Bash script challenge [part 2]. Authentication test (session) using the curl program.

in bash •  2 years ago 

BgxWBRxjvNhnbM9DiyHtCptYaDNF3xx85r8if8spuMjfmaUcx7ApmPrGXu8A7WmqTe4YQcPadtu1GRJg4K5DhHL1KmiBkEB82MtoptfMhQRcKcxwQQ3QYrUHKrsaVMUbMQ73xmBqwaaHGk3HiHuoMFYdqSLMkANxYoecq5dqW6Wzum8.jpeg

Bash script challenge [part 2]. Authentication test (session) using the curl program.

Medium level.

Requires:

  • A docker installed.
  • The curl program to be installed.
  • Basic knowledge of Linux commands.

In this section, I will try to log in to the Scada-LTS application using the curl program.

Let's run the docker with the ScadaLTS program.

docker run -d scadalts/scadalts:siv_dev /root/start.sh

Let's retrieve information about the port on which the program started.

export IpDocker=`docker inspect -f "{{ .NetworkSettings.IPAddress }}" $(docker ps -aq)`
echo $IpDocker

Let's try to authenticate in SCADA using the curl program.

curl -d "username=admin&password=admin&submit=Login" --dump-header headers http://$IpDocker:8080/ScadaLTS/login.htm

Let's print file headers.

cat headers

If we have the following information in the file, it means that we managed to authenticate in SCADA:
HTTP/1.1 302 Found
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=2B7D9B1CC45E66EFE8F082492157E12C; Path=/ScadaLTS; HttpOnly
Location: watch_list.shtm;jsessionid=2B7D9B1CC45E66EFE8F082492157E12C
Content-Language: en
Content-Length: 0
Date: Thu, 12 Sep 2019 14:02:59 GMT

We can check the result using the grep program.

cat headers | grep “302 Found” && echo ok || echo ‘not work’

The next topic will be Authentication with the use of a token.

Table of contents:

[Start] Writing API tests using the curl program

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!