Skip to content

Instantly share code, notes, and snippets.

@ylmrx

ylmrx/curl_cookies.md

Last active August 30, 2018 14:36
Show Gist options
  • Save ylmrx/8367f001f89367bb8c3152c9042d357b to your computer and use it in GitHub Desktop.
Save ylmrx/8367f001f89367bb8c3152c9042d357b to your computer and use it in GitHub Desktop.
Download ZIP
curl and cookies
Raw
curl_cookies.md

authentication with curl on modern-ish websites

You might need to auth to a nice forum from curl one day

(ie. with cookies)

Create a variable with your password : (so you won't have your password in history... This is not satisfying if you're not the only admin on the box)

$ pass=`/lib/cryptsetup/askpass "pass:"`
[type your password here]
$
(hit Ctrl+L to empty your screen)

Call the authentication page :

$ curl --data-raw "username=login&password=$pass" -X POST -c cookie.txt \
https://dogeblog.org/login

Delete the environment variable as you wont need it anymore : unset pass You can now use cookie.txt to browse the site :

$ curl -b cookie.txt https://dogeblog.org/client/

NOTE: you can also read the cookie from your browser (and authenticate to the website from it too), and use the -b option with key=value directly.

Such as :

$ curl -b "key=value" https://dogeblog.org/client/

The cookie carry your authentication to dogeblog for several hours. Treat it like your password. Don't share it, and delete it when you're done.

rm cookie.txt

Such a process will work on a lot of sites.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment