http://pastebin.com/U498tcbpCODE
test
My goal was to get in to Live in general but mainly so I can access Bing webmaster tools on Linux which require Silverlight and Moonlight does not work at all. With Linux all you get is links to CSV files, and you have to be logged in to get them. This script of mine is getting there and now I suppose I'll have my own front-end to Bing Webmaster Tools, instead of needing Silverlight.
Yes, the password is transferred via plaintext. Safe? I'm not sure there's really an alternative. SSL seems to make this okay.
Really the only unique value to everything is the flow tracking key, which is server-generated each time the page loads. Your script would have to regex that out of the HTML (cURL could grab this too). For cURL you need to make your client seem like a sane one, and say that your client accepts JavaScript, otherwise you will be redirected to that warning page each time.
Microsoft's obfuscation/security by obscurity:
- The page REQUIRES JavaScript AND cookies. Turn them off and you'll be redirected to those warning pages via META refresh.
- The page is 1 line, with only some Javascript strings, including the key.
- All content on the page (except for some of the JavaScript) is generated dynamically via JavaScript.
- The JavaScript within the page is all 1 line.
- The JavaScript included via