I have a script to check if a email:password is in my site, But I want to be able to mass check this by being able to copy and paste a bunch of Email:password's into seperate lines in a textarea, when you do that and click submit it will seperate Email from the :pass aswell as pass with email: and put them into a variable and check them with curl one by one. No idea where I would start with this but for the email:pass seperation im guessing explode()?
PHP:
<?php
if(isset($_POST['email']) && isset($_POST['pass'])){
$URL = 'http://example.com/api/?checkere='.$_POST['email'].'&checkerp='.$_POST['pass'];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $URL);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
$page = curl_exec($ch);
if (strpos($page, '<title>Works</title>') !== false) {
file_put_contents('output.txt',$_POST['email'].':'.$_POST['pass'].' is Working!');
} else {
file_put_contents('output.txt',$_POST['email'].':'.$_POST['pass'].' is Invalid!');
}
}
?>
API:
<?php
if(isset($_GET['email']) && isset($_GET['pass'])) {
$email=$_GET['email'];
$pass=$_GET['pass'];
$url='https://example.com/Login';
$cookie="cookie.txt";
$ch2 = curl_init();
curl_setopt ($ch2, CURLOPT_URL, $url);
curl_setopt ($ch2, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt ($ch2, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31");
curl_setopt ($ch2, CURLOPT_TIMEOUT, 60);
curl_setopt ($ch2, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt ($ch2, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt ($ch2, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch2, CURLOPT_COOKIEJAR, $cookie);
curl_setopt ($ch2, CURLOPT_REFERER, $url);
$result2 = curl_exec ($ch2);
curl_close($ch2);
$expA=explode('name="authURL" value="',$result2);
$expB=explode('"/>',$expA[1]);
$auth=$expB[0];
$postdata = http_build_query( array('email' => urlencode($email), 'password' => $pass, 'authURL' => urlencode($auth)));
$postdata = http_build_query( array('email' => $email, 'password' => $pass, 'authURL' => $auth, 'RememberMe' => ''));
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31");
curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_COOKIEFILE, $cookie);
curl_setopt ($ch, CURLOPT_COOKIEJAR, $cookie);
curl_setopt ($ch, CURLOPT_REFERER, $url);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt ($ch, CURLOPT_POST, 1);
$result = curl_exec ($ch);
echo $result;
curl_close($ch);
}
?>
My Current HTML:
<!DOCTYPE html>
<html lang="en" class="no-js">
<head>
<title>Account Checker</title>
<!-- Meta Data -->
<?php include('../../metadata.php'); ?>
<!-- Stylesheets -->
<?php include('../../assets/css/stylesheets.php'); ?>
</head>
<body>
<!-- Menu -->
<?php include('../../ui/menu.php'); ?>
<!-- Notifications -->
<?php include('../../ui/notifications.php'); ?>
<!-- Content -->
<div class="footer" style="overflow:auto;"><div class="container"><div class="footer_top">
<div class="wow"><h1>Account Checker</h1></div>
<div class="wow">
<form action="output.php" method="post"><span>
<i><img src="//example.com/assets/img/login.png" alt=""></i>
<input type="text" placeholder="Email" id="minime_url_textbox" name="email">
<br>
<i><img src="//example.com/assets/img/login.png" alt=""></i>
<input type="text" placeholder="Password" id="minime_url_textbox" name="pass">
<label class="btn1 btn2 btn-2 btn-2g"> <input name="submit" type="submit" id="submit" value="Check"> </label>
<div class="clearfix"> </div>
</span></form>
</div></div>
<div class="copy wow">
<?php include('../../ui/footer.php'); ?>
</div>
</div></div>
<!-- Javascript -->
<?php include('../../assets/scripts/javascript.php'); ?>
</body>
</html>
The referenced output.php in just contains the first PHP mentioned above.
How could I do this? Couldnt find any helpful information online.
