Pure Python CF parser - Githubissues

doko-desuka commented 5 years ago

EDIT: I updated it myself after all, see this comment.

ORIGINAL POST: The logic inside the challenge is grounded, it uses JSFuck plus some arithmetic. There's this project called UniversalScrapers (from the non-official, underground XBMC scene) where I first saw this, it's based on Anorov's but does the solving entirely in inline Python (no node.js or js2py needed). It is broken now after these latest updates to the CF challenge, but it's a nice reference.

I wish we could work on updates for this as it's more lightweight than the proposed alternatives.

OLD CODE (needs fixes):

import logging
import random
import re
'''''''''
Disables InsecureRequestWarning: Unverified HTTPS request is being made warnings.
'''''''''
import requests
from requests.packages.urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
''''''
from requests.sessions import Session
from copy import deepcopy
from time import sleep

try:
    from urlparse import urlparse
except ImportError:
    from urllib.parse import urlparse

DEFAULT_USER_AGENTS = [
    "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36",
    "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/65.0.3325.181 Chrome/65.0.3325.181 Safari/537.36",
    "Mozilla/5.0 (Linux; Android 7.0; Moto G (5) Build/NPPS25.137-93-8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.137 Mobile Safari/537.36",
    "Mozilla/5.0 (iPhone; CPU iPhone OS 7_0_4 like Mac OS X) AppleWebKit/537.51.1 (KHTML, like Gecko) Version/7.0 Mobile/11B554a Safari/9537.53",
    "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0",
    "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:59.0) Gecko/20100101 Firefox/59.0",
    "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
]

DEFAULT_USER_AGENT = random.choice(DEFAULT_USER_AGENTS)

BUG_REPORT = ("Cloudflare may have changed their technique, or there may be a bug in the script.\n\nPlease read " "https://github.com/Anorov/cloudflare-scrape#updates, then file a "
"bug report at https://github.com/Anorov/cloudflare-scrape/issues.")

class CloudflareScraper(Session):
    def __init__(self, *args, **kwargs):
        super(CloudflareScraper, self).__init__(*args, **kwargs)

        if "requests" in self.headers["User-Agent"]:
            # Spoof Firefox on Linux if no custom User-Agent has been set
            self.headers["User-Agent"] = DEFAULT_USER_AGENT

    def request(self, method, url, *args, **kwargs):
        resp = super(CloudflareScraper, self).request(method, url, *args, **kwargs)

        # Check if Cloudflare anti-bot is on
        if ( resp.status_code == 503
             and resp.headers.get("Server", "").startswith("cloudflare")
             and b"jschl_vc" in resp.content
             and b"jschl_answer" in resp.content
        ):
            return self.solve_cf_challenge(resp, **kwargs)

        # Otherwise, no Cloudflare anti-bot detected
        return resp

    def solve_cf_challenge(self, resp, **original_kwargs):
        sleep(8)  # Cloudflare requires a delay before solving the challenge

        body = resp.text
        parsed_url = urlparse(resp.url)
        domain = parsed_url.netloc
        submit_url = "%s://%s/cdn-cgi/l/chk_jschl" % (parsed_url.scheme, domain)

        cloudflare_kwargs = deepcopy(original_kwargs)
        params = cloudflare_kwargs.setdefault("params", {})
        headers = cloudflare_kwargs.setdefault("headers", {})
        headers["Referer"] = resp.url

        try:
            params["jschl_vc"] = re.search(r'name="jschl_vc" value="(\w+)"', body).group(1)
            params["pass"] = re.search(r'name="pass" value="(.+?)"', body).group(1)
            params["s"] = re.search(r'name="s" value="(.+?)"', body).group(1)

            # Extract the arithmetic operation
            init = re.findall('setTimeout\(function\(\){\s*var.*?.*:(.*?)}', body)[-1]
            builder = re.findall(r"challenge-form\'\);\s*(.*)a.v", body)[0]
            if '/' in init:
                init = init.split('/')
                decryptVal = self.parseJSString(init[0]) / float(self.parseJSString(init[1]))
            else:
                decryptVal = self.parseJSString(init)
            lines = builder.split(';')

            for line in lines:
                if len(line)>0 and '=' in line:
                    sections=line.split('=')
                    if '/' in sections[1]:
                        subsecs = sections[1].split('/')
                        line_val = self.parseJSString(subsecs[0]) / float(self.parseJSString(subsecs[1]))
                    else:
                        line_val = self.parseJSString(sections[1])
                    decryptVal = float(eval(('%.16f'%decryptVal)+sections[0][-1]+('%.16f'%line_val)))

