I am trying to extract some information from a page that requires authentication (I have to reverse engineer this thing). However, the problem is with the way the authentication is done. I'm trying to use LWP::Simple (which I am beginning to suspect I cannot do for this) so I first do a "GET" on the login page. Looking at the javascript used for submitting the authentication, it appears a data string is included in a hidden field which is used by a javascript to hash the authentication information. My first problem is to extract that data string. Here is the HTML segment that I believe is relevent. 
<!--@UNIQUE:bodystart@-->
<form name="postform" method="get" action="/post_login.cgi">
<input type="hidden" name="data" />
</form>
<!--@ENDUNIQUE@-->

[download]
I don't see the data string in there but the javascript uses it to apparently get the hash string (looks like some server side stuff is going on as well). Although there is an action with this form I don't believe anything gets sent to the server as only 1 page is displayed (the login page) and then submited via a button. 
<form name="myform" action="/dummy" onsubmit="sendLogin(); return fals
+e;">
   .
   .
   .
<input class="button_submit_padleft" type="button" name="Login" value=
+"Log In" onclick="sendLogin();" />

[download]
Here is the 'onClick' javascript that submits the login from the form. 
function sendLogin()
{
        // If the 'data' variable is not defined then there was probab
+ly some
        // problem with loading the page. The best guess is that the u
+ser's network
        // connection has gone down. Inform the user and try to reload
+ the page.
        if (typeof(data) == "undefined") {
                alert ("The network connection seems to be down. Press
+ 'Ok' to try again.");
                location.reload(true);
                return;
        }

        var a = new Array;

        // Compute the login hash.
        var shex = byteArrayToHexString(convertFromBase64(data),0,4);
        var goodp = document.myform.Password.value.substr(0,16);
        document.myform.Password.value = "";            // Make sure p
+assword never gets sent as clear text
        for (var i = goodp.length; i < 16; i++) {
                goodp = goodp.concat(String.fromCharCode(1));
        }
        var str = shex + goodp;
        // Pad the string to 64 bytes.
        for (var i = str.length; i < 63; i++) {
                str = str.concat(String.fromCharCode(1));
        }
        str = str.concat((document.myform.username.value == 'user') ? 
+'U' : String.fromCharCode(1));
        var hash = hex_md5(str);
        var saltHash = shex.concat(hash);
        a = convertHexString(saltHash, 20, 20);

        // Send the new configuration to the server
        sendDataToServer ("post_login.cgi?data=" + convertToBase64(a),
+loginReturnValue)
}

[download]
What I don't know how to do, at this point anyway, is to get that data string so I can build the correct hash for authentidation when I issue a "POST". I may well be missing something in the HTML code but I'm not sure where to go from here. Can someone help me with this LWP code? Thanks.

In reply to Using LWP to automate a login by gw1500se

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.