0x53/home_depot.py

## home_depot.py
import requests
import code

# Start by creating the info to enter
zipcode = 11111

# Format so that the UID/Password have pluses
uid = "<UID>"
password = "<password>"
uid = uid.replace(" ","+")
password = password.replace(" ","+")


# Create a session to store cookies for the entire program
s = requests.Session()

# Create the URL to go to
base_url = "https://survey.medallia.com/"
start_url = base_url + "?thehomedepot"

print("[+] Getting page URL: %s" % start_url)

# This is only to get some cookies
# Otherwise we would skip to the next page
start_page = s.get(start_url)

# The button clicks with a specific url based on our cookie value
url_part = s.cookies["thehomedepot"]

# The "form" from the first page.
# This is the begin survey button
payload = "lang=en&stay_main-pager=0&currentPage=0&nodeId=survey5&ballotVer=2&hmac=&is_embedded=false&defPgrAction=next&forward_main-pager=Begin+Survey"
second_url = base_url + "?" + url_part

print("[+] Getting second url: %s" % second_url)
headers={
    'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:83.0) Gecko/20100101 Firefox/83.0',
    'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8',
    'Content-Type': 'application/x-www-form-urlencoded',
    'Referer': 'https://survey.medallia.com/?thehomedepot'
    }


page = s.post(second_url,headers=headers,data=payload)

# The previous page asks us to enter our zip code
# Same URL as before
payload = "stay_main-pager=1&currentPage=1&nodeId=survey5&ballotVer=3&hmac=&is_embedded=false&defPgrAction=next&spl_q_thd_postalcode_entry_text=" + zipcode + "&forward_main-pager=Next"
print("[+] Getting third page: %s" % second_url)
headers['Referer']=second_url
page = s.post(second_url,headers=headers,data=payload)


# # Click next to really start survey
payload = "stay_main-pager=2&currentPage=2&nodeId=survey5&ballotVer=4&hmac=&is_embedded=false&defPgrAction=next&forward_main-pager=Next"
print("[+] Getting 4th page: %s" % second_url)
page = s.post(second_url,headers=headers,data=payload)


# Enter the password and username
payload = "stay_main-pager=3&currentPage=3&nodeId=survey5&ballotVer=5&hmac=&is_embedded=false&defPgrAction=next&spl_q_thd_receiptcode_id_entry_text=" + uid + "&spl_q_thd_receiptcode_password_entry_text="+ password +"&forward_main-pager=Next"
print("[+] Getting 5th page: %s" % second_url)
page = s.post(second_url,headers=headers,data=payload)

# Select occupation
payload = "stay_main-pager=7&currentPage=7&nodeId=survey5&ballotVer=6&hmac=&is_embedded=false&defPgrAction=next&onf_q_thd_pro_classification_contractor_remodeling_yn=1&forward_main-pager=Next"
print("[+] Getting 6th page: %s" % second_url)
page = s.post(second_url,headers=headers,data=payload)

# How likely are you to shop at this HD again
payload = "stay_main-pager=9&currentPage=9&nodeId=survey5&ballotVer=7&hmac=&is_embedded=false&defPgrAction=next&onf_q_thd_shop_likely_radio=5&forward_main-pager=Next"
print("[+] Getting 7th page: %s" % second_url)
page = s.post(second_url,headers=headers,data=payload)

# How would you describe this particular shopping experience
payload = "stay_main-pager=12&currentPage=12&nodeId=survey5&ballotVer=8&hmac=&is_embedded=false&defPgrAction=next&onf_q_thd_shop_comparison_radio=4&forward_main-pager=Next"
print("[+] Getting 8th page: %s" % second_url)
page = s.post(second_url,headers=headers,data=payload)


