[SGVLUG] Blind access through selenium
Marc Lytle via SGVLUG
sgvlug at sgvlug.net
Mon Sep 17 17:27:24 PDT 2018
I get a generic response page from cleeng.com. Tried it with both the last
generated token and with out.
On Mon, Sep 17, 2018 at 5:25 PM Marc Lytle <mlytle4218 at gmail.com> wrote:
> I get a e
>
> On Mon, Sep 17, 2018 at 5:07 PM Michael Proctor-Smith via SGVLUG <
> sgvlug at sgvlug.net> wrote:
>
>> Sounds like Cross-Site Request Forgery (CSRF) protection toke, if you
>> make the request to login without it what gets returned? When I worked on
>> that stuff when we got a request with out a token we would return a token
>> and say repeat.
>>
>> On Mon, Sep 17, 2018 at 4:21 PM Marc Lytle via SGVLUG <sgvlug at sgvlug.net>
>> wrote:
>>
>>> My name is Marc and I'm helping Chime Hart, from this last week's
>>> sgvlug, with his systems. We are trying to log into a website with selenium
>>> and having a bit of trouble. It was suggested I email this group with the
>>> specifics of the problems we've been having. Below is some code I have
>>> used:
>>>
>>> #!/usr/bin/env python
>>> from selenium import webdriver
>>> from selenium.webdriver.firefox.options import Options
>>> from selenium.webdriver.support.ui import WebDriverWait as wait
>>> from selenium.webdriver.support import expected_conditions as EC
>>>
>>> options = Options()
>>> # options.set_headless(headless=True)
>>>
>>> driver = webdriver.Firefox(firefox_options=options,
>>> executable_path=r'/usr/local/bin/geckodriver')
>>> def i24_login():
>>> driver.get ('https://video.i24news.tv/')
>>>
>>> driver.find_element_by_xpath('//*[@id="app"]/div/div/div[1]/div/nav[1]/div/div[3]/div[2]/button').click()
>>> # This line returns True when printed, but doesn't see accessable in
>>> any meaningfull way
>>> # bob = wait(driver,
>>> 20).until(EC.frame_to_be_available_and_switch_to_it(driver.find_element_by_xpath('//iframe[contains(@src,
>>> "auth/2/purchase")]')))
>>> # This line throws an unfound error even though the radio button's
>>> id is authType-1.
>>> bob = wait(driver,
>>> 20).until(EC.frame_to_be_available_and_switch_to_it(driver.find_element_by_id('authType-1')
>>> ))
>>>
>>> print bob
>>>
>>>
>>> i24_login()
>>>
>>> print ("Headless Firefox Initialized")
>>>
>>> It opens the site and clicks the login, but neither wait lines above
>>> results in an object of which I can do anything. 'authType-1' is a radio
>>> button necessary to login and not register as a new user. If anyone can
>>> find a way to access that, then I could easily enter his information to the
>>> login.
>>>
>>> As far as the actual login request goes, it works through a third party (
>>> cleeng.com) and seems to be a simple API call. I've watched the login
>>> process itself from an open browser inspecting the network traffic, but the
>>> login in request seems to have an auto-generated key/token that is created
>>> for each request. I was hoping that I could just script the login and
>>> inject the token, but I haven't found a way to predict that key yet.
>>>
>>> Any help or suggestions would be greatly appreciated.
>>> --
>>> Marc Lytle
>>>
>>
>
> --
> Marc Lytle
>
--
Marc Lytle
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://sgvlug.net/pipermail/sgvlug/attachments/20180917/5d977ccc/attachment-0001.html>
More information about the SGVLUG
mailing list