MECTILE

Login and scrape NAB page with PHP and CURL

I was after an automated way to determine if payments had come into my nab.com.au account.

For some reason, nab makes it very difficult to login with PHP and CURL. The main issue is they perform some client side password encoding with JavaScript.

Here is the code below;

//the following function emulates the JavaScript password encoding
	function check($p, $k, $a) {
		for ($i = 0; $i < strlen($p); $i++) {
			$p_charAt = substr($p, $i, 1);
			$r[$i] = $p_charAt;
			$pi = strpos($a, $p_charAt);

			if (($pi >= 0 && $i < strlen($k)) && ($pi !== false)) {
				$k_charAt = substr($k, $i, 1);
				$ki = strpos($a, $k_charAt);
				if ($ki >= 0) {
					$pi -= $ki;
					if ($pi < 0) {
						$pi += strlen($a);
					}
					$a_charAt = substr($a, $pi, 1);
					$r[$i] = $a_charAt;
				}
			}
		}
		return implode($r);
	}

	//grab the login page
	$curl = curl_init();
	curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
	curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20100101 Firefox/15.0.1');
	curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
	curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false);
	curl_setopt($curl, CURLOPT_REFERER, 'http://www.nab.com.au/cgi-bin/ib/301_start.pl?browser=correct');
	curl_setopt($curl, CURLOPT_COOKIEFILE, $cookies);
	curl_setopt($curl, CURLOPT_COOKIEJAR, $cookies);
	curl_setopt($curl, CURLOPT_URL, 'https://ib.nab.com.au/nabib/index.jsp');
	$ret = curl_exec ($curl);
	curl_close ($curl);

	if (preg_match('/id="webKey"\s*value=\s*"(.*?)"/i', $ret, $regs)) {
		$webKey = $regs[1];
	}
	if (preg_match('/id="webAlpha"\s*value=\s*"(.*?)"/i', $ret, $regs)) {
		$webAlpha = $regs[1];
	}

	if (preg_match('/name="org\.apache\.struts\.taglib\.html\.TOKEN"\s*value=\s*"(.*?)"/i', $ret, $regs)) {
		$token = $regs[1];
	}

	$password = urlencode(check($password, $webKey, $webAlpha));

	//login page
	$curl = curl_init();
	curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
	curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20100101 Firefox/15.0.1');
	curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
	curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
	curl_setopt($curl, CURLOPT_REFERER, 'https://ib.nab.com.au/nabib/index.jsp');
	curl_setopt($curl, CURLOPT_COOKIEFILE, $cookies);
	curl_setopt($curl, CURLOPT_COOKIEJAR, $cookies);
    curl_setopt($curl, CURLOPT_POST, 1);
    curl_setopt($curl, CURLOPT_POSTFIELDS, "org.apache.struts.taglib.html.TOKEN={$token}&userid={$userid}&password={$password}&charityId=&applyOffers=&applyMyOffers=&applyHomeLoan=&applyPersonalLoan=&applyAcctSavings=&applyAcctTran=&applyTermDeposits=&applyCreditCards=&applyCreditCardLimit=&statementSettings=&newBillPayment=&newInternationalPayment=&login=Login");
	curl_setopt($curl, CURLOPT_URL, 'https://ib.nab.com.au/nabib/loginProcess.ctl');
	$ret = curl_exec ($curl);
	curl_close ($curl);

Thanks for this page for pointing me in the right direction.

Related posts:

  1. PHP code/script to automatically purchase a Buy it Now (BIN) eBay item
  2. CloudSight API PHP example
  3. Updated 2017 PHP code to automatically bid/buy an eBay auction item
  4. Generic file selection window function in VBA

Posted

in

,

by

MECTILE

Tags:

, , , , , ,

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *