0

I am working on getting information that is behind a log in page, and using this as my starting point.

Looking at the Network tab, I looked at the form data and saw there were 3 additional values than just client/password (csrf, time, hash).

I attempted to log into the site as follows.

string formUrl = "mysite_loginaction"; 
string formParams = string.Format("client_id={0}&password={1}", "client", "password");
string cookieHeader;
WebRequest req = WebRequest.Create(formUrl);
req.ContentType = "application/x-www-form-urlencoded";
req.Method = "POST";
byte[] bytes = Encoding.ASCII.GetBytes(formParams);
req.ContentLength = bytes.Length;
using (Stream os = req.GetRequestStream())
{
    os.Write(bytes, 0, bytes.Length);
}
WebResponse resp = req.GetResponse();
cookieHeader = resp.Headers["Set-cookie"];

When I print out the resp to my console, it shows my the log in page, when i was expecting the next page after login (google 2f page).

Do I need to post a csfr, time, and hash values as well to get a successful login?

DjangoBlockchain
  • 534
  • 2
  • 17
  • If the service requires it then yes, you need to add them. Those look like they are probably important but I can't know how the service is implemented. – Crowcoder Feb 28 '18 at 16:07
  • I can probably reproduce the time/hash (I am assuming the hash is my password hashed by the unix stamp to string?) Not entirely sure what the csrf is, but maybe I can log in a few times and see if the value changes, and if not just use that value in my code. – DjangoBlockchain Feb 28 '18 at 16:09
  • I have no idea what they expect in the hash, these things are not standard, the site implementation will define what you need to do. Often it is a hash of the request body but you need a key. csrf is probably the Cross Site Request Forgery token. – Crowcoder Feb 28 '18 at 16:11
  • Ah okay so I will probably just have to log in/out and watch how the values change. Thank you! – DjangoBlockchain Feb 28 '18 at 16:12

2 Answers2

1

Like it has been mentioned in your link, there is a concept of sessionid token. If you do want to stay logged in, you need to pass that token everytime for the following http requests.

Also, the CSRF token will always be different each time you do the request, but you do need to pass it along your next request to be successful.

To know more about CSRF, I should redirect you to this link

R4Z3X
  • 174
  • 1
  • 2
  • 10
  • Hi, thank you for the answer! I have read up upon CSRF's, but I am a little confused on how to replicate it. If it was easily grabbed from the webpage I assume it would not be as affective as it is. Any links/resources for calculating a valid csrf? – DjangoBlockchain Feb 28 '18 at 20:51
0

You're going to have to mess around with it. Most of the time you don't need all the headers, but I would assume that hash is required.