There is a way to login programatically to website like bank which use a virtual keybord for the password ?
I found that i have to use an OCR to read the keyboard image(s). Its is the only solution ?
And if it is, what OCR I can use for ?
What is the name of this kind of login method ?
I know that its used for security purpose and it should not be easy to performance what I want etc... But that's what i wanted and some commercial tools can do that.
Thanks
There is a way to login programatically to website like bank which use a virtual keybord for the password ? - yes. if you're lucky, they have an API for it. otherwise, you gotta do the whole pretend to be a human logging in thing, which is often much more difficult.
I found that i have to use an OCR to read the keyboard image(s). Its is the only solution ? - in my experience, no. in theory, only the server may know the meaning of the coordinates clicked, making OCR-like behaviors required, but in every case i have inspected, the server told the client (the browser or game) the meaning of every button, taking away the need for OCR (because it's slightly less secure, but much easier to implement, and it protects against the main problem: keyloggers.)
edit: you specifically mentioned the BNP bank, i checked their login system on https://mabanque.bnpparibas/en/login , and there only the server does indeed know the meaning/locations of the keypads, that's a first! interesting indeed, there you indeed need some OCR-like behavior to login grammatically. luckily, it's rather trivial to detect the locations of the keys, since there's only 10 different ones (0-9) and their appearances are all static. check this out:
<?php
// get the real image binary from curl or something ofc, at https://mabanque.bnpparibas/identification-wspl-pres/grille/i-88243722402549998260015114166903914017
$imageBinary = base64_decode ( 'iVBORw0KGgoAAAANSUhEUgAAAZ8AAACgCAYAAADTuWFYAAAYQUlEQVR4nO3dfXBU5b0H8O8G8gKEjX/0guStiEJIUqS1wG4iY8cqEHQsajEWxrEkJEKuFMTAjV4qWiv2Oje895YKGCy3w0yWhHaGsYQNceZOJdlNp+1cIS/6j4y74daOdtyTkLJkd8/9Y/dsssnm/eGc55DvZ4Y/dk+c+c3XPfvb5znPeY4FEfP3PJEEYCWAbAB3gUYTAvB3AB9f23e+feABZjluzFIcZikOsxRnSJbTAWD+nidSAfzoVxuq1hUuWGpPm5H6DQOLNAVVVUNfdP/De6mz1fUa8N61feedALOcCGYpDrMUh1mKEy/LaQBw10M5D9U8v3fLqlx7UUpi0kyjCzUDi8ViSU2emXZ/xsL8npu93Z/do3789R8/VZjl+DFLcZilOMxSnHhZJkSOLSi45367odWZ2MM5y/IALIi8ZJaTwCzFYZbiMEtxtCynR17PTJ6emKqqqpE1mZY1ZZYVgPYLiFlOArMUh1mKwyzF0bJMGPUviYiIBGPzISIi3bH5EBGR7th8iIhId2w+RESkO221G7hyYzJis2OWk8EsxWGW4jBLccLZceRDRES6Y/MhIiLdsfkQEZHueM1HgMHRMcuJY5biMEtxmKU