Sending SMS from terminal –A quick hack


This utility was developed when I was waiting to get no due slip signed by Kasi Raju. A special thanks to him for not being at his desk during office hours. I was always pissed off with the Way2Sms website because it always loads too slow. But on the bright side, the sms sent reaches the receiver almost instantaneously.

The Way2Sms does not provide API to send sms. So we have to think of a alternative way to do it. CURL was the first thing that came to my mind. But i decided to do using wget which is a nifty little tool. I also used a firefox plugin LiveHTTPHeaders to monitor the http request/response made between the browser and the server.

I opened Way2Sms login screen and I entered my username and password. I enabled LiveHTTPHeaders and logged in. All the information exachanged between the browser and server was captured. Analysing many such request/response I found the below one relevant.

So, I crafted a request from the terminal for logging in using wget. I found that I sucessfully logged in from the terminal. This is confirmed by the same page being returned when the request is made from browser and terminal. I used the following command.

//for signing in 

wget  --save-cookies cookie.txt --keep-session-cookies --referer "http://site6.way2sms.com/content/index.html" --user-agent  "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.0.6) Gecko/2009011912 Firefox/3.0.6"  \
--header= "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 " \
--header="Accept-Language: en-us,en;q=0.5 " \
--header="Accept-Encoding: gzip,deflate " \
--header="Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 " \
--header="Keep-Alive: 300 " \
--header="Proxy-Connection: keep-alive " \
--header="Content-Type: application/x-www-form-urlencoded " \
--header="Content-Length: 50" \
--post-data="username=9840281903&password=abcdef&login=Login"  \
http://site6.way2sms.com/auth.cl 
Replace username and password in the command above.

When we successfully login a cookie is returned to the browser. This is sent along with each request to the server. There is also session cookies which is used to store persist information for the entire session. I have given –save-cookies and –keep-session-cookies to store it into a file. I will be using this information when i am sending the sms.
The below image shows the information captured when sending an sms and hence I have crafted a request similar to this using wget.

wget --load-cookies cookie.txt --referer "http://site2.way2sms.com/jsp/InstantSMS.jsp" --user-agent  "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.0.6) Gecko/2009011912 Firefox/3.0.6"  \
--header= "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 " \
--header="Accept-Language: en-us,en;q=0.5 " \
--header="Accept-Encoding: gzip,deflate " \
--header="Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 " \
--header="Keep-Alive: 300 " \
--header="Proxy-Connection: keep-alive " \
--header="Content-Type: application/x-www-form-urlencoded " \
--header="Content-Length: 155 " \
--post-data="HiddenAction=instantsms&catnamedis=Birthday& \
Action=dsf45asvd5&chkall=on&MobNo=9840281903&textArea=bye& \
guid=username&gpwd=*******&yuid=username&ypwd=*******" \
http://site2.way2sms.com/FirstServletsms 

Enter the your phone number in the command above

Actually the way2sms website is badly designed. It does not require any such headers and works prefectly without this. The trimmed down version is

//To Login

wget  --save-cookies cookie.txt --keep-session-cookies \--post-data="username=9840281903&password=abcdef&login=Login"  \
http://site6.way2sms.com/auth.cl
//To send SMS

wget --load-cookies cookie.txt \  
--post-data="HiddenAction=instantsms&catnamedis=Birthday& \
Action=dsf45asvd5&chkall=on&MobNo=9840281903&textArea=bye& \
guid=username&gpwd=*******&yuid=username&ypwd=*******" \
http://site2.way2sms.com/FirstServletsms 

We can build a small script or a python application which asks the username and password in the terminal and automatically send sms 🙂 🙂 Happy Hacking !!! 🙂 🙂

This is the Pastebin link.

Advertisements

6 responses to this post.

  1. Posted by Biswabandan on June 16, 2011 at 6:32 pm

    awesome dude

    Reply

  2. Posted by Ananthkumar K S on June 17, 2011 at 2:17 am

    ithu hacking ah!!!! 😮

    Reply

  3. Is this legal? I thought way2sms earns money from ads. If you don’t see them, isn’t it a violation of the deal?

    Reply

  4. Doesn’t work anymore buddy, care to update it?

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: