更新时间:2023-12-03 15:16:58
您的cURL命令不正确。在 si_username
中输入错字,并且在 https
中缺少认证页面中的S.此外,在goto中,您将放置singout页面而不是主页面(或其他页面)。
尝试:
curl -L -F'si_username = name'-F'si_password = xxx'-F'goto = https://www.criticker.com/' -F'si = Go'-c cookiefile.txt https://www.criticker.com/authenticate.php
您甚至可能不需要 goto
和 Go
字段:
curl -L -F'si_username = name'-F'si_password = xxx'-c cookiefile.txt https://www.criticker.com/authenticate.php
I'm trying to login to this page using curl
. The page uses authentication via html forms so http auth using curl --user name:password
is not working in this case. I've found this post where is mentioned that one should search for
action=
attribute under <form>
to obtain correct address where to send data. The snippet from mentioned page looks following:
<form id="si_signinform" name="signinform" method="post" action="https://www.criticker.com/authenticate.php">
<input class="si_input" name="si_username" id="si_input_uname" value="" autocapitalize="none" type="text">
<input class="si_input" name="si_password" id="si_input_pswd" value="" type="password">
<input name="goto" value="https://www.criticker.com/signout.php" type="hidden">
<p id="submit"><input id="si_submit" name="si" value="Go" type="submit"></p>
I've also find this post which says that some attributes might be hidden when the are send to server (seems that this is my case because of "goto" and "si" parameters as shown on screenshots)
So here are steps I did:
curl -L -X POST -F 'si_uername=wakatana' -F 'si_password=$PASWORD' -F 'goto=https://www.criticker.com/signout.php' -F 'si=Go' -c cookiefile.txt http://www.criticker.com/authenticate.php
curl -L -b cookiefile.txt https://www.criticker.com/
When I login from Firefox I can see my username in upper right of page.
But when I issue one of the curl commands and grep
the returned content for username there is no such string. Based on this I deduce that authentication was not successful. But when login via Firefox and use "Copy as cURL" function as stated here I got this:
curl "https://www.criticker.com/" -H "Host: www.criticker.com" -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" -H "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8" -H "Accept-Language: en-US,en;q=0.5" --compressed -H "Referer: https://www.criticker.com/signin.php" -H "Cookie: PHPSESSID=SOME_VALUES_GOES_HERE; gid2=SOME_VALUES_GOES_HERE; uid2=SOME_VALUES_GOES_HERE -H "Connection: keep-alive" -H "Upgrade-Insecure-Requests: 1" -H "DNT: 1"
and it works. The problem is that I need to first login wit Firefox and then issue curl
.
How can I use curl
to login to page which is using forms? Please note I'm looking for some general hints which I can apply to any page (e.g. using proxy, sniffers etc.). I'm not primary interested in this site (but I'm interesting why the curl commands does not work). It is just example which uses form for authentication, if there is some playground for testing such curl
commands please let me know. Thank you
Your cURL command is incorrect. Typo in si_username
and missing the S in https
for the authentication page. Also, in the "goto" you are putting the singout page instead of the main page (or some other page).
Try with:
curl -L -F 'si_username=name' -F 'si_password=xxx' -F 'goto=https://www.criticker.com/' -F 'si=Go' -c cookiefile.txt https://www.criticker.com/authenticate.php
You may not even need the goto
and Go
fields:
curl -L -F 'si_username=name' -F 'si_password=xxx' -c cookiefile.txt https://www.criticker.com/authenticate.php