I'm attempting to create an automated script on my own site which logs into the site, passes some POST Headers and essentially starts an export.
However, I am having difficulty getting passed the login page since there is a rotating key that is different on every page load.
I have tried running the script with no avail, the script below outputs the $xid at the top. But if I check the $xid echoed it is not the same as the current xid value on the page.
Edit: Good question Norman - It's just your simple hidden field with a random value that changes every time the page is reloaded. So basically it seems I have to find the xid of a page before 'curl_exec'-ing it which I don't know how to do or if it's even possible. Maybe this requires some JS along with CURL.
Edit2: Here is an example URL for the demo
Any ideas as to how to get around this?
<?php
set_time_limit(0);
# Begin Header info
$url = "https://secure.mywebsite.com/admin/import.php?mode=export";
$post = "mode=export&data%5yaddayaddayadda";
$agent = 'User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.3) Gecko/2008100922 Ubuntu/8.04 (hardy) Firefox/3.0.3';
# End Header Info
# Begin Processing Info
$ch = curl_init($url);
//curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
//curl_setopt($ch, CURLOPT_COOKIEJAR, '/tmp/cookie.txt');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
$content = curl_exec ($ch);
curl_close ($ch);
# End Processing Info
# Begin finding xID
$regex = '/name=\"xid\" value=\".*?\"/';
preg_match_all($regex,$content,$match);
$xid = substr($match[0][0], 18, -1);
echo $xid;
# End finding xID
# Begin Header info
$url = "http://secure.mywebsite.com/admin/";
$post = "username=myusernamehere&password=mypasswordhere&mode=login&usertype=P&xid=".$xid."&redirect=admin";
$agent = 'User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.3) Gecko/2008100922 Ubuntu/8.04 (hardy) Firefox/3.0.3';
# End Header Info
# Begin Processing Info
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
curl_setopt($ch, CURLOPT_COOKIEJAR, '/tmp/cookie.txt');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
$content = curl_exec ($ch);
curl_close ($ch);
# End Processing Info
# Begin connection to export file
$url = "https://secure.mywebsite.com/admin/import.php?mode=export";
$post = "mode=export&data%5yaddayaddayadda";
# End connection to export file
# Begin Export
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
curl_setopt($ch, CURLOPT_COOKIEJAR, '/tmp/cookie.txt');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
$content = curl_exec ($ch);
echo curl_exec($ch);
curl_close ($ch);
# End export
?>