Mohammad-Reihani · July 1, 2025 10:46
diff --git a/AutoLogin.ps1 b/AutoLogin.ps1
 <#
 .SYNOPSIS
    Auto-login to IUST captive portal.

 .DESCRIPTION
    Set your credentials below, or leave blank to be prompted.
 #>

 # ========== CONFIG ==========
 $Username = ""  # e.g. "student123"
 $Password = ""  # e.g. "pa$$w0rd"
 # ============================

 # Prompt for username/password if empty
 if ([string]::IsNullOrWhiteSpace($Username)) {
    $Username = Read-Host "Enter your username"
 }
 if ([string]::IsNullOrWhiteSpace($Password)) {
    $Secure = Read-Host "Enter your password" -AsSecureString
    $Password = [Runtime.InteropServices.Marshal]::PtrToStringAuto(
        [Runtime.InteropServices.Marshal]::SecureStringToBSTR($Secure)
    )
 }

 # Initialize session
 $session = New-Object Microsoft.PowerShell.Commands.WebRequestSession

 # STEP 1: Submit login.php to get response
 Write-Host "`n[Step 1] Logging in..." -ForegroundColor Cyan
 $response = Invoke-WebRequest -UseBasicParsing -Uri "https://login.iust.ac.ir/login.php" `
  -Method "POST" `
  -WebSession $session `
  -ContentType "application/x-www-form-urlencoded" `
  -Body "dst=status.html&popup=false&username=$Username&password=$Password"

 # Extract values using regex
 $formAction = ""
 $dst = ""
 $jsUsername = ""
 $jsPassword = ""

 if ($response.RawContent -match '<form[^>]*action="([^"]+)"') {
    $formAction = $matches[1]
 }
 if ($response.Content -match '<input[^>]*name="dst"[^>]*value="([^"]+)"') {
    $dst = $matches[1]
 }
 if ($response.RawContent -match "document\.login\.username\.value\s*=\s*'([^']+)'") {
    $jsUsername = $matches[1]
 }
 if ($response.RawContent -match "document\.login\.password\.value\s*=\s*'([^']+)'") {
    $jsPassword = $matches[1]
 }

 Write-Host "→ Form action URL: $formAction"
 Write-Host "→ Hidden dst value: $dst"
 Write-Host "→ JS username: $jsUsername"
 Write-Host "→ JS password hash: $jsPassword"

 # STEP 2: Submit actual login form
 Write-Host "`n[Step 2] Submitting form..." -ForegroundColor Cyan

 $authResponse = Invoke-WebRequest -UseBasicParsing `
    -Uri $formAction `
    -Method POST `
    -WebSession $session `
    -ContentType "application/x-www-form-urlencoded" `
    -Body @{
        username = $jsUsername
        password = $jsPassword
        dst      = $dst
        popup    = "true"
    }

 # Show results
 Write-Host "`n=== Captive Portal Response ===" -ForegroundColor Green
 Write-Host "Status Code : $($authResponse.StatusCode)"
 Write-Host "Final URL   : $($authResponse.BaseResponse.ResponseUri)"
 $snippet = $authResponse.RawContent.Substring(0, [Math]::Min(200, $authResponse.RawContent.Length))
 Write-Host "Body Snippet:`n$snippet…"
diff --git a/autologin.sh b/autologin.sh
 #!/usr/bin/env bash
 #
 # Auto‑login to IUST captive portal using bash + curl
 #

 set -euo pipefail

 # ========= CONFIG =========
 USER=""  # e.g. "student123"
 PASS=""  # e.g. "myp@ssw0rd"
 # ==========================

 # Prompt for missing fields
 if [[ -z "$USER" ]]; then
  read -p "Enter your username: " USER
 fi

 if [[ -z "$PASS" ]]; then
  read -s -p "Enter your password: " PASS
  echo
 fi

 LOGIN_URL="https://login.iust.ac.ir/login.php"

 # Temporary files
 COOKIE_JAR=$(mktemp)
 FIRST_RESP=$(mktemp)
 SECOND_BODY=$(mktemp)

 cleanup() {
  rm -f "$COOKIE_JAR" "$FIRST_RESP" "$SECOND_BODY"
 }
 trap cleanup EXIT

 echo -e "\n[Step 1] Submitting login form…"
 curl -s -L \
  -c "$COOKIE_JAR" \
  -e "$LOGIN_URL" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "dst=status.html&popup=false&username=${USER}&password=${PASS}" \
  "$LOGIN_URL" > "$FIRST_RESP"

