def handle_javascript(self, line):
return eval_js(
line.replace(
"{}))",
"{}).replace('document.open();document.write','').replace(';document.close();',''))",
)
)
def addcrypted2():
package = flask.request.form.get(
"package", flask.request.form.get("source", flask.request.form.get("referer"))
)
crypted = flask.request.form["crypted"]
jk = flask.request.form["jk"]
crypted = standard_b64decode(unquote(crypted.replace(" ", "+")))
jk = eval_js(f"{jk} f()")
try:
key = bytes.fromhex(jk)
except Exception:
return "Could not decrypt key", 500
obj = Fernet(key)
urls = obj.decrypt(crypted).replace("\x00", "").replace("\r", "").split("\n")
urls = [url for url in urls if url.strip()]
api = flask.current_app.config["PYLOAD_API"]
try:
if package:
api.add_package(package, urls, 0)
else:
api.generate_and_add_packages(urls, 0)
except Exception:
return "failed can't add", 500
else:
return "success\r\n"
def handle_free(self, pyfile):
self.free_url = "http://turbobit.net/download/free/{}".format(
self.info["pattern"]["ID"])
self.data = self.load(self.free_url)
m = re.search(self.LIMIT_WAIT_PATTERN, self.data)
if m is not None:
self.retry(wait=m.group(1))
self.solve_captcha()
m = re.search(r"minLimit : (.+?),", self.data)
if m is None:
self.fail(self._("minLimit pattern not found"))
wait_time = eval_js(m.group(1))
self.wait(wait_time)
self.req.http.c.setopt(pycurl.HTTPHEADER,
["X-Requested-With: XMLHttpRequest"])
self.data = self.load(
"http://turbobit.net/download/getLinkTimeout/{}".format(
self.info["pattern"]["ID"]),
ref=self.free_url,
)
self.req.http.c.setopt(pycurl.HTTPHEADER, ["X-Requested-With:"])
if "/download/started/" in self.data:
self.data = self.load(
"http://turbobit.net/download/started/{}".format(
self.info["pattern"]["ID"]))
m = re.search(self.LINK_FREE_PATTERN, self.data)
if m is not None:
self.link = "http://turbobit.net{}".format(m.group(1))
def handle_free(self, pyfile):
m = re.search(
r'<div class="video-wrapper">.+?<script type="text/javascript">(.+?)</script>',
self.data,
re.S,
)
if m is None:
self.error(self._("Player Javascript data not found"))
script = m.group(1)
m = re.search(r"qualityItems_\d+", script)
if m is None:
self.error(self._("`qualityItems` variable no found"))
result_var = re.search(r"qualityItems_\d+", script).group(0)
script = "".join(re.findall(r"^\s*var .+", script, re.M))
script = re.sub(r"[\n\t]|/\*.+?\*/", "", script)
script += "JSON.stringify({});".format(result_var)
res = eval_js(script)
json_data = json.loads(res)
urls = {
int(re.search(r"^(\d+)", x["text"]).group(0)): x["url"]
for x in json_data if x["url"]
}
quality = max(urls.keys())
self.link = urls[quality]
def addcrypted2():
package = flask.request.form.get(
"package",
flask.request.form.get("source", flask.request.form.get("referer")))
crypted = flask.request.form["crypted"]
jk = flask.request.form["jk"]
crypted = standard_b64decode(unquote(crypted.replace(" ", "+")))
jk = eval_js(f"{jk} f()")
try:
IV = key = bytes.fromhex(jk)
except Exception:
return "Could not decrypt key", 500
cipher = Cipher(algorithms.AES(key),
modes.CBC(IV),
backend=default_backend())
decryptor = cipher.decryptor()
decrypted = decryptor.update(crypted) + decryptor.finalize()
urls = to_str(decrypted).replace("\x00", "").replace("\r", "").split("\n")
urls = [url for url in urls if url.strip()]
api = flask.current_app.config["PYLOAD_API"]
try:
if package:
api.add_package(package, urls, 0)
else:
api.generate_and_add_packages(urls, 0)
except Exception:
return "failed can't add", 500
else:
return "success\r\n"
def handle_web_links(self):
pack_links = []
self.log_debug("Handling Web links")
# TODO: Gather paginated web links
pattern = r"javascript:_get\(\'(.*?)\', \d+, \'\'\)"
ids = re.findall(pattern, self.data)
self.log_debug(f"Decrypting {len(ids)} Web links")
for i, ID in enumerate(ids):
try:
self.log_debug(f"Decrypting Web link {i + 1}, [{ID}]")
dw_link = self.base_url + "/get/lnk/" + ID
res = self.load(dw_link)
code = re.search(r"frm/(\d+)", res).group(1)
fw_link = self.base_url + "/get/frm/" + code
res = self.load(fw_link)
jscode = re.search(
r'<script language="javascript">\s*eval\((.*)\)\s*</script>',
res,
re.S,
).group(1)
jscode = eval_js(self._("f = {}").format(jscode))
jslauncher = "window=''; parent={frames:{Main:{location:{href:''}}},location:''}; {}; parent.frames.Main.location.href"
dl_link = eval_js(jslauncher.format(jscode))
self.log_debug(
