How can I use a regular expression in JavaScript to get a value from page source code from a function tag?

minanageh379 · June 8, 2019, 3:50am

here is the function from the source code

Code:

function dosubmit() { if (getObj("Frm_Username").value == "") { getObj("errmsg").innerHTML = "Username cannot be empty."; getObj("myLayer").style.visibility = "visible" ; return; } else { getObj("LoginId").disabled = true; getObj("Frm_Logintoken").value = "3"; document.fLogin.submit(); } }

i want to get the value of getObj(“Frm_Logintoken”) as i can’t pull the value from #Frm_Logintoken

using

Code:

document.getElementById("#Frm_Logintoken")

this gives me null

because Frm_Logintoken only gets it’s value when i click submit .

Code:

<input type="hidden" name="Frm_Logintoken" id="Frm_Logintoken" value="">

full page code

i found this online

Code:

/getObj("Frm_Logintoken").value = "(.*)";/g

but when i run it … it gives me the same line again ! it’s full code

another regular expression i found but don’t even know how to use it

Quote:Example of a regular expression to search: before_egrep=‘N1:getObj(“Frm_Logintoken”).value = “(\w+)”’

Here, N1 is assigned the value of the back reference - the expression in parentheses. \w + denotes the main compound characters, this is a synonym for “[_[:alnum:]]”. Once again - pay attention to the brackets - this is the back link. At the same time, there are also parentheses in the source code fragment - they need to be escaped
i am trying to make an auto login script that works in the background like it

doesn’t show the user the login form page but the only the page after it

and i have found this code online too but don’t know what’s about it contains xhr .

the line that Attracted my attention is

Code:

/getObj\("Frm_Logintoken"\).value = "(.*)";/g

when i run it … it gives me the line again !

some notes :

i have tried

Code:

document.getElementById("Frm_Logintoken").value

but it gives me empty “”
because

Quote:Frm_Logintoken only gets it’s value when i click submit .

the page will not even accept the correct password if the Frm_Logintoken token value isn’t the same as one in the page.

the Frm_Logintoken is a token generated by the page and it basically increment by one on each successful login.

m_hutley · June 8, 2019, 11:07am

“How do I bypass anti-bot code by using bot code”
mmh yeah. no. I’m not comfortable with what you’re doing.

You’re already halfway there with your first regex, and some more basic string manipulation methods can get you the rest of the way if you look into it.

minanageh379 · June 8, 2019, 12:57pm

“I’m not comfortable with what you’re doing”
it’s an auto login script what’s wrong with it ?
“and some more basic string manipulation methods can get you the rest of the way if you look into it”

i don’t know how : i asked a lot and every where but know one gives me the right answer

minanageh379 · June 8, 2019, 1:26pm

hi mate you are the first one to understand me… i don’t know why the others doesn’t get what i want to do ?
and just suggesting using codes like this

var string = ‘getObj(“Frm_Logintoken”).value = “7”;’;

alert(string.match(/getObj(“Frm_Logintoken”).value = “(.*)”;/)[1])

…
what should my question title be ?
what should i write in the body ?
i am so mad … are they playing dump or something ?
i asked about 3 question on stack over flow about the same subject and still didn’t get a correct answer ?

m_hutley · June 8, 2019, 2:24pm

I understand perfectly what you want to do.

Let me ask this; what website are you trying to do this on?

minanageh379 · June 8, 2019, 2:38pm

my own router

m_hutley · June 8, 2019, 2:40pm

and why do you not just use javascript to… call the dosubmit() function and let the code… do what it’s supposed to?

minanageh379 · June 8, 2019, 2:54pm

i want to make just show the page after the login page directly .

Mittineague · June 8, 2019, 4:15pm

I think you may be attacking the problem from the wrong flank. i.e. from your earlier topic

What does the sever-side code that’s dealing with the transient hash look like?

minanageh379 · June 8, 2019, 4:16pm

no i have already solved that!

minanageh379 · June 9, 2019, 5:27pm

can you take a look on this please ?
javascript - how can i inspect(document.body) in js while loading the page using object? - Stack Overflow

Mittineague · June 9, 2019, 8:45pm

You need to address the CORS issue.

https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy

How to allow cross-origin access

Use CORS to allow cross-origin access. CORS is a part of HTTP that lets servers specify what hosts are permitted to load content from that server.

