CURL on Dell support website - access denied

1k views Asked by At

I am trying to reach dell support website to be able to check server's warranty from the terminal.

I have found this link for curl, but it returns me access denied error.

curl https://www.dell.com/support/home/uk/en/ukdhs1/product-support/servicetag/$(dmidecode -s system-serial-number)/warranty?ref=captchasuccess

Output:

<HTML><HEAD>
<TITLE>Access Denied</TITLE>
</HEAD><BODY>
<H1>Access Denied</H1>

You don't have permission to access "http&#58;&#47;&#47;www&#46;dell&#46;com&#47;support&#47;home&#47;en&#47;en&#47;ukdhs1&#47;product&#45;support&#47;servicetag&#47;XXXXXX&#47;warranty&#63;" on this server.<P>
Reference&#32;&#35;18&#46;3fd86b68&#46;1653307511&#46;316d4d5
</BODY>
</HTML>

I have tried many similar links and different machines, the output seems to be always same.

Does anybody have an idea how to be able to access Dell support page via curl,wget, or similar command?

I am able to check warranty manually via browser.

I can go to https://www.dell.com/support/home/en-us and put serial number in "identify my product" tab. after clicking "view details", I can see the warranty expiration.

EDIT:

Curl is now working:

curl --header 'user-agent: Chrome/1337' https://www.dell.com/support/home/sk-sk/product-support/servicetag/<serial-number-here>/overview

or

curl --header 'user-agent: Chrome/1337' https://www.dell.com/support/home/uk/en/ukdhs1/product-support/servicetag/$(dmidecode -s system-serial-number)/warranty

The another problem is that output of this curl is:

  <!DOCTYPE html>
      <html>
      <head>
        <meta charset="utf-8">
        <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
        <title>Challenge Validation</title>
        <link rel="stylesheet" type="text/css" href="/_sec/cp_challenge/sec-3-6.css">
        <script type="text/javascript">function cp_clge_done(){location.reload(true);}</script>
        <script src="/_sec/cp_challenge/sec-cpt-int-3-6.js" async defer></script>
        <script type="text/javascript">sessionStorage.setItem('data-duration', 30);</script>
      </head>
      <body>
        <div class="sec-container">
          <div id="sec-text-container"><iframe id="sec-text-if" class="custmsg" src="/_sec/cca/esupp/index.htm"></iframe></div>
          <div id="sec-if-container">
            <iframe id="sec-cpt-if" class="crypto" data-key="" data-duration=30 src="/_sec/cp_challenge/ak-challenge-3-6.htm"></iframe>
          </div>
        </div>
      </body>
    </html>

I have tried to check it via web browser and to pass that challenge validation I had to wait up to 30 seconds, and then I was redirected to the desired page.

Is it possible to somehow setup curl or wget to actively display the webpage content for like 40 seconds ? Or do I have to to rather use elinks to achieve this goal ? And does elinks have an option to customize header with user-agent parameter?

EDIT2:

I have tried to install elinks and created ~/elinks/elinks.conf with this content:

set protocol.http.user_agent = "Chrome/1337"

But it again I get output access denied, most likely because the user agent header is not the last header

1

There are 1 answers

5
hanshenrik On

that's a really strange server... 3 issues here,

#1: they run on a user-agent whitelist, and curl is not on their whitelist. you can use the custom user-agent chrome/1337 to pass their useragent whitelist (and just saying "chrome" doesn't cut it, it must be chrome/A-NUMBER, but that number can be fake, it doesn't have to be a real chrome release number)

#2: that broken server only accepts requests where the very last http header is the User-Agent header. unfortunately for you, curl by default sends the Accept: */*-header as the very last header, with the user-agent header being the second-to-last-header this means that you can't use the --user-agent switch to get past the agent whitelist either, you must add the user-agent header with the --header arguments (which puts the header last, fortunately for you)

#3: that url ?ref=captchasuccess probably means that this is a redirect AFTER completing a captcha, meaning the captcha-completed data is part of your cookie session, which means you'll probably have to clear a captcha, then copy your cookie session to curl, then run the request..

anyway, for the user-agent issue, try

curl --header 'user-agent: Chrome/1337' https://www.dell.com/support/home/uk/en/ukdhs1/product-support/servicetag/$(dmidecode -s system-serial-number)/warranty?ref=captchasuccess