NOTE: This article might not be suitable for everyone. You must at least have a little knowledge with PHP and be quite capable with HTML to continue.
NOTE: We are using Filefactory member upload plugin as an example in this tutorial. The code you see is simply to illustrate how things work with filefactory so you can see how to put the whole plugin together. Don’t expect to just copy this code into a new plugin and expect it to work!
How Rapidleech Works
Before teaching you how to really write a plugin, I must explain the way Rapidleech works, you can see this if you read the Rapidleech Download Plugin Tutorial. If however, you already understand, you can skip it.
Categorised Upload Stages
The main stages in getting Rapidleech to upload a file to a site are (btw these are what we need to make the Rapidleech script do itself):
Log in to the target site
Grab any cookies sent back from the server
Navigate to (=load) the upload page of the target site using the login cookies we just got earlier
Get the target upload url and perhaps a random id from the upload form using the cut_str() function, or you can use preg_match()
Use these login cookies and/or upload id together for the file upload if required – they may or may not be needed for uploading depending on how the uploader works
Always remember, Rapidleech acts like a browser does, in that it ‘imitates’ what a normal user does when logging in to a site, clicking the login / upload buttons etc.
Logging In with HTTP Debugger
Login via browser (to see headers)
So we first get Rapidleech to login to the target site and load the cookies that are sent back.
Simply load up HTTP Debugger or your HTTP header catcher of choice, and then login to FileFactory in your browser. Make sure you are on the login page, or can see a login form where you can enter your user and pass, and then clear your cookies. We do this to make sure no session cookies were already set when we initially loaded the login page. Input your login and pass, and click on Login. In your HTTP debugger you should see the postdata:
As you can see the postdata got urlencoded before it was posted (sent) to the server, that’s why you can see the %40 instead of an @ symbol.
Analysing the Header Response Code
The server’s response to this post is a 302 Found, and a cookie is set:
HTTP/1.1 302 Found Date: Tue, 31 Mar 2009 16:09:17 GMT Server: Apache X-Powered-By: PHP/5.2.6 Set-Cookie: ff_membership=xLjW0ueLtA4IdfYHy%2F7imBhYGl0eV%2FwUNE4bw5FPzoGYgPVERneUMr6TSVSvMLWc%2v9ZVXQwBr%2BLI7ZIp1CiUSJB9VJSb3h%2FeE1gSvigoNfs4m92WxfhruNqoQuAKbpc5pb9AxYSRYRE%3D; expires=Thu, 30-Apr-2009 16:09:17 GMT; path=/; domain=.filefactory.com Location: /?login=1 Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 20 Connection: close Content-Type: text/html
As you can see, it tells us the new location is /?login=1 so that’s where we basically point Rapidleech. You can see it easier if you look at the filefactory.com_member.php file in the uploads/ folder.
Logging In with Rapidleech
Log In to Filefactory
First, login to filefactory with RL: $post = array(); $post['email'] = trim($_REQUEST['my_login']); $post['password'] = trim($_REQUEST['my_pass']); $post['redirect'] = '/'; $page = geturl("www.filefactory.com", 80, "/", 0, 0, $post, 0, $_GET["proxy"], $pauth); is_page($page); is_notpresent($page, 'HTTP/1.1 302 Found', 'Error logging in - are your logins correct?');
Storing the Login Cookies
Next, grab all the cookies the server sent us. We preg_match the ff_membership cookie to see if it was sent, and if it is missing we know there was an error so we return our own custom html error with the html_error() function.
$cook = GetCookies($page,true); $cookie = @implode("; ",$cook); if (!preg_match('%(ff_membership=.+); expires%', $cookie, $lcook)) html_error('Error getting login-cookie');
Log in again (with login cookies)
Now we can login to the site using the cookie we just got, and the upload form is on the page we’re getting:
$page = geturl("www.filefactory.com", 80, "/?login=1", 0, $lcook, 0, 0, $_GET["proxy"], $pauth); is_page($page); is_notpresent($page, 'You have been logged in as', 'Error logging in - are your logins correct?');
Retrieving the Upload Url
Analysing the upload form
As is the case with downloading, for uploading you basically send some content to the server at some pre-defined address. If you look at the upload form on a website, you will see a form:
Ok, so that form is pretty big..but it doesn’t matter, depending on what folders you set up in Filefactory, you’ll only see them in the options dropdown (the “select” tag).
The action url ‘http://ul016….’ is dynamically generated, because filefactory has more than one upload server, that’s why we have to cut it out and use the one they give at upload-time, rather than use the same one all the time! – you can be sure that if we did use the same one all the time, that server would become very loaded and probably fail eventually.
Storing the upload url
The good thing is, all you usually need to realise is the
oShell.Sendkeys “open 192.168.1.1~”
Save sbg *.vbs
Salam, rasanya masih belum terlewat untuk aku ucapkan Selamat Hari Raya Aidilfitri bagi pembaca blog picisan ini yang masih meraikannya. Aku yang dah start kerja ni memang dah xberaya sangat dah, serius.. Btw, entri ni sebenarnya aku nak share yg aku sendiri dah buntu dan xtaw apa nak jadi dengan blog ni.. lama giler kowt xberupdate, idea tu ada, tp maybe malas kowt.. Duk rajin main game Far Cry 4 jer.. Adoyai.. Xpe la, nanti aku dah ada mood ckit aku try la kembalikan semangat berblogging mcm zaman kanak2 dlu.. Huhuhu..
Chevereto 3.9.0 (2017-05-23)
– Added animated GIF images listing (explore/animated)
– Added trending content listing (explore/trending)
– Added popular content listing (explore/popular)
– Added recent content listing (explore/recent)
– Added new Explore menu
– Added album views count
– Added album likes
– Added “Upload to this album” button (user/album)
– Added “Create new album” button
– Added select album on upload
– Added forced expirable images for guests (optional)
– Added process lock system to avoid concurrency issues (Universal application)
– Added button to add content when showing empty listings
– Added indication in External storage about Amazon SDK & PHP < 5.5.0
– Added CHV\Listing::getTabs() method
– Added class.lock.php (lock system)
– Added class.shmop.php (shared memory operations)
– Removed privacy toggle from image uploader
– Removed “or cancel” text from image uploader
– Removed random mode button from mobile top bar
– Removed user menu from mobile top bar
– Removed notifications menu from mobile top bar
– Improved image uploader look and feel (CSS styles and animation)
– Improved image uploader translation placeholders
– Improved list item title display (use CSS text-overflow to truncate titles)
– Improved CHV\Stats::track method
– Improved theme styling (minor changes)
– Deprecated reCaptcha v1 support (v2 is supported)
– Fixed bug in ID based file-naming (concurrency issues)
– Fixed bug in user website URL display
– Fixed bug in CHV\Image::uploadToWebsite (album ownership issue)
– Fixed bug in class.image.php (security issue)
– Fixed bug in class.image.php (stats track issue)
– Fixed bug in user settings (private profile issue)
– Fixed bug in user settings (security issue)
– Fixed bug in upload queue handler (file input resetting)
– Fixed bug in upload queue error handling
– Fixed bug in get_image_fileinfo function
– Fixed bug in top-bar styling when using dark tone
– Fixed bug in listings when using 1 as items per page
– Fixed bug in Exif handler
– Fixed bug in image delete (autolike issues)
– Updated G\ to v1.0.37
– Updated Dutch, Finnish, German,Indonesian, Italian, Japanese, Russian and Spanish translations
Affected files and folders (from 3.8.13)
Check the README.txt file and http://chevereto.com/docs for install or update instructions.