New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
VIDCDN server is missing #217
Comments
I guess they implement some sort of CRSF token protections |
They obfuscated the video player; I've reverse engineered it, And this is what I found: Value mappingValue1: _0x467e07 Parameters
Note: Requests to gogoplay requires User-Agent header, requests to encrypt-ajax.php requires User-Agent, Referer (Just a url of embedded video) and X-Requested-With (Must be 'XMLHttpRequest') headers Calculation formulas for valuesValue1: CryptoJS.enc.Utf8.stringify(CryptoJS.AES.decrypt($('script[data-name=\x27crypto\x27]').data('value'), CryptoJS.enc.Utf8.parse(Value6.toString() + Value6.toString()), {
iv: CryptoJS.enc.Utf8.parse(Value6)
})) Value2: Random numbers (16 chars) Value3: Value4: CryptoJS.AES.decrypt(Value5, CryptoJS.enc.Utf8.parse(Value1), {
iv: CryptoJS.enc.Utf8.parse(Value6)
}) Value5: Value6: This is code I've used for my project (javascript):function getRandomInt(min, max) {
min = Math.ceil(min);
max = Math.floor(max);
return Math.floor(Math.random() * (max - min + 1)) + min;
}
function f_random(length) {
var i = length
, str = '';
while (i > 0x0) {
i--,
str += getRandomInt(0, 9);
}
return str;
}
/**
* Parses the embedded video URL to encrypt-ajax.php parameters
* @param {cheerio} $ Cheerio object of the embedded video page
* @param {string} id Id of the embedded video URL
*/
function generateEncryptAjaxParameters($, id) {
const value6 = $('script[data-name=\x27ts\x27]').data('value');
const value5 = $("[name='crypto']").attr('content');
const value1 =
CryptoJS.enc.Utf8.stringify(CryptoJS.AES.decrypt($('script[data-name=\x27crypto\x27]').data('value'), CryptoJS.enc.Utf8.parse(value6.toString() + value6.toString()), {
iv: CryptoJS.enc.Utf8.parse(value6)
}));
const value4 =
CryptoJS.AES.decrypt(value5, CryptoJS.enc.Utf8.parse(value1), {
iv: CryptoJS.enc.Utf8.parse(value6)
});
const value3 = CryptoJS.enc.Utf8.stringify(value4);
const value2 = f_random(16);
return 'id=' + CryptoJS.AES.encrypt(id, CryptoJS.enc.Utf8.parse(value1), {
iv: CryptoJS.enc.Utf8.parse(value2)
}).toString() + '&time=' + '00' + value2 + '00' + value3.substring(value3.indexOf('&'));
} I don't think this is possible on bash script though... EDIT: My program is available at https://github.com/MeemeeLab/node-anime, Just a simple Nodejs implementation of ani-cli with obfuscation bypass. |
How about using openssl to handle AES encryption and decryption? |
we can use a tool call phantomjs to inject the JavaScript
inject.js
change the embade url and id in the code |
@MeemeeLab thank you so so much <3 |
Closing because definitely fixed by PR 209 |
Continue discussion on #221 if necessary |
Actually this solves so much. |
I'll do some groundwork with openssl tomorrow |
openssl implementation https://gist.github.com/alpha-hexor/a639957b054133a7d6198231dd6603f0 |
Perfect timing, looks good to me. Do you want to make a PR or should someone else integrate that solution? |
yea jq can be used and someone else should integrate the solution as i am not good in shell scripting. |
If its purpose is to just format the json output of the |
I'm working on the windows version, as someone unfamiliar with the site what's the best way to derive the embed link? Not seeing it in the html of the pages I'm currently seeing. I'm comfortable enough with the other stuff, but |
actually please halt on that... because main script is not working... so it will be wastage of your time... wait till the script starts working again.. |
@CoolnsX Would you be down to integrate @alpha-hexor's solution and open a PR for it? |
can you describe the issue? I would like to help by fixing this issue, this project helped me a lot to create my own anime streaming site ❤️ |
I already dry-run it.. it was not working... so maybe it will take more time.. |
Basically, ani-cli encrypts their urls to prevent your average scraper to scrape them. |
it works for some time then it prints blocked by gogoanime.. |
Did you try it with the same embade url or different one?? |
I changed embade url every time i run it.. |
Ok . Can u share the output here |
|
now its working...must have been due to double quotes on every data passed to curl.. I will try to test it for couple of anime.. |
yea maybe that's the reason. Cause it works for me just fine |
it will print only the links.. and install jq.. |
I am using git bash and jq doesn't come with it that's why using python |
|
done.. made the PR.. please check it.. |
Hi, I am using the same approach as ani-cli for my own anime app and I just found out that the VIDCDN server is missing. The link to VIDCDN is the same as STREAMING. Without it, I don't think the parser will work correctly. I hope this is temporary or we need to find a new way to get the link from STREAMING.
Currently, by calling
https://gogoplay1.com/encrypt-ajax.php
with correct parameters can retrieve links of all MP4s and m3u8. However, there are two mystery parameters.However, if ch and time can be figured out, this will be returned. MP4 links will work on itself without any headers so VLC or MPV player will be no longer needed because it can be played in a browser.
This might be also related to #216, #215, #212, #207, #202 and #192. I hope the link can be added back soon.
The text was updated successfully, but these errors were encountered: