TechVista-360

Tuesday 12 February 2019

A secret love message ~

Hmm, so the trick of putting up a catchy seasonal title worked out, we got you here!

Folks, we will be talking about a really cool tech of steganography in this post.

Hey! WAIT don't leave the post. I'm still gonna talk about secrets and I'm still gonna talk about messages. And if you are a hacker/programmer and want to convey your hidden love interest in more hidden way this post might just help you right, in time, lol.

Otherwise, if you wanna convey your hate interests even then it will help you right.

Follow along ~

So now, while texting your image to your friend, you just don't send this:
(Imagine it's you having coffee)

But rather, you send this:

What is the difference between the two you'd ask.

The difference is while both are JPG files, the second one has a secret text message hidden in the image and the first one doesnot.

What's that message? How's this done?

This is done using Stegnography.
"Unlike encryption, where it's obvious that a message is being hidden, stegnography hides data in plain view, inside a file such as a picture. As far as images are concerned, to anyone who isn't aware that it contains hidden data, it looks like just a normal, innocent picture."

In layman's language, the fact which is taken advantage of is that our eyes cannot differentiate between minor fluctuations in color. So if there are two minorly different shades of brown (which have different corresponding hexcode) are shown to humans, our eyes will find them almost equivalent and won't be able to detect the difference. So in the second image or stegnographed image per say, codes up the secret text information by randomly picking up the pixels across the image and incrementing their hashcode values.

How Is Steganography Implemented?

(Ref: https://null-byte.wonderhowto.com/how-to/steganography-hide-secret-data-inside-image-audio-file-seconds-0180936/ )

There are several different techniques for concealing data inside of normal files. One of the most widely used and perhaps simplest to understand is the least significant bit technique, known commonly as LSB.

This technique changes the last few bits in a byte to encode a message, which is especially useful in something like an image, where the red, green, and blue values of each pixel are represented by eight bits (one byte) ranging from 0 to 255 in decimal or 00000000 to 11111111 in binary.

Changing the last two bits in a completely red pixel from 11111111 to 11111101 only changes the red value from 255 to 253, which to the naked eye creates a nearly imperceptible change in color but still allows us to encode data inside of the picture.

So, if the text is "Love", it saves the binary codes corresponding to 'L','o', 'v', 'e' by tinkering the least signuficant digit of the pixel.

A typical digital image uses 24 bits per pixel. If you want to create a 4-x-6-inch print at 300 ppi, you need at least 1200 x 1800 pixels. That gives us a lot many pixels and thus bits which we can use to hide our data.

If the image is big enough, we can not only hide the text image but also another image within it!

While encoding a passphrase is needed. The same passphrase is required to extract the message from the image.

There are very simple ways on how you can perform this. If you are on linux (preferably Kali) just do these:

1. $ apt-get install steghide

2. Suppose the image named is "hearts.jpg" and the text message is saved in file "loveLetter.txt" then use the following command to generate a stegnographed image of the same name.

$ steghide embed -ef loveLetter.txt -cf hearts.jpg -e none -Z

This will ask for a passphrase, just give some string, say, "valentine".

3. In order to extract the text out of the image, use this command:

$ steghide extract -sf hearts.jpg -xf recoveredMsg.txt

This will ask for passphrase, pass the one you used while embedding, which is "valentine" in this case. The command will generate a text file named recoveredMsg.txt with the message written in it.

For more details pls refer to: https://null-byte.wonderhowto.com/how-to/steganography-hide-secret-data-inside-image-audio-file-seconds-0180936/

What is the hidden message?

So, what's the message hidden in the second image above? It is

"I miss you asshole. Take care"

How can you cross check if it's really that.? Well go ahead and find for yourself, the passphrase is "valentine" (use the third command steghide extract).

Also, note that compression algos might lead to data loss, so if you send images via WhatsApp, your message might get lost in compression :P , share it on drive instead.

I'll tinker with this cool tool for sometime now and will write another post shortly if I stumble over some interesting observations/concepts/algos.

See you in the next post soon!

Take care. Keep Hacking.

Love <3

Interesting Links:

Ref: https://www.youtube.com/watch?v=5opGM7jXvHM

Ref : https://youtu.be/9UZh-4Er7BQ

Wednesday 3 October 2018

Outreachy experience and application tips

One of the best experiences of my student life was to make it to this list:
https://wiki.gnome.org/Outreachy/2015/DecemberMarch#Accepted_Participants
(This is the list of accepted participants for the Outreachy program from December- March 2015.)

Around this time of the year, the applications have just opened for Outreachy's 2018-2019 program and I've been getting queries on how to apply and what to look for in the projects.

So, here are some quick tips and approaches you can have for the program.
PS: These are simply suggestions, go with your will and way eventually.

Before we begin with the tips, if you don't know what is Outreachy, please check out:
https://www.outreachy.org/
It is a wonderful platform to encourage those in minority representation in tech to get acquainted with open source world under the guidance of highly skilled mentors.

Open source is not just an "access specifier" for codebase, it brings along a whole different culture and attitude within the community programmers.
A culture which is inclusive and open. People you usually find here won't be snobs or the ones highly defensive of their own ideas and code, being very protective of the ideas they possess. There are no rivalries, no hidden intentions and no competition. Programmers here come together with a common motive of building on the source code they have, being open about discussions and suggestions, taking help from the community and giving it back to others in the community as the need comes.
It is one of the most liberal communities I have ever stumbled on. This is a must have life experience.
Whether via Outreachy, GSoC or just on your own, do explore this culture once.

Having said that, here are the answers to most asked questions while applying for Outreachy.

Q: What kind of project should I take up? Should I target on more than two projects?

This is highly dependent on your skill set and interests. The projects that are available are spread across different domains, some are simply frontend, plugins using JavaScript, HTML, CSS, jQuery, AngularJS, React etc, if you are someone who enjoys and understands these languages picking up projects from Mozilla etc would be great. Usually the codebase of frontend projects is not that huge, so if you are a beginner or someone who has no experience in handling huge codebases, I'd suggest you to go for it. Then there are projects highly dependent on distributed computing ,say Mesos, these require an insight into the language they are using and network programming, one should not dig deep into them if they lack interest and have no prior knowledge, as these end up consuming a lot of time and usually difficult to understand. Selection of your project can also be aligned with what is it that you want to learn or get your skills up in.
Given the time frame the program operates in, more than two projects is usually not feasible.
Understand what you're trying to do here: understand a codebase, solving bugs and contributing back to it. This is a very time consuming task and requires your time, dedicated focus and patience, in my opinion, two are already on higher side, and are enough.

Q: How should I go about contributing? Should I start by solving "newbie's" bugs?
Answer is a big NO. This is a very common mistake we are prone to do given the deadlines and rush. Before touching the codebase, build the app and "USE THE APP". Use the software, just like the end user, explore what all functionalities it has, what all it supports. Once you have played with app enough then trace your way back from feature to code. Go through the code. "Read" the code, comments, try to understand what it is trying to do. Now, you are ready to look for the bugs. Issues on Git repos are usually labelled. Pick the ones that suit you, take up newbie issues. Try to solve them, If you don't understand, ask for clarifications on the thread or catch up the community folks on IRC.

Q: Should I be in explicit contact with the mentor?
No need, people usually end up contacting mentors a lot telling them how much interested they are in the project. In my opinion an initial email is enough. Your interest should be reflected in terms of how active you are on the codebase and IRC. Ask questions, solve issues. If you have a good understanding of the codebase and have made enough contributions the mentor will recognize that.

Q: Are there any prerequisites?
If you are a student while taking part in Outreachy, it is preferable if you can take up the Outreachy project as your academic project. They have strict rules around the academic credits you can earn along with Outreachy, please get in touch with the required folks from Outreachy and get your issues clarified beforehand.

Q: What are the outcomes of this program?
Being Indians we are almost always concerned with this. (Pun intended)
Let me put it this way, outcomes include exposure to the world of open source, network of amazing folks, mentorship by highly skilled/renowned folks in the industry, and generous stipend of $5500

Links:
Outreachy : https://www.outreachy.org/
My Outreachy log blog: https://outreachypb.wordpress.com/

In case you have any queries or questions that I can answer, please feel free to comment or reach out to me, I'd be glad to help.

All the best!
Keep hacking!

Love & Cheers

Thursday 21 June 2018

HIGH FIVE ~ Programming tips [C#]

Hello World!

Over my tenure as an engineer I got a lot of insights into the C# language (which BTW is Microsoft's own language :D )

This blog post is an effort to share *five* of those tips with all you folks in order to write more efficient and readable programs ! :D

If you work with C# as your main programing language or if you happen to work with any oops language, I hope these tips and tricks can prove beneficial :

1. Use XMLDocs:

These are the stubs you write over functions/classes describing what they do, usually xml docs for public members in the API is advised (especially would be important for functions we expect users to implement).

2. Be Lazy :

The concept of Lazy Initialization is initializing only when the object is being used for the first time in the program. This saves us a lot of time and memory and makes programs more efficient,

Lazy initialization is primarily used to improve performance, avoid wasteful computation, and reduce program memory requirements. These are the most common scenarios:

When you have an object that is expensive to create, and the program might not use it. For example, assume that you have in memory a Customer object that has an Orders property that contains a large array of Order objects that, to be initialized, requires a database connection. If the user never asks to display the Orders or use the data in a computation, then there is no reason to use system memory or computing cycles to create it. By using Lazy<Orders> to declare the Orders object for lazy initialization, you can avoid wasting system resources when the object is not used.

When you have an object that is expensive to create, and you want to defer its creation until after other expensive operations have been completed. For example, assume that your program loads several object instances when it starts, but only some of them are required immediately. You can improve the startup performance of the program by deferring initialization of the objects that are not required until the required objects have been created.

Apart from the performance benefits, lazy initializations are also thread safe

3. Use LINQ and a LOT OF LINQ:

LINQ is Language Integrated Query, these are usually inherently optimized codes that you can use to perform queries and operations on data.

Advantages of LINQ:

Familiar language: Developers don’t have to learn a new query language for each type of data source or data format.
Less coding: It reduces the amount of code to be written as compared with a more traditional approach.
Readable code: LINQ makes the code more readable so other developers can easily understand and maintain it.
Standardized way of querying multiple data sources: The same LINQ syntax can be used to query multiple data sources.
Compile time safety of queries: It provides type checking of objects at compile time.
IntelliSense Support: LINQ provides IntelliSense for generic collections.
Shaping data: You can retrieve data in different shapes.

4. Do justice to your Exceptions:

Throwing exceptions at the right time with the right message and variable information proves immensely beneficial rather than failing silently. Make sure you catch all the possible exceptions in any code implementation with an appropriate message that provides me values of variables or outputs of functions that would have messed up in the stack trace, so as to debug and resolve the issue better.

5. DRY your code:

DRY implies for Do not Repeat Yourself

In The Pragmatic Programmer, DRY is defined as “every piece of knowledge must have a single, unambiguous, authoritative representation within a system”.

This emphasizes on code reusability, it's better to contain a logic at one place and calling it from different places rather than have that logic re-written everywhere you want to use it. It improves code readability and saves a lot of time while refactoring or modifying the logic.

You can read more about it here:

DRY principle

So these are the five tips for now. Topics like lazy initialization and LINQ needs there own separate blog posts in detail that I'd be covering hopefully soon along with more fun tips on programming in upcoming HIGH-FIVES.

Till then enjoy programming, and share in comments below if you have some really cool tips/tricks/suggestions for efficient programming, or which one is your latest learnt trick?

Would love to hear back!

Take care! Keep hacking!

See you in next post soon!

Cheers!

Sunday 15 April 2018

Duh - Saves you the trouble to correct your command

Duh.

