Jump to content

Recommended Posts

Posted
16 hours ago, Danp2 said:

Hi,

I have been using _WinHttpSimpleSendRequest and _WinHttpSimpleReadData to access the USPS Web Tools API. I recently received an email from them stating

What actions do I need to take to ensure that my WinHTTP requests are using TLS and not SSLv3?

Thanks!

Dan

Nothing is needed on your part. Crypto protocol is negotiated when connection is established.

♡♡♡

.

eMyvnE

  • 4 weeks later...
Posted
Func _sendfile($file)
    $hOpen = _WinHttpOpen()
    $hConnect = _WinHttpConnect($hOpen, "www.example.com")
    $sRead = _WinHttpSimpleFormFill($hConnect, "/upload.php", "index:0", "name:file", $file)
    _WinHttpCloseHandle($hConnect)
    _WinHttpCloseHandle($hOpen)
EndFunc

this code work perfect until i set #AutoIt3Wrapper_Run_Au3Stripper=y on the script. 

if i compile my script with this parameters:

#AutoIt3Wrapper_Run_Au3Stripper=y
#Au3Stripper_Parameters=/sf /sv /om /mi
the function dont work.

Posted
8 hours ago, shai said:
Func _sendfile($file)
    $hOpen = _WinHttpOpen()
    $hConnect = _WinHttpConnect($hOpen, "www.example.com")
    $sRead = _WinHttpSimpleFormFill($hConnect, "/upload.php", "index:0", "name:file", $file)
    _WinHttpCloseHandle($hConnect)
    _WinHttpCloseHandle($hOpen)
EndFunc

this code work perfect until i set #AutoIt3Wrapper_Run_Au3Stripper=y on the script. 

if i compile my script with this parameters:

#AutoIt3Wrapper_Run_Au3Stripper=y
#Au3Stripper_Parameters=/sf /sv /om /mi
the function dont work.

I'm not familiar with the working of that tool.

...however, it's always best to use the latest version of WinHttp.au3 if possible.

♡♡♡

.

eMyvnE

  • 2 months later...
Posted (edited)

I have to send a command to an ipcam:

I sent this into the browser:

http://192.168.1.222/cgi-bin/devVideoInput.cgi?action=adjustFocus&focus=0&zoom=0

then it pops up for username & password and that's it. (The page is blank)

I tried:

local $sFocus = "cgi-bin/devVideoInput.cgi?action=adjustFocus&focus=0&zoom=0"

Global $hOpen = _WinHttpOpen()

Global $hConnect = _WinHttpConnect($hOpen, "192.168.1.222")

Global $hRequest = _WinHttpOpenRequest($hConnect, _
        "POST", _ ; verb
        $sFocus, _    ; target
        Default, _ ; version
        "", _    ; referer
        "*/*") ; accept

local $sPass = "Nome utente:" & $sUserNameD & "Password:" & $sPasswordD
_WinHttpSendRequest($hRequest, "Content-Type: application/x-www-form-urlencoded", $sPass )

I got the answer:

HTTP/1.1 401 Unauthorized
Connection: close
Content-Length: 0
WWW-Authenticate: Digest realm="Login to 2L00D68PAA00300",qop="auth",nonce="912973344",opaque="f2beeb0280382b94610e6a573c221165eb43f755"

How should I send the username & password?

 

 

Edited by frank10
Posted
8 hours ago, frank10 said:

I have to send a command to an ipcam:

I sent this into the browser:

http://192.168.1.222/cgi-bin/devVideoInput.cgi?action=adjustFocus&focus=0&zoom=0

then it pops up for username & password and that's it. (The page is blank)

I tried:

local $sFocus = "cgi-bin/devVideoInput.cgi?action=adjustFocus&focus=0&zoom=0"

Global $hOpen = _WinHttpOpen()

Global $hConnect = _WinHttpConnect($hOpen, "192.168.1.222")

