Am deschis snifferul (deoarece nu mai imi merge addonul live http headers de la firefox) si am observat ca atunci cand accesez pagina (ex: http://www.trilulilu.ro/Klain666/181e856072703d) se face un request GET la fs[server].trilulilu.ro/stream.php?type=audio&hash=[hash]&username=[user]&key=[key] ! Hashul, usernameul si keyul se preiau din sursa paginii, spre exemplu:
so.addVariable("userid", "Klain666");
so.addVariable("hash", "181e856072703d");
so.addVariable("server", "5");
so.addVariable("key", "7ffb3e072293631eff58365cd9a7c075ffb46366");
so.addVariable("generationDate", "Apr 03 2008 08:55:04");Key'ul e criptat in sha1 si se genereaza la fiecare request in functie de ora/data/minut. Deci, cum nu poate fi decripat am cautat alta solutie sa nu mai expire. Asa ca am facut urmatorul script:
<form action="?" method="post">
<input type="text" name="link">
<input type="submit" value="Submit">
</form>
<?php
if (!empty($_POST['link']))
{
/* $link=$_POST['link'];
$handle=fopen($link, "rb");
$content = '';
while (!feof($handle))
{
$content .= fread($handle, 8192);
}
fclose($handle);
*/
$content = file_get_contents($_POST['link']);
//userid
$aux1=explode("so.addVariable(\"userid\", \"", $content);
$aux2=explode("\"", $aux1[1]);
$userid=$aux2[0];
//hash
$aux3=explode("so.addVariable(\"hash\", \"", $content);
$aux4=explode("\"", $aux3[1]);
$hash=$aux4[0];
//server
$aux5=explode("so.addVariable(\"server\", \"", $content);
$aux6=explode("\"", $aux5[1]);
$server=$aux6[0];
//key
$aux7=explode("so.addVariable(\"key\", \"", $content);
$aux8=explode("\"", $aux7[1]);
$key=$aux8[0];
echo "fs$server.trilulilu.ro/stream.php?type=audio&hash=$hash&username=$userid&key=$key";
}
?>Linkul returnat este linkul de download pentru melodie (stream.mp3) ! Pt. video este asemanator, numai ca trebuie modificat ?type=audio cu ?type=video, iar filmuletul va fi downloadat ca stream.php (in final va avea extensia .flv). Bafta !
