Sunday, June 03, 2007

Reverse Engineering: Facebook poking

Since i declared Poking war on all my facebook friends, i've been thinking of doing some R & D. So i'm developing a Greasemonkey Script that would enable me to reply to all the pokes simultaneously.

Well thus far, heres what i've discovered.

A poking request is made by sending the user id of the person you wish to poke to a php page.

http://(networkName).facebook.com/ajax/poke.php?id=(userID)

with this request, goes a cookie with your login credentials.


Host: solent.facebook.com

User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.8.1.1) Gecko/20061223 Firefox/2.0.0.1

Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5

Accept-Language: en-us,en;q=0.5

Accept-Encoding: gzip,deflate

Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7

Keep-Alive: 300

Proxy-Connection: keep-alive

Content-Type: application/x-www-form-urlencoded

Referer: http://solent.facebook.com/profile.php?id=511999790

Content-Length: 70

Cookie: login=[Login credentials etc. Need to workout the encoding on these]

Pragma: no-cache

Cache-Control: no-cache

As you can see i did this on my mac, using Firefox to take advantage of firebug. If you drop in the refer url it will take you that persons profile page, i imagine that this is also checked to stop spam bots, however i plan to fake the refers in the application, so that shouldn't be a problem.

Therefore in essence to automate the process, all you need to do is create an array of the users that you wish to poke, and loop though them sending your credentials each time to ensure that it is accepted by the server.

While i was poking around i also discovered that FB uses a modified version of Apache 1.3.37 (they suffix it with "fb1"). Whether this is an edit to the string, or actual modification, who knows?

Anyways, when i stop working 7 days a week, or going to bed at 2:15 am, i'll but together a small java app to take advantage of this.

Now if you think this is a lot of work, it isn't really, i got a http request class already built and fully functioning thanks to my work on isolation. So just gotta reverse engineer some more, and apply this concept.

Let the poking war continue!


Quote of the Day

Caption