DEV Community

Cover image for A bot that comments a lot
Atena Dadkhah
Atena Dadkhah

Posted on • Edited on

A bot that comments a lot

In this post I want to show you how to login to a website and then comment on a post...
Wait, what?
I know you've already could do that. LOL. But the goal is to do that with Python.

In fact, we want to have a bot that logins to a website and then comments on a post as many times as you want.

Important! The code we write, is not always the same in each website, but the point is to learn how to implement the theory of that.

To begin, you should choose a simple website to implement this operation. I chose ctflearn.com as an example.


First step, install and import the requests library of Python.

As I mentioned earlier in this post, at first we should login, then comment on a specific post. So we should now plan to login with our bot.

I suppose you've already registered to that website (have an account) so that we can login properly.

To login and then comment, we need to keep our session after login. so I will say:

import requests

with Requests.Session() as r:
     # The operation goes here
Enter fullscreen mode Exit fullscreen mode

To login we need to recognize all inputs on that page and fill them to send it to the server.

Inputs on a page might just consist of a username/email and password. But the key is to fill out those inputs and send the data to the server once, then go to Network tab in the dev tools,
choose the file related to that login page on the left bar and then choosing the payload tab on the right.

sending_values_login

By that you will see there might (or might not) be some other hidden inputs like CSRF tokens which also should be filled by the bot.

So, here and maybe on many other websites, in addition to the login information, we must also send the CSRF token.
To do that, my way is that with each request, get the source code of that page and find the index of the value of the CSRF input, then slice that from the page and send that among other values.

with Requests.Session() as r:
     source = r.get('https://ctflearn.com/user/login').text

Enter fullscreen mode Exit fullscreen mode

To find the index of the CSRF token we can find the index of this hidden input name (because it's mostly unique in the source code), and then receiving the main CSRF token.

with Requests.Session() as r:
     source = r.get('https://ctflearn.com/user/login').text
     token = source[source.rfind("csrf_token") + 33: source.rfind("csrf_token") + 124]
Enter fullscreen mode Exit fullscreen mode

So we got the input name index, (here csrf_token) and made that plus 33 (the 1st index of the token) and we sliced that through the end of the CSRF token, by summing that with 124 (calculating the CSRF length).

Notice! Your numbers from different websites are different.

And the final step to login, is to send these data to the server.

with Requests.Session() as r:
     source = r.get('https://ctflearn.com/user/login').text
     token = source[source.rfind("csrf_token") + 33: source.rfind("csrf_token") + 124]
    payload = {
       'csrf_token' : token,
       'identifier' : '3dot',
       'password' : '123456'
    }
    login = r.post('https://ctflearn.com/user/login', data=payload)
Enter fullscreen mode Exit fullscreen mode

The keys of payload variable, should be the name of their inputs, and the URL we post the data, should be the URL from the Network tab.
After login, we should repeat this process to comment on a post.

Under the login variable we should write:

commentSource = r.get('https://ctflearn.com/challenge/228')
commentToken = commentSource[commentSource.index('name="csrf_token"') + 39 : commentSource.index('name="csrf_token"') + 130]
commentPayload = {
   'markdown' : 'Your message!',
   'csrf_token' : commentToken,
}
comment = r.post('https://ctflearn.com/challenge/228/comment', data=commentPayload)
Enter fullscreen mode Exit fullscreen mode

At the end your code should looks like this.

import requests
with Requests.Session() as r:
     source = r.get('https://ctflearn.com/user/login').text
     token = source[source.rfind("csrf_token") + 33: source.rfind("csrf_token") + 124]
    payload = {
       'csrf_token' : token,
       'identifier' : '3dot',
       'password' : '123456'
    }
    login = r.post('https://ctflearn.com/user/login', data=payload)
    commentSource = r.get('https://ctflearn.com/challenge/228')
    commentToken = 
    commentSource[commentSource.index('name="csrf_token"') + 39 : 
    commentSource.index('name="csrf_token"') + 130]
    commentPayload = {
       'markdown' : 'Your message!',
       'csrf_token' : commentToken,
   }
   comment = r.post('https://ctflearn.com/challenge/228/comment', 
   data=commentPayload)
Enter fullscreen mode Exit fullscreen mode

By this code you can easily make a bot that logins to a website and then comments on a post.

You can also put a for loop to comment as many times as you want.


I hope this post helped you, for more information you can watch this video.

Top comments (0)