Tricking Websites with cookies, etc.


DevX Home    Today's Headlines   Articles Archive   Tip Bank   Forums   

Results 1 to 5 of 5

Thread: Tricking Websites with cookies, etc.

  1. #1
    Join Date
    Mar 2005
    Posts
    3

    Tricking Websites with cookies, etc.

    Hey all,

    I'm currently writing an application that reads and parses web pages from a site. I am a member of this site, however, the server doesn't know this when my application talks to it. I've checked my cookies for all of the cookies set by the site, and used:

    URL myURL = new URL("http://www.blahblah.com");
    URLConnection myConn;

    myConn = myURL.openConnection();
    myConn.setRequestProperty("Cookie", "A=foo; B=bar");
    myConn.setRequestProperty("User-Agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Q312461)");
    myConn.setRequestProperty("Referer", "http://www.blahblah.com");
    myConn.connect();



    When I print out the inputstream, however, it get the page that says I'm not a member.

    I'm guess I'm missing more stuff to set on my URLConnection. Anyone have any ideas what the server could be looking for so it stops shutting me out?

  2. #2
    Join Date
    Oct 2004
    Posts
    311
    Have you tried calling the login page from your script and writing the response from a successful login?
    You might be able to get more info on what the server expects that way.

  3. #3
    Join Date
    Mar 2005
    Posts
    3
    What do you mean by that?

  4. #4
    Join Date
    Oct 2004
    Posts
    311
    well, when the server uses client side cookies, data is sent to the client (you) when you request to login.
    this is the same info you need to send to the server when you want to fake being logged in

  5. #5
    Join Date
    Mar 2005
    Posts
    3
    Okay, I tried out your recommendation and I got stuck again

    I downloaded httpunit because it makes this coding more intuitive. Here is my current code (including actual site links):

    Code:
    import com.meterware.httpunit.*;
    import com.meterware.httpunit.WebResponse;
    import java.io.*;
    
    public class Main {
       public static void main(String[] args) throws Exception {
      
           String url = "http://comments.myspace.com/index.cfm?fuseaction=user.HomeComments&friendID=358314";
           
           HttpUnitOptions.setExceptionsThrownOnScriptError(false);
    
           WebConversation wc = new WebConversation();
           ClientProperties cp = wc.getClientProperties();       
           cp.setUserAgent("Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.6) Gecko/20050223 Firefox/1.0.1");      
           cp.setAcceptCookies(true);
           
           wc.putCookie("IID","DD02BA2F%2DD58F%2D4225%2D9C79%2D8F58B4C0EECC");       
           wc.putCookie("MYUSERINFO","");
           wc.putCookie("USTID","107842582");
           
           System.out.println("---Attempting to access comment page---");
           WebResponse r = wc.getResponse(url);       
           
           System.out.println(r);
    
           WebLink loginlink = r.getLinkWith("Click Here");
           loginlink.click();
           System.out.println("---Going to login page---");
           WebResponse login = wc.getCurrentPage();
           System.out.println(login);
           
           WebForm forms[] = login.getForms();
    
           forms[1].setParameter("email","foo@bar.com");
           forms[1].setParameter("password","password");
           SubmitButton buttons[] = forms[1].getSubmitButtons();
           
           System.out.println("---Attempting to login---");           
           WebResponse loggingin = forms[1].submit();
           
