views:

313

answers:

1

the html looks like below or you can find it here http://www.vbulletin.org/forum/index.php

<!-- login form -->
      <form action="login.php?do=login" method="post" onsubmit="md5hash(vb_login_password, vb_login_md5password, vb_login_md5password_utf, 0)">

        <script type="text/javascript" src="clientscript/vbulletin_md5.js?v=3612"></script>
                    <table cellpadding="0" cellspacing="1" border="0">
                    <tr>
                        <td class="smallfont" align="left"><label for="navbar_username">User Name</label></td>
                        <td class="smallfont" align="left" colspan="2"><label for="navbar_password">Password</label></td>
                    </tr>
                    <tr>

                        <td><input type="text" class="button" name="vb_login_username" id="navbar_username" size="10" accesskey="u" tabindex="101" value="User Name" onfocus="if (this.value == 'User Name') this.value = '';" /></td>        
                        <td><input type="password" class="button" name="vb_login_password" id="navbar_password" size="10" accesskey="p" tabindex="102" /></td>
                        <td class="smallfont" align="left" valign="middle"><input type="submit" class="button" value="Log in" tabindex="103" title="Enter your username and password in the boxes provided to login, or click the 'register' button to create a profile for yourself." accesskey="s" />
                            <label for="cb_cookieuser_navbar">
                            <input type="checkbox" name="cookieuser" value="1" tabindex="103" id="cb_cookieuser_navbar" accesskey="c" />Save?</label>
                            <input type="hidden" name="s" value="" />
<input type="hidden" name="securitytoken" value="1cbc0286417d97b4eb43ee0b0c2b54e7c615e5b8" />
                            <input type="hidden" name="do" value="login" />
                            <input type="hidden" name="vb_login_md5password" />

                            <input type="hidden" name="vb_login_md5password_utf" /></td>
                    </tr>
                    </table>
      </form>
      <!-- / login form -->

my code below doesn't work. It seems to me that I have to submit some of the hidden fields. Does anybody know

  • how to submit hidden fields?
  • if I need to submit the name and value or just one of them?
  • how to log into vBulleting v3.6

some text to display below text as a code

require 'rubygems'
require 'mechanize'
agent = WWW::Mechanize.new
page = agent.get("http://www.vbulletin.org/forum/index.php")

login_form = page.form_with(:action => 'login.php?do=login')
login_form['vb_login_username'] = 'username'
login_form['vb_login_password]'] = 'password'
page = agent.submit login_form

#Display welcome message if logged in
puts page.parser.xpath("/html/body/div/table/tr/td[2]/div/div").xpath('text()').to_s.strip

output = File.open("login.html", "w") {|f| f.write(page.parser.to_html) }
A: 

vBulletin needs md5 of the password not the actual password. So if you capture what your webbrowser sends out you can use that value. Or you have to use md5 library (not tested) to create the md5 hash out of any password.

require 'rubygems'
require 'mechanize'


agent = WWW::Mechanize.new 

page = agent.get("http://www.vbulletin.org/forum/index.php")

login_form = page.form_with(:action => 'login.php?do=login')

login_form['vb_login_username'] = 'user name'
login_form['vb_login_password'] = ''
login_form['vb_login_md5password_utf'] = 'md5 hash from the password'
login_form['vb_login_md5password'] = 'md5 hash from the password'

page = agent.submit login_form

#Display welcome message if logged in
puts page.parser.xpath("/html/body/div/table/tr/td[2]/div/div").xpath('text()').to_s.strip

output = File.open("login.html", "w") {|f| f.write(page.parser.to_html) }
Radek