What Is JAV.GURU Using as Their Server Button

Status
Not open for further replies.

momomesh

Active Member
414
2019
114
5,015
hi guys,

I came across JAV.GURU, they're prominent Japanese adult site,
I found that they're using some kind of code to mask their embed links from DMCA bots,

anyone know what plugin are they using or is it a custom code?
if you can provide me with the service kindly post or pm me please~

Thanks
 
40 comments
i bet jav.guru saw this thread and update his code, lol
it output
Code:
໒( . ͡° ͟ʖ ͡° . )७┌∩┐

It's still the same if you follow my steps. That link is probably just dead. Make sure you set a referer header because they check if the request came from jav.guru.
 
It's still the same if you follow my steps. That link is probably just dead. Make sure you set a referer header because they check if the request came from jav.guru.
i'll check it later.
but doing f12 then network is much easier the source will show up there. btw, do you know how to bypass the debugger tool? javhdporn seem good to prevent people doing dev tools in their site.
 
I can't test right now because video.javhdporn.net keeps throwing 502's at the moment, but I don't recall having any issues debugging it in Firefox with breakpoints disabled.
 
super easy per script, no headers needed
example is powershell

Code:
#powershell
function split_between($text,$from,$till) {
     return ((($text -split $from )[1]) -split $till)[0]
}


function base64_encode($str)
{
    return [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($str))
}

$link = "https://jav.guru/134363/ebod-802-when-will-these-crushes-be-requited-4-platonic-friends-2-girls-2-guys-watch-a-porno-together-and-get-so-horny-that-they-finally-break-the-ice-with-an-orgy-yukine-amasawa-rino-aisaka/"

$a = Invoke-RestMethod $link

$link2 = split_between $a 'iframe_url":"' '"'

$link2 = base64_encode $link2

$a2 = Invoke-RestMethod $link2

$OLID = split_between $a2 "var OLID = '" "'"
#reverse the $OLID (123->321)
$OLID =  $OLID[-1..-$OLID.Length] -join ''

$link3 = 'https://jav.guru/search' + (split_between $a2 'src="https://jav.guru/search' "'") + $OLID


$a3 = Invoke-WebRequest $link3

#the stream hoster embed url
write-host $a3.BaseResponse.RequestMessage.RequestUri
 
You see, I can't and I'm not as good as you or Hyperz.
I also don't scrape links from those 2 site, I join the conversation to satiate my curiosity,
if hiding the source file is really worth it. And as you can see I can just f12>network it.

Can you tell me why would you say "super easy per script, no headers needed"? I'm pretty sure you're already aware that hyperz provided the tutorial on how to decode it?
 
Last edited:
You see, I can't and I'm not as good as you or Hyperz.
I also don't scrape links from those 2 site, I join the conversation to satiate my curiosity,
if hiding the source file is really worth it. And as you can see I can just f12>network it.

Can you tell me why would you say "super easy per script, no headers needed"? I'm pretty sure you're already aware that hyperz provided the tutorial on how to decode it?
i am aware that you dont know what you are talking about xD
over and out
 
It might have been the other site that checks referer. Regardless, you should always add a referer header if you don't want your code to randomly break. And again, using string splitting bad practice for the same reason. Might as well write a regex at that point.

i am aware that you dont know what you are talking about xD
over and out

No need to get all pretentious.
 
Blob just means it's using HLS (DRM). It's setting the source/iframe here:

