g00se, on 08 April 2012 - 09:58 AM, said:

This seems like a brilliant idea. I'm guessing this logging proxy is somewhat the same as the results, which I had gotten with Chrome, that I posted earlier.

I don't seem to be able to find anything of the sort that I could use with my code though.. Do you know of any?

g00se, on 08 April 2012 - 04:36 AM, said:

These are the only requests and form data sent upon login. In essence, everything needed to successfully log in is here, I just need to find out which parts are crucial and how to replicate them code-wise.

Also: I've tried with other asp.net (.aspx) sites and the same situation occurs.. I'm guessing this, to some extent, is a general issue / obstacle with aspx

It was a good idea with the user agent, but I'm sad to say it didn't work.. There must be some other request headers that needs to be sent. Using Chrome, I captured the headers that were sent while successfully logging in:

POST /lectio/22/login.aspx HTTP/1.1

Host: www.lectio.dk

Connection: keep-alive

Content-Length: 784

Cache-Control: max-age=0

Origin: https://www.lectio.dk

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.151 Safari/535.19

Content-Type: application/x-www-form-urlencoded

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Referer: https://www.lectio.dk/lectio/22/login.aspx

Accept-Encoding: gzip,deflate,sdch

Accept-Language: en-US,en;q=0.8,da;q=0.6

Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Cookie: lectiogsc=610cc657-76ea-44d7-f63c-7072966701b7; lecmobile=0; LastLoginUserName=blabla; BaseSchoolUrl=%2Flectio%2F22; LastAuthenticatedPageLoad=Sun%20Apr%2008%202012%2000%3A10%3A13%20GMT%2B0200%20(Romance%20Daylight%20Time); ASP.NET_SessionId=vz4qj2m0y5243cc1zyvlnnlw; isloggedin3=N

(removed the username)

Also, the form data sent was:

time:0
__EVENTTARGET:m$Content$submitbtn2
__EVENTARGUMENT:
__VIEWSTATEX:2QAAAGlpZQoxMjYzNzU5MjIxaWwCawBnAWwCaGlkbARoaWRsAmcLaWwCawFmZGcCaWwCawJlA29mZmwCZw1pZGwCZwFpZGwCZwVpZGwCZwNpZGwEaGlkbAJnA2lkbAZnAWlsAmsDZRBPcmRydXAgR3ltbmFzaXVtZGcFaWRsAmcBaWRsAmhpbAJrBGUCNTBkZwdpbAJrBXBsAmcBaWRsAmhpamlsAmsGcGRkZGRnAWlkbAJnA2lpbAJrB2cyZGRyAWURbSRDb250ZW50JExvZ2luTVZpaWRoZAgAAAAJTG9naW5WaWV3BFRleHQMYXV0b2NvbXBsZXRlCWlubmVyaHRtbAltYXhsZW5ndGgHVmlzaWJsZQdDaGVja2VkCU1heExlbmd0aAD0oRTeUjAw/rXgxgMQQ/5EXCTgHw==
__VIEWSTATE:
__EVENTVALIDATION:/wEWDgL+raDpAgKRvc+2CAL99/NMAr7gpI0BAtXZjtYNAtXZmvMEAtXZpqgLAtXZssUDAtXZnqwFAtXZqskNAr7gmNAKAtDeh4QOAv3it5IPApOesvoKXJpqVlf9iSicA8/wz5lCzo9lVYzt/ErgSzUayOhT7uU=
m$Content$username2:blabla
m$Content$password2:blabla

(removed username and pass)

This data doesn't make much sense to me.. Do you have an idea which steps I could take from here?

g00se, on 07 April 2012 - 09:04 AM, said:

I will try with the use agent , but I'm not sure what you mean by this.

g00se, on 07 April 2012 - 06:20 AM, said:

It didn't - sorry if that wasn't clear in my description.