Untitled

[quote="QuickStep"][size=25]Socket Authentication[/size]

[b]This tutorial can be used for the following ends:[/b][list][*] Logging into sites
[*]Posting information on a site
[*]Getting to pages which can only be accessed if you are logged in.[*]Getting to any page that you basically want, while using mIRC sockets![/list][b]Two examples:[/b]
[list=1][*]Logging into a phpbb forum (like hawkee.com)[*]Posting threads on a phpbb forum[/list][size=18][color=red]Beginner[/color][/size]
[list=1][color=blue]
[*] What information do I have to send in the sockopen event (http)?
[/color][/list]

[size=18][color=red]Intermediate[/color][/size]
[list=1][color=blue][*] How can I submit information through a http socket (GET)
[*] How can I submit information through a http socket (POST)?
[*] How do I simulate a website form?
[*] How do I succesfully establish an ssl connection (6.17+)?
[/color][/list]

[size=18][color=red]Expert[/color][/size]
[list=1][color=blue][*] How do I log-in to a site (cookies and forms)?
[/color][/list]

[size=18][color=red]Usefull Snippets[/color][/size]

Before we begin, I'd like to supply you with 2 basic aliases, which will play an important role. One is for removing html code:
[code]alias -l htmlfree {
  var %x, %i = $regsub($1-,/(^[^<]*>|<[^>]*>|<[^>]*$)/g,$null,%x), %x = $remove(%x,&,$chr(9))
  return %x
}
[/code][i]Usage: $htmlfree(text)[/i]

[code]alias urlencode {
  var %a = $regsubex($$1,/([^\w\s])/Sg,$+(%,$base($asc(\t),10,16,2)))
  return $replace(%a,$chr(32),$chr(43))
}[/code][i]Usage: $urlencode(text)[/i]

[size=18][color=red]Intermediate[/color][/size]

[b][size=16][color=blue]Q: How can I submit information through a http socket (GET)?[/color][/size][/b]

You have probably seen this a lot when using your webbrowser. Submitting information using the GET method is just simply putting a question mark after the url you want to GET and after that seperate each variable name and value with a '&' character.

So for example, the following URL sends 5 variables:
http://hawkee.com/phpBB2/viewtopic.php?t=10835&start=0&postdays=0&postorder=asc&highlight=
[b]t[/b] (value: [b]10835[/b])
[b]start[/b] (value: [b]0[/b])
[b]postdays[/b] (value: [b]0[/b])
[b]postorder[/b] (value: [b]asc[/b])
[b]highlight[/b] (value:)

These variables can be fetched by the web server, and processed later. This sounds very easy and basic, but there is one important thing you should keep in mind. You have to ALWAYS url-encode the values of the variables when using the GET method, to avoid errors (Do not url-encode the entire string). Refer to the $urlencode snippet at the top of this tutorial.

So to conclude, a valid GET request to the server for the url http://hawkee.com/phpBB2/viewtopic.php?t=10835&start=0&postdays=0&postorder=asc&highlight= would be:
[code]on *:SOCKOPEN:hawkee.com:{
  ; Set the variables we want to send:
  var %string = t= $+ $urlencode(10835) $+ &start= $+ $urlencode(0) $+ &postdays= $+ $urlencode(0) $+ &postorder= $+ $urlencode(asc) $+ &highlight=

  ; Send GET and Host
  sockwrite -n $sockname GET /phpBB2/viewtopic.php? $+ %string HTTP/1.1
  sockwrite -n $sockname Host: hawkee.com

  ; We are done
  sockwrite -n $sockname $crlf
}[/code]


[b][size=16][color=blue]Q: How can I submit information through a http socket (POST)?[/color][/size][/b]

The POST method is almost similar to the GET method. The only difference is that the variables aren't passed in the URL itself, but instead are send at the end of your requests. Other than that a few adjustments have to made when using the POST method:
[list=1][*]POST have to be used in stead of GET
[*]Content headers have to be send
[*]The variables have to be send at the end of your request (don't worry, an example will soon follow).
[/list]
As you already read, the Content headers have to be send. The two extra Content headers are:
[b]Content-Length: <length of sumitted data>[/b]
and
[b]Content-Type: application/x-www-form-urlencoded[/b]

The Content-Length tells the server the length of the submitted data and Content-Type tells the server the type of data we are sending (usually url-encoded).

