Want more features on Pastebin? Sign Up, it's FREE!
Guest

Hacking M1 SMS Captcha using Free Internet Services

By: milo2012 on Feb 8th, 2012  |  syntax: Python  |  size: 4.67 KB  |  views: 562  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. from os import popen, system
  2. from urllib import urlencode
  3. from urllib2 import urlopen, Request
  4. import mechanize
  5. import cookielib
  6. from BeautifulSoup import BeautifulSoup
  7. import sys, getopt
  8.  
  9. def sendsms():
  10.         #You will need to fill in field_from, field_contactno and field_msg"
  11.         global field_from
  12.         global field_contactno
  13.         global field_msg
  14.  
  15.         field_counter = 150-len(field_msg)
  16.  
  17.         # Extract the JSessionID from the cookie by loading the below page
  18.         URL_BASE='http://msgctr.m1.com.sg/guest/'
  19.         set_cookie = urlopen(URL_BASE).headers.getheader("Set-Cookie")
  20.         sess_id = set_cookie[set_cookie.index("=")+1:set_cookie.index(";")]
  21.  
  22.         # Construct headers dictionary using the JSESSIONID
  23.         headers = {'User-Agent':'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:10.0) Gecko/20100101 Firefox/10.0',
  24.         'Host':'msgctr.m1.com.sg',
  25.         'Accept':'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
  26.         'Accept-Language':'en-us,en;q=0.5',
  27.         'Accept-Encoding':'gzip,deflate',
  28.         'Accept-Charset':'ISO-8859-1,utf-8;q=0.7,*;q=0.7','Cookie':'JSESSIONID='+sess_id}
  29.  
  30.         # Extract the location for the captcha image
  31.         text = (urlopen(Request(URL_BASE+"index.jsp",headers=headers)).read())
  32.         for line in text.split("\n"):
  33.                 if "/guest/captcha.jpg" in line:
  34.                         line = (line.replace('<img src="','')).strip()
  35.                         position = line.find('"')
  36.                         captchaText = line[1:position].strip("guest/")
  37.                         sessionID = captchaText.strip("captcha.jpg?session=")  
  38.                                        
  39.         # Save the captcha image to local disk
  40.         localFile = open('img.jpg', 'wb')
  41.         localFile.write(urlopen(Request(URL_BASE+captchaText,headers=headers)).read())
  42.         localFile.close()
  43.  
  44.         # Use the function at myfonts.com to decode the captcha
  45.         br = mechanize.Browser()
  46.                
  47.         # Set the mechanize handle options
  48.         br.set_handle_redirect(True)
  49.         br.set_handle_robots(False)
  50.                
  51.         # Load the website
  52.         r = br.open('http://new.myfonts.com/WhatTheFont')
  53.         html = r.read()
  54.  
  55.         # Upload the captcha image     
  56.         br.select_form(nr=1)
  57.         filename='img.jpg'
  58.         br.form.add_file(open(filename,"rb"),'image/jpeg',filename,name='userfile')
  59.         br.submit()
  60.  
  61.         soup = BeautifulSoup(br.response().read())
  62.  
  63.         #Extract the captcha results
  64.         captcha1 = soup.find('input', id='wtfchar0')
  65.         captcha2 = soup.find('input', id='wtfchar1')
  66.         captcha3 = soup.find('input', id='wtfchar2')
  67.  
  68.         if(captcha1!="" and captcha2!="" and captcha3!=""):
  69.                 result = (str(captcha1['value'])+str(captcha2['value'])+str(captcha3['value'])).upper()
  70.                                        
  71.                 # Encode POST parameters for the capcha page
  72.                 data = urlencode( {"from":field_from,"locale":"en",
  73.                         "msisdn":field_contactno,"msg":field_msg,
  74.                         "counter":field_counter,"sessionid":sessionID,"code":result} )
  75.                        
  76.                 # Construct headers dictionary using the JSESSIONID
  77.                 headers = {'User-Agent':'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:10.0) Gecko/20100101 Firefox/10.0',
  78.                 'Host':'msgctr.m1.com.sg',
  79.                 'Accept':'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
  80.                 'Referer':'http://msgctr.m1.com.sg/guest/index.jsp',
  81.                 'Content-Type':'application/x-www-form-urlencoded',
  82.                 'Accept-Language':'en-us,en;q=0.5',
  83.                 'Accept-Encoding':'gzip,deflate',
  84.                 'Accept-Charset':'ISO-8859-1,utf-8;q=0.7,*;q=0.7','Cookie':'JSESSIONID='+sess_id}
  85.                                        
  86.                 # Submit the form
  87.                 POST_URL = "http://msgctr.m1.com.sg/guest/processMessage.jsp?msisdn="+str(field_contactno.strip())
  88.                 postOutput = urlopen(Request(POST_URL,headers=headers),data).read()
  89.                 if "notice=thankyou" in postOutput:
  90.                         print "SMS sent"
  91.                 else:
  92.                         print "Cannot read captcha.  Please retry"
  93.         else:
  94.                 print "Cannot read captcha.  Please retry"
  95.                
  96. def printSyntax():
  97.         """Print application syntax."""
  98.  
  99.         print "\nUsage:"
  100.         print "------------------------------"
  101.         print "python  "+str(__file__)+" OPTIONS"
  102.  
  103.         print "\nValid OPTIONS are:"
  104.         print "------------------------------"
  105.         print "  -m <message>                   Specify the sms message to be sent"
  106.         print "  -f <name>                      Specify the sender's name"                  
  107.         print "  -t <mobile number>             Specify the M1 mobile number"
  108.  
  109.         print "\nContact:"
  110.         print "------------------------------"
  111.  
  112.         print "[Web]           http://milo2012.wordpress.com"
  113.         print "[Mail/Google+]  keith.lee2012@gmail.com"
  114.         print "[twitter]       @keith55"
  115.  
  116.        
  117. def main():
  118.  
  119.         global field_from
  120.         global field_contactno
  121.         global field_msg
  122.        
  123.         field_msg = None
  124.         field_contactno = None
  125.         field_from = None
  126.        
  127.         if len (sys.argv) < 6:
  128.                 printSyntax()
  129.                 sys.exit(1)    
  130.         else:
  131.                 try:
  132.                         opts, args = getopt.getopt (sys.argv[1:], "m:f:t:")
  133.                 except:
  134.                         printSyntax()
  135.                         sys.exit(1)
  136.        
  137.                 for opt, arg in opts:
  138.                         if opt == '-m':
  139.                                 field_msg= arg
  140.                         elif opt == '-f':
  141.                                 field_from = arg
  142.                         elif opt == '-t':
  143.                                 field_contactno = arg          
  144.                 sendsms()
  145.  
  146. if __name__ == "__main__":
  147.     main()
clone this paste RAW Paste Data