绕过csrf php curl登录

I want login from a PHP script to another website but I always get this field empty:

vhrp_lt=false

I extract the CSRF token from a cookie files from website but it seems it is wrong. This is my code:

if(isset($_POST['login']) && isset($_POST['password'])){
    $ioBB = "";
   $username = htmlentities($_POST['login']);
   $password = htmlentities($_POST['password']);
   $post_data = "";

   $jsdfs_contact = "";
   $Sign = "Sign+In";
   $ip =  getenv("REMOTE_ADDR");
   $_SESSION['username'] = "";
   $_SESSION['password'] = "";
   //{"username":"donaldhess@hotmail.com","password":"asdasdasdas","remember":true,"ownerId":-1,"hasMultipleEmails":false,"captchaRequired":"false","captchaResponse":null,"userIP":"\"79.116.45.158\"","token":"eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ7XCJ2YWxpZGl0eVwiOlwiMjAxNi0wNS0xOFQyMzoyNzoxMS45MjhcIixcInNlc3Npb25JZFwiOlwiM0Q0QjgzRjIyRjIzNTI3Q0YxMjQ5NEFEMjVDNTBDMDNcIn0ifQ.6LKcFMYrLDLUvNmtAeA1VU1XkBxLOJopb9-894oxdmo"};
   $post_data = 'jsdfs_contact='.$_POST['jsdfs_contact'].'&login='.$username.'&password='.$password.'&ioBB='.$_POST['ioBB'].'&Sign+In='.$Sign.'vhrp_lt=';

$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
    setOpt($post_data,"login");

}else{
    setOpt("","checkThis");
}

$agent = $_SERVER['HTTP_USER_AGENT'];

$rand = dirname(__FILE__)."/cookies/".getenv("REMOTE_ADDR");

     $ch = curl_init();

    curl_setopt($ch, CURLOPT_USERAGENT, $agent);
    curl_setopt($ch, CURLOPT_URL, $login_url );
    if(strlen($post_data) > 0){
        $file2 = file_get_contents(dirname(__FILE__)."/cookies/".getenv("REMOTE_ADDR").".txt");
    preg_match_all('#vhrp_lt(.*)#si',$file2,$tokens);
    $tokens = preg_replace('/\s*/', '', $tokens[1][0]);
    $tokens4 = substr($tokens, 0, 80);
        curl_setopt($ch, CURLOPT_URL, "http://www.url.com/login_exec.php");
        curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data.$tokens4);

    }
    curl_setopt($ch, CURLOPT_HEADER, FALSE);
    curl_setopt($ch, CURLOPT_REFERER, $login_url);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_COOKIEJAR, $rand.'.txt');
    curl_setopt($ch, CURLOPT_COOKIEFILE, $rand.'.txt');
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,  FALSE);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
    curl_setopt($ch, CURLOPT_REFERER, "https://www.url.com/login.html");
    $postResult = curl_exec($ch);
    $info = curl_getinfo($ch);
    //print_R($info);exit;

    //$postResult = str_replace('ua/ua-config.js', "./ua/ua-config.js", $postResult);
    //$postResult = str_replace('main-build.min.js', ' ', $postResult);
    $postResult = str_replace('href="javascript:;', '"', $postResult);
    $postResult = str_replace('href="/', 'href="', $postResult);
    //$postResult = str_replace('action="/login_exec.php"', 'action=""', $postResult);
    $postResult = str_replace("login_exec.php", "", $postResult);
    $postResult = str_replace("login.html", "", $postResult);
    $postResult = str_replace('/e.gif', 'https://www.url.com/e.gif"', $postResult);
    $postResult = str_replace('id="captcha" src="', 'id="captcha" src="https://www.url.com', $postResult);
    $postResult = str_replace('src="/libraries/javascript/regExp.js', 'src="https://www.url.com/libraries/javascript/regExp.js', $postResult);
    $postResult = str_replace('src="//www.googleadservices.com/pagead/conversion.js', 'src="https://www.googleadservices.com/pagead/conversion.js', $postResult);
    $postResult = str_replace('src="//googleads.g.doubleclick.net', 'src="https://googleads.g.doubleclick.net', $postResult);
    $postResult = str_replace('//www.google-analytics.com', 'https://www.google-analytics.com', $postResult);
    $postResult = str_replace('https://assets-edge.url.com/libraries/javascript/site_pages_2.2.203.min.js', 'site_pages_2.2.203.min.js', $postResult);
    $postResult = str_replace('/ajax_files/insert_page_load_stats.php', 'https://www.url.com/ajax_files/insert_page_load_stats.php', $postResult);
    $postResult = str_replace('//bat.bing.com', 'https://bat.bing.com', $postResult);
    $postResult = str_replace('"errorBeacon":"bam.nr-data.net"', '', $postResult);
    $postResult = str_replace('beacon":"bam.nr-data.net"', '', $postResult);
    $postResult = str_replace('js-agent.newrelic.com/nr-974.min.js', '', $postResult);
    $file2 = file_get_contents(dirname(__FILE__)."/cookies/".getenv("REMOTE_ADDR").".txt");
    preg_match_all('#vhrp_lt(.*)#si',$file2,$tokens);
    $tokens = preg_replace('/\s*/', '', $tokens[1][0]);
    $tokens4 = substr($tokens, 0, 80);
    $postResult = str_replace('id="csrfp_hidden_data_urls" value=\'[]\'>', 'id="csrfp_hidden_data_urls" value=\''.$tokens4.'\'>', $postResult);

   if(preg_match("/verify_device\.php/",$postResult,$find)){
       $ch = curl_init();
        $login_url  = "https://www.url.com/verify_device.php";
    curl_setopt($ch, CURLOPT_USERAGENT, $agent);
    curl_setopt($ch, CURLOPT_URL, $login_url );
    curl_setopt($ch, CURLOPT_HEADER, false);
    curl_setopt($ch, CURLOPT_REFERER, $login_url);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_COOKIEJAR, $rand.'.txt');
    curl_setopt($ch, CURLOPT_COOKIEFILE, $rand.'.txt');
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,  2);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
    //curl_setopt($ch, CURLOPT_MAXREDIRS, 5 );
    curl_setopt($ch, CURLOPT_REFERER, $login_url);
    $postResult = curl_exec($ch);
    $info = curl_getinfo($ch);
   }

    echo $postResult;

And the cookies is look li this:

#HttpOnly_www.url.com   FALSE   /   TRUE    0   PHPSESSID   8ob60motf0elfqs4nv0e4rp0g1
www.url.com FALSE   /   FALSE   1477596688  vhrp_lt 678b53f6f2c183f7a4f3188e942a86ccdde2c553b319792cca4801e7bd0a9bb9c252057a0df225a8
.url.com    TRUE    /   FALSE   1793127692  unique_visitor_cookie   b110668554cf3a1a706d526036e60bbd
.url.com    TRUE    /   FALSE   0   utsession_cookie    64692f0a77e35c2d2beeef18e5a7e43a
.url.com    TRUE    /   FALSE   1478199692  vhr-mcid    %7B%22m%22%3A%2226527%22%7D

Please help me and tell me where I made a mistake. I get the token with this $tokens4 but when I make the post to the website the field of token are empty and i want to know why!

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

报告相同问题？

关注问题

CSRF验证失败。使用cURL时 php
2014-05-28 13:30

回答 1 已采纳 A browser will always make a get request to a page (to show the form) before making the post. Con
使用curl登录WS1 http php
2015-11-26 16:39

回答 1 已采纳 I tested some things with this form and if the csrf code is incorrect, then it gives a bad request
CSRF令牌保护意义何在？ csrf php
2019-01-14 16:19

回答 2 已采纳 The CSRF token is random and unique per session. Hence, an attacker can get the value of this toke
php 模拟访问csrf,同一个系统内使用curl模拟post请求如何不被csrf拦截方案
2021-04-12 17:59

刀总的博客 https://nai8.me/article/383本篇我们要做一个事情，就是在同一个yii2应用中，某个action使用curl模拟表单提交到另一个action，但是你我都知道在yii2内如果发送post请求，需要经过csrf验证，那么使用curl模拟的时候...
使用ajax和fetch API修改PHP v3 CSRF php
2016-09-20 20:51

回答 4 已采纳 well after several attempts over the last day and narrowing it down to the fetch api was using I d
在PHP中防止CSRF攻击的最佳方法 csrf php
2012-08-25 00:21

回答 1 已采纳 No. To protect against CSRF, you need to make sure you only trust credentials that are automatica
我无法使用curl登录页面 php
2014-05-23 06:31

回答 1 已采纳 Is it possible for split up the code and try. Not sure it will work. Assumes the second form metho
PHP7.4 FFI 扩展安全问题
2023-02-22 00:35

葫芦娃42的博客 PHP 7.4 FFI扩展 bypass disable_function&[RCTF] nextphp&geek2020 FighterFightsInvincibly
Yii2 CSRF令牌时间段增加 csrf php
2018-04-02 12:24

回答 1 已采纳 You can use frontend and backend as different cookie and session Cookie Backend 'identityCookie'
CSRF Codeigniter 3验证 csrf php
2017-08-13 02:32

回答 1 已采纳 If you're using CodeIgniter CSRF the way the user guide mentions, by setting: $config['csrf_prote
保护PHP脚本免受csrf ...没有PHP会话（跨站点） csrf php
2016-05-26 07:46

回答 1 已采纳 POST requests are harder to fake compared to GET requests, so you have that going for you, which i
php代码审计备忘录
2022-09-30 09:41

莫慌搞安全的博客 php代码审计，关键字备忘
@csrf在Laravel 5.4中不起作用 csrf laravel php
2018-06-22 11:31

回答 3 已采纳 As far as I know, there is no @csrf in 5.4, you must use {{ csrf_field() }} Instead, @csrf is
PHP WebSehll 后门脚本与检测工具
2022-08-01 14:33

wespten的博客 PHP是一种动态弱类型语言，参数传递、类型转换、函数调用方式都非常灵活，这给开发者带来开发便利的同时，也给攻击者编写各种畸形恶意代码带来了很多便利，通过翻阅PHP手册
PHP安全之webshell和后门检测
2021-09-26 11:56

云博客-资源宝的博客基于PHP的应用面临着各种各样的攻击： XSS：对PHP的Web应用而言，跨站脚本是一个易受攻击的点。攻击者可以利用它盗取用户信息。你可以配置Apache，或是写更安全的PHP代码（验证所有用户输入）来防范XSS攻击 SQL注入...
没有解决我的问题, 去提问

悬赏问题

¥15 c程序不知道为什么得不到结果
¥40 复杂的限制性的商函数处理
¥15 程序不包含适用于入口点的静态Main方法
¥15 素材场景中光线烘焙后灯光失效
¥15 请教一下各位，为什么我这个没有实现模拟点击
¥15 执行 virtuoso 命令后，界面没有，cadence 启动不起来
¥50 comfyui下连接animatediff节点生成视频质量非常差的原因
¥20 有关区间dp的问题求解
¥15 多电路系统共用电源的串扰问题
¥15 slam rangenet++配置

码龄粉丝数原力等级 --

绕过csrf php curl登录

0条回答默认最新

悬赏问题

绕过csrf php curl登录

0条回答 默认 最新

悬赏问题

0条回答默认最新