[SGVLUG] Blind access through selenium

Marc Lytle via SGVLUG sgvlug at sgvlug.net
Mon Sep 17 17:35:58 PDT 2018


with the CORS id
https://cleeng.com/us/login?afid=eef7ec4df467507742995febf73a48ad

On Mon, Sep 17, 2018 at 5:34 PM Michael Proctor-Smith via SGVLUG <
sgvlug at sgvlug.net> wrote:

> I started to look at it and was a mess of JS requests. So to no repeat
> work that you have already done what is the actual login url?
>
> On Mon, Sep 17, 2018 at 5:28 PM Marc Lytle via SGVLUG <sgvlug at sgvlug.net>
> wrote:
>
>> I get a generic response page from cleeng.com. Tried it with both the
>> last generated token and with out.
>>
>> On Mon, Sep 17, 2018 at 5:25 PM Marc Lytle <mlytle4218 at gmail.com> wrote:
>>
>>> I get a e
>>>
>>> On Mon, Sep 17, 2018 at 5:07 PM Michael Proctor-Smith via SGVLUG <
>>> sgvlug at sgvlug.net> wrote:
>>>
>>>> Sounds like Cross-Site Request Forgery (CSRF) protection toke, if you
>>>> make the request to login without it what gets returned? When I worked on
>>>> that stuff when we got a request with out a token we would return a token
>>>> and say repeat.
>>>>
>>>> On Mon, Sep 17, 2018 at 4:21 PM Marc Lytle via SGVLUG <
>>>> sgvlug at sgvlug.net> wrote:
>>>>
>>>>> My name is Marc and I'm helping Chime Hart, from this last week's
>>>>> sgvlug, with his systems. We are trying to log into a website with selenium
>>>>> and having a bit of trouble. It was suggested I email this group with the
>>>>> specifics of the problems we've been having.  Below is some code I have
>>>>> used:
>>>>>
>>>>> #!/usr/bin/env python
>>>>> from selenium import webdriver
>>>>> from selenium.webdriver.firefox.options import Options
>>>>> from selenium.webdriver.support.ui import WebDriverWait as wait
>>>>> from selenium.webdriver.support import expected_conditions as EC
>>>>>
>>>>> options = Options()
>>>>> # options.set_headless(headless=True)
>>>>>
>>>>> driver = webdriver.Firefox(firefox_options=options,
>>>>> executable_path=r'/usr/local/bin/geckodriver')
>>>>> def i24_login():
>>>>>     driver.get ('https://video.i24news.tv/')
>>>>>
>>>>> driver.find_element_by_xpath('//*[@id="app"]/div/div/div[1]/div/nav[1]/div/div[3]/div[2]/button').click()
>>>>>     # This line returns True when printed, but doesn't see accessable
>>>>> in any meaningfull way
>>>>>     # bob = wait(driver,
>>>>> 20).until(EC.frame_to_be_available_and_switch_to_it(driver.find_element_by_xpath('//iframe[contains(@src,
>>>>> "auth/2/purchase")]')))
>>>>>     # This line throws an unfound error even though the radio button's
>>>>> id is authType-1.
>>>>>     bob = wait(driver,
>>>>> 20).until(EC.frame_to_be_available_and_switch_to_it(driver.find_element_by_id('authType-1')
>>>>> ))
>>>>>
>>>>>     print bob
>>>>>
>>>>>
>>>>> i24_login()
>>>>>
>>>>> print ("Headless Firefox Initialized")
>>>>>
>>>>> It opens the site and clicks the login, but neither wait lines above
>>>>> results in an object of which I can do anything. 'authType-1' is a radio
>>>>> button necessary to login and not register as a new user. If anyone can
>>>>> find a way to access that, then I could easily enter his information to the
>>>>> login.
>>>>>
>>>>> As far as the actual login request goes, it works through a third
>>>>> party (cleeng.com) and seems to be a simple API call. I've watched
>>>>> the login process itself from an open browser inspecting the network
>>>>> traffic, but the login in request seems to have an auto-generated key/token
>>>>> that is created for each request. I was hoping that I could just script the
>>>>> login and inject the token, but I haven't found a way to predict that key
>>>>> yet.
>>>>>
>>>>> Any help or suggestions would be greatly appreciated.
>>>>> --
>>>>> Marc Lytle
>>>>>
>>>>
>>>
>>> --
>>> Marc Lytle
>>>
>>
>>
>> --
>> Marc Lytle
>>
>

-- 
Marc Lytle
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://sgvlug.net/pipermail/sgvlug/attachments/20180917/5dc6e4f2/attachment.html>


More information about the SGVLUG mailing list