So to conclude, a valid POST request to the server for the url http://hawkee.com/phpBB2/viewtopic.php
where we want to POST the following variables t=10835&start=0&postdays=0&postorder=asc&highlight= would be:
[code]on *:SOCKOPEN:hawkee.com:{
  ; Set the variables we want to send:
  var %string = t= $+ $urlencode(10835) $+ &start= $+ $urlencode(0) $+ &postdays= $+ $urlencode(0) $+ &postorder= $+ $urlencode(asc) $+ &highlight=

  ; Send POST and Host
  sockwrite -n $sockname POST /phpBB2/viewtopic.php HTTP/1.1
  sockwrite -n $sockname Host: hawkee.com

  ; Send the extra content headers
  sockwrite -n $sockname Content-Length: $len(%string)
  sockwrite -n $sockname Content-Type: application/x-www-form-urlencoded

  ; We are done, remember we have to send the %string last
  sockwrite -n $sockname $crlf %string
}[/code]


[b][size=16][color=blue]Q: How do I simulate a website form?[/color][/size][/b]

[i]Note: if you want to log-in, or other actions when submitting a form that requires you to set a cookie, please refer to the [color=red][b]advanced[/b][/color] questions.[/i]

This requires you to take a peek into the website source.

For this example I will use www.google.com
Maybe you are wondering: why google? Well because google almost includes everything we need to know about simulating forms.
The first thing we have to do is find the <form></form> tags and all the <input> tags between the opening and closing form tags. Remove all the extra html code between the <form> tags.

Result for www.google.com:
[code]<form action=/search name=f>
  <input type=hidden name=hl value=nl>
  <input maxlength=2048 size=55 name=q value="" title="Google zoeken">
  <input type=submit value="Google zoeken" name=btnG>
  <input type=submit value="Ik doe een gok" name=btnI>
  <input id=all type=radio name=meta value="" checked>
  <input id=lgr type=radio name=meta value="lr=lang_nl" >
  <input id=cty type=radio name=meta value="cr=countryNL" >
</form>[/code]
Now first of all I will give you the default values for the form and input tags:
[b]For <form>:[/b][list=1][*]If no action is specified, the action defaults to "/" (action="/")
[*]If no method is specified, the method defaults to "GET" (method="GET")
[*]If no name is specified, the name defaults to "" (name="")
[/list][b]For <input>:[/b][list=1][*]A name always HAS to be specified (name="...")
[*]If no type is specified, it defaults to "text" (type="text")
[*]If no value is specified, it defaults to "" (value="")
[/list]
As you can see there are multiple input [b]types[/b], in our example: hidden, submit, text (not specified, default value) and radio

The method of the form is GET (not specified, so defaults to GET, see above), the action is "/search". Remember that these 2 values are the only two things you need to retrieve from the <form> tag.
The inputs have to be send like this: name1=value1&name2=value2&name3=value3
Looks familiar huh (see [color=blue][b]Q How can I submit information through a http socket (GET)?[/b][/color]).

AW few things to remember:[list=1][*]The value of the hidden inputs (<input type="hidden" name="foo" value="bar">) is just the value that is in the html source. So in the example it would be foo=bar
[*]The value of the submit inputs (<input type="submit" name="foo" type="bar">) is ONLY send if the user clicked THIS particular button. So if the form has multiple submit buttons (like our google example), the name=value is only send for the button the user clicked.
[*]The value for the text inputs (<input type="text" name="foo"> or <input name="foo">) is what the user entered. So if the user entered "barbarbar", the form sends: foo=barbarbar
[*]The value for radio is only send if the user checked the radio button. More or less the same story as the submit button.
[*]The value for checkboxes should be 'on' if checked (<input type="checkbox" name="foo">). This example would send: foo=on if the checkbox is checked. If the checkox is not checked, don't send anything (just like radio buttons, you don't have to send data for the buttons that are not checked).
[/list]

So now, with all the knowledge I have shared with you, we will look at our google example and predict what the form will send if we entered the text "foobar" and click the first submit button. We will leave the radio button as is, so we will send the name=value of the radio button which is already checked by default:
The form will send...[list=1][*]hl=nl , from the first hidden input.
[*]q=foobar , from the entered text from the user.
[*]btng=Google+Zoeken , from the submit button we clicked
[*]meta= , from the checked radio button
[/list]And that's it. So the total string will be: "hl=nl&q=foobar&btnG=Google+zoeken&meta=" We will submit the data using the "GET" method and to url: "/search".
All this results in the following page: http://www.google.nl/search?hl=nl&q=foobar&btnG=Google+zoeken&meta=
Remember if we are going to do this with sockets, we have to url encode the string. For the full explanation on how to do the following with sockets, see [color=blue][b]Q How can I submit information through a http socket (GET)?[/b][/color].

