Home
Forums
New posts
Search forums
What's new
New posts
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Search forums
Menu
Log in
Register
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Home
Forums
CARDING & HACKING
Hacking Tools
JavaScript attacks on the example of bypassing Social Locker for WordPress
Message
<blockquote data-quote="Dr. Smile" data-source="post: 381" data-attributes="member: 19"><p><img src="https://sun9-53.userapi.com/impg/c855320/v855320579/251390/WREIJXsE4_s.jpg?size=807x454&quality=96&sign=06dd253326caca9d91f310e242ec82ec&type=album" alt="JavaScript attacks on the example of bypassing Social Locker for WordPress, image # 1" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p>The article "Attacks on JavaScript" shows examples of bypassing restrictions imposed by JavaScript. It is clear that there is a tutorial example, so it is rather pointless. Let's take a more realistic situation. In the article "Bypass HTML source blocking, bypass social blockers and other countermeasures to collect information about the site" I showed how easy it is to bypass social blockers, since hidden links and text are loaded on the page, but styles are used to make this block invisible ... I even made a small service that will show you everything that social blockers hide. It's so easy you don't even have to fight JavaScript.</p><p></p><p>But they sent me an example site (_https: //www.yasir252.com/software/download-adobe-photoshop-cc-2020-full-version-windows/) that uses a more cunning social blocker.</p><p></p><p>Looking ahead, this is a paid plugin called "Social Locker for WordPress" and costs $ 27:</p><p></p><p><img src="https://sun9-84.userapi.com/impg/c855320/v855320579/25133f/03c4FczCU5M.jpg?size=807x529&quality=96&sign=e0bc2a4c12eb75dc35503c58a19da79c&type=album" alt="JavaScript attacks on the example of bypassing Social Locker for WordPress, image # 2" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p>Moreover, this is not an abandoned plugin, at the time of writing, the last update was made on May 8, 2020.</p><p></p><p>Let's start by parsing HTML and JavaScript code.</p><p></p><p>As you can see, in the source code the name is <strong>BizPanda Lockers</strong>, the path to this file is <strong>/ sociallocker-next-premium / bizpanda</strong>, I googled and found the page of this very <strong>Social Locker for WordPress</strong>.</p><p></p><p><img src="https://sun9-27.userapi.com/impg/c855320/v855320579/251348/bHJINf-Xkwk.jpg?size=807x631&quality=96&sign=9f07e4750ceec1da32ada1911c39ee3a&type=album" alt="JavaScript attacks on the example of bypassing Social Locker for WordPress, image # 3" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p>Analysis of the source code of the page showed that the content of the hidden block is missing in it, although there is some interesting data:</p><p>Code:</p><p>if (! window.bizpanda) window.bizpanda = {};</p><p>if (! window.bizpanda.lockerOptions) window.bizpanda.lockerOptions = {};</p><p>window.bizpanda.lockerOptions ['onpLock951887'] = {"lockerId": "3169", "tracking": "0", "postId": 17162, "ajaxUrl": "https: \ / \ / <a href="http://www.yasir252.com" target="_blank">www.yasir252.com</a> \ / wp-admin \ /admin-ajax.php "," options ": {" demo ": 1," actualUrls ": 0," text ": {" header ":" Link Download Tanpa Iklan "," message " : "</p><p>Klik salah satu tombol dibawah ini untuk download tanpa iklan. <\ / P> "}," theme ":" great-attractor "," lang ":" en_US "," agreement ": {" note ": 0," termsUrl ": false ," privacyPolicyUrl ": false, "showInPopup": {"width": 570, "height": 400}}, "overlap": {"mode": "full", "position": "middle", "altMode": "full"}, "highlight": 0, "googleAnalytics": 0, "locker": {"counter": 1, "loadingTimeout": "20000", "tumbler": 0, "naMode": "show-error", "inAppBrowsers" : "visible_with_warning", "inAppBrowsersWarning": "You are viewing this page in the {browser}. The locker may work incorrectly in this browser. Please open this page in a standard browser.", "close": 0, "mobile" : 1, "expires": 0}, "proxy": "https: \ / \ / <a href="http://www.yasir252.com" target="_blank">www.yasir252.com</a> \ / wp-admin \ /admin-ajax.php? Action = opanda_connect", "groups": ["social-buttons "]," socialButtons ": {" counters ": 1," order ": [" facebook-share "," twitter-tweet "]," behaviorOnError ":" show_error "," behaviorError ":" Matikan Adblock Untuk Download Tanpa Iklan "," facebook ": {" appId ":" 331196770812733 "," lang ":" en_US "," version ":" v6.0 "," like ": {" url ":" https: \ / \ / <a href="http://www.facebook.com" target="_blank">www.facebook.com</a> \ / yasir252 "," title ":" Like "," theConfirmIssue ": 0}," share ": {" url ":" https: \ / \ / <a href="http://www.yasir252.com" target="_blank">www.yasir252.com</a> \ / software \ / download-adobe-photoshop-cc-2020-full-version-windows \ / "," title ":" Share "," shareDialog ":facebook-share "," twitter-tweet "]," behaviorOnError ":" show_error "," behaviorError ":" Matikan Adblock Untuk Download Tanpa Iklan "," facebook ": {" appId ":" 331196770812733 "," lang ": "en_US", "version": "v6.0", "like": {"url": "https: \ / \ / <a href="http://www.facebook.com" target="_blank">www.facebook.com</a> \ / yasir252", "title": "Like", "theConfirmIssue ": 0}," share ": {" url ":" https: \ / \ / <a href="http://www.yasir252.com" target="_blank">www.yasir252.com</a> \ / software \ / download-adobe-photoshop-cc-2020-full-version-windows \ / ", "title": "Share", "shareDialog":facebook-share "," twitter-tweet "]," behaviorOnError ":" show_error "," behaviorError ":" Matikan Adblock Untuk Download Tanpa Iklan "," facebook ": {" appId ":" 331196770812733 "," lang ": "en_US", "version": "v6.0", "like": {"url": "https: \ / \ / <a href="http://www.facebook.com" target="_blank">www.facebook.com</a> \ / yasir252", "title": "Like", "theConfirmIssue ": 0}," share ": {" url ":" https: \ / \ / <a href="http://www.yasir252.com" target="_blank">www.yasir252.com</a> \ / software \ / download-adobe-photoshop-cc-2020-full-version-windows \ / ", "title": "Share", "shareDialog":facebook ": {" appId ":" 331196770812733 "," lang ":" en_US "," version ":" v6.0 "," like ": {" url ":" https: \ / \ / <a href="http://www.facebook" target="_blank">www.facebook</a>. com \ / yasir252 "," title ":" Like "," theConfirmIssue ": 0}," share ": {" url ":" https: \ / \ / <a href="http://www.yasir252.com" target="_blank">www.yasir252.com</a> \ / software \ / download-adobe -photoshop-cc-2020-full-version-windows \ / "," title ":" Share "," shareDialog ":facebook ": {" appId ":" 331196770812733 "," lang ":" en_US "," version ":" v6.0 "," like ": {" url ":" https: \ / \ / <a href="http://www.facebook" target="_blank">www.facebook</a>. com \ / yasir252 "," title ":" Like "," theConfirmIssue ": 0}," share ": {" url ":" https: \ / \ / <a href="http://www.yasir252.com" target="_blank">www.yasir252.com</a> \ / software \ / download-adobe -photoshop-cc-2020-full-version-windows \ / "," title ":" Share "," shareDialog ":com \ / software \ / download-adobe-photoshop-cc-2020-full-version-windows \ / "," title ":" Share "," shareDialog ":com \ / software \ / download-adobe-photoshop-cc-2020-full-version-windows \ / "," title ":" Share "," shareDialog ":true }}, "twitter": {"lang": "en", "tweet": {"url": "https: \ / \ / <a href="http://www.yasir252.com" target="_blank">www.yasir252.com</a> \ / software \ / download-adobe-photoshop-cc -2020-full-version-windows \ / "," doubleCheck ": 1," title ":" Tweet "}," follow ": {" url ":" https: \ / \ / twitter.com \ / yasir252com " , "title": "Follow us", "doubleCheck": 1, "hideScreenName": 1}}, "google": {"lang": "en", "plus": {"url": "https: \ /\/www.yasir252.com\/software\/download-adobe-photoshop-cc-2020-full-version-windows\/","title":"+1 us "}," share ": {" url ":" https: \ / \ / <a href="http://www.yasir252.com" target="_blank">www.yasir252.com</a> \ / software \ / download-adobe-photoshop-cc-2020-full-version-windows \ / "," title ":"Share "}}," youtube ": {" subscribe ": {" channelId ":" UCvPfXFZzw3x4I1FBYVlXbsg "," title ":" Youtube "}}," linkedin ": {" share ": {" url ":" https: \ / \ / <a href="http://www.yasir252.com" target="_blank">www.yasir252.com</a> \ / software \ / download-adobe-photoshop-cc-2020-full-version-windows \ / "," title ":" share "}}}," lazy ": true}, "_ theme": "great-attractor", "_ style": null , "ajax": true , "contentHash": "e408051e78dd01cade57a25100ad70c7", "stats": false };</p><p>Analysis of the JavaScript script file (_https: //www.yasir252.com/wp-content/plugins/sociallocker-next-premium/bizpanda/assets/js/lockers.020405.min.js) gave this interesting snippet:</p><p></p><p>// loading the locked content via ajax</p><p></p><p>if (data.ajax) {</p><p></p><p> options.content = {</p><p> url: data.ajaxUrl,</p><p> type: 'POST',</p><p> data: {</p><p> lockerId: data.lockerId,</p><p> action: 'opanda_loader',</p><p> hash: data.contentHash</p><p> }</p><p> };</p><p>}</p><p>Pay attention to the comment - "loading blocked content via ajax".</p><p></p><p>The <strong>ajaxUrl</strong>, <strong>lockerId</strong> and <strong>contentHash values</strong> can be found in the previous code snippet.</p><p></p><p>In fact, I found the second snippet after figuring out how to bypass this social blocker. You could skip the analysis of the source code altogether and immediately start by analyzing the POST request (see "How to Analyze POST Requests in a Web Browser").</p><p></p><p>I "liked" the article to view the hidden text:</p><p><img src="https://sun9-61.userapi.com/impg/c855320/v855320579/251351/Zjiw_faFq_c.jpg?size=807x626&quality=96&sign=f9f5969d1d60ee85ea255840dad2d4c3&type=album" alt="JavaScript attacks on the example of bypassing Social Locker for WordPress, image # 4" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p>As you can see, a POST request is sent to the page <a href="https://www.yasir252.com/wp-admin/admin-ajax.php" target="_blank">https://www.yasir252.com/wp-admin/admin-ajax.php</a> containing the string "<strong>lockerId = 3169 & action = opanda_loader & hash = e408051e78dd01cade57a25100ad70c7</strong>":</p><p><img src="https://sun9-3.userapi.com/impg/c855320/v855320579/251359/yk4MkiTOyRk.jpg?size=773x113&quality=96&sign=0ebfa78b2a8bbc97a5b8ad5f8167ce90&type=album" alt="JavaScript attacks on the example of bypassing Social Locker for WordPress, image # 5" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p>And in response comes a code hidden by a social