# How satified were you with...
payload = "stay_main-pager=14&currentPage=14&nodeId=survey5&ballotVer=9&hmac=&is_embedded=false&defPgrAction=next&spl_q_thd_shop_experience_text=1.+Home+depot+app+shows+where+things+are+in+the+store.+%0D%0A2.+Home+depot+tools+are+a+little+better+%28ryobi%29%0D%0A3.+Home+depot+associates+are+generally+better%0D%0A4.+Good+selection&forward_main-pager=Next"
print("[+] Getting 9th page: %s" % second_url)
page = s.post(second_url,headers=headers,data=payload)


# checkout and employees
payload = "stay_main-pager=15&currentPage=15&nodeId=survey5&ballotVer=10&hmac=&is_embedded=false&defPgrAction=next&onf_q_thd_satisfied_checkout_process_radio=5&onf_q_thd_satisfied_employees_experience_radio=5&forward_main-pager=Next"
print("[+] Getting 10th page: %s" % second_url)
page = s.post(second_url,headers=headers,data=payload)


# Clean and in stock?
payload = "stay_main-pager=17&currentPage=17&nodeId=survey5&ballotVer=11&hmac=&is_embedded=false&defPgrAction=next&onf_q_thd_perceptions_neat_clean_radio=5&onf_q_thd_perceptions_in_stock_radio=5&onf_q_thd_perceptions_cashier_friendly_radio=5&onf_q_thd_perceptions_employee_friendly_radio=5&forward_main-pager=Next"
print("[+] Getting 11th page: %s" % second_url)
page = s.post(second_url,headers=headers,data=payload)

# Require / recieve assistance?
payload = "stay_main-pager=19&currentPage=19&nodeId=survey5&ballotVer=12&hmac=&is_embedded=false&defPgrAction=next&onf_q_thd_assistance_require_yn=2&onf_q_thd_assistance_receive_yn=2&forward_main-pager=Next"
print("[+] Getting 12th page: %s" % second_url)
page = s.post(second_url,headers=headers,data=payload)

# did an employee go above and beyond?
payload = "stay_main-pager=29&currentPage=29&nodeId=survey5&ballotVer=13&hmac=&is_embedded=false&defPgrAction=next&onf_q_thd_praise_employee_yn=2&forward_main-pager=Next"
print("[+] Getting 13th page: %s" % second_url)
page = s.post(second_url,headers=headers,data=payload)

# anything we could do to improve?
payload = "stay_main-pager=31&currentPage=31&nodeId=survey5&ballotVer=14&hmac=&is_embedded=false&defPgrAction=next&spl_q_thd_catchall_oe_comment=Could+start+carrying+the+concrete+countertop+mix+again.&forward_main-pager=Next"
print("[+] Getting 14th page: %s" % second_url)
page = s.post(second_url,headers=headers,data=payload)

# random question
payload = "stay_main-pager=38&currentPage=38&nodeId=survey5&ballotVer=15&hmac=&is_embedded=false&defPgrAction=next&onf_i_question_1=2&onf_i_question_2=1&onf_i_question_3=2&forward_main-pager=Next"
print("[+] Getting 15th page: %s" % second_url)
page = s.post(second_url,headers=headers,data=payload)
code.interact(local=locals())

# Finish
phone = "<phone>"
email_user = "<email username>"
email_domain = "<email domain name>"
first_name = "<First Name>"
last_name = "<Last Name>"
payload = "stay_main-pager=46&currentPage=46&nodeId=survey5&ballotVer=16&hmac=&is_embedded=false&defPgrAction=next&spl_q_thd_contact_first_name_text="+first_name+"&spl_q_thd_contact_last_name_text="+last_name+"&spl_q_thd_contact_email_sweeps_text=" + email_user + "%40"+email_domain+"&spl_q_thd_contact_phone_sweeps_text="+phone+"&forward_main-pager=Finish"
print("[+] Getting 16th page: %s" % second_url)
page = s.post(second_url,headers=headers,data=payload)
	import requests
	import code

