I am just trying to insert the data in a service using a form but whenever I run this on local host, it just gives me no output.
Here is the code i used for just inserting my desired login details in putlocker site:
<?php
$url="http://www.putlocker.com/authenticate.php?login";
$postdata = "user=somthing&pass=something";
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
$result = curl_exec ($ch);
echo $result;
?>
I hope somebody could take out some time and give some suggestions to solve this :)
A few tips :
You should be using the URL the form is posted to (= action attribute of the form tag). I don't know if it's the one you used, which look like the URL of the form.
I think you should use a & to separate your postdata : $postdata = "user=somthing$pass=something"; should become in my opinion $postdata = "user=somthing&pass=something";
if the login somehow has anything to do with cookies, I think it would need to be tested as I'm not a cUrl user and my PhP is rusty
it may be the destination you're trying to send posts to is filtering requests to allow login only from the form, in that case you would be stuck.
Related
I am trying to retrieve information from an external website using cURL, but the website returns a blank page.
I took a close looker at the network functionality Chrome has and I think I found the problem, but I have no idea how to fix it. As seen in the image below, the server posts to a specific URL and then redirects to another one showing the final result.
This is the code I have right now:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,"https://www.politie.nl/aangifte-of-melding-doen/controleer-handelspartij.html?_hn:type=action&_hn:ref=r199_r1_r1_r1");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,"url=&query=test");
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
echo curl_exec ($ch);
curl_close ($ch);
The website is in Dutch, but what I am trying to do is check a certain email, phone number or bank account number to see if they have been involved in any scams, so I would like to have the information that a user gets after submitting the form on the website.
The form is on this website: https://www.politie.nl/aangifte-of-melding-doen/controleer-handelspartij.html
I hope someone can help me and thank you for your time.
As was pointed out in one of the comments to your question, a redirect occurs after the form is submitted. But not only that - information transfer between the form submit request and the request after redirect happens through a session, with session id stored in a cookie, so in order to get the results you have to enable cookies, too.
// follow redirects
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
// store and send cookies
$tmpfname = dirname(__FILE__).'/cookie.txt';
curl_setopt($ch, CURLOPT_COOKIEJAR, $tmpfname);
curl_setopt($ch, CURLOPT_COOKIEFILE, $tmpfname);
I'm trying to automate the usage of this site, where users can use temporary E-Mail addresses which can also be specified by them manually. It uses a very simple anti-spam protection by having this <input name="csrf" type="hidden"> input inside the form with a randomized set of characters, which then needs to be included in the POST request. So, if the CSRF is bj152nvua2ob, and I want my new address to be "john#l0real.net", my POST needs to be:
csrf=bj152nvua2ob&mail=john&domain=#l0real.net
Problem is, I can't do this with cURL and PHP. Here's the top of my code:
$ch = curl_init ();
curl_setopt ($ch, CURLOPT_URL, "temp-mail.org/en/option/change/");
// Without CURLOPT_FOLLOWLOCATION, the page is not going to load.
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)");
$html = curl_exec ($ch);
Then, after I've got the response, I start generating a new mail address and start getting the CSRF, therefore I've written two simple functions called "generate_mail" and "get_csrf". I've tested both of them, and they seem to work without any issues.
$csrf = get_csrf ($html);
$mail = generate_mail ();
$post = "csrf=$csrf&mail=$mail&domain=#l0real.net";
curl_setopt ($ch, CURLOPT_POST, true);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $post);
file_put_contents ("final_response.html", curl_exec ($ch));
curl_close ($ch);
After creating the file final_response.html on my PC and then viewing it, I've noticed that the results aren't what I've expected. Some tries later, I've decided to debug my connection using Fiddler, and then I've noticed something interesting. This is what I get when I use this site with my browser:
and this with cURL:
.
Notice how there is 1 element (excluding the tunnels) against... 4! First element is an empty response, but the second one contains the HTML page. Last two are the same: third is an empty response (and that's where my POST was sent), and forth contains the HTML page with different CSRF and incorrect mail address (the one that was generated by the site itself, not by me). From what I can tell, each time I use curl_exec, it first loads an empty page, but then loads the correct one. All of my requests are being sent to the empty one, thus being ignored later on. Is this a security measure, or I didn't configure cURL correctly? I've tried to provide as much information as I could, showcasing each, and every step of mine, hoping that this problem can be fixed.
Solved by adding these lines of code:
curl_setopt ($ch, CURLOPT_POSTREDIR, 3);
curl_setopt ($ch, CURLOPT_COOKIEJAR, $path_to_cookies);
curl_setopt ($ch, CURLOPT_COOKIEFILE, $path_to_cookies);
Now, it works the way intended!
I searched around google for a similar problem but couldn't find any, or couldn't formulate my question precisely enough, so I come to you.
I'm trying to login to forclosure.com from my localhost using Curl.
If you go to forclosure.com/login, you'll find that the login form uses a POST method, whereas when I try to login with Curl, it gives me an HTTP Status 405 error.
I tried to use Curl with a GET request instead and it passes (while the form is a POST..).
But now comes another problem, the password input isn't recognized in the URL and the login doesn't pass.
For exemple, if you try those parameters :
https://www.foreclosure.com/login?key=testkey&password=testpass
You will see that the username "key" gets filled, but not the password "password".
Same thing seems to happen with the search bar above with the name "q"
Thank you in advance. If the solution seems obvious to you, bear in mind that I'm still learning and would like to be pointed towards the right path.
Thanks to CBroe, I decided to try and use CURLOPT_URL with /login.html instead of just /login.. and not surprisingly, it works.
