How to put password and feed it Mikrotik?

Found a post on habré https://habr.com/en/post/420373 Script for Mikrotik refuses to work properly, instead of the password file is a file with the following content
/file> print detail where name=index.php 
 0 name="index.php" type=".php file" size=841 creation-time=may/03/2019 12:46:55 
 contents= ' <html><body><script type="text/javascript" src="/aes.js" ></script><script>function toNumbers(d){var e=[];d.replace(/(..)/g,
 function(d){e.push(parseInt(d,16))});return e}function toHex(){for(var d=[],d=1==arguments.length&&arguments[0].constructor==Array?arguments[0]:arguments
 e="",f=0;f<d.length;f++)e+=(16>d[f]?"0":"")+d[f].toString(16);return e.toLowerCase()}var a=toNumbers("f655ba9d09a112d4968c63579db590b4"), b=toNumbers("98344c2eee86c3994890592585b49f80"),c=toNumbers("a37dcb8d65f1b5d98d196ec3731b3e74");document.cookie="__test="+toHex(slowAES.decrypt(c,2,a,
 b))+"; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/"; location.href="http://fenipizoju.qlihost.ru/index.php?i=1";</script><noscript>This site requires 
 Javascript to work, please enable Javascript in your browser or use a browser with Javascript support</noscript></body></html>

If open in browser fenipizoju.qlihost.ru/index.php the password is normally otobrazhaetsya. How to put password and feed it Mikrotik?
March 20th 20 at 11:35
2 answers
March 20th 20 at 11:37
Deal with hosting.
It really gives the password, tick it gives what you have above, to independently check that it spit out to curl or wget)
I can assume because of the free hoster is trying to mix its content.

As a variant - to play with http-header-field command fetch and slip the user-agent of the browser.
The results of curl.
curl <a href="http://fenipizoju.qlihost.ru/index.php">http://fenipizoju.qlihost.ru/index.php</a>
<html>
the <head><title>403 Forbidden</title></head>
<body bgcolor="white">
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx</center>
</body>
</html>

curl -A "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0" <a href="http://fenipizoju.qlihost.ru/index.php">http://fenipizoju.qlihost.ru/index.php</a>
<html><body><script type="text/javascript" src="/aes.js" ></script><script>function toNumbers(d){var e=[];d.replace(/(..)/g,function(d){e.push(parseInt(d,16))});return e}function toHex(){for(var d=[],d=1==arguments.length&&arguments[0].constructor==Array?arguments[0]:arguments,e="",f=0;f<d.length;f++)e+=(16>d[f]?"0":"")+d[f].toString(16);return e.toLowerCase()}var a=toNumbers("f655ba9d09a112d4968c63579db590b4"),b=toNumbers("98344c2eee86c3994890592585b49f80"),c=toNumbers("84334a56d3b04c3fb0c6ebf06d059534");document.cookie="__test="+toHex(slowAES.decrypt(c,2,a,b))+"; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/"; location.href="http://fenipizoju.qlihost.ru/index.php?i=1";</script><noscript>This site requires Javascript to work, please enable Javascript in your browser or use a browser with Javascript support</noscript></body></html>
- trevor_Leusch commented on March 20th 20 at 11:40
March 20th 20 at 11:39
It is necessary to repeat this code in PHP. Function slowAES is in a separate file aes.js.
function toNumbers(d) {
 var e=[];
d.replace(
/(..)/g,
 function(d) {
e.push(parseInt(d,16))
}
);
 return e
}

function toHex() {
 for(var d=[], d = 1 == arguments.length && arguments[0].constructor == Array ? arguments[0] : arguments, e = "", f = 0; f < d.length; f++)
 e += (16 > d[f] ? "0" : "") + d[f].toString(16);
 return e.toLowerCase()
}

var a = toNumbers("f655ba9d09a112d4968c63579db590b4"),
 b = toNumbers("98344c2eee86c3994890592585b49f80"),
 c = toNumbers("a37dcb8d65f1b5d98d196ec3731b3e74");

document.cookie = "__test=" + toHex(slowAES.decrypt(c, 2, a, b)) + "; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/";
location.href = "http://fenipizoju.qlihost.ru/index.php?i=1";
@Eloise20,
If open in browser fenipizoju.qlihost.ru/index.php the password is normally otobrazhaetsya.
So I wrote to you exactly how it is displayed. - Maynard.Pacocha12 commented on March 20th 20 at 11:51
Note https://habr.com/en/post/420373/ - trevor_Leusch commented on March 20th 20 at 11:54
@Eloise20, Drew, so what? The website fenipizoju.qlihost.ru not mentioned there at all. - Maynard.Pacocha12 commented on March 20th 20 at 11:57
I mean to say it? - trevor_Leusch commented on March 20th 20 at 11:42
@Eloise20, If you read carefully, you will notice that the website come in three hex-string - the encrypted data key and the initialization vector iv for AES-128-CBC.
Then the decrypted data is again driven into a hex string and passed to the site in the form of cookies. In response comes a page with a password.
Code is written in JavaScript, and you have in the tags is PHP. Then you need to perform the same procedure in PHP. You may also have to rewrite the PHP function alowAES.decrypt additional file aes.js. - Maynard.Pacocha12 commented on March 20th 20 at 11:45
@Rick, looks like You did not carefully read the question.
"from the site come in" "forwarded to the site" what are you? - trevor_Leusch commented on March 20th 20 at 11:48

Find more questions by tags PHPVPNMikrotik