blocker:</p><p><img src="https://sun9-42.userapi.com/impg/c855320/v855320579/251362/E6SpIiVQJE0.jpg?size=807x150&quality=96&sign=06a4e392820dfc5a4770bfe480f2eeb3&type=album" alt="JavaScript attacks on the example of bypassing Social Locker for WordPress, image # 6" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p>Rendering the received data:</p><p><img src="https://sun9-45.userapi.com/impg/c855320/v855320579/25136b/Khdk-01YkaU.jpg?size=807x244&quality=96&sign=a9b9f75e0ccec8f2dee9479fd91a764c&type=album" alt="JavaScript attacks on the example of bypassing Social Locker for WordPress, image # 7" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p>Trying to get hidden text bypassing sharing on social networks:</p><p>Code:</p><p>curl <a href="https://www.yasir252.com/wp-admin/admin-ajax.php" target="_blank">https://www.yasir252.com/wp-admin/admin-ajax.php</a> -d 'lockerId = 3169 & action = opanda_loader & hash = e408051e78dd01cade57a25100ad70c7'</p><p>Everything worked!</p><p></p><p><img src="https://sun9-33.userapi.com/impg/c855320/v855320579/251374/ugqcLrkZxJI.jpg?size=807x482&quality=96&sign=b8351547df416ff415a1d2ea4050f6bd&type=album" alt="JavaScript attacks on the example of bypassing Social Locker for WordPress, image # 8" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p>If you do not understand the HTML text, then save it to a file and open it in a web browser:</p><p>Code:</p><p>curl <a href="https://www.yasir252.com/wp-admin/admin-ajax.php" target="_blank">https://www.yasir252.com/wp-admin/admin-ajax.php</a> -d 'lockerId = 3169 & action = opanda_loader & hash = e408051e78dd01cade57a25100ad70c7'> locker.htm && firefox locker.htm</p><p><img src="https://sun9-30.userapi.com/impg/c855320/v855320579/25137d/RXCZnqujPAQ.jpg?size=807x250&quality=96&sign=ba155d00e434d08448c02db6f587901b&type=album" alt="RXCZnqujPAQ.jpg" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p>Further analysis showed that the hash is static and is always contained in the source code. The <strong>lockerId</strong> value <strong>does</strong> not change and any number can be substituted there (perhaps this is the result of a "crack").</p><p></p><p>In order not to crawl into the source code every time, we will create a script for automation. To the <strong>sociallocker-next-premium.sh</strong> file:</p><p>Code:</p><p>gedit sociallocker-next-premium.sh</p><p>Copy the following:</p><p>Code:</p><p>#! / bin / bash</p><p></p><p>if [[-z $ 1]]; then</p><p> echo 'No link provided to bypass social blocker!';</p><p> exit 1;</p><p>fi</p><p></p><p>t0 = `curl -s -A 'Mozilla / 5.0 (X11; Linux x86_64) AppleWebKit / 537.36 (KHTML, like Gecko) Chrome / 72.0.3626.119 Safari / 537.36'" $ 1 "`</p><p></p><p>hash = "` echo "$ t0" | grep -E 'window.bizpanda.lockerOptions' | grep -E -o' "contentHash": "[A-Za-z0-9] {8,}" '| sed' s / "contentHash": "// '| sed 's / "//'` ";</p><p>t5 = $ hash</p><p></p><p>url = "` echo $ 1 | grep -E -o 'http (| s): // [^ /] +' `/ wp-admin / admin-ajax.php"</p><p></p><p>if [["$ t5"]]; then</p><p> curl $ url -d 'lockerId = 3169 & action = opanda_loader & hash =' $ hash</p><p>fi</p><p>Run like this:</p><p>Code:</p><p>bash sociallocker-next-premium.sh 'URL'</p><p>For example:</p><p>Code:</p><p>bash sociallocker-next-premium.sh '<a href="https://www.hourlybook.com/entrance-exams/national-eligibility-cum-entrance-test/neet-biodiversity-and-conversation-practice-questions-2017/" target="_blank">https://www.hourlybook.com/entrance-exams/national-eligibility-cum-entrance-test/neet-biodiversity-and-conversation-practice-questions-2017/</a>'</p><p>To