[b]Conclusion:[/b]
I didn't do this in socket code, but it's all explained in the 2 Q&A above. In the google example the method of the form was GET, but usually the method is POST. So this means you will have to send the string (url-encoded) using the POST method. Again, refer to the [b][color=blue]Q: How can I submit information through a http socket (POST)?[/color][/b]


[b][size=16][color=blue]Q: How do I succesfully establish an ssl connection (6.17+)?[/color][/size][/b]

...


[size=18][color=red]Expert[/color][/size]

[b][size=16][color=blue]Q: How do I log-in to a site (cookies and forms)?[/color][/size][/b]

Obviously the method of logging in will be different for every site you visit. That's why I will cover every aspect of the log-in process, ending with a full snippet code where I will log into hawkee and retrieve my mail address.

First it is important to cover the complete process off recieving and sending cookies.

[b][size=14][color=green]Recieving Cookies[/color][/size][/b]
The server can request the client to store a cookie with the following header:
[b]Set-Cookie: <contents of cookie>[/b]
The contents of a cookie usually follow the following format:
[b]Set-Cookie: name=value; path=/; expires=date;[/b]
Explaination:[list=1][*][b]name=value;[/b] The name of the cookie, and the value it holds. The ';' is NOT part of the value, it just marks the end of the value. The cookie HAS to have a name, the value is optional and defaults to "".
[*][b]path=/;[/b] The remote path where the cookie should be applied to. '/' means for every page on the server, which is also the default value if no path is supplied. '/dir' means for all the pages in '/dir' and 'index.php' means only for 'index.php'. For example if hawkee would send the following cookie:
[code]Set-Cookie: foo=bar; path=/phpBB2; expires=Tuesday, 05-Jun-07 23:16:49 GMT;[/code]It would mean that this cookie has to be send for all pages within www.hawkee.com/phpBB2/
[*][b]expires=date;[/b] Means after what date the client should remove the cookie. If no 'expires' is supplied, it will default to 'after the current session', meaning when the page is left.[/list]
The [b]path[/b] and [b]expires[/b] are usually not very interesting when it comes to scripting.

Now that this is covered, there is one important thing to keep in mind. The server can send [b]multiple[/b] cookies. Because of this we can only make sure that we recieved all the cookies after the complete header has been send. To illustrate this, here is an example from hawkee itself, where the server is sending multiple cookies:
[code]HTTP/1.1 302 Found
Date: Mon, 05 Jun 2006 23:16:49 GMT
Server: Apache/1.3.36 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.4.2 FrontPage/5.0.2.2635.SR1.2 mod_ssl/2.8.27 OpenSSL/0.9.7a
X-Powered-By: PHP/4.4.2
Set-Cookie: PHPSESSID=f4b8fa0a94ced645682b4f6030b21c9a; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: phpbb2mysql_data=a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bs%3A0%3A%22%22%3Bs%3A6%3A%22; expires=Tuesday, 05-Jun-07 23:16:49 GMT; path=/
Set-Cookie: phpbb2mysql_sid=b1716ad23f970c350daa5941ab8a6f8a; path=/
Set-Cookie: phpbb2mysql_data=a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bs%3A32%3A%221902098234484bb61; expires=Tuesday, 05-Jun-07 23:16:49 GMT; path=/
Set-Cookie: phpbb2mysql_sid=4f3e2ea27ba2115051c1c77fc57e224c; path=/
Location: http://www.hawkee.com/index.php?sid=4f3e2ea27ba2115051c1c77fc57e224c
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html[/code][i]Note: Some headers have been modified to secure my account, and to make it better fit on the page[/i]

The server is sending 5 requests to store a cookie. Let's list the names and values here:[list=1][*][b]Name:[/b] PHPSESSID [b]Value:[/b] f4b8fa0a94ced645682b4f6030b21c9a
[*][b]Name:[/b] phpbb2mysql_data [b]Value:[/b] a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bs%3A0%3A%22%22%3Bs%3A6%3A%22
[*][b]Name:[/b] phpbb2mysql_sid [b]Value:[/b] b1716ad23f970c350daa5941ab8a6f8a
[*][b]Name:[/b] phpbb2mysql_data [b]Value:[/b] a%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bs%3A32%3A%221902098234484bb61
[*][b]Name:[/b] phpbb2mysql_sid [b]Value:[/b] 4f3e2ea27ba2115051c1c77fc57e224c
[/list]
Now, what you probably already noticed is that the server is sending the same cookie multiple times. This is VERY important to keep in mind, and can make or break your snippet: [b]The value of the cookie that is send LAST should be stored, overwriting any existing values that were previously acquired.[/b]
In our example above, this means that only the last 2 phpbb2mysql_data and phpbb2mysql_sid should be stored, the 2 before that should be removed/overwritten.

[b]Conclusion:[/b]
The client should [b]store[/b] the cookie [b]name[/b] and [b]value[/b] for every cookie it recieves, overwriting any previously acquired cookies from the site.

[b][size=14][color=green]Sending Cookies[/color][/size][/b]
Now that you have stored the cookie's (in a text file or whatever, I will cover this later in my example where I will log-in into hawkee.com) you have to send them when requesting a new page.

This is done by sending the following header:
[b]Cookie: <contents of cookie>;[/b]
So if the client would want to send the cookie named 'foo' with content 'bar', the client would send:[b]Cookie: foo=bar;[/b]

But as you've seen above, the user can recieve multiple cookies. If this is the case, you have to seperate each cookie with a ';'.
For example, if the user would have 2 cookies: one named 'foo' with value 'bar' and one named 'test' with value 'bla', the following header should be send:
[b]Cookie: foo=bar; test=bla;[/b]

One final, and VERY important notice. The contents of the cookie SHOULD NOT be url-encoded. Just send the contents of the cookie like you RECIEVED it, to avoid conflicts.

So an example request to the server would be:
[code]on *:SOCKOPEN:hawkee.com:{
  ; Set the variables we want to send:
  var %string = t= $+ $urlencode(10835) $+ &start= $+ $urlencode(0) $+ &postdays= $+ $urlencode(0) $+ &postorder= $+ $urlencode(asc) $+ &highlight=

  ; Send POST and Host
  sockwrite -n $sockname POST /phpBB2/viewtopic.php HTTP/1.1
  sockwrite -n $sockname Host: hawkee.com

  ; Send the extra content headers
  sockwrite -n $sockname Content-Length: $len(%string)
  sockwrite -n $sockname Content-Type: application/x-www-form-urlencoded

  ; Send extra cookie data
  sockwrite -n $sockname Cookie: foo=bar; test=bla;

  ; We are done, remember we have to send the %string last
  sockwrite -n $sockname $crlf %string
}[/code]

[b]Conclusion:[/b]When the client recieves a cookie, it should send it to everytime after every new request (GET or POST, doesn't matter). To send a cookie, you do not have to send multiple cookie headers, only send one while seperating multiple cookies with the ';' characters. Do not url-encode cookies, just send them like you recieved them.

[b][size=14][color=green]How to proceed, logging in to a site[/color][/size][/b]
Now that you know everything you need to know about cookies, it's time to proceed to what we actually wanted to do, logging-in to a site. Before proceeding, make sure you've read and understand the following [b][color=red]intermediate[/color][/b] questions:
[b][color=blue]Q How can I submit information through a http socket (POST)?
Q How do I simulate a website form?[/color][/b]

Done? Now here how it's done, in basic outline:[list][*]First we will look up the log-in form of the site we want to log-in to. Take a look at where the form submits to, and what information we have to send (obviously username and password, but we do have to send more data to succesfully simulate the form).
[*]When this is done, we will recieve (a/multiple) cookie(s) from the server and we will store these.
[*]We will open a new connection, requesting a page that can only be viewed while we are logged in. While sending the headers, we must include the cookies we recieved earlier.
[*]If all went well, we should be able to see this page[/list]

If you've read the Q&A I told you to read and understand, and you something about scripting, you should be able to pull this off. But I know what you really want is a practical example. And I'm going to show you now.