            answer = float('%.10f'%decryptVal) + len(domain)

        except Exception as e:
            # Something is wrong with the page.
            # This may indicate Cloudflare has changed their anti-bot
            # technique. If you see this and are running the latest version,
            # please open a GitHub issue so I can update the code accordingly.
            logging.error("[!] %s Unable to parse Cloudflare anti-bots page. "
                          "Try upgrading cloudflare-scrape, or submit a bug report "
                          "if you are running the latest version. Please read "
                          "https://github.com/Anorov/cloudflare-scrape#updates "
                          "before submitting a bug report." % e)
            raise

        try: params["jschl_answer"] = str(answer) #str(int(jsunfuck.cfunfuck(js)) + len(domain))
        except: pass

        # Requests transforms any request into a GET after a redirect,
        # so the redirect has to be handled manually here to allow for
        # performing other types of requests even as the first request.
        method = resp.request.method
        cloudflare_kwargs["allow_redirects"] = False

        redirect = self.request(method, submit_url, **cloudflare_kwargs)
        redirect_location = urlparse(redirect.headers["Location"])

        if not redirect_location.netloc:
            redirect_url = "%s://%s%s" % (parsed_url.scheme, domain, redirect_location.path)
            return self.request(method, redirect_url, **original_kwargs)
        return self.request(method, redirect.headers["Location"], **original_kwargs)

    def parseJSString(self, s):
        try:
            offset=1 if s[0]=='+' else 0
            val = int(eval(s.replace('!+[]','1').replace('!![]','1').replace('[]','0').replace('(','str(')[offset:]))
            return val
        except:
            pass

    @classmethod
    def create_scraper(cls, sess=None, **kwargs):
        """
        Convenience function for creating a ready-to-go requests.Session (subclass) object.
        """
        scraper = cls()

        if sess:
            attrs = ["auth", "cert", "cookies", "headers", "hooks", "params", "proxies", "data"]
            for attr in attrs:
                val = getattr(sess, attr, None)
                if val:
                    setattr(scraper, attr, val)

        return scraper

    ## Functions for integrating cloudflare-scrape with other applications and scripts

    @classmethod
    def get_tokens(cls, url, user_agent=None, **kwargs):
        scraper = cls.create_scraper()
        if user_agent:
            scraper.headers["User-Agent"] = user_agent

        try:
            resp = scraper.get(url, **kwargs)
            resp.raise_for_status()
        except Exception as e:
            logging.error("'%s' returned an error. Could not collect tokens." % url)
            raise

        domain = urlparse(resp.url).netloc
        cookie_domain = None

        for d in scraper.cookies.list_domains():
            if d.startswith(".") and d in ("." + domain):
                cookie_domain = d
                break
        else:
            raise ValueError("Unable to find Cloudflare cookies. Does the site actually have Cloudflare IUAM (\"I'm Under Attack Mode\") enabled?")

        return ({
                    "__cfduid": scraper.cookies.get("__cfduid", "", domain=cookie_domain),
                    "cf_clearance": scraper.cookies.get("cf_clearance", "", domain=cookie_domain)
                },
                scraper.headers["User-Agent"]
               )

    @classmethod
    def get_cookie_string(cls, url, user_agent=None, **kwargs):
        """
        Convenience function for building a Cookie HTTP header value.
        """
        tokens, user_agent = cls.get_tokens(url, user_agent=user_agent, **kwargs)
        return "; ".join("=".join(pair) for pair in tokens.items()), user_agent

create_scraper = CloudflareScraper.create_scraper
get_tokens = CloudflareScraper.get_tokens
get_cookie_string = CloudflareScraper.get_cookie_string

doko-desuka commented 5 years ago

Here are some variants of the CF challenge:

https\:\/\/subscene.com (modern variant, JSFuck + arithmetic + div + string-based obfuscation)
www1.kat.tv (old variant, simple JSFuck + arithmetic)

VeNoMouS commented 5 years ago

I don't see where jsunfuck is imported from in your code?

VeNoMouS commented 5 years ago

nm its a dirty hash comment.

