Difference between revisions of "Reverse-engineer auth and cookies"
(→try to use those same cookies with a different browser) |
(→try to use those same cookies with a different browser) |
||
| Line 85: | Line 85: | ||
I'm beginning to suspect that firefox and firebug have an unexpected behavior. Or are lying to me. | I'm beginning to suspect that firefox and firebug have an unexpected behavior. Or are lying to me. | ||
| + | |||
| + | ===watch cookies accumulate in chrome=== | ||
| + | |||
| + | I start with chrome, logged in to christianscience.com | ||
| + | * clear the cookies in christianscience.com | ||
| + | * clear the cookies in buysub.com | ||
| + | * clear the cookies in w1.buysub.com | ||
| + | * clear the cookies in christianscience.buysub.com | ||
| + | |||
| + | Refresh the tab in christianscience.com and I'm now logged out. | ||
| + | |||
| + | * the only cookie is __ff_prevReqData in christianscience.com | ||
| + | |||
| + | I click to log in and am redirected to w1.buysub.com | ||
| + | |||
| + | I now have cookies in | ||
| + | * w1.buysub.com | ||
| + | * ws.sharethis.com | ||
| + | * seg.sharethis.com | ||
| + | |||
| + | I log in and am redirected to christianscience.com | ||
| + | |||
| + | But chrome doesn't let me export or import cookies as far as I can tell. Ahh, I just had to install a chrome plugin called Edit This Cookie. | ||
| + | |||
| + | I exported the cookies for each of the domains in json. Then I opened a new incognito window, but that didn't have the plugin so I couldn't import the cookies back in. | ||
| + | |||
| + | Instead, I cleared all chrome history and closed all tabs. Then I went to cs.com and I was not authenticated. Then I imported the json for just the three cookies for this domain and I was authenticated. Simple. Why doesn't this work for curl or firefox? | ||
Revision as of 22:41, 1 February 2014
Contents
log in with firefox and export cookies to cookies.txt
This only exports cookies for the given site. Not all domains. But it could be relevant that another domain was used to authenticate and does have some cookies.
Curl options
-b read cookies from this file. Don't store any cookies here. -c write all cookies here -v be verbose -D dump headers to this file -I just show the headers, not the body
rday@ferret:~$ ls -l incookies.txt outcookies.txt ls: cannot access outcookies.txt: No such file or directory -rw-r--r-- 1 rday rday 643 Feb 1 11:25 incookies.txt
use those cookies in curl
rday@ferret:~$ curl -vD headers -b incookies.txt -c outcookies.txt http://christianscience.com/bible-lessons/ebiblelesson/love
* Adding handle: conn: 0x1f03ef0
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x1f03ef0) send_pipe: 1, recv_pipe: 0
* About to connect() to christianscience.com port 80 (#0)
* Trying 174.129.17.231...
* Connected to christianscience.com (174.129.17.231) port 80 (#0)
> GET /bible-lessons/ebiblelesson/love HTTP/1.1
> User-Agent: curl/7.32.0
> Host: christianscience.com
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Sat, 01 Feb 2014 19:41:33 GMT
* Server Apache/2.2.22 (Ubuntu) is not blacklisted
< Server: Apache/2.2.22 (Ubuntu)
< X-Powered-By: eZ Publish
< Expires: Mon, 26 Jul 1997 05:00:00 GMT
< Last-Modified: Sat, 01 Feb 2014 19:41:33 GMT
< Cache-Control: no-cache, must-revalidate
< Pragma: no-cache
< Served-by: christianscience.com
< Content-language: en-US
< Vary: Accept-Encoding
< Transfer-Encoding: chunked
< Content-Type: text/html; charset=utf-8
<
<!DOCTYPE html>
The site thinks I'm not authenticated.
try to use those same cookies with a different browser
Can chrome incognito windows load cookies from a file? Hmm. It isn't apparent how to load a cookie file in chrome. Using another firefox window, I can see that it has the same cookies for this domain, but still can't log in.
I launched a firefox private window and it viewed the cookies for this domain. They looked the same. I exported and diffed them and they were exactly the same. I looked at the cookies for the main third party domain and they were slightly different.
Then I logged in through the private window and exported the cookies for this domain. Still the same.
So the domains I've looked at so far are
- christianscience.com
- buysub.com
- w1.buysub.com
Looking in the cookie database directly with a sqlite client, I can see there is another domain I need to check:
- christianscience.buysub.com
So I create a new private window in firefox and start by verifying that I am not authenticated. And I am not. In another tab, I visit the new domain. The private window picks up 5 cookies. I think these are bleeding through from my normal firefox window which is authenticated properly.
I come back to the main url and refresh to find that I am still unauthenticated. I force a refresh in the new domain tab and get many more cookies. I force a refresh in the main url tab and I'm still unauthenticated.
I'm beginning to suspect that firefox and firebug have an unexpected behavior. Or are lying to me.
watch cookies accumulate in chrome
I start with chrome, logged in to christianscience.com
- clear the cookies in christianscience.com
- clear the cookies in buysub.com
- clear the cookies in w1.buysub.com
- clear the cookies in christianscience.buysub.com
Refresh the tab in christianscience.com and I'm now logged out.
- the only cookie is __ff_prevReqData in christianscience.com
I click to log in and am redirected to w1.buysub.com
I now have cookies in
- w1.buysub.com
- ws.sharethis.com
- seg.sharethis.com
I log in and am redirected to christianscience.com
But chrome doesn't let me export or import cookies as far as I can tell. Ahh, I just had to install a chrome plugin called Edit This Cookie.
I exported the cookies for each of the domains in json. Then I opened a new incognito window, but that didn't have the plugin so I couldn't import the cookies back in.
Instead, I cleared all chrome history and closed all tabs. Then I went to cs.com and I was not authenticated. Then I imported the json for just the three cookies for this domain and I was authenticated. Simple. Why doesn't this work for curl or firefox?
