Highlighted
New Member.
250 views

Encrypted Code Genrerated By The Client for the password on Every Request

Hello All,

URL of my application is asking userid and password but while recording it is showing passowrd as decoded . Every time password is changing and i am not able to corelate. Please provide the solution asap - 

web_submit_data("DoRiskLogin", 
        "Action=https://r1sb10.reval.com/itsweb01/core/DoRiskLogin?", 
        "Method=POST", 
        "RecContentType=application/json", 
        "Referer=https://r1sb10.reval.com/itsweb01/core/default_login.aspx", 
        "Snapshot=t6.inf", 
        "Mode=HTTP", 
        ITEMDATA, 
        "Name=_tid", "Value=DlgLogin", ENDITEM, 
        "Name=_rqId", "Value=", ENDITEM, 
        "Name=_opmTriggerId", "Value=NaN", ENDITEM, 
        "Name=_action", "Value=id12", ENDITEM, 

//userid
        "Name=id8", "Value=XYZ", ENDITEM, 

//password
        "Name=id9", "Value=xzctvraerP2Se23r12uvbbcx2__:DlgLogin:41d81d6ab019df05c64c07a02928a41cef102258b9b3b5c7ef8222c661f80fa72374924e96df77adffd6b47a6d215f7e565cca5001c9be5541e282dee4c4d4044acb3e33815e203bb5f605d8b0031b276aac65572390c97cb287a7263d530a7080aa0333c81f3e6a718abfb3d484fbf6499353e007b9774c8368d2b3c8ba5ccc", ENDITEM,
      
                         "Name=Mandant", "Value=", ENDITEM,
        "Name=SiteId", "Value=", ENDITEM, 
        "Name=siteIdhost", "Value=r1sb10.reval.com", ENDITEM, 
        "Name=token", "Value={token}", ENDITEM, 
        LAST);

We are not sure what algorithm third party vendor is using, Is there any way we can resolve this ?

0 Likes
1 Reply
Highlighted
Acclaimed Contributor.. Acclaimed Contributor..
Acclaimed Contributor..

Re: Encrypted Code Genrerated By The Client for the password on Every Request

It looks like that some java script is encrypting your password when you enter it on the form before it gets submitted.

I've once had a comparable issue. I isolated the java script function and ran it with help of lr_js_run(). The java script code stored the value in a LR-parameter that I used in my web_submit_data call.

When you need to script the page of your stakeholder, you might get help from the development organization.

Signature:
Reward community members who take time to respond and help.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.