VeNoMouS commented 5 years ago

@pro-src

ebs111222 commented 5 years ago

its an old module and does not work with the CF, with the "atob" pharse. sadly it does not work :-(

ebs111222 commented 5 years ago

how to fix the atob section is a riddle....

VeNoMouS commented 5 years ago

@ebs111222 hahah what? no it isn't

VeNoMouS commented 5 years ago

atob is just a base64 decode binary function...

VeNoMouS commented 5 years ago

heres a working drop in replacement for Anorov's project https://github.com/VeNoMouS/cloudflare-scrape-js2py ... i use js2py not node..

ebs111222 commented 5 years ago

i now i am not talking about the atob itself but the new section that was added @VeNoMouS

doko-desuka commented 5 years ago

It's not my code, it was written by an anonymous coder (credits to him/her).

@VeNoMouS there's no import of jsunfuck, it's done inline in function parseJSString(), it replaces the jsfuck units with stringified numbers then eval() that code (the syntax is the same, becomes like "(1+1+3+10)/(27)") etc.

VeNoMouS commented 5 years ago

or you could just #215

VeNoMouS commented 5 years ago

We worked it out all yesterday

ebs111222 commented 5 years ago

solving it with js2py is probebly working but very slow....

ebs111222 commented 5 years ago

and i tried what you published and it does not work :-( @VeNoMouS

doko-desuka commented 5 years ago

The extra JS code just takes the char of a string. They change the index, but the string is always the same (for the moment)

ebs111222 commented 5 years ago

yes but what does it mean for the end float result? @doko-desuka

VeNoMouS commented 5 years ago

@ebs111222 what website?

ebs111222 commented 5 years ago

http://www3.hd.today/ @VeNoMouS

ebs111222 commented 5 years ago

but fixing the code published here will be much better for it will be much faster

doko-desuka commented 5 years ago

LRMNXbf.lhKSaUnuNk*=function(p){var p = eval(eval(atob("ZG9jdW1l")+(undefined+"")[1]+(true+"")[0]+(+(+!+[]+[+!+[]]+(!![]+[])[!+[]+!+[]+!+[]]+[!+[]+!+[]]+[+[]])+[])[+!+[]]+(false+[0]+String)[20]+(true+"")[3]+(true+"")[0]+"Element"+(+[]+Boolean)[10]+(NaN+[Infinity])[10]+"Id("+(+(20))["to"+String["name"]](21)+")."+atob("aW5uZXJIVE1M"))); return +(p)}();

@ebs111222 one of the functions in the modern code, it evals the jsfuck inside a \<div> and multiplies in the float result. That whole part can be replaced by multiply by (eval the contents of <div> "cf-dn-QUHGdMIAqr")

doko-desuka commented 5 years ago

Anyway, someone just needs to take the time to reorder the code, include these new instructions. It's not that difficult, just takes time

