| Name | pyubee JSON |
| Version |
0.15
JSON |
| download |
| home_page | http://github.com/mzdrale/pyubee |
| Summary | Simple library for getting stats from Ubee routers. |
| upload_time | 2024-09-02 19:50:16 |
| maintainer | None |
| docs_url | None |
| author | Miroslav Zdrale |
| requires_python | None |
| license | None |
| keywords |
|
| VCS |
 |
| bugtrack_url |
|
| requirements |
No requirements were recorded.
|
| Travis-CI |
No Travis.
|
| coveralls test coverage |
No coveralls.
|
# PyUbee
Python library for getting stats from [Ubee routers](http://www.ubeeinteractive.com/products).
## Installation
You can install PyUbee from PyPi using `pip3 install pyubee`.
## Usage
To use within your Python scripts:
```python
from pyubee import Ubee
ubee = Ubee(
host='192.168.1.1',
username='admin',
password='somepassword'
)
if not ubee.session_active():
ubee.login()
devices = ubee.get_connected_devices()
for x in devices:
print('%s (%s)' % (x, devices[x]))
ubee.logout()
```
## CLI
A simple command line interface is available to query the router. The cli takes `host`, `username`, and `password` as mandatory arguments. The optional argument `model` can be used to specify the model of your router. If model is not specified, this tool will try to detect it automatically.
```
$ pyubee --help
usage: pyubee [-h] [--model MODEL] host username password
pyubee
positional arguments:
host Host
username Username
password Password
optional arguments:
-h, --help show this help message and exit
--model MODEL Model, supported models: EVW32C-0N, EVW3200-Wifi
$ pyubee 192.168.1.1 admin somepassword
AA:BB:CC:DD:EE:FF 192.168.1.10
FF:EE:DD:CC:BB:AA 192.168.1.11
```
## Notice
Ubee devices contain vulnerability which allows user to access Admin Web UI without logging in if someone else is logged in from the same IP address. For example if you have Ubee router (e.g. 192.168.1.1) in your home installed from your ISP and you have your own router (192.168.1.2) connected to it and you are doing NAT (Network Address Translation) on your router, then Ubee router will see all connections from clients connected to your router coming from the same IP address 192.168.1.2. In that scenario if someone logs into Ubee router Admin Web UI (http://192.168.1.1/UbeeLanSetup.asp) from Computer A, then anyone from Computer B or Computer C can access http://192.168.1.1/UbeeLanSetup.asp or any other page on 192.168.1.1 without logging in.
```
+---------------+
| |
| |
| UBEE |
| |
| 192.168.1.1 |
+-------+-------+
|
+-------+-------+
| 192.168.1.2 |
| |
| YOUR ROUTER |
| |
| 10.0.0.1 |
+-------+-------+
|
+-----------------------------+
| | |
+-----+-----+ +-----+-----+ +-----+-----+
| COMPUTER | | COMPUTER | | COMPUTER |
| A | | B | | C |
| | | | | |
| 10.0.0.11 | | 10.0.0.12 | | 10.0.0.13 |
+-----------+ +-----------+ +-----------+
```
You should have this in your mind if you have similar setup.
Author of this package reported this issue to Vendor, even if [it's known for years](https://www.exploit-db.com/exploits/40156), but there is no response from Vendor and it looks like they are pushing firmware with the same vulnerability probably to all of their devices.
