• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 143
  • Last Modified:

Get the source of an html page- behind a username/password

Hey there,

Here is a fairly ticky one.
I have a website that has a username and password on it, this just a simple form user/pass - it dosn't use the htaccess - just a login using a form, like hotmail (but this isn't hotmail). So the question is, can I somehow enter the username/password, submit that form and then get the source of the html beind it.

So basically, login and get the html code from behind the login part. Is that do-able at all?
0
wildzero
Asked:
wildzero
  • 2
  • 2
1 Solution
 
wildzeroAuthor Commented:
Ah I just semi answered myself in the last 10 minutes
However the problem is this
When the page first loads, to enter the name and password - a variable is assigned (a sid hash) and I need that to pass thou
Example
When the page first loads I get this
site.com/index.php?sid=iufdglkjlkdsfg
then if I tag on
&user=this&password=that then I can login - so would I have to load up the page once, grab the sid, then reload it wiith the username and password?

The sid is located in the form post data.
So when it first loads, if you look at the form it as index.php?sid=iufdglkjlkdsfg as the address to post to, so I guess that would have to be collected some how.
0
 
wildzeroAuthor Commented:
Sure enough, almost got it.

What I need is the code for
Load page and extract the text from between the tags
<form action="GETWHATSINHERE" method="post"> - which could be anything
and also check for the hidden value -SID and if it exists get the form action and that value.

Could look like this
<form action="GETWHATSINHERE" method="post"><input type="hidden" name="SID" value="GETWHATSINHERE" />

The GETWHATSINHERE changes all the time.

Phew :D
0
 
NewJorgCommented:
You could use the client url library functions from php (http://www.php.net/manual/en/ref.curl.php)
to post the values (SID, username, password) and get the html source of the page behind the login.
0
 
basiclifeCommented:
Ok, something like:

$PageHandle=@fopen("http://setiweb.ssl.berkeley.edu/show_user.php?userid=$userid","r"); //Read stats
if ($PageHandle) {
      $Page='';
      while (!feof($PageHandle)) {
        $Page .= fread($PageHandle, 8192);
      }
      fclose($PageHandle);
      $start=strpos($Page, "<input type=\"hidden\" .......") + strlen("<input type=\"hidden\" ......."); //Put the entire hidden tag in here up to the 1st " of the value
      $ends=strpos($Page, "\"", $start); //Find the closing " (first " after the start)
      $SID = substr($Page, $start, $ends-$start); //SID is the bit between the 2 values you just found

Now print your own form / url with the SID you just ripped form the site. Is this what you were after?




} else {
      die("Unable to read URL");
}
0
 
basiclifeCommented:
Sorry, you need to update the @fopen statement with your own URL - that was just where I carelessly copied and pasted *hangs head in shame*
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now