Global $hRequest = _WinHttpOpenRequest($hConnect, _
        "POST", _ ; verb
        $sFocus, _    ; target
        Default, _ ; version
        "", _    ; referer
        "*/*") ; accept

local $sPass = "Nome utente:" & $sUserNameD & "Password:" & $sPasswordD
_WinHttpSendRequest($hRequest, "Content-Type: application/x-www-form-urlencoded", $sPass )

I got the answer:

HTTP/1.1 401 Unauthorized
Connection: close
Content-Length: 0
WWW-Authenticate: Digest realm="Login to 2L00D68PAA00300",qop="auth",nonce="912973344",opaque="f2beeb0280382b94610e6a573c221165eb43f755"

How should I send the username & password?

 

 

Look for example of _WinHttpSetCredentials(), and _WinHttpQueryAuthSchemes() functions. Former would use $WINHTTP_AUTH_SCHEME_DIGEST based on the response you posted, and latter should determine the scheme by itself.

Also this could work (it's the same thing, only better, depending on the interface):

#include "WinHttp.au3"

$sUserNameD = "You" ; set correct one
$sPasswordD = "YourPassword" ; set correct one

; Initialize and get session handle
$hOpen = _WinHttpOpen()
; Get connection handle
$hConnect = _WinHttpConnect($hOpen, "192.168.1.222")

; Fill form on this page
$sRead = _WinHttpSimpleFormFill($hConnect, _ ; connection handle
        "cgi-bin/devVideoInput.cgi", _ ; target page
        Default, _ ; form identifier (make sure it's the correct one)
        "name:action", "adjustFocus", _ ; first field identifier paired with field data
        "name:focus", 0, _ ; second field identifier paired with data
        "name:zoom", 0, _ ; third field identifier paired with data
        "[CRED:" & $sUserNameD & ":" & $sPasswordD & "]")

; Close connection handle
_WinHttpCloseHandle($hConnect)
; Close session handle now that's no longer needed
_WinHttpCloseHandle($hOpen)

ConsoleWrite($sRead & @CRLF)
MsgBox(4096, "", $sRead)

 

♡♡♡

.

eMyvnE

Posted (edited)

I tried above methods, don't work...

 

I found out Dahua ipcam API explanation that says:

Quote

 When digest authentication, the Dahua video product response:
WWW-Authenticate: Digest realm="DH_00408CA5EA04", nonce="000562fdY631973ef04f77a3ede7c1832ff48720ef95ad",
stale=FALSE, qop="auth";
The client calculates the digest using username, password, nonce, realm and URI with MD5, then send the following request:
Authorization: Digest username="admin", realm="DH_00408CA5EA04", nc=00000001,cnonce="0a4f113b",qop="auth"
nonce="000562fdY631973ef04f77a3ede7c1832ff48720ef95ad",uri="cgi-bin/global.login?userName=admin",
response="65002de02df697e946b750590b44f8bf"

It seems I must calculate an MD5, but I don't understand well:

In the header answer I get:

WWW-Authenticate: Digest realm="Login to 2L00D68PAA00300",qop="auth",nonce="912973344",opaque="f2beeb0280382b94610e6a573c221165eb43f755"

Here nonce is a lot short, and I get opaque??  Maybe nonce = cnonce and nonce=opaque ? Looking at length (but not equal...).

Anyway, which terms I must MD5, and should I put them on the field "response" (I see username, but no password field)?

So should the answer be:

Authorization: Digest username="admin", realm="Login to 2L00D68PAA00300", nc=00000001,cnonce="912973344",qop="auth"
nonce="f2beeb0280382b94610e6a573c221165eb43f755",uri="cgi-bin/global.login?userName=admin",
response="_____calculated_MD5_____"

with MD5 calculated with which string?