VeNoMouS commented 5 years ago

@ebs111222


_cloudFlare() requested URL - http://www3.hd.today/, encounted CloudFlare DDOS Protection.. Bypassing.
test() CloudFlare DDOS Protection.. Bypassed successfully.
b'<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"\r\n    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">\r\n<html xmlns="http://www.w3.org/1999/xhtml">\r\n    <head>\r\n\t<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />\r\n\t<title>HDToday - Watch FULL HD 1080p Movies Online For Free & TV Series</title>\r\n\t<meta name="description" content="HDToday - You can enjoy all kind of movies like TV Series, Asian Dramas, Anime and Cartoons discover more than ninety thousands movies online for free." />\r\n\t<meta name="keywords" content="hdtoday, hd movies, watch movies online free, watch series online, watch free movies online" />\r\n\t<meta name="robots" content="index, follow" />\r\n\t<link href="http://hd.today/images/favicon.ico" rel="shortcut icon" type="image/x-icon" />\r\n\t<script type="text/javascript" src="http://hd.today/js/base64.js"></script>\r\n    </head>\r\n    <body>\r\n    <script type="text/javascript" src="http://hd.today/js/load.js"></script>\r\n    <script language="javascript" type="text/javascript" src="http://hd.today/js/tooltips.js"></script>\r\n<link rel="stylesheet" href="http://hd.today/themes/movies/css/style.css" type="text/css" />\r\n<link rel="stylesheet" href="http://hd.today/themes/movies/css/reset.css" type="text/css" />\r\n<link rel="stylesheet" href="http://hd.today/themes/movies/css/styles_v80.css" type="text/css" />\r\n<link rel="stylesheet" href="http://hd.today/themes/movies/css/app_v9.css" type="text/css" />\r\n<link rel="stylesheet" href="http://hd.today/themes/movies/css/bootstrap.min.css" type="text/css" />\r\n<link rel="stylesheet" href="http://hd.today/themes/movies/css/main.css?v=4.0" type="text/css" />\r\n<link rel="stylesheet" href="http://hd.today/themes/movies/css/jquery.cluetip.css" type="text/css" />\r\n<link rel="stylesheet" href="http://hd.today/themes/movies/css/jquery.qtip.min.css" type="text/css" />\r\n<link rel="stylesheet" href="http://hd.today/themes/movies/css/custom.css?v=1.1" type="text/css" />\r\n<link rel="stylesheet" href="http://hd.today/themes/movies/css/slide.css" type="text/css" />\r\n<link rel="stylesheet" href="http://hd.today/themes/movies/css/psbar.css" type="text/css" />\r\n<link rel="stylesheet" href="http://hd.today/themes/movies/css/cursor.css" type="text/css" />\r\n<script type="text/javascript" src="http://hd.today/js/jquery-1.11.1.min.js"></script>\r\n<script type="text/javascript" src="http://hd.today/js/wow.min.js"></script>\r\n<script type="text/javascript" src="http://hd.today/js/jquery.bxslider.min.js"></script>\r\n<script type="text/javascript" src="http://hd.today/js/jquery.mCustomScrollbar.concat.min.js"></script>\r\n<script type="text/javascript" src="http://hd.today/js/lazyload.js"></script>\r\n<script type="text/javascript" src="http://hd.today/js/slider_v04.js"></script>\r\n<script type="text/javascript" src="http://hd.today/js/movies.min.js?v=1.6"></script>\r\n<script type="text/javascript" src="http://hd.today/js/app_v31.js"></script>\r\n<script type="text/javascript">\r\nvar host = "http://hd.today";\r\nvar host_static = "http://hd.today/";\r\n</script>\r\n    \r\n<!--header-->\r\n<header>\r\n    <div class="container">\r\n        <div class="header-logo">\r\n\r\n                <a title="HDTODAY - Watch FREE Movies Online in HD." href="http://www3.hd.today/" id="logo"></a>\r\n\r\n        </div>\r\n        <div class="mobile-menu"><i class="fa fa-reorder"></i></div>\r\n        <div class="mobile-search"><i class="fa fa-search"></i></div>\r\n        <div id="menu">\r\n            <ul class="top-menu">\r\n                <li>\r\n                    <a href="http://www3.hd.today/" title="Home">HOME</a>\r\n                </li>\r\n                <li>\r\n                    <a href="#" title="Browse">BROWSE</a>\r\n\r\n                    <div class="sub-container" style="display: none">\r\n                        <ul class="sub-menu">\r\n                                    <li>\r\n                                        <a href="http://www3.hd.today/cinema-movies.html">Cinema Movies</a>\r\n                                    </li>\r\n                                    <li>\r\n                                        <a href="http://www3.hd.today/recently-added.html">Recently Added</a>\r\n                                    </li>\r\n                                    <li>\r\n                                        <a href="http://www3.hd.today/search-movies/2018.html">New Released</a>\r\n                                    </li>\r\n                        </ul>\r\n                        <div class="clearfix"></div>\r\n                    </div>\r\n                </li>\r\n                <li>\r\n                    <a href="http://www3.hd.today/genres.html" title="Genres">GENRES</a>\r\n\r\n                    <div class="sub-container" style="display: none">\r\n                        <ul class="sub-menu">\r\n                                    <li>\r\n                                        <a href="http://hd.today/movies-genres/action.html">Action</a>\r\n                                    </li>\r\n                                    <li>\r\n                                        <a href="http://hd.today/movies-genres/adventure.html">Adventure</a>\r\n                                    </li>\r\n                                    <li>\r\n                                        <a href="http://hd.today/movies-genres/sport.html">Sport</a>\r\n                                    </li>\r\n                                    <li>\r\n                                        <a href="http://hd.today/movies-genres/sci-fi.html">Sci-Fi</a>\r\n                                    </li>\r\n                                    <li>\r\n                                        <a href="http://hd.today/movies-genres/horror.html">Horror</a>\r\n                                    </li>\r\n                                    <li>\r\n                                        <a href="http://hd.today/movies-genres/thriller.html">Thriller</a>\r\n                                    </li>\r\n                                    <li>\r\n                                        <a href="http://hd.today/movies-genres/comedy.html">Comedy</a>\r\n                                    </li>\r\n                                    <li>\r\n                                        <a href="http://hd.today/movies-genres/crime.html">Crime</a>\r\n                                    </li>\r\n                                    <li>\r\n                                        <a href="http://hd.today/movies-genres/western.html">Western</a>\r\n                                    </li>\r\n                                    <li>\r\n                                        <a href="http://hd.today/movies-genres/anime.html">Anime</a>\r\n                                    </li>\r\n                                    <li>\r\n                                        <a href="http://hd.today/movies-genres/animation.html">Animation</a>\r\n                                    </li>\r\n                                    <li>\r\n                                        <a href="http://hd.today/movies-genres/music.html">Music</a>\r\n                                    </li>\r\n        ````

ebs111222 commented 5 years ago

@VeNoMouS using js2py?

VeNoMouS commented 5 years ago

yup.. under my repo..

VeNoMouS commented 5 years ago

https://github.com/VeNoMouS/cloudflare-scrape-js2py

#!/usr/bin/python2

from lib import cfscrape
import requests
from pprint import pprint
import os
import sys
import re
from base64 import b64decode
class Test():
    def __init__(self):
            self.session = requests.session()
            self.funcName = lambda n=0: sys._getframe(n + 1).f_code.co_name + "()"   

    def _cloudFlare(self, response):
            cf = cfscrape.create_scraper(sess=self.session)

            if cf.is_cloudflare_challenge(response):
                print("{} requested URL - {}, encounted CloudFlare DDOS Protection.. Bypassing.".format(self.funcName(), response.url))

                response = cf.get('http://www3.hd.today/', timeout=30)

                if not cf.is_cloudflare_challenge(response):
                    return (True, True)

                return (True, False)

            return (False, True)

    def test(self):
        ret = self.session.get('http://www3.hd.today/', timeout=30)
        if (True, True) == self._cloudFlare(ret):
            print("{} CloudFlare DDOS Protection.. Bypassed successfully.".format(self.funcName()))
            ret = self.session.get('http://www3.hd.today/', timeout=30)
            print(ret.content)

Test().test()

ebs111222 commented 5 years ago

thats great but sooo slooowww.... why not fix that code? @VeNoMouS

VeNoMouS commented 5 years ago

because node is a piece of shit... and why would i want to sub process stuff off when i want inline code?

ebs111222 commented 5 years ago

no not node of course . i mean to fix the PURE CF in python

VeNoMouS commented 5 years ago

Also how's it slow?

VeNoMouS commented 5 years ago

you are aware, that you CF makes you wait 4+ seconds before sending the response... right?

ebs111222 commented 5 years ago

try the code published here an try js2py you see @VeNoMouS

VeNoMouS commented 5 years ago

well for starters... it doesnt even check the response payload...

  File "./test.py", line 39, in <module>
    Test().test()
  File "./test.py", line 33, in test
    if (True, True) == self._cloudFlare(ret):
  File "./test.py", line 18, in _cloudFlare
    if cf.is_cloudflare_challenge(response):
AttributeError: 'CloudflareScraper' object has no attribute 'is_cloudflare_challenge'

ebs111222 commented 5 years ago

@doko-desuka can you fix the code? or guide me what to fix please?

ebs111222 commented 5 years ago

@VeNoMouS when you solve one with js2py it fast and ok but for 50 threads thats very slow

VeNoMouS commented 5 years ago

It broke.. doesn't work...

root@tvz0r:/tmp/q# ./test.py
ERROR:root:[!] float() argument must be a string or a number Unable to parse Cloudflare anti-bots page. Try upgrading cloudflare-scrape, or submit a bug report if you are running the latest version. Please read https://github.com/Anorov/cloudflare-scrape#updates before submitting a bug report.
Traceback (most recent call last):
  File "./test.py", line 37, in <module>
    Test().test()
  File "./test.py", line 31, in test
    if (True, True) == self._cloudFlare(ret):
  File "./test.py", line 18, in _cloudFlare
    cf.solve_cf_challenge(response)
  File "/tmp/q/lib/cfscrape/__init__.py", line 91, in solve_cf_challenge
    line_val = self.parseJSString(subsecs[0]) / float(self.parseJSString(subsecs[1]))
TypeError: float() argument must be a string or a number
root@tvz0r:/tmp/q#

VeNoMouS commented 5 years ago

@ebs111222 WHAT? you use the same session, by doing so you have the cookie in there? why on earth would you need to be doing 50 threads?

ebs111222 commented 5 years ago

to scrape many sites

VeNoMouS commented 5 years ago

you do realise ... the existing project forks node on a command line yes???

https://github.com/Anorov/cloudflare-scrape/blob/master/cfscrape/__init__.py#L138

ebs111222 commented 5 years ago

@VeNoMouS i tested the code and broken part is the "atob" section

VeNoMouS commented 5 years ago

@doko-desuka

LRMNXbf.lhKSaUnuNk*=function(p){var p = eval(eval(atob("ZG9jdW1l")+(undefined+"")[1]+(true+"")[0]+(+(+!+[]+[+!+[]]+(!![]+[])[!+[]+!+[]+!+[]]+[!+[]+!+[]]+[+[]])+[])[+!+[]]+(false+[0]+String)[20]+(true+"")[3]+(true+"")[0]+"Element"+(+[]+Boolean)[10]+(NaN+[Infinity])[10]+"Id("+(+(20))["to"+String["name"]](21)+")."+atob("aW5uZXJIVE1M"))); return +(p)}();

@ebs111222 one of the functions in the modern code, it evals the jsfuck inside a <div> and multiplies in the float result. That whole part can be replaced by multiply by (eval the contents of <div> "cf-dn-QUHGdMIAqr")

LOL... you do know that isn't just numbers right?

VeNoMouS commented 5 years ago

I mean ... look at the jsfuck mapping..

https://github.com/j4ckstraw/jsfuck-py/blob/master/jsfuck3.py

VeNoMouS commented 5 years ago

or even.. https://en.wikipedia.org/wiki/JSFuck

VeNoMouS commented 5 years ago

i tested the code and broken part is the "atob" section

@ebs111222 can't have tested my code... mine doesn't break on atob.

you prob have old cfscape still installed

ebs111222 commented 5 years ago

@VeNoMouS yours is OK but slow , the code here is very fast in fact i used asimiler one before the change.

ebs111222 commented 5 years ago

@VeNoMouS

@doko-desuka

LRMNXbf.lhKSaUnuNk*=function(p){var p = eval(eval(atob("ZG9jdW1l")+(undefined+"")[1]+(true+"")[0]+(+(+!+[]+[+!+[]]+(!![]+[])[!+[]+!+[]+!+[]]+[!+[]+!+[]]+[+[]])+[])[+!+[]]+(false+[0]+String)[20]+(true+"")[3]+(true+"")[0]+"Element"+(+[]+Boolean)[10]+(NaN+[Infinity])[10]+"Id("+(+(20))["to"+String["name"]](21)+")."+atob("aW5uZXJIVE1M"))); return +(p)}();

@ebs111222 one of the functions in the modern code, it evals the jsfuck inside a <div> and multiplies in the float result. That whole part can be replaced by multiply by (eval the contents of <div> "cf-dn-QUHGdMIAqr")

LOL... you do know that isn't just numbers right?

do you know how to solve that?

ebs111222 commented 5 years ago

i found this in one of the comments here: atob("ZG9jdW1l")+(undefined+"")[1]+(true+"")[0] = document +(+(+!+[]+[+!+[]]+(!![]+[])[!+[]+!+[]+!+[]]+[!+[]+!+[]]+[+[]])+[])[+!+[]]+(false+[0]+String)[20]+(true+"")[3]+(true+"")[0]+"Element"+(+[]+Boolean)[10]+(NaN+[Infinity])[10]+"Id("+(+(20))"to"+String["name"]+")." = .getElementById(k). +atob("aW5uZXJIVE1M") = innerHTML document.getElementById(k).innerHTML

but what does it means in the aregmetic i dont know :-(

ebs111222 commented 5 years ago

@VeNoMouS any idea why am i getting: "ExpressionStatement() got an unexpected keyword argument 'comments'" in your code? its from js2py

doko-desuka commented 5 years ago

@ebs111222 please take problems with other methods to another Issue thread, not this one.

ebs111222 commented 5 years ago

@doko-desuka its not other i want to try and fix the code in this thread but to do that i wanted to see how @VeNoMouS works

Anorov / cloudflare-scrape

Pure Python CF parser #218