JavaScript:
jQuery(".responsive-player").css("background","url(https://img.javhdporn.net/wp-content/uploads/2020/09/390jac-059.jpg");  
jQuery(".responsive-player").css("background-size","cover");  
jQuery(".responsive-player").append('<div class="play-button button"></div>');
jQuery('.play-button').click(function(){
    jQuery('.play-button').remove();      
    jQuery(".wps-iframe-loader").show();
    playerimg = false;
    console.log(element);
    jQuery(".responsive-player").append('<iframe src="" id="playeriframe" frameborder="0" width="640" height="360" scrolling="no" allowfullscreen></iframe>');
    if (playerimg) {
        displayblob('KhjhtBA+5hObXJZ3xWLZTIvqEYVWHbKyJzeX78iuW58vf7E8lxdc8sr+qzSiHlbASizQKAkVJC4=', '161214');
        if (window.location.host.indexOf('localhost') == -1) {
            gtag('event', 'load-dev', {'event_category' : 'Load-iframe'});
        }
    } else {
        displayblob('BymKthIh+Um1XJo0/W3RT7PbZppvKMj3JDeH7efaIJUUTug6lkxZ8/LbknOYa13dTjPUJQoDSCpK6FcF3oJuLHo4NlyJNcH74H60TbmgN5sm9unbZraACJhypMIvgIXl9SZWFgZjt1aDT1pJSsoNEPaHO67YtB06AmYek4RqmPfgzfnOfr2TA8f92Jzr7wW6e2CsGzwRmVysdtdg6MP5JWiYB46I7DxRMshCbPU5CZ7FZSBuFBJiM0sp5+m/QBcL5gupVg==', '161214');
    }
    if (window.location.host.indexOf('localhost') == -1) {
                                        gtag('event', 'load-bv', {'event_category' : 'Load-iframe'});
                                }
});
jQuery("#playeriframe").on("load", function() {
    jQuery(".wps-iframe-loader").hide();
});

So you can see displayblob where it derives either the iframe code or source URL:

JavaScript:
function displayblob(_0x8ed052, _0x7e857f = a0_0x1f17('0x3d')) {
    var _0x14d1f2 = {
        'WoKlb': function (_0x2bb21e) {
            return _0x2bb21e();
        },
        'kIDZW': a0_0x1f17('0x14'),
        'IriNZ': function (_0xf03835, _0x280ecd) {
            return _0xf03835(_0x280ecd);
        },
        'HmqBA': function (_0x3a0445, _0x480707) {
            return _0x3a0445 + _0x480707;
        },
        'kZNaO': '_0x583715',
        'jEcBo': function (_0x457515, _0x5d426d) {
            return _0x457515 < _0x5d426d;
        },
        'zUUVn': function (_0x5ea7ea, _0x4b15a6) {
            return _0x5ea7ea === _0x4b15a6;
        },
        'FxbuE': 'jkZYC',
        'AGBkS': a0_0x1f17('0x37'),
        'gWSTD': function (_0x5457d8, _0xdbcf39) {
            return _0x5457d8 + _0xdbcf39;
        },
        'jqrYL': function (_0x3238ed, _0xa21abf) {
            return _0x3238ed % _0xa21abf;
        },
        'HYtJF': a0_0x1f17('0x1d'),
        'VZWir': function (_0x44e232, _0x3a978f) {
            return _0x44e232 % _0x3a978f;
        },
        'npuAr': function (_0x44c246, _0x414805) {
            return _0x44c246 + _0x414805;
        },
        'jssjX': function (_0x302d51, _0x5b5616) {
            return _0x302d51 % _0x5b5616;
        },
        'RAIwz': function (_0x344e87, _0x12aa23) {
            return _0x344e87 !== _0x12aa23;
        },
        'MauvI': a0_0x1f17('0x32'),
        'KdvKb': a0_0x1f17('0x3'),
        'eWyjO': a0_0x1f17('0xa'),
        'ZMNUl': a0_0x1f17('0x15'),
        'fzxGc': a0_0x1f17('0x9'),
        'eQArp': '<script type=\"text/javascript\">location.href=\"',
        'BFDzU': a0_0x1f17('0x19')
    };

