Gaia Online Login [Python/vb.net]

**~~DarkByte~~** · 10-04-2012

Needs cleanup but it does the job:
If you do not know , gaia adds a random formobject with a random value and random name in a random place. Also they dont pay attention to your password , instead a random "token" is assighned to you on page load. Then they combine the random token with your password and md5 hash it. Then they hash the hash and use this as your login info.

Python:

PHP Code:


import urllib2, re, hashlib

from urllib import urlencode

from cookielib import CookieJar







username="USERNAME"

password="PASSWORD"

hash = lambda text: hashlib.md5(text).hexdigest()

#Open gaias page first to get all the random varibles needed to login

opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(CookieJar()))

opener.addheaders = [('User-agent', "Mozilla/5.0")]

firsthtm = opener.open('http://www.gaiaonline.com/auth/').read()

#Gaia shows a random form value with a random name and a random value , so lets extract all values from the html...

formvalues = re.findall('value="(.*?)"', firsthtm) #Extract all html values

formnames = re.findall('name="(.*?)"', firsthtm) #Extract all html names

formnames.pop(0) #pages description is always first extracted (0 index) , so lets remove it

#Next , we also extract another trash varible (a posix timestamp) , this var is numeric and always 10 chars long

#This is the only extracted varibles that has those charectistics so we can find and remove it....

for index,value in enumerate (formvalues):

    if (value.isdigit() and len(value) ==10):

        formvalues.pop(index)

#Now we have 6 formvalues and 8 formnames , why? Because password  and auto login is also inside the form but is never set a value

#Lets just remove password and auto login labels from our formnames list for clarity

for index,value in enumerate (formnames):

    if (value == "password"):

        formnames.pop(index)

#Now we remove the "autologin value , wich is always at position 5 of the array (its outside the random code)

formnames.pop(5)





for index,value in enumerate (formnames):

    if (value == "username"):

        formvalues[index] = username

    if (value == "token"):

        thetoken=formvalues[index] #Catch the token (its used to encode the password)

#Now we can combine our extracted data and login

postdata = urlencode({formnames[0]: formvalues[0],

formnames[1]: formvalues[1],

formnames[2] : formvalues[2],

formnames[3] :formvalues[3],

formnames[4] : formvalues[4],

formnames[5] : formvalues[5],

"username" : username,

"password" : "", 

'chap' : hash(hash(password) + thetoken)

})



finalhtml = opener.open('http://www.gaiaonline.com/auth/login/', postdata)



if 'Welcome back' in finalhtml.read():

    print 'Logged in successfully!'

else:

    print 'Log-in failed! :C'

Vb.net:

Code:

 Public Function gaialogin(ByVal strusername As String, ByVal strpassword As String, ByVal thewrapper As httpwrapper, Optional ByVal cookiefile As String = "") As Boolean
        Dim wrapper As New httpwrapper
        Dim input As String = GetStringBetween(wrapper.Request("GET", "http://www.gaiaonline.com/auth/login"), "method=""post"">", "<div").Replace("data-value", vbNull)
        Dim i1 As String = "<input"
        Dim i2 As String = "/>"
        Dim token As String = "token"
        Dim sample, strHTML, strPostData As String
        Dim var(3) As String
        Dim val(3) As String
        Dim tokenIndex As Integer

        For i As Integer = 0 To 3
            sample = GetStringBetween(input, "<input", "/>")
            var(i) = GetStringBetween(input, "name=""", """")
            val(i) = GetStringBetween(input, "value=""", """")
            input = input.Replace(i1 & sample & i2, vbNull)
        Next
        tokenIndex = (Array.FindIndex(var, Function(i) i = token))

        strPostData = var(0) & "=" & val(0) _
                   & "&" & var(1) & "=" & val(1) _
                   & "&" & var(2) & "=" & val(2) _
                   & "&" & var(3) & "=" & val(3) _
        & "&username=" & (strusername) & "&password=" & "" & "&signInButton=Log+In&chap=" & MD5(MD5(strpassword) + val(tokenIndex))

        strHTML = wrapper.Request("POST", "www.gaiaonline.com/auth/login/index.php?" & strPostData, wrapper.LastPage)
        If strHTML.Contains("login_success=") = True Then
  
            Return True
        Else
            Return False
        End If
    End Function

  Public Function MD5(ByVal input As String) As String
        Dim x As New System.Security.Cryptography.MD5CryptoServiceProvider()
        Dim bs As Byte() = System.Text.Encoding.UTF8.GetBytes(input)
        bs = x.ComputeHash(bs)
        Dim s As New System.Text.StringBuilder()
        For Each b As Byte In bs
            s.Append(b.ToString("x2").ToLower())
        Next
        Dim hash As String = s.ToString()
        Return hash
    End Function

          
 Public Function GetStringBetween(ByVal InputText As String, ByVal StartText As String, ByVal EndText As String, Optional ByVal StartPosition As Object = 1) As String
        Dim lnTextStart As Integer
        Dim lnTextEnd As Integer

        lnTextStart = InStr(StartPosition, InputText, StartText, CompareMethod.Text) + Len(StartText)
        lnTextEnd = InStr(lnTextStart, InputText, EndText, CompareMethod.Text)
        If lnTextStart >= (StartPosition + Len(StartText)) And lnTextEnd > lnTextStart Then
            GetStringBetween = Mid(InputText, lnTextStart, lnTextEnd - lnTextStart)
        Else
            GetStringBetween = ""
        End If
    End Function

Thread: Gaia Online Login [Python/vb.net]

Thread Tools

Display

Threaded View

Gaia Online Login [Python/vb.net]

Posting Permissions