Hotspot Javascript Encyption Example

omnicron · February 28, 2005, 10:31pm

Does someone have an example of the Javascript and login fields required to make the login page work when posting back to the Mikrotik login page. I got the fields to work but not with encryption turned on.

Thanks

Tim

adavis · March 1, 2005, 6:36pm

did you happen to remove teh %main% tag from the login.html? i had the same problem and realized i had removed this by accident.

omnicron · March 1, 2005, 7:09pm

I have that.. The login.html did not have the Javascript on it in the Mikrotik router.. I did not realize how the login was working and we have an external webserver posting to the /login on the MT. We figured out how the /login form worked but dont understand how the Javascript MD5 hash works with the post command. The MT docs do not seem to actually have that information.

Tim

adavis · March 1, 2005, 7:31pm

i haven’t used an external webserver to do this, but i’m sure it’s just the same. Using an external webserver the %main% will not work. I’d suggest loading the hotspot with the defaults and then view the login page from the web browser, and that will show you all the javascript needed. %main% acts as an include. Hope this helps.

omnicron · March 2, 2005, 2:00am

I have main but from what I understand you have to post to the Javascript which then will post to the MT hotspot. Do you have that example.. my hostspot is in service and I dont want to break it..

Thanks

Tim

adavis · March 2, 2005, 2:34am

This should be it, be sure to change “YOURIP” to… your ip
I haven’t tested it, but from the looks of it this isexactly what you need… also take note of the /md5.js that will need to be on your external webserver in the appropiate path.

<script language="JavaScript" src="/md5.js">
</script>

<form name="sendin" action="http://YOURIP/login" method="post">
<input type="hidden" name="user">
<input type="hidden" name="password">
<input type="hidden" name="popup">
<input type="hidden" name="popup-present" value="true">
<input type="hidden" name="domain" value="">
</form>

<script language="JavaScript">
<!--
  function doLogin() {
    if (document.login.popup.value == 'true' || document.login.popup.value == 'false') {
      document.sendin.popup.value = document.login.popup.value;
    }
    else {
      document.sendin.popup.value = document.login.popup.checked;
    }
    document.sendin.user.value = document.login.user.value;
    var frmXXX = document.login.elements['domain'];
    if (frmXXX) {
      document.sendin.domain.value = document.login.domain.value;
    }
    document.sendin.password.value = hexMD5('\130' + document.login.password.value + '\142\004\003\132\264\003\100\344\226\202\355\325\136\304\070\355');
    document.sendin.submit();
  }
//-->
</script>