Login to web page using c #
I would like to visit a specific web page and load multiple pages as a registered user. I think I know in theory what to do based on the answer on this StackOverflow question , but I have no idea where in the address I should enter the login credentials. In the above question, it is quite obvious, but it is not so obvious in Aukro.
I would be very grateful for any avice ... :)
source to share
One tricky part is that this login page sets a bunch of session cookies and adds some unique query string parameters for your session. Presumably, you need to get good values from the server for every session you created.
When you land at https://ssl.aukro.cz/enter_login.php , you get 302 Found (which is used in practice for redirects). The complete request looks like this:
Date Wed, 26 Aug 2009 17:50:05 GMT Server Apache Vary Accept-Encoding Set-Cookie ws2 = acda7c76687f; expires = Wed, 26-Aug-2009 18:20:05 GMT; path = /; domain = .aukro.cz Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check = 0, pre-check = 0 Pragma no-cache Location https://ssl.aukro.cz/enter_login.php?session=NmQ2YQFRBVABVgFRVFQAXVRXVFZXWlcHBVRVWAcGUF0OUVJWVVRRXFVUBFFTAAcGAFxUA1NSY2JkZQ%3D%3D&global_login_hash=e16bd60f566a0ae3752997bf21844c4ec2bd0d22&session_login_hash=fecd7825582b6d038d288f67c368090aa369c85d&url=OTFhY1hFRkYDHk4UR0YcV0xaEwweUkgZXEMTDEIeU1VaVBIQb1RARFZDTxNYQQ1YVm4FCkIMAzAxMjY%3D Content-Encoding gzip Content-Length 26 Keep-Alive timeout = 2, max = 9999 Connection Keep-Alive Content-Type text / html; charset = UTF-8
You will need to grab the location of the URL and the cookie it sets ("ws2"). Then you will need to go to that redirect url you grabbed and get the rest of the cookies it sets, which ws2
, stsd_refr
and qeppo_login
.
Then you need to fill the POST body with form elements as above and in the links you provided.
Without knowing anything about this site you are trying to log into, I would venture to suggest that if you don't get good session variables and cookies and enable them for each of your boolean requests, your login attempts might fail.
In short, just use Fiddler or Firebug to understand what the login session looks like and simulate it using the methods you've already seen.
source to share
This could be a valid alternative technique.
Required controls for this:
ID = "user_login"
ID = "user_password"
value = "Přihlásit" (apparently Czech for "Login")
source to share
You will need to browse the source of the webpage and find the <form>
one used to login. This will give you the url you need to submit. You will need to list all the variables that are in the tags <input>
, just like they did in your linked question.
In this case, you need to specify: session, global_login_hash, session_login_hash, url, request_server, user_login, user_password
One way to determine what to send is to use a proxy like Fiddler2 , then use a web browser with its proxy set to Fiddler and login to the web page. Fiddler will provide you with request and response headers and text.
source to share
You need to create an HTTPS POST request containing the following values in the body application/x-www-form-urlencoded
:
user_login = <user name>
user_password = <password>
session = "ZTEzMw9RAAcGUlIABQgDVlcBBVAAB1NRAAFQClAAUQADCAdRDgNRAQcDVwsHBQADVAYAAAYBNjA1Yg=="
global_login_hash = "c6da0c2fa41454f62c80d9cc688f4303ebebb9b3"
session_login_hash = "8e5190abcb4cccee78b7331a616c4fb723f7fe41"
url = "OTFhY1hFRkYDHk4UR0YcV0xaEwweUkgZXEMTDEIeU1VaVBIQb1RARFZDTxNYQQ1YVm4FCkIMAzAxMjY="
request_server = "ssl.aukro.cz"
You can start by supplying values for user_login
and user_password
and ignore the rest, but it's impossible to know exactly what a server is. The encoded values, of course, cannot be reused and you will have to clean them up from the login page before login if necessary.
source to share