Then something like:

local $sCredentials = $sUserNameD & ":" & $sPasswordD

$hash = _Crypt_HashData ( $sCredentials, $CALG_MD5 ) 

local $sPass = 'Authorization: Digest username="admin", realm="Login to 2L00D68PAA00300", nc=00000001,cnonce="912973344",qop="auth" _
nonce="f2beeb0280382b94610e6a573c221165eb43f755",uri="cgi-bin/global.login?userName=admin", _
response=' & $hash 

_WinHttpSendRequest($hRequest, "Content-Type: application/x-www-form-urlencoded", $sPass )

 

Edited by frank10
Posted

I didn't know digest was a protocol... now I'm looking at wiki.

Anyway, using   _WinHttpQueryAuthSchemes()  like this:

local $sFocus = "/cgi-bin/devVideoInput.cgi?action=adjustFocus&focus=0&zoom=0"

local $hOpen = _WinHttpOpen()

local $hConnect = _WinHttpConnect($hOpen, "192.168.1.222")

local $hRequest = _WinHttpOpenRequest($hConnect, _
        "GET", _ ; verb
        $sFocus, _    ; target
        Default, _ ; version
        "", _    ; referer
        "*/*") ; accept

                ; Send the request
                _WinHttpSendRequest($hRequest)

                ; Wait for the response
                _WinHttpReceiveResponse($hRequest)

                ; Query status code
                Local $iStatusCode = _WinHttpQueryHeaders($hRequest, $WINHTTP_QUERY_STATUS_CODE)
                ; Check status code
                If $iStatusCode = $HTTP_STATUS_DENIED Or $iStatusCode = $HTTP_STATUS_PROXY_AUTH_REQ Then
                    ; Query Authorization scheme
                    Local $iSupportedSchemes, $iFirstScheme, $iAuthTarget
                    If _WinHttpQueryAuthSchemes($hRequest, $iSupportedSchemes, $iFirstScheme, $iAuthTarget) Then
                        ; Set passed credentials                 

                        _WinHttpSetCredentials($hRequest, $iAuthTarget, $iFirstScheme, $sUserNameD, $sPasswordD)
                    
                        

                        ; Send request again now
                        _WinHttpSendRequest($hRequest)
                        ; And wait for the response again
                        _WinHttpReceiveResponse($hRequest)
                    EndIf
                EndIf

                ; Check if there is any data available and read if yes
                Local $sChunk, $sOut
                If _WinHttpQueryDataAvailable($hRequest) Then
                    While 1
                        $sChunk = _WinHttpReadData($hRequest)
                        If @error Then ExitLoop
                        $sOut &= $sChunk
                    WEnd
                EndIf

    ; Close handles
    _WinHttpCloseHandle($hRequest)
    _WinHttpCloseHandle($hConnect)
    _WinHttpCloseHandle($hOpen)

I got it working!

Previous try didn't work because the zoomValue was already set at the same value, so the cam didn't changed...

(Instead the _WinHttpSimpleFormFill don't work.)

 

Thank you

Posted (edited)

Sure, np

This should work too:

#include "WinHttp.au3"

$sAddress = "http://192.168.1.222/cgi-bin/devVideoInput.cgi"

$sUserNameD = "admin" ; !set correct one!
$sPasswordD = "1234" ; !set correct one!


; Initialize and get session handle
$hOpen = _WinHttpOpen()

$sForm = _
        '<form action="' & $sAddress & '">' & _
        '    <input name="action"/>' & _ ;
        '    <input name="focus"/>' & _ ;
        '    <input name="zoom"/>' & _ ;
        '</form>'

$hConnect = $sForm
; Fill form
$sRead = _WinHttpSimpleFormFill($hConnect, _
        $hOpen, _
        Default, _
        "name:action", "adjustFocus", _
        "name:focus", 0, _ ; set wanted value
        "name:zoom", 0, _ ; set wanted value
        "[CRED:" & $sUserNameD & ":" & $sPasswordD & "]")

_WinHttpCloseHandle($hConnect)
_WinHttpCloseHandle($hOpen)

ConsoleWrite($sRead & @CRLF)
MsgBox(4096, "", $sRead)

 

Edited by trancexx
$hConnect

♡♡♡

.

eMyvnE

Posted
1 hour ago, frank10 said:

Yes, it works!

