php - cUrl login is not working -
i'm trying login 1 of sites using curl pull information off page. not seem working. here's code i'm trying. if helps can create user/pass scenario.
<?php $username = 'xxx'; $password = 'xxx'; $loginurl = 'http://gwintersdev.com/user'; $finalurl = 'http://gwintersdev.com/admin'; $userinput = 'name'; $passwordinput = 'pass'; $ch = curl_init(); curl_setopt($ch, curlopt_cookiejar, "cookie.txt"); curl_setopt($ch, curlopt_url,$loginurl); curl_setopt($ch, curlopt_post, 1); curl_setopt($ch, curlopt_postfields, "$userinput=$username&$passwordinput=$password"); curl_setopt($ch, curlopt_useragent, 'user-agent'); ob_start(); // prevent output curl_exec ($ch); // execute curl command ob_end_clean(); // stop preventing output curl_close ($ch); unset($ch); $ch = curl_init(); curl_setopt($ch, curlopt_returntransfer,1); curl_setopt($ch, curlopt_cookiefile, "cookie.txt"); curl_setopt($ch, curlopt_url, $finalurl); $buf2 = curl_exec ($ch); curl_close ($ch); print $buf2; ?>
update: able above working, i'm trying on different asp site , it's not working. grabbed hidden fields , added them post string, still won't login.
<?php $username = 'xxx'; $password = 'xxx'; $loginurl = 'http://vitalstim.com/health_professionals/certified_provider_resources/forum.aspx'; $finalurl = 'http://vitalstim.com/health_professionals/certified_provider_resources/forum.aspx'; $userinput = 'ctl00$contentplaceholder1$uc_login$txtuser'; $passwordinput = 'ctl00$contentplaceholder1$uc_login$txtpass'; $login = 'ctl00$contentplaceholder1$uc_login$butlogin'; $validation_input = '__eventvalidation'; $validation_input_value = '/wewagkf+ptrbqkitpn5bdxhchsanbepwkebmmynv+32l2ec'; $view_state = '/wepdwujltqymjg0nzi0d2qwamypzbygagepzbyeagypfgieb1zpc2libgvozaihdxychwbozaidd2qwbaibd2qwcaibd2qwbaibdw8wah4evgv4dgvkzaifdw8wah8aagrkagcpzbycagepzbycagmpzbycagepfgifaghkagkpdxychwbozgqccw8pfgifaghkzaiddxychwbozaifdw8wah8bbxy8c2nyaxb0igxhbmd1ywdlpsjqyxzhc2nyaxb0iib0exblpsj0zxh0l2phdmfzy3jpchqipgokkgrvy3vtzw50ks5yzwfkeshmdw5jdglvbigpihskvml0ywxtdgltlkluaxqonck7cn0powo8l3njcmlwdd4kzgrkdz/7+fcq1e1sbc0gua3jjscgsnm='; $event_valid = '/wewbwkeim4xaoi2mfkeaurz/r4mavtx0jyc+4gopqkco6iimggc2po41g77y84vwyhp6ek+7pgzydngoawrzw=='; $ch = curl_init(); curl_setopt($ch, curlopt_cookiejar, "cookie.txt"); curl_setopt($ch, curlopt_url, $loginurl); curl_setopt($ch, curlopt_post, 1); curl_setopt($ch, curlopt_postfields, "$userinput=$username&$passwordinput=$password&$validation_input=$validation_input_value&$login=login&__eventvalidation=$event_valid&_viewstate=$view_state"); curl_setopt($ch, curlopt_useragent, 'user-agent'); curl_exec ($ch); // execute curl command curl_setopt($ch, curlopt_returntransfer,1); curl_setopt($ch, curlopt_cookiefile, "cookie.txt"); curl_setopt($ch, curlopt_url, $finalurl); $buf2 = curl_exec ($ch); curl_close ($ch); print $buf2; ?>
it looks missing 2 hidden fields in source of form. csrf protection kinda. can try scrapeing that, doing third request, before other two, , getting values, , putting them in second request.
also, said in comment above, dont close curl handler.
any more info can give awesome
edit:
as asp
page: asp
terribly difficult curl with. hiding fields need. suggestion create fake page, print_r
's $_post
, $_get
, , change action of form on page chrome, or firebug, submit page. check if missing anything
i did suggested try, , got this:
array ( [__eventtarget] => [__eventargument] => [__viewstate] => /wepdwujltqymjg0nzi0d2qwamypzbygagepzbyeagypfgieb1zpc2libgvozaihdxychwbozaidd2qwbaibd2qwcaibd2qwbaibdw8wah4evgv4dgvkzaifdw8wah8aagrkagcpzbycagepzbycagmpzbycagepfgifaghkagkpdxychwbozgqccw8pfgifaghkzaiddxychwbozaifdw8wah8bbxy8c2nyaxb0igxhbmd1ywdlpsjqyxzhc2nyaxb0iib0exblpsj0zxh0l2phdmfzy3jpchqipgokkgrvy3vtzw50ks5yzwfkeshmdw5jdglvbigpihskvml0ywxtdgltlkluaxqonck7cn0powo8l3njcmlwdd4kzgrkdz/7+fcq1e1sbc0gua3jjscgsnm= [ctl00$contentplaceholder1$uc_login$txtuser] => test [ctl00$contentplaceholder1$uc_login$txtpass] => test [ctl00$contentplaceholder1$uc_login$butlogin] => login [__eventvalidation] => /wewbwkeim4xaoi2mfkeaurz/r4mavtx0jyc+4gopqkco6iimggc2po41g77y84vwyhp6ek+7pgzydngoawrzw== )
Comments
Post a Comment