0

I'm having an internal .NET web service which I try to access from the public network.

If using a browser, a user may enter login and passwd in a form on the Citrix NetScaler custom page and after the form is submitted, the browsing continues and the web service endpoint is working with no issues.

I don't know anything about Citrix NetScaler, but by checking the network calls in the browser's dev tools, I was able to get to the web service by using PowerShell and the a Microsoft.PowerShell.Commands.WebRequestSession object:

$session = New-Object Microsoft.PowerShell.Commands.WebRequestSession

$cookie = New-Object System.Net.Cookie 
$cookie.Name = "NSC_TASS"
$cookie.Value = "https://REST_SERVICE_DOMAIN/api/"
$cookie.Domain = "CITRIX_NETSCALER_DOMAIN.com"
$session.Cookies.Add($cookie);

$response = Invoke-WebRequest -Uri "https://CITRIX_NETSCALER_DOMAIN/cgi/login" `
    -Method "POST" `
    -Headers @{"Content-Type"="application/x-www-form-urlencoded"} `
    -Body "login=URL_ENCODED_EMAIL&passwd=URLENCODED_PASSWORD" `
    -WebSession $session

Is there a way to login by not using PowerShell's Microsoft.PowerShell.Commands.WebRequestSession object? Do I use the right endpoint?

EDIT: I'm looking for a solution which doesn't involve PowerShell, but it only relies on HTTP headers and cookies

Alex Filipovici
  • 31,789
  • 6
  • 54
  • 78

1 Answers1

0

I think you may be able to do -SessionVariable with Invoke-WebRequest, and then append the cookies a similar way.

Invoke-WebRequest https://CITRIX_NETSCALER_DOMAIN/cgi/login -SessionVariable session
...
$session.Cookies.Add($cookie);
apollosoftware.org
  • 12,161
  • 4
  • 48
  • 69
  • 1
    Thanks, I'm looking for a solution which doesn't involve PowerShell, but it only relies on HTTP headers and cookies. Will update my question. – Alex Filipovici Dec 19 '20 at 10:54
  • You could use vbscript, or write a c# command line app that uses similar libraries. I'm sure GitHub has some good sample frameworks. – apollosoftware.org Dec 22 '20 at 16:27