Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW
 
PerlMonks  

How to Post s Comment in Perl?

by P3kPerl
on Mar 05, 2012 at 16:09 UTC ( #957919=perlquestion: print w/ replies, xml ) Need Help??
P3kPerl has asked for the wisdom of the Perl Monks concerning the following question:

am making a tool that posts text to a website's comment box, but i dont see the comment getting posted, i used Live HTTP to define the headers

my $serv = "http://members.sitegadgets.com/scripts/signbook.cgi"; $get1 = IO::Socket::INET->new( Proto => "tcp", PeerAddr => "$serv", Pe +erPort => "80") || die "They Are Down My Friend"; $data = "sgchecksum=554&username=sony10&1=Perl+Exploit+WORKED+BABE%21& +2=Awesome%40exploit.com&3=Perl+Exploit+WORKED+BABE%21"; $len = length $data; print $get1 "POST /scripts/signbook.cgi HTTP/1.1"; print $get1 "Host: members.sitegadgets.com"; print $get1 "User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; +rv:9.0.1) Gecko/20100101 Firefox/9.0.1"; print $get1 "Accept: text/html,application/xhtml+xml,application/xml;q +=0.9,*/*;q=0.8"; print $get1 "Accept-Language: en-us,en;q=0.5"; print $get1 "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7"; print $get1 "Connection: keep-alive"; print $get1 "Referer: http://members.sitegadgets.com/sony10/signbook.h +tml"; print $get1 "Cookie: __utma=51880117.969742665.1330962869.1330962869.1 +330962869.1; __utmb=51880117; __utmc=51880117; __utmz=51880117.133096 +2869.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)"; print $get1 "Content-Type: application/x-www-form-urlencoded"; print $get1 "Content-Length: ".$len."\n\n"; print $get1 $data; syswrite STDOUT, "+";

Comment on How to Post s Comment in Perl?
Download Code
Re: How to Post s Comment in Perl?
by marto (Chancellor) on Mar 05, 2012 at 16:16 UTC

    Firstly, this is hardly a "Perl Exploit", secondly it seems you're trying to spam someone via one method or another. I for one won't be helping you with that, I'm not sure anyone else will either.

      I could see a valid use for such a script.. An internal website where a status of some operation is posted. It would be handy if you were say, backing up a 3TB database and getting a notification of X many GB successfully written to tape/disk.

      There could be other valid reasons.. but nothing comes to my caffeine addicted brain.

      Jason L. Froebe

      Blog, Tech Blog

        Many of us will have written a program to automate something at one stage, obviously there are valid reasons for doing such things. From the wording of this post I don't think this is one of them.

        Update:

        By this I mean the message text "Perl Exploit WORKED BABE!", the email "Awesome@exploit.com", it just looks typical of (in this case wanna be) script kiddie nonsense.

        Minus the fact that it has "Perl exploit" blatantly included in the POST data.

        Three thousand years of beautiful tradition, from Moses to Sandy Koufax, you're god damn right I'm living in the fucking past

Re: How to Post s Comment in Perl?
by CountZero (Bishop) on Mar 05, 2012 at 16:48 UTC
    I'd suggest you have a look at one of the WWW.Mechanize modules. They allow "higher level" interaction with websites and take care of all the low-level things such as headers and so.

    CountZero

    A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James

    My blog: Imperial Deltronics
      Good work, while you're at it you should visit this page and fill in a message on the guest book, saying you helped some jerk spam their page. While you're at it, there's some pick pockets at the mall who need your help spotting marks.

        If he's smart enough to use WWW::Mechanize successfully, I don't think simply not knowing the name of a module would hold him back for long.

        Aaron B.
        My Woefully Neglected Blog, where I occasionally mention Perl.

        And I am sure you are a great supporter of "security through obfuscation" too.

        CountZero

        A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James

        My blog: Imperial Deltronics
Re: How to Post s Comment in Perl?
by tobyink (Abbot) on Mar 05, 2012 at 20:39 UTC

    The PeerAddr passed to IO::Socket::INET needs to be a host name or IP address. Not a URL.

    But you seem to be using an altogther wrong layer of abstraction. Perl provides tonnes of awesome modules for dealing with HTTP and the Web, so why diddle around with stuff at the TCP/IP level?

    use Web::Magic -sub => 'web'; web('http://members.sitegadgets.com/scripts/signbook.cgi') -> POST({ sgchecksum => 554, username => 'sony10' 1 => 'Perl Exploit WORKED BABE!', 2 => 'Awesome@exploit.com', 3 => 'Perl Exploit WORKED BABE!', }) -> Referer('http://members.sitegadgets.com/sony10/signbook.html') -> User_Agent('Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:9.0.1 +) Gecko/20100101 Firefox/9.0.1') -> assert_success -> assert_type(qw[text/html application/xhtml+xml]) -> do_request;
      Web::Magic, its for trolls and spammers too :p

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://957919]
Approved by ww
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others perusing the Monastery: (14)
As of 2014-09-30 15:38 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    How do you remember the number of days in each month?











    Results (376 votes), past polls