search

KyranRana / cloudflare-bypass

A new and improved PHP library which bypasses the Cloudflare IUAM page using cURL
MIT License
275 stars 97 forks source link

solve jschl_answer but now I get "one more step" with captcha #111

Closed vb6rocod closed 5 years ago

vb6rocod commented 5 years ago

I solve jschl_answer, here is my code https://github.com/vb6rocod/hddlinks/blob/master/cf.php I'm 100% sure it's OK. BUT when I try to get cf_clearance I get a page with "one more step" with captcha chalage.

$link="https://tvhub.org/";
$ua = $_SERVER['HTTP_USER_AGENT'];
$cookie=__DIR__."\c.txt";

if (file_exists($cookie)) unlink ($cookie);
  $ch = curl_init();
  curl_setopt($ch, CURLOPT_URL, $link);
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  curl_setopt($ch, CURLOPT_USERAGENT, $ua);
  curl_setopt($ch, CURLOPT_HEADER,1);
  curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  curl_setopt($ch, CURLOPT_TIMEOUT, 15);
  $h = curl_exec($ch);
  curl_close($ch);

  $q= getClearanceLink($h,$link);

  $ch = curl_init();
  curl_setopt($ch, CURLOPT_URL, $q);
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  curl_setopt($ch, CURLOPT_USERAGENT, $ua);
  curl_setopt($ch, CURLOPT_FOLLOWLOCATION  ,1);
  curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie);
  curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie);
  curl_setopt ($ch, CURLOPT_REFERER, $link);
  curl_setopt($ch, CURLOPT_HEADER,1);
  curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  curl_setopt($ch, CURLOPT_TIMEOUT, 15);
  $h=curl_exec($ch);
  curl_close($ch);

I have no "captcha" when I try in browser. Using Live HTTP header I get this:

https://tvhub.org/

GET / HTTP/1.1
Host: tvhub.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:55.0) Gecko/20100101 Firefox/55.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/2.0 503 Service Unavailable
date: Wed, 17 Apr 2019 18:08:44 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d8d8092767eb64ceb49bb0696d44585e01555524524; expires=Thu, 16-Apr-20 18:08:44 GMT; path=/; domain=.tvhub.org; HttpOnly; Secure
x-frame-options: SAMEORIGIN
cache-control: no-cache
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 4c9058946dcaacc0-OTP
X-Firefox-Spdy: h2
----------------------------------------------------------
https://tvhub.org/cdn-cgi/l/chk_jschl?s=07d46a782ddd05c913e6b0f2bdf93bce5efe09c3-1555524524-1800-AWPr0BOCwMyk1EE%2BYcAUrHhrfOhR9ZWjNLGRoFnJCWlIVhWSEoJZ5pocduQSHXcdTZNtuYBk6STybN0wepiq%2BCHE2WL2JSqE2eMmSvH7RLPpfNrjNx9HSNrqLgC3nrarcQ%3D%3D&jschl_vc=75e84d724c54f81cfe4a90ff66a9dde1&pass=1555524528.225-JagzGAByIs&jschl_answer=95.0541443982

GET /cdn-cgi/l/chk_jschl?s=07d46a782ddd05c913e6b0f2bdf93bce5efe09c3-1555524524-1800-AWPr0BOCwMyk1EE%2BYcAUrHhrfOhR9ZWjNLGRoFnJCWlIVhWSEoJZ5pocduQSHXcdTZNtuYBk6STybN0wepiq%2BCHE2WL2JSqE2eMmSvH7RLPpfNrjNx9HSNrqLgC3nrarcQ%3D%3D&jschl_vc=75e84d724c54f81cfe4a90ff66a9dde1&pass=1555524528.225-JagzGAByIs&jschl_answer=95.0541443982 HTTP/1.1
Host: tvhub.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:55.0) Gecko/20100101 Firefox/55.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tvhub.org/
Cookie: __cfduid=d8d8092767eb64ceb49bb0696d44585e01555524524
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/2.0 302 Found
date: Wed, 17 Apr 2019 18:08:48 GMT
content-type: text/html
content-length: 159
set-cookie: cf_clearance=d1641b2d3ef3f8750c076da105482878107d1d7c-1555524528-10800-150; path=/; expires=Wed, 17-Apr-19 22:08:48 GMT; domain=.tvhub.org; HttpOnly
location: /
server: cloudflare
cf-ray: 4c9058b15926acc0-OTP
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
----------------------------------------------------------
https://tvhub.org/

GET / HTTP/1.1
Host: tvhub.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:55.0) Gecko/20100101 Firefox/55.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tvhub.org/
Cookie: __cfduid=d8d8092767eb64ceb49bb0696d44585e01555524524; cf_clearance=d1641b2d3ef3f8750c076da105482878107d1d7c-1555524528-10800-150
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/2.0 200 OK
date: Wed, 17 Apr 2019 18:08:49 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=mrt08udjpqm14fihapj4b6hstm; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://tvhub.org/wp-json/>; rel="https://api.w.org/"
x-xss-protection: 1;mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4c9058b259d2acc0-OTP
content-encoding: gzip
X-Firefox-Spdy: h2

As you see in header "location: /", maybe here is problem ???????

mariannegulici commented 5 years ago

Add the following to CURL. This helped me avoid the CAPTCHA redirect.

curl_setopt($ch, CURLOPT_HTTPHEADER, array(
                'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8',
                'Accept-Language: en-US,en;q=0.5',
                'Connection: keep-alive'
            ));
vb6rocod commented 5 years ago

Dont work.

vb6rocod commented 5 years ago

The problem is in first part: I open in browser main link "https://tvhub.org/", then I copy page source and stop redirect (to stop generating cf_clearance). I put content in a file "c2.txt" than I use this file to solve "challenge-form" and generate link:

$h=file_get_contents("c2.txt");
$q= getClearanceLink($h,$link);

  $ch = curl_init();
  curl_setopt($ch, CURLOPT_URL, $q);
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  curl_setopt($ch, CURLOPT_USERAGENT, $ua);
  curl_setopt($ch, CURLOPT_FOLLOWLOCATION  ,1);
  curl_setopt ($ch, CURLOPT_REFERER, $link);
  curl_setopt($ch, CURLOPT_COOKIE, $c);
  //curl_setopt($ch,CURLOPT_HTTPHEADER,$head);
  curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie);
  //curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie);
  curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
  curl_setopt($ch, CURLOPT_HTTPGET, true);
  curl_setopt ($ch, CURLINFO_HEADER_OUT, true);
  curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  curl_setopt($ch, CURLOPT_HEADER,1);
  $h = curl_exec($ch);
  curl_close($ch);

and now cookie file is

# Netscape HTTP Cookie File
# https://curl.haxx.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk.

#HttpOnly_.tvhub.org    TRUE    /   TRUE    1587286701  __cfduid    d87774d59a6091a320575f07c55bd76731555750701
#HttpOnly_.tvhub.org    TRUE    /   FALSE   1555765101  cf_clearance    8ab47f0cfd800cfc7e8f73a4a8e6b205b8cec4a1-1555750701-10800-150
tvhub.org   FALSE   /   FALSE   0   PHPSESSID   boit3tq5eqldkh554ts326famj

c2.txt (page source) is:

<!DOCTYPE HTML>
<html lang="en-US">
<head>
  <meta charset="UTF-8" />
  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
  <meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1" />
  <meta name="robots" content="noindex, nofollow" />
  <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" />
  <title>Just a moment...</title>
  <style type="text/css">
    html, body {width: 100%; height: 100%; margin: 0; padding: 0;}
    body {background-color: #ffffff; font-family: Helvetica, Arial, sans-serif; font-size: 100%;}
    h1 {font-size: 1.5em; color: #404040; text-align: center;}
    p {font-size: 1em; color: #404040; text-align: center; margin: 10px 0 0 0;}
    #spinner {margin: 0 auto 30px auto; display: block;}
    .attribution {margin-top: 20px;}
    @-webkit-keyframes bubbles { 33%: { -webkit-transform: translateY(10px); transform: translateY(10px); } 66% { -webkit-transform: translateY(-10px); transform: translateY(-10px); } 100% { -webkit-transform: translateY(0); transform: translateY(0); } }
    @keyframes bubbles { 33%: { -webkit-transform: translateY(10px); transform: translateY(10px); } 66% { -webkit-transform: translateY(-10px); transform: translateY(-10px); } 100% { -webkit-transform: translateY(0); transform: translateY(0); } }
    .bubbles { background-color: #404040; width:15px; height: 15px; margin:2px; border-radius:100%; -webkit-animation:bubbles 0.6s 0.07s infinite ease-in-out; animation:bubbles 0.6s 0.07s infinite ease-in-out; -webkit-animation-fill-mode:both; animation-fill-mode:both; display:inline-block; }
  </style>

