How to use curl to simulate login segmentfault in PHP?
<code>$ch = curl_init();
$url = "https://segmentfault.com/api/user/login?_=fb8eb567a6f2a4ed7d28a1ac62c0d018";
$data = array(
'mail' => ***
'password' => ***
);
foreach ($data as $key => $value){
$postfields .= urlencode($key) . '=' . urlencode($value) . '&';
}
$postfields = rtrim($postfields, '&');
$headers = array(
'Accept:*/*',
'Accept-Encoding:gzip, deflate',
'Accept-Language:zh-CN,zh;q=0.8',
'Connection:keep-alive',
'Content-Length:49',
'Content-Type:application/x-www-form-urlencoded; charset=UTF-8',
'Cookie:mp_18fe57584af9659dea732cf41c1c0416_mixpanel=%7B%22distinct_id%22%3A%20%22153c6c3ec0c91-04fd9c038-12771e2d-1fa400-153c6c3ec0d18a%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; PHPSESSID=web2~dom8lkdgosec57oljs98g2m8k0; _gat=1; Hm_lvt_e23800c454aa573c0ccb16b52665ac26=1463986883,1464937399,1465290769,1465713371; Hm_lpvt_e23800c454aa573c0ccb16b52665ac26=1465717067; _ga=GA1.2.1469164019.1455850659',
'Host:segmentfault.com',
'Origin:https://segmentfault.com',
'Referer:https://segmentfault.com/',
'User-Agent:Mozilla/5.0 (X11; Linux i686 (x86_64)) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.97 Safari/537.36',
'X-Requested-With:XMLHttpRequest',
);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields);
curl_setopt($ch, CURLOPT_ENCODING, "");
$result = curl_exec($ch);
curl_close($ch);
var_dump($result);
返回结果说我用户或密码错误? 账号密码是正确的。</code>Reply content:
<code>$ch = curl_init();
$url = "https://segmentfault.com/api/user/login?_=fb8eb567a6f2a4ed7d28a1ac62c0d018";
$data = array(
'mail' => ***
'password' => ***
);
foreach ($data as $key => $value){
$postfields .= urlencode($key) . '=' . urlencode($value) . '&';
}
$postfields = rtrim($postfields, '&');
$headers = array(
'Accept:*/*',
'Accept-Encoding:gzip, deflate',
'Accept-Language:zh-CN,zh;q=0.8',
'Connection:keep-alive',
'Content-Length:49',
'Content-Type:application/x-www-form-urlencoded; charset=UTF-8',
'Cookie:mp_18fe57584af9659dea732cf41c1c0416_mixpanel=%7B%22distinct_id%22%3A%20%22153c6c3ec0c91-04fd9c038-12771e2d-1fa400-153c6c3ec0d18a%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; PHPSESSID=web2~dom8lkdgosec57oljs98g2m8k0; _gat=1; Hm_lvt_e23800c454aa573c0ccb16b52665ac26=1463986883,1464937399,1465290769,1465713371; Hm_lpvt_e23800c454aa573c0ccb16b52665ac26=1465717067; _ga=GA1.2.1469164019.1455850659',
'Host:segmentfault.com',
'Origin:https://segmentfault.com',
'Referer:https://segmentfault.com/',
'User-Agent:Mozilla/5.0 (X11; Linux i686 (x86_64)) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.97 Safari/537.36',
'X-Requested-With:XMLHttpRequest',
);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields);
curl_setopt($ch, CURLOPT_ENCODING, "");
$result = curl_exec($ch);
curl_close($ch);
var_dump($result);
返回结果说我用户或密码错误? 账号密码是正确的。</code>
Foreword
This article comes from my answer on segmentfault, and I recorded the exciting parts in this blog.
The general meaning is to simulate logging in to segmentfault.com, and my hands are itchy for a while. This article will guide everyone to realize this operation.
