a little effort to display my attendence in terminal 🤏 this process includes understanding how pumis works with the help of proxies and recreating requests
⚠️ : this research is done only in authorised spaces of site. ( also iam 0 in aspx )
- so pumis made with asp.net (
Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.7.3930.0
) - and its performs SSR most of the the time so its hard to get raw data ( site always returns always xhtml )
- get cokkie ID
- generate view state value ( literally 5 kb encrypted value )
- use cookie-id (asp.net cookie) in header with
__VIEWSTATE
and below attributes in body encrypted as binary to login
-
-
$'__LASTFOCUS=&__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=F&__VIEWSTATEGENERATOR=C2EE9ABB&__VIEWSTATEENCRYPTED=&hfWidth=750&hfHeight=736&hfLoginMethod=&txtUsername=<urlencoded username>&txtPassword=<urlencoded password>&btnLogin=Login' \
-
- boom you do what ever you want with credentials you provide.
for view state
curl -i -s --compressed -k -X $'POST' \
-H $'Host: ums.paruluniversity.ac.in' \
-H $'Cache-Control: max-age=0' \
-H $'Sec-Ch-Ua: \"Chromium\";v=\"103\", \".Not/A)Brand\";v=\"99\"' \
-H $'Sec-Ch-Ua-Mobile: ?0' \
-H $'Sec-Ch-Ua-Platform: \"Windows\"' \
-H $'Upgrade-Insecure-Requests: 1' \
-H $'Origin: https://ums.paruluniversity.ac.in' \
-H $'Content-Type: application/x-www-form-urlencoded' \
-H $'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36' \
-H $'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' \
-H $'Sec-Fetch-Site: same-origin' \
-H $'Sec-Fetch-Mode: navigate' \
-H $'Sec-Fetch-User: ?1' \
-H $'Sec-Fetch-Dest: document' \
-H $'Referer: https://ums.paruluniversity.ac.in/' \
-H $'Accept-Encoding: gzip, deflate' \
-H $'Accept-Language: en-US,en;q=0.9' \
-H $'Connection: close' \
$'https://ums.paruluniversity.ac.in/Login.aspx'
for ASP cookie
ASPCOOKIE=$(curl -i -s -L -k --compressed -X $'GET' \
-H $'Host: ums.paruluniversity.ac.in' \
-H $'Cache-Control: max-age=0' \
-H $'Sec-Ch-Ua: \"Chromium\";v=\"103\", \".Not/A)Brand\";v=\"99\"' \
-H $'Sec-Ch-Ua-Mobile: ?0' -H $'Sec-Ch-Ua-Platform: \"Windows\"' \
-H $'Upgrade-Insecure-Requests: 1' \
-H $'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36' \
-H $'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' \
-H $'Sec-Fetch-Site: none' \
-H $'Sec-Fetch-Mode: navigate' \
-H $'Sec-Fetch-User: ?1' \
-H $'Sec-Fetch-Dest: document' \
-H $'Accept-Encoding: gzip, deflate' \
-H $'Accept-Language: en-US,en;q=0.9' \
-H $'Connection: close' \
$'https://ums.paruluniversity.ac.in/' | grep Cookie | head -n1 | grep "ASP.NET_SessionId" | cut -d ';' -f -1 | cut -d '=' -f 2)
for url encoding
function urlEncode() {
old_lc_collate=$LC_COLLATE
LC_COLLATE=C
local length="${#1}"
for (( i = 0; i < length; i++ )); do
local c="${1:$i:1}"
case $c in
[a-zA-Z0-9.~_-]) printf '%s' "$c" ;;
*) printf '%%%02X' "'$c" ;;
esac
done
LC_COLLATE=$old_lc_collate
}
req login with all the body attributes in a file called bin_data
curl -v -i -s --compressed -k -X $'POST' \
-H $'Host: ums.paruluniversity.ac.in' \
-H $'Cache-Control: max-age=0' \
-H $'Sec-Ch-Ua: \"Chromium\";v=\"103\", \".Not/A)Brand\";v=\"99\"' \
-H $'Sec-Ch-Ua-Mobile: ?0' \
-H $'Sec-Ch-Ua-Platform: \"Windows\"' \
-H $'Upgrade-Insecure-Requests: 1' \
-H $'Origin: https://ums.paruluniversity.ac.in' \
-H $'Content-Type: application/x-www-form-urlencoded' \
-H $'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36' \
-H $'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' \
-H $'Sec-Fetch-Site: same-origin' \
-H $'Sec-Fetch-Mode: navigate' \
-H $'Sec-Fetch-User: ?1' \
-H $'Sec-Fetch-Dest: document' \
-H $'Referer: https://ums.paruluniversity.ac.in/' \
-H $'Accept-Encoding: gzip, deflate' \
-H $'Accept-Language: en-US,en;q=0.9' \
-H $'Connection: close' \
-b $'ASP.NET_SessionId=$COOKIE' \
--data-binary @bin_data \
$'https://ums.paruluniversity.ac.in/Login.aspx'
req students dashboard
#!/bin/bash
curl -i -s -k -X $'GET' \
-H $'Host: ums.paruluniversity.ac.in' -H $'Cache-Control: max-age=0' -H $'Upgrade-Insecure-Requests: 1' -H $'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36' -H $'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' -H $'Sec-Fetch-Site: same-origin' -H $'Sec-Fetch-Mode: navigate' -H $'Sec-Fetch-User: ?1' -H $'Sec-Fetch-Dest: document' -H $'Sec-Ch-Ua: \"Chromium\";v=\"103\", \".Not/A)Brand\";v=\"99\"' -H $'Sec-Ch-Ua-Mobile: ?0' -H $'Sec-Ch-Ua-Platform: \"Windows\"' -H $'Referer: https://ums.paruluniversity.ac.in/' -H $'Accept-Encoding: gzip, deflate' -H $'Accept-Language: en-US,en;q=0.9' -H $'Connection: close' \
-b $'ASP.NET_SessionId=sxn1q2khezfetc1oidbwgzk2' \
$'https://ums.paruluniversity.ac.in/StudentPanel/StudentDashboard.aspx'