-
-
Save antics/4079584 to your computer and use it in GitHub Desktop.
curl -D cookie1.txt blog.xrmplatform.org/wp-login.php | |
# step 1 | |
# get default cookie of blog and write cookie to cookie1.txt | |
# step 2 | |
# simulate browser Firefox( of course , you can use any browser agent<!--more--> what you want!) "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6" | |
# input your username and also password | |
# write new cookie to cookie2.txt | |
curl -A "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6" -D cookie2.txt -b cookie1.txt -F log=username -F pwd=password -F testcookie=1 -F wp-submit="Log In" -F redirect_to=blog.xrmplatform.org/wp-admin -F submit=login -F rememberme=forever blog.xrmplatform.org/wp-login.php | |
# currently cookie2.txt stored all cookie info | |
# we can get all admin page ,such as /wp-admin info by the follow command , and output html data to output.html | |
curl -L -o output.html --cookie cookie2.txt http://blog.xrmplatform.org/wp-admin |
How to execute the code?
The cookie part is better done with -b cookie.txt -c cookie.txt
in all commands.
It doesn't seem to be working.
Still Works after all these years
it doesnt seems to work with newer curl versions, testet with
curl 7.64.0 (armv8a-libreelec-linux-gnueabi) libcurl/7.64.0 OpenSSL/1.0.2q zlib/1.2.11 librtmp/2.3
Cookies sind gesperrt oder werden von deinem Browser nicht unterstützt. Du musst <a href="https://codex.wordpress.org/Cookies">Cookies aktivieren</a>, um WordPress verwenden zu können.<br />
it seems testcookie=1 does not work...
with an older curl version
curl 7.58.0 (x86_64-pc-linux-gnu) libcurl/7.58.0 OpenSSL/1.1.1a zlib/1.2.11 libidn2/2.0.4 libpsl/0.19.1 (+libidn2/2.0.4) nghttp2/1.30.0 librtmp/2.3
it workslike a charm...
any ideas ?
maybe someone can help with this script 👍
user="user" #
password="password" #
path="/storage/downloads" #
curl="/usr/bin/curl" #path curl
tar="/bin/tar" #path to tar
agent="Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6"
site="https://mywebsite.de/wordpress"
##clean ##
rm "$path"/cookie*
## download ##
cd "$path/"
## authenticate and save cookies
"$curl" --dump-header "$path"/cookie1.txt "$site"/wp-login.php
"$curl" --user-agent "$agent" \
--dump-header "$path"/cookie2.txt \
--cookie "$path"/cookie1.txt \
--form log="$user" \
--form pwd="$password" --form testcookie=1 \
--form wp-submit="Log In" \
--form redirect_to="$site"/wp-admin --form submit=login \
--form rememberme=forever "$site"/wp-login.php
## access home page with authenticated cookies and download file
"$curl" -L -o "$path"/file.tar.gz --cookie "$path"/cookie2.txt "$site"/download/569/
##extract file
"$tar" xvf "$path"/file.tar.gz
ok, i found a working solution , the better way was to use -b -c
`user="user" #
password="pwd" #
path="/storage/downloads" #
curl="/usr/bin/curl" #path to curl
tar="/bin/tar" #path to tar
agent="Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6"
site="https://site.de/wordpress"
##aclean ##
rm "$path"/cookie*
## download ##
cd "$path/"
## authenticate and save cookies
"$curl" --dump-header "$path"/cookie1.txt "$site"/wp-login.php
"$curl" --user-agent "$agent" \
--dump-header "$path"/cookie1.txt \
--cookie "$path"/cookie1.txt --cookie-jar "$path"/cookie1.txt\
--form log="$user" \
--form pwd="$password" --form testcookie=1 \
--form wp-submit="Log In" \
--form redirect_to="$site"/wp-admin --form submit=login \
--form rememberme=forever "$site"/wp-login.php
## access home page with authenticated cookies and download compressed guide
"$curl" -L -o "$path"/file.tar.gz --cookie "$path"/cookie1.txt "$site"/download/569/
##extract file
"$tar" xvf "$path"/file.tar.gz
`
Thank you all, especially @DeBaschdi . Just the ticket for making a quick script to monitor the functioning of a page on a client's site.
Stumbled upon this gist, which gave me the initial direction.
Here are my observations:
-A "Mozilla..."
,-F wp-submit
,-F redirect_to
nor-F submit
, unless there is a special plugin that checks these things. The default WordPress login page doesn't check them./wp/
(usingWP_SITEURL
, etc.), you'll get a redirect when visiting/wp-login.php
to/wp/wp-login.php
on both step 1 and step 2, and the login will fail. You have to specify your siteurl in full, eg.blog.xrmplatform.org/wp/wp-login.php
You can simplify step 2 to: