Re: can't login with curl in forum

Hi,

> curl -vvv 'http://labsk.net/index.php?action=login2' \
> -H 'Connection: keep-alive' \
> -H 'Cache-Control: max-age=0' \
> -H 'Upgrade-Insecure-Requests: 1' \
> -H 'Origin: http://labsk.net' \
> -H 'Content-Type: application/x-www-form-urlencoded' \
> -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36' \
> -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' \
> -H 'Referer: http://labsk.net/index.php?action=login' \
> -H 'Accept-Language: en-US,en;q=0.9,es;q=0.8,pt;q=0.7,zh-CN;q=0.6,zh;q=0.5,de;q=0.4,fr;q=0.3' \
> -H 'x-signature: oyQbrF4XBHg40wQdzJytES6thC9z2z+rvs+KQpcIn8M=' \
> -H 'timestamp: 1589063737703' \
> --data 'user=USER%40gmail.com&passwrd=PASSSSS&cookieneverexp=on&c13a08a29=bd8cf50879be944ee415b1319081f6dd&hash_passwrd=' \
> --compressed \
> -c cookies.txt

A couple ideas to try. In my experience with login scripts, the trick to make them work was to exactly duplicate the headers sent, as seen in the network tool. In this way, my scripts never the first 4 -H headers you use. Secondly, the x-signature and timestamp might be different for each post. Third, The 3rd piece of your --data might also be dynamic. You may have to parse the original login page for these values.

David

-----------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-users
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2020-05-13