4WnQc+RARke7YfIiISHdsPkREpDte8xFgcHbMcuKYpTjMUhxmKY6WHUc+RESkOzYfIiLSHZsPERHpjtd8BOB8sDjMUhxmKQ6zFIfXfIiIyDBsPkREpDtOuwlgliG5T1FQW1eHZpcbAFBot2Ht6tXIysw0uLJ+ZsnSDJilOMxSHC276aP8nTQ8Xi+sVivSrFajSzGlq+3tKHlhC3yKEn2v2eXCiZpTOHX8XXwrL8/A6syl2eUa8Xh+Xh4/p2Pk8XpxwemM/iBKs1pRaLfh2fXrDa7MfAZnmZWZibWrV6HQbje4svikbT4erxfHa07B4/VGT/b3j78rbZCy27FrNwDg7Td/ho3FxQCAMw4H/n3v69ixazea/vCBkeWZyqYXtox4nJ/TsYn3gwgALjidqK2rx6nj77KJj9FwWdbW1WHXSzvwQmmpQZUNT9ppN4/Xi9q6OgDhX0M+RYHFYpGuTgBDtryVrcZmlxserxcV5WUofvpp+P1+AEDx00/D4/Hg2ImTuHDRiaLVqwyuFNJnqcnOysKGSBOPd0yKuiXPsvrQYfgUBVWVlagoLwMQnhp+p3o/zjgcqD1bh/LSEoOrjDBhlp97PHjxpZ2oPnQY+bl5KLTbDK4yQvbVbt/Kz8f5+jpc6+zA1vJyo8sxtfbODgBAgc2GYDAYfT8YDKLAFv5Aeq93GVKbWWVlZqK8ZFPcf5kZGUaXJ7229nY0u1x4vKgI5SWb4Pf74ff7kZKcjJ+/vhdpVitOnDpldJmmMFyWd8+di6rKlwEALW63wVUOJW3zmZ2aipyFC+H3+xEKhYwux+QsAOL/Wut/z6JjPXeGYDAY959sv4pl1NYR/kGUn5cX84MIAAKBAFYWFsKnKFAGTSPRUFqWhXZ7TJaqqsK2fHnM38hE2uYDyDe0JSIxlO4eAEB+bm7c4/mRBTBX2+X70pSNlmW8EbfMP9ylveYTj6qqUtY5uCIZawTi5zfwtQx1myVLQO7aAHNkqaqhEUfkFoscdZs5y/7jctSsVSHtajcS50fPrMfSJUsw7+65RpdCRASAzWdKSJ01CyuWfVfakSMR3T7n6+uQn5uLW7duGV1KDJNMu4VrU1U565T97ueR6vnc4wUAWK2zpahb9iwHkrk2QPYsRzun5TrnzZzlovvui95eIQPT7XBAt0dDYyMA4EHeFDlubR0dUBQFmRmZyMrk8mqSk6yLDth8pihFUeCoP4dmlwtVlZVInzdPsl9zcrvc0oLLLS3R11mZGXh5+3YUrZLgRl2ashRFQbPbDa83fN9egd027IpCo5lk2q2fjHXKPSTv1+J2Y3PFv8a8V1FehrJNP0ZfX59BVcUyQ5Ybi4vxudeDBwsKAQBX29rwQUMDdv5bFXw/VVD89NMGVxhmhiw9Xi9sy5eN+Dcy1G2GLBsandixe3fsvVFHwjeXH3znP2CVZKsiTrtNQd/MzkZVZSUAQFF8OFPrwLETJzF37lxpvjDN4M29r8FisUSnMxISErChuBjPlZbi4JGjzHIMtL3vHPX1WP3I92O+GD1dXbhw0WlUaaZVW1ePBwsK8PjaImRnZsGn+PDrEyfR4nbjwNGjeGPPHqNLjMHmM4VkpKejbNOPo6+3lJXhe6tW44239qHAZkMWt4UZk3irhpZ/9wFsLC7GGYcDLW53dNsiii83JwcrCwvwUXMLnnnuOTwTadhtHR242HjJ4OrMqaqyEi+UlsTsslFot2PdM8Vw1J+Tt/nIOIzUaLWpkHOpsBmG5EC4roFfnEmJidhQXIxfnzyJ9vYOZKanG1hdmFmyHCwQCKDAZsMZhwPtnZ2wr1hhdElSZxkMBnFk/35UHzyEMw4HDhw5Gj22sbgYaWlWHDtxUppzXuYstVpycxbh5s2bMceSk5Lw2Jo1+PXJk2h2uVFgk+dzKfX2OnR7qaoa/TB2Xb9ucDXml5qaCgCwWLhP3likJCfjzb2v4VpnB35bU4Pf1tTgWmcH3tz7WjRLGrvQMDtFzJ4dzjJhmlxf95x2m+KC2jJMfl9OmjpkExYaiaqq0R2Ylz3wHQDAjRs3osdIDFmzNMW0W5Ssd+hLPCQHAG9XF9o6OpCfmzt080HJ9naTPcsRMcsJCwQC8Q/Ics6bIcvRspIsS7nGYXRbOJuaUPnKq5xaE8Db1YWz534HbxeffzQZiqLg4qVLaGltNboUMgibzxSQkBD+38xrEZPnbGrCz95+m418kto7P0HlK6+is/MTo0shg5hj2i1SmqwbY0q/3foI+UVfy7KH1uDXEtQ0UIKl//cas5w47XeQxWKJX5dk57zMWY6alaRZcuQzxSlKt9ElENEUxOYzBRTawzc8xrt5r6XVHfM3NHFs5OPn647/mOxmtwsAeLPuGGRlZgIY/lHZWpay7fHG5jMFLI7cTe44dw41vzkNV2srXK2t+Nnbv4Cj/hxWFhZgcU6O0WWaAhu5GFpTaXA2DjmmKN1odrmRnZWFYDCod2mmk7t4MQDg4qWmIccGZinbvVPmuOYzgIx1ynz3MxBexnq4uho7du3CwV/+MubYkvx8HK6uHn