Solved

PHP - Post login data and then get the source of the page that requires login.

Posted on 2012-03-17
12
561 Views
Last Modified: 2012-03-17
Hi there.

There is a login form on the page index.php

				<form method="POST" action="login.php">
					<table border="0" cellpadding="4" cellspacing="1" class="w12">
						<tr>
							<td>Login:</td>
							<td>
								<input type="text" name="username" class="b12">
							</td>
						</tr>
						<tr>
							<td>Password:</td>
							<td>
								<input type="password" name="password" class="b12">
							</td>
						</tr>
						<tr>
							<td colspan="2" align="right">
								<input type="submit" value="Login">
							</td>
						</tr>
					</table>
				</form>

Open in new window


When the form on index.php is posted, it generates session id on the same page and then passes login data to login.php.

How do I programmatically post the login data via php, and then get the source code of the page called sourceineed.php ?

Thank you.
0
Comment
Question by:mropenmind
  • 6
  • 5
12 Comments
 
LVL 17

Accepted Solution

by:
selvol earned 500 total points
ID: 37733140
CURL


<?php
class cURL {
var $headers;
var $user_agent;
var $compression;
var $cookie_file;
function cURL($cookies=TRUE,$cookie='cookies.txt',$compression='gzip',$proxy='') {
$this->headers[] = 'Accept: image/gif, image/x-bitmap, image/jpeg, image/pjpeg';
$this->headers[] = 'Connection: Keep-Alive';
$this->headers[] = 'Content-type: application/x-www-form-urlencoded;charset=UTF-8';
$this->user_agent = 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0)';
$this->compression=$compression;
$this->proxy=$proxy;
$this->cookies=$cookies;
}
function post($url,$data) {
$process = curl_init($url);
curl_setopt($process, CURLOPT_HTTPHEADER, $this->headers);
curl_setopt($process, CURLOPT_HEADER, 0);
curl_setopt($process, CURLOPT_USERAGENT, $this->user_agent);
if ($this->cookies == TRUE) curl_setopt($process, CURLOPT_COOKIEFILE, $this->cookie_file);
if ($this->cookies == TRUE) curl_setopt($process, CURLOPT_COOKIEJAR, $this->cookie_file);
curl_setopt($process, CURLOPT_ENCODING , $this->compression);
curl_setopt($process, CURLOPT_TIMEOUT, 30);
curl_setopt($process, CURLOPT_POSTFIELDS, $data);
curl_setopt($process, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($process, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($process, CURLOPT_POST, 1);
$return = curl_exec($process);
$return = str_replace('<body ', '<!-- ', $return);
$return = str_replace('bgcolor="#FAf7EF"  >', ' -->', $return);
$return = str_replace('</TBODY>', '<!-- ', $return);
echo $return;
curl_close($process);}
}
$cc = new cURL();
$cc->post('http://YOURSITE','username=jones&password=letein');
?>

-->


SElvol
0
 

Author Comment

by:mropenmind
ID: 37733159
it returns nothing.
0
 
LVL 17

Expert Comment

by:selvol
ID: 37733160
The above is inclusive of a few more parameters the you requested but may need..

You may need the point 'cookies.txt' to that file.

To get the source of the page you need you could wrap that page in a shell.


<?php
$file=file_get_contents("THE above page url");

DO SOME THING WITH $file..

Selvol
0
 

Author Comment

by:mropenmind
ID: 37733164
I'm trying to login to: http://gm.heroesofnewerth.com using PHP.
0
 
LVL 17

Expert Comment

by:selvol
ID: 37733174
Oh snaps. Apologies


Remove these lines.


$return = str_replace('<body ', '<!-- ', $return);
$return = str_replace('bgcolor="#FAf7EF"  >', ' -->', $return);
$return = str_replace('</TBODY>', '<!-- ', $return);

As they were hiding the <html>

Elvol
0
 

Author Comment

by:mropenmind
ID: 37733179
removed the lines at response is still nothing
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 

Author Comment

by:mropenmind
ID: 37733188
If you post anything to login.php without session id, it just doesn't let you to login.
0
 
LVL 17

Expert Comment

by:selvol
ID: 37733189
Any way I can login?  To test this page?

mail85224@gmail.com

Selvol
0
 

Author Comment

by:mropenmind
ID: 37733190
I've sent you an email
0
 
LVL 17

Expert Comment

by:selvol
ID: 37733195
no
0
 
LVL 82

Expert Comment

by:Dave Baldwin
ID: 37733808
You know that even if you succeed, you will only get the HTML generated by the PHP page and not the PHP source.
0
 

Author Comment

by:mropenmind
ID: 37733918
I know.... I don't need a PHP source.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Checking the Alert Log in AWS RDS Oracle can be a pain through their user interface.  I made a script to download the Alert Log, look for errors, and email me the trace files.  In this article I'll describe what I did and share my script.
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Learn the basics of while and for loops in Python.  while loops are used for testing while, or until, a condition is met: The structure of a while loop is as follows:     while <condition>:         do something         repeate: The break statement m…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now