I'm trying to log into a page that uses xenForo for their forums. I can log in fine without the two-step verification, but if a user is using two-step verification, is it possible to complete the login?
Here's the necessary HTML
<form action="login/two-step" method="post" class="xenForm AutoValidator" data-redirect="yes">
<input name="code" id="ctrl_totp_code" class="textCtrl" type="text">
<label><input name="trust" value="1" type="checkbox"> Trust this device for 30 days</label>
<dd><input name="save" value="Confirm" accesskey="s" class="button primary" type="submit"></dd>
<input name="provider" value="totp" type="hidden">
<input name="_xfConfirm" value="1" type="hidden">
<input name="_xfToken" value="" type="hidden">
<input name="remember" value="0" type="hidden">
<input name="redirect" value="https://www.WEBSITENAME.net/" type="hidden">
</form>
Here's what I tried:
Document twoStepDoc = Jsoup.connect("https://www.WEBSITENAME.net/login/two-step")
.data("cookieexists", "false")
.data("code", code) //code is a String of my 2-step code I'm testing
.data("trust", "1")
.data("_xfConfirm", "1")
.data("_xfToken", "")
.data("remember", "0")
.cookies(loginForm.cookies())
.post()
;
It's late at night / early in the morning and I'm just trying anything right now :P
Got it to work by giving everything a value.
Document twoStepDocA = Jsoup.connect("https://www.WEBSITE.net/login/two-step")
.data("cookieexists", "false")
.data("code", code)
.data("trust", "1")
.data("save", "Confirm")
.data("provider", "totp")
.data("_xfConfirm", "1")
.data("_xfToken", "")
.data("remember", "0")
.data("redirect", "https://www.WEBSITE.net")
.cookies(loginForm.cookies())
.post()
;