    <script type="text/javascript">
  //<![CDATA[
  (function(){
    var a = function() {try{return !!window.addEventListener} catch(e) {return !1} },
    b = function(b, c) {a() ? document.addEventListener("DOMContentLoaded", b, c) : document.attachEvent("onreadystatechange", b)};
    b(function(){
      var a = document.getElementById('cf-content');a.style.display = 'block';
      setTimeout(function(){
        var s,t,o,p,b,r,e,a,k,i,n,g,f, STgloDD={"otLJdO":+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(+[])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]))/+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![])+(!+[]+!![]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(+[]))};
        g = String.fromCharCode;
        o = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
        e = function(s) {
          s += "==".slice(2 - (s.length & 3));
          var bm, r = "", r1, r2, i = 0;
          for (; i < s.length;) {
              bm = o.indexOf(s.charAt(i++)) << 18 | o.indexOf(s.charAt(i++)) << 12
                      | (r1 = o.indexOf(s.charAt(i++))) << 6 | (r2 = o.indexOf(s.charAt(i++)));
              r += r1 === 64 ? g(bm >> 16 & 255)
                      : r2 === 64 ? g(bm >> 16 & 255, bm >> 8 & 255)
                      : g(bm >> 16 & 255, bm >> 8 & 255, bm & 255);
          }
          return r;
        };
        t = document.createElement('div');
        t.innerHTML="<a href='/'>x</a>";
        t = t.firstChild.href;r = t.match(/https?:\/\//)[0];
        t = t.substr(r.length); t = t.substr(0,t.length-1); k = 'cf-dn-UOcTfybuEw';
        a = document.getElementById('jschl-answer');
        f = document.getElementById('challenge-form');
        ;STgloDD.otLJdO-=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]))/+((!+[]+!![]+!![]+[])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]));STgloDD.otLJdO+=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]))/+((+!![]+[])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]));STgloDD.otLJdO+=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![])+(+!![]))/(+(+((!+[]+!![]+[])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(+[])+(+[])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![])))+(function(p){return eval((true+"")[0]+".ch"+(false+"")[1]+(true+"")[1]+Function("return escape")()(("")["italics"]())[2]+"o"+(undefined+"")[2]+(true+"")[3]+"A"+(true+"")[0]+"("+p+")")}(+((+!![]+[])))));STgloDD.otLJdO*=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]))/+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![])+(!+[]+!![]+!![])+(+!![])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]));STgloDD.otLJdO+=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]))/+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]));STgloDD.otLJdO+=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]))/+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]));STgloDD.otLJdO*=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]))/+((!+[]+!![]+!![]+[])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!![]));STgloDD.otLJdO+=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]))/+((!+[]+!![]+!![]+[])+(+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]));STgloDD.otLJdO+=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]))/+((+!![]+[])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(+[])+(+[])+(!+[]+!![])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]));STgloDD.otLJdO-=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]))/+((!+[]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]));STgloDD.otLJdO*=function(p){var p = eval(eval(e("ZG9jdW1l")+(undefined+"")[1]+(true+"")[0]+(+(+!+[]+[+!+[]]+(!![]+[])[!+[]+!+[]+!+[]]+[!+[]+!+[]]+[+[]])+[])[+!+[]]+g(103)+(true+"")[3]+(true+"")[0]+"Element"+g(66)+(NaN+[Infinity])[10]+"Id("+g(107)+")."+e("aW5uZXJIVE1M"))); return +(p)}();STgloDD.otLJdO-=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]))/+((!+[]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]));STgloDD.otLJdO+=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]))/+((!+[]+!![]+[])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![])+(+[])+(!+[]+!![]+!![]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!![]));STgloDD.otLJdO*=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]))/+((+!![]+[])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]));a.value = (+STgloDD.otLJdO).toFixed(10); '; 121'
        f.action += location.hash;
        f.submit();
      }, 4000);
    }, false);
  })();
  //]]>
</script>

</head>
<body>
  <table width="100%" height="100%" cellpadding="20">
    <tr>
      <td align="center" valign="middle">
          <div class="cf-browser-verification cf-im-under-attack">
  <noscript><h1 data-translate="turn_on_js" style="color:#bd2426;">Please turn JavaScript on and reload the page.</h1></noscript>
  <div id="cf-content" style="display:none">

    <div>
      <div class="bubbles"></div>
      <div class="bubbles"></div>
      <div class="bubbles"></div>
    </div>
    <h1><span data-translate="checking_browser">Checking your browser before accessing</span> tvhub.org.</h1>

    <p data-translate="process_is_automatic">This process is automatic. Your browser will redirect to your requested content shortly.</p>
    <p data-translate="allow_5_secs">Please allow up to 5 seconds&hellip;</p>
  </div>

  <form id="challenge-form" action="/cdn-cgi/l/chk_jschl" method="get">
    <input type="hidden" name="s" value="318f96eef3b7297f87b9740237ff4efbbc9769bc-1555750682-1800-Aagj9Kg4KbIXSJfpd5YuCgHbf8msTIvbBbyxc7vGYsWrBTWppoZzw94fhnsHr6iiGnv/BYDXPqPdmjO6Jl3TIRloXZLbTTzbv5xEtIQ/JuJxQkOzExExEdvQjsQGOMDdWw=="></input>
    <input type="hidden" name="jschl_vc" value="6d91434bb2d6c83beb3b754f543f57bd"/>
    <input type="hidden" name="pass" value="1555750686.653-jquuO3i9ka"/>
    <input type="hidden" id="jschl-answer" name="jschl_answer"/>
  </form>

  <div style="display:none;visibility:hidden;" id="cf-dn-UOcTfybuEw">+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]))/+((!+[]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![]+!![]+!![]+!![])+(+[])+(+!![])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+[]))</div>

</div>

          <a href="https://spambo.us/electoralolympic.php?showtopic=272"><span style="display: none;">table</span></a>
          <div class="attribution">
            <a href="https://www.cloudflare.com/5xx-error-landing?utm_source=iuam" target="_blank" style="font-size: 12px;">DDoS protection by Cloudflare</a>
            <br>
            Ray ID: 4ca5ea069d85ad32
          </div>
      </td>

    </tr>
  </table>
</body>
</html>

So, how to I get correct page contents ????

prinze77 commented 5 years ago

You should pass the chanlange

//<![CDATA[ (function(){ var a = function() {try{return !!window.addEventListener} catch(e) {return !1} }, b = function(b, c) {a() ? document.addEventListener("DOMContentLoaded", b, c) : document.attachEvent("onreadystatechange", b)}; b(function(){ var a = document.getElementById('cf-content');a.style.display = 'block'; setTimeout(function(){ var s,t,o,p,b,r,e,a,k,i,n,g,f, STgloDD={"otLJdO":+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(+[])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]))/+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![])+(!+[]+!![]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(+[]))}; g = String.fromCharCode; o = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="; e = function(s) { s += "==".slice(2 - (s.length & 3)); var bm, r = "", r1, r2, i = 0; for (; i < s.length;) { bm = o.indexOf(s.charAt(i++)) << 18 | o.indexOf(s.charAt(i++)) << 12 | (r1 = o.indexOf(s.charAt(i++))) << 6 | (r2 = o.indexOf(s.charAt(i++))); r += r1 === 64 ? g(bm >> 16 & 255) : r2 === 64 ? g(bm >> 16 & 255, bm >> 8 & 255) : g(bm >> 16 & 255, bm >> 8 & 255, bm & 255); } return r; }; t = document.createElement('div'); t.innerHTML="<a href='/'>x</a>"; t = t.firstChild.href;r = t.match(/https?:\/\//)[0]; t = t.substr(r.length); t = t.substr(0,t.length-1); k = 'cf-dn-UOcTfybuEw'; a = document.getElementById('jschl-answer'); f = document.getElementById('challenge-form'); ;STgloDD.otLJdO-=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]))/+((!+[]+!![]+!![]+[])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]));STgloDD.otLJdO+=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]))/+((+!![]+[])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]));STgloDD.otLJdO+=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![])+(+!![]))/(+(+((!+[]+!![]+[])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(+[])+(+[])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![])))+(function(p){return eval((true+"")[0]+".ch"+(false+"")[1]+(true+"")[1]+Function("return escape")()(("")["italics"]())[2]+"o"+(undefined+"")[2]+(true+"")[3]+"A"+(true+"")[0]+"("+p+")")}(+((+!![]+[])))));STgloDD.otLJdO*=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]))/+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![])+(!+[]+!![]+!![])+(+!![])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]));STgloDD.otLJdO+=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]))/+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]));STgloDD.otLJdO+=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]))/+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]));STgloDD.otLJdO*=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]))/+((!+[]+!![]+!![]+[])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!![]));STgloDD.otLJdO+=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]))/+((!+[]+!![]+!![]+[])+(+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]));STgloDD.otLJdO+=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]))/+((+!![]+[])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(+[])+(+[])+(!+[]+!![])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]));STgloDD.otLJdO-=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]))/+((!+[]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]));STgloDD.otLJdO*=function(p){var p = eval(eval(e("ZG9jdW1l")+(undefined+"")[1]+(true+"")[0]+(+(+!+[]+[+!+[]]+(!![]+[])[!+[]+!+[]+!+[]]+[!+[]+!+[]]+[+[]])+[])[+!+[]]+g(103)+(true+"")[3]+(true+"")[0]+"Element"+g(66)+(NaN+[Infinity])[10]+"Id("+g(107)+")."+e("aW5uZXJIVE1M"))); return +(p)}();STgloDD.otLJdO-=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]))/+((!+[]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]));STgloDD.otLJdO+=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(!+[]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]))/+((!+[]+!![]+[])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![])+(+[])+(!+[]+!![]+!![]+!![]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!![]));STgloDD.otLJdO*=+((!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![])+(+[])+(!+[]+!![]+!![]+!![])+(!+[]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]))/+((+!![]+[])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![]+!![]+!![]+!![])+(!+[]+!![]+!![])+(+!![])+(!+[]+!![]+!![]+!![]+!![]+!![]));a.value = (+STgloDD.otLJdO).toFixed(10); '; 121' f.action += location.hash; f.submit(); }, 4000); }, false); })(); //]]>

The code above is encoded in javascript and after you interpretate it you will get the url of the page that you need to go. As you php script cant interpretate javascript code you need to convert it in to php code

prinze77 commented 5 years ago

Please let me know if you do this, i need it also, but i dont have time to mess with this challenge

vb6rocod commented 5 years ago

You dont read what I write!

$h=file_get_contents("c2.txt");
$q= getClearanceLink($h,$link);

I SOLVE challenge, see here https://github.com/vb6rocod/hddlinks/blob/master/cf.php

The problem is here;

$link="https://tvhub.org";
$h=file_get_contents($link);

$h is "wrong", I also try with curl, same result.

vb6rocod commented 5 years ago

I find solution.

<?php
$link = "https://tvhub.org/";

include ("cf.php");

$ua = $_SERVER['HTTP_USER_AGENT'];
$cookie = __DIR__ . "\c.txt";
$head = array(
    'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
    'Accept-Language: en-US,en;q=0.5',
    'Accept-Encoding: deflate, br',
    'Connection: keep-alive',
    'Upgrade-Insecure-Requests: 1'
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $link);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, $ua);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, $head);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
curl_setopt($ch, CURLOPT_HTTPGET, true);
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_HEADER, 1);
$h = curl_exec($ch);

$q = getClearanceLink($h, $link);

curl_setopt($ch, CURLOPT_URL, $q);
$h = curl_exec($ch);
curl_close($ch);

// for check

$c = file_get_contents($cookie);
preg_match("/cf_clearance\s+[a-z0-9\-]+/", $c, $match);
echo $match[0];
?>
vb6rocod commented 5 years ago

complete solution

file cf.php

<?php
function rr($js_code)
    {
    $js_code = str_replace(array(
        ")+(",
        "![]",
        "!+[]",
        "[]"
    ) , array(
        ").(",
        "(!1)",
        "(!0)",
        "(0)"
    ) , $js_code);
    return $js_code;
    }

function getClearanceLink($content, $url)
    {
    sleep(4);
    preg_match_all('/name="\w+" value="(.+?)"/', $content, $matches);
    $params = array();
    list($params['s'], $params['jschl_vc'], $params['pass']) = $matches[1];
    $uri = parse_url($url);
    $host = $uri["host"];
    $result = "";
    $t1 = explode('id="cf-dn', $content);
    $t2 = explode(">", $t1[1]);
    $t3 = explode("<", $t2[1]);
    $cf = $t3[0];
    preg_match("/f\,\s?([a-zA-z0-9]+)\=\{\"([a-zA-Z0-9]+)\"\:\s?([\/!\[\]+()]+|[-*+\/]?=[\/!\[\]+()]+)/", $content, $m);
    eval("\$result=" . rr($m[3]) . ";");
    $pat = "/" . $m[1] . "\." . $m[2] . "(.*)+\;/";
    preg_match($pat, $content, $p);
    $t = explode(";", $p[0]);
    for ($k = 0; $k < count($t); $k++)
        {
        if (substr($t[$k], 0, strlen($m[1])) == $m[1])
            {
            if (strpos($t[$k], "function(p){var p") !== false)
                {
                $a1 = explode("function(p){var p", $t[$k]);
                $t[$k] = $a1[0] . $cf;
                $line = str_replace($m[1] . "." . $m[2], "\$result ", rr($t[$k])) . ";";
                eval($line);
                }
              else
            if (strpos($t[$k], "(function(p){return") !== false)
                {
                $a1 = explode("(function(p){return", $t[$k]);
                $a2 = explode('("+p+")")}', $a1[1]);
                $line = "\$index=" . rr(substr($a2[1], 0, -2)) . ";";
                eval($line);
                $line = str_replace($m[1] . "." . $m[2], "\$result ", rr($a1[0]) . " " . ord($host[$index]) . ");");
                eval($line);
                }
              else
                {
                $line = str_replace($m[1] . "." . $m[2], "\$result ", rr($t[$k])) . ";";
                eval($line);
                }
            }
        }

    $params['jschl_answer'] = round($result, 10);
    return sprintf("%s://%s/cdn-cgi/l/chk_jschl?%s", $uri['scheme'], $uri['host'], http_build_query($params));
    }

function getClearanceLink_old($content, $url)
    {
    /*
    * 1. Mimic waiting process
    */
    sleep(4);
    /*
    * 2. Extract "jschl_vc" and "pass" params
    */
    preg_match_all('/name="\w+" value="(.+?)"/', $content, $matches);
    $params = array();

    list($params['s'], $params['jschl_vc'], $params['pass']) = $matches[1];

    // Extract CF script tag portion from content.

    $cf_script_start_pos = strpos($content, 's,t,o,p,b,r,e,a,k,i,n,g,f,');
    $cf_script_end_pos = strpos($content, '</script>', $cf_script_start_pos);
    $cf_script = substr($content, $cf_script_start_pos, $cf_script_end_pos - $cf_script_start_pos);
    /*
    * 3. Extract JavaScript challenge logic
    */
    preg_match_all('/:[\/!\[\]+()]+|[-*+\/]?=[\/!\[\]+()]+/', $cf_script, $matches);

    /*
    * 4. Convert challenge logic to PHP
    */
    $php_code = "";
    foreach($matches[0] as $js_code)
        {

        // [] causes "invalid operator" errors; convert to integer equivalents

        $js_code = str_replace(array(
            ")+(",
            "![]",
            "!+[]",
            "[]"
        ) , array(
            ").(",
            "(!1)",
            "(!0)",
            "(0)"
        ) , $js_code);

        $php_code.= '$params[\'jschl_answer\']' . ($js_code[0] == ':' ? '=' . substr($js_code, 1) : $js_code) . ';';
        }

    /*
    * 5. Eval PHP and get solution
    */

    eval($php_code);

    // toFixed(10).

    $params['jschl_answer'] = round($params['jschl_answer'], 10);

    // Split url into components.

    $uri = parse_url($url);

    // Add host length to get final answer.
    // echo $uri['host'];

    $params['jschl_answer']+= strlen($uri['host']);

    /*
    * 6. Generate clearance link
    */

    // echo http_build_query($params);

    return sprintf("%s://%s/cdn-cgi/l/chk_jschl?%s", $uri['scheme'], $uri['host'], http_build_query($params));
    }
?>

file cloudflare.php


<?php
$link = "https://tvhub.org/";
$link_old_style = "https://spacemov.cc/";
include ("cf.php");

$ua = $_SERVER['HTTP_USER_AGENT'];
$cookie = __DIR__ . "\c.txt";   // you may change this

if (file_exists($cookie)) unlink($cookie);
$head = array(
    'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
    'Accept-Language: en-US,en;q=0.5',
    'Accept-Encoding: deflate, br',
    'Connection: keep-alive',
    'Upgrade-Insecure-Requests: 1'
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $link);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, $ua);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, $head);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
curl_setopt($ch, CURLOPT_HTTPGET, true);
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($ch, CURLOPT_TIMEOUT, 15);
curl_setopt($ch, CURLOPT_HEADER, 1);
$h = curl_exec($ch);

if (strpos($h, "503 Service") !== false)
    {
    if (strpos($h, 'id="cf-dn') === false) $q = getClearanceLink_old($h, $link);
      else $q = getClearanceLink($h, $link);
    curl_setopt($ch, CURLOPT_URL, $q);
    $h = curl_exec($ch);
    curl_close($ch);
    /*for check
    $c=file_get_contents($cookie);
    preg_match("/cf_clearance\s+[a-z0-9\-]+/",$c,$match);
    echo $match[0];
    */
    }
  else
    {
    curl_close($ch);
    }

?>
prinze77 commented 5 years ago

Yes, it work, i test it also on the site that i need it for.

Thank you very much for shearing your solution.

KyranRana commented 5 years ago

v3 is coming soon. It will fix the problem but for now you can use the above solution :)

i will update this branch when I can. I apologise for the inconvenience.

Pedroxam commented 5 years ago

@vb6rocod Thank you bro. your codes works very well !

hkkdt1 commented 5 years ago

@vb6rocod Thanks you for your working sharing code !!!

Laky-64 commented 5 years ago

@vb6rocod asks me for CAPTCHA verification, how can I solve it?

vb6rocod commented 5 years ago

I have the same situation after I make this code. Few days work, then nothing. Working on windows with XAMPP php 5.6.39. Test on android with php 5.6.35, work. I have an old distribution 4.2.20, test and work (?). I donwload 5.6.9, extract php_curl.dll, replace in php 5.6.39 and now work. Also test with php 7.3 (windows) and work.

Laky-64 commented 5 years ago

@vb6rocod I have php 5.6.40 and does not work

Pedroxam commented 5 years ago

for me, work on php 5.64 , 7.0, 7.2, 7.3. xamp, wamp, linux, windows, and everything is good.

after you get cf_clearnce and __cfduid from c.txt, you most set this value to curl cookie, then reopen your site.

eg:

$c = file_get_contents($cookie);
preg_match("/__cfduid\s+[a-z0-9\-]+/",$c,$matchs);
$cfuid = str_replace('_cfduid   ','',$matchs[0]);
$cfuid = str_replace('_','',$cfuid);
$cfuid = trim($cfuid);
preg_match("/cf_clearance\s+[a-z0-9\-]+/",$c,$clearance);
$cf_clearance = $clearance[0];
$cf_clearance = str_replace('cfclearance ','',$cf_clearance);
$cf_clearance = str_replace('_','',$cf_clearance);
$cf_clearance = trim($cf_clearance);
$cf_clearance = str_replace('cfclearance    ','',$cf_clearance);

curl_setopt($ch, CURLOPT_COOKIE, '__cfduid='.$cfuid.'; cf_clearance='.$cf_clearance.';');

Laky-64 commented 5 years ago

[](# Netscape HTTP Cookie File # http://curl.haxx.se/docs/http-cookies.html # This file was generated by libcurl! Edit at your own risk. #HttpOnly_.altadefinizione.cloud TRUE / TRUE 1587998312 __cfduid d7ba99e9c39dfb86fc8a1b6af3a135e2c1556462312)

i not get cf_clarence @MyNameIsPedram

vb6rocod commented 5 years ago

check curl version. 

