-
November 23rd, 2010, 11:35 AM
#1
Bypass Third Party Login Form (with valid credentials)
First off I'll start by saying what I'm trying to accomplish. Like the title says, I am trying to create a simple snippet of code to allow my users to bypass a login form to a site that is not owned by me but that I have login credentials too. ( I say this because I will not be able to access any local javascript files being hosted on that site for troubleshooting which I realize may make things difficult/impossible)
The reason why I am attempted this is I would like to save time for my users instead of having to enter the password and username each and every time they need to use the site as there are over 20 sets of credentials that are needed for the same site in order to access different sections.
I have done this for another site with no problem just using HTML, but the site i'm stuck on is using javascript to disable the form fields.
I'll also state the obvious ( yes I know that putting the password and username in plain text is not secure in the slightest, and I will counter with saying that this is a local intranet site so as far as that being in issue, it isn't )
I'm not even sure if this can be done with out some form of XSS and obviously I don't want to do that, so I'm hoping someone with a little more knowledge of javascript can take a look at this and advise.
This is my first post so I'll do my best to keep everything in code tags, and if for some reason I'm posting in the wrong section or doing something incorrectly; apologies.
The site I'm trying to create an auto login form for is, https://provisioning.eu.blackberry.com/
The form actions on the site are ( I removed the junk formatting )
Code:
<form name="loginfrm" method="post" onsubmit="return getTzOffset()" action="/MainServlet">
<INPUT TYPE="hidden" name="action" value="login">
<input type="hidden" name="localTimeZoneOffset" value="">
<input type="text" name="username" size="20" tabindex=1 disabled>
<input type="password" name="password" size="20" tabindex=2 disabled>
<input type="submit" name="submit" value="Login" tabindex=3 disabled>
</form>
The main parts that throw me off naturally are
Code:
action="/MainServlet
I've tried changing the action to the name of the site or even the name of the login form but it just brings me to the site with out actually entering in login information or bypassing the page and logging me in.
I don't know anything about javascript, so I'm not sure what part of this is calling internally to allow logins or what not.
From the source code on the page there is a function that "enables" the login fields after a user selects "ok" ( By default the fields are disabled )
Code:
<SCRIPT LANGUAGE="JavaScript1.2">
document.getElementsByName("ok")[0].focus();
function getTzOffset(){
//var ns4=(document.layers) ? true : false;
var d = new Date();
var tz = d.getTimezoneOffset()* (60*1000) ; // convert milliseconds
document.loginfrm.localTimeZoneOffset.value = -tz;
// alert(document.loginfrm.localTimeZoneOffset.value);
return true;
}
function goLogin() {
document.getElementById("disclaimerDiv").style.visibility="hidden";
document.loginfrm.username.disabled = false;
document.loginfrm.password.disabled = false;
document.loginfrm.submit.disabled = false;
}
</SCRIPT>
I'm assuming this is where I'm running into trouble as I don't know how to get around this.
What i've done for my other form that works successfully ( because there is no javascript involved )
is simply change the action to the site name ( example )
Code:
<form action="https://webclient.blackberry.net/BIS-E_Admin/login.do?sitename=random" method="post" id="LoginForm">
<input name="sitename" value="random" type="hidden">
<input value="USERNAMEISHERE" aria-invalid="true" aria-required="true" tabindex="0" id="username" maxlength="120" class="dijitReset" dojoattachpoint="textbox,focusNode" autocomplete="off" name="username" type="hidden">
<input value="PASSWORDISHERE" aria-invalid="false" aria-required="true" tabindex="0" id="password" class="dijitReset" dojoattachpoint="textbox,focusNode" autocomplete="off" name="password" type="hidden">
<input type="image" src="PICTURELINKNAME" name="image" width="73" height="73" onclick="return submitLoginForm(); type="submit" target="_new"class="BEA_FormButton default">
</form>
I realize part of this problem may be an HTML issue because I may be forming some part of my code wrong for the login to the site that has javascript, but more then likely I'm thinking that this can't be done because the action calls to some local javascript function on the site ( but again i'm just reaching )
If anyone could advise, it would be appreciated. Thanks!
-
November 23rd, 2010, 06:55 PM
#2
Re: Bypass Third Party Login Form (with valid credentials)
You need to look into using cURL logins.
If the post was helpful...Rate it! Remember to use [code] or [php] tags.
-
November 24th, 2010, 07:09 PM
#3
Re: Bypass Third Party Login Form (with valid credentials)
Okay, I'll take a look into cURL logins and report back with my results. Thanks PeejAvery!
-J
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|