0

I am trying to log into a secure site using CURL. I have successfully manually logged in using the url. When using CURL The response from the server is

You don't have permission to access example.com/login.

I suspect that the server has code in place to prevent CURL type logins for security reasons. Before I throw in the towel, are there any other parameters you would try to simulate a normal browser login? Here's my code: 

define("COOKIE_FILE", "cookie.txt");
$url = "https://example.com/login/";
$username = 'username';
$password = 'password';

$ch = curl_init();
curl_setopt($ch, CURLOPT_COOKIEJAR, COOKIE_FILE);
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, "UserName=$username&Password=$password");
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);

$buf = curl_exec ($ch);
curl_close ($ch);
unset($ch);
echo $buf;
mseifert
  • 5,390
  • 9
  • 38
  • 100
  • I get the identical error with the code that is posted. Oh well... – mseifert Feb 10 '19 at 01:00
  • record the login with Chrome Developer Tools or Fiddler Proxy, then re-implement the browser login procedure with php/curl. here is a php/curl script to login on gmail.com, by the way: https://gist.github.com/divinity76/544d7cadd3e88e057ea3504cb8b3bf7e – hanshenrik Feb 10 '19 at 22:52
  • @hanshenrik - Thanks for the link and advice with Chrome Developer Tools. Clearly it's going to take some sluthing. I'm trying to log into a banking site - it's their job to make it challenging. – mseifert Feb 14 '19 at 06:44
  • did they add a captcha? – hanshenrik Feb 14 '19 at 13:43
  • @hanshenrik No. I made sure the hidden post fields were included with the submit but I am guessing there may be additional javascript that also needs to be executed. I haven't had time to delve into that yet. – mseifert Feb 15 '19 at 02:00
  • fiddler proxy is your friend. anyway, you should make a post explicitly about logging on on that specific site, whatever it is, then you might get help with that website explicitly, and they can't close it for being a duplicate – hanshenrik Feb 15 '19 at 15:29

0 Answers0