"JsEngine returns value [{}] for redirection link".format(
dl_link))
pack_links.append(dl_link)
except Exception as detail:
self.log_debug(f"Error decrypting Web link [{ID}], {detail}")
self.log_debug(f"{len(pack_links)} links")
return pack_links
def handle_free(self, pyfile):
# step 1: get essential information: the media URL and the javascript
# translating the URL
m = re.search(self.MEDIA_URL_PATTERN, self.data)
if m is None:
self.fail(self._("Could not find any media URLs"))
encoded_media_url = m.group(1)
self.log_debug(f"Found encoded media URL: {encoded_media_url}")
m = re.search(self.COMMUNITY_JS_PATTERN, self.data)
if m is None:
self.fail(
self._("Could not find necessary javascript script to load"))
community_js_url = m.group(1)
self.log_debug(f"Found community js at {community_js_url}")
community_js_code = self.load(community_js_url)
# step 2: from the js code, parse the necessary parts: the decoder function and the headers
# as the jscript is fairly long, we'll split it to make parsing easier
community_js_code = community_js_code.partition(self.JS_SPLIT_WORD)[0]
m = re.search(self.JS_HEADER_PATTERN, community_js_code)
if m is None:
self.fail(
self._(
"Could not parse the necessary parts off the javascript"))
decoder_function = m.group("decoder")
initialization = m.group("initvars")
m = re.search(self.JS_PROCESS_PATTERN, community_js_code)
if m is None:
self.fail(
self.
_("Could not parse the processing function off the javascript"
))
process_function = m.group(0)
new_js_code = (decoder_function + "; " + initialization + "; var " +
process_function + '; processRecording("' +
encoded_media_url + '");')
self.log_debug(f"Running js script: {new_js_code}")
js_result = eval_js(new_js_code)
self.log_debug(f"Result is: {js_result}")
self.link = js_result
def _solve_cf_ddos_challenge(addon_plugin, owner_plugin, data):
try:
addon_plugin.log_info(
addon_plugin._("Detected CloudFlare's DDoS protection page"))
# Cloudflare requires a delay before solving the challenge
owner_plugin.set_wait(5)
last_url = owner_plugin.req.last_effective_url
urlp = urllib.parse.urlparse(last_url)
domain = urlp.netloc
submit_url = "{}://{}/cdn-cgi/l/chk_jschl".format(
urlp.scheme, domain)
get_params = {}
try:
get_params["jschl_vc"] = re.search(
r'name="jschl_vc" value="(\w+)"', data).group(1)
get_params["pass"] = re.search(r'name="pass" value="(.+?)"',
data).group(1)
# Extract the arithmetic operation
js = re.search(
r"setTimeout\(function\(\){\s+(var s,t,o,p,b,r,e,a,k,i,n,g,f.+?\r?\n[\s\S]+?a\.value =.+?)\r?\n",
data,
).group(1)
js = re.sub(r"a\.value = (parseInt\(.+?\)).+", r"\1", js)
js = re.sub(r"\s{3,}[a-z](?: = |\.).+", "", js)
js = re.sub(r"[\n\\']", "", js)
except Exception:
# Something is wrong with the page.
# This may indicate CloudFlare has changed their anti-bot
# technique.
owner_plugin.log_error(
addon_plugin._(
"Unable to parse CloudFlare's DDoS protection page"))
return None #: Tell the exception handler to re-throw the exception
# Safely evaluate the Javascript expression
get_params["jschl_answer"] = str(int(eval_js(js)) + len(domain))
owner_plugin.wait() #: Do the actual wait
return owner_plugin.load(submit_url, get=get_params, ref=last_url)
except Exception as exc:
addon_plugin.log_error(exc)
return None #: Tell the exception handler to re-throw the exception
def _get_links(self, crypted, jk):
#: Get key
jreturn = eval_js(self._("{} f()").format(jk))
self.log_debug(f"JsEngine returns value [{jreturn}]")
key = bytes.fromhex(jreturn)
#: Decrypt
obj = Fernet(key)
text = obj.decrypt(base64.b64decode(crypted))
#: Extract links
text = text.replace("\x00", "").replace("\r", "")
links = [link for link in text.split("\n") if link]
#: Log and return
self.log_debug(f"Block has {len(links)} links")
return links
def get_link(self):
#: Get all the scripts inside the html body
soup = BeautifulSoup(self.data)
scripts = [
s.getText()
for s in soup.body.findAll("script", type="text/javascript")
if "('dlbutton').href =" in s.getText()
]
#: Emulate a document in JS
inits = [
"""
var document = {}
document.getElementById = function(x) {
if (!this.hasOwnProperty(x)) {
this[x] = {getAttribute : function(x) { return this[x] } }
}
return this[x]
}
"""
]
#: inits is meant to be populated with the initialization of all the DOM elements found in the scripts
eltRE = r'getElementById\([\'"](.+?)[\'"]\)(\.)?(getAttribute\([\'"])?(\w+)?([\'"]\))?'
