If there is a website and I want to write a form that logs me in, how can I do it?
This form logs me to stack overflow
<form method="post" action="https://stackoverflow.com/users/login">
<input type="hidden" name="email" value="myemail">
<input type="hidden" name="password" value="mypassword">
<input type="submit">
</form>
I want to do so on this website, but the script doesn't work for some reason.
<form method="post" action="http://forums.heroesofnewerth.com/login.php?do=login/">
<input type="hidden" name="vb_login_username" value="myusr">
<input type="hidden" name="vb_login_password" value="mypass">
<input type="submit">
</form>
Any idea why?
Ok, it worked I had to send more data.
<form method="post" action="http://forums.heroesofnewerth.com/login.php" onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, 0)">
<input type="hidden" name="vb_login_username" value="usr">
<input type="hidden" name="vb_login_password" value="pwd">
<input type="hidden" name="do" value="login">
<input type="hidden" name="vb_login_md5password" value="">
<input type="hidden" name="vb_login_md5password_utf" value="">
<input type="hidden" name="s" value="">
<input type="hidden" name="securitytoken" value="guest">
<input type="hidden" name="url" value="http://forums.heroesofnewerth.com/index.php">
<input type="submit">
</form>
A lot of websites on the internet (not nearly enough though) have protection in place that prevents sites other then their own to post forms (log in for example) to their site. A site that does not have this protection is vulnerable to:
Cross Site Request Forgery (CSRF): http://en.wikipedia.org/wiki/Cross-site_request_forgery
This is a major security risk that allows phishing sites to log you in to the actual website while catching your login details and a whole lot of other nasty stuff.
There could also be other protection in place to prevent you from sending a request.
Try to see if there are any API's available instead for what you are trying to achieve.
Related
I have been questioned by my client's security team that our Laravel 5 application is susceptible CSRF vulnerability. We have followed all the standard practice described in Laravel documentation https://laravel.com/docs/5.8/csrf where by we have attached the hidden field _token in our forms.
The security team claims that CSRF attack can happen when the form html is copy and saved as name.html and execute this .html file directly from browser.
Here is the sample form HTML
<html>
<!-- CSRF PoC - generated by Burp Suite Professional -->
<body>
<script>history.pushState('', '', '/')</script>
<form action="ourapp.dev/profile/update" method="POST">
<input type="hidden" name="_token" value="1heEqemUlHX2vtj2YcgZfq4UGdY07H9rdeRdgtaweE" />
<input type="hidden" name="_method" value="PUT" />
<input type="hidden" name="first_name" value="John" />
<input type="hidden" name="last_name" value="Doe" />
<input type="submit" value="Submit request" />
</form>
</body>
</html>
I am not 100% sure if the claim is valid as I don't think the attacker can get the csrf token _token correctly as the token is unique for each user's session.
Can anyone help to comment on this?
I have created a page from where users can upload their files. This code snippet send those files to my Amazon S3 bucket.
<form action="https://BUCKET.s3-eu-west-1.amazonaws.com/" method="post" enctype="multipart/form-data">
<input type="hidden" name="awsAccessKey" value="ACCESS_KEY">
<input type="hidden" name="awsSecretKey" value="SECRET_KEY">
<input type="hidden" name="acl" value="private">
<input type="hidden" name="policy" value="POLICY">
<input type="hidden" name="signature" value="SIGNATURE">
<input type="hidden" name="Content-Type" value="">
<!-- Include any additional input fields here -->
File to upload to S3:
<input name="file" type="file">
<br>
<input type="submit" value="Upload File to S3">
</form>
Everything works fine, but I am facing https problems. Main browsers don't trust s3-eu-west-1.amazonaws.com and show security message about untrusted connection.
I changed my the HTTPS connection to HTTP so that my customers don't face any problem. Does someone have any ideas on how to resolve this issue?
Chances are your bucket name has a dot in it. Amazon's S3 wildcard certificates are good for only one level of subdomains, so bucket.s3-eu-west-1.amazonaws.com is fine but bucket.bucket.s3-eu-west-1.amazonaws.com is not. Use this instead:
https://s3-eu-west-1.amazonaws.com/BUCKET/
here's my question.
I've made a request to the PayPal server to obtain a token but now i don't know how to use it to pass it to the url in which i have to be redirected, and i don't understood in the documentation how this process works.
<form method="post" action="https://api-3t.sandbox.paypal.com/nvp">
<input type="hidden" name="USER" value="user"/>
<input type="hidden" name="PWD" value="pass"/>
<input type="hidden" name="SIGNATURE" value="signature"/>
<input type="hidden" name="VERSION" value="72.0"/>
<input type="hidden" name="PAYMENTACTION" value="Sale"/>
<input name="AMT" value="19.95"/>
<input type="hidden" name="RETURNURL" value="http://www.example.it"/>
<input type="hidden" name="CANCELURL" value="http://www.example.it"/><br/><br/>
<button style="background:#FFF; border:0px;" type="submit" name="METHOD" value="SetExpressCheckout"><img src="https://www.paypal.com/en_GB/GB/i/btn/btn_xpressCheckout.gif" value="SexExpressCheckout"></button>
</form>
In this case i send the data to the PayPal Sandbox server, i'm redirected there and there is the string in output with the token and the "Success" state.
