nsklaus

creation: 2016-12-25category: linux
log into sites with curl

normal method:
curl --fail -s target.com/login -c cookiefile -d "email=bleh@some.net&password=123"
curl -s target.com/url/xyz -b cookiefile</pre></code>

if cookie doesn't get created, grab cookie phpsessid with tcpdump,
use the values with curl:
tcpdump -i eth1 host target.com -s 0 -w - -l 2>/dev/null | grep -ai -m 1 ^Cookie
tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 262144 bytes
Cookie: PHPSESSID=3d34e67e2517d9a9ab1a7f1093c039ef
curl -b "ctime=2147483; PHPSESSID=3d34e67e2517d9a9ab1a7f1093c039ef;"  -d "myuser=john&mypass=123" target.com/login.php
curl -b "ctime=2147483; PHPSESSID=3d34e67e2517d9a9ab1a7f1093c039ef;" target.com


source: stackoverflow.com / dgtlmoon.com
[Back] [Edit]