Analysis
This is a very good question, but unfortunately, everyone’s replies are all just talk on paper without discussion. The answer with the most votes at the top actually said to give up the packet capture tool, which is simply ridiculous. You can see it directly by running F12 in chrome. The account and password are sent in clear text, why do we need to capture the packet? The http header of the other subject is copied from chrome.
According to my judgment, the cause of your problem is sending too many http headers, of which Content-Length is obviously problematic. This represents the content length. The packet you captured this time was 49, but next time you need to change your account and password. But that’s not necessarily the case. For example, if the account password is too long, it may result in truncation, and an incorrect password will be prompted anyway (because only part of the password is sent).
Plan
In fact, in order to explore this interesting question, I conducted an interesting experiment.
Here we use the node.js model in the simplest scripting language ajax to reconstruct the operation process.
Analysis
Let’s first go to the login page - the source page to take a rough look, among which
<script crossorigin src="https://dfnjy7g2qaazm.cloudfront.net/v-575e20ec/user/script/login.min.js"></script>
This cross-domain request loads a js script. Judging from the name, it should be related to login. We use it here to try to access it. The result is a mess.
According to the naming convention, we guessed that the name before compression might have been called login.js. Let’s see if it has been deleted. We tried to access https://dfnjy7g2qaazm.cloudfront.net/v-575e20ec/user/script/login.js, and it’s still there. It seems that their publisher may not be a Virgo. of.
Well let’s look down here:
$("form[action='/api/user/login']").submit(function() {
var data, url;
url = '/api/user/login';
data = $(this).serialize();
$.post(url, data, function(d) {
if (!d.status) {
return location.href = d.data;
}
});
return false;
});The code is very simple. We know that when the status in the request result is 0, it means the login is successful. At the same time, we also know that the background execution login request page is /api/user/login, that is, https://segmentfault.com/api/user/login. Let’s visit it, and it will get 404. This shows that the server has verified the input and determined that our request does not comply with normal logic. Next we start to forge request headers.
Request header
We use a modern browser similar to chrome to access https://segmentfault.com/user/login normally, press F12, select the network panel to start monitoring requests, then we fill in the account and password at will, and click to log in.
At this time there will be a message below, we extract the Request Header as follows
POST /api/user/login?_=93e1b923149fb56c4fd329fe95ea4001 HTTP/1.1 Host: segmentfault.com Connection: keep-alive Content-Length: 46 Pragma: no-cache Cache-Control: no-cache Accept: */* Origin: https://segmentfault.com X-Requested-With: XMLHttpRequest User-Agent: xxxx Content-Type: application/x-www-form-urlencoded; charset=UTF-8 DNT: 1 Referer: https://segmentfault.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.8,zh-CN;q=0.6,zh;q=0.4 Cookie: PHPSESSID=web5~to8l5ovmt9t3jkb84aevuqf151; Hm_lvt_e23800c454aa573c0ccb16b52665ac26=1465799317; Hm_lpvt_e23800c454aa573c0ccb16b52665ac26=1465799317; _ga=GA1.2.915515414.1465799317; _gat=1
We only need to send these requests to the server in the same way. In theory, there will be no problems, and there will be no more 404s.
Among the data here, some do not need to be sent, and some must be sent.
We can test them one by one.
Debugging
We use nodejs here to simply write a piece of code to test the parameters verified by the server.
The boring test is to keep deleting requests to see if the server will return 404.
The process will not be described in detail, the result is:
The
_in querystring must correspond to theCookieinPHPSESSID.
The value of X-Requested-Withneeds to have the ajax request flag, that is,XMLHttpRequest
The value of Referer
It seems that their server is quite strict.
