0

I would like to use my PHP script and Guzzle to login on this website: https://www.test.de/meintest/login/

However, I already tried many solutions and also read this article, I still fail on logging in.. mostly cause the request is build very complicated.. I have used firefox to log the requests the website is doing when I press "Einloggen" (means login). There is a XHR request done before actually logging in. I think this has to do something with the login and parameters..

This is my code so far:

$loginURL = "https://test.de/meintest/login";

$guzzle = new \GuzzleHttp\Client();
$cookieJar = new \GuzzleHttp\Cookie\CookieJar();

$response = $guzzle->request('POST', $loginURL, [
        'form_params' => [
            'username' => "0000000000",
            'password' => "0000000000",
            'action' => 'login'
        ],
        'cookies' => $cookieJar,
        'debug' => true
    ]
);

var_dump($response->getBody()->getContents());
var_dump($guzzle->getConfig('cookies'));

There are also some hidden inputs which get filled with the XHR request I think..

Could you guys may help me and tell me where my failure is..?

EDIT But I also could assume that the reason why it isn't working is the fact that this line var_dump($guzzle->getConfig('cookies')); always prints bool(false) instead of the cookies.. Does the cookies get even saved?

Kind regards and Thank You!

Jan
  • 1,180
  • 3
  • 23
  • 60
  • It looks like they use the response from https://www.test.de/module/GetLoginChallenge to hash the user's password and send the password's hash through to https://www.test.de/meintest/login/. I'm not sure exactly what algorithm they use to hash the password though. It might be useful to use a Javascript debugger to debug their Javascript code. – D Malan Mar 05 '19 at 10:04
  • But wouldn't it be much easier to make a Request to test.de/module/GetLoginChallenge with my password and then send the form with a hashed password? Or is the guzzle request doing the XHR request to test.de/module/GetLoginChallenge too? – Jan Mar 05 '19 at 10:06
  • Nope, it looks they hash the password in the frontend. The `GetLoginChallenge` endpoint returns salts with which they hash the password. – D Malan Mar 05 '19 at 10:07
  • But then I could easily to a simple login with the browser and use the hash on my guzzle which is sent via the form? – Jan Mar 05 '19 at 10:12
  • I just tested it but I am not logged in.. – Jan Mar 05 '19 at 10:19

1 Answers1

0

I've noticed there are 2 hidden inputs "source" and "hash", obviously you are missing those fields.

Nowadays most websites do have CSRF protection. You cannot just post formData to log in.

Xavier Au
  • 21
  • 2
  • But I am sure there is a workaround? As I mentioned there is a XHR request made before.. I guess this request fills the hidden inputs? But I cannot see how.. cause the XHR doesn't return any useful information.. To see this XHR you have to use Mozilla Firefox and set the log past events to true (tick it). – Jan Mar 05 '19 at 09:57