6pq85kzzJn0aJoI09NTYV9xXIAgKv1T9FGnrNokRRfmjJnGQgEUFFehmMnTqL8xW1Y/9STsM6eDaW7GzWnTwMAtmzeLE3NMmeZPu/u6NZOla+8ivVPPQkAQ7KU5dEK3Fh0iklKTMT7x4/D1fonXGlrAxBuPAW2Fejt7ZXqZJJZMBiMNvKa06ejJzfQ38hlaDxm8NK2bfD5FJxxOOAatOS6orwMP3xynXRP35RRKBTCzu0/wZW2NjibmuBsih0ByZqlKZpPeWkJtlVsRW9vrzS/0M1GVVX09vbigW8vxfLvPgAg/EWq3VFOY8dGLobf78cbP92DDc8W46Pm/mcjPV60BnPnzJHq6ZuyS0lOxu8dtWhxt0Y/k4DcWZpi2u3mzZtDNsyTicxD8sH6+vqkeXZPPGbIUlVV3LhxA99Zen90W5hgMIienh6DK4tlhiz/+c9/4p5vfhML7703+l5fX59057vsWaqqip6enpjPJCB3lqYY+RDJKBAIcCQuQDAY5FSlIGb6THK1GxER6c4U026yk31IbibMUhxmKQ6zFIfP8yEiIsOw+RARke7YfIiISHe85iMC54PFYZbiMEtxmKU4vOZDRERGYfMhIiLdsfkQEZHueM1HAKmfcmgyzFIcZikOsxSHTzIlIiLDsPkQEZHu2HyIiEh3vOYjAPd9EodZisMsxWGW4nBvNyIiMgybDxER6Y7Nh4iIdMfmQ0REuos2n+nT+UTtiUpKTg4BCGmvmeXEMUtxmKU4zFIcLUstwZ7EGck9ScGk1L6+PoRCoZH+W4qYNm0aUlJS0PPVZ18D6Im8zSwngFmKwyzFYZbiDM5Saz6djR3uD9ct/d4PZsyYYWR9ptPj7/367J+b/gLg08hbzHKCmKU4zFIcZinOwCy15uN66ez+WlVVQ0szFy6elTwz1cgCzeIL5au/1f/1Q9eFtstnr+07/2XkbWY5AcxSHGYpDrMUZ3CWFu3A/D1PJAD4NoBsADMNq9BcvgTQfm3fee/AN5nlhDBLcZilOMxSnLhZEhER6WbgyCcJwEqEO/ldhlVkHiEAfwfw8bV959sHHmCW48YsxWGW4jBLcYZkOR0A5u95IhXAj361oWpd4YKl9rQZqd8wsEhTUFU19EX3P7yXOltdrwHvXdt33gkwy4lgluIwS3GYpTjxspwGAHc9lPNQzfN7t6zKtRelJCZx/nIMLBaLJTV5Ztr9GQvze272dn92j/rx13/8VGGW48csxWGW4jBLceJlqd1kuqDgnvvthlZnYg/nLMsDsCDykllOArMUh1mKwyzF0bLUllrPTJ6emMptwifGmjLLiv4VL8xyEpilOMxSHGYpjpYl93YjIiLdsfkQEZHu2HyIiEh3bD5ERKQ7Nh8iItJd9KEUXLkxGbHZMcvJYJbiMEtxmKU44ew48iEiIt2x+RARke7YfIiISHe85iPA4OiY5cQxS3GYpTjMUhwtOo58iIhId2w+RESkOzYfIiLSHa/5CDA4O2Y5ccxSHGYpDrMUR8uOIx8iItIdmw8REemOzYeIiHTHaz4CcD5YHGYpDrMUh1mKw2s+RERkGDYfIiLSndTTbj5FQW1dHZpdbgBAmtWKQrsNz65fb3BlsTgkF0fmLD1eLzxe76h/l5WZiazMTB0qGpnMWWp4jos1OM9Cuw1rV6+W4vOo0bKbPsrfGeZqeztKXtgCn6LEvH/B6URtXT1OHX8XaVarQdWZW7PLBUCeL0mzaGhsxH8ePDTq3+3e+RLKS0p0qMjceI6LFS/PZpcLJ2pO4dTxd/GtvDwDqxtK2uZTfegwfIqCqspKVJSXAQh39Xeq9+OMw4Haujq8UFpqcJXmc8HpxI5duwHwS3K8luTno6qyctjjV9va8EFDAywWi45VmdeOXbtHPMerDx3Gz/e+ZnCV5qGd17+tqcHKwgIAwLETJ/HO/v3YsWs3mv7wgZHlDSHltFtbezuaXS48XlSE8pJN8Pv9AICU5GT8/PW9+KChASdqTsnzxWmSITkAtESG42EW+WqVOMsCmw2Fdvuwx6sPhUdFa1evlqNuibNscDbC4/Wiorws7jl+pa0NtXV12LVjO6wyjH4kzhLoz7OqshK25cuieZaXbIKi+HDsxElcuOhE0epVBleKaJZSLjjwdHUBAPLz8hAMBmOOBQIBrCwshE9RoAwartPoLjidyM7KMroMUwqFQggGg8P++6DhIpbk5yMjPd3oUqXnvR4+xwtstrjn+GNFawAAV9s7dK/NjLQ88xYvRigUir4fDAZRYLPF/I0spGw+Xq355ObGPZ4fmbvkB3N8auvq4VMUPLZmjdGl3HG0xQgPFhRI96tYTuGpyeGyCoUiv44TOIU5NlpOQ/Psz1iuLKVsPiMFCQy4SYkfzHFpaXVHVxORWA2NjQDAbInGSMprPhpVVUesa7TjehlcgQw1DaYoCi5cdGJDcXHMsFy2Ws2QZTwt7nBjt69YEZOvkcyQJc9xseLlNfC1DHVrFUi72o3Eami8BIC/zG8HRVFwucWFx4rWSNN4aGrZsrkUTzy2FjNmzDC6lDGTdNqNRGtxu5GdlYWiVRKsdrnDaI39wRFWwhHdToFAAHPnzIF19myjSxkzSafdwrWo6nB1jXZcX7Lf/awoCi44ndhaVoZAIDBg1agcUxoDyZ5lPO0d4YUva1atkqpembO0WsNfkp97vLAtXz7kuMfjAQBkZmRIUbfMWWqGq+ly9KZyubLkyGcKuHgp/MtcijX+d6ALTieW5OcjddYso0sxDW2UqC3UGEj7sZSdlYXMjAy9S7ujKIoCR1090qxW6WY92HymgBZ3K7KzspCbk2N0KXecFrcbPkXB2jVrpPhVaRbp8+ahorwMzS4XXn/rreg9ex5vF0orKsI7H7z8MjOdpP1HjsKnKNhaXjbkfiqjSTrt1m+0umSoW+YhuaerKzrlFu/DJ1OtgNxZxtPS2goAKLCtkK5WmbNUVRUvb9+OK21tcNSfg6P+XMzxqspKPPr9h6X5wpQ5y+E4zp2Do74eS/LzUbZpE/r6+owuCYAJNhYlMZyRi+FrVj1qcCV3pgZnI9KsVuTm5HCl2zgdO3ECHzW3IM1qxcZni2G1psHj8eCMw4F39u/Hovvujd6dT+PT4nbjjbf2Ic1qxdEDB6RpPAOx+dzhLl66FJ1y45ejWJ6uLni83iH3TtHoFEXBgSNHkWa14n8anZg1cyYAwGKx4LGiIjxXWooDR3+Js2w+49bW0YGdVa8gzWrFf9e8h7lz/kXKkZqU025aLeowq7FGO643WYfk3q4uXG1vHzLlpkZXC8qR30CyZhnPRW1XA5tNyjplzrLFHZ6u3FBcjKTERNy6dSt6bNkD38GS/HxcaWuDz+eTYmNRmbMcSFEUvPHWPiiKgv86eBAL771Xuh9GXO02BWir3Djldnu4Wv8EALCvGLpUmEbWdf06gPjXyoLBINZG9h9s7+zUvTYze+83p9HW0RG9ZiZb4xmIzecO5rzUhOysLCxetMjoUu44iqKg2eXCysICzOIS6/GLbMsYHObLMRQKj9QtCfyKGitvVxdOvv8+luTnY/OPn0cgEDC6pBFJOe0WNdq0kCzTRhIOyfun3DYPXTEk2V5PMSTMMh5tlVuh3S7vr0szZMlzXJiz534HANhStjlmGlM6XO12Z3M2NQEAPmpuwf9+fCXmmNLdDSD8iIXLzS3Y+ZNtyBvm8RUUX/+U2wqDKyEKO3vuHLKzsvDoww9LP+oB2HzuWAmR6Yqr7e3D/o32DJqynh69yrpjXGxsjE5pSjvyoSmjvaMDPkXBhuJnTNF4AFmn3SKlDLsaa7TjOpNxu/XykhJs27o17rGPmlvwXGkpqiorUVFeht7eXnlu5hv8WoIsB2vv6Iye6LLkFo/UWfIcF6rr+v8BADLS06WrbTCpH6mgPam0raMDK5YtG3K82R3eKC/eI3gp7NatW8PO+/r9NwEAwUAA3ZEpOBq7xg8/BADkLl5scCXmpyjxP3++bkXnSsxNe/pzhon2wpNyKUl6+jwAwMVLTUOOKUo3ml3hxwOw8ZARXJHFBqsfecTgSsxLe66UdjvAQIrSHd05gjscjI3FEnksuYmmgKUc+WSmp2NjcTHOOByofPVVPPPUUwDCH8r3Tp8GAGzZvNnIEmmK0lYRPl5UZJq5dRktzsnBysICNDQ2IqSGhpzjHq8XVZUv8wfmOB04chSzh3mmz5pHH8H6SM4ykPKaTzAYxM7tP8GVtjY4LzXBOWgEtLG4GD98cp00ywnNcvdzPLLVKnuW2irCvNzF0tU2mMxZBgIBHK6uxo5du+Ke4xXlZSh9/nn4/X6DKowlc5YDtUWeLRXPgwV2KeqWfmPRlORk/N5Ri/bOTnzU3BJ9//GiNbh77lzcvHnTwOpoqtpaVoYdL74Iv98vzRejWSUlJuL948fR8ckn0XM8Lc2KlQUFmDtnDvMdh/LSEmyriL/ASCPbZ1ba5qOqKm7cuIEF8+dj0X33Rd/v6+tj45mkApsN1zo7pPswmgEzE0dVVfT29sac46qqIhAIMONxMuPnUsppt4ECgYD0c+tmGZJr+vr64PP5jC4jLrNlKTOzZMlzfGrhxqJERGQYNh8iItKd9NNuZsAhuTjMUhxmKQ6zFIfTbkREZBg2HyIi0h2bDxER6Y7XfETgfLA4zFIcZikOsxSH13yIiMgobD5ERKQ7Nh8iItIdr/kIIPtTDs2EWYrDLMVhluJoyXHkQ0REumPzISIi3bH5EBGR7njNRwDu+yQOsxSHWYrDLMXh3m5ERGQYNh8iItIdmw8REemOzYeIiHQXbT7Tp08f6e9oBEnJySEAIe01s5w4ZikOsxSHWYqjZakl2JM4I7knKZiU2tfXh1AoNNJ/SxHTpk1DSkoKer767GsAPZG3meUEMEtxmKU4zFKcwVlqzaezscP94bql3/vBjBkzjKzPdHr8vV+f/XPTXwB8GnmLWU4QsxSHWYrDLMUZmKXWfFwvnd1fq6pqaGnmwsWzkmemGlmgWXyhfPW3+r9+6LrQdvnstX3nv4y8zSwngFmKwyzFYZbiDM7Soh2Yv+eJBADfBpANYKZhFZrLlwDar+077x34JrOcEGYpDrMUh1mKEzdLIiIi3fw/DsxfURPiNkUAAAAASUVORK5CYII=' );