       }
    }
    And here is the output. I end up getting a "Connection Refused" Error which I don't understand. I printed out the headers @ each step:
    ---Attempting to access comment page---
    HttpWebResponse [url=http://signup.myspace.com/index.cfm?fuseaction=join.step1mod&nextPage=fuseaction%3Duser%2EHomeComments%26friendID%3D 358314; headers=
    CONTENT-TYPE: text/html
    CONNECTION: close
    X-POWERED-BY: ASP.NET
    SERVER: Microsoft-IIS/5.0
    PAGE-COMPLETION-STATUS: Normal
    PAGE-COMPLETION-STATUS: Normal
    PAGE-COMPLETION-STATUS: Normal
    DATE: Mon, 04 Apr 2005 03:04:31 GMT
    SET-COOKIE: IID=DD02BA2F%2DD58F%2D4225%2D9C79%2D8F58B4C0EECC; expires=Sat, 02-Jul-2005 20:04:32 GMT; path=/; domain=.myspace.com;
    SET-COOKIE: MYUSERINFO=; expires=Fri, 04-Mar-2005 19:04:31 GMT; path=/; domain=.myspace.com;
    SET-COOKIE: USTID=109134959; expires=Mon, 04-Apr-2005 20:04:32 GMT; path=/; domain=.myspace.com;
    P3P: CP="CAO DSP COR CUR CON OUR STP UNI" policyref=http://www.flowgo.com/w3c/p3p.xml
    P3P: CP="CAO DSP COR CUR CON OUR STP UNI" policyref=http://derdb.mspaceads.com/w3c/p3p.xml ]
    ---Going to login page---
    HttpWebResponse [url=http://signup.myspace.com/index.cfm?fuseaction=login&Mytoken=20050403200431; headers=
    CONTENT-TYPE: text/html
    CONNECTION: close
    X-POWERED-BY: ASP.NET
    SERVER: Microsoft-IIS/5.0
    PAGE-COMPLETION-STATUS: Normal
    PAGE-COMPLETION-STATUS: Normal
    PAGE-COMPLETION-STATUS: Normal
    DATE: Mon, 04 Apr 2005 03:05:32 GMT
    SET-COOKIE: MYUSERINFO=; expires=Fri, 04-Mar-2005 19:05:32 GMT; path=/; domain=.myspace.com;
    P3P: CP="CAO DSP COR CUR CON OUR STP UNI" policyref=http://www.flowgo.com/w3c/p3p.xml
    P3P: CP="CAO DSP COR CUR CON OUR STP UNI" policyref=http://derdb.mspaceads.com/w3c/p3p.xml ]
    ---Attempting to login---
    java.io.IOException
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:602)
    at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:272)
    at com.meterware.httpunit.HttpWebResponse.readResponseHeader(HttpWebResponse.java:162)
    at com.meterware.httpunit.HttpWebResponse.readHeaders(HttpWebResponse.java:200)
    at com.meterware.httpunit.HttpWebResponse.<init>(HttpWebResponse.java:56)
    at com.meterware.httpunit.HttpWebResponse.<init>(HttpWebResponse.java:67)
    at com.meterware.httpunit.WebConversation.newResponse(WebConversation.java:76)
    at com.meterware.httpunit.WebWindow.getResource(WebWindow.java:164)
    at com.meterware.httpunit.ParsedHTML.getIncludedScript(ParsedHTML.java:357)
    at com.meterware.httpunit.HTMLPage$1.getIncludedScript(HTMLPage.java:257)
    at com.meterware.httpunit.parsing.NekoDOMParser.getIncludedScript(NekoDOMParser.java:105)
    at com.meterware.httpunit.parsing.ScriptFilter.startElement(ScriptFilter.java:92)
    at org.cyberneko.html.filters.DefaultFilter.startElement(Unknown Source)
    at org.cyberneko.html.filters.NamespaceBinder.startElement(Unknown Source)
    at org.cyberneko.html.HTMLTagBalancer.callStartElement(Unknown Source)
    at org.cyberneko.html.HTMLTagBalancer.startElement(Unknown Source)
    at org.cyberneko.html.HTMLScanner$ContentScanner.scanStartElement(Unknown Source)
    at org.cyberneko.html.HTMLScanner$ContentScanner.scan(Unknown Source)
    at org.cyberneko.html.HTMLScanner.scanDocument(Unknown Source)
    at org.cyberneko.html.HTMLConfiguration.parse(Unknown Source)
    at org.cyberneko.html.HTMLConfiguration.parse(Unknown Source)
    at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
    at org.apache.xerces.parsers.DOMParser.parse(Unknown Source)
    at com.meterware.httpunit.parsing.NekoHTMLParser.parse(NekoHTMLParser.java:41)
    at com.meterware.httpunit.HTMLPage.parse(HTMLPage.java:255)
    at com.meterware.httpunit.WebResponse.getReceivedPage(WebResponse.java:1126)
