Hi,
to get the timetable, and the last changes of these, of my daughters school class I have to logon to the schools website and get the information there.
Ok, time to write a script to get this every morning before she leaves the house π
PHP seesion is protected against a Cross-Site-Request-Forgery attack. That means, to login, you need the session (PHPSESSID) and the csrf id. In this case the PHPSESSID is a cookie and the csrf is written to with the html source, to the form tag as proberty “value”:
<form class='form-signin' action='/auth/login.php' method='post'><input type='hidden' name='csrf' value='576505bb764576fd'><div class="logo-head">
To get the session id and the csrf id I simply get the login page, this saves the cookies to a file (-b and -c reads and save cookies from/to /tmp/cookies.txt) and also the whole html page to /tmp/page.html.
michael@debdev ~ # curl -c /tmp/cookies.txt -b /tmp/cookies.txt https://schoolsWebpage.org/ -o /tmp/page.html
If you want to mask curl set the user agent by
-H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0"
Get the csrf id by grep the line and then the ID
michael@debdev ~ # export CSRF=$(grep -oEi "name='csrf' value='[a-z0-9]{16}'" /tmp/page.html | grep -oEi "[a-z0-9]{16}"
Then start the Login process. The correct variables which must be set by the POST request can be capture by tracing a login session with firefox (tools/tools for web developer) or chrome.
Firefox can export the complete curl command line from which the whole -d parameter can copied. This is usefull because the string and characters are already html escaped (Example @ = %40).
Login to the page:
michael@debdev ~ # curl -d "csrf=$CSRF&username=myUser&password=mySecretPass" -c /tmp/cookies.txt -b /tmp/cookies.txt -X POST "https://schoolsWebpage.org/auth/login.php"
Get the site you want π
michael@debdev ~ # curl -c /tmp/cookies.txt -b /tmp/cookies.txt -H https://schoolsWebpage.org/service/timetable
Michael
HI,
When trying to log in to the page I receive a “Forbidden 403”, followed by CSRF verification failed and “HTTPS requires a ‘Referer Header'”
Any ideas that could help?
Thanks
Thank you! This is exactly what I was looking for.
Following your steps, I was able to automate a config download from a device that ONLY supports a webUI for management.