Yesterday I opened a question I was forced to erase it, because I could not ask correctly. This question I'll try to explain it in parts, come on.
1 - I monitored Twitter, following a person, I got these protocols:
curl "https://api.twitter.com/1.1/friendships/create.json"
-H "Origin: https://twitter.com"
-H "x-csrf-token: ab9d9188841188d57c1e3e2ed1b90325"
-H "authorization: Bearer AAAAAAAAAAAAAAAAAAAAAPYXBAAAAAAACLXUNDekMxqa8h^%^2F40K4moUkGsoc^%^3DTYfbDKbT3jJPCEVnMYqilB28NHfOPqkca3qaAxGfsyKCs0wRbw"
-H "Content-Type: application/x-www-form-urlencoded; charset=UTF-8"
-H "Accept: application/json, text/javascript, */*; q=0.01"
-H "Referer: https://twitter.com/pdosilva1020"
-H "User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36"
-H "x-twitter-auth-type: OAuth2Session"
-H "X-Twitter-Active-User: yes"
--data "challenges_passed=false^&handles_challenges=1^&include_blocked_by=true^&include_blocking=true^&include_can_dm=true^&include_followed_by=true^&include_mute_edge=true^&skip_status=true^&user_id=876965710978830337" --compressed &
curl "https://api.twitter.com/1.1/friendships/create.json"
-X OPTIONS -H "access-control-request-method: POST"
-H "origin: https://twitter.com"
-H "accept-encoding: gzip, deflate, br"
-H "accept-language: pt-BR,pt;q=0.8,en-US;q=0.6,en;q=0.4"
-H "user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36"
-H "accept: */*"
-H "referer: https://twitter.com/pdosilva1020"
-H "authority: api.twitter.com"
-H "access-control-request-headers: authorization,x-csrf-token,x-twitter-active-user,x-twitter-auth-type" --compressed &
curl "https://api.twitter.com/1.1/friendships/create.json"
-H "origin: https://twitter.com"
-H "accept-encoding: gzip, deflate, br"
-H "x-csrf-token: ab9d9188841188d57c1e3e2ed1b90325"
-H "accept-language: pt-BR,pt;q=0.8,en-US;q=0.6,en;q=0.4"
-H "authorization: Bearer AAAAAAAAAAAAAAAAAAAAAPYXBAAAAAAACLXUNDekMxqa8h^%^2F40K4moUkGsoc^%^3DTYfbDKbT3jJPCEVnMYqilB28NHfOPqkca3qaAxGfsyKCs0wRbw"
-H "cookie: personalization_id=^\^"v1_AEx3/TzL4vC/TVoRp7A9GQ==^\^"; guest_id=v1^%^3A150404403827902852; ads_prefs=^\^"HBESAAA=^\^"; kdt=qxgHjAztSnnZFJwieBRWJxoVGMibzs2KWwO1pLDF; remember_checked_on=1; twid=^\^"u=876929501132992512^\^"; auth_token=1f334266ebf70a5fe9ec0d01fe33d4192253ec9d; external_referer=OTZIBTkFw3vkkAaSWI6wkvUDrlzaIZB6BnbGZOK1XnQ^%^3D^|0^|8e8t2xd8A2w^%^3D; lang=pt; ct0=ab9d9188841188d57c1e3e2ed1b90325; _ga=GA1.2.1021364707.1504044044; _gid=GA1.2.2049121336.1504044044; _gat=1; dnt=1; _twitter_sess=BAh7CSIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo^%^250ASGFzaHsABjoKQHVzZWR7ADoPY3JlYXRlZF9hdGwrCJlMfDJeAToMY3NyZl9p^%^250AZCIlODcyNzQyMDU1OGZlOTdhZWZkMmE2MTM4YTNkNzhlNzE6B2lkIiViZjNl^%^250AN2Y3Y2NjNDM3YWFhNjRjMjdjNzNhMTExMmE5Yw^%^253D^%^253D--a8f7846f97c012459cf7393fdc6a954aac5ee7c3"
-H "x-twitter-auth-type: OAuth2Session"
-H "user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36"
-H "content-type: application/x-www-form-urlencoded; charset=UTF-8"
-H "accept: application/json, text/javascript, */*; q=0.01"
-H "referer: https://twitter.com/pdosilva1020"
-H "authority: api.twitter.com"
-H "x-twitter-active-user: yes"
--data "challenges_passed=false^&handles_challenges=1^&include_blocked_by=true^&include_blocking=true^&include_can_dm=true^&include_followed_by=true^&include_mute_edge=true^&skip_status=true^&user_id=876965710978830337" --compressed &
Where referer: link was the account that was followed by mine.