Does this bypass the digest authentication?

No. It can't be bypassed. Only it's done internally if it's needed, behind the scene.

♡♡♡

.

eMyvnE

Posted

_WinHttpSetCredentials with current logged user credentials

Using Winhttp UDF  (File Version: 1.6.4.0) i correctly connect and use a SOAP service on SSL connection.  For this purpose I must supply a   _WinHttpSetCredentials with username and password in clear (see below code extracted).

Because the customer requires that the credentials must be those of the current user, at present i‘ve implemented  the request of the password to the user storing it crypted and reusing it in the _WinHttpSetCredentials (not very functional and ergonomic).

The authentication schemas on server side are  NTLM and NEGOTIATION.

I’ve read some documentation  about winhttp.dll methods, parameters and option flags  trying to set $WINHTTP_OPTION_AUTOLOGON_POLICY  (LOW or MEDIUM) but I’ve not found anything of usefull to perform  an “automatic logon” based on the current user credentials or giving only the username, generating in me the doubt that isn’t supported in winhttp.dll (Ms WIN 7 and 10).

So is there any way  to set the “default credentials” of the current user or simply set only the username without password (on the server side there are ACL configured on each authorized user) ?

Func HttpRequest($HttpHeader,$HttpMessage)

   Local $hOpen, $hConnect, $hRequest, $RetRec, $sReturned, $RetSetCredential, $NumBytesReceived, $UserPassword, $ResponseHeader

$hOpen = _WinHttpOpen("Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0")

 $hConnect = _WinHttpConnect($hOpen, $DomainName,$INTERNET_DEFAULT_HTTPS_PORT)

$hRequest = _WinHttpOpenRequest($hConnect, "POST", $WsdlInterface, "HTTP/1.1", $WINHTTP_NO_REFERER, $WINHTTP_DEFAULT_ACCEPT_TYPES, $WINHTTP_FLAG_SECURE)

; Below $WINHTTP_AUTH_SCHEME_NTLM or of course $WINHTTP_AUTH_SCHEME_NEGOTIATION produce the same correct results

$RetSetCredential = _WinHttpSetCredentials($hRequest, $WINHTTP_AUTH_TARGET_SERVER, $WINHTTP_AUTH_SCHEME_NTLM,  "<domain\username>", "<plain password>")

 $RetSend = _WinHttpSendRequest($hRequest, $HttpHeader, $HttpMessage)

…. In the following _WinHttpReceiveResponse(), _WinHttpQueryHeaders(),  _WinHttpQueryDataAvailable(),_WinHttpReadData() all correctly functiong and returning data and response if the “domain\username” and password are right supplied (but with password in plain).

 

Many thanks for your attention and any suggestion.

 

Posted

For my needs the problem above may be solved using  the WinInet UDF but I would have preferred to use winhttp, better structured and documented (congrats to the author). So any suggestion about it remains usefull.

Thanks

 

 

  • 3 weeks later...
Posted
On ‎24‎.‎2‎.‎2017‎. at 6:03 PM, RobertoDev said:

For my needs the problem above may be solved using  the WinInet UDF but I would have preferred to use winhttp, better structured and documented (congrats to the author). So any suggestion about it remains usefull.

Thanks

 

 

Sorry for late reply.
Anyway, all you need to do is:

_WinHttpSetOption($hRequest, $WINHTTP_OPTION_AUTOLOGON_POLICY, $WINHTTP_AUTOLOGON_SECURITY_LEVEL_LOW)

...after the request has been created (before sent). Then you don't need to set any credentials nor use _WinHttpSetCredentials(). Everything should be handled automatically.

I've tested it and it works just fine.

♡♡♡

.

eMyvnE

  • 1 month later...
Posted

Hello,

i want to upload a epub/pdf in a cloud over the website.

The website is: http://webreader.mytolino.com/

Overthere i authenticate my account over a 3rd provider "Buecher.de"

When I am logged in, I have an upload button available.

There is my code:

#include <WinHTTP.au3>
$hOpen = _WinHttpOpen()
Global Const $sFileToUpload = "C:\Users\dyckh\Desktop\test.pdf"

$hConnect = _WinHttpConnect($hOpen, "https://bosh.pageplace.de")
$sRead = _WinHttpSimpleSSLRequest($hConnect, "GET", "/bosh/rest/reseller/selection?countryCode=DE&resellerGroup=27&client_type=tolinoweb")

$hConnect = _WinHttpConnect($hOpen, "https://bosh.pageplace.de", $INTERNET_DEFAULT_HTTPS_PORT)
$hRequest = _WinHTTPOpenRequest($hConnect, "GET", "/bosh/rest/v2/resellerconfig", Default, Default, Default, BitOR($WINHTTP_FLAG_SECURE, $WINHTTP_FLAG_ESCAPE_DISABLE))
$sHeader = "User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:53.0) Gecko/20100101 Firefox/53.0" & @CRLF & "reseller_id: 30" & @CRLF & "Accept: application/json" & @CRLF & "client_type: TOLINO_WEBREADER" & @CRLF & "client_version: 4.0.0"
_WinHttpSendRequest($hRequest, $sHeader)

$sRead = _WinHttpReceiveResponse($hRequest)

$hConnect = _WinHttpConnect($hOpen, "https://bosh.pageplace.de")
$sRead = _WinHttpSimpleSSLRequest($hConnect, "GET", "/bosh/rest/inventory/delta")

$sRead = _WinHttpReceiveResponse($hRequest)
Local $sHeader = _WinHttpQueryHeaders($hRequest)

$hConnect = _WinHttpConnect($hOpen, "https://www.buecher.de")
$sRead = _WinHttpSimpleSSLRequest($hConnect, "GET", "URL=/oauth2/authorize?client_id=dte_ereader_app_01&response_type=code&scope=ebook_library&redirect_uri=https%3A%2F%2Fwebreader.mytolino.com%2Flibrary%2F&x_buecherde.skin_id=de_dte_tolino")
$sRead = _WinHttpSimpleSSLRequest($hConnect, "POST", "/oauth2/authorize?client_id=dte_ereader_app_01&response_type=code&scope=ebook_library&redirect_uri=https%3A%2F%2Fwebreader.mytolino.com%2Flibrary%2F&x_buecherde.skin_id=de_dte_tolino", Default, "form_send=1&form%5Blogin%5D=EMAIL@PROVIDER.COM&form%5Bpassword%5D=PASSWORD")


$sRead = _WinHttpSimpleSSLRequest($hConnect)
$hConnect = _WinHttpConnect($hOpen, "https://webreader.mytolino.com")
$sRead = _WinHttpSimpleSSLRequest($hConnect, "GET", "/library/index.html#/mybooks/titles")




$sAddress = "https://bosh.pageplace.de//bosh/rest//upload"
$sForm = _
        '<form action="' & $sAddress & '" method="post" enctype="multipart/form-data">' & _
        '    <input type="file" name="upload-files"/>' & _
        '</form>'
$sHTML = _WinHttpSimpleFormFill($hConnect, $hOpen, _
        Default, _
"name:upload-files", $sFileToUpload)

If @error Then
    MsgBox(4096, "Error", "Error number = " & @error)
Else
    ConsoleWrite($sHTML & @CRLF)
EndIf




_WinHttpCloseHandle($hConnect)
_WinHttpCloseHandle($hOpen)


#cs $sFileHTM = @ScriptDir & "\Form.htm"
### $hFileHTM = FileOpen($sFileHTM, 2)
### FileWrite($hFileHTM, $sRead)
### FileClose($hFileHTM)
### ShellExecuteWait($sFileHTM) #CE

If i test it comes error 1. Can you help me?

Thanks in advance.

 

Greetings

aquis

Posted

Hi all,

I'm Kate. I am learning about WinHttp and try with this code:

#include "WinHTTP.au3"
$hOpen = _WinHttpOpen()
$hConnect = _WinHttpConnect($hOpen, "https://autoit.de/", 443)
$hRequest = _WinHttpOpenRequest($hConnect, 'GET', '/', 'HTTP/1.1', Default, Default, 0x800000)
_WinHttpSendRequest($hRequest)
If @error Then Exit MsgBox(0, "Error 1", "_WinHttpSendRequest Fail")
_WinHttpReceiveResponse($hRequest)
If _WinHttpQueryDataAvailable($hRequest) Then
    $header = _WinHttpQueryHeaders($hRequest)
    ConsoleWrite($header & @CRLF & @CRLF)
Else
    MsgBox(0, "Error 2", "_WinHttpQueryDataAvailable Fail")
EndIf
_WinHttpCloseHandle($hRequest)
_WinHttpCloseHandle($hConnect)
_WinHttpCloseHandle($hOpen)

But it comes Msg - "Error 1".  Can anyone help me ? Thank in advance. :>

Posted
6 hours ago, moimon said:

Hi all,

I'm Kate. I am learning about WinHttp and try with this code:

#include "WinHTTP.au3"
$hOpen = _WinHttpOpen()
$hConnect = _WinHttpConnect($hOpen, "https://autoit.de/", 443)
$hRequest = _WinHttpOpenRequest($hConnect, 'GET', '/', 'HTTP/1.1', Default, Default, 0x800000)
_WinHttpSendRequest($hRequest)
If @error Then Exit MsgBox(0, "Error 1", "_WinHttpSendRequest Fail")
_WinHttpReceiveResponse($hRequest)
If _WinHttpQueryDataAvailable($hRequest) Then
    $header = _WinHttpQueryHeaders($hRequest)
    ConsoleWrite($header & @CRLF & @CRLF)
Else
    MsgBox(0, "Error 2", "_WinHttpQueryDataAvailable Fail")
EndIf
_WinHttpCloseHandle($hRequest)
_WinHttpCloseHandle($hConnect)
_WinHttpCloseHandle($hOpen)

But it comes Msg - "Error 1".  Can anyone help me ? Thank in advance. :>

How about this:

#include "WinHTTP.au3"

$hOpen = _WinHttpOpen()
$hConnect = _WinHttpConnect($hOpen, "https://autoit.de/")
$aRead = _WinHttpSimpleSSLRequest($hConnect, Default, Default, Default, Default, Default, True)

If @error Then Exit MsgBox(0, "Error 1", "_WinHttpSendRequest Fail")

ConsoleWrite($aRead[0] & @CRLF & @CRLF)
;~ ConsoleWrite($aRead[1] & @CRLF & @CRLF)

_WinHttpCloseHandle($hConnect)
_WinHttpCloseHandle($hOpen)

 

♡♡♡

.

eMyvnE

Posted
15 hours ago, trancexx said:

How about this:

#include "WinHTTP.au3"

$hOpen = _WinHttpOpen()
$hConnect = _WinHttpConnect($hOpen, "https://autoit.de/")
$aRead = _WinHttpSimpleSSLRequest($hConnect, Default, Default, Default, Default, Default, True)

If @error Then Exit MsgBox(0, "Error 1", "_WinHttpSendRequest Fail")

ConsoleWrite($aRead[0] & @CRLF & @CRLF)
;~ ConsoleWrite($aRead[1] & @CRLF & @CRLF)

_WinHttpCloseHandle($hConnect)
_WinHttpCloseHandle($hOpen)

Thank you for your reply. But it still display the msgbox with error. I am using lastest Win7 32bit. I tried set FLAG_IGNORE_CERT... too but it does not effect  :'(

 

93BF6MH.png

Posted

^^ Well, it could be that default global WinHttp proxy setting was changed on your system by you or someone. Try running the help file example for _WinHttpSetStatusCallback and post the console output here. Just change hConnect line to $hConnect = _WinHttpConnect($hOpen, "autoit.de").

♡♡♡

.

eMyvnE

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...