Well thus far, heres what i've discovered.
A poking request is made by sending the user id of the person you wish to poke to a php page.
with this request, goes a cookie with your login credentials.
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:126.96.36.199) Gecko/20061223 Firefox/188.8.131.52
Cookie: login=[Login credentials etc. Need to workout the encoding on these]
As you can see i did this on my mac, using Firefox to take advantage of firebug. If you drop in the refer url it will take you that persons profile page, i imagine that this is also checked to stop spam bots, however i plan to fake the refers in the application, so that shouldn't be a problem.
Therefore in essence to automate the process, all you need to do is create an array of the users that you wish to poke, and loop though them sending your credentials each time to ensure that it is accepted by the server.
While i was poking around i also discovered that FB uses a modified version of Apache 1.3.37 (they suffix it with "fb1"). Whether this is an edit to the string, or actual modification, who knows?
Anyways, when i stop working 7 days a week, or going to bed at 2:15 am, i'll but together a small java app to take advantage of this.
Now if you think this is a lot of work, it isn't really, i got a http request class already built and fully functioning thanks to my work on isolation. So just gotta reverse engineer some more, and apply this concept.
Let the poking war continue!
Quote of the Day