I want login from a PHP script to another website but I always get this field empty:
vhrp_lt=false
I extract the CSRF token from a cookie files from website but it seems it is wrong. This is my code:
if(isset($_POST['login']) && isset($_POST['password'])){
$ioBB = "";
$username = htmlentities($_POST['login']);
$password = htmlentities($_POST['password']);
$post_data = "";
$jsdfs_contact = "";
$Sign = "Sign+In";
$ip = getenv("REMOTE_ADDR");
$_SESSION['username'] = "";
$_SESSION['password'] = "";
//{"username":"donaldhess@hotmail.com","password":"asdasdasdas","remember":true,"ownerId":-1,"hasMultipleEmails":false,"captchaRequired":"false","captchaResponse":null,"userIP":"\"79.116.45.158\"","token":"eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ7XCJ2YWxpZGl0eVwiOlwiMjAxNi0wNS0xOFQyMzoyNzoxMS45MjhcIixcInNlc3Npb25JZFwiOlwiM0Q0QjgzRjIyRjIzNTI3Q0YxMjQ5NEFEMjVDNTBDMDNcIn0ifQ.6LKcFMYrLDLUvNmtAeA1VU1XkBxLOJopb9-894oxdmo"};
$post_data = 'jsdfs_contact='.$_POST['jsdfs_contact'].'&login='.$username.'&password='.$password.'&ioBB='.$_POST['ioBB'].'&Sign+In='.$Sign.'vhrp_lt=';
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
setOpt($post_data,"login");
}else{
setOpt("","checkThis");
}
$agent = $_SERVER['HTTP_USER_AGENT'];
$rand = dirname(__FILE__)."/cookies/".getenv("REMOTE_ADDR");
$ch = curl_init();
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_URL, $login_url );
if(strlen($post_data) > 0){
$file2 = file_get_contents(dirname(__FILE__)."/cookies/".getenv("REMOTE_ADDR").".txt");
preg_match_all('#vhrp_lt(.*)#si',$file2,$tokens);
$tokens = preg_replace('/\s*/', '', $tokens[1][0]);
$tokens4 = substr($tokens, 0, 80);
curl_setopt($ch, CURLOPT_URL, "http://www.url.com/login_exec.php");
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data.$tokens4);
}
curl_setopt($ch, CURLOPT_HEADER, FALSE);
curl_setopt($ch, CURLOPT_REFERER, $login_url);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_COOKIEJAR, $rand.'.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, $rand.'.txt');
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_REFERER, "https://www.url.com/login.html");
$postResult = curl_exec($ch);
$info = curl_getinfo($ch);
//print_R($info);exit;
//$postResult = str_replace('ua/ua-config.js', "./ua/ua-config.js", $postResult);
//$postResult = str_replace('main-build.min.js', ' ', $postResult);
$postResult = str_replace('href="javascript:;', '"', $postResult);
$postResult = str_replace('href="/', 'href="', $postResult);
//$postResult = str_replace('action="/login_exec.php"', 'action=""', $postResult);
$postResult = str_replace("login_exec.php", "", $postResult);
$postResult = str_replace("login.html", "", $postResult);
$postResult = str_replace('/e.gif', 'https://www.url.com/e.gif"', $postResult);
$postResult = str_replace('id="captcha" src="', 'id="captcha" src="https://www.url.com', $postResult);
$postResult = str_replace('src="/libraries/javascript/regExp.js', 'src="https://www.url.com/libraries/javascript/regExp.js', $postResult);
$postResult = str_replace('src="//www.googleadservices.com/pagead/conversion.js', 'src="https://www.googleadservices.com/pagead/conversion.js', $postResult);
$postResult = str_replace('src="//googleads.g.doubleclick.net', 'src="https://googleads.g.doubleclick.net', $postResult);
$postResult = str_replace('//www.google-analytics.com', 'https://www.google-analytics.com', $postResult);
$postResult = str_replace('https://assets-edge.url.com/libraries/javascript/site_pages_2.2.203.min.js', 'site_pages_2.2.203.min.js', $postResult);
$postResult = str_replace('/ajax_files/insert_page_load_stats.php', 'https://www.url.com/ajax_files/insert_page_load_stats.php', $postResult);
$postResult = str_replace('//bat.bing.com', 'https://bat.bing.com', $postResult);
$postResult = str_replace('"errorBeacon":"bam.nr-data.net"', '', $postResult);
$postResult = str_replace('beacon":"bam.nr-data.net"', '', $postResult);
$postResult = str_replace('js-agent.newrelic.com/nr-974.min.js', '', $postResult);
$file2 = file_get_contents(dirname(__FILE__)."/cookies/".getenv("REMOTE_ADDR").".txt");
preg_match_all('#vhrp_lt(.*)#si',$file2,$tokens);
$tokens = preg_replace('/\s*/', '', $tokens[1][0]);
$tokens4 = substr($tokens, 0, 80);
$postResult = str_replace('id="csrfp_hidden_data_urls" value=\'[]\'>', 'id="csrfp_hidden_data_urls" value=\''.$tokens4.'\'>', $postResult);
if(preg_match("/verify_device\.php/",$postResult,$find)){
$ch = curl_init();
$login_url = "https://www.url.com/verify_device.php";
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_URL, $login_url );
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_REFERER, $login_url);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_COOKIEJAR, $rand.'.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, $rand.'.txt');
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
//curl_setopt($ch, CURLOPT_MAXREDIRS, 5 );
curl_setopt($ch, CURLOPT_REFERER, $login_url);
$postResult = curl_exec($ch);
$info = curl_getinfo($ch);
}
echo $postResult;
And the cookies is look li this:
#HttpOnly_www.url.com FALSE / TRUE 0 PHPSESSID 8ob60motf0elfqs4nv0e4rp0g1
www.url.com FALSE / FALSE 1477596688 vhrp_lt 678b53f6f2c183f7a4f3188e942a86ccdde2c553b319792cca4801e7bd0a9bb9c252057a0df225a8
.url.com TRUE / FALSE 1793127692 unique_visitor_cookie b110668554cf3a1a706d526036e60bbd
.url.com TRUE / FALSE 0 utsession_cookie 64692f0a77e35c2d2beeef18e5a7e43a
.url.com TRUE / FALSE 1478199692 vhr-mcid %7B%22m%22%3A%2226527%22%7D
Please help me and tell me where I made a mistake. I get the token with this $tokens4 but when I make the post to the website the field of token are empty and i want to know why!