1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

need help trying to extract a club flyer from a website

Discussion in 'BlackHat Lounge' started by housemusic, May 8, 2009.

  1. housemusic

    housemusic Regular Member

    Joined:
    Jan 27, 2009
    Messages:
    389
    Likes Received:
    72
    Occupation:
    Jan 2009
    Location:
    Jan 2009
    the website is in swf, when i try to open the flyer on middle its says that the 100 quantity already runned out.

    After using a SWF decompulier i found that The direct link to the flyer is:
    Code:
    hxxp://www.mobydickcafe.com.br/asp/bonus.asp?promocao=sexta
    and the script that decides its the flyer is available or not is on:
    Code:
    hxxp://www.mobydickcafe.com.br/asp/adm/promocao.inc
    if semeone could help me i ll be happy
     
  2. crashed

    crashed Senior Member

    Joined:
    Aug 13, 2008
    Messages:
    958
    Likes Received:
    1,200
    Occupation:
    Guru-slayer
    Location:
    Behind the VPN...
    Home Page:
    Would help if I could understand the language, you looked at:

    Code:
    hxxp://www.mobydickcafe.com.br/bonus/controle.html
     
  3. Lurking

    Lurking Junior Member

    Joined:
    Apr 14, 2009
    Messages:
    101
    Likes Received:
    110
    Here's the code inside the inc file:

    Code:
    <%
    RESPONSE.EXPIRES=-1
    m_promocao = trim(request.querystring("promocao"))
    m_sessao = session("usuario")
    m_cookie = request.cookies("mobydickcafe")("usuario")
    
    m_usuario = 0
    if trim(m_sessao)<>"" then
        m_usuario = m_sessao
    end if
    if trim(m_cookie)<>"" then
        m_usuario = m_cookie
    end if
    
    if m_usuario = 0 then
        comando = "select top 1 * from contador order by codigo"
        set rscont = conn.execute(comando)
        m_cont = rscont("numero") + 1
        comando = "update contador set numero="& m_cont & " where codigo=" & rscont("codigo")
        conn.execute(comando)
        m_usuario = m_cont
        response.cookies("mobydickcafe")("usuario") = m_usuario
        response.cookies("mobydickcafe").expires = "01/01/2010"
        session("usuario") = m_usuario
    end if
    
    comando = "select * from cupom where cod_promocao ='" & ucase(m_promocao) & "'"
    set rs = conn.execute(comando)
    m_hoje = date
    passou = 0
    
    comando = "select count(*) as totimp from bilhete where usuario=" & m_usuario & " and cod_cupom="& rs("codigo")
    set rstotimp = conn.execute(comando)
    
    comando = "select count(*) as totvazio from bilhete where usuario=0 and cod_cupom="& rs("codigo")
    set rstotvazio = conn.execute(comando)
    
    if rstotimp("totimp") >= rs("x_cupom") then
        passou = 1
    end if
    
    if rstotvazio.eof or rstotvazio.bof then
        passou = 2
    end if 
    
    if (m_hoje < rs("data_inicio") or m_hoje > rs("data_final")) then
            passou=2 
    end if
    
    if passou=1 then
        response.redirect("../bonus/controle.html")
    elseif passou=2 then
        response.redirect("../bonus/esgotado.html")
    end if
    
    m_agora = tratadata(m_hoje,"G") & " " & time
    comando = "update bilhete set usuario="&m_usuario&",data='"&m_agora&"' where numeracao = (select top 1 numeracao from bilhete where usuario=0 and cod_cupom=" & rs("codigo") & ")" 
    conn.execute(comando)
    comando = "select numeracao from bilhete where usuario="&m_usuario&" and data=#"&m_agora&"#"
    set rsresu=conn.execute(comando)
    
    if rsresu.eof then
        response.redirect("../bonus/esgotado.html")
    else
        m_nr_cupom_imp = rsresu("numeracao")
    end if
    
    %>
    
    <!---
    response.cookies("mobydickcafe")("usuario") = now
    response.cookies("mobydickcafe").expires = "01/01/2010"
    session(m_promocao) = 20
    
    
    
    m_impressao = request.cookies("mdick"&rs("cod_promocao")&rs("data_inicio"))("impressao"&rs("cod_promocao"))
    
    m_nr_cupom = rs("nr_cupom")+1
    m_nr_cupom_imp = "000" & m_nr_cupom
    m_nr_cupom_imp = right(m_nr_cupom_imp,3)
    
    if not rs.eof then
        if trim(m_impressao) <> "" then
            if cint(trim(m_impressao)) >= rs("x_cupom") then 
                passou=1
            end if
        end if
        if trim(m_impressao_s) <> "" then
            if cint(trim(m_impressao_s)) >= rs("x_cupom") then 
                passou=1
            end if
        end if
    
        if m_nr_cupom >= rs("max_cupom") then 
            passou=1
        end if
        if (m_hoje < rs("data_inicio") or m_hoje > rs("data_final")) then
            passou=2 
        end if
    else
        passou=2
    end if    
    
    if passou=1 then
        response.redirect("../bonus/controle.html")
    elseif passou=2 then
        response.redirect("../bonus/esgotado.html")
    end if
    
    if m_impressao = "" then
        m_impressao = 0
    else
        m_impressao = cint(m_impressao)
    end if
    
    response.cookies("mdick"&rs("cod_promocao")&rs("data_inicio"))("impressao"&rs("cod_promocao")) = (m_impressao + 1)
    response.cookies("mdick"&rs("cod_promocao")&rs("data_inicio")).expires=rs("data_final")
    session(m_promocao) = (m_impressao_s + 1)
    
    comando = "update cupom set nr_cupom=(nr_cupom+1) where cod_promocao ='" & ucase(m_promocao) & "'"
    set rs = conn.execute(comando)
    --->
    
    
    Looks like it's pulling data from a database. So you're out of luck.
     
  4. crashed

    crashed Senior Member

    Joined:
    Aug 13, 2008
    Messages:
    958
    Likes Received:
    1,200
    Occupation:
    Guru-slayer
    Location:
    Behind the VPN...
    Home Page:
    The code in the inc file is useless as it just redirects if the coupons expired. the actual code that is needed is in bonus.asp
     
  5. housemusic

    housemusic Regular Member

    Joined:
    Jan 27, 2009
    Messages:
    389
    Likes Received:
    72
    Occupation:
    Jan 2009
    Location:
    Jan 2009
    controle.html still dont give me the image.

    but i found that the img folder where the flyers are is:

    anyway i could extract or discover the name of the jpgs on this folder?