 # Extract fields using grep + PCRE
 FORM_ACTION=$(grep -oP '<form[^>]*action="\K[^"]+' "$FIRST_RESP" || echo "")
 DST=$(grep -oP '<input[^>]*name="dst"[^>]*value="\K[^"]+' "$FIRST_RESP" || echo "")
 JS_USER=$(grep -oP "document\.login\.username\.value\s*=\s*'\K[^']+" "$FIRST_RESP" || echo "")
 JS_PASS=$(grep -oP "document\.login\.password\.value\s*=\s*'\K[^']+" "$FIRST_RESP" || echo "")

 echo "→ Form action URL : $FORM_ACTION"
 echo "→ Hidden dst value: $DST"
 echo "→ JS username     : $JS_USER"
 echo "→ JS password hash: $JS_PASS"

 if [[ -z "$FORM_ACTION" || -z "$JS_USER" || -z "$JS_PASS" ]]; then
  echo "✖ Failed to parse response. Aborting."
  exit 1
 fi

 echo -e "\n[Step 2] Sending login to captive portal…"
 HTTP_CODE=$(curl -s -L \
  -b "$COOKIE_JAR" \
  -c "$COOKIE_JAR" \
  -e "$FORM_ACTION" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "username=${JS_USER}&password=${JS_PASS}&dst=${DST}&popup=true" \
  -w "%{http_code}" \
  -o "$SECOND_BODY" \
  "$FORM_ACTION")

 echo -e "\n=== Captive Portal Response ==="
 echo "Status Code : $HTTP_CODE"
 FINAL_URL=$(grep -i '^location:' -m1 "$SECOND_BODY" | sed -E 's/^[Ll]ocation:[[:space:]]*//')
 [[ -n "$FINAL_URL" ]] && echo "Final URL   : $FINAL_URL"
 echo -e "Body Snippet:\n$(head -c 200 "$SECOND_BODY")…"
diff --git a/RunLogin.bat b/RunLogin.bat
 @echo off
 REM -------------------------
 REM Runs IUST captive‑portal login (with creds in script)
 REM -------------------------

 powershell.exe -NoProfile -ExecutionPolicy Bypass -File "%~dp0AutoLogin.ps1"
 pause
diff --git a/WhatIsThis.md b/WhatIsThis.md
	<#
	.SYNOPSIS
	Auto-login to IUST captive portal.

	.DESCRIPTION
	Set your credentials below, or leave blank to be prompted.
	#>

	# ========== CONFIG ==========
	$Username = "" # e.g. "student123"
	$Password = "" # e.g. "pa$$w0rd"
	# ============================

	# Prompt for username/password if empty
	if ([string]::IsNullOrWhiteSpace($Username)) {
	$Username = Read-Host "Enter your username"
	}
	if ([string]::IsNullOrWhiteSpace($Password)) {
	$Secure = Read-Host "Enter your password" -AsSecureString
	$Password = [Runtime.InteropServices.Marshal]::PtrToStringAuto(
	[Runtime.InteropServices.Marshal]::SecureStringToBSTR($Secure)
	)
	}

	# Initialize session
	$session = New-Object Microsoft.PowerShell.Commands.WebRequestSession

	# STEP 1: Submit login.php to get response
	Write-Host "`n[Step 1] Logging in..." -ForegroundColor Cyan
	$response = Invoke-WebRequest -UseBasicParsing -Uri "https://login.iust.ac.ir/login.php" `
	-Method "POST" `
	-WebSession $session `
	-ContentType "application/x-www-form-urlencoded" `
	-Body "dst=status.html&popup=false&username=$Username&password=$Password"

	# Extract values using regex
	$formAction = ""
	$dst = ""
	$jsUsername = ""
	$jsPassword = ""

	if ($response.RawContent -match '<form[^>]*action="([^"]+)"') {
	$formAction = $matches[1]
	}
	if ($response.Content -match '<input[^>]name="dst"[^>]value="([^"]+)"') {
	$dst = $matches[1]
	}
	if ($response.RawContent -match "document\.login\.username\.value\s=\s'([^']+)'") {
	$jsUsername = $matches[1]
	}
	if ($response.RawContent -match "document\.login\.password\.value\s=\s'([^']+)'") {
	$jsPassword = $matches[1]
	}

	Write-Host "→ Form action URL: $formAction"
	Write-Host "→ Hidden dst value: $dst"
	Write-Host "→ JS username: $jsUsername"
	Write-Host "→ JS password hash: $jsPassword"

