Hotmail login script

doonyakka has asked for the wisdom of the Perl Monks concerning the following question:

I posted a related question before, and got some excellent answers. However, having tried the various suggestions, it seems that the problem is deeper.

I'm trying to use or write a Hotmail login script. I've attempted using WWW::Hotmail and gotmail, and neither of them work. I think it's because MS have changed the login methods and/or there are various new redirects that those modules can't handle. Does anyone know if this is the case? If it is, any tips on what a Hotmail login script would look like would be much appreciated. I realise that MS probably don't want people to be using script to login (oh woe, all that wasted advertising) and therefore would like to keep this info secret, but still...(all the more reason to make it work, right? ;)

Thanks.

doonyakka

update: thanks, tachyon. i'm pretty sure you've given me enough sly hints that i'll be able to crack this one ;) i'm trying to build a plugin for trillian that will login to any number of hotmail accounts periodically, and stop them from expiring. i'll let you know how it goes

Comment on Hotmail login script

Replies are listed 'Best First'.
Re: Hotmail login script by tachyon (Chancellor) on Mar 25, 2004 at 02:56 UTC
As you note M$ have changed the hotmail login. Basically there are 4-5 redirs that get you to `passport.[com\|net]` for the actual login. One of these is a javascript detection phase, another is checking for cookie functionality. The bottom line is that you can do it from perl. Unfortunately I can't give you code here. By way of approach I suggest you set up a logging proxy and point your browser through it to get some idea of the sequence of challenge/response. You won't see the https part but you just need to send the cookies when you get to that. The only real trick is fooling the JS testing. If you try to use LWP straight off you will rapidly diverge from a real login sequence when the JS detection fails and you get redirected to the no JS, get a real browser/enable JS page. You also need to fake the agent string and enable cookies when using LWP. HTH cheers tachyon	[reply] [d/l]

Replies are listed 'Best First'.

Re: Hotmail login script
by tachyon (Chancellor) on Mar 25, 2004 at 02:56 UTC

As you note M$ have changed the hotmail login. Basically there are 4-5 redirs that get you to passport.[com|net] for the actual login. One of these is a javascript detection phase, another is checking for cookie functionality. The bottom line is that you can do it from perl. Unfortunately I can't give you code here.

By way of approach I suggest you set up a logging proxy and point your browser through it to get some idea of the sequence of challenge/response. You won't see the https part but you just need to send the cookies when you get to that. The only real trick is fooling the JS testing. If you try to use LWP straight off you will rapidly diverge from a real login sequence when the JS detection fails and you get redirected to the no JS, get a real browser/enable JS page. You also need to fake the agent string and enable cookies when using LWP.

HTH

cheers

tachyon

[reply]
[d/l]