I've searched this site and found how to programmatically log in to a website in C#. However, this specific site encrypts the password somehow before sending the form.
I snooped on several POSTs using Live HTTP Headers for Firefox and found:
Account=[REDACTED]&pw=a0c41f57ef14e43642269bb1e452ae40
Account=[REDACTED]&pw=17fd04959cdf6f44b799221fb9a2e0e3
The password that is sent changes every time.
As I press login, I can see the password change in the form.
I looked at the page source and it might use "MD5 encryption", however I don't know how I would call the function that encrypts it, and I don't know why it changes every time after researching MD5.
Here's the function:
function doLogin(form)
{
var originalpw = form.pw.value;
var b64pw = b64_md5(originalpw);
var hmac_md5pw = hex_hmac_md5(pskey, b64pw)
form.pw.value = hmac_md5pw;
form.dbpw.value = hex_hmac_md5(pskey, originalpw.toLowerCase())
if (form.ldappassword!=null) {
// LDAP is enabled, so send the clear-text password
// Customers should have SSL enabled if they are using LDAP
form.ldappassword.value = originalpw; // Send the unmangled password
}
return true;
}
EDIT:
Alright, now I'm running the javascript using Noesis.Javascript. It works perfectly, but one last thing is the "pskey" variable. It changes every time you load the login page, and I found where it is so I can Regex it from the page source.
HOWEVER:
How will the page know that the webclient that downloaded the html code for the pskey is the same one that sends the POST to login and also GETs the logged in page?
I have these requests:
How can I use the same WebClient for each?
Javascript can be run in C# by using Javascript.Net.
using Noesis.Javascript;
//...
string runJavascript(string str){
using (JavascriptContext context = new JavascriptContext())
{
//Set external variables:
context.SetParameter("var", str);
context.Run("function jsFunc(s) { //encode in here } str2 = jsFunc(var)");
Console.WriteLine(context.GetParameter("str2"));
return context.GetParameter("str2").ToString();
}
}