How I Hacked the School Intranet

It all began when after the formal, the photos taken were not allowed to be distributed via conventional means (Dropbox, Google Drive or USB). They were eventually uploaded to the school intranet which consisted of a tiny preview, slow navigation and then a cumbersome one by one download. I thought that this simply wouldn’t do.

Step 1: A quick peruse of the file structure revealed each photo was served up via php, so a simple CURL request was my first thought. No such luck, authentication was required. Kudos to the school on this one, but I wasn’t ready to give up.

Step 2: Next up was a wget with a txt file containing cookies grabbed from this extension after logging in. And hoorah it worked! But entering in the URL’s one at a time still held no appeal. Onwards we go!

Step 3: The next question was how to grab all the photos without having to type in each url separately. Searching through the source of the page revealed the links fell into two ranges of ID. Time to crack out the Javascript, so I whipped up a quick script that went through the ID’s after the URL and created a txt file with each line being a url corresponding to a picture.

The JS Script used.

Step 4: Run the wget, with the cookies and the photo list to grab all the photos into a folder and voila!

Job done, files downloaded.

Too easy.

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.