This is no more an expression for me but a command now. Thanks to the hack I have been doing for past couple of days.

What's it about? Well, here it goes.

How many times it happens that we screw up commands on terminal?
A typo, a syntax mistake or jumbled up arguments. The command doesn't run and then we spend time retyping it ensuring everything is in place this time.
Quite time consuming, eh?

My laziness simply denied me such a behaviour. So I coded up a powershell cmdlet which can do this for me.
Now if I mess up a command, I just have to type 'Duh' and the right command will be displayed on the prompt for you to check and execute (press ENTER).

How Duh operates internally?
Well, guess what. Answer lies in the "tries".
We have a trie and we do closest match using Leveinshtein Distance.
In short, how to figure out how close two strings are? Find the no of letters you need to remove/insert/replace in order to attain string 2 from string 1.
This is what's being used in finding the closest correct command to the input command.
Hey but wait, what are the right set of commands constituting the tries? Where do we get these from?
For now I am using two things:
1. A list of standard git commands (with placeholders for params)
scraped from a website.
2. The history of currently opened powershell.
Why to use the history of commands on a powershell you may ask.
Here's the catch, while in a session there are a lot of commands that we use and reuse , using the latest history of powershell commands will help us correct the cases where we mess up a recently pre-used command (along with right set of params values) with ease since they exist in trie.

How to get history? Use "get-history". Lol.
But this command gives me history of all the commands typed on powershell, including the wrong ones. And we for sure don't want to put them in the trie. After all the programs is not: "We will return another wrong command in exchange with the wrong command you wrote, well just because it's chic, also beauty lies in imperfection".

There's a need to filter out these commands and pick only the right ones.
How to figure out which ones are right from the dumped output? I thought about drawing some heuristics from sample data.
Is there a pattern in execution time of failed commands? Is the time fixed? Or is it the least taken?
Stupid questions as I think of them now. There were definitely commands that were much faster to execute. Also the logic that fails the execution of any command is not the same and takes it's own time. Most importantly I believe the execution time of the same command may also differ based on how much is your CPU occupied.
So, how to filter out? Presently I am using the assumption that the wrong commands are more likely to be present in infrequent numbers. Especially because the chances of repeating a command wrongly in the same manner are really low. Well this is not very definitive and for sure there lies a good amount of drawbacks in this approach : we might lose out on many of the potentially correct commands and also, in case the wrong command is repeated again we will add it to trie and offer it as a suggestion the next time- a totally corrupted experience.
But well this is what I picked up for now.
There's one more better approach where we maintain a map of standard commands with their params and then find the closest match , this support will also help us in handling flags and new params with grace. So will be adding this up soon.

So that is what runs in the cmdlet code ( in c#).
For using this command you need to import the dll as a module and also set the alias duh for ease of usage. I have added a powershell profile.ps1 to ease that up.
We need to place that file in systems32 powershell directory (C:\Windows\System32\WindowsPowerShell\v1.0) and we should be all set.

Haah, so that's what the hack was all about.
I did it for powershell only, for now since I am using that these days but the code can be extended to operate with the other shells too, essentially the IO logic will change.
If you get interested, you can check out the source code at:
https://github.com/nextLane/Duh

There are a lot of issues and TODOs in this task, will open them up on GitHub shortly!
Feel free to drop by any comments/queries/suggestions, would be glad to get the conversation going.

On a parallel note, how this exactly differs from thefuck, a popular project on GitHub which seems to do the same:

thefuck is a "magnificent app", which is totally rule based and quite robust, I believe. It handles cases like if your git push fails, it will set an upstream and then do git push which is an additional layer of intelligence added. But it's an overkill for my specific use, it needs the rules to be explicitly coded up, secondly it takes decent amount of time evaluating the right matches and then generating the command. Duh isn't doing anything distantly resembling this, it's just a 300 lines of code not dependent on any third party libs, that gives me the closest match from a trie. The distinguishing feature is it takes into consideration the user behaviour on the terminal. If I use a set of 10-15 commands for a powershell session, I am likely to mess up one of those commands, now since I have a corresponding trie for that I can get the right one faster without coding any explicit rule to the repo. Thus the number of commands you can check is not constrained.