for m in re.findall(eltRE, " ".join(scripts)):
JSid, JSattr = m[0], m[3]
values = [
f for f in (elt.get(JSattr, None)
for elt in soup.findAll(id=JSid)) if f
]
if values:
inits.append(
'document.getElementById("{}")["{}"] = "{}"'.format(
JSid, JSattr, values[-1]))
#: Add try/catch in JS to handle deliberate errors
scripts = [
"\n".join(("try{", script, "} catch(err){}")) for script in scripts
]
#: Get the file's url by evaluating all the scripts
scripts = inits + scripts + ["document.dlbutton.href"]
return eval_js("\n".join(scripts))
def _solve_cf_ddos_challenge(addon_plugin, owner_plugin, data):
try:
addon_plugin.log_info(
addon_plugin._("Detected CloudFlare's DDoS protection page"))
wait_time = (int(
re.search(r"submit\(\);\r?\n\s*},\s*([0-9]+)", data).group(1))
+ 999) // 1000
owner_plugin.set_wait(wait_time)
last_url = owner_plugin.req.last_effective_url
urlp = urllib.parse.urlparse(last_url)
domain = urlp.netloc
submit_url = "{}://{}/cdn-cgi/l/chk_jschl".format(
urlp.scheme, domain)
get_params = {}
try:
get_params["jschl_vc"] = re.search(
r'name="jschl_vc" value="(\w+)"', data).group(1)
get_params["pass"] = re.search(r'name="pass" value="(.+?)"',
data).group(1)
get_params['s'] = re.search(r'name="s" value="(.+?)"',
data).group(1)
# Extract the arithmetic operation
js = re.search(
r"setTimeout\(function\(\){\s+(var s,t,o,p,b,r,e,a,k,i,n,g,f.+?\r?\n[\s\S]+?a\.value =.+?)\r?\n",
data,
).group(1)
js = re.sub(r'a\.value = (.+\.toFixed\(10\);).+', r'\1', js)
solution_name = re.search(
r's,t,o,p,b,r,e,a,k,i,n,g,f,\s*(.+)\s*=', js).group(1)
g = re.search(
r'(.*};)\n\s*(t\s*=(.+))\n\s*(;%s.*)' % solution_name, js,
re.M | re.I | re.S).groups()
js = g[0] + g[-1]
js = re.sub(r"[\n\\']", "", js)
except Exception:
# Something is wrong with the page.
# This may indicate CloudFlare has changed their anti-bot
# technique.
owner_plugin.log_error(
addon_plugin._(
"Unable to parse CloudFlare's DDoS protection page"))
return None #: Tell the exception handler to re-throw the exception
if "toFixed" not in js:
owner_plugin.log_error(
owner_plugin._(
"Unable to parse CloudFlare's DDoS protection page"))
return None # Tell the exception handler to re-throw the exception
atob = 'var atob = function(str) {return Buffer.from(str, "base64").toString("binary");}'
try:
k = re.search(r'k\s*=\s*\'(.+?)\';', data).group(1)
v = re.search(r'<div(?:.*)id="%s"(?:.*)>(.*)</div>' % k,
data).group(1)
doc = 'var document= {getElementById: function(x) { return {innerHTML:"%s"};}}' % v
except (AttributeError, IndexError):
doc = ""
js = '%s;%s;var t="%s";%s' % (doc, atob, domain, js)
# Safely evaluate the Javascript expression
res = eval_js(js)
try:
get_params['jschl_answer'] = str(float(res))
except ValueError:
owner_plugin.log_error(
owner_plugin._(
"Unable to parse CloudFlare's DDoS protection page"))
return None # Tell the exception handler to re-throw the exception
owner_plugin.wait() #: Do the actual wait
return owner_plugin.load(submit_url, get=get_params, ref=last_url)
except BadHeader as exc:
raise exc #: Huston, we have a BadHeader!
except Exception as exc:
addon_plugin.log_error(exc)
return None #: Tell the exception handler to re-throw the exception
