Reputation: 10084
Sending data to form, but cant work out encrypted post data - work around
Im trying to send some data to a form on a site were im a member using cURL, but when i look at the headers being sent, they seem to have been encrypted.
Is there a way i can get around this by making the computer / server visit the site and actual add the data to the inputs on the form and then hit submit, so that it would generate the correct data and post the form ?
Upvotes: 0
Views: 246
Answers (5)
Reputation: 452
Use AutoHotKeyIt and actually have it use the Browser Normally. It can read from files, and do repetitive tasks infinitely. Also you can push a flag to make it only happen within that application, which means you can have it minimized and yet still preform the action.
You seem to be having issues with the problem of them encrypting the headers and such, so why not simply use that too your advantage? Your still pushing the same data in, but now your working around their system. With little to no side effect too you.
Upvotes: 1
Reputation: 10867
You can use a framework to automate user interaction on the web pages, like Selenium.
This would enable you to not bother reverse engineering anything.
Selenium has binding in various languages, including Python and java.
Upvotes: 1
Reputation: 671
A hacky fix if you can isolate the function that encodes the data you type in the form - is to use something like PyV8 to execute the JS inside python.
Upvotes: 1
Reputation: 2350
Provided the javascript is visible on the website in question, you should be able to simply copy and paste their encryption routines to prepare the headers exactly as they do
Upvotes: 1
Reputation: 93988
You have got a few options:
- reverse engineer the JavaScript that does the encryption (or possibly just encoding) process
- get a browser engine (e.g. the Gecko engine), and add some scripting to it to fill in the forms and push the submit button - of course you would need JavaScript support within the page itself
- parse the HTML using an HTML parser, feed the JavaScript in it to a JavaScript runtime with the correct libraries, fill in the "form" and hit the submit button
It's probably easiest to go for the first option. The JavaScript must be in the open to be able to be executed in the browser. But it may take some time to reverse-engineer as it is likely obfuscated.
Upvotes: 2
Related Questions
- Encrypting HTTP POST data
- Sending data from a form to a http post request but wrong format?
- Passing encrypted data by POST in the form in PHP
- Use curl to post data to a form?
- Curl POST Form Request with Hidden Input Values
- CURL POST input data values in form for retrieving data
- How can I send a POST form with curl that contains hidden form fields?
- Using cURL to POST data to a form
- How to secure sending Post data through cURL?
- Encrypting/Decrypting a POST form