Question
I'm trying to login to a website using webrequest and POST.
I've used Chrome's Inspect Element to see what data is being posted:
at login on POST the request header contains this information:
https://stackoverflow.com/questions/19662358
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianret=%2Fro%2Findex.php&sha1=2254****79a19&summon=8b5df8dc0c10323669f43105848ad40b8953fc8e&username=gabriel.zanc&password=&login=Conectare
I can't login with webrequest because the 'summon' value is hardcoded into html from the webpage like this:
<input type=hidden name=summon value='4974d2b410da0ed9abf7079f461eac22d02fb3c9'>
and changes at every session.
The sha1 field is a SHA1 encoding from password & summon.
Any help, or pointing in the right direction would be greatly appreciated.
Thanks SO.
Later:
I tried this:
Dim username As String = "accName"
Dim password As String = "pass"
Dim summon As String = ""
' Connect to WebSite
Dim wbReq As Net.HttpWebRequest = DirectCast(Net.WebRequest.Create("http://www2.gpstracking.ro/ro/login.php?ret=%2Fro%2Findex.php"), Net.HttpWebRequest)
Dim wbResp As Net.HttpWebResponse = DirectCast(wbReq.GetResponse(), Net.HttpWebResponse)
Dim wbHCol As Net.WebHeaderCollection = wbResp.Headers
Dim wbCookieJar As New CookieContainer
wbReq.CookieContainer = wbCookieJar
Dim myStream As IO.Stream = wbResp.GetResponseStream()
Dim myreader As New IO.StreamReader(myStream)
Me.TextBox2.Text = myreader.ReadToEnd
Dim doc As New HtmlAgilityPack.HtmlDocument
doc.LoadHtml(Me.TextBox2.Text)
' get summon value
For Each input As HtmlNode In doc.DocumentNode.SelectNodes("//input")
If input.Attributes("name").Value = "summon" Then
summon = input.Attributes("value").Value
End If
Next
'login
Dim sha1Obj As New System.Security.Cryptography.SHA1CryptoServiceProvider
Dim bytesToHash() As Byte = System.Text.Encoding.ASCII.GetBytes(password + summon)
bytesToHash = sha1Obj.ComputeHash(bytesToHash)
Dim sha1 As String = ""
For Each b As Byte In bytesToHash
sha1 += b.ToString("x2")
Next
Dim postdata = System.Text.Encoding.Default.GetBytes("ret=%2Fro%2Findex.php&sha1=" + sha1 + "&summon=" + summon + "&username=" + username + "&password=&login=Conectare")
Dim postReq As HttpWebRequest = DirectCast(WebRequest.Create("http://www2.gpstracking.ro/ro/login.php"), HttpWebRequest)
postReq.Method = "POST"
postReq.KeepAlive = True
postReq.CookieContainer = wbCookieJar
postReq.ContentType = "application/x-www-form-urlencoded"
postReq.Referer = "http://www2.gpstracking.ro/ro/login.php?ret=%2Fro%2Findex.php"
postReq.UserAgent = "Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0"
postReq.ContentLength = postdata.Length
Dim postreqstream As Stream = postReq.GetRequestStream()
postreqstream.Write(postdata, 0, postdata.Length)
postreqstream.Close()
Dim postresponse As HttpWebResponse
postresponse = DirectCast(postReq.GetResponse(), HttpWebResponse)
wbCookieJar.Add(postresponse.Cookies)
Dim logincookie = wbCookieJar
Dim postreqreader As New StreamReader(postresponse.GetResponseStream())
Me.TextBox1.Text += postreqreader.ReadToEnd
but it's not loggin in.
Solution
Basically you're talking about a screen scrape, first use a web request to get the page that contains the hidden summon field, then you could use something like the HtmlAgilityPack to parse the html and get the value to include on your post.
Also remember when working with an authenticated website that uses cookies your HttpWebRequest will need to be attached to a cookie container for each request to ensure the cookies returned by the authentication request flow with each subsequent request.
