Difference between revisions of "Reverse-engineer auth and cookies"

From Finninday
Jump to: navigation, search
(Created page with "===log in with firefox and export cookies to cookies.txt=== This only exports cookies for the given site. Not all domains. But it could be relevant that another domain was ...")
 
(log in with firefox and export cookies to cookies.txt)
Line 14: Line 14:
 
</pre>
 
</pre>
  
rday@ferret:~$ curl -b incookies.txt -c outcookies.txt http://christianscience.com/bible-lessons/ebiblelesson/love
+
===use those cookies in curl===
 
+
The site thinks I need to log in.
+
Maybe the behavior of curl is that -c overrides -b, so providing an empty -c is equivalent to providing no cookies at all.
+
 
+
rday@ferret:~$ curl -c incookies.txt http://christianscience.com/bible-lessons/ebiblelesson/love
+
 
+
It still thinks I need to log in.  I'm getting an error:
+
 
+
Could not resolve host: outcookies.txt
+
  
 
<pre>
 
<pre>
rday@ferret:~$ curl -vID -c outcookies.txt http://christianscience.com/bible-lessons/ebiblelesson/love
+
rday@ferret:~$ curl -vD headers -b incookies.txt -c outcookies.txt http://christianscience.com/bible-lessons/ebiblelesson/love
* Rebuilt URL to: outcookies.txt/
+
* Adding handle: conn: 0x1f03ef0
* Adding handle: conn: 0x1713d90
+
 
* Adding handle: send: 0
 
* Adding handle: send: 0
 
* Adding handle: recv: 0
 
* Adding handle: recv: 0
 
* Curl_addHandleToPipeline: length: 1
 
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x1713d90) send_pipe: 1, recv_pipe: 0
+
* - Conn 0 (0x1f03ef0) send_pipe: 1, recv_pipe: 0
* Could not resolve host: outcookies.txt
+
* About to connect() to christianscience.com port 80 (#0)
* Closing connection 0
+
curl: (6) Could not resolve host: outcookies.txt
+
* Adding handle: conn: 0x1713de0
+
* Adding handle: send: 0
+
* Adding handle: recv: 0
+
* Curl_addHandleToPipeline: length: 1
+
* - Conn 1 (0x1713de0) send_pipe: 1, recv_pipe: 0
+
* About to connect() to christianscience.com port 80 (#1)
+
 
*  Trying 174.129.17.231...
 
*  Trying 174.129.17.231...
* Connected to christianscience.com (174.129.17.231) port 80 (#1)
+
* Connected to christianscience.com (174.129.17.231) port 80 (#0)
> HEAD /bible-lessons/ebiblelesson/love HTTP/1.1
+
> GET /bible-lessons/ebiblelesson/love HTTP/1.1
 
> User-Agent: curl/7.32.0
 
> User-Agent: curl/7.32.0
 
> Host: christianscience.com
 
> Host: christianscience.com
Line 50: Line 32:
 
>  
 
>  
 
< HTTP/1.1 200 OK
 
< HTTP/1.1 200 OK
HTTP/1.1 200 OK
+
< Date: Sat, 01 Feb 2014 19:41:33 GMT
< Date: Sat, 01 Feb 2014 19:38:00 GMT
+
Date: Sat, 01 Feb 2014 19:38:00 GMT
+
 
* Server Apache/2.2.22 (Ubuntu) is not blacklisted
 
* Server Apache/2.2.22 (Ubuntu) is not blacklisted
 
< Server: Apache/2.2.22 (Ubuntu)
 
< Server: Apache/2.2.22 (Ubuntu)
Server: Apache/2.2.22 (Ubuntu)
 
 
< X-Powered-By: eZ Publish
 
< X-Powered-By: eZ Publish
X-Powered-By: eZ Publish
 
 
< Expires: Mon, 26 Jul 1997 05:00:00 GMT
 
< Expires: Mon, 26 Jul 1997 05:00:00 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
+
< Last-Modified: Sat, 01 Feb 2014 19:41:33 GMT
< Last-Modified: Sat, 01 Feb 2014 19:38:00 GMT
+
Last-Modified: Sat, 01 Feb 2014 19:38:00 GMT
+
 
< Cache-Control: no-cache, must-revalidate
 
< Cache-Control: no-cache, must-revalidate
Cache-Control: no-cache, must-revalidate
 
 
< Pragma: no-cache
 
< Pragma: no-cache
Pragma: no-cache
 
 
< Served-by: christianscience.com
 
< Served-by: christianscience.com
Served-by: christianscience.com
 
 
< Content-language: en-US
 
< Content-language: en-US
Content-language: en-US
 
 
< Vary: Accept-Encoding
 
< Vary: Accept-Encoding
Vary: Accept-Encoding
+
< Transfer-Encoding: chunked
 
< Content-Type: text/html; charset=utf-8
 
< Content-Type: text/html; charset=utf-8
Content-Type: text/html; charset=utf-8
+
<
 +
        <!DOCTYPE html>
  
<
 
* Connection #1 to host christianscience.com left intact
 
 
</pre>
 
</pre>
 +
 +
The site thinks I'm not authenticated.
 +
 +
===try to use those same cookies with a different browser===
 +
Can chrome incognito windows load cookies from a file?

Revision as of 19:45, 1 February 2014

log in with firefox and export cookies to cookies.txt

This only exports cookies for the given site. Not all domains. But it could be relevant that another domain was used to authenticate and does have some cookies.

Curl options 

-b read cookies from this file.  Don't store any cookies here.
-c write all cookies here

rday@ferret:~$ ls -l incookies.txt outcookies.txt
ls: cannot access outcookies.txt: No such file or directory
-rw-r--r-- 1 rday rday 643 Feb  1 11:25 incookies.txt

use those cookies in curl

rday@ferret:~$ curl -vD headers -b incookies.txt -c outcookies.txt http://christianscience.com/bible-lessons/ebiblelesson/love
* Adding handle: conn: 0x1f03ef0
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x1f03ef0) send_pipe: 1, recv_pipe: 0
* About to connect() to christianscience.com port 80 (#0)
*   Trying 174.129.17.231...
* Connected to christianscience.com (174.129.17.231) port 80 (#0)
> GET /bible-lessons/ebiblelesson/love HTTP/1.1
> User-Agent: curl/7.32.0
> Host: christianscience.com
> Accept: */*
> 
< HTTP/1.1 200 OK
< Date: Sat, 01 Feb 2014 19:41:33 GMT
* Server Apache/2.2.22 (Ubuntu) is not blacklisted
< Server: Apache/2.2.22 (Ubuntu)
< X-Powered-By: eZ Publish
< Expires: Mon, 26 Jul 1997 05:00:00 GMT
< Last-Modified: Sat, 01 Feb 2014 19:41:33 GMT
< Cache-Control: no-cache, must-revalidate
< Pragma: no-cache
< Served-by: christianscience.com
< Content-language: en-US
< Vary: Accept-Encoding
< Transfer-Encoding: chunked
< Content-Type: text/html; charset=utf-8
< 
        <!DOCTYPE html>

The site thinks I'm not authenticated.

try to use those same cookies with a different browser

Can chrome incognito windows load cookies from a file?

Retrieved from "https://finninday.net/wiki/index.php?title=Reverse-engineer_auth_and_cookies&oldid=4376"