none
Cannot get authentication cookie from web server with Invoke-WebRequest RRS feed

  • Question

  • Hi,

    I'm trying to get the authentication cookie from a web site but It cannot be received.

    My script:

    $username = 'user'
    $password = 'pwd'
    $webResponse = Invoke-WebRequest -Uri 'http://website.example/' -SessionVariable webRequest -Method Get
    $form1 = $webResponse.Forms[0]
    $form1.Fields['txtLogin'] = $username
    $form1.Fields['txtPassword'] = $password
    
    ##Header
    $header = @{
    Host = 'website.example';
    'User-Agent' = 'Mozilla/5.0 (Windows NT 10.0; WOW64; rv:44.0) Gecko/20100101 Firefox/44.0';
    Accept = 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8';
    'Accept-Language' = 'en-US,en;q=0.5';
    'Accept-Encoding' = 'gzip, deflate';
    DNT = 1; 
    Referer = 'http://website.example/folder1/';
    Cookie = "ASP.NET_SessionId=$($webResponse.BaseResponse.Cookies[0].Value)"
    }
    
    $webResponse2 = Invoke-WebRequest -Uri 'http://website.example/Folder1/default.aspx' -Method Post -Body $form1.Fields -Headers $header
    
    $webResponse2.BaseResponse.Headers.GetValues('Set-Cookie')

    The previous script doesn't get the .ASPXAUTH cookie that is necessary for future web Request.

    Analyzing with Fiddler I can say that:

    1. When Client request http://website.example, It redirects to http://website.example/Folder1

    2. Then the web server sends to client Set-Cookie: ASP.NET_SessionId=xxxxxxxxx

    3. Now the client sends an HTTP POST to web Server with cookie ASP.NET_SessionId=xxxxxxxxx and the corresponding username and password Forms filled out.

    4. Then the web Server sends to client Set-Cookie: .ASPXAUTH=xxxxxxxxx

    5. Now the web client can navigate the web site with authentication, thanks to the cookies ASP.NET_SessionId and .ASPXAUTH

    The point is that powershell with Invoke-Request cannot received the .ASPXAUTH cookie.

    I tried with -WebSession $WebRequest too, but It cannot work.

    Could You help me why cannot get the .ASPXAUTH cookie?

    Thanks Guys.



    • Edited by JRLOPS Saturday, February 20, 2016 8:15 PM Orthography
    Saturday, February 20, 2016 8:08 PM

Answers

  • Analyzing with Fiddler

    I can note that the POST Data like authentication forms is send in the HTTP Message Body, according to this now I can get and save all the cookies send by the web server.

    The final script:

    #Set HTTP Header for Web Request 1
    $h1 = @{
    Host= 'website.example'
    'User-Agent'= 'Mozilla/5.0 (Windows NT 10.0; WOW64; rv:44.0) Gecko/20100101 Firefox/44.0'
    Accept= 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'
    'Accept-Language'= 'en-US,en;q=0.5'
    'Accept-Encoding'= 'gzip, deflate'
    DNT= 1
    }
    
    #Do the Web Request 1 with Headers
    $wr1 = Invoke-WebRequest -Uri 'http://website.example/Folder1/' -Method Get -Headers $h1
    
    #Show the cookie for Web Response 1
    $wr1.BaseResponse.Cookies
    
    #Set the HTTP Header for Web Request 2 with the cookie obtained in the first Web Request
    $h2 = @{
    Host= 'website.example'
    'User-Agent'= 'Mozilla/5.0 (Windows NT 10.0; WOW64; rv:44.0) Gecko/20100101 Firefox/44.0'
    Accept= 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'
    'Accept-Language'= 'en-US,en;q=0.5'
    'Accept-Encoding'= 'gzip, deflate'
    DNT= 1
    Referer = 'http://website.example/Folder1/'
    Cookie= "ASP.NET_SessionId=$($$wr1.BaseResponse.Cookies[0].Value)"
    'Content-Type' = 'application/x-www-form-urlencoded'
    'Content-Length'= 3394
    }
    
