At first I was thinking to get a simple browser with an open code written in C#, and use it's source to learn. After all, I needed an automated browser. But that was too complicated because I didn't needed the visualization of the response, just the request and response headers. And briefly the body too. But a whole browser was just too much. And anyway, most of them used premade libraries, which knew too much. Eh, I wanted a bit control.
After a bit research I decided to use the HttpWebRequest and HttpWebResponse classes, and wrote my own Browser class.
Source codes:
I used Fiddler 2 for creating the headers. I visited the website using Internet Explorer while Fiddler was opened. It's a web debugger, working as a local proxy, monitoring all incoming and outgoing requests. By comparing the headers created by IE and those crated by my program I could get a good job pretty fast.
The biggest problem were cookies. The site needed them, a non-member user can't do almost anything. Cookies most be stored then reseeded, but I just couldn't find where did they appeared. I squandered a whole day just with cookies. But after all it came out pretty good.
I regretted using C#. It's damn slow. My program too, I know, but still... it was running for a half an hour. But the result worth everything. I got a .txt file with more than 30000 E-Mail addresses. It wasn't completely clear, tho, because some users used their E-mail as their User ID, and by doing this they screwed 2 other e-mails. It happened thanks to an option on the profile page of visiting the previous and next profiles, these being at the top of the page. Another problem was if users used @ in other fields like Name.
After another 20 minutes of clearing the text document, I finally got what I desired. Pure 30500 E-Mail addresses each one in a single line. Each of them validated and unique (but maybe deprecated).
Think about it. You have a business, great services for low price, but no one knows about you. Me, as your good friend, offer you 100 E-Mail addresses for 1 dollar. I think at least 20 will read it, 3 of them will get interested, and 2 of them will buy your service, and let's say one of them will return to you in the future. If every service earns you lets say 10$, you earned with this around 25$. By paying me 1$. Not a bad business so far right? OK, now let's think big. I sell you all of them, each 100 E-mail address 1$. I will earn 300$ and you around 500 costumer. The only loser is the administrator.
The worst is, I could have used this bot in a much better way. The site offered an E-Mail system too, you fill a form and it sends an E-Mail. I found a bug, whereby you could send E-Mail to those members as well who hid their E-Mail addresses (with simple URL SQL Injection). This way, I could have sent at least one E-Mail to 52000 user, and not being afraid that my IP and E-mail or those used to E-Mail gets to a black list, blocked, become spammer suspect and so on. After all it was the server who sent the E-Mails.
That's all. Nothing happened on your server, but one day you see that Mozilla is giving you a warning, Opera won't let you proceed to your own website, you get errors while sending E-Mails, your ISP is coming for you... big problems. Protect sensitive information!
What's the solution?
Sensitive information shouldn't be displayed as plain HTML. Use JavaScript to divide string. Example:
<script type="text/javascript">
at = '@';
document.write('mai'+'lto:'+'myemai'+'laddress'+at+'myemailpr'+'ovider');
</script>
The best would be to randomly cut up the string using PHP, put inside empty strings with random names, name string parts using random names then use as should, briefly randomly generate this JavaScript from PHP. The more complicated is the more secure will get.
Another method to secure would be to generate an image, which contains the E-Mail address. You can do this from PHP:
<?php
header("Content-type: image/jpeg");
$Str = "myemailaddress@myemailprovider.domain";
$NewImage = imagecreatefromjpeg("img.jpg");
$red = 50; $green = 50; $blue = 255;
$TextColor = imagecolorallocate($NewImage, $red, $green, $blue);
$fontSize = 8; $posX = 0; $posY = 0;
imagestring($NewImage, $fontSize, $posX, $posY, $Str, $TextColor);
imagejpeg($NewImage);
?>
If ./img.jpg looks like this:
the result is:
Much harder to hack (don't think it's impossible). This image was generated on my local server.
Stand by, very soon another post will come.