But I had to use GET parameters with CURLOPT_POST on true.
Here's the code for the interested:
//-----------------------------------Login Part
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://www.foreclosure.com/login.html?key='.$loginInfo['key'].'&password='.$loginInfo['password'];
curl_setopt($ch, CURLOPT_POST, 1); //Wouldn't work without it
curl_setopt($ch, CURLOPT_USERAGENT, $userAgent);
curl_setopt($ch, CURLOPT_COOKIEFILE, NULL); //NULL to use cookies in memory, use $cookiefile to store them in disk
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_NOBODY, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 0);
curl_setopt($ch, CURLOPT_BINARYTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_exec($ch);
curl_close($ch);
I am trying to automate the login progress on a captcha protected page. I am using Death By Captcha to translate the image into text and it seems to be working well. I am using curl to load the login page, retrieve the captcha image url, send it to DBC, get the text back and submit a POST request to the login page with the captcha text.
The problem that I'm having is that the captcha image changes when I submit the post request. Since I do not get the same behavior when reloading/or wrongly submitting the form through a browser (I get the same image over and over again), I am assuming that the problem has to do with the cookies or something else that I'm missing that relates to the session.
This is the code that I use to retrieve the data and submit the form:
$ch = curl_init();
// Not sure that I need it, just make sure that the session doesn't change...
curl_setopt($ch, CURLOPT_COOKIESESSION, false);
curl_setopt($ch, CURLOPT_URL, $loginUrl);
// It seems that PHPSESSID cookie parameter might be the parameter that keep the image the same, but it didn't work. I even read it dynamically from the cookie file but it still didn't work
//curl_setopt($ch, CURLOPT_COOKIE, "PHPSESSID=2bp3nhkp3bgftfrr1rjekg03o2");
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookieName);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookieName);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_REFERER, $loginUrl);
$result = curl_exec($ch);
// Resolve the captcha and append it to the post parameters
$captchaText = $this->resolveCaptcha($result);
$postData .= '&LoginForm%5BverifyCode%5D='.$captchaText;
// Resubmit the form with the updated form data
curl_setopt($ch, CURLOPT_REFERER, $loginUrl);
curl_setopt($ch, CURLOPT_URL, $loginUrl);
curl_setopt ($ch, CURLOPT_POST, 1); //FIXED
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postData);
$result = curl_exec($ch);
When I print the end result, I can see that the captcha text was submitted successfully but that the image itself has changed...
I am also attaching a screenshot of the request params as captured with Tamper in a standard Firefox session (so someone might spot if I'm missing something).
The PHP/curl submit code is fully working for non-captcha based sites so the POST parameters submission seems to be working.
It could be that I'm missing something very basic here, any help will be much appreciated.
I also took a look at these posts but couldn't find the answer that I'm looking for.
How CURL Login with Captcha and Session
How to retrieve captcha and save session with PHP cURL?
https://stackoverflow.com/questions/8633282/curl-to-download-a-captcha-and-submit-it
you're using
curl_setopt ($ch, CURLOPT_POST, 0);
in second curl_exec. shoudn't it be
curl_setopt ($ch, CURLOPT_POST, 1);
?
I'm connecting to a website daily to collect some statistics, the website runs .net to make things extra difficult. What i would like to do is to mechanize this process.
I go to http://www.thesite.com:8080/statistics/Login.aspx?ReturnUrl=%2Fstatistics%2Fdataexport.ashx%3FReport%3D99, (the return url is /statistics/dataexport.ashx?Report=99 decoded).
The Login.aspx displays a form, in which I enter my user/pass and when the form is submitted the dataexport.ashx starts to download the file directly. The filename delivered is always statistics.csv.
I have experimented with this a few days now. Are there any resources or does anyone have some kind of hint of what I should try next?
Here is some of my code.
<?php
// INIT CURL
$ch = curl_init();
// SET URL FOR THE POST FORM LOGIN
curl_setopt($ch, CURLOPT_URL, $url);
// ENABLE HTTP POST
curl_setopt ($ch, CURLOPT_POST, 1);
// SET POST PARAMETERS : FORM VALUES FOR EACH FIELD
$viewstate = urlencode('/wEPDwUKM123123daE2MGQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgEFGG1fTG9naW4kTG9naW5JbWFnZUJ1dHASdasdRvbij2MVoasdasdYibEXm/eSdad4hS');
$eventval = urlencode('/wEWBAKMasd123LKJJKfdAvD8gd8KAoCt878OED00uk0pShTQHkXmZszVXtBJtVc=');
curl_setopt ($ch, CURLOPT_POSTFIELDS, "__VIEWSTATE=$viewstate"."__EVENTVALIDATION=$eventval&UserName=myuser&Password=mypassword");
// IMITATE CLASSIC BROWSER'S BEHAVIOUR : HANDLE COOKIES
curl_setopt ($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
# Setting CURLOPT_RETURNTRANSFER variable to 1 will force cURL
# not to print out the results of its query.
# Instead, it will return the results as a string return value
# from curl_exec() instead of the usual true/false.
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
// FOLLOW REDIRECTS AND READ THE HEADER
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_HEADER, true);
// EXECUTE REQUEST (FORM LOGIN)
$store = curl_exec ($ch);
// print the result
print_r($store);
// CLOSE CURL
curl_close ($ch);
?>
Thanks
Trikks
You also need to use CURLOPT_COOKIEFILE to send the cookies along with the next request. Another thing if i remember correctly is that ASPX would set unique value each time for variables like __VIEWSTATE. See if these 2 pointers help.