    #Set the HTTP Message Body with the POST Data
    $b1 = "__LASTFOCUS=&RadScriptManager1_TSM=%3B%3BSystem.Web.Extensions%2C+Version%3D4.0.0.0%2C+Culture%3Dneutral%2C+PublicKeyToken%3D31bf3856ad364e35%3Aen-US%3Af319b152-218f-4c14-829d-050a68bb1a61%3Aea597d4b%3Ab25378d2%3BTelerik.Web.UI%2C+Version%3D2013.2.611.40%2C+Culture%3Dneutral%2C+PublicKeyToken%3D121fae78165ba3d4%3Aen-US%3A8a277cf4-155d-4ba9-b3c0-d6f62646e5f2%3A16e4e7cd%3Ab7778d6c%3Af7645509%3A24ee1bba%3A7165f74&__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUJMzczMTIzNzA5D2QWAgIDD2QWCAIEDxQrAAgPFgQeF0VuYWJsZUFqYXhTa2luUmVuZGVyaW5naB4NTGFiZWxDc3NDbGFzcwUHcmlMYWJlbGQWCB4FV2lkdGgbAAAAAAAAWUAHAAAAHgpSZXNpemVNb2RlCylyVGVsZXJpay5XZWIuVUkuUmVzaXplTW9kZSwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMy4yLjYxMS40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0AB4IQ3NzQ2xhc3MFEXJpVGV4dEJveCByaUhvdmVyHgRfIVNCAoICFggfAhsAAAAAAABZQAcAAAAfAwsrBAAfEIRTRcmlUZXh0Qm94IHJpRXJyb3IfBQKCAhYIHwIbAAAAAAAAWUAHAAAAHwMLKwQAHwQFE3JpVGV4dEJveCByaUZvY3VzZWQfBQKCAhYIHwMLKwQAHwIbAAAAAAAAWUAHAAAAHwQFE3JpVGV4dEJveCByaUVuYWJsZWQfBQKCAhYIHwIbAAAAAAAAWUAHAAAAHwMLKwQAHwQFFHJpVGV4dEJveCByaURpc2FibGVkHwUCggIWCB8CGwAAAAAAAFlABwAAAB8DCysEAB8EBRFyaVRleHRCb3ggcmlFbXB0eR8FAoICFggfAhsAAAAAAABZQAcAAAAfAwsrBAAfBAUQcmlUZXh0Qm94IHJpUmVhZB8FAoICZAIGDxQrAAgPFgQfAGgfAQUHcmlMYWJlbGQWCB8CGwAAAAAAAFlABwAAAB8DCysEAB8EBRFyaVRleHRCb3ggcmlIb3Zlch8FAoICFggfAhsAAAAAAABZQAcAAAAfAwsrBAAfBAURcmlUZXh0Qm94IHJpRXJyb3IfBQKCAhYIHwIbAAAAAAAAWUAHAAAAHwMLKwQAHwQFE3JpVGV4dEJveCByaUZvY3VzZWQfBQKCAhYIHwMLKwQAHwIbAAAAAAAAWUAHAAAAHwQFE3JpVGV4dEJveCByaUVuYWJsZWQfBQKCAhYIHwIbAAAAAAAAWUAHAAAAHwMLKwQAHwQFFHJpVGV4dEJveCByaURpc2FibGVkHwUCggIWCB8CGwAAAAAAAFlABwAAAB8DCysEAB8EBRFyaVRleHRCb3ggcmlFbXB0eR8FAoICFggfAhsAAAAAAABZQAcAAAAfAwsrBAAfBAUQcmlUZXh0Qm94IHJpUmVhZB8FAoICZAIHDxQrAAgPFgQfAGgfAQUHcmlMYWJlbGQWCB8CGwAAAAAAAFlABwAAAB8DCysEAB8EBRFyaVRleHRCb3ggcmlIb3Zlch8FAoICFggfAhsAAAAAAABZQAcAAAAfAwsrBAAfBAURcmlUZXh0Qm94IHJpRXJyb3IfBQKCAhYIHwIbAAAAAAAAWUAHAAAAHwMLKwQAHwQFE3JpVGV4dEJveCByaUZvY3VzZWQfBQKCAhYIHwMLKwQAHwIbAAAAAAAAWUAHAAAAHwQFE3JpVGV4dEJveCByaUVuYWJsZWQfBQKCAhYIHwIbAAAAAAAAWUAHAAAAHwMLKwQAHwQFFHJpVGV4dEJveCByaURpc2FibGVkHwUCggIWCB8CGwAAAAAAAFlABwAAAB8DCysEAB8EBRFyaVRleHRCb3ggcmlFbXB0eR8FAoICFggfAhsAAAAAAABZQAcAAAAfAwsrBAAfBAUQcmlUZXh0Qm94IHJpUmVhZB8FAoICZAIJDzwrAAQBAA8WAh8AaGRkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQxCdG5JbmlTZXNpb26K7x5TuqnzZcoA2dTNjPkPAcbc4oF3cpRU1ja0DFiw2g%3D%3D&__VIEWSTATEGENERATOR=57B5DCDF&__EVENTVALIDATION=%2FwEdAAZiRHII6jDu%2BnNnVnetG5HSxcn6oIDdbNQI5AQUIIyv4mcbaGMn7GvSCeZGIknzALx2NvjHOkq5wKoqN6Aim8WGZOwn5Xab00NfnBgdshcQm00M%2BbtETDAuJdiyXtqT5%2B9drOyLEePjM8wYMqyq7q6Wk5wHg%2FXM%2Fml8pCJs8ZGLhw%3D%3D&txtLogin=username&txtLogin_ClientState=%7B%22enabled%22%3Atrue%2C%22emptyMessage%22%3A%22User+Name%22%2C%22validationText%22%3A%22username%22%2C%22valueAsString%22%3A%22username%22%2C%22lastSetTextBoxValue%22%3A%22username%22%7D&txtPassMask=Contrase%C3%B1a&txtPassMask_ClientState=%7B%22enabled%22%3Atrue%2C%22emptyMessage%22%3A%22Contrase%C3%B1a%22%2C%22validationText%22%3A%22%22%2C%22valueAsString%22%3A%22%22%2C%22lastSetTextBoxValue%22%3A%22Contrase%C3%B1a%22%7D&txtPassword=pwd&txtPassword_ClientState=%7B%22enabled%22%3Atrue%2C%22emptyMessage%22%3A%22%22%2C%22validationText%22%3A%22Icbf2015%22%2C%22valueAsString%22%3A%22Icbf2015%22%2C%22lastSetTextBoxValue%22%3A%22Icbf2015%22%7D&BtnIniSesion=Iniciar+sesi%C3%B3n&BtnIniSesion_ClientState="
    
