#!/usr/bin/perl
#displays Stadtsparkasse Muenchen account activity from date to date
#debian: apt-get -t testing install libwww-perl libcrypt-ssleay-perl
#debian: OR perl -MCPAN -e 'install(Crypt::SSLeay)'

use LWP;
use HTTP::Cookies;

if ($#ARGV==-1) {
	print "Usage: scrap_sskm accountno 2004-01-01 2004-12-31\n";
	exit 1;
}

print STDERR "Please enter password\n";
system "stty -echo"; #mask passwd
chomp($passwd=<STDIN>);
system "stty echo";
$account = $ARGV[0];
#print "Entered $passwd for account $account - done";
my $start = substr($ARGV[1],8,2).".".substr($ARGV[1],5,2).".".substr($ARGV[1],0,4);
my $end = substr($ARGV[2],8,2).".".substr($ARGV[2],5,2).".".substr($ARGV[2],0,4);
my $browser = LWP::UserAgent->new(  );
$browser->env_proxy(  ); # if we're behind a firewall
my $cookie_jar = HTTP::Cookies->new(
   file     => "/home/blasum/.cookies.lwp",
   #ignore_discard => 1,
);
$browser->cookie_jar ( $cookie_jar );

#Initial login, YES we can do Javascript ;)
my $response = $browser->get ('https://homebanking.sskm.de/banking/startAction.do?JS=true&CLIENTTIME='.time().'&SCREENWIDTH=800&SCREEHEIGHT=600');
$cookie_jar->extract_cookies($response);
$browser->cookie_jar ( $cookie_jar );

#extract the struts session ID
$response->content =~ m{org.apache.struts.taglib.html.TOKEN\" value=\"([\dabcdef]+)};
$token=$1;

#PIN authentication
my $response = $browser->post ('https://homebanking.sskm.de/banking/Logon.do', [ 'Pin' => $passwd, 'AccountNumber' => $account, 'org.apache.struts.taglib.html.TOKEN'=>$token, 'Registration' ], );

#extract the request ID
$response_content =~ m{TransactionListInput.do\?REQUESTID=([^\"]+)\"};
$sid=$1;

#get history as file
my $response = $browser->get ('https://homebanking.sskm.de/banking/TransactionListSave.do?REQUESTID='.$sid."&StartDate=$start&EndDate=$end");
print $response->content;