The /genLink URL will generate the expiretime for you, which requires
the Referer header being set. No User-Agent detection is used from what
I can tell. This is then dumped directly to stdout and wrapped by
another wget. Works for me on multiple OSes at different physical
locations.
wget "`wget --header="Referer: http://www.fosshub.com/FreeFileSync.html"
"http://www.fosshub.com/genLink/FreeFileSync/FreeFileSync_6.14_Windows_Setup.exe"
-O /dev/stdout`"
Fun fact:
badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9GcmVlRmlsZVN5bmMuaHRtbA==/41affbb904a577f14aeace96bc39786f8840601489dcb8f9e12de18037e1c481
Is just a base64 encoded string of
"http://www.fosshub.com/FreeFileSync.html". XSS exploit here, they
should fix that (could use a fosshub.com link to direct someone to a bad
URL, then the system redirects them to the attacker's phishing site).
For instance, this link redirects to Google:
http://files.fosshub.com/Protected/expiretime=9424210916;badurl=aHR0cDovL2dvb2dsZS5jb20=/FreeFileSync/FreeFileSync_6.14_Windows_Setup.exe
-Brad
On 02/17/2015 09:53 PM, ToddAndMargo wrote:
> On 02/17/2015 07:51 PM, Phil Wyett wrote:
>> On Wed, 2015-02-18 at 03:47 +0000, Phil Wyett wrote:
>>> On Tue, 2015-02-17 at 18:52 -0800, ToddAndMargo wrote:
>>>> On 02/17/2015 02:10 PM, Brad Cable wrote:
>>>>
>>>>> On 02/17/2015 04:08 PM, Brad Cable wrote:
>>>>>> Looks like the path alone is fine to pass to wget, the server
>>>>>> doesn't
>>>>>> seem to check all the cookies.
>>>>>>
>>>>>> wget
>>>>>> "http://files.fosshub.com/Protected/expiretime=1424210916;badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9GcmVlRmlsZVN5bmMuaHRtbA==/41affbb904a577f14aeace96bc39786f8840601489dcb8f9e12de18037e1c481/FreeFileSync/FreeFileSync_6.14_Windows_Setup.exe"
>>>>>>
>>>>>>
>>>>>>
>>>>>> -Brad
>>>>>>
>>>>>>
>>>>>> On 02/17/2015 04:05 PM, ToddAndMargo wrote:
>>>>>>> Hi All,
>>>>>>>
>>>>>>> I am trying to write a script to download the latest
>>>>>>> version of Free File Sync.
>>>>>>>
>>>>>>> http://www.fosshub.com/FreeFileSync.html
>>>>>>>
>>>>>>> Problem, it redirects and downloads from FossHub.
>>>>>>> Firefox's CliGet plugin tells me this is the wget
>>>>>>> command to download:
>>>>>>>
>>>>>>> wget --header='Host: files.fosshub.com' --header='User-Agent:
>>>>>>> Mozilla/5.0 (X11; Linux x86_64; rv:35.0) Gecko/20100101
>>>>>>> Firefox/35.0'
>>>>>>> --header='Accept:
>>>>>>> text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'
>>>>>>> --header='Accept-Language: en-US,en;q=0.5' --header='Referer:
>>>>>>> http://www.fosshub.com/FreeFileSync.html' --header='Cookie:
>>>>>>> __cfduid=df5c4cffdb92958c5fec1d6820562977a1420013499;
>>>>>>> __utma=109354002.1937444008.1422666016.1422666016.1423372212.2;
>>>>>>> __utmz=109354002.1423372212.2.2.utmcsr=thisisudax.org|utmccn=(referral)|utmcmd=referral|utmcct=/'
>>>>>>>
>>>>>>> --header='Connection: keep-alive'
>>>>>>> 'http://files.fosshub.com/Protected/expiretime=1424210916;badurl=aHR0cDovL3d3dy5mb3NzaHViLmNvbS9GcmVlRmlsZVN5bmMuaHRtbA==/41affbb904a577f14aeace96bc39786f8840601489dcb8f9e12de18037e1c481/FreeFileSync/FreeFileSync_6.14_Windows_Setup.exe'
>>>>>>>
>>>>>>> -O 'FreeFileSync_6.14_Windows_Setup.exe' -c
>>>>>>>
>>>>>>> How in the dickens do I duplicate that from a script? Cookies and
>>>>>>> bad url and all!
>>>>>>>
>>>>>>> Many thanks,
>>>>>>> -T
>>>>
>>>>
>>>> Problem is the stinkin' "badurl" changes with every click
>>>> on the download link. I can't figure out how Firefox gets
>>>> that data so I can use it in my script
>>>>
>>>>
>>>
>>> Hi all,
>>>
>>> wget --referer=http://www.fosshub.com/
>>> http://www.fosshub.com/download/FreeFileSync_6.14_Windows_Setup.exe
>>>
>>> Just change the file for whatever your after and happy days. ;-)
>>>
>>> Regards
>>>
>>> Phil
>>>
>>
>> Hmm... Firget that. Worked once and now having an issue. Will look into
>> it some more.
>>
>> Regards
>>
>> Phil
>>
>
> Thank you. I am stumped.
|