Skip to content

Wordpress new activation

Hello

Sven i need your help

I 'm working on new engine with wordpress activation. I need to register account on wordpress, extract neccesary data from email then go to activation link and choose my password.

I got a email after registration:
"Username: piotra6779
To set your password, visit the following address:

<http://www.paoloprovinciali.com/wp-login.php?action=rp&key=VqOCkqoaJVsfsWfKjyZc&login=piotra6779>

http://www.paoloprovinciali.com/wp-login.php"


So i did:

extract from email=logpw,keypw

[logpw]
type=extract
front=:
back=\n

[keypw]
type=extract
front=key=
back=&


Registration step works fine, but i have problem with this link: ( i need to open it , and then type password)
http://www.paoloprovinciali.com/wp-login.php?action=rp&key=VqOCkqoaJVsfsWfKjyZc&login=piotra6779


I'm trying with this:
[LOGIN_STEP1]
modify url=%targethost%/wp-login.php?action=rp&key=%keypw%&login=%logpw%
pass1=%password%


---
[keypw] - correct extraction
[logpw] - correct extraction


But in Debug mode that I get this:
GET http://www.soitgrows.com/wp-login.php?action=lostpassword&error=invalidkey <- in [LOGIN_STEP1]



I have no idea how to open this link correctly

Comments

  • SvenSven www.GSA-Online.de
    you have to make sure that the following is under [setup]...

    extract from email=keypw,logpw

    else the data will not be extracted.
  • I have experience in creating engines - i am not newbie.

    now i try something else:
    [keypw]
    type=extract
    front=<
    back=>

    and correctly extract link: http://www.paoloprovinciali.com/wp-login.php?action=rp&key=VqOCkqoaJVsfsWfKjyZc&login=piotra6779
    But now in [LOGIN_STEP1]
    modify url=%keypw%


    and i got errot in debug mode :
    http://www.soitgrows.com/wp-login.php?action=lostpassword&error=invalidkey

    SER need to chamnge something with extracted url... I'm working on whis about few hours without success.
  • SvenSven www.GSA-Online.de
    Even though you are no "newibe" and on the risk pointing something "stupid" out...

    [REGISTER_STEP1]

    verify by=extractemail << You have to use this one here as the "verify by=email" would extract the links and open them as well. Then the link would be used and an invalid link would be forwareded to if you use the same url again.
  • [setup]
    enabled=1
    default checked=0

    engine type=private
    description=wordpress
    dofollow=1
    anchor text=1
    creates own page=1
    uses pages=0

    extract from email=logpw,passpw,keypw

    [logpw]
    type=extract
    front=:
    back=\n

    [passpw]
    type=extract
    front1=:
    front2=:
    back1=\n
    back2=\n

    [keypw]
    type=extract
    front=<
    back=>


    [artykul]
    type=memo
    allow html=1
    must be filled=1


    [loginn]
    type=text
    must be filled=1

    [Your E-Mail]
    type=email
    static=1

    [hasloo]
    type=text
    must be filled=1

    [numerid]
    type=extract
    front=<input type="hidden" name="checkuser_id" value="
    back="



    [REGISTER_STEP1]
    modify url=/wp-login.php?action=register


    verify submission=1
    verify by=extractemail
    verify interval=1
    verify timeout=60
    first verify=2
    verify on unknown status=1

    user_login=%loginn%
    user_email=%your e-mail%
    captcha=%captcha%
    captcha_code=%captcha%
    captcha_challenge_field=%captcha%
    register_captcha_field=%captcha%
    cptch_number=%captcha%
    recaptcha_response_field=%captcha%
    crcc_security_code=%captcha%




    [LOGIN_STEP1]

    modify url=%keypw%
    pass1=%hasloo%




    in login_step1 : SER dont open this:
     http://www.paoloprovinciali.com/wp-login.php?action=rp&key=VqOCkqoaJVsfsWfKjyZc&login=piotra6779

    but i get this:
    http://www.soitgrows.com/wp-login.php?action=lostpassword&error=invalidkey




    Anyone SER's user don't want to have succesful registration on wordpress ? 80% of blogs now using this method of activating accounts.


  • SvenSven www.GSA-Online.de
    edited September 2016
    you better do this instead...

    [setup]
    extract from email=activate_link

    [activate_link]
    type=extract
    find url=*action=rp&key=*
    default=/wp-login.php
    static=2

    ...
    [login_step1]
    modify url=%activate_link%
    just download=1

    [login_step2]
    ...

  • image



    maybe there is a something like antispam security, and SER won't pass new wordpress activation method.
  • SvenSven www.GSA-Online.de
    well on that debug output you get that GET url after redirects...SER might have called the correct url but got redirected.
    you might want to try WireShark and see what goes wrong here.
  • i get url which says that something in activation link is wrong. When i manulally try to change 1 letter in activation link I 'm getting this : wp-login.php?action=lostpassword&error=invalidkey.


    Tommorow I will look what wireshark says.

    This situation shows that anyone don't use wordpress nowadays..
  • edited September 2016
    yes I see there is a problem with cookie,
    I need to set cookie in LOGIN_STEP2
     wp-resetpass-153c1afca14940a360828a2399ca655f=piotra6726%3A9T2avFumElrSnImAwJZm

    I have big problem with extract this: 153c1afca14940a360828a2399ca655f in LOGIN_STEP1


    [wpcookie]
    type=extract
    front=wp-resetpass-
    back==

    set cookie= wp-resetpass-%wpcookie%=%username%%3A%keypw%

    in debug mode i'm getting:

    wp-resetpass-=piotra67793A%VqOCkqoaJVsfsWfKjyZc



    I need extract correctly name of cookie. ( just this 153c1afca14940a360828a2399ca655f)

  • SvenSven www.GSA-Online.de
    and wpcookie is visible on what page?
  • [LOGIN_STEP1]
    modiify url=%activation_link%
    just download=1
    there is a wp-resetpass cookie

    [LOGIN_STEP2]
    set cookie...
    ...
    ...


    But I think that SER won't pass this new wordpress activation method. So don't waste time for this. Thanks for help!

  • SvenSven www.GSA-Online.de
    modiify url << spell error ;)
  • Sven if you want when you find some free time, try to make engine which just register and login on new wordpress sites. Address:
    http://www.paoloprovinciali.com/wp-login.php

    Then you can update wordpress engine in SER:)


Sign In or Register to comment.