I have been having a lot of success using invoke-webrequest to log in to websites but I'm stumped. I am trying to log into https:// ctslink.com or https:// direct.ctslink.com. The login form has a hidden token field which changes every time I try to login, I believe is what is causing the problem. Another thing I noticed was the session variable $fb is null after the first call to invoke-webrequest.
$r=Invoke-WebRequest www.ctslink.com -SessionVariable $fb
$form = $r.Forms[0]
$form.Fields["userId"] = "MyUsername"
$form.Fields["passwd"] = "MyPassword"
$r=Invoke-WebRequest 'https://ctslink.com/login.do' -WebSession $fb -Body $form.Fields
Any help would be greatly appreciated,
Mike
Don't put a $ for the session variable argument. Try this -
$c = $host.UI.PromptForCredential('Your Credentials', 'Enter Credentials', '', '')
$r = Invoke-WebRequest 'http://1.2.3.4/' -SessionVariable my_session
$form = $r.Forms[0]
$form.fields['username'] = $c.UserName
$form.fields['password'] = $c.GetNetworkCredential().Password
$r = Invoke-WebRequest -Uri ('http://1.2.3.4' + $form.Action) -WebSession $my_session -Method POST -Body $form.Fields
Related
while experimenting Google Oauth authentication, I have some issues when using Invoke-RestMethod in place of Invoke-WebRequest, which is working.
See the samples below. What's wrong with Invoke-RestMethod?
No wonder why Microsoft is using Invoke-WebRequest in the official documents... :-)
Invoke-WebRequest
$Global:Token_uri = "https://www.googleapis.com/oauth2/v4/token";
$scopes = "https://www.googleapis.com/auth/photoslibrary https://www.googleapis.com/auth/photoslibrary.readonly https://www.googleapis.com/auth/photoslibrary.readonly.appcreateddata https://www.googleapis.com/auth/photoslibrary.appendonly https://www.googleapis.com/auth/photoslibrary.sharing";
$redirect_uri = "urn:ietf:wg:oauth:2.0:oob";
$grant = "authorization_code";
# Launch browser to start initial authentication
Start-Process "https://accounts.google.com/o/oauth2/v2/auth?client_id=$Global:ClientId&scope=$([string]::Join("%20", $scopes))&access_type=offline&response_type=code&redirect_uri=$redirect_uri";
$code = Read-Host "Please enter Google authentication code"
$body = "client_id=$Global:ClientId&client_secret=$Global:CSecret&redirect_uri=$redirect_uri&code=$code&grant_type=authorization_code"
# This works
$response = Invoke-WebRequest https://www.googleapis.com/oauth2/v4/token -ContentType application/x-www-form-urlencoded -Method POST -Body $body
Invoke-RestMethod
$Global:Token_uri = "https://www.googleapis.com/oauth2/v4/token";
$scopes = "https://www.googleapis.com/auth/photoslibrary https://www.googleapis.com/auth/photoslibrary.readonly https://www.googleapis.com/auth/photoslibrary.readonly.appcreateddata https://www.googleapis.com/auth/photoslibrary.appendonly https://www.googleapis.com/auth/photoslibrary.sharing";
$redirect_uri = "urn:ietf:wg:oauth:2.0:oob";
$grant = "authorization_code";
# Launch browser to start initial authentication
Start-Process "https://accounts.google.com/o/oauth2/v2/auth?client_id=$Global:ClientId&scope=$([string]::Join("%20", $scopes))&access_type=offline&response_type=code&redirect_uri=$redirect_uri";
$code = Read-Host "Please enter Google authentication code"
$body = #{
code = $code;
client_id = $Global:ClientId;
client_secret = $Global:CSecret;
redirect_uri = $redirect_uri;
grant_type = $grant;
};
# throws 400
$response = Invoke-RestMethod -Uri $Global:Token_uri -Method POST -Body $body -ContentType "application/x-www-form-urlencoded";
just got a simple code from my friend.
He wants to fill a form on a website and save the results.
The code fills the fields correctly, but thats it, nothing more.
I'm new to coding so andybod can help me / has a hint?
$R = Invoke-WebRequest -URI https://kfz2.virtuelles-rathaus.de/igv/servlet/Internetgeschaeftsvorfaelle?MANDANT=08215000"&"AUFRUF=WKZ -SessionVariable fb
$Form = $R.Forms[0]
$Form.fields
$Form.Fields["INPUT-TXT_KENNZEICHENSUCHE_ERKENNUNGSZEICHEN"]="MK"
$Form.Fields["INPUT-TXT_KENNZEICHENSUCHE_ZIFFERN"]="??"