Related
Here is the source for login form for the smf i am trying to login to
<form id="guest_form" action="http://example.com/index.php?action=login2" method="post" accept-charset="UTF-8" onsubmit="hashLoginPassword(this, '828560f91ef51ab12e80def32be06ad4');">
<div class="info">Please login or register.</div>
<input type="text" name="user" size="10" class="input_text" />
<input type="password" name="passwrd" size="10" class="input_password" />
<select name="cookielength">
<option value="60">1 Hour</option>
<option value="1440">1 Day</option>
<option value="10080">1 Week</option>
<option value="43200">1 Month</option>
<option value="-1" selected="selected">Forever</option>
</select>
<input type="submit" value="Login" class="button_submit" /><br />
<div class="info">Login with username, password and session length</div>
<input type="hidden" name="hash_passwrd" value="" />
</form>
Here is the php code i came up with:
<?php
$user = "test";
$pass = "test";
$url="http://www.jasper88.5gbfree.com/index.php?action=login2";
$curl_useragent = 'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.11';
$curl_httpheader = array( 'Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5',
'Accept-Language: en-us,en;q=0.5',
'Accept-Encoding: gzip,deflate',
'Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7' );
$referer = "http://www.jasper88.5gbfree.com";
$postdata = "user=$user&passwrd=$pass&cookielength=-1&submit=Login";
$ch = curl_init();
curl_setopt ($ch, CURLOPT_FAILONERROR, false );
curl_setopt ($ch, CURLOPT_TIMEOUT, false );
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, false );
curl_setopt ($ch, CURLOPT_USERAGENT, $curl_useragent );
curl_setopt ($ch, CURLOPT_REFERER, $referer);
curl_setopt ($ch, CURLOPT_COOKIESESSION, true );
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt ($ch, CURLOPT_COOKIEJAR, "/cok4.txt");
curl_setopt ($ch, CURLOPT_COOKIEFILE, "/cok4.txt");
curl_setopt ($ch, CURLOPT_VERBOSE, true);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt ($ch, CURLOPT_POST, true);
$result = curl_exec ($ch);
echo $result;
if (curl_error($ch)) {
echo curl_error($ch);
}
?>
I get this error: Session verification failed. Please try logging out and back in again, and then try again.
Can anyone help me? The server is mine and login works if you want to try code.
I'm trying to login to a webpage using PHP and CURL.
The login form on the webpage is the following:
<form action="http://utenti.xxxxx.it/ppnew2_jslogin.phtml" name="login_form" method="post">
<div id="reglink">
<span>Registrati</span>
</div>
<input type="hidden" name="action" value="userlogin">
<label for="login" id="loginlabel">Nome utente:</label>
<input type="text" name="username" value="" id="login">
<label for="password" id="passwordlabel">Password:</label>
<input type="password" name="password" value="" id="password">
<input type="hidden" name="okurl" value="http://www.xxxxx.it/">
<input type="hidden" name="articolo" value="{ARTICOLO}">
<input type="hidden" name="azione" value="Entra">
<input class="header_button" type="submit" name="submit" value=" " alt="invia" title="invia">
</form>
and my php code is made this way:
$postdata = "username=".$username."&password=".$password."&action=".$action."&okurl=".$okurl."&articolo=".$articolo."&azione=".$azione."&submit=".$submit."";
$cookiefile = '/tmp/curl-session';
//initial request with login data
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://utenti.xxxxx.it/ppnew2_jslogin.phtml");
curl_setopt($ch, CURLOPT_USERAGENT,'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/32.0.1700.107 Chrome/32.0.1700.107 Safari/537.36'); echo curl_error($ch);
curl_setopt($ch, CURLOPT_AUTOREFERER, true);
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
curl_setopt($ch, CURLOPT_FAILONERROR, false);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch, CURLOPT_FRESH_CONNECT, true);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookiefile);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookiefile);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata);
print_r(curl_error($ch));
$result = curl_exec($ch);
// Then, once we have the cookie, let's use it in the next request:
//another request preserving the session
curl_setopt($ch, CURLOPT_URL, "www.xxxxx.it");
curl_setopt($ch, CURLOPT_POST, false);
curl_setopt($ch, CURLOPT_POSTFIELDS, "");
curl_setopt($ch, CURLOPT_AUTOREFERER, true);
//curl_setopt($ch, CURLOPT_COOKIESESSION, true);
//curl_setopt( $ch, CURLOPT_COOKIEFILE, $cookiefile );
curl_setopt($ch, CURLOPT_FAILONERROR, false);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_FRESH_CONNECT, true);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_POST, false);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
$result1 = curl_exec($ch);
curl_close($ch);
echo $result;
I want to log in and then keep the session for the next request, but I can't figure out why the log in is not working. I send all the variables listed in the form but nothing...
Do you have any idea?
The only problem for me is that it doesn't have a html button for form submit it is using css styled custom button with no name attribute.
