[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Exit Remailer Suggestion




In article <[email protected]>,
Adam Back  <[email protected]> wrote:
>
>Mike Duvos <[email protected]> writes:
>> Someone wrote:
>
>(That someone was me).
>
>>  > What about AOL disks?  We need shorter lived, disposable
>>  > remailers as exit remailers...  Let them take the heat,
>>  > while the real remailers walk.  Lets see a series of
>>  > "exitman" remailers.  Exitman remailers are walking targets
>>  > left to fend for themselves as long as they may.
>> 
>> By reconfiguring current remailers to use a public Email service
>> as the last link in the chain, we tap a potentially infinite
>> supply of disposable accounts, on advertising-supported service
>> providers with skins as thick as those of the bulk emailers.
>> 
>> Sounds like a plan to me.
>
>OK, lets _do_ it!

Sounds good to me.  Hotmail makes a note of the IP address that connected
to it, but luckily there's no shortage of HTTP proxies out there...

   - Ian

#!/usr/bin/perl -w

##
## sendhotmail: pipe an RFC822 mail message into this, and it will send it
##              out from a hotmail account via an HTTP proxy
##
## Initial revision 19970808 by Ian Goldberg <[email protected]>
##

## Set the following to your proxy host and port.
##  Look at the files pointed at by
##   http://ircache.nlanr.net/Cache/Tracker/caches/
##  for sample entries, but most of them don't allow just anyone to connect
##  to hotmail through them.

$proxyhost = 'proxy.slt.lk';
$proxyport = 8080;

## This is your hotmail login name and password
$login = ## Fill this in yourself
$passwd = ## Fill this in yourself

## End Configuration

sub escapetext {
    my $t = $_[0];
    $t =~ s/([\000-\037\200-\377\{\}\|\\\^\[\]\`\"\<\>\:\@\/\;\?\=\&\%\.\#])/"%".unpack('H2',$1)/eg;
    $t =~ s/ /+/g;
    $t;
}

## Parse the incoming mail (note that we don't handle continuation headers)
## Also, the To, Cc, and Bcc headers ought to be in a form hotmail understands
## (no full names, etc.).  We try to do the stripping properly.

$to = '';
$subject = '';
$cc = '';
$bcc = '';
while(<STDIN>) {
    if (/^To:\s+(.*)/io) {
	$to = $1;
	$to =~ s/\(.*?\)//g;
	$to =~ s/\".*?\"//g;
	$to = &escapetext($to);
    } elsif (/^Subject:\s+(.*)/io) {
	$subject = &escapetext($1);
    } elsif (/^Cc:\s+(.*)/io) {
	$cc = $1;
	$cc =~ s/\(.*?\)//g;
	$cc =~ s/\".*?\"//g;
	$cc = &escapetext($cc);
    } elsif (/^Bcc:\s+(.*)/io) {
	$bcc = $1;
	$bcc =~ s/\(.*?\)//g;
	$bcc =~ s/\".*?\"//g;
	$bcc = &escapetext($bcc);
    }
    last if /^$/;
}
$msg = &escapetext(join("\r\n", <STDIN>));

use LWP;

## Begin magic

$ua = new LWP::UserAgent;
$ua->proxy('http', "http://${proxyhost}:${proxyport}/");

$url = new URI::URL 'http://www.hotmail.com/cgi-bin/password.cgi';
$request = new HTTP::Request('POST', $url);
$request->header(Pragma => 'no-cache');
$request->content("login=${login}&curmbox=ACTIVE");

$response = $ua->request($request);
$body = $response->content;
$body =~ /\<\s*form\s+[^>]*action=\"(.*?)\"/io or die "Cannot log in";

$url = new URI::URL $1, $url;
$body = $';
$body =~ s/\<\s*\/form\s*\>.*//;
$body =~ /\<\s*input\s+[^>]*name=\"disk\"\s+value(=\"(.*?)\")?/io or die "Cannot give passwd";
$disk = $2 || "";

$request = new HTTP::Request('POST', $url);
$request->header(Pragma => 'no-cache');
$request->content("passwd=${passwd}&frames=no&disk=${disk}&curmbox=ACTIVE&login=${login}&js=no");
$response = $ua->request($request);
$body = $response->content;

$body =~ /\<\s*area\s+[^>]*href=\"(\/cgi-bin\/compose.*?)\"/io or die "Cannot compose";
$composeurl = new URI::URL $1, $url;
$body =~ /\<\s*area\s+[^>]*href=\"(\/cgi-bin\/logout.*?)\"/io or die "Cannot compose";
$logouturl = new URI::URL $1, $url;

$request = new HTTP::Request('GET', $composeurl);
$request->header(Pragma => 'no-cache');
$response = $ua->request($request);
$body = $response->content;

$body =~ /\<\s*form\s+[^>]*action=\"(.*?)\".*?\>/io or die "Cannot send message";
$url = new URI::URL $1, $composeurl;
$body = $';
$data = '';
while(1) {
    $body =~ /^\s*\<\s*input\s+type=\"?hidden\"?\s+name=\"(.*?)\"\s+value(=\"(.*?)\")?\s*\>/io or last;
    $name = $1; $value = $3 || ""; $body = $';
    $data .= $name."=".$value."&";
}
$data .= "to=${to}&subject=${subject}&cc=${cc}&bcc=${bcc}&body=${msg}&Send.x=1&Send.y=1";

$request = new HTTP::Request('POST', $url);
$request->header(Pragma => 'no-cache');
$request->content($data);
$response = $ua->request($request);
$body = $response->content;

$request = new HTTP::Request('GET', $logouturl);
$request->header(Pragma => 'no-cache');
$response = $ua->request($request);