dtjzpg5313 2015-07-13 22:27
浏览 614

Steam卷曲登录 - 获取cookie + sessionid(多个请求?)

I'm currently trying to get my sessionid and cookie from steam login.

When I login manually and check the network responses, I can see the info I need. It's located mainly in the dologin/

http://imgur.com/a/ZFwAQ - First image is getrsakey/ and the second image is dologin/

On the second image I marked what I need with a red box. I think I just need the browserid and steamMachineAuth.

$url = "https://steamcommunity.com/login/getrsakey/";
$params = ['username' => "MyUsername", 'password' => "MyPassword"];

$cookie_jar = tempnam('/tmp', 'cookie');

$session = curl_init($url);

curl_setopt($session, CURLOPT_POST, true);
curl_setopt($session, CURLOPT_POSTFIELDS, $params);
curl_setopt($session, CURLOPT_HEADER, 1);
curl_setopt($session, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($session, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($session, CURLOPT_TIMEOUT, 30);
curl_setopt($session, CURLOPT_MAXREDIRS, 10);
curl_setopt($session, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($session, CURLOPT_COOKIEJAR, $cookie_jar);

$response = curl_exec($session);
die(var_dump($cookie_jar));
curl_close($session);

With the curl above, it seems like I only get getrsakey/ stats for obvious reasons. I tried making a second curl request with the cookiejar I made, and then request dologin/ but all I'm getting back is

"{"success":false}bool(true)}"

TLDR: I need the browserid and steamMachineAuth from the dologin/ - See link above (Second image) basically the whole cookie if possible.

  • 写回答

1条回答 默认 最新

  • dongpaipu8394 2016-02-16 09:51
    关注

    I know it is some time after question was added, but i think someone might still need an answer.

    As You said, You need to make second request dologin/ but not with the cookiejar You made.

    First of all when You send request to getrsakey/ You need only username parameter (password is not needed).

    Than in response You get rsa key which You need to encrypt Your password using RSA method (key is divided into key modulus and key exponent).

    RSA encrypted password needs to be encoded with base64 and that is the password parameter You send to dologin/

    But unfortunately STEAM might want to get Captcha code and/or SteamGuard code if account is protected, so You need to implement that as well.

    I don't have working PHP code, but You may look into SteamBot writen in C# and write Your code based on it. Search for Dologin method in SteamWeb.cs file: https://github.com/Jessecar96/SteamBot/blob/master/SteamTrade/SteamWeb.cs#L88

    评论

报告相同问题?

悬赏问题

  • ¥15 ads仿真结果在圆图上是怎么读数的
  • ¥20 Cotex M3的调试和程序执行方式是什么样的?
  • ¥20 java项目连接sqlserver时报ssl相关错误
  • ¥15 一道python难题3
  • ¥15 用matlab 设计一个不动点迭代法求解非线性方程组的代码
  • ¥15 牛顿斯科特系数表表示
  • ¥15 arduino 步进电机
  • ¥20 程序进入HardFault_Handler
  • ¥15 oracle集群安装出bug
  • ¥15 关于#python#的问题:自动化测试