Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
- Accept-Encoding: gzip, deflate
- Accept-Language: en-US,en;q=0.9
- Cache-Control: max-age=0
- Connection: keep-alive
- Cookie: __test=9eea7a0d55374cb5b0673e2058581017
- Host: switch-check.cf
- Upgrade-Insecure-Requests: 1
- User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36
- User-Agent python-requests/2.18.4
- Accept-Encoding: gzip, deflate
- Accept: */*
- Connection: keep-alive
- <html>
- <body>
- <script type="text/javascript" src="/aes.js"></script>
- <script>
- function toNumbers(d) {
- var e = [];
- d.replace(/(..)/g, function(d) {
- e.push(parseInt(d, 16))
- });
- return e
- }
- function toHex() {
- for (var d = [], d = 1 == arguments.length && arguments[0].constructor == Array ? arguments[0] : arguments, e = "", f = 0; f < d.length; f++) e += (16 > d[f] ? "0" : "") + d[f].toString(16);
- return e.toLowerCase()
- }
- var a = toNumbers("f655ba9d09a112d4968c63579db590b4"),
- b = toNumbers("98344c2eee86c3994890592585b49f80"),
- c = toNumbers("c4ba932dbf1d8d33ca88410be4f79eb0");
- document.cookie = "__test=" + toHex(slowAES.decrypt(c, 2, a, b)) + "; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/";
- location.href = "http://switch-check.cf/index.php?i=1";
- </script>
- <noscript>This site requires Javascript to work, please enable Javascript in your browser or use a browser with Javascript support</noscript>
- </body>
- </html>
- >>> r = requests.get('http://switch-check.cf/index.php', headers={'Cookie': '__test=9eea7a0d55374cb5b0673e2058581017'})
- >>> r.status_code
- 403
- >>> r = requests.get('http://switch-check.cf/index.php', headers={'Cookie': '__test=' + '0'*32})
- >>> r.status_code
- 403
- >>> r = requests.get('http://switch-check.cf/index.php?i=1')
- >>> r.status_code
- 200
Add Comment
Please, Sign In to add comment