Help with discovering a private API

palanore1

Registered Member
Feb 12, 2024
60
20
I am trying to discover the API of a dating app that I am working on automating some services for a client of mine. Managed to make lots of successful requests myself, but when it comes to making the login, I have some trouble in getting the right response back. Problem is I send the login POST request exactly like it is sent from the browser, except the cookies, and I get a HTML page as response from Cloud Flare that is supposed to load those cookies I think if I would've been using a browser to make the login.
I am really having lots of trouble getting past this, I don't think it should be too difficult but I m not the best at reverse engineering APIs and I would be extremely thankful for any help I can get.

Thanks
 
Had the same problem and same situation and I gave up on the site an year ago but don't give up.
When I was doing this all I figured out before giving up is you need to use clohdflare cookies which aren't used before.
Like the cookies being used in browser won't work in python or js or any other requests.
Good luck with that.
 
Had the same problem and same situation and I gave up on the site an year ago but don't give up.
When I was doing this all I figured out before giving up is you need to use clohdflare cookies which aren't used before.
Like the cookies being used in browser won't work in python or js or any other requests.
Good luck with that.
What u just said sounds really interesting regarding not being able to reuse the cookies. Did u solve this problem? Were you finally able to make the other call to retrieve the correct cookies for the login request to work? or was there another way to do this ?
 
What u just said sounds really interesting regarding not being able to reuse the cookies. Did u solve this problem? Were you finally able to make the other call to retrieve the correct cookies for the login request to work? or was there another way to do this ?
It was a client project and I had to give on API and used just a browser automation and it was enough for me in that case since I needed only some data.
Good luck with your research and let me know if you find something interesting!
 
If the cookies are set by the server and sent back to the client, it should be in the HTTP headers.

If it's set by the client, there's a developer tools panel in Chrome that tells you what the cookies are. Ctrl+Shift+J -> Application -> Cookies.
 
@palanore1 I haven't tried that but I think there are services which can solve cloud flare and provide you cf token or cookies that you can send in your request and may be it will work.
I haven't tried this though but you can give it a try.
 
Back
Top
AdBlock Detected

We get it, advertisements are annoying!

Sure, ad-blocking software does a great job at blocking ads, but it also blocks useful features and essential functions on BlackHatWorld and other forums. These functions are unrelated to ads, such as internal links and images. For the best site experience please disable your AdBlocker.

I've Disabled AdBlock