Interfacing with high-end TP-Link Range Extenders (RE715X and RE815XE) requires bypassing their modern security handshake. These scripts automate that process for headless data logging and remote management.
Downloads:
How the Login Works:
TP-Link uses an asynchronous RSA exchange to secure the login. The process follows these stages:
1. The Handshake: The script requests the router's public RSA key (Modulus and Exponent).
2. Local Encryption: The password is encrypted using the RSA key with PKCS#1 v1.5 padding.
3. The Challenge: The encrypted hex is sent back to the router. If a session is already active, the script sends a "confirm" flag to force-override the existing login.
4. The stok: Upon success, the router issues a Session Token (stok). This token must be appended to the URL of every subsequent API call.
Capabilities:
- display_backhaul(): Signal strength (dBm) and Tx/Rx rates.
- display_clients(): Active device list with IP/MAC/Throughput.
- display_logs(): Structured system log retrieval.
- set_leds(): Remote toggle for hardware LEDs via the ledgeneral API.
- reboot(): Confirmed hardware restart signal.
Quick Implementation:
// PHP Implementation
require_once("rex15.php");
$extender = new REX15("http://192.168.0.254", "password");
if ($extender->login()) {
$extender->display_backhaul();
}
# Python Implementation
from rex15 import REX15
extender = REX15("http://192.168.0.254", "password")
if extender.login():
extender.display_backhaul()