$Uri = "https://kfz2.virtuelles-rathaus.de/igv/servlet/Internetgeschaeftsvorfaelle?MANDANT=08215000&AUFRUF=WKZ" + $Form.Action
$R = Invoke-WebRequest -Uri $Uri -WebSession $FB -Method POST -Body $Form.Fields
I am having difficulty creating a Powershell script to login to a website and download a file. The script seems to be logging in just fine (I receive a successful status return) but when I attempt to download the file, I receive an Unauthorized message in return.
Code is below:
$r=Invoke-WebRequest http://testurl/index.htm -SessionVariable fb
$form = $r.Forms[0]
$form.fields["loginusername"] = "user"
$form.fields["loginpassword"] = "pass"
$r=Invoke-WebRequest -Uri ("https://testurl/index.htm" + $form.Action) -WebSession $fb -Method POST -Body $form.Fields
Invoke-WebRequest -Uri "https://testurl/api/table.csv" -WebSession $fb -OutFile "C:\status\current.csv"
Thanks for any guidance!
I've seen the example you're trying to reference. It had a few mistakes when I tried to replicate it, too. I've automated some site logins/downloads; here's an adjustment to try:
$r=Invoke-WebRequest http://testurl/index.htm
$r.Forms.fields.loginusername = 'user'
$r.Forms.fields.loginpassword = 'pass'
Invoke-WebRequest -Uri 'https://testurl' + $form.Action) -SessionVariable fb -Method POST -Body $r
Invoke-WebRequest -Uri 'https://testurl/api/table.csv' -WebSession $fb -OutFile 'C:\status\current.csv'
So, i am trying to log into Adobe.com with Invoke-webrequest and am not getting an error but am not able to log in. I have installed Fiddler to get all the right fields for the login form. So, here is my script that doesn't log in but doesn't give an error.
$wr = Invoke-WebRequest -Uri 'https://adobeid-na1.services.adobe.com/renga-idprovider/pages/login?callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FSunbreakWebUI1%2FAdobeID%2Ftoken%3Fredirect_uri%3Dhttps%253A%252F%252Faccounts.adobe.com%252F%2523from_ims%253Dtrue%2526old_hash%253D%2526api%253Dauthorize%2526reauth%253Dforce&client_id=SunbreakWebUI1&scope=AdobeID%2Copenid%2Csunbreak%2Cacct_mgmt_webui%2Cgnav%2Cadditional_info.account_type%2Csao.cce_private%2Ccreative_cloud%2Cread_countries_regions%2Cupdate_profile.password%2Cadditional_info.roles%2Cupdate_profile.optionalAgreements%2Cupdate_profile.change_password%2Cadditional_info.social%2Csocial.link%2Cunlink_social_account%2Creauthenticated&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2FSunbreakWebUI1%3Fredirect_uri%3Dhttps%253A%252F%252Faccounts.adobe.com%252F%2523from_ims%253Dtrue%2526old_hash%253D%2526api%253Dauthorize%2526reauth%253Dforce%26response_type%3Dtoken&display=web_v2&relay=e4a0063e-836e-4c51-8a39-4016d0f8ad8e&locale=en_US&flow_type=token&client_redirect=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fredirect%2FSunbreakWebUI1%3Fclient_redirect%3Dhttps%253A%252F%252Faccounts.adobe.com%252F%2523from_ims%253Dtrue%2526old_hash%253D%2526api%253Dauthorize%2526reauth%253Dforce&idp_flow_type=login&reauthenticate=force' -SessionVariable adobe
#These are the login values that i got from Fiddler
$vals = #{
authSrc='AdobeID';
callback=$($wr.Forms[0].Fields.adobeid_callback);
#client_id=$($wr.Forms[0].Fields.adobeid_client_id);
client_id='SunbreakWebUI1';
client_redirect=$($wr.Forms[0].Fields.adobeid_client_redirect);
denied_callback=$($wr.Forms[0].Fields.adobeid_denied_callback);
display=$($wr.Forms[0].Fields.adobeid_display);
flow=$($wr.Forms[0].Fields.adobeid_flow);
flow_type=$($wr.Forms[0].Fields.adobeid_flow_type);
force_marketing_permission=$($wr.Forms[0].Fields.adobeid_force_marketing_permission);
idp_flow_type=$($wr.Forms[0].Fields.adobeid_idp_flow_type);
is_reauthenticating='false';
locale=$($wr.Forms[0].Fields.adobeid_locale);
page_name='SignIn_Form';
password='MyPassword1';
relay=$($wr.Forms[0].Fields.adobeid_relay);
scope=$($wr.Forms[0].Fields.adobeid_scope);
username='myname#sample.com';
vi=''
}
#Now I am logging into adobe with a post.
$wr2 = Invoke-WebRequest -Uri 'https://adobeid-na1.services.adobe.com/renga-idprovider/pages/login.do' -WebSession $adobe -Method Post -Body $vals
all of these urls and form values were pulled from Fiddler.
Anyone have thoughts on what i am missing? or how to troubleshoot the script?