See yu in the nex\t postt soooon!
Duh

See you in the next post soon! :)

Till then,
Happy hacking
Adieu

Monday 18 September 2017

How would you make an HTML Parser?

Hola folks,

Here we will be walking through how html is being parsed by a widely popular parser: Angle Sharp
You can find it here !
This is just a walkthrough and gives an idea on the breadth of issues one has to deal with while designing a parser.

Let's sneak peek into what kind of data structures are used and how is the code structured.

It all begins with this line:

var parser = new HtmlParser();

We have folowing variations in constructing the HtmlParser object:

public HtmlParser()
: this(Configuration.Default)
{
}

/// <summary>
/// Creates a new parser with the custom options.
/// </summary>
/// <param name="options">The options to use.</param>
public HtmlParser(HtmlParserOptions options)
: this(options, Configuration.Default)
{
}

/// <summary>
/// Creates a new parser with the custom configuration.
/// </summary>
/// <param name="configuration">The configuration to use.</param>
public HtmlParser(IConfiguration configuration)
: this(new HtmlParserOptions { IsScripting = configuration.IsScripting() }, configuration)
{
}

/// <summary>
/// Creates a new parser with the custom options and configuration.
/// </summary>
/// <param name="options">The options to use.</param>
/// <param name="configuration">The configuration to use.</param>
public HtmlParser(HtmlParserOptions options, IConfiguration configuration)
: this(options, BrowsingContext.New(configuration))
{
}

/// <summary>
/// Creates a new parser with the custom options and the given context.
/// </summary>
/// <param name="options">The options to use.</param>
/// <param name="context">The context to use.</param>
public HtmlParser(HtmlParserOptions options, IBrowsingContext context)
{
_options = options;
_context = context;
}

You can find three things here:
1. Configuration:This is an interesting thing, opening it up we find an array of associated standard services like :
Factory.HtmlElements,
Factory.MathElements,
Factory.SvgElements,
Factory.Events,
Factory.AttributeSelector,
Factory.InputTypes,
Factory.LinkRelations,
Factory.MediaFeatures,
Factory.Properties,
Factory.PseudoClassSelector,
Factory.PseudoElementSelector,
Factory.Document,
Factory.BrowsingContext
Factory.Service
This can help us create customized configuration for contexts. Wondering what is Factory?
It is a static class bundling available factories. Factories are mostly instance mappings.
Let's break open one factory class, let's take:AttributeSelectorFactory
Observation:
It has a dictionary that stores CombinatorSymbol, SimpleSelector Attribute as key value pair.
Eg: Combinator Symbol for exactly is public static readonly String Exactly = "=";
Corresponding value is SimpleSelector AttrMatch

public static SimpleSelector AttrMatch(String match, String value, String prefix = null)
{
var front = match;

if (!String.IsNullOrEmpty(prefix))
{
front = FormFront(prefix, match);
match = FormMatch(prefix, match);
}

var code = FormCode(front, "=", value.CssString());
return new SimpleSelector(_ => _.GetAttribute(match).Is(value), Priority.OneClass, code);
}

It is kinda, operator and their corresponding code.

2. HtmlParserOptions: This is a simple struct having four boolean fields saving properties like if the document IsEmbedded, IsScripting, IsScrictMode, callback on OnCreated
3. IBrowsingContext: A simple and lightweight browsing context having different EventListeners added on actions like Parsed, Requested, Requesting etc and having data regarding creator, history, security etc. Won't be going deep in here.

Cutting down, it in essence readys up the HtmlDocumetn for us that has basic information regarding the BrowsingContext, HtmlParserOptions and it has a proper mapping of what kind of operations to be performed in different supported formats.

parser.Parse(sourceCode);

var document = CreateDocument(source);

var parser = new HtmlDomBuilder(document);

return parser.Parse(_options);

1. CreateDocument:

This does two things:

(a) var textSource = new TextSource(source);

(b) var document = new HtmlDocument(_context, textSource);

textSource: It's just a stream abstraction to handle encoding and more.
HtmlDocument: Represents a document node that contains only HTML nodes.
It has methods like Clone(), LoadAsync, Get/Set title etc.

