1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

I was coding a web-scraper until I found an interesting message...

Discussion in 'BlackHat Lounge' started by RazeByte, Dec 25, 2016.

  1. RazeByte

    RazeByte Junior Member

    Joined:
    Mar 13, 2014
    Messages:
    129
    Likes Received:
    106
    Gender:
    Male
    Occupation:
    Student
    I was coding a scraper for a movie streaming website (watchfreeto) and I wanted it to go to each movie and grab the links and return them back to me via basic HTML dom parsing using PHP.

    Upon inspecting the page source, each link was coated in PHP, where it basically redirected to the page link, so I couldn't directly scrape the link from the website. Anyways, when I copied the link to see the coated PHP URL, I saw:

    Code:
    /go.php?gtfo=aHR0cDovL2hsb2sucWVydGV3cnQuY29tL29mZmVyP3Byb2Q9MjI4JnJlZj01MDUzOTA0JnN1Yl9pZD1EaXJlY3RMaW5rTW92aWUmcT1CYWQgU2FudGEgMg==&title=QmFkIFNhbnRhIDI=
    
    So I knew they were using go.php to coat the URL, but then I saw one of the arguments as GTFO. I found this funny because I'm not sure if they were using that for the people that tried to bot/scrape their site when discovering their little "message" or if that's just a way for their coder to know that the argument requires a key which actually gets the user out of the site.

    Anyways, thought I'd share that because I chuckled :p
     
    • Thanks Thanks x 1
  2. tb303

    tb303 Power Member

    Joined:
    Dec 18, 2011
    Messages:
    734
    Likes Received:
    388
    its "get the fuck out" as in your following an external link

    edit:
    you can scrape the site direct...its base64 encoded
    your example
    gtfo=hxxp://hlok.qertewrt.com/offer?prod=228&ref=5053904&sub_id=DirectLinkMovie&q=Bad Santa 2
    title=Bad Santa 2