i personally use many techniques too login directly into joomla admin panel. however the came back value is same az the login page. even if the password are correct.
WebClient Client = new WebClient() System.Collections.Specialized.NameValueCollection Collection = new System.Collections.Specialized.NameValueCollection() Collection.Add("username", "--my username--") Collection.Add("passwd", "--my password--") Collection.Add("option", "com_login") Colletion.Add("e0484cdc56d8ccc42187d26a813324ba", "1") Collection.Add("lang", "") Client.Proxy = null byte res = Client.UploadValues( "http://127...1/administrator/index.php", "Publish", Collection) textBox1.Text = Encoding.UTF8.GetString(res, , res.Length)
the issue is with this particular line:
that is joomla's CSRF anti-spoofing token. Joomla! tries to safeguard againt CSRF by placing a this token into each Publish form and every GET query string that's in a position to modify something within the Joomla! system. This random string provides protection because besides the jeopardized site have to know the Link to the prospective site along with a valid request format for that target site, additionally, it have to know the random string which changes for every session and every user.
To be able to sent a proper token together with your login request you'd need to:
- First of all request a proper log-in form by GET while using "Client object" request
- Retrieve the token with regex
- Send the log-in request using the token
Best Of Luck
EDIT: For your "collection" add yet another param: