How do I log in to an https that are using javacookies with Curl?

Question

I trying to log on to my bank using curl. It all works great until it comes to the cookies (which are set by javascript). This is the form i am trying to send (the credentials are fake):

<form  method="post" action="https://www.icabanken.se/Secure/Login/LoginVerify.aspx">
    <input type="hidden" name="pnr" value="8502191714" />
    <input type="hidden" name="JSEnabled" value="1" />
    <input type="hidden" name="OBAS" value="" />
    <input type="hidden" name="refurl" value="" />
    <input type="hidden" name="refurlrequiressigning" value="False" />
    <input type="password" class="typetext" name="Password" id="PasswordSimple" maxlength="4" value="1111" />
    <input class="button-image button-small" type="submit" id="LoginSimplifiedButton" value="Logga in" />
</form>

Using following PHP / CURL code:

enter codssde here

$post_data['pnr'] = '8502191714';
$post_data['password'] = '1111';
$post_data['JSEnabled'] = '1';
$post_data['OBAS'] ='';
$post_data['refurlrequiressigning'] = '';
$post_data['refurl'] = '';  


foreach ( $post_data as $key => $value) {
    $post_items[] = $key . '=' . $value;
}

$post_array = implode ('&', $post_items);

$ch = curl_init();
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLINFO_HEADER_OUT, 1);
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_CERTINFO, 1);
curl_setopt($ch, CURLOPT_BUFFERSIZE, 1000000);

//COOKIES
$Cookiefile='C:\wamp\www\Project1\gcookies.txt';          
curl_setopt($ch, CURLOPT_COOKIEFILE, $Cookiefile);
//curl_setopt($ch, CURLOPT_COOKIEJAR, $Cookiefile);


curl_setopt($ch, CURLOPT_HEADER, 1);  
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 120);
curl_setopt($ch, CURLOPT_TIMEOUT, 120);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_array);

curl_setopt($ch, CURLOPT_URL,'https://www.icabanken.se/Secure/Login/LoginVerify.aspx');
$data = curl_exec($ch);


echo $data;

The response i get is "Your browser is not supporting cookies". It there any neat solution to get around this?

Answer 1

My advice would be to use something like Fiddler2: http://www.fiddler2.com/fiddler2/

Log into your bank normally and Fiddler will log everything (You need to enable https decoding, otherwise it only see's http traffic)

From these logs, you can see the raw header information and raw cookie contents. Then use this information to replicate the login in cURL.