	# Start by creating the info to enter
	zipcode = 11111

	# Format so that the UID/Password have pluses
	uid = "<UID>"
	password = "<password>"
	uid = uid.replace(" ","+")
	password = password.replace(" ","+")


	# Create a session to store cookies for the entire program
	s = requests.Session()

	# Create the URL to go to
	base_url = "https://survey.medallia.com/"
	start_url = base_url + "?thehomedepot"

	print("[+] Getting page URL: %s" % start_url)

	# This is only to get some cookies
	# Otherwise we would skip to the next page
	start_page = s.get(start_url)

	# The button clicks with a specific url based on our cookie value
	url_part = s.cookies["thehomedepot"]

	# The "form" from the first page.
	# This is the begin survey button
	payload = "lang=en&stay_main-pager=0&currentPage=0&nodeId=survey5&ballotVer=2&hmac=&is_embedded=false&defPgrAction=next&forward_main-pager=Begin+Survey"
	second_url = base_url + "?" + url_part

	print("[+] Getting second url: %s" % second_url)
	headers={
	'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:83.0) Gecko/20100101 Firefox/83.0',
	'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8',
	'Content-Type': 'application/x-www-form-urlencoded',
	'Referer': 'https://survey.medallia.com/?thehomedepot'
	}


	page = s.post(second_url,headers=headers,data=payload)

	# The previous page asks us to enter our zip code
	# Same URL as before
	payload = "stay_main-pager=1&currentPage=1&nodeId=survey5&ballotVer=3&hmac=&is_embedded=false&defPgrAction=next&spl_q_thd_postalcode_entry_text=" + zipcode + "&forward_main-pager=Next"
	print("[+] Getting third page: %s" % second_url)
	headers['Referer']=second_url
	page = s.post(second_url,headers=headers,data=payload)


	# # Click next to really start survey
	payload = "stay_main-pager=2&currentPage=2&nodeId=survey5&ballotVer=4&hmac=&is_embedded=false&defPgrAction=next&forward_main-pager=Next"
	print("[+] Getting 4th page: %s" % second_url)
	page = s.post(second_url,headers=headers,data=payload)


	# Enter the password and username
	payload = "stay_main-pager=3&currentPage=3&nodeId=survey5&ballotVer=5&hmac=&is_embedded=false&defPgrAction=next&spl_q_thd_receiptcode_id_entry_text=" + uid + "&spl_q_thd_receiptcode_password_entry_text="+ password +"&forward_main-pager=Next"
	print("[+] Getting 5th page: %s" % second_url)
	page = s.post(second_url,headers=headers,data=payload)

	# Select occupation
	payload = "stay_main-pager=7&currentPage=7&nodeId=survey5&ballotVer=6&hmac=&is_embedded=false&defPgrAction=next&onf_q_thd_pro_classification_contractor_remodeling_yn=1&forward_main-pager=Next"
	print("[+] Getting 6th page: %s" % second_url)
	page = s.post(second_url,headers=headers,data=payload)

	# How likely are you to shop at this HD again
	payload = "stay_main-pager=9&currentPage=9&nodeId=survey5&ballotVer=7&hmac=&is_embedded=false&defPgrAction=next&onf_q_thd_shop_likely_radio=5&forward_main-pager=Next"
	print("[+] Getting 7th page: %s" % second_url)
	page = s.post(second_url,headers=headers,data=payload)

	# How would you describe this particular shopping experience
	payload = "stay_main-pager=12&currentPage=12&nodeId=survey5&ballotVer=8&hmac=&is_embedded=false&defPgrAction=next&onf_q_thd_shop_comparison_radio=4&forward_main-pager=Next"
	print("[+] Getting 8th page: %s" % second_url)
	page = s.post(second_url,headers=headers,data=payload)