immediately see the content after rendering the HTML code, use the construction:</p><p>Code:</p><p>bash sociallocker-next-premium.sh 'URL'> locker.htm && firefox locker.htm</p><p>For example:</p><p>Code:</p><p>bash sociallocker-next-premium.sh '<a href="https://www.hourlybook.com/entrance-exams/national-eligibility-cum-entrance-test/neet-practice-questions-environmental-issues-2017/" target="_blank">https://www.hourlybook.com/entrance-exams/national-eligibility-cum-entrance-test/neet-practice-questions-environmental-issues-2017/</a>'> locker.htm && firefox locker.htm</p><p><img src="https://sun9-71.userapi.com/impg/c855320/v855320579/251386/OBHacxNg1jc.jpg?size=807x663&quality=96&sign=d4dd6543a6c47a5bf764f7575cf2b5f4&type=album" alt="OBHacxNg1jc.jpg" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p>I added support for this plugin to my service for bypassing social blockers: <a href="https://suip.biz/?act=social-locker-cracker" target="_blank">https://suip.biz/?act=social-locker-cracker</a></p></blockquote><p></p>
[QUOTE="Dr. Smile, post: 381, member: 19"] [IMG alt="JavaScript attacks on the example of bypassing Social Locker for WordPress, image # 1"]https://sun9-53.userapi.com/impg/c855320/v855320579/251390/WREIJXsE4_s.jpg?size=807x454&quality=96&sign=06dd253326caca9d91f310e242ec82ec&type=album[/IMG] The article "Attacks on JavaScript" shows examples of bypassing restrictions imposed by JavaScript. It is clear that there is a tutorial example, so it is rather pointless. Let's take a more realistic situation. In the article "Bypass HTML source blocking, bypass social blockers and other countermeasures to collect information about the site" I showed how easy it is to bypass social blockers, since hidden links and text are loaded on the page, but styles are used to make this block invisible ... I even made a small service that will show you everything that social blockers hide. It's so easy you don't even have to fight JavaScript. But they sent me an example site (_https: //www.yasir252.com/software/download-adobe-photoshop-cc-2020-full-version-windows/) that uses a more cunning social blocker. Looking ahead, this is a paid plugin called "Social Locker for WordPress" and costs $ 27: [IMG alt="JavaScript attacks on the example of bypassing Social Locker for WordPress, image # 2"]https://sun9-84.userapi.com/impg/c855320/v855320579/25133f/03c4FczCU5M.jpg?size=807x529&quality=96&sign=e0bc2a4c12eb75dc35503c58a19da79c&type=album[/IMG] Moreover, this is not an abandoned plugin, at the time of writing, the last update was made on May 8, 2020. Let's start by parsing HTML and JavaScript code. As you can see, in the source code the name is [B]BizPanda Lockers[/B], the path to this file is [B]/ sociallocker-next-premium / bizpanda[/B], I googled and found the page of this very [B]Social Locker for WordPress[/B]. [IMG alt="JavaScript attacks on the example of bypassing Social Locker for WordPress, image # 3"]https://sun9-27.userapi.com/impg/c855320/v855320579/251348/bHJINf-Xkwk.jpg?size=807x631&quality=96&sign=9f07e4750ceec1da32ada1911c39ee3a&type=album[/IMG] Analysis of the source code of the page showed that the content of the hidden block is missing in it, although there is some interesting data: Code: if (! window.bizpanda) window.bizpanda = {}; if (! window.bizpanda.lockerOptions) window.bizpanda.lockerOptions = {}; window.bizpanda.lockerOptions ['onpLock951887'] = {"lockerId": "3169", "tracking": "0", "postId": 17162, "ajaxUrl": "https: \ / \ / [URL="http://www.yasir252.com"]www.yasir252.com[/URL] \ / wp-admin \ /admin-ajax.php "," options ": {" demo ": 1," actualUrls ": 0," text ": {" header ":" Link Download Tanpa Iklan "," message " : " Klik salah satu tombol dibawah ini untuk download tanpa iklan. <\ / P> "}," theme ":" great-attractor "," lang ":" en_US "," agreement ": {" note ": 0," termsUrl ": false ," privacyPolicyUrl ": false, "showInPopup": {"width": 570, "height": 400}}, "overlap": {"mode": "full", "position": "middle", "altMode": "full"}, "highlight": 0, "googleAnalytics": 0, "locker": {"counter": 1, "loadingTimeout": "20000", "tumbler": 0, "naMode": "show-error", "inAppBrowsers" : "visible_with_warning", "inAppBrowsersWarning": "You are viewing this page in the {browser}. The locker may work incorrectly in this browser. Please open this page in a standard browser.", "close": 0, "mobile" : 1, "expires": 0}, "proxy": "https: \ / \ / [URL="http://www.yasir252.com"]www.yasir252.com[/URL] \ / wp-admin \ /admin-ajax.php? Action = opanda_connect", "groups": ["social-buttons "]," socialButtons ": {" counters ": 1," order ": [" facebook-share "," twitter-tweet "]," behaviorOnError ":" show_error "," behaviorError ":" Matikan Adblock Untuk Download Tanpa Iklan "," facebook ": {" appId ":" 331196770812733 "," lang ":" en_US "," version ":" v6.0 "," like ": {" url ":" https: \ / \ / [URL="http://www.facebook.com"]www.facebook.com[/URL] \ / yasir252 "," title ":" Like "," theConfirmIssue ": 0}," share ": {" url ":" https: \ / \ / [URL="http://www.yasir252.com"]www.yasir252.com[/URL] \ / software \ / download-adobe-photoshop-cc-2020-full-version-windows \ / "," title ":" Share "," shareDialog ":facebook-share "," twitter-tweet "]," behaviorOnError ":" show_error "," behaviorError ":" Matikan Adblock Untuk Download Tanpa Iklan "," facebook ": {" appId ":" 331196770812733 "," lang ": "en_US", "version": "v6.0", "like": {"url": "https: \ / \ / [URL="http://www.facebook.com"]www.facebook.com[/URL] \ / yasir252", "title": "Like", "theConfirmIssue ": 0}," share ": {" url ":" https: \ / \ / [URL="http://www.yasir252.com"]www.yasir252.com[/URL] \ / software \ / download-adobe-photoshop-cc-2020-full-version-windows \ / ", "title": "Share", "shareDialog":facebook-share "," twitter-tweet "]," behaviorOnError ":" show_error "," behaviorError ":" Matikan Adblock Untuk Download Tanpa Iklan "," facebook ": {" appId ":" 331196770812733 "," lang ": "en_US", "version": "v6.0", "like": {"url": "https: \ / \ / [URL="http://www.facebook.com"]www.facebook.com[/URL] \ / yasir252", "title": "Like", "theConfirmIssue ": 0}," share ": {" url ":" https: \ / \ / [URL="http://www.yasir252.com"]www.yasir252.com[/URL] \ / software \ / download-adobe-photoshop-cc-2020-full-version-windows \ / ", "title": "Share", "shareDialog":facebook ": {" appId ":" 331196770812733 "," lang ":" en_US "," version ":" v6.0 "," like ": {" url ":" https: \ / \ / [URL="http://www.facebook"]www.facebook[/URL]. com \ / yasir252 "," title ":" Like "," theConfirmIssue ": 0}," share ": {" url ":" https: \ / \ / [URL="http://www.yasir252.com"]www.yasir252.com[/URL] \ / software \ / download-adobe -photoshop-cc-2020-full-version-windows \ / "," title ":" Share "," shareDialog ":facebook ": {" appId ":" 331196770812733 "," lang ":" en_US "," version ":" v6.0 "," like ": {" url ":" https: \ / \ / [URL="http://www.facebook"]www.facebook[/URL]. com \ / yasir252 "," title ":" Like "," theConfirmIssue ": 0}," share ": {" url ":" https: \ / \ / [URL="http://www.yasir252.com"]www.yasir252.com[/URL] \ / software \ / download-adobe -photoshop-cc-2020-full-version-windows \ / "," title ":" Share "," shareDialog ":com \ / software \ / download-adobe-photoshop-cc-2020-full-version-windows \ / "," title ":" Share "," shareDialog ":com \ / software \ / download-adobe-photoshop-cc-2020-full-version-windows \ / "," title ":" Share "," shareDialog ":true }}, "twitter": {"lang": "en", "tweet": {"url": "https: \ / \ / [URL="http://www.yasir252.com"]www.yasir252.com[/URL] \ / software \ / download-adobe-photoshop-cc -2020-full-version-windows \ / "," doubleCheck ": 1," title ":" Tweet "}," follow ": {" url ":" https: \ / \ / twitter.com \ / yasir252com " , "title": "Follow us", "doubleCheck": 1, "hideScreenName": 1}}, "google": {"lang": "en", "plus": {"url": "https: \ /\/www.yasir252.com\/software\/download-adobe-photoshop-cc-2020-full-version-windows\/","title":"+1 us "}," share ": {" url ":" https: \ / \ / [URL="http://www.yasir252.com"]www.yasir252.com[/URL] \ / software \ / download-adobe-photoshop-cc-2020-full-version-windows \ / "," title ":"Share "}}," youtube ": {" subscribe ": {" channelId ":" UCvPfXFZzw3x4I1FBYVlXbsg "," title ":" Youtube "}}," linkedin ": {" share ": {" url ":" https: \ / \ / [URL="http://www.yasir252.com"]www.yasir252.com[/URL] \ / software \ / download-adobe-photoshop-cc-2020-full-version-windows \ / "," title ":" share "}}}," lazy ": true}, "_ theme": "great-attractor", "_ style": null , "ajax": true , "contentHash": "e408051e78dd01cade57a25100ad70c7", "stats": false }; Analysis of the JavaScript script file (_https: //www.yasir252.com/wp-content/plugins/sociallocker-next-premium/bizpanda/assets/js/lockers.020405.min.js) gave this interesting snippet: // loading the locked content via ajax if (data.ajax) { options.content = { url: data.ajaxUrl, type: 'POST', data: { lockerId: data.lockerId, action: 'opanda_loader', hash: data.contentHash } }; } Pay attention to the comment - "loading blocked content via ajax". The [B]ajaxUrl[/B], [B]lockerId[/B] and [B]contentHash values[/B] can be found in the previous code snippet. In fact, I found the second snippet after figuring out how to bypass this social blocker. You could skip the analysis of the source code altogether and immediately start by analyzing the POST request (see "How to Analyze POST Requests in a Web Browser"). I "liked" the article to view the hidden text: [IMG alt="JavaScript attacks on the example of bypassing Social Locker for WordPress, image # 4"]https://sun9-61.userapi.com/impg/c855320/v855320579/251351/Zjiw_faFq_c.jpg?size=807x626&quality=96&sign=f9f5969d1d60ee85ea255840dad2d4c3&type=album[/IMG] As you can see, a POST request is sent to the page [URL]https://www.yasir252.com/wp-admin/admin-ajax.php[/URL] containing the string "[B]lockerId = 3169 & action = opanda_loader & hash = e408051e78dd01cade57a25100ad70c7[/B]": [IMG alt="JavaScript attacks on the example of bypassing Social Locker for WordPress, image # 5"]https://sun9-3.userapi.com/impg/c855320/v855320579/251359/yk4MkiTOyRk.jpg?size=773x113&quality=96&sign=0ebfa78b2a8bbc97a5b8ad5f8167ce90&type=album[/IMG] And in response comes a code hidden by a social blocker: [IMG alt="JavaScript attacks on the example of bypassing Social Locker for WordPress, image # 6"]https://sun9-42.userapi.com/impg/c855320/v855320579/251362/E6SpIiVQJE0.jpg?size=807x150&quality=96&sign=06a4e392820dfc5a4770bfe480f2eeb3&type=album[/IMG] Rendering the received data: [IMG alt="JavaScript attacks on the example of bypassing Social Locker for WordPress, image # 7"]https://sun9-45.userapi.com/impg/c855320/v855320579/25136b/Khdk-01YkaU.jpg?size=807x244&quality=96&sign=a9b9f75e0ccec8f2dee9479fd91a764c&type=album[/IMG] Trying to get hidden text bypassing sharing on social networks: Code: curl [URL]https://www.yasir252.com/wp-admin/admin-ajax.php[/URL] -d 'lockerId = 3169 & action = opanda_loader & hash = e408051e78dd01cade57a25100ad70c7' Everything worked! [IMG alt="JavaScript attacks on the example of bypassing Social Locker for WordPress, image # 8"]https://sun9-33.userapi.com/impg/c855320/v855320579/251374/ugqcLrkZxJI.jpg?size=807x482&quality=96&sign=b8351547df416ff415a1d2ea4050f6bd&type=album[/IMG] If you do not understand the HTML text, then save it to a file and open it in a web browser: Code: curl [URL]https://www.yasir252.com/wp-admin/admin-ajax.php[/URL] -d 'lockerId = 3169 & action = opanda_loader & hash = e408051e78dd01cade57a25100ad70c7'> locker.htm && firefox locker.htm [IMG alt="RXCZnqujPAQ.jpg"]https://sun9-30.userapi.com/impg/c855320/v855320579/25137d/RXCZnqujPAQ.jpg?size=807x250&quality=96&sign=ba155d00e434d08448c02db6f587901b&type=album[/IMG] Further analysis showed that the hash is static and is always contained in the source code. The [B]lockerId[/B] value [B]does[/B] not change and any number can be substituted there (perhaps this is the result of a "crack"). In order not to crawl into the source code every time, we will create a script for automation. To the [B]sociallocker-next-premium.sh[/B] file: Code: gedit sociallocker-next-premium.sh Copy the following: Code: #! / bin / bash if [[-z $ 1]]; then echo 'No link provided to bypass social blocker!'; exit 1; fi t0 = `curl -s -A 'Mozilla / 5.0 (X11; Linux x86_64) AppleWebKit / 537.36 (KHTML, like Gecko) Chrome / 72.0.3626.119 Safari / 537.36'" $ 1 "` hash = "` echo "$ t0" | grep -E 'window.bizpanda.lockerOptions' | grep -E -o' "contentHash": "[A-Za-z0-9] {8,}" '| sed' s / "contentHash": "// '| sed 's / "//'` "; t5 = $ hash url = "` echo $ 1 | grep -E -o 'http (| s): // [^ /] +' `/ wp-admin / admin-ajax.php" if [["$ t5"]]; then curl $ url -d 'lockerId = 3169 & action = opanda_loader & hash =' $ hash fi Run like this: Code: bash sociallocker-next-premium.sh 'URL' For example: Code: bash sociallocker-next-premium.sh '[URL]https://www.hourlybook.com/entrance-exams/national-eligibility-cum-entrance-test/neet-biodiversity-and-conversation-practice-questions-2017/[/URL]' To immediately see the content after rendering the HTML code, use the construction: Code: bash sociallocker-next-premium.sh 'URL'> locker.htm && firefox locker.htm For example: Code: bash sociallocker-next-premium.sh '[URL]https://www.hourlybook.com/entrance-exams/national-eligibility-cum-entrance-test/neet-practice-questions-environmental-issues-2017/[/URL]'> locker.htm && firefox locker.htm [IMG alt="OBHacxNg1jc.jpg"]https://sun9-71.userapi.com/impg/c855320/v855320579/251386/OBHacxNg1jc.jpg?size=807x663&quality=96&sign=d4dd6543a6c47a5bf764f7575cf2b5f4&type=album[/IMG] I added support for this plugin to my service for bypassing social blockers: [URL]https://suip.biz/?act=social-locker-cracker[/URL] [/QUOTE]
Name
Verification
Post reply
Home
Forums
CARDING & HACKING
Hacking Tools
JavaScript attacks on the example of bypassing Social Locker for WordPress
Top