cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Questions on wifi portal login

From: Ralph Mitchell <ralphmitchell_at_gmail.com>
Date: Fri, 22 Feb 2013 13:14:23 -0500

On Fri, Feb 22, 2013 at 11:47 AM, Ben Greear <greearb_at_candelatech.com>wrote:

>
> I've been trying to get a slightly hacked version of curl to do
> an automated login to a wifi hotspot type of thing, but to date,
> I'm not having too much luck.
>
> I suspect part of the problem might be javascript related, but maybe
> it's user error. The final page I get from the AP talks about enabling
> cookies..though it seems they are properly enabled in curl.
>
> Does anyone see anything obviously wrong with this script below?
>
> And second, are there any suggestions for doing something like scripting
> a 'real' browser such as firefox or google-chrome so that any funny
> javascript
> stuff is automatically taken care of? I'd have to integrate c-ares and
> hack the device & IP bindings into a browser...so not sure how hard
> that would be...
>
>
>
> use strict;
> $|=1;
>
> my $dev = $ARGV[0];
> my $ip4 = $ARGV[1];
> my $ip6 = $ARGV[2];
> my $dns = $ARGV[3];
> my $mgt_pipe = $ARGV[4];
>
> my $rslt = "OK";
>
> print "IFUP-POST: dev: $dev ip4: $ip4 ip6: $ip6 dns: $dns mgt-pipe:
> $mgt_pipe\n";
>
> # Add whitelist for which interfaces we are interested in.
> # Could read this from a file for more flexibility.
> my @devs = (); # Fix this before the script will really do anything
> #my @devs = ("wlan0", "sta1", "sta2", "sta3");
> my @username = ("username", "username", "username", "username");
> my @passwd = ("passwd", "passwd", "passwd", "passwd");
> my $login_url = "http://www.google.com"; # Assume we'll get a portal
> redirect
>
> my $cookie = "/tmp/${dev}_cookie.txt";
> unlink($cookie);
>
> my $i;
> for ($i = 0; $i<@devs; $i++) {
> if ($devs[$i] eq $dev) {
> # Add logic here to access wifi portal web pages, etc.
> # Bind to interface and IP address or it may not work as desired.
> my $un = $username[$i];
> my $pd = $passwd[$i];
>
> # Default to fail..set to OK if we log in properly.
> $rslt = "FAIL";
>
> my $dns_srv = "";
> if ($dns ne "NA") {
> $dns_srv = "--dns_servers $dns";
> }
> my $curl_args = "./local/bin/curl -c $cookie -b $cookie -L --insecure
> -4 --include --interface if!$dev --localaddr $ip4 $dns_srv --dns_interface
> $dev --dns_ipv4_addr $ip4";
>
> print "Command -:$curl_args $login_url:-\n";
> my $page = `$curl_args $login_url`;
> print "Result for url: $login_url -:$page:-\n";
> if ($page =~ /.*Location:\s+(\S+).*/g) {
> # Re-direct
> my $url = $1;
> print "Got URL: $url\n";
> $url =~ s/gateway/Login.action/g;
> $page = `$curl_args $url`;
> print "Result for url: $url -:$page:-\n";
> if ($page =~ /.*sessionid=(\S+)\".*/g) {
> my $session_id = $1;
> # Now, post the login-id
> my $cmd = "$curl_args -d \"guestUser.name=$un&**
> guestUser.password=$pd&**redirect=&switch_url=&err_**
> flag=&byodSessionId=$session_**id&byodAction=\" $url";
> print "Curl command: $cmd\n";
> $page = `$cmd`;
> print "Result for (POST) url: $url -:$page:-\n";
> $rslt = "OK";
> }
> }
> last;
> }
> }

There's an addon for Firefox called LiveHTTPheaders that records the
headers going back and forth when you visit a web page. It shows the urls
that you GET or POST, and the variables that are posted. You might be
missing a step, or not sending all the variables.

As for handling javascript - that's not so easy. If it's pure javascript,
just doing math, text manipulation or something like that, you can pipe it
through a javascript engine (e.g. spidermonkey) and catch the results.
 I've had some success doing that. If the javascript is trying to access
page elements, such as forms, those will not work.

Ralph Mitchell

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-02-22