Perl and Online Banking

[banker123]

Can I access my banking account via the web using perl? I have used
LWP and installed SSL and Crypt::SSLeay. I am able to access https
pages that do not require a user name and password, however I am not
sure how to sign on to my banks homepage (start a session), and
navigate to the https site that list my account details.

Homepage
https://www.key.com/index.html

If I can access the data my plan is to use perl to extract the data and
create custom reports. Direction, references, documentation,
suggestions, and prior experiences accessing data via a secure session
is appreciated.

 

[Ben Morrow]

[perl.beginners trimmed as it's not a newsgroup]

Can I access my banking account via the web using perl? I have used
LWP and installed SSL and Crypt::SSLeay. I am able to access https
pages that do not require a user name and password, however I am not
sure how to sign on to my banks homepage (start a session), and
navigate to the https site that list my account details.

Start by looking at WWW::Mechanize.

I shouldn't need to say this, but *BE* *CAREFUL*. You are potentially
messing around with yor money...

Ben

 

[Brian Wakem]

Can I access my banking account via the web using perl? I have used
LWP and installed SSL and Crypt::SSLeay. I am able to access https
pages that do not require a user name and password, however I am not
sure how to sign on to my banks homepage (start a session), and
navigate to the https site that list my account details.

Homepage
https://www.key.com/index.html

If I can access the data my plan is to use perl to extract the data and
create custom reports. Direction, references, documentation,
suggestions, and prior experiences accessing data via a secure session
is appreciated.

This wheel may have been invented already.
http://search.cpan.org/search?query=bank&mode=all

 

[banker123]

This wheel may have been invented already.
http://search.cpan.org/search?query=bank&mode=all

No module for my bank (KeyBank), looks like I will have to build the
wheel.

 

[Tad McClellan]

just do this :

my $ua = LWP::UserAgent->new();
$ua->cookie_jar(new HTTP::Cookies);

Or just do this:

my $ua = WWW::Mechanize->new();

as it already has cookies enabled.

I use HTTP Analyzer by the way to help me write HTML scrapers of this
sort... Google it.

For those who prefer open source, and not being tied to the evil browser,
there is also:

Web Scraping Proxy

http://www.research.att.com/~hpk/wsp/


Which writes the logs in the form of Perl code that you can copy and modify.

 

[usenet]

Can I access my banking account via the web using perl?

Usually. Most folks use WWW::Mechanize for that. Unlike LWP,
Mechanize enables cookies by default, and banks usually use cookies to
secure the session.

You may be interested in some advice I once gave someone regarding
session cookies to grab info from a banking site:

http://tinyurl.com/y3q37x

A quick look at key.com seems a pretty trivial page to manipulate with
Mechanize. It might be even easier than usual, because the acutal logon
bit is in its own frame
(https://accounts.key.com/frameSignonClient.html), so you can probably
get by with manipulating that one simple frame alone. You will need
this at a minimum:

$mech->get('https://accounts.key.com/frameSignonClient.html');
$mech->field('sUserId', 'myuserid');
$mech->field('password', 'mypasswd');
$mech->submit;

But look at the sourcecode for the page and notice that you may need to
set some hidden fields also, especially:
<input type="hidden" name="jsenabled" value="N"/>

Which tells you you probably need to also include in your constructor:

$mech->field('jsenabled', 'Y'); #liar!

And so on. Or, if you don't like trying to mentally parse the HTML
page source, you can use the TamperData plug-in for FireFox and it will
flag you with every parameter that is being sent.

 

[banker123]

A quick look at key.com seems a pretty trivial page to manipulate with
Mechanize. It might be even easier than usual, because the acutal logon
bit is in its own frame

How did you find this frame? I took a look at the source and it was
not immediatley recognizable.

But look at the sourcecode for the page and notice that you may need to
set some hidden fields also, especially:
<input type="hidden" name="jsenabled" value="N"/>

Can you expand on hidden fields or direct me to some documentation?

Thanks!

 

[Tad McClellan]

Can you expand on hidden fields or direct me to some documentation?

http://www.google.com/search?hl=en&q=hidden+fields


At least _try_ on your own before asking for help.

 

[usenet]

How did you find this frame? I took a look at the source and it was
not immediatley recognizable.

Well, I use Firefox (of course) and I simply right-clicked in the
appropriate region and noticed the "This Frame>" option. Clicking on it
showed me the "Show Only This Frame" option, which I selected to view
the appropriate frame. If you use IE, you probabliy are not adept
enought to do this task.

Can you expand on hidden fields or direct me to some documentation?

If you don't understand basic HTML, you probably cannot accomplish your
task. When viewing the frame, you "View Page Source" and look at the
underlying HTML. A search for "name=" should show you the various
fields the page expects to set/receive. You may need to trick your
website (ie, to believe you have Javascript or Flash enabled).

There is no Perl Magick here. You must understand and be able to grok
the language your website communicates in (HTML). If you grok that, it
is fairly trivial to express it in terms that Mechanize can
communicate.

 

[banker123]

Thank for the post, I have been able to write code using mechanize. I
am able to navigate to https://mail.yahoo.com/ sign on and return a web
page from which I parsed the number of e-mails I have. I am now
working on the bank sign-on which seems to be a little more
challenging, thanks for pointing me in the right direction.