The Cache: Technology Expert's Forum
 
*
Welcome, Guest. Please login or register. September 22, 2019, 11:58:01 PM

Login with username, password and session length


Pages: [1]
  Print  
Author Topic: multipart form curl problem - can't find answer anywhere  (Read 2900 times)
timjohn
Rookie
**
Offline Offline

Posts: 15


View Profile
« on: July 11, 2007, 11:14:41 AM »

i am trying to build a simple little guestbook spammer for a few different formats. i wasn't able to find the source code for DITY v2 and i don't want to spend $450 on xrumer, so i am trying to build a couple of scripts that can spam a few thousand links for me.

one of the most popular gb's is Advanced Guestbook 2.3.1, though I am having a hard time getting my posts up on a lot of these gb's. my script parses out all of the form fields, but the problem i am running into is that most of these gb's have multipart forms. my script returns a "successful" post, according to whatever gb i am posting to, but nothing is posted up. i tried crypt's workaround with the header augmentation in my curl parameters, no dice. i read about curl and multipart forms to upload non text files, but none of that was really applicable.

i feel like i am banging my head against the wall. i am using a modified bot class from someone else. it always works great with non multipart forms. here is my script:

Code:
<?php
secondguestbook
($url$name$email$message$my_url);

function 
secondguestbook($url$name$email$message$my_url){

  require(
'bot.php');
  
$bot = new Bot;

  
$page $bot -> get($url);
  
preg_match('/name="gb_action" value="(.+?)"/'$page$match);
  
$submit $match[1];
  
$array = array();
  
  
preg_match_all('/<(?:input|textarea).*name="(.+?)"/'$page$matches);
  
$matches $matches[1];

  foreach (
$matches as $match){
    if (
preg_match('/.*name.*/'$match)){
      
//echo "$match = $name<br />"
      
$array[$match] = $name;
    }elseif (
preg_match('/.*email.*/'$match)){
      
//echo "$match = $email<br />";
      
$array[$match] = "$name@$email";
    }elseif (
preg_match('/.*url.*/'$match)){
      
//echo "$match = $my_url<br />";
      
$array[$match] = $my_url;
    }elseif (
preg_match('/.*comment.*/'$match) or preg_match('/.*message.*/'$match)){
      
//echo "$match = $message<br />";
      
$array[$match] = $message;
    }elseif (
preg_match('/.*action.*/'$match)){
      
//echo "$match = $submit<br />";
      
$array[$match] = $submit;
    }else{
      
//echo "$match = no fucking idea yo<br />";
      
$array[$match] = "";
    }
  }

  foreach (
$array as $key => $field){
    echo 
"$key = $field<br />";
  }



  
$result $bot -> post($url$array);

  
var_dump($result);

}
?>

Code:
<?php


######################################
###########   Bot Class   ############
######################################

if ( !class_exists"Bot" ) ) { 
class Bot{


//setup the curl session
function setup()
{
      
$cookieJar '/cookie.txt';
      
$userAgent 'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.1.4) Gecko/20070515 Firefox/2.0.0.4';
      if (
$cookieJar != ''){
        if (
substr(PHP_OS03) == 'WIN'){
          
$cookieJar str_replace('\\','/'getcwd().'/'.$cookieJar);
            } 
          }
          
      
//$proxy = array();
curl_setopt($this->curl,CURLOPT_COOKIEJAR$cookieJar); 
curl_setopt($this->curl,CURLOPT_COOKIEFILE$cookieJar);
//curl_setopt($this->curl,CURLOPT_PROXY, $proxy['']);
//curl_setopt($this->curl, CURLOPT_HTTPHEADER, array('Expect:'));
curl_setopt($this->curl,CURLOPT_USERAGENT$userAgent);
curl_setopt($this->curl,CURLOPT_AUTOREFERER,true);
curl_setopt($this->curl,CURLOPT_FOLLOWLOCATION,true);
curl_setopt($this->curl,CURLOPT_RETURNTRANSFERtrue);
}

//get a webpage with curl
function get($url)

$this->curl curl_init($url);
$this->setup();
return $this->request();
}

//post to a form using curl
function post($url,$vars)
{
$this->curl curl_init($url);
$this->setup();
$data '';
foreach($vars as $name=>$var)
{
$name urlencode($name);
$var =  urlencode($var);
$data .= "$name=$var&";
}
$data substr($data,0,-1);
curl_setopt($this->curlCURLOPT_POST,true);
        curl_setopt($this->curlCURLOPT_POSTFIELDS$data);
return $this->request();
}

//scrape one result
function getVal($reg,$str,$debug false)

preg_match($reg,$str,$matches);
if($debug)
print_r($matches);
return $matches[1];
}

//scrape muliple results
function getAll($reg,$str)
{
preg_match_all($reg,$str,$matches);
return $matches[1];
}

//linkseries
function linkseries($link,$callback,$range,$subrange,$data null)

$parts explode('-',$range);
$start $parts[0];
$end $parts[1];
$subparts explode('-',$subrange);
$substart $subparts[0];
$subend $subparts[1];

for($i $start;$i<=$end;$i++)

for($j $substart;$j<=$subend;$j++)
{
$lnk str_replace(array('{1}','{2}'),array($i,$j),$link);
eval($callback."('$lnk');");
}
}
}

//execute the curl session
function request()
{
return curl_exec($this->curl);
}


}
}


?>

like i said, the gb is replying back as if a successful post was made, but none of the posts are actually sticking. does anyone know what the hell i am doing wrong? if not, can someone point me in the direction of DITY 2.0 so i can mod that and actually have a gb spammer?

thanks in advance,

timjohn
Logged

No links in signatures please
timjohn
Rookie
**
Offline Offline

Posts: 15


View Profile
« Reply #1 on: July 11, 2007, 07:55:14 PM »

i realize that i am still working in a sloppy manner. for example, i have 2 functions in this bot class that use the preg suite for regex matches, yet i am making preg_match calls in the script that has already created a new bot object.

i need to put my nose back to grinding wheel and STFU.

that being said, i haven't figured this out yet. perseverance is key though.

after all, this is probably the easiest multipart form i will have to deal with - a lot harder than logging into yahoo for example.

anyway, back to work, i will come back after i D'oh! and  Nerd and then  Idea....

timjohn 
Logged

No links in signatures please
Pages: [1]
  Print  
 
Jump to:  

Perkiset's Place Home   Best of The Cache   phpMyIDE: MySQL Stored Procedures, Functions & Triggers
Politics @ Perkiset's   Pinkhat's Perspective   
cache
mart
coder
programmers
ajax
php
javascript
Powered by MySQL Powered by PHP Powered by SMF 1.1.2 | SMF © 2006-2007, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks


Valid XHTML 1.0! Valid CSS!