$keyLocations = BNPPinDecode ( $imageBinary );
print_r ( $keyLocations );
function BNPPinDecode(string $imageBinary): array {
$img = function (string $imageBinary) {
$ret = imagecreatefromstring ( $imageBinary );
if (! $ret) {
throw new \RuntimeException ( 'image format not recognized! (invalid binary?)' );
}
return $ret;
};
static $dictionary = NULL;
if ($dictionary === NULL) {
$dictionary = array (
0 => 'iVBORw0KGgoAAAANSUhEUgAAAAsAAAAcCAYAAAC3f0UFAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAAZdEVYdFNvZnR3YXJlAHBhaW50Lm5ldCA0LjAuMjHxIGmVAAABXklEQVQ4T72UPU/CUBSG+08cdXLTzU0HPwbBiakuJkbix+qg/8Fo+XIzEh2MmrCZCi3OQEIYDJsEl7JYWgpNmxx5Ty2p3K7Q5BnOfZ+em970Hsl1XQJGr0fX2Syl5H3m8PiE7opFzkJYrjUatLyySguLSwLbiSQ3msjohCBTuKXw+TFNOr+45HXsyHKtXueFo9Mz8jyPRqPRBN/3eUeAWnotlVhW8oV/YgiaIDcMg6SbXI4LrfoRK6MJ8rKmQ87/ydVYOZpP5Iqu03A4FIjmM5WDD8QHOI4jEM3nJA8GA4E5yfijULxrGtm2LRDN5yFXKmRZlkA0n6WcCQq1XKZ+vy8QzSWcH4orRYmVU7LMOc5c+my3udgaX/lpsdv95mxtfYNrCccTXvmDdJreVJV5en6hzd0Er98/PAayOZ4PGCI7yT0OpkEjXAJ4LOMtzIhmq8WDJuSr0+HhAsc0TfoFcIqrEWKOnqEAAAAASUVORK5CYII=',
1 => 'iVBORw0KGgoAAAANSUhEUgAAAAYAAAAbCAYAAABfhP4NAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAAZdEVYdFNvZnR3YXJlAHBhaW50Lm5ldCA0LjAuMjHxIGmVAAAAqklEQVQoU63NPw7CIBiHYW7iqJOb3sVJT+Git2jTol5FKe0RTEd7gbYL0L/Tz4D51G5aJXn5CE8CrO97vHfLMuRFAWYP290eq/UGk+nMFcUxmN3oYr5YuimTBKwoS1zTFHYFx9MLuq5zb9vp88MQqAG0bQuKwH3+PTRNA8rn3IGQo6Cua1A/QlVVoLwwdHCRcgwYY0A9IYrGgNYalBc84CzEX0EpBeoDELgDlVv5PQaPGnIAAAAASUVORK5CYII=',
2 => 'iVBORw0KGgoAAAANSUhEUgAAAAoAAAAcCAYAAABYvS47AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAAZdEVYdFNvZnR3YXJlAHBhaW50Lm5ldCA0LjAuMjHxIGmVAAABkElEQVQ4T52RPUtCYRTHn2/SWEttNdWULdHQyxANvXyJlhoLVHTSur5BYeIammJLmS8UJIaES0JSOojk5utVh1Pnn/cp9WrQhR/c539+PM/hHNFut4n5qFTI7nDQ1u4e4P/XfB41BuJTJkMzs3M0MTnVB2dck+L8ogFh8v6BtE9xeyBzDWLgKoSAC51Oh1RVBd1ul0xWK2rsiBOnE4dYIikljXgyiRo7X6KrJyaGRM6+Rdc/xLt4nFqtVh+cSZGbLhSLmONYkQPtqbFis9mkURybzRCD4fBosVwuYwkMBq4nMfsHh7hNcbtxFo1GgwY59/kgraxvYFucDYk30SgkfvLtvSDzPjGVTtN0r6/nbBZPSrFerxNTKpVoeXUNt4Uj15C0GiPFI6Op17wHM/0tMRBfcjnZPI9iUGJErVaTt4UiEeKzHhC5+QXDEtY2KGiIx1QKtxktFl1BQ1wGghAv/H6qVqsjEbZTBeJtLKYraAi74oDIG9ETNKTIw97c3tHlzOv9EcdhUxQSvIW/PlVV6ROt33va15k2kAAAAABJRU5ErkJggg==',
3 => 'iVBORw0KGgoAAAANSUhEUgAAAAoAAAAcCAYAAABYvS47AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAAZdEVYdFNvZnR3YXJlAHBhaW50Lm5ldCA0LjAuMjHxIGmVAAABoElEQVQ4T52TO08CQRSF959YamWnlZ2WVloZC+U3GBLhD2gihcpbC6MICYkR1M7w2IVoB5QSBGoiElner+TKuWRWNsAUkhx25pxvdnbn3lX6/T5BX9UqOb1e2js4ZGFcLJU4gxjM5HK0urZOS8srJsFDZoAbm1tsBsNhEj+MASNjMKFqbJw6HDQcDqnX67Ewhocs+vxCisvn44mWThuQEDxkYMagnydqKjUDwpuA/n+ASU2jbrdrEjwD/K7VKP32zmcmBbEFXh9XKdjpdGiRbu+DDN6FQnIQpQRYKpfng5VKhS7dHoY8V9f8GEq73SYolkhwMC1UZjAYcG6An8Uir4YAiCa5CQTMILbEaqGfet2A84UCKa1Wi+YJi0/OJk3xGH1aDEKihE6PVw7GVXUCjrtd+cjn6SESIVybzaZJ8WTyD7xwu3mC45GC+MMEphwcP6i4Y6PRMEkUgV9GBuJYDDCTzfLEarPPgFa7nTMwXJl9i4WNc6eLXmMx1tGxjT1kXEJd1wldLuBpbe/scgaGQWyD7xifhGgMjEejEWe6rtMvFbBmYjAbiskAAAAASUVORK5CYII=',
4 => 'iVBORw0KGgoAAAANSUhEUgAAAAwAAAAbCAYAAABIpm7EAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAAZdEVYdFNvZnR3YXJlAHBhaW50Lm5ldCA0LjAuMjHxIGmVAAABZElEQVQ4T72Tq0/DUBTG+58gQeFAgWIYMAyFAT1DLSQ8LGIYGH0AasnwhGWOPZoGEiZgU3QL853sunbtzCHnwLnpst6kGJp84nzn/O797kmqxHEMMjUti/Q1GAhPCjxWq7CwuES6MU3hK1EUQZqOTk4TwK3wpcDyyiqs5zazAeXKAw1eFC+zAQVVpRss254HJpMJJDUcDmno+OycNsQA9+cAjvNUq2UDCocqPXY6naYDYRgCy3VdGsDHYt1oMWCKmRmgXKnQwEe3mw3gOLgNrFOBIAgA5fT7Ig57SYA9AVxrOjXfO51swHZ+l+LgJthLBcbjMTi9noiDNaveapFfMgzhEXClaSION1BSgOPgFriBSgU+Hec3ThF8359RvdkUAHsKx8Fb9vYPZrS1k6fe2kaO6rd2GxSk0cyi50bj53+QffbLKw3qd/dU01pHoxHIhCciUNIN4f0D4HkeyJQE2Psj4ME3nlQME5lReu0AAAAASUVORK5CYII=',
5 => 'iVBORw0KGgoAAAANSUhEUgAAAAoAAAAcCAYAAABYvS47AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAAZdEVYdFNvZnR3YXJlAHBhaW50Lm5ldCA0LjAuMjHxIGmVAAABVUlEQVQ4T7XSPUvDUBQG4PwTR53cdNKpujnppotZXXTp0IKCg+5amoCCot2LFR2kNkkRXaRdrYr9AdYO+WiaLzj6HvDGaBMcdHjJufc+4ZKTI/m+T3qzmZnXXo8Yjo1PZAZY8jyPF7Nz86QcHI7MS7cbw+VVmcIwHBncmoCo0/J7OBwOBUSdln+ArusKiDotCXjfalFD1+nx6Tkdfs9MLkfVWi2Gg8GACptbtCLL4k+srW+IF44rFYJhiO5HUURBEHBQ39zeMZycmo7hqKDJuAn4WtNIchyH0nJ+cclwX1GyoWY0GZZUNRs2DCOGtm1TWtBTAR86HTo6OSU8M+FeucwLfFkmLCmqgJZlJYI9hh/mb2D1rBbDVrvNi3yh+APmi0U+g+E+YiCwsb2zS1f1Ogc19nAGI5mmSW/9vsBfs7C4xGcwDHENJggT8zlqqDFFODNNk94BejFv//UBSp8AAAAASUVORK5CYII=',
6 => 'iVBORw0KGgoAAAANSUhEUgAAAAsAAAAcCAYAAAC3f0UFAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAAZdEVYdFNvZnR3YXJlAHBhaW50Lm5ldCA0LjAuMjHxIGmVAAABwElEQVQ4T7WUu0tCcRTH73/SWEtttbXVUDSULdmQNrTYUEtCWm3Ry6WHZrVFUhFIL5AwX4ktYUG49HAoCiWhuL6fnPoeuVftChGU8Ln8fuf74b7OuQq5XI7AYzhMq+vrpNZoGb1xijw+H2cSLAdvbqiltY0aGpsU4ASynM1m+UwILJtbJP2enp+pR9XPdbfXR/CE4PU1F3Rj41QoFLgIcCZ/IMDZ7MJiWd622biws7snixL5fJ6zQe1wWV6zbnDBe+FXyKCujCfPZDIKJBnrv5VvQyEqlUq8/pKtLOP1pNNpBbhXaf2jXE2NHI1GyX50RCtmC3MVDNaX9UYjNddp+cCQhiKRCKVSqYoM8NS2/f2vzl3SqcMht3vCYKiVMRfFYpHbLDXk/eOD2js6OWcZU4UNXl0ymawBwtySiXOny12RXV6vQgbSlZH/KFfnFdnjoUQioaA6/0/ZUt6cu90Uj8cVVOe/kw+PT3izbDbXldUaDedouXB3/8Cb7j6VQnx5eeUMXcT9CzhMTs9wcUQ3SmdOJ3Ngt1NXby/X8TGLokgCDm+xmDw035k3mfgrkWVcEkOEacNASeCPBgMFRxRF+gSvSaVKyzWKRwAAAABJRU5ErkJggg==',
