SaicharanKandukuri/pumis_res_req.md

## pumis_res_req.md

      
    Raw
  

              pumis_res_req.md
            
          
    Pumis research notes


a little effort to display my attendence in terminal 🤏
this process includes understanding how pumis works with the help of proxies and recreating requests


⚠️: this research is done only in authorised spaces of site. ( also iam 0 in aspx )


so pumis made with asp.net (Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.7.3930.0)
and its performs SSR most of the the time so its hard to get raw data ( site always returns always xhtml )

Login mechanism


get cokkie ID
generate view state value ( literally 5 kb encrypted value )
use cookie-id (asp.net cookie) in header with __VIEWSTATE and below attributes in body encrypted as binary to login


    $'__LASTFOCUS=&__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=F&__VIEWSTATEGENERATOR=C2EE9ABB&__VIEWSTATEENCRYPTED=&hfWidth=750&hfHeight=736&hfLoginMethod=&txtUsername=<urlencoded username>&txtPassword=<urlencoded password>&btnLogin=Login' \


boom you do what ever you want with credentials you provide.

Code

for view state
curl -i -s --compressed -k -X $'POST' \
    -H $'Host: ums.paruluniversity.ac.in' \
    -H $'Cache-Control: max-age=0' \
    -H $'Sec-Ch-Ua: \"Chromium\";v=\"103\", \".Not/A)Brand\";v=\"99\"' \
    -H $'Sec-Ch-Ua-Mobile: ?0' \
    -H $'Sec-Ch-Ua-Platform: \"Windows\"' \
    -H $'Upgrade-Insecure-Requests: 1' \
    -H $'Origin: https://ums.paruluniversity.ac.in' \
    -H $'Content-Type: application/x-www-form-urlencoded' \
    -H $'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36' \
    -H $'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' \
    -H $'Sec-Fetch-Site: same-origin' \
    -H $'Sec-Fetch-Mode: navigate' \
    -H $'Sec-Fetch-User: ?1' \
    -H $'Sec-Fetch-Dest: document' \
    -H $'Referer: https://ums.paruluniversity.ac.in/' \
    -H $'Accept-Encoding: gzip, deflate' \
    -H $'Accept-Language: en-US,en;q=0.9' \
    -H $'Connection: close' \
    $'https://ums.paruluniversity.ac.in/Login.aspx'
for ASP cookie
ASPCOOKIE=$(curl -i -s -L -k --compressed -X $'GET' \
    -H $'Host: ums.paruluniversity.ac.in' \
    -H $'Cache-Control: max-age=0' \
    -H $'Sec-Ch-Ua: \"Chromium\";v=\"103\", \".Not/A)Brand\";v=\"99\"' \
    -H $'Sec-Ch-Ua-Mobile: ?0' -H $'Sec-Ch-Ua-Platform: \"Windows\"' \
    -H $'Upgrade-Insecure-Requests: 1' \
    -H $'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36' \
    -H $'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' \
    -H $'Sec-Fetch-Site: none' \
    -H $'Sec-Fetch-Mode: navigate' \
    -H $'Sec-Fetch-User: ?1' \
    -H $'Sec-Fetch-Dest: document' \
    -H $'Accept-Encoding: gzip, deflate' \
    -H $'Accept-Language: en-US,en;q=0.9' \
    -H $'Connection: close' \
    $'https://ums.paruluniversity.ac.in/' | grep Cookie | head -n1 | grep "ASP.NET_SessionId" | cut -d ';' -f -1 | cut -d '=' -f 2)
for url encoding
function urlEncode() {
    old_lc_collate=$LC_COLLATE
    LC_COLLATE=C

    local length="${#1}"
    for (( i = 0; i < length; i++ )); do
        local c="${1:$i:1}"
        case $c in
            [a-zA-Z0-9.~_-]) printf '%s' "$c" ;;
            *) printf '%%%02X' "'$c" ;;
        esac
    done

    LC_COLLATE=$old_lc_collate
}
req login with all the body attributes in a file called bin_data
curl -v -i -s --compressed -k -X $'POST' \
    -H $'Host: ums.paruluniversity.ac.in' \
    -H $'Cache-Control: max-age=0' \
    -H $'Sec-Ch-Ua: \"Chromium\";v=\"103\", \".Not/A)Brand\";v=\"99\"' \
    -H $'Sec-Ch-Ua-Mobile: ?0' \
    -H $'Sec-Ch-Ua-Platform: \"Windows\"' \
    -H $'Upgrade-Insecure-Requests: 1' \
    -H $'Origin: https://ums.paruluniversity.ac.in' \
    -H $'Content-Type: application/x-www-form-urlencoded' \
    -H $'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36' \
    -H $'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' \
    -H $'Sec-Fetch-Site: same-origin' \
    -H $'Sec-Fetch-Mode: navigate' \
    -H $'Sec-Fetch-User: ?1' \
    -H $'Sec-Fetch-Dest: document' \
    -H $'Referer: https://ums.paruluniversity.ac.in/' \
    -H $'Accept-Encoding: gzip, deflate' \
    -H $'Accept-Language: en-US,en;q=0.9' \
    -H $'Connection: close' \
    -b $'ASP.NET_SessionId=$COOKIE' \
    --data-binary @bin_data \
    $'https://ums.paruluniversity.ac.in/Login.aspx'
req students dashboard
#!/bin/bash

curl -i -s -k -X $'GET' \
    -H $'Host: ums.paruluniversity.ac.in' -H $'Cache-Control: max-age=0' -H $'Upgrade-Insecure-Requests: 1' -H $'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36' -H $'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' -H $'Sec-Fetch-Site: same-origin' -H $'Sec-Fetch-Mode: navigate' -H $'Sec-Fetch-User: ?1' -H $'Sec-Fetch-Dest: document' -H $'Sec-Ch-Ua: \"Chromium\";v=\"103\", \".Not/A)Brand\";v=\"99\"' -H $'Sec-Ch-Ua-Mobile: ?0' -H $'Sec-Ch-Ua-Platform: \"Windows\"' -H $'Referer: https://ums.paruluniversity.ac.in/' -H $'Accept-Encoding: gzip, deflate' -H $'Accept-Language: en-US,en;q=0.9' -H $'Connection: close' \
    -b $'ASP.NET_SessionId=sxn1q2khezfetc1oidbwgzk2' \
    $'https://ums.paruluniversity.ac.in/StudentPanel/StudentDashboard.aspx'