https://github.com/sim642/tplink-api

https://github.com/sim642/tplink-api

Last synced: about 1 year ago
JSON representation

• Host: GitHub
• URL: https://github.com/sim642/tplink-api
• Owner: sim642
• Created: 2019-02-26T15:27:13.000Z (over 7 years ago)
• Default Branch: master
• Last Pushed: 2024-07-14T08:44:16.000Z (almost 2 years ago)
• Last Synced: 2025-02-09T23:49:39.109Z (over 1 year ago)
• Language: Python
• Size: 43.9 KB
• Stars: 0
• Watchers: 3
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
Python library for older TP-Link routers with `userRpm` API.

Includes an application for graphing per-device traffic statistics using [rrdtool].

[rrdtool]: http://oss.oetiker.ch/rrdtool/

> [!WARNING]

> Not compatible with newer TP-Link (mesh) routers.

# TP-Link reverse engineering

The following is a list of notes and resources related to reverse engineering of TP-Link routers and their APIs.

* `userRpm` API:

  * HTTP access via web interface

  * HTTP auth

  * `/userRpm/` URLs

  * Parse array in `` tag to extract results

  * Implementations:

    * _This repository_

    * https://github.com/n1k0r/tplink-wr-api

    * https://github.com/mkubicek/tpylink

    * Prometheus exporter: https://github.com/maesoser/tplink_exporter

* `seq` API:

  * HTTP access via web interface

  * HTTP auth

  * Custom protocol with some kind of sequences

  * Implementations:

    * https://github.com/menahishayan/TP-Link-Archer-C50-API/

    * https://github.com/epsi95/TPLink-Python

    * https://github.com/AlexandrErohin/TP-Link-Archer-C6U (`TPLinkMRClient`)

    * Home-assistant integration: https://github.com/ericpignet/home-assistant-tplink_router/tree/master

    * https://github.com/hertzg/node-tplink-api

    * https://github.com/plewin/tp-link-modem-router

    * https://github.com/hercule115/TPLink-Archer

* `luci` API:

  * HTTP access via web interface

  * Custom auth with RSA and cookies

  * Only one simultaneous user, kicks out others

  * `/cgi-bin/luci/` URLs

  * Implementations:

    * https://github.com/AlexandrErohin/TP-Link-Archer-C6U

      * Home-assistant integration: https://github.com/AlexandrErohin/home-assistant-tplink-router

* TMP API:

  * TP-Link Tether 2.0 protocol for mobile app

  * Multiple transports (SSH, BLE, ATA) according to Android app decompile

    * SSH:

      * User: `dropbear`, password: `admin`/own password (for web interface)

      * No `shell` channel

      * Android app uses `exec` channel for `scp`

      * Port forward 20002 to access TMP

  * Versions 1, 2, 3 according to Android app decompile 

  * Reverse engineering:

    * https://www.zerodayinitiative.com/blog/2020/4/6/exploiting-the-tp-link-archer-c7-at-pwn2own-tokyo

    * https://labs.withsecure.com/advisories/tp-link-ac1750-pwn2own-2019

  * Implementations:

    * https://github.com/ropbear/tmpcli

* TDDP API:

  * https://mjg59.dreamwidth.org/51672.html

  * https://medium.com/@CoreSecurity/a-story-about-tp-link-device-debug-protocol-tddp-research-4fbdd7a15c40

  * https://www.softscheck.com/en/blog/tp-link-reverse-engineering/

  * https://patents.google.com/patent/CN102096654A/en

  * Implementations:

    * https://github.com/softScheck/tplink-smartplug

* Reverse engineering:

  * https://skowronski.tech/2021/02/hacking-into-tp-link-archer-c6-shell-access-without-physical-disassembly/

  * https://github.com/hacefresko/TP-Link-Archer-C6-EU-re