Cant Access my Router Pages. (AVM Fritz!Box)

[Spock]

Everytime i want to open my routers webinterface i get these messages


The Webinterface from Fritz.nas looks crippled(no picture or so and says that i must enable js).

and what means that ?

[Giorgio Maone]

What do "fritz.box" and "fritz.nas" resolve to?
I suspect they resolve to multiple addresses, some internal and some external.

Could you run the following script in Tools|Error Console and tell me its output:

Code: Select all

noscriptOverlay.ns.__parent__.DNS;msg=[];["fritz.box","fritz.nas"].forEach(function(h){DNS.resolve(h,0,function(r) {msg.push(h+":"+ r.entries.toSource());if(msg.length==2)alert(msg.join("\n\n"))})})

what means that ?

[Giorgio Maone]

Almost forgot to mention the work-around, which is inserting the following rule in the beginning of the NoScript Options|Advanced|ABE SYSTEM ruleset:

Code: Select all

Site LOCAL
Allow from .fritz.box .fritz.nas

[Spock]

Thanks

now my Config looks so.

Code: Select all

# Prevent Internet sites from requesting LAN resources.
Site LOCAL
Allow from .fritz.box .fritz.nas

Site LOCAL
Accept from LOCAL
Deny

But the build makes the entire Text red and says

line 3:1 no viable alternative at character 'l'

But it works.

[Spock]

What do "fritz.box" and "fritz.nas" resolve to?
I suspect they resolve to multiple addresses, some internal and some external.

Could you run the following script in Tools|Error Console and tell me its output:

They use both the same ipv4 and ipv6.


you mean this console ?

Fehler: noscriptOverlay is not defined
Quelldatei: javascript:%20noscriptOverlay.ns.__parent__.DNS;msg=[];["fritz.box","fritz.nas"].forEach(function(h){DNS.resolve(h,0,function(r)%20{msg.push(h+":"+%20r.entries.toSource());if(msg.length==2)alert(msg.join("\n\n"))})})
Zeile: 1

[Giorgio Maone]

Ooops, the work around:

Code: Select all

Site LOCAL
Accept from .fritz.box .fritz.nas

(notice "Accept" VS "Allow", the latter being NoScript terminology rather than ABE grammar).

The error console script should be

Code: Select all

top.opener.noscriptOverlay.ns.__parent__.DNS;msg=[];["fritz.box","fritz.nas"].forEach(function(h){DNS.resolve(h,0,function(r) {msg.push(h+":"+ r.entries.toSource());if(msg.length==2)alert(msg.join("\n\n"))})})

("top.opener" went missing for some reason, maybe bad copy&paste).

Sorry for the hassle.

[Spock]

Warnung: assignment to undeclared variable msg
Quelldatei: javascript:%20top.opener.noscriptOverlay.ns.__parent__.DNS;msg=[];["fritz.box","fritz.nas"].forEach(function(h){DNS.resolve(h,0,function(r)%20{msg.push(h+":"+%20r.entries.toSource());if(msg.length==2)alert(msg.join("\n\n"))})})
Zeile: 1

Fehler: DNS is not defined
Quelldatei: javascript:%20top.opener.noscriptOverlay.ns.__parent__.DNS;msg=[];["fritz.box","fritz.nas"].forEach(function(h){DNS.resolve(h,0,function(r)%20{msg.push(h+":"+%20r.entries.toSource());if(msg.length==2)alert(msg.join("\n\n"))})})
Zeile: 1

[Giorgio Maone]

Damn copy & paste (sorry, yesterday has been very heavy on my head):

Code: Select all

DNS=top.opener.noscriptOverlay.ns.__parent__.DNS;msg=[];["fritz.box","fritz.nas"].forEach(function(h){DNS.resolve(h,0,function(r) {msg.push(h+":"+ r.entries.toSource());if(msg.length==2)alert(msg.join("\n\n"))})})

BTW, did the work-around... work?!

[Spock]

Yes it works nice.

I can access the Pages of my AVM Fritzbox. And http://www.avm.de/de/Service/FRITZ_Tools/zack/zack.html cant display me which AVM Router and Firmware i have because its blocked for AVM. .

Thanks

[Giorgio Maone]

Hmm, I strongly suspect at least one of those IPV6 addresses are not in the reserved private address space...

[Spock]

I will send you an link with uncensored ip´s so that you can see all.

[Giorgio Maone]

In fact, it seems both names are resolved to 1 private IPV4 address, 1 private IPV6 address and 1 public IPV6 address, which causes ABE to cry wolf (in fact, this is a typical DNS rebinding scenario).

[therube]

How about a simple English explanation of what you just said .

[Spock]

Is there an ability to warn the User, if one Site trys to make an Rebind (small information Tab on the top of the browser window)?

http://www.avm.de/de/Service/FRITZ_Tools/zack/zack.html (Site from my Router Manufractur) makes an rebind to read one file (as i know avm uses a policy file in the firmware so that only avm can read this(im not 100% sure^^)) so that the site can show me which Firmware i have and so on.

ABE works fine there.

The Site can only show me Firmware and Boxname if i:

Completly Remove

Site LOCAL
Accept from LOCAL
Deny

or i add an exception with ".avm.de to

Site LOCAL
Accept from .fritz.box .fritz.nas .fritz.box:81

But it also would be nice if i am informed that one site tried this.

Thanks for Helping

How about a simple English explanation of what you just said .

Sorry my english is not the Best

[therube]

> How about a simple English explanation of what you just said

That was for Giorgio. I see what he wrote, but don't really understand the implications of what he said.