[b][size=14][color=green]Practical example: logging in to hawkee.com[/color][/size][/b]
What we would like to do is log-in to your account. The form can be accessed through the main page http://www.hawkee.com here. Then we would like to retrieve the user's email address, which can be found http://hawkee.com/phpBB2/profile.php?mode=editprofile here.

[b]The idea:[/b]
I will write an alias /hawkee, that takes 3 (optional) arguments:[code]/hawkee [METHOD] [URL] [DATA][/code]The method can be either GET or POST, the URL can be anything (/ for main page) the DATA should be a string of variables like foo=bar&test=bla. Relative of the method we specified, we will send that DATA string either using the POST method or the GET method.
In the mean-time, the script will keep track of all the cookies. If it recieves a [b]Set-Cookie[/b] request, it will store the [b]name=value[/b] into the text file 'hawkee_cookie.txt'. If the cookie already exists it will overwrite it. [b]Everytime[/b] the user requests a page, the script will check whether it has any cookies, and send them if it does. This is basically the same way your browser is doing it.

Now before I give you the snippet, let's take a look at the log-in form from the main page:
[code]<form action="/phpBB2/login.php" method="post">
  <input type="hidden" name="login" value="1">
  <input type="hidden" name="redirect" value="/">
  <input type="text" size=8 maxlength=130 name="username" class="ss">
  <input type="password" size=8 maxlength=130 name="password" class="ss">
  <input class="text" type="checkbox" name="autologin" checked>
  <input type="submit" name="Submit" value="login" class="liteoption">
</form>[/code]
In order to log in we will have to send the following data string (if you are confused why we have to send this, please read the Q&A I told you to read):
[b]login=1&redirect=/&username=[i]USERNAME_HERE[/i]&password=[i]PASSWORD_HERE[/i]&autologin=on&Submit=login[/b]
to the url, using POST method:
[b]/phpBB2/login.php[/b]
In the snippet discussed above, this would make the following command:
[b]/hawkee POST /phpBB2/login.php login=1&redirect=/&username=QuickStep&password=***&autologin=on&Submit=login[/b]

After we have recieved the cookie's from sending that request, we will have to open the following page, and retrieve the e-mail address:
http://hawkee.com/phpBB2/profile.php?mode=editprofile
In the snippet discussed above, this would make the following command:
[b]/hawkee GET /phpBB2/profile.php mode=editprofile[/b]

So now that the theory about the snippet is discussed, here it is (please read the comments):[code]alias hawkee {
  ; Open a new window, where we will output the data
  window @hawkee
  linesep @hawkee

  ; Set first parameter, which defaults to GET
  var %method = $iif($1,$1,GET)

  ; Set second parameter, which defautls to /
  var %page = $iif($2,$2,/)

  ; Set socket name
  var %sock = hawkee $+ $ticks

  ; Open socket and send data to it
  sockopen %sock www.hawkee.com 80
  sockmark %sock %method %page $3
}
on *:SOCKOPEN:hawkee*:{
  ; Connection has been made
  aline @hawkee Connection established...
  aline @hawkee MODE: $getmark($sockname,1-)

  ; Define command
  var %a = sockwrite -n $sockname

  ; Define data string to send
  var %string = $urlencode_string($getmark($sockname,3))

  ; First send GET/POST, next send Host
  %a $getmark($sockname,1-2) $+ $iif($getmark($sockname,1) == GET && %string,$+(?,%string)) HTTP/1.1
  %a Host: www.hawkee.com

  ; If there are cookies, we will send them
  ; Remember: to send all cookies we must seperate them with ';'
  if ($exists(hawkee_cookie.txt)) {
    aline @hawkee Found cookie in your mirc directory, sending it now...
    var %n = 1, %cookie
    while ($read(hawkee_cookie.txt,%n)) {
      ; Seperate the cookies with ';'
      %cookie = $+(%cookie,$v1,;)
      inc %n
    }
    aline @hawkee Sending cookie: %cookie

    ; Sending the cookie
    %a Cookie: %cookie
  }

  ; If method is POST, we need to include 2 extra parameters
  if ($getmark($sockname,1) == POST) {
    %a Content-Length: $len(%string)
    %a Content-Type: application/x-www-form-urlencoded
  }