    at com.meterware.httpunit.WebResponse$Scriptable.load(WebResponse.java:688)
    at com.meterware.httpunit.javascript.JavaScript.load(JavaScript.java:89)
    at com.meterware.httpunit.javascript.JavaScriptEngineFactory.load(JavaScriptEngineFactory.jav a:58)
    at com.meterware.httpunit.RequestContext.runScripts(RequestContext.java:44)
    at com.meterware.httpunit.WebWindow.getResponse(WebWindow.java:122)
    at com.meterware.httpunit.WebWindow.sendRequest(WebWindow.java:110)
    at com.meterware.httpunit.WebRequestSource.submitRequest(WebRequestSource.java:253)
    at com.meterware.httpunit.WebRequestSource.submitRequest(WebRequestSource.java:232)
    at com.meterware.httpunit.WebForm.submitRequest(WebForm.java:96)
    at com.meterware.httpunit.WebForm.doFormSubmit(WebForm.java:107)
    at com.meterware.httpunit.WebForm.submit(WebForm.java:69)
    at com.meterware.httpunit.WebForm.submit(WebForm.java:58)
    at newmain.Main.main(Main.java:52)
    Caused by: java.net.ConnectException: Connection refused: connect
    at java.net.PlainSocketImpl.socketConnect(Native Method)
    at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:305)
    at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:171)
    at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:158)
    at java.net.Socket.connect(Socket.java:452)
    at java.net.Socket.connect(Socket.java:402)
    at sun.net.NetworkClient.doConnect(NetworkClient.java:139)
    at sun.net.www.http.HttpClient.openServer(HttpClient.java:402)
    at sun.net.www.http.HttpClient.openServer(HttpClient.java:618)
    at sun.net.www.http.HttpClient.<init>(HttpClient.java:306)
    at sun.net.www.http.HttpClient.<init>(HttpClient.java:267)
    at sun.net.www.http.HttpClient.New(HttpClient.java:339)
    at sun.net.www.http.HttpClient.New(HttpClient.java:320)
    at sun.net.www.http.HttpClient.New(HttpClient.java:315)
    at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:521)
    at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:498)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:626)
    at sun.net.www.protocol.http.HttpURLConnection.getHeaderFieldKey(HttpURLConnection.java:1504)
    at com.meterware.httpunit.HttpWebResponse.loadHeaders(HttpWebResponse.java:216)
    at com.meterware.httpunit.HttpWebResponse.readHeaders(HttpWebResponse.java:198)
    ... 35 more
    java.lang.RuntimeException: java.io.IOException
    at com.meterware.httpunit.WebResponse.getReceivedPage(WebResponse.java:1130)
    at com.meterware.httpunit.WebResponse$Scriptable.load(WebResponse.java:688)
    at com.meterware.httpunit.javascript.JavaScript.load(JavaScript.java:89)
    at com.meterware.httpunit.javascript.JavaScriptEngineFactory.load(JavaScriptEngineFactory.jav a:58)
    at com.meterware.httpunit.RequestContext.runScripts(RequestContext.java:44)
    at com.meterware.httpunit.WebWindow.getResponse(WebWindow.java:122)
    at com.meterware.httpunit.WebWindow.sendRequest(WebWindow.java:110)
    at com.meterware.httpunit.WebRequestSource.submitRequest(WebRequestSource.java:253)
    at com.meterware.httpunit.WebRequestSource.submitRequest(WebRequestSource.java:232)
    at com.meterware.httpunit.WebForm.submitRequest(WebForm.java:96)
    at com.meterware.httpunit.WebForm.doFormSubmit(WebForm.java:107)
    at com.meterware.httpunit.WebForm.submit(WebForm.java:69)
    at com.meterware.httpunit.WebForm.submit(WebForm.java:58)
    at newmain.Main.main(Main.java:52)
    Exception in thread "main"
    Java Result: 1

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center
 
 
FAQ
Latest Articles
Java
.NET
XML
Database
Enterprise
Questions? Contact us.
C++
Web Development
Wireless
Latest Tips
Open Source


   Development Centers

   -- Android Development Center
   -- Cloud Development Project Center
   -- HTML5 Development Center
   -- Windows Mobile Development Center