PFLogin - change the admin password on multiple pfsense firewalls

kungfulinux

We have a number of pfsense firewalls, and we needed a way to change pfsense admin passwords on all of them.  I wrote a perl script to change these via the web interface.  Take this script, create a text file called servers.txt, and list your servers without any whitespace… just hosts, no ports or https or anything.  I run my admin interface on 8443, so you may have to change that in the script if you run it on something else.

Then run ./pflogin.pl -username <current admin="" username="">-password <current password="" for="" admin="">-newpassword <new password="" to="" set="" for="" admin="">here is the code:

#!/usr/bin/perl -w

use strict;

use WWW::Mechanize;
use HTTP::Cookies;
use Getopt::Long;

my $result = GetOptions("username=s" => \my $username,
			"password=s" => \my $password,
			"newpassword=s" => \my $newpassword);
unless ($username || $password || $newpassword){
	print "you must put in a username, password, and a newpassword\n";
	exit();
}  
open("SERVER", "servers.txt") || die "cannot open server file\n";
for my $fw (<server>){
	chomp($fw);
	my $url="https://" . $fw . ":8443";
	my $mech = WWW::Mechanize->new();
	$mech->cookie_jar(HTTP::Cookies->new());
	$mech->get( $url );  
	$mech->form_name('login_iform');
	$mech->field(usernamefld=>$username);
	$mech->field(passwordfld=>$password);
	$mech->click();
	my $url2 = "https://" . $fw . ":8443/system_usermanager.php?act=edit&id=0";
	$mech->get( $url2 );
	$mech->form_name('iform');
	$mech->field(passwordfld1=>$newpassword);
	$mech->field(passwordfld2=>$newpassword);
	$mech->click();
#uncomment the following line for debugging
#print $mech->content();
}
close(SERVER)</server> 

Enjoy!</new></current></current>

XIII

This is great thank you!

will it work on any version?

kungfulinux

I only tried it with the latest version (2.0.1)  Although it will most likely work with 2.0.  I dont think it will work with anything before that.