## Supported routers
This library was written for and tested with:
* Ambit EVW320B
* Ambit EVW321B
* Ubee DDW36C
* Ubee DVW32CB
* Ubee EVW32C-0S
* Ubee EVW32C-0N
* Ubee EVW3200-Wifi
* Ubee EVW3226 (UPC)
* Ubee UBC1303BA00
Raw data
{
"_id": null,
"home_page": "http://github.com/mzdrale/pyubee",
"name": "pyubee",
"maintainer": null,
"docs_url": null,
"requires_python": null,
"maintainer_email": null,
"keywords": null,
"author": "Miroslav Zdrale",
"author_email": "mzdrale@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/31/f1/605c296eb1e8fa03bce9ac4eaf1fd175769d3df800b94e3dc1aeb827f35a/pyubee-0.15.tar.gz",
"platform": null,
"description": "# PyUbee\n\nPython library for getting stats from [Ubee routers](http://www.ubeeinteractive.com/products).\n\n## Installation\n\nYou can install PyUbee from PyPi using `pip3 install pyubee`.\n\n## Usage\n\nTo use within your Python scripts:\n```python\nfrom pyubee import Ubee\n\nubee = Ubee(\n host='192.168.1.1',\n username='admin',\n password='somepassword'\n )\n\nif not ubee.session_active():\n ubee.login()\n\ndevices = ubee.get_connected_devices()\n\nfor x in devices:\n print('%s (%s)' % (x, devices[x]))\n\nubee.logout()\n```\n\n## CLI\n\nA simple command line interface is available to query the router. The cli takes `host`, `username`, and `password` as mandatory arguments. The optional argument `model` can be used to specify the model of your router. If model is not specified, this tool will try to detect it automatically.\n\n```\n$ pyubee --help\nusage: pyubee [-h] [--model MODEL] host username password\n\npyubee\n\npositional arguments:\n host Host\n username Username\n password Password\n\noptional arguments:\n -h, --help show this help message and exit\n --model MODEL Model, supported models: EVW32C-0N, EVW3200-Wifi\n\n$ pyubee 192.168.1.1 admin somepassword\nAA:BB:CC:DD:EE:FF\t192.168.1.10\nFF:EE:DD:CC:BB:AA\t192.168.1.11\n```\n\n## Notice\n\nUbee devices contain vulnerability which allows user to access Admin Web UI without logging in if someone else is logged in from the same IP address. For example if you have Ubee router (e.g. 192.168.1.1) in your home installed from your ISP and you have your own router (192.168.1.2) connected to it and you are doing NAT (Network Address Translation) on your router, then Ubee router will see all connections from clients connected to your router coming from the same IP address 192.168.1.2. In that scenario if someone logs into Ubee router Admin Web UI (http://192.168.1.1/UbeeLanSetup.asp) from Computer A, then anyone from Computer B or Computer C can access http://192.168.1.1/UbeeLanSetup.asp or any other page on 192.168.1.1 without logging in.\n\n```\n +---------------+\n | |\n | |\n | UBEE |\n | |\n | 192.168.1.1 |\n +-------+-------+\n |\n +-------+-------+\n | 192.168.1.2 |\n | |\n | YOUR ROUTER |\n | |\n | 10.0.0.1 |\n +-------+-------+\n |\n +-----------------------------+\n | | |\n+-----+-----+ +-----+-----+ +-----+-----+\n| COMPUTER | | COMPUTER | | COMPUTER |\n| A | | B | | C |\n| | | | | |\n| 10.0.0.11 | | 10.0.0.12 | | 10.0.0.13 |\n+-----------+ +-----------+ +-----------+\n```\n\nYou should have this in your mind if you have similar setup.\n\nAuthor of this package reported this issue to Vendor, even if [it's known for years](https://www.exploit-db.com/exploits/40156), but there is no response from Vendor and it looks like they are pushing firmware with the same vulnerability probably to all of their devices.\n\n## Supported routers\n\nThis library was written for and tested with:\n\n* Ambit EVW320B\n* Ambit EVW321B\n* Ubee DDW36C\n* Ubee DVW32CB\n* Ubee EVW32C-0S\n* Ubee EVW32C-0N\n* Ubee EVW3200-Wifi\n* Ubee EVW3226 (UPC)\n* Ubee UBC1303BA00\n",
"bugtrack_url": null,
"license": null,
"summary": "Simple library for getting stats from Ubee routers.",
"version": "0.15",
"project_urls": {
"Homepage": "http://github.com/mzdrale/pyubee"
},
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "31f1605c296eb1e8fa03bce9ac4eaf1fd175769d3df800b94e3dc1aeb827f35a",
"md5": "76d394f412055a9dffecae21e8cba3da",
"sha256": "134dceb3de50b9405605abeac1805fd246da72d6922bfdb5693458a6b549c953"
},
"downloads": -1,
"filename": "pyubee-0.15.tar.gz",
"has_sig": false,
"md5_digest": "76d394f412055a9dffecae21e8cba3da",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 21124,
"upload_time": "2024-09-02T19:50:16",
"upload_time_iso_8601": "2024-09-02T19:50:16.913991Z",
"url": "https://files.pythonhosted.org/packages/31/f1/605c296eb1e8fa03bce9ac4eaf1fd175769d3df800b94e3dc1aeb827f35a/pyubee-0.15.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-09-02 19:50:16",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "mzdrale",
"github_project": "pyubee",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"tox": true,
"lcname": "pyubee"
}
