3. Need help with a weird postdata

THE FORUM IS IN READ-ONLY MODE

This forum is in read-only mode. The new forum is live at https://discourse.openbullet.dev and registrations are open!

Need help with a weird postdata

  • K

    hello everyone.
    i faced with this strange postdata and when ever i run the debugger i get this error in html view :
    {"statusCode":403,"description":"Invalid state","name":"AnomalyDetected","code":"access_denied"}
    and this is the post data:

    {client_id: "snuIZH5le2MaBPLQ67KAbMkwtsy3wHNJ",…}
client_id: "snuIZH5le2MaBPLQ67KAbMkwtsy3wHNJ"
connection: "ACS"
nuperms: "eyJwZXJtaXNzaW9ucyI6W3siaWQiOiI2NzZlZTJjZS0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9TYXZlcnNfTmV3IiwiY3AiOiJTdW4gU2F2ZXJzIGdpdmVzIHlvdSBjYXNoLCB0cmVhdHMgYW5kIHByaXplcyDigJMgdGhhdOKAmXMgZXhjbHVzaXZlIG9mZmVycyBhbmQgcHJvbW90aW9ucyBpbmNsdWRpbmcgYm9udXMgY29kZXMsIEhvbGlkYXlzIGZyb20gwqM5LjUwLCBTdXBlcmRheXMgYW5kIG1vcmUuIFdlIHRoaW5rIHlvdeKAmWxsIGxvdmUgaXQsIGJ1dCBpZiBub3QsIHlvdSBjYW4gY2hhbmdlIHlvdXIgcHJlZmVyZW5jZXMgYXQgYW55IHRpbWUuIiwidHkiOiJBdXRvIiwidmUiOiIyMDE4LTA5LTIwVDEyOjUwOjA2LjAwMFoiLCJjdCI6IldoYXQgeW914oCZbGwgZ2V0IiwiY2EiOiJOT05FIn0seyJpZCI6IjY3NmVlNzdlLTFkNmMtMTFlOC1iNDY3LTBlZDVmODlmNzE4YiIsImNkIjoiU3VuX1NhdmVyc19CcmFuZCIsImNwIjoiV2XigJlsbCBrZWVwIHlvdSB1cGRhdGVkIG9uIHNwZWNpYWwgb2ZmZXJzIGFuZCBwcm9tb3Rpb25zIGZyb20gcHJvZHVjdHMgbGlrZSBTdW4gQmluZ28sIEVkaXRvcmlhbCBuZXdzbGV0dGVycyBhbmQgbW9yZS4iLCJ0eSI6IlNvZnQiLCJ2ZSI6IjIwMTgtMDktMjBUMTI6NTA6MDYuMDAwWiIsImN0IjoiVGhlcmXigJlzIG1vcmUiLCJjYSI6IkJPT0wiLCJjYTEiOiJJZiB5b3XigJlkIHByZWZlciBub3QgdG8gcmVjZWl2ZSB0aGVzZSwgdGljayBoZXJlLiJ9LHsiaWQiOiI2NzZmMTZlMC0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9NYXJrZXRpbmciLCJjcCI6Ildl4oCZbGwga2VlcCB5b3UgdXAgdG8gc3BlZWQgd2l0aCBleGNsdXNpdmUgb2ZmZXJzLCBwcm9tb3Rpb25zIGFuZCBwcm9kdWN0cyBmcm9tIFRoZSBTdW4gdGhhdCB3ZSB0aGluayB5b3XigJlsbCBsb3ZlLiBTb3VuZCBnb29kPyIsInR5IjoiSGFyZCIsInZlIjoiMjAxOC0wOS0yMFQxMjo1MDowNi4wMDBaIiwiY2giOlsiRW1haWwiLCJQb3N0IiwiUGhvbmUiLCJTTVMiXSwiY3QiOiJUaGF04oCZcyBub3QgYWxsIiwiY2EiOiJNVVRVQUxfRVgiLCJjYTEiOiJZZXMiLCJjYTIiOiJObyJ9LHsiaWQiOiI2NzZlZTUyNi0xZDZjLTExZTgtYjQ2Ny0wZWQ1Zjg5ZjcxOGIiLCJjZCI6IlN1bl9TYXZlcnNfSW5saWZlIiwidHkiOiJBdXRvIiwidmUiOiIyMDE4LTA5LTIwVDEyOjUwOjA2LjAwMFoiLCJjaCI6WyJFbWFpbCIsIlBvc3QiLCJQaG9uZSIsIlNNUyJdLCJjYSI6Ik5PTkUifV19"
nustate: "eyJyZXR1cm5fdXJsIjoiaHR0cHM6Ly9zYXZlcnMudGhlc3VuLmNvLnVrL2xvZ2luIiwicHJvZHVjdEdyb3VwIjoiU3VuX1NhdmVycyJ9"
password: "password"
popup_options: {}
prompt: "login"
protocol: "oauth2"
redirect_uri: "website address
response_type: "code"
scope: "openid profile email"
sso: true
state: "g6Fo2SA3dkRZRjNmc3lCYU5jeG1MOFJVcndOR3E2MllyNEZxb6N0aWTZIERXSVlJSXhTVDc3QlVjZGFXMUF5bWVHOEhhbVgxM0Vso2NpZNkgc251SVpINWxlMk1hQlBMUTY3S0FiTWt3dHN5M3dITko"
tenant: "newsuk-ngn"
username: "email"
_csrf: "sGkMHo3u-gBljwQWoM_XKYqgbaG9TNjuNQ3A"
_intstate: "deprecated"
    0
  • ?

    You have to parse the required values like _csrf and generate 0auth if there is.

    0
  • K

    @Jaxson the _csrf that is in log is different and shorter then the csrf in post data.
    i couldn't find the _csrf on log.

    0
  • ?

    Since you get "Access Denied", one of the parameters must be wrong.

    0
  • Mod

    @Kirkoloft
    Hey do you have check in the login page CTRL+U?

    0
  • K

    @Why001 yeah bro, but it seems to have Akamai according to @Jaxson opinion

    0
  • Mod

    @Kirkoloft Hum I see I see

    0
  • ?

    It's not an opinion, it's a real statement.

    1
    K
     1 Reply
  • Mod

    @Kirkoloft
    There are an akamai bro dead for you

    0
  • K

    @Jaxson ok, bro i saw it. thank you

    0
  • Mod

    If you want we can check it on discord @Kirkoloft

    1
Log in to reply