-
-
Save rajapaju/1282006 to your computer and use it in GitHub Desktop.
Login to Facebook using cURL
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# If it redirects to http://www.facebook.com/login.php at the end, wait a few minutes and try again | |
EMAIL='YOUR_EMAIL' # edit this | |
PASS='YOUR_PASSWORD' # edit this | |
COOKIES='cookies.txt' | |
USER_AGENT='Firefox/3.5' | |
curl -X GET 'https://www.facebook.com/home.php' --verbose --user-agent $USER_AGENT --cookie $COOKIES --cookie-jar $COOKIES --location # redirects to https://login.facebook.com/login.php | |
curl -X POST 'https://login.facebook.com/login.php' --verbose --user-agent $USER_AGENT --data-urlencode "email=${EMAIL}" --data-urlencode "pass=${PASS}" --cookie $COOKIES --cookie-jar $COOKIES | |
curl -X GET 'https://www.facebook.com/home.php' --verbose --user-agent $USER_AGENT --cookie $COOKIES --cookie-jar $COOKIES | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I recommend you use a VPN from a provider you can trust when using a hostile network. Make sure you statically configure your DNS settings so there's no leaking your DNS queries to the network adversary.
Man in the middle attacks often employ proxies or other stream parsers to manipulate HTTP traffic in real time. Completely encrypting your traffic with a VPN will render the proxy/parsers useless.
If Mr crypto expert is abusing PKI (public key infrastructure) to decrypt your traffic then the tell tale sign would be in your operating systems certificate store. He would have had to install a certificate he generated and placed it in your certificate store.