<?php
echo phpinfo();
?>

7.59.0 -->> not good (from php 5.6.39) 7.42.1 -->> good (from php 5.6.9)

Pedroxam commented 5 years ago

@WAVDEVTEAM Try following code:


<?php
include ("cf.php");

function bypassCloud($link) {
    $cookie = __DIR__ . "\c.txt";
    $head = array(
        'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
        'Accept-Language: en-US,en;q=0.5',
        'Accept-Encoding: deflate, br',
        'Connection: keep-alive',
        'Upgrade-Insecure-Requests: 1'
    );
    $ua = $_SERVER['HTTP_USER_AGENT'];
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $link);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_USERAGENT, $ua);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
    curl_setopt($ch, CURLOPT_HTTPHEADER, $head);
    curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie);
    curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
    curl_setopt($ch, CURLOPT_HTTPGET, true);
    curl_setopt($ch, CURLINFO_HEADER_OUT, true);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
    curl_setopt($ch, CURLOPT_TIMEOUT, 15);
    curl_setopt($ch, CURLOPT_HEADER, 1);
    $h = curl_exec($ch);
    if (strpos($h, 'id="cf-dn') === false)
        $q = getClearanceLink_old($h, $link);
    else
        $q = getClearanceLink($h, $link);
    curl_setopt($ch, CURLOPT_URL, $q);
    $h = curl_exec($ch);
    curl_close($ch);

    $cfuid = '_cfduid Not Found !';
    $cf_clearance = 'cf_clearance Not Found !';

    $c = file_get_contents($cookie);

    if(preg_match("/__cfduid\s+[a-z0-9\-]+/",$c,$matchs)){
        $cfuid = str_replace('_cfduid   ','',$matchs[0]);
        $cfuid = str_replace('_','',$cfuid);
        $cfuid = trim($cfuid);
    }

    if(preg_match("/cf_clearance\s+[a-z0-9\-]+/",$c,$clearance)) {
        $cf_clearance = $clearance[0];
        $cf_clearance = str_replace('cfclearance ','',$cf_clearance);
        $cf_clearance = str_replace('_','',$cf_clearance);
        $cf_clearance = trim($cf_clearance);
        $cf_clearance = str_replace('cfclearance    ','',$cf_clearance);
    }

    return [ 'id' => $cfuid, 'clear' => $cf_clearance ];
}

$target = bypassCloud('https://tvhub.org');

echo 'cfduid is: ' . $target['id'];

echo PHP_EOL;

echo 'cf_clearance is: ' . $target['clear'];
vb6rocod commented 5 years ago

It's so hard to change php_curl.dll ???

Laky-64 commented 5 years ago

@MyNameIsPedram cfduid is: d5311166866de68ca8e4d22ad5100e7971556536651 cf_clearance is: cf_clearance Not Found !

Pedroxam commented 5 years ago

Today, it does not work for me anymore. I think Cloudflare has updated and this method no longer is work :(

Pedroxam commented 5 years ago

@WAVDEVTEAM open your target site with your browser + https proxy. save the cfduid and cf_clearance in the notepad. then, write this value to your code, eg: $cfuid = ''; $cf_cl = ''; curl_setopt($ch, CURLOPT_COOKIE, '__cfduid='.$cfuid.'; cf_clearance='.$cf_cl.';');

also set proxy to curl (the same proxy that you set up in the browser): $proxy_ip = ''; curl_setopt($ch, CURLOPT_PROXY, $proxy_ip);

$ua = 'YOUR Browser User Agent when you open the site''; curl_setopt($ch, CURLOPT_USERAGENT, $ua);

done. it is 100% work, but maybe not good way for more requests.

vb6rocod commented 5 years ago

THE ONLY SOLUTION IS TO CHANGE PHP_CURL.dll or CURL.SO !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! The code work, I check other sites, (including altadefinizione.cloud) and is good.

prinze77 commented 5 years ago

Today, it does not work for me anymore also. Cloudflare has updated and this method no longer is work

Laky-64 commented 5 years ago

for https request not working, only http

prinze77 commented 5 years ago

for https request not working, only http

Thank you