I'm trying to login to this page using curl. The page uses authentication via html forms so http auth using curl --user name:password is not working in this case. I've found this post where is mentioned that one should search for action= attribute under <form> to obtain correct address where to send data. The snippet from mentioned page looks following:

<form id="si_signinform" name="signinform" method="post" action="https://www.criticker.com/authenticate.php">

<input class="si_input" name="si_username" id="si_input_uname" value="" autocapitalize="none" type="text">

<input class="si_input" name="si_password" id="si_input_pswd" value="" type="password">

<input name="goto" value="https://www.criticker.com/signout.php" type="hidden">

<p id="submit"><input id="si_submit" name="si" value="Go" type="submit"></p>

I've also find this post which says that some attributes might be hidden when the are send to server (seems that this is my case because of "goto" and "si" parameters as shown on screenshots)

So here are steps I did:

1. I've logged to page via Firefox
2. I've check HTTP parameters via Developer Tools (see screenshots)
3. I've issued following curl command to login curl -L -X POST -F 'si_uername=wakatana' -F 'si_password=$PASWORD' -F 'goto=https://www.criticker.com/signout.php' -F 'si=Go' -c cookiefile.txt http://www.criticker.com/authenticate.php
4. Then I've issued following curl command to check whether I'm logged successfully curl -L -b cookiefile.txt https://www.criticker.com/

When I login from Firefox I can see my username in upper right of page. But when I issue one of the curl commands and grep the returned content for username there is no such string. Based on this I deduce that authentication was not successful. But when login via Firefox and use "Copy as cURL" function as stated here I got this:

curl "https://www.criticker.com/" -H "Host: www.criticker.com" -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" -H "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8" -H "Accept-Language: en-US,en;q=0.5" --compressed -H "Referer: https://www.criticker.com/signin.php" -H "Cookie: PHPSESSID=SOME_VALUES_GOES_HERE; gid2=SOME_VALUES_GOES_HERE; uid2=SOME_VALUES_GOES_HERE -H "Connection: keep-alive" -H "Upgrade-Insecure-Requests: 1" -H "DNT: 1"

and it works. The problem is that I need to first login wit Firefox and then issue curl.

How can I use curl to login to page which is using forms? Please note I'm looking for some general hints which I can apply to any page (e.g. using proxy, sniffers etc.). I'm not primary interested in this site (but I'm interesting why the curl commands does not work). It is just example which uses form for authentication, if there is some playground for testing such curl commands please let me know. Thank you

Your cURL command is incorrect. Typo in si_username and missing the S in https for the authentication page. Also, in the "goto" you are putting the singout page instead of the main page (or some other page).

Try with:

curl -L -F 'si_username=name' -F 'si_password=xxx' -F 'goto=https://www.criticker.com/' -F 'si=Go' -c cookiefile.txt https://www.criticker.com/authenticate.php

You may not even need the goto and Go fields:

curl -L -F 'si_username=name' -F 'si_password=xxx' -c cookiefile.txt https://www.criticker.com/authenticate.php