  ; Force connection to close
  %a Connection: close

  ;Just-to-make-sure requests:
  %a Accept: */*
  %a Accept-Charset: *
  %a Accept-Encoding: *
  %a Accept-Language: *
  %a User-Agent: Mozilla/5.0

  if ($getmark($sockname,1) == POST) {
    ; If we are using method POST we must include the data at the end
    %a $crlf %string
  }
  else {
    ; else we we send normal closing data
    %a $crlf
  }
}


on *:SOCKREAD:hawkee*:{
  sockread %tmp
  if ($regex(%tmp,/^Set-Cookie: (.+?)=(.+?);/i)) {
    aline @hawkee Recieved Cookie: $regml(1)
    ; We found a cookie, let's store it
    if ($read(hawkee_cookie.txt, w, $regml(1) $+ =*)) {
      aline @hawkee Cookie already exists, overwriting...
      ; Cookie already exists, overwriting...
      write -l $+ $readn hawkee_cookie.txt $+($regml(1),=,$regml(2))
    }
    ; else we will just add it to the end
    else write hawkee_cookie.txt $+($regml(1),=,$regml(2))
  }
  if ((!%tmp) && ($getmark($sockname,1) == POST)) {
    ; We recieved the headers from the server, now it is time to open the profile page and try to retrieve
    ; Your e-mail address with the cookies we just recieved
    aline @hawkee Recieved headers from server
    sockclose $sockname

    aline @hawkee Now opening page to view your profile
    hawkee GET /phpBB2/profile.php mode=editprofile
  }

  ; Now what we really wanted to do is retrieve the users email address, we will do that here
  ; with a basic regular expression
  if ($regex(%tmp,/name="email" .+? value="(.+?)"/i)) {
    aline @hawkee Script succesfully found your e-mail address: $regml(1)
    aline @hawkee We logged into your account at http://hawkee.com while submitting data and using cookies
    aline @hawkee This ends our example...
    sockclose $sockname
  }
}


alias getmark {
  ; $getmark(socketname,N)
  ; This alias returns the Nth word from the socketmark from socket socketname
  return $gettok($sock($1).mark,$$2,32)
}

alias urlencode_string {
  ; Encodes a whole string of data in the format name1=data1&name2=data2
  ; Example: $urlencode_string(name1=test&name2=test2)
  ; Returns: name1=%74%65%73%74&name2=%74%65%73%74%32
  var %a = 1, %string = $1, %output
  while ($gettok(%string,%a,38)) {
    tokenize 61 $v1
    if (%a != 1) %output = %output $+ &
    %output = $+(%output,$1,=,$urlencode($2))
    inc %a
  }
  return %output
}

alias urlencode {
  var %a = $regsubex($$1,/([^\w\s])/Sg,$+(%,$base($asc(\t),10,16,2)))
  return $replace(%a,$chr(32),$chr(43))
}[/code]
Now when performing the following command with this snippet:
[b]/hawkee POST /phpBB2/login.php login=1&redirect=/&username=QuickStep&password=***&autologin=on&Submit=login[/b]
The output is:[code]-
Connection established...
MODE: POST /phpBB2/login.php login=1&redirect=/&username=QuickStep&password=***&autologin=on&Submit=login
Recieved Cookie: PHPSESSID
Recieved Cookie: phpbb2mysql_data
Recieved Cookie: phpbb2mysql_sid
Recieved Cookie: phpbb2mysql_data
Cookie already exists, overwriting...
Recieved Cookie: phpbb2mysql_sid
Cookie already exists, overwriting...
Recieved headers from server
Now opening page to view your profile
-
Connection established...
MODE: GET /phpBB2/profile.php mode=editprofile
Found cookie in your mirc directory, sending it now...
Sending cookie: PHPSESSID=175a37af57c12a7d70c26671012b...
Script succesfully found your e-mail address: maxismijnnaam@hotmail.com
We logged into your account at http://hawkee.com while submitting data and using cookies
This ends our example...[/code][i]Note: Some data has been modified to secure my account, and to make it better fit on the page[/i]

[b]Conclusion:[/b]
Logging in to a site is just a matter of sending the correct data the correct way, and keeping track of every cookie you recieve along the way (overwriting if it already exists).[/quote]