469,282 Members | 1,953 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,282 developers. It's quick & easy.

Logging into a site that uses Live.com authentication with C#

1
I've been trying to automate a log in to a website I frequent, www.bungie.net. The site is associated with Microsoft and Xbox Live, and as such makes uses of the Windows Live ID API when people log in to their site.

I am relatively new to creating web spiders/robots, and I worry that I'm misunderstanding some of the most basic concepts. I've simulated logins to other sites such as Facebook and Gmail, but live.com has given me nothing but trouble.

Anyways, I've been using Wireshark and the Firefox addon Tamper Data to try and figure out what I need to post, and what cookies I need to include with my requests. As far as I know these are the steps one must follow to log in to this site.

1. Visit https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1268167141&rve r=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fwww.bungie.n et%2FDefault.aspx&id=42917

2. Recieve the cookies MSPRequ and MSPOK.

3. Post the values from the form ID "PPSX", the values from the form ID "PPFT", your username, your password all to a changing URL similar to: https://login.live.com/ppsecure/post.srf?wa=wsignin1.0&rpsnv=11&ct= (there are a few numbers that change at the end of that URL)

4. Live.com returns the user a page with more hidden forms to post. The client then posts the values from the form "ANON", the value from the form "ANONExp" and the values from the form "t" to the URL: http://www.bungie.net/Default.aspx?wa=wsignin1.0

5. After posting that data, the user is returned a variety of cookies the most important of which is "BNGAuth" which is the log in cookie for the site.

Where I am having trouble is on fifth step, but that doesn't neccesarily mean I've done all the other steps correctly. I post the data from "ANON", "ANONExp" and "t" but instead of being returned a BNGAuth cookie, I'm returned a cookie named "RSPMaybe" and redirected to the home page.

When I review the Wireshark log, I noticed something that instantly stood out to me as different between the log when I logged in with Firefox and when my program ran. It could be nothing but I'll include the picture here for you to review. I'm being returned an HTTP packet from the site before I post the data in the fourth step. I'm not sure how this is happening, but it must be a side effect from something I'm doing wrong in the HTTPS steps.