Source code
var superagent = require('superagent');
superagent.post('https://segmentfault.com/api/user/login?_=7ef046ad4f224034d7b51655238bd870')
.set('Referer', 'https://segmentfault.com/user/login')
.set('X-Requested-With', 'XMLHttpRequest')
.set('Cookie', 'PHPSESSID=web1~395mahoqliohh5kclv894ibpr3; _gat=1; _ga=GA1.2.1234754628.1465797373; Hm_lvt_e23800c454aa573c0ccb16b52665ac26=1465797373; Hm_lpvt_e23800c454aa573c0ccb16b52665ac26=1465797538')
.send({
mail: "xxxxxx",
password: "xxxx"
})
.type('form')
.end(function(err, res) {
if (err || !res.ok) {
console.log(err.status);
} else {
console.log('yay got ' + JSON.stringify(res.body));
}
});
At the same time, the open source is on github at the address segmentfault_loginer
The first part is not encrypted, 90% of the possibility is caused by cookies
Give you a suggestion:
1. Now visit: https://segmentfault.com/ and get the cookie
2. Then submit the post
3._This GET parameter is also very important
You can use Charles to capture HTTPS packets. You can refer to this http://www.tuicool.com/articles/JfEZr23
If the password is encrypted with JS on the front end, you can find this encryption code. You can also find out the encryption algorithm and you can simulate this algorithm for encryption. I also encountered this problem before when I crawled the China Mobile website
看原始http请求
<code>$ch = curl_init();
$url = "https://segmentfault.com/api/user/login?_=259f90fcf626f304c69c52db1454f03e";
$data = array(
'mail' => '***',
'password' => '**',
);
foreach ($data as $key => $value){
$postfields .= urlencode($key) . '=' . urlencode($value) . '&';
}
$postfields = rtrim($postfields, '&');
$headers = array(
'Accept:*/*',
'Accept-Encoding:gzip, deflate',
'Accept-Language:zh-CN,zh;q=0.8',
'Connection:keep-alive',
'Content-Type:application/x-www-form-urlencoded; charset=UTF-8',
'Cookie:mp_18fe57584af9659dea732cf41c1c0416_mixpanel=%7B%22distinct_id%22%3A%20%22153c6c3ec0c91-04fd9c038-12771e2d-1fa400-153c6c3ec0d18a%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; editor-code-detect-disabled=1; PHPSESSID=web2~oag2uol7e47i88hp6t6uqac9b0; Hm_lvt_e23800c454aa573c0ccb16b52665ac26=1465290769,1465713371,1465781816,1465866651; Hm_lpvt_e23800c454aa573c0ccb16b52665ac26=1465867161; _ga=GA1.2.1469164019.1455850659; _gat=1',
'Host:segmentfault.com',
'Origin:https://segmentfault.com',
'Referer:https://segmentfault.com/',
'User-Agent:Mozilla/5.0 (X11; Linux i686 (x86_64)) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.97 Safari/537.36',
'X-Requested-With:XMLHttpRequest',
);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields);
//curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_ENCODING, "");
$result = curl_exec($ch);
curl_close($ch);
var_dump($result);</code>
至少得先保存个cookie在登录吧
之前写过一个
51job的模拟登录并投递简历的demo,代码如下,可参考
<?php
// 首先引入zend框架(官网地址:http://www.zend.com/)
require_once 'Zend/Loader.php';
Zend_Loader::loadClass('Zend_Http_Client');
$client = new Zend_Http_Client();
$client->setCookieJar();
/**
* 登录
*/
//$client->setHeaders('Set-cookie', $response->getHeader('Set-cookie'));
$client->setUri('http://my.51job.com/my/passport_login.php');
$client->setMethod('POST');
$client->setParameterPost(array(
'from_domain' => 'www.51job.com',
'passport_loginName' => '*****', // 账号
'passport_password' => '***' // 密码
));
$res = $client->request();
/**
* 投简历
*/
$client->setUri('http://my.51job.com/sc/sendtwo/send_resume_new.php');
$client->setHeaders('Host', 'my.51job.com');
$client->setHeaders('Cookie', $res->getHeader('Set-cookie'));
$client->setMethod('GET');
$client->setParameterGet(array(
'isEN' => '0',
'rsmid' => '337097130',
'deflang' => '0',
'coverid' => '',
'jsoncallback' => 'jsonp1447931687767',
'_' => '1447931692678',
'jobiduni' => '(73015544)', //括号里面为职位id
));
$rs = $client->request();
print_r($rs);
不错,问题具有代表性
既然是https,那为啥不加上curl的https选项
