Skip to content

Instantly share code, notes, and snippets.

@nderkach

nderkach/recognizer.py

Last active May 21, 2024 16:38
Show Gist options
  • Save nderkach/45d37827e25d38f606c99865c6491d0f to your computer and use it in GitHub Desktop.
Save nderkach/45d37827e25d38f606c99865c6491d0f to your computer and use it in GitHub Desktop.
Download ZIP
Facebook photo upload and photo tagging
Raw
recognizer.py
#!/usr/bin/env python
import requests
import re
import urllib.parse
import sys, os
import json
from requests_toolbelt import MultipartEncoder
BASE_URL = 'https://mbasic.facebook.com'
IMG_FILE = 'test.jpg'
email = "FB_EMAIL"
password = "FB_PASSWORD"
session = requests.session()
session.headers.update({
'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36'
})
proxies = {
"http": os.environ['PROXY_URL'],
"https": os.environ['PROXY_URL']
}
session.proxies = proxies
print("Using proxy:", session.get('https://api.ipify.org?format=json').json()['ip'])
response = session.get(BASE_URL)
response = session.post(BASE_URL + '/login.php', data={
'email': email,
'pass': password
}, allow_redirects=False)
if 'c_user' not in response.cookies:
print("Account locked :(")
sys.exit(1)
# login was successful
homepage_resp = session.get('https://mbasic.facebook.com/home.php')
fb_dtsg = re.search('name="fb_dtsg" value="(.+?)"',
homepage_resp.text).group(1)
user_id = response.cookies['c_user']
jazoest = re.search('name="jazoest" value="(.+?)"',
homepage_resp.text).group(1)
privacyx = re.search('name="privacyx" value="(.+?)"',
homepage_resp.text).group(1)
print(user_id, fb_dtsg, jazoest, privacyx)
composer_post_url = re.search(
'id="mbasic_inline_feed_composer"><form method="post" action="(.+?)"', homepage_resp.text).group(1)
print(composer_post_url)
composer_form_data = {"fb_dtsg": fb_dtsg, "jazoest": jazoest, "privacyx": privacyx, "target": user_id, "c_src": "feed", "cwevent": "composer_entry", "referrer": "feed",
"ctype": "inline",
"cver": "amber",
"rst_icv": None,
"xc_message": None,
"view_photo": "Photo"}
composer_resp = session.post(
BASE_URL+composer_post_url, data=composer_form_data)
waterfall_id = re.search('name="waterfall_id" value="(.+?)"',
composer_resp.text).group(1)
print(waterfall_id)
preview_post_url = re.search(
'method="post" action="(.+?)"', composer_resp.text).group(1)
print(preview_post_url)
fb_dtsg = re.search('name="fb_dtsg" value="(.+?)"',
composer_resp.text).group(1)
jazoest = re.search('name="jazoest" value="(.+?)"',
composer_resp.text).group(1)
print(fb_dtsg, jazoest)
# upload unpublished photo
fields = {'file1': (IMG_FILE, open(IMG_FILE, 'rb'), 'application/octet-stream'),
'file2': ('', None, 'application/octet-stream'),
'file3': ('', None, 'application/octet-stream'),
'fb_dtsg': fb_dtsg,
'jazoest': jazoest,
'add_photo_done': 'Preview',
'filter_type': '0',
'target_id': user_id,
'waterfall_source': 'composer_feed',
'waterfall_id': waterfall_id,
'waterfall_app_name': 'web_m_basic'
}
m = MultipartEncoder(
fields=fields, boundary='----WebKitFormBoundarybaqXespwXJLcB53L')
upload_response = session.post(
BASE_URL+preview_post_url, data=m.to_string(), headers={'Content-Type': m.content_type})
photo_id = re.search('name="photo_ids\[\]" value="(.+?)"',
upload_response.text).group(1)
print("preview photo id:", photo_id)
# publish post
create_post_url = re.search(
'<form method="post" action="(.+?)"', upload_response.text).group(1)
print(create_post_url)
fb_dtsg = re.search('name="fb_dtsg" value="(.+?)"',
upload_response.text).group(1)
jazoest = re.search('name="jazoest" value="(.+?)"',
upload_response.text).group(1)
csid = re.search('name="csid" value="(.+?)"',
upload_response.text).group(1)
privacyx = re.search('name="privacyx" value="(.+?)"',
upload_response.text).group(1)
return_uri = re.search('name="return_uri" value="(.+?)"',
upload_response.text).group(1)
return_uri_error = re.search('name="return_uri_error" value="(.+?)"',
upload_response.text).group(1)
waterfall_id = re.search('name="waterfall_id" value="(.+?)"',
upload_response.text).group(1)
fields = {'fb_dtsg': fb_dtsg,
'jazoest': jazoest,
'at': None,
'target': user_id,
'csid': csid,
'c_src': 'feed',
'referrer': 'feed',
'ctype': 'advanced',
'cver': 'amber',
'users_with': None,
'album_id': None,
'waterfall_source': 'composer_feed',
'privacyx': privacyx,
'appid': '0',
'photo_ids[]': photo_id,
'return_uri': return_uri,
'return_uri_error': return_uri_error,
'waterfall_id': waterfall_id,
'xc_message': None,
'view_post': 'Post',
}
m = MultipartEncoder(
fields=fields, boundary='----WebKitFormBoundary7VLdZYja8oOJPWFh')
import time
time.sleep(1)
post_response = session.post(
BASE_URL+create_post_url, data=m.to_string(), headers={'Content-Type': m.content_type})
tagged_match = re.search('subject_id=(.+?)&', post_response.text)
if tagged_match:
facebox_fbid = tagged_match.group(1)
print("Tagged", facebox_fbid)
story_id = re.search('status_id=(.+?)&', post_response.text).group(1)
else:
story_id = re.search('status_fbid%3D(.+?)%', post_response.text).group(1)
# now delete the story
print("Story posted:", story_id)
story_page_response = session.get(BASE_URL+'/story.php?story_fbid={story_id}&id={user_id}'.format(story_id=story_id, user_id=user_id))
delete_url = re.search('Edit</a><span aria-hidden="true"> · </span><a href="(.+?)"', story_page_response.text).group(1).replace('&amp;', '&')
print(BASE_URL+delete_url)
delete_dialog_response = session.get(BASE_URL+delete_url)
delete_action = re.search('<form method="post" action="(.+?)"', delete_dialog_response.text).group(1).replace('&amp;', '&')
print(BASE_URL+delete_action)
fb_dtsg = re.search('name="fb_dtsg" value="(.+?)"',
delete_dialog_response.text).group(1)
jazoest = re.search('name="jazoest" value="(.+?)"',
delete_dialog_response.text).group(1)
print(fb_dtsg, jazoest)
r = session.post(BASE_URL+delete_action, data={"fb_dtsg": fb_dtsg, "jazoest": jazoest})
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment