When you request a URL to download from Rapidleech, Rapidleech will act as a browser. It will send a so-called HTTP request to the host’s server and receives the response. During this transmition, there are a few important components, which are referer, cookie and post. Please make sure you do understand them before continuing. In order not to make this article too long, I will not be explaining them. Some file hosts require the correct referer and cookie value sent in order to give you the download link to download, so it is essential to always give the correct value. Now, you might be a little confused here, don’t worry, try to understand what I’m saying, eventhough you don’t know, just understand first, and continue.
In this article, I will take the easiest file host as example: zshared.net. I believe that after reading this article, you will be able to write even more complicated plugins on your own. But of course, I will also explain some essential parts.
When you want to download from zshared, you will first enter the file url, then hit enter on the browser. During this process, the browser actually sends a GET request to the server which looks like this:
GET / HTTP/1.1 Host: zshare.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.7) Gecko/2009021910 Firefox/3.0.7 (.NET CLR 3.5.30729) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive
Upon receiving this request, the server will return a response, which looks as below:
HTTP/1.1 200 OK X-Powered-By: PHP/5.2.0-8+etch13 Content-type: text/html; charset=UTF-8 Last-Modified: Tue, 17 Mar 2009 10:32:36 -0400 Cache-Control: post-check=0, pre-check=0 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Set-Cookie: sid=ed161d014ec131d4146ab3239892ac45; expires=Wed, 17 Mar 2010 14:32:36 GMT; path=/; domain=.zshare.net Expires: Thu, 19 Nov 1981 08:52:00 GMT Pragma: no-cache Content-Encoding: gzip Vary: Accept-Encoding Content-Length: 4232 Date: Tue, 17 Mar 2009 14:32:36 GMT Server: lighttpd/1.5.0
Note that this is just the header of the response, there are still some more data below, which is the page which you will usually see when you open zshare.net in the browser.
During this request and response, you can see that the browser first requested a page ‘/’ to the server, the server then responded with a cookie value which is defined by ‘Set-Cookie’. This value is usually very important as many file hosts will check the cookie value before allowing you to download a file.
Writing the plugin
Rapidleech passes the download url as $LINK. But before you request a response, you must parse the url into a few components: Host, port, path and query. You can do that by using:
$Url = parse_url($LINK);
Then, when you get the components of a url, you can request and receive response in this way:
$page = geturl($Url["host"], $Url["port"] ? $Url["port"] : 80, $Url["path"].($Url["query"] ? "?".$Url["query"] : "") ,$Referer , $cookie, $post, 0, $_GET["proxy"],$pauth);
In this case, all headers and body contents will be in the variable $page. Next, you will want to check if there are any cookie values set, you can do that by:
preg_match_all('/Set-Cookie: (.*);/U',$page,$temp); $cookie = $temp[1]; $cookie = implode(';',$cookie);
All cookies will be saved into $cookie. But you don’t have to do this everytime, you will understand about that later.
Proceeding to download page
So next, if you want to download a file, you will need to click on the download button, right? But how do you do that in Rapidleech? Well, you can emulate a browser receiving clicks. But you will have to see what type is it.
There are basically 2 types of clicks, one is redirection, another is form submittion. Ok, so how do you differentiate it? In zshare, look for this line:
Well, it seems obvious that they are using the post method. Form is the signature, the ‘Download Now!’ button you see in the browser is the line with name=”imageField”.
When you see file hosts using post method, you must be extremely careful. You must pass every value of the input. As you can see, there are 3 input tags in this form. But the ones with values are ‘referer2’ and ‘download’, so you must pass these 2 values to the server. Besides, you must also note the form action, see where it is posting to. In zshared, the action is empty, it means it will be posted to the same page. Some file hosts will post the content to other pages, in this case you will need to get the url in the action. You can use the following function to get the url:
$url_action = cut_str($page,'";
Some are the variables retrieved from forms earlier and some are required to let Rapidleech know that is in the next stage. Below is a checklist that you should always not forget to put together with this form:
First and foremost, the captcha image and the field
Next, it's important to put an input element with the name 'link' and the exact value that is entered by the user, this ensures that Rapidleech will later come back to this specific plugin
A variable to let the plugin know that it is entering the next stage. In ziddu, we have ziddu="ok".
POST values that may be passed to the host.
Next, when the user enters the captcha and submits the form, it is our time to submit the results to the file host.
Submitting the captcha
We need to know that we are now entering this after captcha stage. So you must see this in the code:
if ($_POST['zd'] == 'ok') {
In this stage, we must capture all values which are posted from the previous stage, although some are not needed. When we get those values, we can post them to the file host. In zshare, the download will be initiated once you post the captcha. So we collect the variables passed:
$post = Array(); $post["fid"] = $_POST['fid']; $post["tid"] = $_POST['tid']; $post["securitycode"] = $_POST['securitycode']; $post["fname"] = $_POST['fname']; $post["securecode"] = $_POST['securecode']; $post["Keyword"] = 'Ok'; $post["submit"] = 'Download'; $cookie = $_POST['cookie']; $Referer = $_POST["referer"]; $Href = $_POST["flink"]; $FileName = $_POST["name"]; $Url = parse_url($Href);
Make sure to capture cookie, referer and the download link, determine the filename and off we go posting it!
Conclusion
Writing a plugin for a file host is a very flexible thing. Process written here is not necessary followed and you will have to twist your mind to follow the file host not this tutorial. Besides, file host love to always change their script to break our plugins as a present, so the most important is that you frequently check. Users will report, but it is always good to fix before any reports turn up, isn't it?
Things to remember
Below is a list of things to remember:
File host change their script frequently to break our plugin, don't forget to fix.
Always remember to check for cookies and hidden input elements when posting forms.
Don't leave out the referrer when redirecting or posting form.
If you encounter some problems and want to debug so that you know what Rapidleech is receiving instead of what you're seeing in the browser, use this line:
echo "";var_dump(nl2br(htmlentities($page)));echo "";exit;
This will print out the html source of the page Rapidleech is receiving.