2. HtmlDomBuilder: It intakes this HtmlDocument, that is seemingly not yet parsed. HtmlDomBuilder essentially constructs the tree (as per described here: http://www.w3.org/html/wg/drafts/html/master/syntax.html ). It parses tokens, decides what is it, open tag, closed tag, formatting element, plain text, script etc, it wold be another blog post that we will surely do, in order to learn how is it doing this parsing, with a perspective on code architecture.

ParseAsync will prefetch tokens taking size and current position into consideration and making it an async job where as parse will simply take the entire document and will be running in the foreground as expected. But both are trying to create the DOM tree i.e. filling in the HtmlDocument "elements".
It will be interesting to walkthrough the Home and Foreign methods , code has taken care of what if foreign elements are present or the tag is not closed etc.
The connection between IElement and INode is intiguing. Please note
- The Element interface represents an object within a DOM document.
- The Node interface is an interface from which a number of DOM types inherit, and allows these various types to be treated similarly.

And Element implements Node interface, so it's bound to have the expected fields for ChildNodes , etc.
There are things like shadow roots and pseudo elements that will be needing attention in the next post too.

This is just a quarter walk into the code, I would be glad to cover the finer details in the upcoming post.

Hope it's helpful for someone trying to dive deep into the Angle Shrp code.
If you have queries, feel free to ping in comments or via mail, woul dbe happy to discuss.

See you the next post!
Soon enough !
Till then, keep hacking~

927d206cf9305e6c66b4088d947a006ff8ad9ed636b7cc690e

Sunday 29 January 2017

Caching

Meanwhile, my cache went blank. No usage. How frequent are the chances of cache being blank if no use of a particular app is done?
*me makes a search engine query*

Hmm, so it has been rather a block on me restarting on the tech blogs I used to write. Truth is I wrote many, but couldn't finish them, so in draft. Well, this would be the feeble-most realization of writer's block if any.

Anyway, what am I intending to write here or will you just end up listening to a person who sounds tech and blabbers? Umm, no.
(Not for this post, for the least.)

So, here are quite a few realizations regarding tech I have been having lately.

One is tech at use. I don't know what software engineering has done to me but I end up finding a tech solution to my day-to-day problems.

One be "No-bai".
No, it's not a foreign language phrase though may seem like.
Just wanna say "no-bai" as in no maid, this problem happens when maid refuses to show up to work and you are unable to keep track of her because, well, mornings are meant for sleeping still. So maid steps in or steps out, you are mostly clueless until your sleeping ears turn sensitive to the adamant sounds of utensils she turns, overturns and places at some subtle surface so that it makes the loudest sound possible, thereby making it evident "She is working".

So, to solve this problem, I got a simple solution what if I ask her to just click a button on an app when she enters kitchen. What will that button do? Clicks her image and send it to server with timestamp :P
And then a server side small program with a rather simple interface to calculate number of days she worked.
The only issue was the app was supposed to be android and this can't be executed until my flatmate gets her new handset :P Even that is risky. Searched for some raspberry pi/arduino kinda thing but that will be more complicated to handle. I don't want her to leave the job anyway :P

Haah,
Next thing , umm, is the saddening impacts of big data. Be the consequences come up as some unexpected political victory or anything else, this is a true sadness prevalent all around. Humans being taken advantage of for having a psyche type, a personality, an emotion as it gets recorded in terms of likes or upvotes or shares or comments.
Just think how you began today? What all you did , what all apps you used and now just imagine the traces of your day and preferences you have left on web today!
Be it booking Uber or withdrawing 1500 INR or taking a selfie or ordering food or making a purchase online/offline via debit/credit cards. It's all recorded. Infact, just once for knowledge sake go to Google Settings and find out the data it collects. It even tracks which app you clicked how many times on your android device and in what order.
You think this is useless? Let's all just way to see how these patterns are being monetized over.
This is high time and calls action from all of us, atleast until we have a just law to govern us all, only awareness can help us.
I really appreciate the way Mozilla is driving the Data Privacy concerns. It's initiatives are in high regard.
Have a look here: https://blog.mozilla.org/blog/2017/01/26/data-privacy-day/

Only we can make a change here.
Just think twice before installing an Android app. Check for what all permissions it asks for.
Data theft from text messages is not a new thing. Elaborating a bit, suppose you gives some app access to read your text messages, now that app can read your text message inbox. Your inbox that has all your crucial details alongwith the bank updates. Would you like to let your bank details available to a third party app so easily?
Think twice.
Thing is be it apps or web services, they are not all free. Your data is the new currency.
Stay conscious, stay aware!

PS: The post might be inconsistent or random, reason:external influences at the time of jotting down :P But this for sure breaks the pause on this blog. See you in the posts to be rolled ahead, in a rather much frequent manner, till then keep exploring and keep hacking.

Adieu!

Monday 4 January 2016

Automate your facebook chats [JUST FOR FUN]

Hola folks!
We all are on Facebook, yeah, and many times it happens you just don't wish to continue a conversation, reasons can be any and many. Say, you are not in a mood to talk, or though its a good friend who pinged, you are engrossed in some work in the parallel tabs and fb was just left open and hidden amongst the enormity of other tabs or may be its just another unwanted "hii .." (or maybe you are simply excited to automate the chat messages rather than responding in person).

Here is a way to deal with all those in a humane and polite way :)

Preferred browser: Chrome

Do this :
1. In the chatbox settings, click on "See Full Conversation"
2. Press F12 and write the code in console, make sure to make a necessary change before hitting enter, that is, changing your reply button ID, since for every pageload on FB, this seemingly changes. Usually it is u_0_x though, but do inspect element on Reply Button and copy the id of the button and properly put it in the code.
3. Press Enter and let the fun begin.

var dialogs = ["hey! ssup?", "oh okay", "nothing much at my end", "btw check out this standup comedy by Biswa https://www.youtube.com/watch?v=wkLmfIxi3No " , "kk", "ahaan", "dude, wait, I will brb", "gotta go, catch you later, bbye :) "];
    var chatBox = document.getElementsByName("message_body")[0];
    var replyBut = document.getElementById("u_jsonp_3_6");   //change this id , this may not match
    var diaNum=0;

    var chitInt   = setInterval(function() {
        chatBox.value = dialogs[diaNum] ;

        setTimeout(function(){
            replyBut.click();
        }, 4000);
        diaNum=diaNum+1;
      if (diaNum == 8) {
    clearInterval(chitInt);
}
    }, 60000);

Feel free to play around with the code on my github repo here
Essentially this code is trying to put the dialogs in the array one by one in the chat box. So it starts with "hey!! ssup?" and end by "gotta go, catch you later, bbye :) ". Change these dialogs according to your chatting style to make it more realistic. Close the webpage to stop the script in between.
Also, for now it is one dialog every minute, change depending on the typing speed and availability of your friend (before starting the script).
Don't make it too less otherwise FB will pop up security check to assure its not a robot.

Personally, I got some really unexpected replies on these chats, like "Is this Aditi?" or "what's wrong with your texting language be? ". I needed to type in at times but it was fun overall.
Warning: People will leave frustrated or will be annoyed at times , so , sometimes you need to carry on a real chat just to make them normal and happy again.

I thank to all my friends, for tolerating the irrelevant messages while I was testing the script. Though some of them still don't know it was a script that conversed with them ( O yea B| ) .I am sorry.

PS: 1. Try at your own risk. In case FB blocks you or something crashes, its your responsibility.
2. Its meant for purely educational purposes :D

See you soon in the next post!

Happy Hacking!

Adieu.