I tried to get video from an embedded iFrame, but JS is de-obfuscated, may there is an actual src link hidden in JS, I tried my best and couldn’t de-obfuscate, if I click Play I can find the source, but I am fetching it with Curl, but cannot find the video link.. can someone guide me through right direction, so I can dig more – thanks
Basically there is an iFrame page, that loads external video link, which is hidden, if I open with curl with the same site referrer it doesn’t show anything. I need to reach the final link.
Advertisement
Answer
There is a call on https://secure.xyz.com/response.php with the same query parameters as those you get from the redirected url. Also it needs x-requested-with
http headers set :
curl 'https://secure.xyz.com/response.php?sid=XXXXX=&product=XXXXX' -H "x-requested-with: XMLHttpRequest"
An example in python :
import requests url = "https://cutt.ly/xxxxx" r = requests.get(url) queryParams = r.url.split("?")[1] r = requests.get(f"https://secure.xyz.com/response.php?{queryParams}", headers = { "x-requested-with": "XMLHttpRequest" }) print(r.json())