Thursday, June 11, 2009

Small hack to send free sms, totally in bash...

Let's start with my first real post. I'll present you the power of curl. As you probably know, curl is "A Client that groks URLs". For this example, I will use a website that provides SMS service for free.

I was kind of pissed of to have to login every time I wanted to send an SMS/MMS... Well, it takes around 40-50 seconds to enter the login, password, then write the message, enter the phone number of the friend and ship it... If you do it, let's say 10 times daily, it's around 10 minutes that are completely lost. Thus, I decided to a shell script that automatizes this, and launch the script from my shell.

First, let's see how it works:

$ sms sab "Hi :)"
Remaining SMS: 481

$ sms 0794046789 "Hi man, I'm sending you an SMS from my box :)"
Remaining SMS: 480

As you can see, it acceps both names & numbers.

First, in a file called contact.txt I write all the contacts I wish to have the number, the name and the number are separated by a TAB :
$ cat contact.txt
toufic 0793023393
eric 0783034336
sab 0773346337
guigui 0768228392

Then, it becomes extremely easy to get the number if it exists in this file:

NUMBER=`cat $CONTACT | grep $1 | awk -F"\t" '{print $2}'`
if [ ! -n "$NUMBER" ]

Now that we have the number, we can do some processing on the number and the message

PREFIX=`echo ${NUMBER:0:3}`
SURNUMBER=`echo ${NUMBER:3:10}`
NUMBER_LENGTH=`echo $NUMBER | wc -m`
MESS_LEN=`echo $MESSAGE | wc -m`
if [ "$MESS_LEN" -gt "$MAX_LENGTH" ]
echo "MESSAGE TOO LONG (Max 600 char). Exiting..."
exit 1

if [ "$NUMBER_LENGTH" -ne "11" ]
echo "Bad Number ($NUMBER_LENGTH)"
exit 1

Here we want a message being smaller than 600 chars and a correct number, ie with 11 digits. Note that the preffix is 3 digits long. Now, we want to set up the connexion with the server (ie to login) and get the cookies:

# Initial connexion. The cookie is saved in $COOKIE
# Now ship the message with the correct number
$COMMAND -e $SITE/$PAGE -A "Opera/9.23" -D $COOKIE2 -b $COOKIE \
-d "isiwebuserid=$LOGIN&isiwebpasswd=$PASS&isiwebjavascript=No&isiwebappid=mobile&isiwebmethod=authenticate&isiweburi=%2Fyouth%2Fsms_senden-fr.aspx&isiwebargs=login&login.x=0&login.y=0" \
$SITE/$PAGE_AUTH > /dev/null

Ok, I agree, it sucks here. I retrieved this lonnnnng URL by using Paros . So basically, we do:
  • -e: Sets the Referer as being the official page (ie $SITE/$PAGE).
  • -A: the User-agent, here Opera.
  • -D : Saves the new cookie.
  • -b : Use the previously saved cookie
  • -d : Send a POST request to "$SITE/$PAGE_AUTH". You can see that the request has $LOGIN and $PASS
Now we are logged in and we got the cookie for the session. We are now able to send the SMS:

$COMMAND -e $SITE/$PAGE -A "Opera/9.23" -b $COOKIE2 \
-d "__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE_SCM=1&__VIEWSTATE=&CobYouthSMSSenden%3AtxtMessage=$MESSAGE&CobYouthSMSSenden%3AtxtNewReceiver=$NUMBER&CobYouthSMSSenden%3AbtnSend=Envoyer&FooterControl%3AhidNavigationName=Envoi+de+SMS&FooterControl%3AhidMailToFriendUrl=yoblabla.aspx" $SITE/$PAGE_SMS

As you can see, $MESSAGE and $NUMBER have been replaced in the request. Again, I found this url by using Paros.

That's it... we are now able to send sms from the command line for free, without having to log in every time. Note that we can take back the result from curl and do some parsing on it. This is how I get back the "Remaining SMS". A cool application is for example when you are monitoring a special activity on your network and you would like to be informed when something strange is happening... just call the sms script and it will inform you.

Typically, I used this kind of technique to set up automatically accounts and vote to get invitations to a concert.

No comments:

Post a Comment