http://img391.imageshack.us/img391/6049/31394881.gif

Expand|Select|Wrap|Line Numbers
  1. namespace SpiderFromScratch { class Program {
  2. static void Main(string[] args) { CookieContainer cookies = new CookieContainer(); Uri url = new Uri("https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1268167141&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fwww.bungie.net%2FDefault.aspx&id=42917"); HttpWebRequest http = (HttpWebRequest)HttpWebRequest.Create(url);
  3.  
  4.         http.Timeout = 30000; 
  5.         http.UserAgent = "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8 (.NET CLR 3.5.30729)"; 
  6.         http.Accept = "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"; 
  7.         http.Headers.Add("Accept-Language", "en-us,en;q=0.5"); 
  8.         http.Headers.Add("Accept-Charset", "ISO-8859-1,utf-8;q=0.7,*;q=0.7"); 
  9.         http.Headers.Add("Keep-Alive", "300"); 
  10.         http.Referer = "http://www.bungie.net/"; 
  11.         http.ContentType = "application/x-www-form-urlencoded"; 
  12.         http.CookieContainer = new CookieContainer(); 
  13.         http.Method = WebRequestMethods.Http.Get; 
  14.  
  15.         HttpWebResponse response = (HttpWebResponse)http.GetResponse(); 
  16.         StreamReader readStream = new StreamReader(response.GetResponseStream()); 
  17.         string HTML = readStream.ReadToEnd(); 
  18.         readStream.Close(); 
  19.  
  20.         //gets the cookies (they are set in the eighth header) 
  21.         string[] strCookies = response.Headers.GetValues(8); 
  22.         response.Close(); 
  23.  
  24.         string name, value; 
  25.         Cookie manualCookie; 
  26.         for (int i = 0; i < strCookies.Length; i++) 
  27.         { 
  28.             name = strCookies[i].Substring(0, strCookies[i].IndexOf("=")); 
  29.             value = strCookies[i].Substring(strCookies[i].IndexOf("=") + 1, strCookies[i].IndexOf(";") - strCookies[i].IndexOf("=") - 1); 
  30.             manualCookie = new Cookie(name, "\"" + value + "\""); 
  31.  
  32.             Uri manualURL = new Uri("http://login.live.com"); 
  33.             http.CookieContainer.Add(manualURL, manualCookie); 
  34.         } 
  35.  
  36.  
  37.         //stores the cookies to be used later 
  38.         cookies = http.CookieContainer; 
  39.  
  40.         //Get the PPSX value 
  41.         string PPSX = HTML.Remove(0, HTML.IndexOf("PPSX")); 
  42.         PPSX = PPSX.Remove(0, PPSX.IndexOf("value") + 7); 
  43.         PPSX = PPSX.Substring(0, PPSX.IndexOf("\"")); 
  44.  
  45.         //Get this random PPFT value 
  46.         string PPFT = HTML.Remove(0, HTML.IndexOf("PPFT")); 
  47.         PPFT = PPFT.Remove(0, PPFT.IndexOf("value") + 7); 
  48.         PPFT = PPFT.Substring(0, PPFT.IndexOf("\"")); 
  49.  
  50.         //Get the random URL you POST to 
  51.         string POSTURL = HTML.Remove(0, HTML.IndexOf("https://login.live.com/ppsecure/post.srf?wa=wsignin1.0&rpsnv=11&ct=")); 
  52.         POSTURL = POSTURL.Substring(0, POSTURL.IndexOf("\"")); 
  53.  
  54.  
  55.         //POST with cookies 
  56.         http = (HttpWebRequest)HttpWebRequest.Create(POSTURL); 
  57.  
  58.         http.UserAgent = "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8 (.NET CLR 3.5.30729)"; 
  59.         http.Accept = "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"; 
  60.         http.Headers.Add("Accept-Language", "en-us,en;q=0.5"); 
  61.         http.Headers.Add("Accept-Charset", "ISO-8859-1,utf-8;q=0.7,*;q=0.7"); 
  62.         http.Headers.Add("Keep-Alive", "300"); 
  63.         http.CookieContainer = cookies; 
  64.         http.Referer = "https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1268158321&rver=5.5.4177.0&wp=LBI&wreply=http:%2F%2Fwww.bungie.net%2FDefault.aspx&id=42917"; 
  65.         http.ContentType = "application/x-www-form-urlencoded"; 
  66.         http.Method = WebRequestMethods.Http.Post; 
  67.  
  68.         Stream ostream = http.GetRequestStream(); 
  69.  
  70.         //used to convert strings into bytes 
  71.         System.Text.ASCIIEncoding encoding = new System.Text.ASCIIEncoding(); 
  72.  
  73.         //Post information 