7 => 'iVBORw0KGgoAAAANSUhEUgAAAAsAAAAbCAYAAACqenW9AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAAZdEVYdFNvZnR3YXJlAHBhaW50Lm5ldCA0LjAuMjHxIGmVAAABi0lEQVQ4T4WUv0/CQBTH7z9x1MlNJ53ESRdxUgdh1AUXoxF10QQJDhpb+eFkgmEyIaIjIYRFTRQmMQiykRRZyq9CGZ55L7nmDloYPsP79pPXd9e7snKlAplsdiLoMSUSganpmYmgx7K5HNzG7hzZ9e2RrEajwEzThMFg4EggFCL5t1oF1uv1YBwLSy5Yda9Dv98fL/+Uy9Q1ELqkeqx8Ew6TjOvCmhmGAU5sejwwOzdPI2DtKGuaRl13fD4rc5Tv4w8kxxMJK2PdbhfsOPAfk/zXaFiZo4yz4pZhR57ZyulMhrqq0ZiUs06nA8OcB4MkfxYKUm4r41fDMXAEMR+Rv0sl6np4cirlCGu32yByraokPz2/SDkyIm9se0iu1+tSjkhyrVYjccvrpdeKzxDWarWA85hMkowHXcw5krx/5Cf5I5+XJI4k43YtupZpBDHnsGazCcjr2zt1xWvEs2Es+SxwQXIylRqROJa8suYmGc+AKIiQ/FUskojXflgQYbquw5WikIw/Eqzt0eEfEgLrE1cPLYgAAAAASUVORK5CYII=',
8 => 'iVBORw0KGgoAAAANSUhEUgAAAAsAAAAcCAYAAAC3f0UFAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAAZdEVYdFNvZnR3YXJlAHBhaW50Lm5ldCA0LjAuMjHxIGmVAAAB3ElEQVQ4T7WUyy8DURTG5z+xZGXHihUWHgutlVhgISQeO8RzJaHRjdCWWhGVSKSeIZHqM+xoIt1QJIS2KaLT9ys5+p2aMUxtJJp8Tc75ftPbe893R8hkMgSFX15o0WSi9s4uVt/gEK1bLOxJYvjC66XKqmoqK69QqVmj5R+S4Zq6ejaM5lWSPhFRpLGpae6PTEwW4d39A27M6fWUy+UonU7Lyufz1KJtYz8cDpOwtLzMhcvj+QZKMprN7NudLsArXDjd7pKw0v8b7HC5KJVKqaT0/xFe39zkYm3DQslkUqXRwhnD99/eknB3f88FRvwTDIVCPNna+gZeRcAXBoIHhsfHGQB4feOnJo2G+4dHx9wTEokEZbNZ6ujuZuOnEAEcITiGFwwGNrAkVgEg5QKy2e1FOBgMyuB7JMKrQMiJ5+ycvaZC8hi27u5xY3Zez414PC4L+5GCFAgESFg0mrjAOJWgJMNKMUj4KwJuB4pTp7MkrPS/YIeDYrGYSkr/P+HPDWID0WhUJaUvwzjCUvCMTvcFX1xectE7MKgCn56e+eZjYPK4pVz09PfTic3G2rbuUGNrMUi4tHhYEAvvh9e3t1+DhKwgSOAYxlPIwpXPxyGCLFtb9PD4KIOiKNIH9iuYHHkGNc4AAAAASUVORK5CYII=',
9 => 'iVBORw0KGgoAAAANSUhEUgAAAAsAAAAcCAYAAAC3f0UFAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAAZdEVYdFNvZnR3YXJlAHBhaW50Lm5ldCA0LjAuMjHxIGmVAAABsUlEQVQ4T72Uv0tCURTH33/SWFNbTTZpQ7RYS0iUtUSE/VgbampIcCnzV02FUlDkXOavpDZ/EA4hOSQ+BCXJ34rCqe+R+1KeFAR14eN755wP593nvfdJrVaLwEs6TVaHgwzGJWZ1fYPOPB6uCViOxuM0OjZOQ8MjKqZnZilfKHTlZrPJnVCwH5+QGO+lEm3v7HLeancQPCkai3FibXOL2u02JwWdToefCFjGvCDbXMd9ogBNUM/n8yQdOV0chO4jA2U0QT0QCn/JwXCYGo2Git76n8pODjCner2uorf+D/Kp20O1Wk1FnxxLJDjAHsjlcn3icyrFeUXGG88vL3NCo9XSgc3GrJhMnBOwXK1W6a1YVDZNL8jtWyx87w+FujIeiU2EEXl4ZDCQE3NW5F7EYogYB0KRK5UKfYciB4MkybJMV14v3fr9P8s+f4CDQ5v9Z/ku0JVxdMrlsgrkUYf3O3nPbB4oG4xGruPvlfCDQKPVqcRsVubahG6SY6n0eeTFKs0tLNLl9TXd+Hx8ndLrOe8+vyB4LONgDlpugEZYJEUG+OI8JZP8oRG8ZjLcqOuU6AN9JaRobT4CLwAAAABJRU5ErkJggg=='
);
$dictionary = array_map ( $img, array_map ( 'base64_decode', $dictionary ) );
register_shutdown_function ( function () use (&$dictionary) {
array_map ( 'imagedestroy', $dictionary ); // free up memory... php probably would do this anyway at this point tho.
