Sunday, October 26, 2008

Using Perl Against Facebook - Part I: Login

After a small intervention about the economic crisis, it is time we get back to some hacking. This time we shall use Perl against Facebook, to do anything that Fb will not let us do. In this post I will just show how to login to Facebook. In the next post, I will dump the code on how to update your status.

For the history, Fb has indeed an API for developers that wish to build their application on the Facebook platform. You can start here, but this is not the place for me. The API does give you some choice but it was built with a different view in mind: 3rd party developers accessing peoples' accounts. This is why the API is very restrictive and it makes sense not letting an application do much with your data. There is also a plethora of the so-called Facebook clients, which in the majority are just a wrapper for the Facebook API (like this google code project). In most cases also you get redirected to Facebook pages. Shame..

So long for the Facebook API, let's get down on how to login to Facebook. Of course, language of choice is...what else, Perl (because simple things should be easy, and complex not impossible) In order to login to Facebook we have to follow these steps:

1. Go to 'http://www.facebook.com/login.php', and rest our virtual browser there to collect the cookies (GET request)
2. Visit 'https://login.facebook.com/login.php' with the proper parameters (POST request)
3. If we succeed then we can safely browse to 'http://www.facebook.com/home.php' to get our profile.

To do this we will need the LWP::UserAgent class (de facto in latest Perl distros) that will be our virtual browser. If we want to store the cookies we can use Http::Cookies. We will also need Crypt::SSLeay package so that our agent supports HTTPS. Ok. Let's do this.

Here is the complete code. Explanation follows.

my $email; #stores our mail
my $password; #stores our password
my $user_agent = 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 Firefox/1.5.0.6';


$email = <>; #read the login e-mail

$password=<>; #read the password

chomp($email); #remove last line
chomp($password);

my %postLoginData; #necessary post data for login
$postLoginData{'email')=$email;
$postLoginData{'pass'}=$password;
$postLoginData{'persistent'}=1;
$postLoginData{'login'}='Login';

our $response; #holds the response the HTTP requests
#set the headers, let's make this a Firefox browser!
our @header = ('Referer'=>'http://www.facebook.com', 'User-Agent'=>$user_agent);

our $cookie_jar = HTTP::Cookies->new(file=>'fbkCookies.dat',autosave=>1, ignore_discard=>1);

our $browser = LWP::UserAgent->new; #init browser
$browser->cookie_jar($cookie_jar);

$browser->get('http://www.facebook.com/login.php',@header);

#here we actually login!
$browser->post('https://login.facebook.com/login.php',\%postLoginData,@header);

#was login successful?
if($response->content =~ /Incorrect Email/)
{
print "Login Failed...Quitting..\n";
}
else {
print "..and we are in!";
#let's go to the homepage
$response = $browser->get('http://www.facebook.com/home.php',@header);
}

Upon execution of the script we either get a Login Failure error or a message of success. In the subsequent article we will move on to how to get and set the Facebook status. Stay around because this will get more interesting. The final Perl script has about 500 lines of code and can send messages, retrieve inbox and chat among others!