  74.         byte[] buffer = encoding.GetBytes("PPSX=" + PPSX +"&PwdPad=IfYouAreReadingThisYouHaveTooMuc&login=YOUREMAILGOESHERE&passwd=YOURWORDGOESHERE" + 
  75.         "&LoginOptions=2&PPFT=" + PPFT); 
  76.         ostream.Write(buffer, 0, buffer.Length); 
  77.         ostream.Close(); 
  78.  
  79.         HttpWebResponse response2 = (HttpWebResponse)http.GetResponse(); 
  80.         readStream = new StreamReader(response2.GetResponseStream()); 
  81.         HTML = readStream.ReadToEnd(); 
  82.  
  83.         response2.Close(); 
  84.         ostream.Dispose(); 
  85.         foreach (Cookie cookie in response2.Cookies) 
  86.         { 
  87.             Console.WriteLine(cookie.Name + ": "); 
  88.             Console.WriteLine(cookie.Value); 
  89.             Console.WriteLine(cookie.Expires); 
  90.             Console.WriteLine(); 
  91.         } 
  92.  
  93.         //SET POSTURL value 
  94.         string POSTANON = "http://www.bungie.net/Default.aspx?wa=wsignin1.0"; 
  95.  
  96.         //Get the ANON value 
  97.         string ANON = HTML.Remove(0, HTML.IndexOf("ANON")); 
  98.         ANON = ANON.Remove(0, ANON.IndexOf("value") + 7); 
  99.         ANON = ANON.Substring(0, ANON.IndexOf("\"")); 
  100.         ANON = HttpUtility.UrlEncode(ANON); 
  101.  
  102.         //Get the ANONExp value 
  103.         string ANONExp = HTML.Remove(0, HTML.IndexOf("ANONExp")); 
  104.         ANONExp = ANONExp.Remove(0, ANONExp.IndexOf("value") + 7); 
  105.         ANONExp = ANONExp.Substring(0, ANONExp.IndexOf("\"")); 
  106.         ANONExp = HttpUtility.UrlEncode(ANONExp); 
  107.  
  108.         //Get the t value 
  109.         string t = HTML.Remove(0, HTML.IndexOf("id=\"t\"")); 
  110.         t = t.Remove(0, t.IndexOf("value") + 7); 
  111.         t = t.Substring(0, t.IndexOf("\"")); 
  112.         t = HttpUtility.UrlEncode(t); 
  113.  
  114.         //POST the Info and Accept the Bungie Cookies 
  115.         http = (HttpWebRequest)HttpWebRequest.Create(POSTANON); 
  116.  
  117.         http.UserAgent = "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.8) Gecko/20100202 Firefox/3.5.8 (.NET CLR 3.5.30729)"; 
  118.         http.Accept = "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"; 
  119.         http.Headers.Add("Accept-Language", "en-us,en;q=0.5"); 
  120.         http.Headers.Add("Accept-Encoding", "gzip,deflate"); 
  121.         http.Headers.Add("Accept-Charset", "ISO-8859-1,utf-8;q=0.7,*;q=0.7"); 
  122.         http.Headers.Add("Keep-Alive", "115"); 
  123.         http.CookieContainer = new CookieContainer(); 
  124.         http.ContentType = "application/x-www-form-urlencoded"; 
  125.         http.Method = WebRequestMethods.Http.Post; 
  126.  
  127.         http.Expect = null; 
  128.  
  129.         ostream = http.GetRequestStream(); 
  130.         int test = ANON.Length; 
  131.         int test1 = ANONExp.Length; 
  132.         int test2 = t.Length; 
  133.         buffer = encoding.GetBytes("ANON=" + ANON +"&ANONExp=" + ANONExp + "&t=" + t); 
  134.         ostream.Write(buffer, 0, buffer.Length); 
  135.         ostream.Close(); 
  136.  
  137.         //Here lies the problem, I am not returned the correct cookies. 
  138.         HttpWebResponse response3 = (HttpWebResponse)http.GetResponse(); 
  139.         GZipStream gzip = new GZipStream(response3.GetResponseStream(), CompressionMode.Decompress); 
  140.         readStream = new StreamReader(gzip); 
  141.         HTML = readStream.ReadToEnd(); 
  142.  
  143.         //gets both cookies 
  144.         string[] strCookies2 = response3.Headers.GetValues(11); 
  145.  
  146.         response3.Close(); 
  147.     } 
  148. }
  149.  
Mar 24 '10 #1
0 4234

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

1 post views Thread by j vickroy | last post: by
10 posts views Thread by Thomas Heller | last post: by
5 posts views Thread by Michelle Stone | last post: by
3 posts views Thread by Phils | last post: by
3 posts views Thread by james.p.news | last post: by
reply views Thread by zhoujie | last post: by
reply views Thread by suresh191 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.