    #Do the Web request 2 with Header 2 and HTTP Message Body with POST Data
    $wr2 = Invoke-WebRequest -Uri 'http://website.example/Folder1/' -Method Post -Headers $h2 -Body $b1 -SessionVariable session
    
    #Show all the cookies for the Web Request
    $session.Cookies.GetCookies('http://website.example/Folder1/')

    Conclusion:

    1. To capture HTTP POST Data encoding use Fiddler or any Application that capture HTTP Traffic like Microsoft Network Monitor.

    2. Save the Web Session in a variable for future web request; It let you stay Logged In because all the HTTP Headers will be stored in that variable.

    3. Ensure that in the HTTP Header for the request where you are sending the POST Data (Username and Authentication Forms) contains the following properties:
    'Content-Type' = 'application/x-www-form-urlencoded'
    'Content-Length'= 3394
    Where Content-Length value is the absolute number of characters that cotains the POST Data.


    • Marked as answer by JRLOPS Saturday, February 20, 2016 10:54 PM
    • Edited by JRLOPS Sunday, February 21, 2016 12:23 AM Spelling
    Saturday, February 20, 2016 10:54 PM

All replies

  • Analyzing with Fiddler

    I can note that the POST Data like authentication forms is send in the HTTP Message Body, according to this now I can get and save all the cookies send by the web server.

    The final script:

    #Set HTTP Header for Web Request 1
    $h1 = @{
    Host= 'website.example'
    'User-Agent'= 'Mozilla/5.0 (Windows NT 10.0; WOW64; rv:44.0) Gecko/20100101 Firefox/44.0'
    Accept= 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'
    'Accept-Language'= 'en-US,en;q=0.5'
    'Accept-Encoding'= 'gzip, deflate'
    DNT= 1
    }
    
    #Do the Web Request 1 with Headers
    $wr1 = Invoke-WebRequest -Uri 'http://website.example/Folder1/' -Method Get -Headers $h1
    