	# STEP 2: Submit actual login form
	Write-Host "`n[Step 2] Submitting form..." -ForegroundColor Cyan

	$authResponse = Invoke-WebRequest -UseBasicParsing `
	-Uri $formAction `
	-Method POST `
	-WebSession $session `
	-ContentType "application/x-www-form-urlencoded" `
	-Body @{
	username = $jsUsername
	password = $jsPassword
	dst = $dst
	popup = "true"
	}

	# Show results
	Write-Host "`n=== Captive Portal Response ===" -ForegroundColor Green
	Write-Host "Status Code : $($authResponse.StatusCode)"
	Write-Host "Final URL : $($authResponse.BaseResponse.ResponseUri)"
	$snippet = $authResponse.RawContent.Substring(0, [Math]::Min(200, $authResponse.RawContent.Length))
	Write-Host "Body Snippet:`n$snippet…"
	#!/usr/bin/env bash
	#
	# Auto‑login to IUST captive portal using bash + curl
	#

	set -euo pipefail

	# ========= CONFIG =========
	USER="" # e.g. "student123"
	PASS="" # e.g. "myp@ssw0rd"
	# ==========================

	# Prompt for missing fields
	if [[ -z "$USER" ]]; then
	read -p "Enter your username: " USER
	fi

	if [[ -z "$PASS" ]]; then
	read -s -p "Enter your password: " PASS
	echo
	fi

	LOGIN_URL="https://login.iust.ac.ir/login.php"

	# Temporary files
	COOKIE_JAR=$(mktemp)
	FIRST_RESP=$(mktemp)
	SECOND_BODY=$(mktemp)

	cleanup() {
	rm -f "$COOKIE_JAR" "$FIRST_RESP" "$SECOND_BODY"
	}
	trap cleanup EXIT

	echo -e "\n[Step 1] Submitting login form…"
	curl -s -L \
	-c "$COOKIE_JAR" \
	-e "$LOGIN_URL" \
	-H "Content-Type: application/x-www-form-urlencoded" \
	-d "dst=status.html&popup=false&username=${USER}&password=${PASS}" \
	"$LOGIN_URL" > "$FIRST_RESP"

	# Extract fields using grep + PCRE
	FORM_ACTION=$(grep -oP '<form[^>]*action="\K[^"]+' "$FIRST_RESP" \|\| echo "")
	DST=$(grep -oP '<input[^>]name="dst"[^>]value="\K[^"]+' "$FIRST_RESP" \|\| echo "")
	JS_USER=$(grep -oP "document\.login\.username\.value\s=\s'\K[^']+" "$FIRST_RESP" \|\| echo "")
	JS_PASS=$(grep -oP "document\.login\.password\.value\s=\s'\K[^']+" "$FIRST_RESP" \|\| echo "")

	echo "→ Form action URL : $FORM_ACTION"
	echo "→ Hidden dst value: $DST"
	echo "→ JS username : $JS_USER"
	echo "→ JS password hash: $JS_PASS"

	if [[ -z "$FORM_ACTION" \|\| -z "$JS_USER" \|\| -z "$JS_PASS" ]]; then
	echo "✖ Failed to parse response. Aborting."
	exit 1
	fi

	echo -e "\n[Step 2] Sending login to captive portal…"
	HTTP_CODE=$(curl -s -L \
	-b "$COOKIE_JAR" \
	-c "$COOKIE_JAR" \
	-e "$FORM_ACTION" \
	-H "Content-Type: application/x-www-form-urlencoded" \
	-d "username=${JS_USER}&password=${JS_PASS}&dst=${DST}&popup=true" \
	-w "%{http_code}" \
	-o "$SECOND_BODY" \
	"$FORM_ACTION")

	echo -e "\n=== Captive Portal Response ==="
	echo "Status Code : $HTTP_CODE"
	FINAL_URL=$(grep -i '^location:' -m1 "$SECOND_BODY" \| sed -E 's/^[Ll]ocation:[[:space:]]*//')
	[[ -n "$FINAL_URL" ]] && echo "Final URL : $FINAL_URL"
	echo -e "Body Snippet:\n$(head -c 200 "$SECOND_BODY")…"
	@echo off
	REM -------------------------
	REM Runs IUST captive‑portal login (with creds in script)
	REM -------------------------

	powershell.exe -NoProfile -ExecutionPolicy Bypass -File "%~dp0AutoLogin.ps1"
	pause