cloudflare bypass

[malcev]

I just write a script which helps bypass cloudflare.
I use Regex.
May be is it possible to execute javascript without browser?
May be from htmlfile object?
Will be glad for any help or link how to do it.

Code: Select all

link := "http://forum.teamspeak.com"
HTTP := ComObjCreate("WinHTTP.WinHTTPRequest.5.1")
HTTP.Open("GET", link, true)
HTTP.SetRequestHeader("User-Agent", "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)")
HTTP.Send()
HTTP.WaitForResponse()
msgbox % ResponseText := HTTP.ResponseText
RegexMatch(ResponseText, "s)var t,r,a,f, (.+?)=\{""(.+?)"":(.+?)}.+?jschl_vc"" value=""(.+?)"".+?pass"" value=""(.+?)""", match)
var := match1 "." match2
jschl_vc := match4
pass := match5
FinalResult := Count(match3)
match := "", Pos := 1  
While Pos := RegExMatch(ResponseText, "s);" var "(..)(.+?)(?=;)",match,Pos+StrLen(match))
{
   result := Count(match2)
   if (match1 = "+=")
      FinalResult += result
   if (match1 = "-=")
      FinalResult -= result
   if (match1 = "*=")
      FinalResult *= result
}
finalresult += StrLen(RegexReplace(link, "^https?://"))
JsLink := link "/cdn-cgi/l/chk_jschl?jschl_vc=" jschl_vc "&pass=" pass "&jschl_answer=" finalresult
sleep 5000
HTTP.Open("GET", Jslink, true)
HTTP.SetRequestHeader("User-Agent", "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)")
HTTP.Send()
HTTP.WaitForResponse()
msgbox % ResponseText := HTTP.ResponseText



Count(var)
{
   match := digit := "", Pos := 1
   While Pos := RegExMatch(var, ".+?(\+\(|$)",match,Pos+StrLen(match))
   {
      RegexReplace(match, "(!\+\[]|\+!!\[])",,count)
      digit .= count
   }   
   return digit
}

;  +[] = 0
;  +!![] = 1
;  !+[] = 1
;  *=+((!+[]+!![]+!![]+!![]+[])+(+!![]))   41
;  ;  +=+((+!![]+[])+(+[]))   10

[afe]

Good job! However, this is out of date. Maybe we should think differently instead of calculating the value of jschl_answer.

[malcev]

It depends on site.
You have to detect how this key is created and after that You can transfer algorithm to autohotkey or count it in js.

[afe]

I tried to open the target page using IE but it failed. The reason is that I need to open the page in InPrivate mode, although this can be done, but if so, I will not be able to get the cookie or the source code of the page. And this method is too inefficient.

So the only way now is to calculate the value of jschl_answer.

Since the algorithm for jschl_answer is random, converting it to AHK is too much trouble.
Yes, count it in js. we can call JS directly using ObjBindMethod() . This will greatly reduce the difficulty.

Just ike
https://www.autohotkey.com/boards/viewtopic.php?f=76&t=60738&p=256723#p256648

Remove the part associated with the web page, leaving only JS.

However, I did not succeed in testing with the Chrome console. I don't know where the problem is.


I have written my thoughts on

Https://www.autohotkey.com/boards/viewtopic.php?f=76&t=68464&p=294498

, and thank you for your reply, but it is too complicated, I don't understand.