Classified Hack Part 2

Continue from Part 1

I hate to do repetitive tasks and perform so much mouse clicks just to do such simple and boring thing.

So, in this post, I’m going to show you how to hack ST701 Shops to re-publish all your expired ads easily and automatically.

Before I begin, let’s take a look at the ST701 Shop ads.

ST701 Classified Hack

As you can see, each ad has a unique ID, such as SHO-1234.

All the actions, such as View, Copy, Delete, Edit and Publish, uses the unique item ID to pickup the ad from the database to process the request.

Step 1
We need to extract the ads IDs from the My Shop Ads page. Hack

The line 3 is to login to SPH authenticate server and save the login session in to the cookies file. IDToken1 is ST701 username field while IDToken2 is the password field. Replace the username and password with your own.

The line 5 is to browse the Expired Ads page and cached the page content to a file.

Line 7 is to extract expired ads IDs into a text file, named as ExpiredAdsID.txt.

Step 2
With the expired ads IDs ready in the ExpiredAdsID.txt file, we are now to copy all the expired ads to Saved folder. Hack

Step 3
The ST701 classified system will issue a new ad ID to every newly copied ads. Therefore, we need to attract the new ads IDs from the Saved folder as well. Hack

This script is similar to Step 1, except for the the link:

Step 4
In the last part, the script will read each of the new ads ID and re-publish them to ST701 Shops. Hack

I did not test this script on the Cars and Property sections of ST701, however the method should be similar. Once you understand the concept, you should be able to implement it across the ST701 platform.

I cannot guarantee this method will work in ST701 classified system in future, as the ST701 developers can read this blog too. 🙂

The purpose of this hack is to shows you how to become a more efficient using ST701 classified system. Hacks are generally considered quick-and-dirty techniques for getting a task done better. But despite the title, this post is NOT about hacking or breaking into system.

Posted in Shell Script Tagged with: ,
3 comments on “ Classified Hack Part 2
  1. Bug says:

    In your first screenshot it looks like you’re POSTing to over an insecure connection. The POST address is of http:// and not https://. While you deserve kudos for a decent automation hack, do note (as I’m sure you’re aware) that POSTing userids and passwords in the clear leaves them open to network sniffers. I’m surprised that ST701 hasn’t taken greater efforts to secure their users’ accounts.

  2. Bug says:

    Oh by the way, don’t worry about people using this method to break ST701. It seems that the calls you are making are all valid HTTP operations, either POST or GET, with simple substitutions — nothing illegal, just automated on the commandline instead of done manually through the browser. Nothing that ST701 should be able to block either.

  3. hanneng says:

    Hi Bug,

    Thanks for your comments.

    I do aware that there is security concern in this method as I failed to highlight in the blog post.

Leave a Reply