One day I was drinking coffee with my friend and he told me a story of how he got in trouble with his girlfriend because she found his old profile on a popular dating site match. Allegedly someone from their common friends bumped into it and sent her a friendly notification. He was unable to prove her that it’s just an old thing’ that he forgot to delete and their story ended there they broke up pretty fast after this incident. What are the odds of bumping into a profile of someone you know on a dating website and how easily such privacy could be violated if someone had a direct intention?
I remembered that there were some open-source face detection and recognition libraries available and thought that it’s probably possible to write a tool that would crawl photos on dating sites and try to recognize a particular person on them. Then I ran into face a platform that provides a RESTful API for detecting, tagging and recognizing faces on the pictures. I recalled that story again, told to my friends, we all laughed, agreed that such a tool would be creepy, but I did put it in my list of ideas for hacking.
So, guess what, let’s go creepy and run a small experiment to see how easy that would be. To do that we’ll write a tool that will take tagged photos of a Facebook user and try to find his/her profile on match.
- How send authorized search requests to match
- How to get URLs of profile images
- How to make parsing fast by running requests asynchronously
- How to use face API
Sending authorized requests
To get profile pictures we need a search output. If you go to match you’ll figure that it doesn’t allow you to browse search results without registration. So the very first step would be to create an account on match. After that go to the search form, choose the parameters, like sex, age and a zipcode and click Search now. Now we see https://kissbridesdate.com/web-stories/top-10-hot-ghana-women/ the results with the profile pictures, but let’s try to get this from our tool. Let’s copy URL of the request from the browser and write a simple Ruby script.
Run this and you won’t see the results but that’s what we expected, right? Ruby script sends a request without a session cookie and therefore hitting a sign in form. So we need to pass this session cookie to send requests as a signed in user. If you’re already logged in, open the list of cookies for match in your browser and you’ll see the bunch of shit it stores. Save yourself sometime, cause I already figured that their session cookie is called SECU. Copy the value of this cookie and update the script.
If you run it, you’ll see a different response. Search through it and you can find something like Welcome, your_name and that means we sent a request as an authorized user.
Getting URL of profile images
Now, how do we get URLs of profile images? Let’s analyze HTML structure of the search results page. Use Web Inspector in Chrome or Safari or Firebug if you use Firefox. Point to a profile image and you’ll see that HTML code for it looks something like this:
All profile pictures on the page have class profilePic. Awesome. But those are very small images which would be hard to use for recognition. We need the bigger ones. Let’s click on someone’s profile, find the big image of the thumbnail from the search result and see how the link for it looks like: