritz.box/
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7
Connection: keep-alive
xhr=1&sid=ed6ed8a316e0c8be&lang=de&page=overview&xhrId=all&useajax=1&no_sidrenew=
I tried to change httpclients headers to "act" like a normal browser.
Im not sure why, but the solution was i had to call the .GetAwaiter() and .GetResult() method instead to await. This fixed my problem.