} );
}
$big = $img ( $imageBinary );
try {
$ret = array ();
foreach ( $dictionary as $key => $small ) {
$tmp = FindImageInImageV2 ( $big, $small );
if (empty ( $tmp )) {
throw new \RuntimeException ( "failed to find number {$key} on the keypad!" );
}
if (count ( $tmp ) > 1) {
throw new \LogicException ( "found number {$key} more than once! should never happen" );
}
$ret [$key] = $tmp [0];
}
} finally{
imagedestroy ( $big );
}
return $ret;
}
// from https://stackoverflow.com/q/36002799/1067003
function FindImageInImageV2($big, $small, int $max = PHP_INT_MAX, bool $center = true): array {
assert ( is_resource ( $small ) );
assert ( is_resource ( $big ) );
$ret = array ();
// think2 ( $big, 'FindImageInImage/big' );
// think2 ( $small, 'FindImageInImage/small' );
$smallx = imagesx ( $small );
$smally = imagesy ( $small );
$bigx = imagesx ( $big );
$bigy = imagesy ( $big );
assert ( $bigx >= $smallx );
if ($bigx < $smallx) {
return $ret; // match is impossible
}
assert ( $bigy >= $smally );
if ($bigy < $smally) {
return $ret; // match is impossible
}
$smallcolors = imagecolorstotal ( $small );
$bigcolors = imagecolorstotal ( $big );
// assert($smallcolors<$bigcolors);
if ($smallcolors > $bigcolors) {
return $ret; // too many colors, match is impossible.
}
$smallImageAsColors = array ();
for($x = 0; $x < $smallx; ++ $x) {
$smallImageAsColors [$x] = array ();
for($y = 0; $y < $smally; ++ $y) {
$tmp = imagecolorsforindex ( $small, imagecolorat ( $small, $x, $y ) );
// unset ( $tmp ['alpha'] );
$tmp = imagecolorexact ( $big, $tmp ['red'], $tmp ['green'], $tmp ['blue'] );
if ($tmp === - 1) {
// small has a color that does not exist in big, match is impossible
return $ret;
}
$smallImageAsColors [$x] [/*$y*/] = $tmp;
}
}
unset ( $x, $y, $tmp );
for($x = 0; $x < $bigx; ++ $x) {
if ($bigx < ($x + $smallx)) { // << todo: can be optimized away.
break; // too close to the end, no result possible..
}
for($y = 0; $y < $bigy; ++ $y) {
if ($bigy < ($y + $smally)) { // << todo: can be optimized away.
continue; // too close to the bottom, no result possible for this $y..
}
// $matchFound = true;
for($i = 0; $i < $smallx; ++ $i) {
for($ii = 0; $ii < $smally; ++ $ii) {
// yelp
if ($smallImageAsColors [$i] [$ii] !== imagecolorat ( $big, $x + $i, $y + $ii )) {
// $matchFound=false;
// goto outofmatching;//i can micro optimize the jumps more actually... but should i?
// goto uglyoptimize;
continue 3;
}
}
}
// outofmatching:
// if ($matchFound) {
$ret [] = array (
'x' => ($center ? $x + (( int ) floor ( $smallx / 2 )) : $x),
'y' => ($center ? $y + (( int ) floor ( $smally / 2 )) : $y)
);
if (count ( $ret ) >= $max) {
// goto done;
return $ret;
}
// }
// uglyoptimize:
}
}
// done:
return $ret;
}
which yields the 2-dimensional X/Y locations to every number 0-9 on the keypad:
Array
(
[0] => Array
(
[x] => 42
[y] => 119
)
[1] => Array
(
[x] => 41
[y] => 39
)
[2] => Array
(
[x] => 375
[y] => 119
)
[3] => Array
(
[x] => 126
[y] => 39
)
[4] => Array
(
[x] => 124
[y] => 119
)
[5] => Array
(
[x] => 209
[y] => 40
)
[6] => Array
(
[x] => 374
[y] => 40
)
[7] => Array
(
[x] => 208
[y] => 118
)
[8] => Array
(
[x] => 291
[y] => 119
)
[9] => Array
(
[x] => 291
[y] => 40
)
)
which you can use to emulate clicking on the keypad to enter the pin code with PHP/curl, to login. :)
the keys themselves (0-9) was extracted with Paint.net like this https://youtu.be/ke4CMRjeN-o , and base64 encoded (into $dictionary), and the image search function was taken from this question: Way to find an image inside another image in PHP/GD?