SamuelCalifornia · June 9, 2019, 8:47pm

I am not sure what you need to do and you are probably not using the best solution. Since you describe your requirements in the context of describing the solution it is difficult to understand the requirements. Beginners often think that regular expressions are the easiest solution then they have problems using regular expressions. See the following.

html - RegEx match open tags except XHTML self-contained tags - Stack Overflow (the answer with more than four thousand votes looks like a mess but that is intentional)
regex - Using regular expressions to parse HTML: why not? - Stack Overflow
php - HTML-parsing regular expression - Stack Overflow

If you can state the requirements clearly without describing how you think it should be done then it is much more likely people will help. If it is a complicated requirement and you can describe it clearly then many people here are likely to enjoy the challenge.

minanageh379 · June 10, 2019, 8:47am

if found where my problem relies … and couldn’t fix it correctly

<head1>
test
</head1>

<body1>    
<object type="text/html" data="http://page/" ></object>
<script>
let str = document.querySelector("body > script")
let pattern =/\bgetObj\("Frm_Logintoken"\)\.value = "([^"]+)";/;
console.log(str.match(pattern)[1]);

</script>
</body1>

the problem here is that the code works on the first page not the requested one .
if it was only possible to change from the top to 192.168.1.2 using code
62138280_1450974295045557_6919843156020166656_n

here is what i want to do in details
i want to make an auto login script in local level with a page that i can’t edit it’s code that have login token !

let’s say my page will be running on 192.168.1.5
and the other page is on 192.168.1.2
so my page should contain a code that is able to request the other page code and login to it .
this the curl login command … if it helps
curl "http://192.168.1.2/" --data "frashnum=&action=login&Frm_Logintoken=24&Username=adm1n&Password=admon"
Here is the source code of the other page.
and the regex that matches the login token
getObj\("Frm_Logintoken"\).value = "(.*)"; console.log(test[1]);
The line that has the login token value is at line 194 exactly
the username input area js path
document.querySelector("#Frm_Username")
the password input area js path
document.querySelector("#Frm_Password")
a function from the other page code that submits the login date
function dosubmit()
i am not really sure if the login needed if i am not using curl
as it’s not a value that the user inputs .
notes
the Frm_Logintiken is a token generated by the page and it basically increment by one on each successful login!
and i can’t use a proxy because mostly this will be local executed code .
i want that script to be able to work on phones browsers too

i hope i cleared this enough

If it is a complicated requirement and you can describe it clearly then many people here are likely to enjoy the challenge

i hope that’s true

m3g4p0p · June 10, 2019, 10:03am

Isn’t that what you were asking about in your other thread that didn’t work either? I’d suggest to tackle one problem at a time, otherwise you won’t even know if the issue is with your current code or the code it depends on…

minanageh379 · June 10, 2019, 10:28am

no it’s not what i were asking !!!
it’s a whole different thing

Mittineague · June 10, 2019, 5:26pm

In that case, unless you can get the script author to edit the file for you, you’re out of luck.

Since this approach is (probably?) a dead-end, I think it would be a good time to back up and rethink. i.e.

What is it about “non-auto login” that is trouble enough to make you want an auto login?

Chances are that others also have trouble with the existing UX and an improvement would be appreciated.

minanageh379 · June 11, 2019, 6:28pm

why out of luck … there is no possible solution ?

Mittineague · June 11, 2019, 7:15pm

(one of) the problem(s) you have is wanting to bypass the Same-origin policy

You can either

host everything on the same origin
change your code to explicitly allow a different origin
petition the other origin to change their code to allow you access

If you can not do any of those, you’re out of luck.
https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy

The same-origin policy is a critical security mechanism that restricts how a document or script loaded from one origin can interact with a resource from another origin. It helps isolate potentially malicious documents, reducing possible attack vectors.

minanageh379 · June 11, 2019, 8:47pm

change your code to explicitly allow a different origin

you mean that code that is i am controlling ?

<object type="text/html" data="http://page/" ></object>
<script>
let str = document.querySelector("body > script")
let pattern =/\bgetObj\("Frm_Logintoken"\)\.value = "([^"]+)";/;
console.log(str.match(pattern)[1]);

without using php ?