Now i don't understand:
How can i be redirected to the login payment page (with the token inside the querystring) without landing on the Sandbox server url page?
I've watched the PHP SDK example about it but i possibly wanted to use a simple solution like described in the documentation.
Any tips to follow?
Thanks a lot
So I have been doing a lot of Googling on PayPal's _cart Upload ability and so far, this is what I have managed to put together. And this seems to be working just fine; I am taken to a PayPal page with the purchase info and it asks me to login. But when I login with a Sandbox buyer account, it simply shows that it's logging me in but it never logs me in nor does it allow me to complete the purchase. The merchant sandbox account is working fine as it displays the Example store name on the PayPal page.
<form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_cart">
<input type="hidden" name="upload" value="1">
<input type="hidden" name="business" value="xxx#xxx.xxx">
<input type="hidden" name="item_number_1" value="3">
<input type="hidden" name="item_name_1" value="Foo">
<input type="hidden" name="amount_1" value="22.97">
<input type="hidden" name="shipping_1" value="0">
<input type="hidden" name="shipping2_1" value="0">
<input type="hidden" name="quantity_1" value="1">
<input type="hidden" name="currency_code" value="USD">
<input type="hidden" name="amount" value="22.97">
<input type="hidden" name="notify_url" value="http://******/order.php">
<input type="hidden" name="no_shipping" value="2">
<input class="paypal_button" type="image" src="http://www.paypal.com/en_US/i/btn/x-click-but03.gif" name="submit" alt="Make payments with PayPal - it's fast, free and secure!">
</form>
Am I doing something wrong when I'm logging in to PayPal or is the _cart upload ability deprecated after PayPal moved to a new a developer site and API? Any and all help would be appreciated it, I have been banging my head against the wall for hours trying to figure out what I'm doing wrong.
I don't think it'd make a difference but I am using PHP to generate the checkout information.
Thank you very much for your help.
I just submitted a payment using your code and my own sandbox account. It worked fine for me.
PayPal's servers can sometimes be pretty finicky with cookies in browsers. Close your browser (all instances of it so it's completely closed) and then reopen it and try again. Make sure you're signed in at developer.paypal.com before you try it and you should be just fine.
My goal is to integrate our website with Amazon Checkout. We have already interfaced with both google and paypal apis with minor issues. However, with Amazon we have tried their provided PHP code and tried using create a button. With the PHP code in the sandbox we can get to finalizing the order, but then it gives an error saying Payment Failed your debit card was not charged. In the seller central it gives no information at all that anything ever happen.
When trying to create a button with amazons tool, and changing the address to the sandbox address instead, it says you must send the payment to a verified e-mail address and account.
The account has a credit card on it, verified bank account, tax information completed and verified e-mail.
Has anyone else has similar issues with amazon? Is there an exciting non-amazon based project that has successfully interfaced with Amazon that can be used for a reference. Amazon's documentation is... lacking and all over the place.
<form action="https://authorize.payments-sandbox.amazon.com/pba/paypipeline" method="POST">
<input type="image" src="https://authorize.payments-sandbox.amazon.com/pba/images/payNowButton.png" border="0">
<input type="hidden" name="accessKey" value="MERCHANT_KEY_REMOVED">
<input type="hidden" name="amount" value="USD 1.1">
<input type="hidden" name="description" value="Test of the Vidya Amazon Payment Alpha">
<input type="hidden" name="recipientEmail" value="MERCHANT_EMAIL_REMOVED">
<input type="hidden" name="signatureMethod" value="HmacSHA256">
<input type="hidden" name="referenceId" value="2">
<input type="hidden" name="immediateReturn" value="0">
<input type="hidden" name="returnUrl" value="http://yourwebsite.com/return.html">
<input type="hidden" name="abandonUrl" value="http://yourwebsite.com/cancel.html">
<input type="hidden" name="processImmediate" value="1">
<input type="hidden" name="ipnUrl" value="REMOVED">
<input type="hidden" name="cobrandingStyle" value="logo">
<input type="hidden" name="collectShippingAddress" value="0">
<input type="hidden" name="fixedMarketplaceFee" value="0.01">
<input type="hidden" name="variableMarketplaceFee" value="4">
<input type="hidden" name="signatureVersion" value="2">
<input type="hidden" name="signature" value="REMOVED">
</form>
So here's the scoop. With immediate processing set to 1 you have to leave out the Fee fields, otherwise it will never be accepted.
These two need to be removed for it to work
<input type="hidden" name="fixedMarketplaceFee" value="0.01" />
<input type="hidden" name="variableMarketplaceFee" value="4" />
If you use AWS SimplyPay PHP files you have to remove the variables from all 3 files in order for them to work. Or set processImmediate = 0.