    function _0x5ab9f1(_0x2916b3, _0x4ddc36) {
        var _0x4d9578 = {
            'HdWvf': _0x14d1f2[a0_0x1f17('0x2e')]
        };
        var _0x2269fb = _0x14d1f2['IriNZ'](btoa, _0x14d1f2[a0_0x1f17('0x1c')](_0x2916b3, _0x14d1f2['kZNaO']))['split']('')[a0_0x1f17('0x47')]()[a0_0x1f17('0x43')]('');
        var _0x57cf15 = [],
            _0x5decc2 = 0x0,
            _0x13a34a, _0x298cb0 = '';
        for (var _0x37c59f = 0x0; _0x14d1f2[a0_0x1f17('0x41')](_0x37c59f, 0x100); _0x37c59f++) {
            if (_0x14d1f2[a0_0x1f17('0x49')](_0x14d1f2['FxbuE'], _0x14d1f2[a0_0x1f17('0x2f')])) {
                var _0x4e9484 = function () {
                    var _0x45c0d4 = _0x4e9484['constructor'](WfulYB['HdWvf'])()[a0_0x1f17('0x3f')](a0_0x1f17('0x7'));
                    return !_0x45c0d4[a0_0x1f17('0x17')](a0_0x21ab66);
                };
                return ssuuHS[a0_0x1f17('0x21')](_0x4e9484);
            } else {
                _0x57cf15[_0x37c59f] = _0x37c59f;
            }
        }
        for (_0x37c59f = 0x0; _0x14d1f2[a0_0x1f17('0x41')](_0x37c59f, 0x100); _0x37c59f++) {
            _0x5decc2 = _0x14d1f2['gWSTD'](_0x5decc2 + _0x57cf15[_0x37c59f], _0x2269fb[a0_0x1f17('0x11')](_0x14d1f2['jqrYL'](_0x37c59f, _0x2269fb['length']))) % 0x100;
            _0x13a34a = _0x57cf15[_0x37c59f];
            _0x57cf15[_0x37c59f] = _0x57cf15[_0x5decc2];
            _0x57cf15[_0x5decc2] = _0x13a34a;
        }
        _0x37c59f = 0x0;
        _0x5decc2 = 0x0;
        var _0x39c8ac = _0x14d1f2['IriNZ'](atob, _0x4ddc36);
        for (var _0x32806b = 0x0; _0x14d1f2[a0_0x1f17('0x41')](_0x32806b, _0x39c8ac[a0_0x1f17('0xb')]); _0x32806b++) {
            var _0x1007b1 = _0x14d1f2['HYtJF']['split']('|');
            var _0x42b67a = 0x0;
            while (!![]) {
                switch (_0x1007b1[_0x42b67a++]) {
                case '0':
                    _0x57cf15[_0x5decc2] = _0x13a34a;
                    continue;
                case '1':
                    _0x37c59f = _0x14d1f2['VZWir'](_0x14d1f2[a0_0x1f17('0x2c')](_0x37c59f, 0x1), 0x100);
                    continue;
                case '2':
                    _0x13a34a = _0x57cf15[_0x37c59f];
                    continue;
                case '3':
                    _0x57cf15[_0x37c59f] = _0x57cf15[_0x5decc2];
                    continue;
                case '4':
                    _0x5decc2 = _0x14d1f2[a0_0x1f17('0x2d')](_0x5decc2, _0x57cf15[_0x37c59f]) % 0x100;
                    continue;
                case '5':
                    _0x298cb0 += String[a0_0x1f17('0xf')](_0x39c8ac[a0_0x1f17('0x11')](_0x32806b) ^ _0x57cf15[_0x14d1f2['jssjX'](_0x14d1f2[a0_0x1f17('0x2d')](_0x57cf15[_0x37c59f], _0x57cf15[_0x5decc2]), 0x100)]);
                    continue;
                }
                break;
            }
        }
        return atob(_0x298cb0);
    }

    function _0x437bce(_0xec5e9e) {
        if (_0x14d1f2[a0_0x1f17('0xe')](_0x14d1f2[a0_0x1f17('0x45')], a0_0x1f17('0x24'))) {
            _0xec5e9e = new Blob([''], {
                'type': _0x14d1f2[a0_0x1f17('0x13')]
            });
            return URL['createObjectURL'](_0xec5e9e);
        } else {
            if (fn) {
                var _0x3a6ff1 = fn['apply'](context, arguments);
                fn = null;
                return _0x3a6ff1;
            }
        }
    }
    wrapperURL = _0x14d1f2['IriNZ'](_0x437bce, window[a0_0x1f17('0x28')][a0_0x1f17('0x40')]);
    document[a0_0x1f17('0x5')](_0x14d1f2[a0_0x1f17('0x12')])[a0_0x1f17('0x3c')] = wrapperURL;
    wrapper = document[a0_0x1f17('0x5')](_0x14d1f2[a0_0x1f17('0x12')])[_0x14d1f2['ZMNUl']][_0x14d1f2[a0_0x1f17('0x3a')]];
    val = '<style>html{opacity: 0;}>}</style>';
    txt1 = _0x14d1f2['eQArp'];
    txt2 = _0x14d1f2[a0_0x1f17('0x2')];
    val += _0x14d1f2[a0_0x1f17('0x2d')](txt1 + _0x5ab9f1(_0x7e857f, _0x8ed052), txt2);
    wrapper['open']();
    wrapper[a0_0x1f17('0x44')](val);
    wrapper[a0_0x1f17('0x36')]();
}

Reverse engineering it should be p straight forward, albeit tedious and time consuming. It's of no use to me personally so I'm not gonna spend a couple of hours on it. At any rate, the real iframe URL for that specific page is https://video.javhdporn.net/player.php?playerid=Pbc2VydmVyPXN0cmVhbXNiJnVybD1odHRwcyUzQSUyRiUyRnN0cmVhbXNiLm5ldCUyRmVtYmVkLXZmNWZxZ2pyN2hmci5odG1s&b=10. The playlist for the video (HLS stream) on there is video.javhdporn.net/stream/?vid=vmDZtFsMQXF1NpLoDISCNz4i3LCDVxapLsB1Z01jj-LDZSXJhdQ1eoS2xiEtcKb9Zk0bI_2BBUA8ZeyuOa2Ipzc6C75ox7qrTDFFU9uwx3wG0A2Kregp8PV5Qri0wMqynPNH0HgSpbakh6FR7Bnxgo1tUGJuoUwBbjCFDu2dS4Kcgza6EoYnVfiChyWOmg. You can use something like ffmpeg to turn in back into an MP4.
I remember that site. They used to extract our direct link and then play it without using our own player. I had to contact the video file's owner and add extra protection to our url.
 
super easy per script, no headers needed
example is powershell

Code:
#powershell
function split_between($text,$from,$till) {
     return ((($text -split $from )[1]) -split $till)[0]
}


function base64_encode($str)
{
    return [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($str))
}

$link = "https://jav.guru/134363/ebod-802-when-will-these-crushes-be-requited-4-platonic-friends-2-girls-2-guys-watch-a-porno-together-and-get-so-horny-that-they-finally-break-the-ice-with-an-orgy-yukine-amasawa-rino-aisaka/"

$a = Invoke-RestMethod $link

$link2 = split_between $a 'iframe_url":"' '"'

$link2 = base64_encode $link2

$a2 = Invoke-RestMethod $link2

$OLID = split_between $a2 "var OLID = '" "'"
#reverse the $OLID (123->321)
$OLID =  $OLID[-1..-$OLID.Length] -join ''

$link3 = 'https://jav.guru/search' + (split_between $a2 'src="https://jav.guru/search' "'") + $OLID


$a3 = Invoke-WebRequest $link3

#the stream hoster embed url
write-host $a3.BaseResponse.RequestMessage.RequestUri
Is it possible to do it bulk?
And write the result to txt file (the stream hoster embed url)

Say link2 is already known and kept in txt file (BULK)
Take the input from txt file, and base64 decode, reverse, then link3 - embed link output

$link2 = base64_encode $link2

$a2 = Invoke-RestMethod $link2

$OLID = split_between $a2 "var OLID = '" "'"
#reverse the $OLID (123->321)
$OLID = $OLID[-1..-$OLID.Length] -join ''

$link3 = 'https://jav.guru/search' + (split_between $a2 'src="https://jav.guru/search' "'") + $OLID


$a3 = Invoke-WebRequest $link3

#the stream hoster embed url
write-host $a3.BaseResponse.RequestMessage.RequestUri
 
it would something like this, but it will not work with the old code because jav.guru added new protection. maybe i take a look if i get bored the next time

Code:
$file_in = "C:\Users\Admin\Desktop\temp\test_in.txt"
$file_out = "C:\Users\Admin\Desktop\temp\test_out.txt"

Get-Content -Path $file_in | % {
    $link2 = $_

    #do work
    #do work
    #do work

    $a3.BaseResponse.RequestMessage.RequestUri | Add-Content -Path $file_out
}
 
Status
Not open for further replies.
Back
Top