My $vals hash table looks like this.
Name Value
---- -----
relay e4a0063e-836e-4c51-8a39-4016d0f8ad8e
username myname#sample.com
vi
scope AdobeID,openid,sunbreak,acct_mgmt_webui,gnav,additional_info.account_type,sao.cce_private,creative_cloud,read_countries_regions,update_profile.pass...
is_reauthenticating false
password MyPassword1
authSrc AdobeID
denied_callback https://ims-na1.adobelogin.com/ims/denied/SunbreakWebUI1?redirect_uri=https%3A%2F%2Faccounts.adobe.com%2F%23from_ims%3Dtrue%26old_hash%3D%26api%3Da...
display web_v2
idp_flow_type login
locale en_US
force_marketing_permission false
flow_type token
page_name SignIn_Form
callback https://ims-na1.adobelogin.com/ims/adobeid/SunbreakWebUI1/AdobeID/token?redirect_uri=https%3A%2F%2Faccounts.adobe.com%2F%23from_ims%3Dtrue%26old_ha...
client_redirect https://ims-na1.adobelogin.com/ims/redirect/SunbreakWebUI1?client_redirect=https%3A%2F%2Faccounts.adobe.com%2F%23from_ims%3Dtrue%26old_hash%3D%26ap...
flow true
client_id SunbreakWebUI1
I have also tried converting to JSON and passing that without success.
Any help would be appreciated.
I've just figured this out. You were actually really close. Hope this helps:
$r = Invoke-WebRequest -Uri 'https://adobeid-na1.services.adobe.com/renga-idprovider/pages/login?callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FSunbreakWebUI1%2FAdobeID%2Ftoken%3Fredirect_uri%3Dhttps%253A%252F%252Faccounts.adobe.com%252F%2523from_ims%253Dtrue%2526old_hash%253D%2526api%253Dauthorize%2526reauth%253Dforce&client_id=SunbreakWebUI1&scope=AdobeID%2Copenid%2Csunbreak%2Cacct_mgmt_webui%2Cgnav%2Cadditional_info.account_type%2Csao.cce_private%2Ccreative_cloud%2Cread_countries_regions%2Cupdate_profile.password%2Cadditional_info.roles%2Cupdate_profile.optionalAgreements%2Cupdate_profile.change_password%2Cadditional_info.social%2Csocial.link%2Cunlink_social_account%2Creauthenticated&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2FSunbreakWebUI1%3Fredirect_uri%3Dhttps%253A%252F%252Faccounts.adobe.com%252F%2523from_ims%253Dtrue%2526old_hash%253D%2526api%253Dauthorize%2526reauth%253Dforce%26response_type%3Dtoken&display=web_v2&relay=e4a0063e-836e-4c51-8a39-4016d0f8ad8e&locale=en_US&flow_type=token&client_redirect=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fredirect%2FSunbreakWebUI1%3Fclient_redirect%3Dhttps%253A%252F%252Faccounts.adobe.com%252F%2523from_ims%253Dtrue%2526old_hash%253D%2526api%253Dauthorize%2526reauth%253Dforce&idp_flow_type=login&reauthenticate=force' -SessionVariable Adobe
$form = $r.Forms[0]
$form.Fields["adobeid_username"] = $username
$form.Fields["adobeid_password"] = $password
$r2 = Invoke-WebRequest -Uri "https://adobeid-na1.services.adobe.com/renga-idprovider/pages/login.do" -WebSession $Adobe -Method Post -Body $form.Fields
I can't get the following code to work. It appears to log in but then returns the login page with $response. I am guessing it has something to do with the postbacks? Any way to get around that? Thanks!
$login = Invoke-WebRequest -Uri 'http://www.sqlpass.org/UserLogin.aspx' -SessionVariable sqlpass
$login.Forms[0].Fields["txtUsername_14615"] = 'myuser'
$login.Forms[0].Fields["txtPassword_14615"] = 'mypass'
$response = Invoke-WebRequest -Uri 'http://www.sqlpass.org/UserLogin.aspx' -WebSession $sqlpass -Method POST -Body $login
There is an event target field that also needs to be set, also the POST needs a different URL, i tested the solution below and it works:
$login = Invoke-WebRequest -Uri 'http://www.sqlpass.org/UserLogin.aspx' -SessionVariable sqlpass
$form = $login.Forms[0]
$form.Fields["__EVENTTARGET"] = "UserLogin"
$form.Fields["txtUsername_14615"] = 'myuser'
$form.Fields["txtPassword_14615"] = 'mypass'
Invoke-WebRequest -Uri 'http://www.sqlpass.org/UserLogin.aspx?returnurl=%2fdefault.aspx' -WebSession $sqlpass -Method POST -Body $form.Fields
Note: Just as a side note, you can use Web Debugging proxies like Fiddler to debug issues like this, which is exactly what i did.