Jump to content

Get Cookie from secure website , KeepAlive HTTPonly

Recommended Posts

Hello ,

A website I am trying to login with my credentials.
And retrieve the cookie into a text file.

Unable to do so.
Is it that certain,  Httponly , type - are not allowed to be fetched.

Then further ,
I will be checking every 5 minutes if my session is active , else re-login and re-fetch the cookie.
For the second part , I will probably fetch some table and see if not in appropriate format do Part 1 : Fetch Cookie - again.
Any better way , tips would be appreciated.



Edited by adityaparakh
Link to comment
Share on other sites

Login Code :

#include <IE.au3>
Global $oIE = _IECreate("https://secure.website.com/customer/login")
Local $username = _IEGetObjById($oIE, "txtuid")
Local $password = _IEGetObjById($oIE, "txtPass")
Local $dob = _IEGetObjById($oIE, "txtDOB")
Local $button = _IEGetObjById($oIE, "btnlogin")

    _IEFormElementSetValue($username, "myusername")
    _IEFormElementSetValue($password, "mypassword")
    _IEFormElementSetValue($dob, "01010101")



My main program works if I do "Inspect Element" from firefox then "Edit and Resend" in the Network section and get cookies from there.
If I use IE to get the cookies , it doesnt work.


Firefox :

 _ga=GA1.2.366767631.1590932540; _fbp=fb.1.1590984178454.643416880; _gid=GA1.2.1683001.1593517227; _uetsid=c3c59d42-40e1-01a2-6591-ca16c2075ed0; _uetvid=d4420170-4507-b522-1741-200cb8ae796e; _gat_UA-32202937-1=1; InterSecure=BB4sZZ5AEKzkXAxV1rkoZA$$; ASP.NET_SessionId=pmejzl1hpi0lyn2vgaflprk0; _gat_UA-32202937-20=1

IE : 

_gid=GA1.2.2099870543.1593790075; _ga=GA1.2.15062417.1588659534; _uetvid=4f509e7c-f849-2e69-f6fe-5c297bd6cb8d; _gat_UA-32202937-20=1; InterSecure=BGJEBZ5AEKwWv3ww0AN7fw$$


The difference is ASP.NET SessionID , this is also visible in IE. But how to get in Autoit.
Is it something to do with being "HttpOnly" , Not clear about this.

What can be an alternate solution ?


My Main Program Code :

;$oHTTP.SetRequestHeader("User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0")
$oHTTP.SetRequestHeader("User-Agent", "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko")
$oHTTP.SetRequestHeader("X-Requested-With", "XMLHttpRequest")
$oHTTP.SetRequestHeader("Connection", "Keep-Alive")
$oHTTP.SetRequestHeader("Referer", "https://secure.website.com")
$oHTTP.SetRequestHeader("Host", "secure.website.com")
;$oHTTP.SetRequestHeader("Origin", "https://secure.website.com")
$oHTTP.SetRequestHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8")
$oHTTP.SetRequestHeader("Cookie", $cookie)

$oReceived = $oHTTP.ResponseText
$oStatusCode = $oHTTP.Status

I have commented two lines ,do they make any difference ?

Edited by adityaparakh
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Create New...