应该是密码在前端做了hash加密,你可以抓个包看下
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
PHP 8.4 Installation and Upgrade guide for Ubuntu and Debian
Dec 24, 2024 pm 04:42 PM
PHP 8.4 brings several new features, security improvements, and performance improvements with healthy amounts of feature deprecations and removals. This guide explains how to install PHP 8.4 or upgrade to PHP 8.4 on Ubuntu, Debian, or their derivati
7 PHP Functions I Regret I Didn't Know Before
Nov 13, 2024 am 09:42 AM
If you are an experienced PHP developer, you might have the feeling that you’ve been there and done that already.You have developed a significant number of applications, debugged millions of lines of code, and tweaked a bunch of scripts to achieve op
How To Set Up Visual Studio Code (VS Code) for PHP Development
Dec 20, 2024 am 11:31 AM
Visual Studio Code, also known as VS Code, is a free source code editor — or integrated development environment (IDE) — available for all major operating systems. With a large collection of extensions for many programming languages, VS Code can be c
Explain JSON Web Tokens (JWT) and their use case in PHP APIs.
Apr 05, 2025 am 12:04 AM
JWT is an open standard based on JSON, used to securely transmit information between parties, mainly for identity authentication and information exchange. 1. JWT consists of three parts: Header, Payload and Signature. 2. The working principle of JWT includes three steps: generating JWT, verifying JWT and parsing Payload. 3. When using JWT for authentication in PHP, JWT can be generated and verified, and user role and permission information can be included in advanced usage. 4. Common errors include signature verification failure, token expiration, and payload oversized. Debugging skills include using debugging tools and logging. 5. Performance optimization and best practices include using appropriate signature algorithms, setting validity periods reasonably,
PHP Program to Count Vowels in a String
Feb 07, 2025 pm 12:12 PM
A string is a sequence of characters, including letters, numbers, and symbols. This tutorial will learn how to calculate the number of vowels in a given string in PHP using different methods. The vowels in English are a, e, i, o, u, and they can be uppercase or lowercase. What is a vowel? Vowels are alphabetic characters that represent a specific pronunciation. There are five vowels in English, including uppercase and lowercase: a, e, i, o, u Example 1 Input: String = "Tutorialspoint" Output: 6 explain The vowels in the string "Tutorialspoint" are u, o, i, a, o, i. There are 6 yuan in total
How do you parse and process HTML/XML in PHP?
Feb 07, 2025 am 11:57 AM
This tutorial demonstrates how to efficiently process XML documents using PHP. XML (eXtensible Markup Language) is a versatile text-based markup language designed for both human readability and machine parsing. It's commonly used for data storage an
Explain late static binding in PHP (static::).
Apr 03, 2025 am 12:04 AM
Static binding (static::) implements late static binding (LSB) in PHP, allowing calling classes to be referenced in static contexts rather than defining classes. 1) The parsing process is performed at runtime, 2) Look up the call class in the inheritance relationship, 3) It may bring performance overhead.
What are PHP magic methods (__construct, __destruct, __call, __get, __set, etc.) and provide use cases?
Apr 03, 2025 am 12:03 AM
What are the magic methods of PHP? PHP's magic methods include: 1.\_\_construct, used to initialize objects; 2.\_\_destruct, used to clean up resources; 3.\_\_call, handle non-existent method calls; 4.\_\_get, implement dynamic attribute access; 5.\_\_set, implement dynamic attribute settings. These methods are automatically called in certain situations, improving code flexibility and efficiency.
