Jump to content

Recommended Posts

Hey im trying to log into a site and retrieve information from a page.

 

Im able to login sucessfully using this code:

 

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://quiver.outwar.com/myaccount.php');
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt ($ch, CURLOPT_POSTFIELDS, 'login_username=username&login_password=password');
curl_setopt ($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
$store = curl_exec ($ch);
curl_setopt($ch, CURLOPT_URL, 'http://quiver.outwar.com/crew_vault.php?suid=55726&serverid=6');
$result1 = curl_exec($ch);

echo strip_tags($result1);

curl_close ($ch);

 

However the page that I want to go to :http://quiver.outwar.com/crew_vault.php?suid=55726&serverid=6

 

Is protected by a security word, meaning the first time you go to that page in a session it redirects you to a page : http://quiver.outwar.com/security_prompt.php

and asks you a question for example mine is: What is your favorite movie? then when you submit it brings you to the page you wanted to go.

 

My question is how would I make cURL get past that page?

Link to comment
https://forums.phpfreaks.com/topic/146530-need-curl-help/
Share on other sites

You would need to read the question and submit the answer into the text field. If there is more than one question then you must have the answers ready i.e. store them in an array and get the answer record from the question.

 

Treat cURL as a web browser without a human clicking links or inputting into form fields. However websites will still function as they do in a normal browser, redirecting you if session values aren't set, 404 errors on invalid links, etc. You cannot bypass website security just because you are using cURL.

 

Example using cURL to post into a form where the field names are 'name' & 'answer'

 

<?php	
$dataArray = array('name' => 'joe', 'answer' => 'slumdog millionaire');
# Convert data array into a query string (ie animal=dog&sport=baseball)
foreach($dataArray as $key => $value) {
	if(strlen(trim($value)) > 0) {
		$value = is_array($value) ? $value : urlencode($value);
		$tempString[] = $key . "=" . $value;
	}
	else {
		$tempString[] = $key;
	}
}
$queryString = join('&', $tempString);
curl_setopt($ch, CURLOPT_POSTFIELDS, $queryString);
curl_setopt($ch, CURLOPT_HTTPGET, FALSE);

?>

Link to comment
https://forums.phpfreaks.com/topic/146530-need-curl-help/#findComment-769296
Share on other sites

Theres only one question and thats the question, im not trying to bypass it im trying to answer it so i can go to the other link.

 

this is the form values and stuff

 

<form method="post" action="security_prompt.php">

			<input type="hidden" name="prompt_number" value="12" />
							What is your favorite movie?<br>
<input type="password" name="answer" value="" size="20" maxlength="30"> <br />

			<input type="submit" value="Continue" name="security_submitted" />
		</form>

Link to comment
https://forums.phpfreaks.com/topic/146530-need-curl-help/#findComment-769305
Share on other sites

All you need to do then is add the sample code I have given you to submit the following to security_prompt.php

 

prompt_number = 12

answer =

security_submitted = Continue

 

so:

 

$dataArray = array('prompt_number' => 12, 'answer' => 'slumdog millionaire', 'security_submitted' => 'Continue');

 

Read up on using cURL and write yourself a set of functions as you are likely to need POST and GET routines or set various cURL options in the future.

Link to comment
https://forums.phpfreaks.com/topic/146530-need-curl-help/#findComment-769314
Share on other sites

It still doesnt get me passed that page, this is my code now

 


<?php
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://quiver.outwar.com/myaccount.php');
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt ($ch, CURLOPT_POSTFIELDS, 'login_username=username&login_password=password');
curl_setopt ($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
$store = curl_exec ($ch);
curl_setopt($ch, CURLOPT_URL, 'http://quiver.outwar.com/security_prompt.php?suid=55726&serverid=6');
$result1 = curl_exec($ch);


   $dataArray = array('prompt_number' => 12, 'answer' => 'word', 'security_submitted' => 'Continue');
   # Convert data array into a query string (ie animal=dog&sport=baseball)
   foreach($dataArray as $key => $value) {
      if(strlen(trim($value)) > 0) {
         $value = is_array($value) ? $value : urlencode($value);
         $tempString[] = $key . "=" . $value;
      }
      else {
         $tempString[] = $key;
      }
   }
   $queryString = join('&', $tempString);
   curl_setopt($ch, CURLOPT_POSTFIELDS, $queryString);
   curl_setopt($ch, CURLOPT_HTTPGET, FALSE);
   foreach($dataArray as $key => $value) {
      if(strlen(trim($value)) > 0) {
         $value = is_array($value) ? $value : urlencode($value);
         $tempString[] = $key . "=" . $value;
      }
      else {
         $tempString[] = $key;
      }
   }
   $queryString = join('&', $tempString);
   curl_setopt($ch, CURLOPT_POSTFIELDS, $queryString);
   curl_setopt($ch, CURLOPT_HTTPGET, FALSE);


echo strip_tags($result1);

curl_close ($ch);
?>

Link to comment
https://forums.phpfreaks.com/topic/146530-need-curl-help/#findComment-769322
Share on other sites

You need to learn cURL properly.

Write a function that takes the URL to make the request and any POST data in the form of an array.

Each request is made using curl_exec()

 

What you have basically done is logged in using:

 

curl_setopt($ch, CURLOPT_URL, 'http://quiver.outwar.com/myaccount.php');

curl_setopt ($ch, CURLOPT_POST, 1);

curl_setopt ($ch, CURLOPT_POSTFIELDS, 'login_username=username&login_password=password');

$result1 = curl_exec($ch);

 

And then pasted my example code in. You must make further requests to the website, so your second request is to security_prompt.php

 

i.e.

curl_setopt($ch, CURLOPT_URL, 'http://quiver.outwar.com/security_prompt.php');

// rest of code

 

// execute request

$result = curl_exec($ch);

 

Link to comment
https://forums.phpfreaks.com/topic/146530-need-curl-help/#findComment-769324
Share on other sites

Im not too sure what you meant...

 

is this what you meant?

 

<?php
    $ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://quiver.outwar.com/myaccount.php');
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt ($ch, CURLOPT_POSTFIELDS, 'login_username=username&login_password=pass');
curl_setopt ($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
$result1 = curl_exec ($ch);
curl_setopt($ch, CURLOPT_URL, 'http://quiver.outwar.com/security_prompt.php?suid=55726&serverid=6');
$dataArray = array('prompt_number' => '12', 'answer' => 'word', 'security_submitted' => 'Continue');
   # Convert data array into a query string (ie animal=dog&sport=baseball)
   foreach($dataArray as $key => $value) {
      if(strlen(trim($value)) > 0) {
         $value = is_array($value) ? $value : urlencode($value);
         $tempString[] = $key . "=" . $value;
      }
      else {
         $tempString[] = $key;
      }
   }
   $queryString = join('&', $tempString);
   curl_setopt($ch, CURLOPT_POSTFIELDS, $queryString);
   curl_setopt($ch, CURLOPT_HTTPGET, FALSE);
   foreach($dataArray as $key => $value) {
      if(strlen(trim($value)) > 0) {
         $value = is_array($value) ? $value : urlencode($value);
         $tempString[] = $key . "=" . $value;
      }
      else {
         $tempString[] = $key;
      }
   }
   $queryString = join('&', $tempString);
   curl_setopt($ch, CURLOPT_POSTFIELDS, $queryString);
   curl_setopt($ch, CURLOPT_HTTPGET, FALSE);

$result = curl_exec($ch);
echo strip_tags($result);

curl_close ($ch);
?>

Link to comment
https://forums.phpfreaks.com/topic/146530-need-curl-help/#findComment-769334
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.