    #Show the cookie for Web Response 1
    $wr1.BaseResponse.Cookies
    
    #Set the HTTP Header for Web Request 2 with the cookie obtained in the first Web Request
    $h2 = @{
    Host= 'website.example'
    'User-Agent'= 'Mozilla/5.0 (Windows NT 10.0; WOW64; rv:44.0) Gecko/20100101 Firefox/44.0'
    Accept= 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'
    'Accept-Language'= 'en-US,en;q=0.5'
    'Accept-Encoding'= 'gzip, deflate'
    DNT= 1
    Referer = 'http://website.example/Folder1/'
    Cookie= "ASP.NET_SessionId=$($$wr1.BaseResponse.Cookies[0].Value)"
    'Content-Type' = 'application/x-www-form-urlencoded'
    'Content-Length'= 3394
    }
    
    #Set the HTTP Message Body with the POST Data
    $b1 = "__LASTFOCUS=&RadScriptManager1_TSM=%3B%3BSystem.Web.Extensions%2C+Version%3D4.0.0.0%2C+Culture%3Dneutral%2C+PublicKeyToken%3D31bf3856ad364e35%3Aen-US%3Af319b152-218f-4c14-829d-050a68bb1a61%3Aea597d4b%3Ab25378d2%3BTelerik.Web.UI%2C+Version%3D2013.2.611.40%2C+Culture%3Dneutral%2C+PublicKeyToken%3D121fae78165ba3d4%3Aen-US%3A8a277cf4-155d-4ba9-b3c0-d6f62646e5f2%3A16e4e7cd%3Ab7778d6c%3Af7645509%3A24ee1bba%3A7165f74&__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUJMzczMTIzNzA5D2QWAgIDD2QWCAIEDxQrAAgPFgQeF0VuYWJsZUFqYXhTa2luUmVuZGVyaW5naB4NTGFiZWxDc3NDbGFzcwUHcmlMYWJlbGQWCB4FV2lkdGgbAAAAAAAAWUAHAAAAHgpSZXNpemVNb2RlCylyVGVsZXJpay5XZWIuVUkuUmVzaXplTW9kZSwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMy4yLjYxMS40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0AB4IQ3NzQ2xhc3MFEXJpVGV4dEJveCByaUhvdmVyHgRfIVNCAoICFggfAhsAAAAAAABZQAcAAAAfAwsrBAAfEIRTRcmlUZXh0Qm94IHJpRXJyb3IfBQKCAhYIHwIbAAAAAAAAWUAHAAAAHwMLKwQAHwQFE3JpVGV4dEJveCByaUZvY3VzZWQfBQKCAhYIHwMLKwQAHwIbAAAAAAAAWUAHAAAAHwQFE3JpVGV4dEJveCByaUVuYWJsZWQfBQKCAhYIHwIbAAAAAAAAWUAHAAAAHwMLKwQAHwQFFHJpVGV4dEJveCByaURpc2FibGVkHwUCggIWCB8CGwAAAAAAAFlABwAAAB8DCysEAB8EBRFyaVRleHRCb3ggcmlFbXB0eR8FAoICFggfAhsAAAAAAABZQAcAAAAfAwsrBAAfBAUQcmlUZXh0Qm94IHJpUmVhZB8FAoICZAIGDxQrAAgPFgQfAGgfAQUHcmlMYWJlbGQWCB8CGwAAAAAAAFlABwAAAB8DCysEAB8EBRFyaVRleHRCb3ggcmlIb3Zlch8FAoICFggfAhsAAAAAAABZQAcAAAAfAwsrBAAfBAURcmlUZXh0Qm94IHJpRXJyb3IfBQKCAhYIHwIbAAAAAAAAWUAHAAAAHwMLKwQAHwQFE3JpVGV4dEJveCByaUZvY3VzZWQfBQKCAhYIHwMLKwQAHwIbAAAAAAAAWUAHAAAAHwQFE3JpVGV4dEJveCByaUVuYWJsZWQfBQKCAhYIHwIbAAAAAAAAWUAHAAAAHwMLKwQAHwQFFHJpVGV4dEJveCByaURpc2FibGVkHwUCggIWCB8CGwAAAAAAAFlABwAAAB8DCysEAB8EBRFyaVRleHRCb3ggcmlFbXB0eR8FAoICFggfAhsAAAAAAABZQAcAAAAfAwsrBAAfBAUQcmlUZXh0Qm94IHJpUmVhZB8FAoICZAIHDxQrAAgPFgQfAGgfAQUHcmlMYWJlbGQWCB8CGwAAAAAAAFlABwAAAB8DCysEAB8EBRFyaVRleHRCb3ggcmlIb3Zlch8FAoICFggfAhsAAAAAAABZQAcAAAAfAwsrBAAfBAURcmlUZXh0Qm94IHJpRXJyb3IfBQKCAhYIHwIbAAAAAAAAWUAHAAAAHwMLKwQAHwQFE3JpVGV4dEJveCByaUZvY3VzZWQfBQKCAhYIHwMLKwQAHwIbAAAAAAAAWUAHAAAAHwQFE3JpVGV4dEJveCByaUVuYWJsZWQfBQKCAhYIHwIbAAAAAAAAWUAHAAAAHwMLKwQAHwQFFHJpVGV4dEJveCByaURpc2FibGVkHwUCggIWCB8CGwAAAAAAAFlABwAAAB8DCysEAB8EBRFyaVRleHRCb3ggcmlFbXB0eR8FAoICFggfAhsAAAAAAABZQAcAAAAfAwsrBAAfBAUQcmlUZXh0Qm94IHJpUmVhZB8FAoICZAIJDzwrAAQBAA8WAh8AaGRkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYBBQxCdG5JbmlTZXNpb26K7x5TuqnzZcoA2dTNjPkPAcbc4oF3cpRU1ja0DFiw2g%3D%3D&__VIEWSTATEGENERATOR=57B5DCDF&__EVENTVALIDATION=%2FwEdAAZiRHII6jDu%2BnNnVnetG5HSxcn6oIDdbNQI5AQUIIyv4mcbaGMn7GvSCeZGIknzALx2NvjHOkq5wKoqN6Aim8WGZOwn5Xab00NfnBgdshcQm00M%2BbtETDAuJdiyXtqT5%2B9drOyLEePjM8wYMqyq7q6Wk5wHg%2FXM%2Fml8pCJs8ZGLhw%3D%3D&txtLogin=username&txtLogin_ClientState=%7B%22enabled%22%3Atrue%2C%22emptyMessage%22%3A%22User+Name%22%2C%22validationText%22%3A%22username%22%2C%22valueAsString%22%3A%22username%22%2C%22lastSetTextBoxValue%22%3A%22username%22%7D&txtPassMask=Contrase%C3%B1a&txtPassMask_ClientState=%7B%22enabled%22%3Atrue%2C%22emptyMessage%22%3A%22Contrase%C3%B1a%22%2C%22validationText%22%3A%22%22%2C%22valueAsString%22%3A%22%22%2C%22lastSetTextBoxValue%22%3A%22Contrase%C3%B1a%22%7D&txtPassword=pwd&txtPassword_ClientState=%7B%22enabled%22%3Atrue%2C%22emptyMessage%22%3A%22%22%2C%22validationText%22%3A%22Icbf2015%22%2C%22valueAsString%22%3A%22Icbf2015%22%2C%22lastSetTextBoxValue%22%3A%22Icbf2015%22%7D&BtnIniSesion=Iniciar+sesi%C3%B3n&BtnIniSesion_ClientState="
    
    #Do the Web request 2 with Header 2 and HTTP Message Body with POST Data
    $wr2 = Invoke-WebRequest -Uri 'http://website.example/Folder1/' -Method Post -Headers $h2 -Body $b1 -SessionVariable session
    
    #Show all the cookies for the Web Request
    $session.Cookies.GetCookies('http://website.example/Folder1/')

    Conclusion:

    1. To capture HTTP POST Data encoding use Fiddler or any Application that capture HTTP Traffic like Microsoft Network Monitor.

    2. Save the Web Session in a variable for future web request; It let you stay Logged In because all the HTTP Headers will be stored in that variable.

    3. Ensure that in the HTTP Header for the request where you are sending the POST Data (Username and Authentication Forms) contains the following properties:
    'Content-Type' = 'application/x-www-form-urlencoded'
    'Content-Length'= 3394
    Where Content-Length value is the absolute number of characters that cotains the POST Data.


    • Marked as answer by JRLOPS Saturday, February 20, 2016 10:54 PM
    • Edited by JRLOPS Sunday, February 21, 2016 12:23 AM Spelling
    Saturday, February 20, 2016 10:54 PM
  • Javier,

    Good information - thanks.


    \_(ツ)_/

    Saturday, February 20, 2016 11:21 PM