	# How satified were you with...
	payload = "stay_main-pager=14&currentPage=14&nodeId=survey5&ballotVer=9&hmac=&is_embedded=false&defPgrAction=next&spl_q_thd_shop_experience_text=1.+Home+depot+app+shows+where+things+are+in+the+store.+%0D%0A2.+Home+depot+tools+are+a+little+better+%28ryobi%29%0D%0A3.+Home+depot+associates+are+generally+better%0D%0A4.+Good+selection&forward_main-pager=Next"
	print("[+] Getting 9th page: %s" % second_url)
	page = s.post(second_url,headers=headers,data=payload)


	# checkout and employees
	payload = "stay_main-pager=15&currentPage=15&nodeId=survey5&ballotVer=10&hmac=&is_embedded=false&defPgrAction=next&onf_q_thd_satisfied_checkout_process_radio=5&onf_q_thd_satisfied_employees_experience_radio=5&forward_main-pager=Next"
	print("[+] Getting 10th page: %s" % second_url)
	page = s.post(second_url,headers=headers,data=payload)


	# Clean and in stock?
	payload = "stay_main-pager=17&currentPage=17&nodeId=survey5&ballotVer=11&hmac=&is_embedded=false&defPgrAction=next&onf_q_thd_perceptions_neat_clean_radio=5&onf_q_thd_perceptions_in_stock_radio=5&onf_q_thd_perceptions_cashier_friendly_radio=5&onf_q_thd_perceptions_employee_friendly_radio=5&forward_main-pager=Next"
	print("[+] Getting 11th page: %s" % second_url)
	page = s.post(second_url,headers=headers,data=payload)

	# Require / recieve assistance?
	payload = "stay_main-pager=19&currentPage=19&nodeId=survey5&ballotVer=12&hmac=&is_embedded=false&defPgrAction=next&onf_q_thd_assistance_require_yn=2&onf_q_thd_assistance_receive_yn=2&forward_main-pager=Next"
	print("[+] Getting 12th page: %s" % second_url)
	page = s.post(second_url,headers=headers,data=payload)

	# did an employee go above and beyond?
	payload = "stay_main-pager=29&currentPage=29&nodeId=survey5&ballotVer=13&hmac=&is_embedded=false&defPgrAction=next&onf_q_thd_praise_employee_yn=2&forward_main-pager=Next"
	print("[+] Getting 13th page: %s" % second_url)
	page = s.post(second_url,headers=headers,data=payload)

	# anything we could do to improve?
	payload = "stay_main-pager=31&currentPage=31&nodeId=survey5&ballotVer=14&hmac=&is_embedded=false&defPgrAction=next&spl_q_thd_catchall_oe_comment=Could+start+carrying+the+concrete+countertop+mix+again.&forward_main-pager=Next"
	print("[+] Getting 14th page: %s" % second_url)
	page = s.post(second_url,headers=headers,data=payload)

	# random question
	payload = "stay_main-pager=38&currentPage=38&nodeId=survey5&ballotVer=15&hmac=&is_embedded=false&defPgrAction=next&onf_i_question_1=2&onf_i_question_2=1&onf_i_question_3=2&forward_main-pager=Next"
	print("[+] Getting 15th page: %s" % second_url)
	page = s.post(second_url,headers=headers,data=payload)
	code.interact(local=locals())

	# Finish
	phone = "<phone>"
	email_user = "<email username>"
	email_domain = "<email domain name>"
	first_name = "<First Name>"
	last_name = "<Last Name>"
	payload = "stay_main-pager=46&currentPage=46&nodeId=survey5&ballotVer=16&hmac=&is_embedded=false&defPgrAction=next&spl_q_thd_contact_first_name_text="+first_name+"&spl_q_thd_contact_last_name_text="+last_name+"&spl_q_thd_contact_email_sweeps_text=" + email_user + "%40"+email_domain+"&spl_q_thd_contact_phone_sweeps_text="+phone+"&forward_main-pager=Finish"
	print("[+] Getting 16th page: %s" % second_url)
	page = s.post(second_url,headers=headers,data=payload)