Home > Net >  Accessing URL behind authentication when basic-auth and cookie-jar aren't working
Accessing URL behind authentication when basic-auth and cookie-jar aren't working

Time:09-30

I'm trying to access a file at mynetdaily.com using the following two commands:

curl --cookie-jar cookies.txt --form password=XXXXXXX --form username-or-email=XXXXXXXXXXX http://www.mynetdiary.com/establishSession.do

curl -b cookies.txt https://www.mynetdiary.com/exportData.do?year=2021 -v

This reliably produces a 401 Permission Denied error, despite passing correct credentials (which I have replaced with XXXX above). The form fields are correct and I believe the action URL is correct because that's where the site temporarily redirects you to, but as the form action is handled by a large javascript I couldn't be certain. I've tried it with the original login page and the eventual landing page instead and none work.

If you're interested in trying it out you can make a free account and access the URL in the second command yourself if you want to test it.

Any help is greatly appreciated!

CodePudding user response:

Thanks to @CBroe's help, I was able to find the answer. What was necessary was a json payload with the right fields and the right target URL, which showed up in the Network tab.

curl -X POST http://www.mynetdiary.com/muiSignIn.do \
   -H "Content-Type: application/json" \
   -d '{"login":"XXXXXXXX","password":"XXXXXXXX","rememberMe":"true"}' \
   --user "login:password" --cookie-jar cookies.txt

curl -b cookies.txt https://www.mynetdiary.com/exportData.do?year=2021 -v
  •  Tags:  
  • curl
  • Related