I've been able to track the person with this code:
$bearer = 'AAAAAAAAAAAAAAAAAAAAAPYXBAAAAAAACLXUNDekMxqa8h%2F40K4moUkGsoc%3DTYfbDKbT3jJPCEVnMYqilB28NHfOPqkca3qaAxGfsyKCs0wRbw';
$followCurlInit = curl_init();
curl_setopt_array($followCurlInit, [
CURLOPT_URL => $this->_url,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => 2,
CURLOPT_HEADER => true,
CURLOPT_HTTPHEADER => [
'origin: https://twitter.com',
'cookie:' . http_build_query($_COOKIE, '', ';') . ';',
'authorization: Bearer ' . $bearer,
'x-csrf-token: ' . Cookies::get('ct0'),
'Referer: https://twitter.com/pdosilva1020',
'x-twitter-auth-type: OAuth2Session',
'x-twitter-active-user: yes',
],
CURLOPT_POSTFIELDS => http_build_query([
'challenges_passed' => false,
'handles_challenges' => 1,
'include_blocked_by' => true,
'include_blocking' => true,
'include_can_dm' => true,
'include_followed_by' => true,
'include_mute_edge' => true,
'skip_status' => true,
'user_id' => '876965710978830337',
], '', '&', PHP_QUERY_RFC3986),
CURLOPT_USERAGENT => $this->_userAgent,
CURLOPT_COOKIEFILE => $this->_cookieFileLocation,
]
);
$this->_webPage = curl_exec($followCurlInit);
var_dump($this->_webPage);
$this->_status = curl_getinfo($followCurlInit, CURLINFO_HTTP_CODE);
curl_setopt_array($followCurlInit, [
CURLOPT_URL => $this->_url,
CURLOPT_CUSTOMREQUEST => 'OPTIONS',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => 2,
CURLOPT_HEADER => true,
CURLOPT_HTTPHEADER => [
'origin: https://twitter.com',
'access-control-request-method: POST',
'accept-encoding: gzip, deflate, br',
'accept-language: pt-BR,pt;q=0.8,en-US;q=0.6,en;q=0.4',
'accept: */*',
'referer: https://twitter.com/pdosilva1020',
'authority: api.twitter.com',
'access-control-request-headers: authorization,x-csrf-token,x-twitter-active-user,x-twitter-auth-type',
],
CURLOPT_USERAGENT => $this->_userAgent,
]
);
$this->_webPage = curl_exec($followCurlInit);
$this->_status = curl_getinfo($followCurlInit, CURLINFO_HTTP_CODE);
The goal is to be followed, I have all cookies ct0
saved in my database
, (fakes accounts), where I retrieve the ct0
, but has a <
I get false in this code below, it does not return anything to me:
curl_setopt_array($followCurlInit, [
CURLOPT_URL => $this->_url,
CURLOPT_CUSTOMREQUEST => 'OPTIONS',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => 2,
CURLOPT_HEADER => true,
CURLOPT_HTTPHEADER => [
'origin: https://twitter.com',
'access-control-request-method: POST',
'accept-encoding: gzip, deflate, br',
'accept-language: pt-BR,pt;q=0.8,en-US;q=0.6,en;q=0.4',
'accept: */*',
'referer: https://twitter.com/pdosilva1020',
'authority: api.twitter.com',
'access-control-request-headers: authorization,x-csrf-token,x-twitter-active-user,x-twitter-auth-type',
],
CURLOPT_USERAGENT => $this->_userAgent,
]
);
$this->_webPage = curl_exec($followCurlInit);
var_dump($this->_webPage);
$this->_status = curl_getinfo($followCurlInit, CURLINFO_HTTP_CODE);
I want to understand how these monitored requests work, I know that cookie ct0
and user_id
will be used to make me follow. Can anyone help me at least with the CURL
doubt?