Generating Cookie From Website That Implements Testcookie-nginx-module
This is a follow question on this answer: Link Here Based on that answer I am able to bypass the security check of testcookie-nginx-module used by byethost hosting. The problem is
Solution 1:
I met the same problem and first I used WebView to access the page and get the cookies, use that to bypass the security check of testcookie-nginx-module
WebViewmyWebView=newWebView(this);
myWebView.getSettings().setJavaScriptEnabled(true);
myWebView.loadUrl("my_page_here");
Stringcookies= CookieManager.getInstance().getCookie("my_page_here");
System.out.println(cookies);
myWebView.destroy();
Then to use with Volley, i created a CustomRequest extends StringRequest and override getHeaders like this:
@OverridepublicMap<String, String> getHeaders() throws AuthFailureError {
Map<String, String> params = newHashMap<String, String>();
params.put("User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240 ");
params.put("Cookie", cookies+"; expires=Fri, 1-Jan-38 06:55:55 GMT; path=/");
params.put("Content-Type", "application/x-www-form-urlencoded");
return params;
}
And that's all, do you have any other solution yet? if not you could check this :D
Solution 2:
In case someone still needs a better answer, I would like to add mine. First, I created a Splash Screen Activity which first connects to the byethost server and get the response and then parse the "__test" cookie from it.
voidgetCookie() {
RequestQueuemQueue= Volley.newRequestQueue(this);
StringRequeststringRequest=newStringRequest(Request.Method.GET, Constants.SERVER_URL,
response -> {
try {
if (response.contains("src=\"/aes.js\"") || response.contains("src=\"/aes.min.js\"")) {
StringbeginOffsetA="var a=toNumbers(\"";
StringbeginOffsetB="\"),b=toNumbers(\"";
StringbeginOffsetC="\"),c=toNumbers(\"";
StringendOffsetC="\");document.cookie=";
Stringa= response.substring((response.indexOf(beginOffsetA) + (beginOffsetA).length()), response.indexOf(beginOffsetB)); // Value of var aStringb= response.substring((response.indexOf(beginOffsetB) + (beginOffsetB).length()), response.indexOf(beginOffsetC)); // Value of var bStringc= response.substring((response.indexOf(beginOffsetC) + (beginOffsetC).length()), response.indexOf(endOffsetC)); // Value of var c
Constants.COOKIE = "__test=" + encrypt(hexStringToByteArray(a), hexStringToByteArray(b), hexStringToByteArray(c)).toLowerCase() + "; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/"; //This is the "__test" Cookie, e.g., "__test=8927389y1huwieqyue"
} else {
theServerDoesNotNeedTestCookie();
}
} catch (Exception e){
e.printStackTrace();
didntWork();
}
},
error -> doesNotWork();
);
mQueue.add(stringRequest);
}
public String encrypt(byte[] key, byte[] initVector, byte[] data) {
try {
IvParameterSpeciv=newIvParameterSpec(initVector);
SecretKeySpeckeySpec=newSecretKeySpec(key, "AES");
Ciphercipher= Cipher.getInstance("AES/CBC/NoPadding");
cipher.init(Cipher.DECRYPT_MODE, keySpec, iv);
byte[] encrypted = cipher.doFinal(data);
return bytesToHex(encrypted);
} catch (Exception ex) {
newReporter(this, ex);
}
returnnull;
}
public String bytesToHex(byte[] bytes) {
finalchar[] HEX_ARRAY = "0123456789ABCDEF".toCharArray();
char[] hexChars = newchar[bytes.length * 2];
for (intj=0; j < bytes.length; j++) {
intv= bytes[j] & 0xFF;
hexChars[j * 2] = HEX_ARRAY[v >>> 4];
hexChars[j * 2 + 1] = HEX_ARRAY[v & 0x0F];
}
returnnewString(hexChars);
}
publicbyte[] hexStringToByteArray(String s) {
intlen= s.length();
byte[] data = newbyte[len / 2];
for (inti=0; i < len; i += 2) {
data[i / 2] = (byte) ((Character.digit(s.charAt(i), 16) << 4)
+ Character.digit(s.charAt(i+1), 16));
}
return data;
}
This works for byethost.
Post a Comment for "Generating Cookie From Website That Implements Testcookie-nginx-module"