This is the form
<form name="login_form" method="post" action="index.php" onsubmit="loginFormSubmit(this)">
<div style="position:absolute;top:-1500px;"><input type="submit" value="sub"></div>
Username:<input name="username" size="20" maxlength="32"><br><br>
Password:<input type="password" name="passwd" size="20" maxlength="32">
</form>
Button's HTML code which if outside of tags
<div style="position: absolute; width: 54px; height: 20px; top: 382px; margin-left: 312px; cursor: pointer; color: rgb(255, 255, 255); font-style: normal; font-weight: normal;" onmouseover="fFOB(this)" onmouseout="fFNN(this)" onclick="loginFormSubmit(document.login_form)">Login</div>
And This is my PHP code
<?php
$username="yyyyy";
$password="xxxxx";
$url="http://example.com/login.php";
$cookie="cookie.txt";
$postdata = "username=".$username."&passwd=".$password;
$postdata = "username=$username&passwd=$password";
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_COOKIEJAR, $cookie);
curl_setopt ($ch, CURLOPT_REFERER, $url);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt ($ch, CURLOPT_POST, 1);
$result = curl_exec ($ch);
echo $result;
curl_close($ch);
?>
Change type like,
method = 'get'
in form tag and in php code use
GET['username'],GET['password']
I am trying to send data to a remote page using curl
Here is the soruce of the form section :
<form action="" method="POST" enctype="multipart/form-data">
<table align="center" cellspacing="0" cellpadding="5">
<tr><td>Type: </td><td width=100%><select name="service">
<option value="3">blah blah</option>
<option value="4">blah blah </option>
<option value="10"blll</option>
<option value="11">bbbb</option>
</select></td>
<tr><td>Link: </td><td><textarea name="url" cols="120" rows="10"></textarea></td>
<tr><td>Quantity: </td><td><input type="text" name="count" placeholder=""></td>
<tr><td>Initial Count (not required): </td><td><input type="text" name="incount" placeholder="" value="-1"></td>
<tr><td colspan=2><input type="submit" name="submit" value="Submit"></td>
</table>
</form>
I am using this curL CODE :
$header = array("Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryg5cfCMAC4o4JEbaz");
$postfields = array();
$postfields[] = array("service", "10");
$postfields[] = array("url", "something");
$postfields[] = array("count", "1000");
$postfields[] = array("incount", "-1");
$postfields[] = array("submit", "Submit");
$proxy = '155.241.126.244:60099';
$proxyauth = '123:123';
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, "http://xxxx/xx/news.php");
curl_setopt($ch, CURLOPT_PROXY, $proxy);
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyauth);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
curl_setopt($ch,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.13) Gecko/20080311 Firefox/2.0.0.13');
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_COOKIEJAR, $cookie);
curl_setopt ($ch, CURLOPT_REFERER, "http://xxxx/xx/news.php");
//curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postfields);
curl_setopt ($ch, CURLOPT_POST, 1);
curl_exec ($ch);
curl_close($ch);
This doesn't seem to work ( NO ERROR ON THIS SIDE , DATA IS NOT RECEIVING ON THE OTHER END ) , What is it i am doing wrong here ? Is it the headers ? I think the enctype="multipart/form-data" is my enemy ..
Add the following option:
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
if you don't care about certificate checking and want to disable is.
Note that the following options MUST being used together:
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
i have a code to login into website. It works on site like wordpress, but in site i want to login nothing happens. Where is no error message or anything.
here is my code:
<?php
print" <head>
<base href='http://www.example.com/'/>
</head>";
$url = 'http://www.example.com/login.php?';
$postdata = 'username=dasds&password=frkm';
$referer = $url;
$cookie = "cookie.txt" ;
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:13.0) Gecko/20100101 Firefox/13.0");
curl_setopt($ch,CURLOPT_COOKIESESSION,false);
curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, false);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_COOKIEJAR, $cookie);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt ($ch, CURLOPT_POST, 1);
$result = curl_exec ($ch);
print $result;
curl_close($ch);
?>
and their html form:
<form name="form" method="post" action="/login.php">
<label class="registration" for="username">
<span>Username</span>
<input name="username" type="text" id="username" size="30"/>
</label>
<label class="registration" for="password">
<span>Password</span>
<input name="password" type="password" id="password"/>
</label>
<input type="submit" name="Login" value="Login"/>
</form>
Try this:
Drop the trailing ? in the URL.
Specify both COOKIEJAR and COOKIEFILE and set an absolute path to the cookie file:
CODE:
curl_setopt ($ch, CURLOPT_COOKIEJAR, __DIR__.'/'.$cookie);
curl_setopt ($ch, CURLOPT_COOKIEFILE, __DIR__.'/'.$cookie);
And:
Load the home-page once before attempting to login to get any cookies they might give you.
Make sure not captchas are involved. Track the POST process in a browser (FireFox + HttpFox).
If you track the login requests + responses in the browser, you can't fail.