[C++] How to use my webinteraction library - Programming On Unix

Users browsing this thread: 1 Guest(s)
venam
Administrators
Hello *nixers,
I made a library some times ago that helps do web-interaction in cpp however not a lot of people have used it yet. Thus, I thought about making a little tutorial on how to use it.

My main goal was to make the library looks like the mechanize.Browser() library in python, which is extremely clear and easy to use.

I'll hit two birds with a rock here.
I'll post a python2 mechanize.Browser() tutorial I made and I'll translate it into cpp.

Quote:This is a little tutorial showing an example on how to use the python module mechanize.Browser()

At the end of this tutorial you'll be able to easily exploit a noob forum called lebgeeks.

Let's start.

To use mechanize you'll need to have it installed in the python2 path on your machine.

From here on you can choose to use your preferred IDE, the python interpreter, or bpython2.

Code:
from mechanize import Browser
This will import the Browser we need.

Now let's create the browser instance and set some properties on it.
Code:
br = Browser()
br.set_handle_gzip(True)
br.set_handle_refresh(True)
br.set_handle_robots(False)
br.addheaders = [("User-Agent","Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/17.0 Firefox/17.0")]
br.addheaders = [("Referer","http://lebgeeks.com/forums/register_now.php")]
br.addheaders = [("DNT","1")]
br.addheaders = [("Accept","text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8")]
What happens here is that br becomes the virtual browser we will use to interact with the page.
the handle functions are there to prevent websites from blocking you or from bad redirections.
(The robots.txt on lebgeeks is not set well so we don't really need the set_handle_robots(False))

To have more infos on what you can set up as options for the Browser instance.
Code:
for a in dir(Browser):
    print a
This will output all the functions inside the Browser module.

Now all is left is to interact with the page.
First you'll need to have a little idea on how the website works.
Here lebgeeks register process is badly coded, the random security questions aren't even server based
...they are with the user which can play with them as much as he needs/wants to.
Thus, let's create our own question with our own answer which will always be true no matter what

Code:
br.open("http://lebgeeks.com/forums/register_now.php","token=2&total=5&times=1")
EDIT: This method doesn't work anymore because the admin found out that it was stupid. However he didn't change the questions so it's still fairly easy to bypass them.
I'll introduce you to an easy way of scrapping data from the website.

Code:
br.open("http://lebgeeks.com/forums/register_now.php")
#we have the page opened
import re
first_num  = int(re.findall("\$(.*)\. The bat",br.response().read()))
secd_num = int(re.findall("is \$(.*) more",br.response().read()))
#now we have the two nums we can do the simple maths
sol          = str(int(float(first_num)/2-float(secd_num)/2))
br.select_form(nr=0)
#finally submit the answer
br.form['answer'] = sol
br.submit()
In this method everything is fully automated. (I hope the admin reads this an use better captchas like everyone else)
(or he can use stuffs like that:
'echo "scale=4589; 21*a(1)" |bc -l |openssl md5' =>'c9da1c96eb918a208e92ac8a68c2d172'
'echo "scale=4487; 5*a(1)" |bc -l |openssl sha256' =>'a2e8bd2f77eacff0e3380b33da514e97170c1981ca32fb764ced0fffe56e9bbb'
'echo "scale=4028; 23*a(1)" |bc -l |openssl md5' =>'0b80c65d8872aa500831b026926b0436'
Which obviously rape the processor and make bot creation a pain in the ass for Windows users.
)

We should now be in the "Accept My totalitarian Rules" page, thus we need to post the agree form.
However, for learning purpose we'll fill the form manually.

To checkout what forms are present in a page just type
Code:
for form in br.forms:
    print form

We count the forms from 0.
Here there's only 1 form.
Let's select it.
Code:
br.select_form(nr=0)
...and submit the "accept"
Code:
br.submit(name="agree")

Now we are in the "Fill your personal infos" page.
We are going to post it right away to make it faster.

Code:
br.open("http://lebgeeks.com/forums/register_now.php?action=register","form_sent=1&req_user=randomly_generated_user_here&req_email1=the_spam_email_here@yopmail.com&req_email2=the_spam_email_here@yopmail.com&timezone=2&dst=1&email_setting=1")

Let's make sure the process is finished.
Code:
if "Thank you for registering." in br.response().read():
    print "I was successful at exploiting a noob forum!"

Fabulous, now the account should be created and you can retrieve the password on the email you specified.
yopmail is easy and fast for those kind of things.
You can emulate the sign up process and do a nice simple spamming bot to annoy the admins.

A word to end this tutorial:
I did not cover all of mechanize, nor all of the Browser function but it's a good start for beginners.
Also, let's add that I did not write the whole bot, I leave this for your personal satisfaction.

*Now the same thing but in cpp*

Code:
#include "Browser.hpp"

Now let's create the browser instance and set some properties on it.
Code:
Browser br;
br.set_handle_gzip(true);
br.set_handle_refresh(true);
br.adduseragent("Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/17.0 Firefox/17.0");
br.addheaders("Referer","http://lebgeeks.com/forums/register_now.php");

Now all is left is to interact with the page.
First you'll need to have a little idea on how the website works.
Here lebgeeks register process is badly coded, the random security questions aren't even server based
...they are with the user which can play with them as much as he needs/wants to.
Thus, let's create our own question with our own answer which will always be true no matter what

Code:
br.open("http://lebgeeks.com/forums/register_now.php","token=2&total=5&times=1");
EDIT: This method doesn't work anymore because the administrator found out that it was stupid. However he didn't change the questions so it's still fairly easy to bypass them.
I'll introduce you to an easy way of scrapping data from the website.

Code:
br.open("http://lebgeeks.com/forums/register_now.php")
//we have the page opened
//here you'll have to include a regex lib or do the parsing yourself
//let's imagine we already have some parsing functions
int first_num = parsing1(br.response());
int secd_num = parsing2(br.response());
//now we have the two nums we can do the simple maths
int sol          = int((float)first_num/2-(float)secd_num/2));
//in cpp we don't write nr=
br.select_form(0);
//finally submit the answer
//don't forget the * for the pointer in cpp
*br.form['answer'] = sol;
br.submit();

To checkout what forms are present in a page just type
Code:
for(int i=0;i<br.forms.size();i++)
    std::cout<<br.forms[i];

We count the forms from 0.
Here there's only 1 form.
Let's select it.
Code:
br.select_form(0);
...and submit the "accept"
Code:
*br.form["name"]="agree";
br.submit();

Now we are in the "Fill your personal infos" page.
We are going to post it right away to make it faster.

Code:
br.open("http://lebgeeks.com/forums/register_now.php?action=register","form_sent=1&req_user=randomly_generated_user_here&req_email1=the_spam_email_here@yopmail.com&req_email2=the_spam_email_here@yopmail.com&timezone=2&dst=1&email_setting=1");

Let's make sure the process is finished.
Code:
if (br.inresponse("Thank you for registering."))
    std::cout<<"I was successful at exploiting a noob forum!\n";

A word on those two tutorials:
I didn't test anything that I wrote here. It will not work as intended!
Those were just examples to introduce you on how to use the libraries.

Remember that those examples are only the tip of the iceberg.
See you around folks!
http://www.github.com/venam/Browser